diff --git a/tests/kdc/check-kdc.in b/tests/kdc/check-kdc.in index 5fc08fc23..4f16158bc 100644 --- a/tests/kdc/check-kdc.in +++ b/tests/kdc/check-kdc.in @@ -47,6 +47,7 @@ ${have_db} || exit 77 R=TEST.H5L.SE R2=TEST2.H5L.SE +R3=TEST-HTTP.H5L.SE port=@port@ @@ -97,6 +98,12 @@ ${kadmin} \ --realm-max-renewable-life=1month \ ${R2} || exit 1 +${kadmin} \ + init \ + --realm-max-ticket-life=1day \ + --realm-max-renewable-life=1month \ + ${R3} || exit 1 + ${kadmin} cpw -r krbtgt/${R}@${R} || exit 1 ${kadmin} cpw -r krbtgt/${R}@${R} || exit 1 ${kadmin} cpw -r krbtgt/${R}@${R} || exit 1 @@ -133,6 +140,8 @@ ${kadmin} add -p cross2 --use-defaults krbtgt/${R}@${R2} || exit 1 ${kadmin} add -p foo --use-defaults pw-expire@${R} || exit 1 ${kadmin} modify --pw-expiration-time=+1day pw-expire@${R} || exit 1 +${kadmin} add -p foo --use-defaults foo@${R3} || exit 1 + echo "Check parser" ${kadmin} add -p foo --use-defaults -- -p || exit 1 ${kadmin} delete -- -p || exit 1 @@ -186,6 +195,11 @@ ${test_ap_req} ${server}@${R} ${keytab} ${cache} || \ { ec=1 ; eval "${testfailed}"; } ${kdestroy} +echo "Getting client initial tickets (http transport)"; > messages.log +${kinit} --password-file=${objdir}/foopassword foo@${R3} || \ + { ec=1 ; eval "${testfailed}"; } +${kdestroy} + echo "Specific enctype"; > messages.log ${kinit} --password-file=${objdir}/foopassword \ -e ${aesenctype} -e ${aesenctype} \ diff --git a/tests/kdc/krb5.conf.in b/tests/kdc/krb5.conf.in index b38db163d..db44fdb7a 100644 --- a/tests/kdc/krb5.conf.in +++ b/tests/kdc/krb5.conf.in @@ -28,6 +28,9 @@ TEST4.H5L.SE = { kdc = localhost:@port@ } + TEST-HTTP.H5L.SE = { + kdc = http/localhost:@port@ + } [domain_realm] .test.h5l.se = TEST.H5L.SE @@ -41,6 +44,8 @@ allow-anonymous = true digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2 + enable-http = true + enable-pkinit = true pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt