Regression test iprop of key rollover and del_enctype

2012-03-15 18:53:26 -05:00
parent ef9012aef5
commit 839ab87c10
2 changed files with 29 additions and 0 deletions
--- a/tests/kdc/check-iprop.in
+++ b/tests/kdc/check-iprop.in
@@ -129,6 +129,28 @@ sleep 2
 KRB5_CONFIG="${objdir}/krb5-slave.conf" \
 ${kadmin} -l get host/foo@${R} > /dev/null || exit 1

+echo "Rollover host keys"
+${kadmin} -l cpw -r --keepold host/foo@${R} || exit 1
+${kadmin} -l cpw -r --keepold host/foo@${R} || exit 1
+${kadmin} -l cpw -r --keepold host/foo@${R} || exit 1
+sleep 2
+KRB5_CONFIG="${objdir}/krb5-slave.conf" \
+${kadmin} -l get host/foo@${R} | \
+    ${EGREP} Keytypes: | cut -d: -f2 | tr ' ' '
+' | sed 's/^.*[[]\(.*\)[]].*$/\1/' | grep '[0-9]' | sort -nu | tr -d '
+' | ${EGREP} 1234 > /dev/null || exit 1
+
+echo "Delete 3DES keys"
+${kadmin} -l del_enctype host/foo@${R} des3-cbc-sha1
+KRB5_CONFIG="${objdir}/krb5-slave.conf" \
+${kadmin} -l get host/foo@${R} | \
+    ${EGREP} Keytypes: | cut -d: -f2 | tr ' ' '
+' | sed 's/^.*[[]\(.*\)[]].*$/\1/' | grep '[0-9]' | sort -nu | tr -d '
+' | ${EGREP} 1234 > /dev/null || exit 1
+KRB5_CONFIG="${objdir}/krb5-slave.conf" \
+${kadmin} -l get host/foo@${R} | \
+    ${EGREP} 'Keytypes:.*des3-cbc-sha1' > /dev/null && exit 1
+
 echo "Rename host"
 ${kadmin} -l rename host/foo@${R} host/bar@${R} || exit 1
 sleep 2
--- a/tests/kdc/krb5.conf.in
+++ b/tests/kdc/krb5.conf.in
@@ -2,6 +2,9 @@
 	default_realm = TEST.H5L.SE TEST2.H5L.SE
 	no-addresses = TRUE
 	allow_weak_crypto = @WEAK@
+	dns_lookup_kdc = no
+	dns_lookup_realm = no
+

 [appdefaults]
 	pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
@@ -46,6 +49,10 @@
 	.sub.test.h5l.se = SUB.TEST.H5L.SE
 	.example.com = TEST2.H5L.SE
 	localhost = TEST.H5L.SE
+	.localdomain = TEST.H5L.SE
+	localdomain = TEST.H5L.SE
+	.localdomain6 = TEST.H5L.SE
+	localdomain6 = TEST.H5L.SE
 	

 [kdc]