From af923957f69513544a63c6024dcca4a72da56576 Mon Sep 17 00:00:00 2001 From: Nicolas Williams Date: Wed, 15 Dec 2021 15:17:36 -0600 Subject: [PATCH] krb5: Make test_cc w/ KEYRING more reliable Joining a new keyring session every time seems to make it better. --- configure.ac | 1 + lib/krb5/Makefile.am | 4 ++++ lib/krb5/test_cc.c | 16 +++++++++++++++- 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index c04c7ad5d..37a2275c2 100644 --- a/configure.ac +++ b/configure.ac @@ -601,6 +601,7 @@ if test -n "$LIB_add_key"; then AC_CHECK_FUNCS(keyctl_get_persistent) LIBS="$saved_LIBS" fi +AM_CONDITIONAL(HAVE_KEYUTILS, test "$ac_cv_func_keyctl_get_persistent" = yes) AC_CHECK_SIZEOF([time_t]) diff --git a/lib/krb5/Makefile.am b/lib/krb5/Makefile.am index 963c0b1fb..f04213f84 100644 --- a/lib/krb5/Makefile.am +++ b/lib/krb5/Makefile.am @@ -59,6 +59,10 @@ LDADD = libkrb5.la \ $(top_builddir)/lib/wind/libwind.la \ $(LIB_heimbase) $(LIB_roken) +if HAVE_KEYUTILS +test_cc_LDADD = $(LDADD) -lkeyutils +endif + if PKINIT LIB_pkinit = ../hx509/libhx509.la endif diff --git a/lib/krb5/test_cc.c b/lib/krb5/test_cc.c index e6fdff16d..213bb0780 100644 --- a/lib/krb5/test_cc.c +++ b/lib/krb5/test_cc.c @@ -30,10 +30,24 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +/* + * If this test fails with + * + * krb5_cc_gen_new: KEYRING: Key has been revoked + * + * then run + * + * keyctl new_session + */ + #include "krb5_locl.h" #include #include +#ifdef HAVE_KEYUTILS_H +#include +#endif + static const char *unlink_this; static const char *unlink_this2; static char *tmpdir; @@ -979,7 +993,7 @@ main(int argc, char **argv) test_cache_remove(context, krb5_cc_type_scc); #endif #ifdef HAVE_KEYUTILS_H - system("keyctl new_session >/dev/null"); + keyctl_join_session_keyring(NULL); test_cache_remove(context, krb5_cc_type_keyring); #endif