oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

tests: Use kadmin w/ here-document to speed up tests

Browse Source
This commit is contained in:
Nicolas Williams
2024-01-16 11:08:30 -06:00
parent 016373931d
commit 1aa0a495c2
22 changed files with 390 additions and 598 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
tests/gss/check-basic.in
View File

@@ -76,22 +76,17 @@ rm -f mkey.file*
> messages.log
echo Creating database
${kadmin} \
init \
--realm-max-ticket-life=1day \
--realm-max-renewable-life=1month \
${R} || exit 1
echo upw > ${objdir}/foopassword
${kadmin} add -p upw --use-defaults user@${R} || exit 1
${kadmin} add -p upw --use-defaults another@${R} || exit 1
${kadmin} add -p p1 --use-defaults host/host.test.h5l.se@${R} || exit 1
${kadmin} ext -k ${keytab} host/host.test.h5l.se@${R} || exit 1
echo "Doing database check"
${kadmin} check ${R} || exit 1
echo Creating database
${kadmin} <<EOF || exit 1
init --realm-max-ticket-life=1day --realm-max-renewable-life=1month ${R}
add -p upw --use-defaults user@${R}
add -p upw --use-defaults another@${R}
add -p p1 --use-defaults host/host.test.h5l.se@${R}
ext -k ${keytab} host/host.test.h5l.se@${R}
check ${R}
EOF
echo Starting kdc
${kdc} --detach --testing || { echo "kdc failed to start"; cat messages.log; exit 1; }

50
tests/gss/check-context.in
View File

@@ -76,41 +76,33 @@ rm -f mkey.file*
> messages.log
echo Creating database
${kadmin} \
init \
--realm-max-ticket-life=1day \
--realm-max-renewable-life=1month \
${R} || exit 1
# add both lucid and lucid.test.h5l.se to simulate aliases
${kadmin} add -p p1 --use-defaults host/lucid.test.h5l.se@${R} || exit 1
${kadmin} ext -k ${keytab} host/lucid.test.h5l.se@${R} || exit 1
${kadmin} add -p p1 --use-defaults host/ok-delegate.test.h5l.se@${R} || exit 1
${kadmin} mod --attributes=+ok-as-delegate host/ok-delegate.test.h5l.se@${R} || exit 1
${kadmin} ext -k ${keytab} host/ok-delegate.test.h5l.se@${R} || exit 1
${kadmin} add -p p1 --use-defaults host/short@${R} || exit 1
${kadmin} mod --alias=host/long.test.h5l.se@${R} host/short@${R} || exit 1
# XXX ext should ext aliases too
${kadmin} ext -k ${keytab} host/short@${R} || exit 1
${kadmin} <<EOF || exit 1
init --realm-max-ticket-life=1day --realm-max-renewable-life=1month ${R}
add -p p1 --use-defaults host/lucid.test.h5l.se@${R}
ext -k ${keytab} host/lucid.test.h5l.se@${R}
add -p p1 --use-defaults host/ok-delegate.test.h5l.se@${R}
mod --attributes=+ok-as-delegate host/ok-delegate.test.h5l.se@${R}
ext -k ${keytab} host/ok-delegate.test.h5l.se@${R}
add -p p1 --use-defaults host/short@${R}
mod --alias=host/long.test.h5l.se@${R} host/short@${R}
ext -k ${keytab} host/short@${R}
EOF
${ktutil} -k ${keytab} rename --no-delete host/short@${R} host/long.test.h5l.se@${R} || exit 1
${kadmin} add -p kaka --use-defaults digest/${R}@${R} || exit 1
${kadmin} add -p u1 --use-defaults user1@${R} || exit 1
${kadmin} mod --alias=user1.alias user1@${R} || exit 1
# Create a server principal with no AES
${kadmin} add -p p1 --use-defaults host/no-aes.test.h5l.se@${R} || exit 1
${kadmin} get host/no-aes.test.h5l.se@${R} > tempfile || exit 1
${kadmin} del_enctype host/no-aes.test.h5l.se@${R} \
aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 || exit 1
${kadmin} ext -k ${keytab} host/no-aes.test.h5l.se@${R} || exit 1
${kadmin} <<EOF || exit 1
add -p kaka --use-defaults digest/${R}@${R}
add -p u1 --use-defaults user1@${R}
mod --alias=user1.alias user1@${R}
add -p p1 --use-defaults host/no-aes.test.h5l.se@${R}
del_enctype host/no-aes.test.h5l.se@${R} aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
ext -k ${keytab} host/no-aes.test.h5l.se@${R}
check ${R}
EOF
echo "Doing database check"
${kadmin} check ${R} || exit 1
${kadmin} get host/no-aes.test.h5l.se@${R} > tempfile || exit 1
echo u1 > ${objdir}/foopassword

29
tests/gss/check-gssmask.in
View File

@@ -70,27 +70,16 @@ rm -f mkey.file*
> messages.log
echo Creating database
${kadmin} \
init \
--realm-max-ticket-life=1day \
--realm-max-renewable-life=1month \
${R} || exit 1
# Test virtual principals, why not
${kadmin} add_ns --key-rotation-epoch=now \
--key-rotation-period=15m \
--max-ticket-life=10d \
--max-renewable-life=20d \
--attributes= \
"_/test.h5l.se@${R}" || exit 1
${kadmin} ext -k ${keytab} host/n1.test.h5l.se@${R} || exit 1
${kadmin} ext -k ${keytab} host/n2.test.h5l.se@${R} || exit 1
${kadmin} ext -k ${keytab} host/n3.test.h5l.se@${R} || exit 1
${kadmin} add -p u1 --use-defaults user1@${R} || exit 1
echo "Doing database check"
${kadmin} check ${R} || exit 1
${kadmin} <<EOF || exit 1
init --realm-max-ticket-life=1day --realm-max-renewable-life=1month ${R}
add_ns --key-rotation-epoch=now --key-rotation-period=15m --max-ticket-life=10d --max-renewable-life=20d --attributes= "_/test.h5l.se@${R}"
ext -k ${keytab} host/n1.test.h5l.se@${R}
ext -k ${keytab} host/n2.test.h5l.se@${R}
ext -k ${keytab} host/n3.test.h5l.se@${R}
add -p u1 --use-defaults user1@${R}
check ${R}
EOF
kdcpid=
n1pid=

22
tests/gss/check-nodns.in
View File

@@ -77,21 +77,15 @@ rm -f mkey.file*
> messages.log
echo Creating database
${kadmin} \
init \
--realm-max-ticket-life=1day \
--realm-max-renewable-life=1month \
${R} || exit 1
echo upw > ${objdir}/foopassword
${kadmin} add -p upw --use-defaults user@${R} || exit 1
${kadmin} add -p upw --use-defaults another@${R} || exit 1
${kadmin} add -p p1 --use-defaults host/host.test.h5l.se@${R} || exit 1
${kadmin} ext -k ${keytab} host/host.test.h5l.se@${R} || exit 1
echo "Doing database check"
${kadmin} check ${R} || exit 1
${kadmin} <<EOF || exit 1
init --realm-max-ticket-life=1day --realm-max-renewable-life=1month ${R}
add -p upw --use-defaults user@${R}
add -p upw --use-defaults another@${R}
add -p p1 --use-defaults host/host.test.h5l.se@${R}
ext -k ${keytab} host/host.test.h5l.se@${R}
check ${R}
EOF
echo Starting kdc
${kdc} --detach --testing || { echo "kdc failed to start"; cat messages.log; exit 1; }

28
tests/gss/check-ntlm.in
View File

@@ -84,24 +84,16 @@ rm -f mkey.file*
> messages.log
echo Creating database
${kadmin} \
init \
--realm-max-ticket-life=1day \
--realm-max-renewable-life=1month \
${R} || exit 1
${kadmin} add -p p1 --use-defaults host/host.test.h5l.se@${R} || exit 1
${kadmin} ext -k ${keytab} host/host.test.h5l.se@${R} || exit 1
${kadmin} add -p kaka --use-defaults digest/${R}@${R} || exit 1
${kadmin} add -p ds --use-defaults digestserver@${R} || exit 1
${kadmin} modify --attributes=+allow-digest digestserver@${R} || exit 1
${kadmin} add -p u1 --use-defaults user1@${R} || exit 1
echo "Doing database check"
${kadmin} check ${R} || exit 1
${kadmin} <<EOF || exit 1
init --realm-max-ticket-life=1day --realm-max-renewable-life=1month ${R}
add -p p1 --use-defaults host/host.test.h5l.se@${R}
ext -k ${keytab} host/host.test.h5l.se@${R}
add -p kaka --use-defaults digest/${R}@${R}
add -p ds --use-defaults digestserver@${R}
modify --attributes=+allow-digest digestserver@${R}
add -p u1 --use-defaults user1@${R}
check ${R}
EOF
echo u1 > ${objdir}/foopassword
echo ds > ${objdir}/barpassword

28
tests/gss/check-spnego.in
View File

@@ -83,24 +83,16 @@ rm -f mkey.file*
> messages.log
echo Creating database
${kadmin} \
init \
--realm-max-ticket-life=1day \
--realm-max-renewable-life=1month \
${R} || exit 1
${kadmin} add -p p1 --use-defaults host/host.test.h5l.se@${R} || exit 1
${kadmin} ext -k ${keytab} host/host.test.h5l.se@${R} || exit 1
${kadmin} add -p kaka --use-defaults digest/${R}@${R} || exit 1
${kadmin} add -p ds --use-defaults digestserver@${R} || exit 1
${kadmin} modify --attributes=+allow-digest digestserver@${R} || exit 1
${kadmin} add -p u1 --use-defaults user1@${R} || exit 1
echo "Doing database check"
${kadmin} check ${R} || exit 1
${kadmin} <<EOF || exit 1
init --realm-max-ticket-life=1day --realm-max-renewable-life=1month ${R}
add -p p1 --use-defaults host/host.test.h5l.se@${R}
ext -k ${keytab} host/host.test.h5l.se@${R}
add -p kaka --use-defaults digest/${R}@${R}
add -p ds --use-defaults digestserver@${R}
modify --attributes=+allow-digest digestserver@${R}
add -p u1 --use-defaults user1@${R}
check ${R}
EOF
echo u1 > ${objdir}/foopassword
echo ds > ${objdir}/barpassword