Workaround bugs exposed by test_context changes

Bugs exposed by 61720a0: - test_context --client-name=... --mech-type=ntlm ... fails; - gss_acquire_cred() with desired_mech=NTLM and desired_name==GSS_C_NO_NAME fails; - gss_init_sec_context() with non-default cred handle calls the mechanism even when the given cred handle has no element for the requencet mechanism. tests/gss/check-ntlm works by accident: gss_acquire_cred() with desired_mechs==GSS_C_NO_OID_SET succeeds mostly because there are Kerberos credentials available, and then the subsequent gss_init_sec_context() call works because of the third bug described above.
2015-04-16 18:42:51 -05:00
parent fb177480bd
commit d6a7d14fc5
3 changed files with 36 additions and 7 deletions
--- a/tests/gss/check-ntlm.in
+++ b/tests/gss/check-ntlm.in
@@ -134,6 +134,7 @@ KRB5CCNAME="$cache"

 echo "no NTLM initiator creds"
 ${context} --mech-type=ntlm \
+	--mech-types= \
 	--mutual \
        --name-type=hostbased-service \
        --ret-mech-type=ntlm \
@@ -145,6 +146,7 @@ ${kinit} --password-file=${objdir}/foopassword --ntlm-domain=TEST user1@${R} ||

 echo "NTLM initiator krb5 creds"
 ${context} --mech-type=ntlm \
+	--mech-types= \
 	--mutual \
        --name-type=hostbased-service \
        --ret-mech-type=ntlm \
@@ -153,6 +155,7 @@ ${context} --mech-type=ntlm \

 echo "NTLM initiator krb5 creds (getverifymic, wrapunwrap)"
 ${context} --mech-type=ntlm \
+	--mech-types= \
 	--mutual \
        --name-type=hostbased-service \
        --ret-mech-type=ntlm \
--- a/tests/gss/check-spnego.in
+++ b/tests/gss/check-spnego.in
@@ -124,7 +124,7 @@ echo "======context building for each mech"

 for mech in ntlm krb5 ; do 
    echo "${mech}"
-    ${context} --mech-type=${mech} --ret-mech-type=${mech} \
+    ${context} --mech-type=${mech} --mech-types= --ret-mech-type=${mech} \
        --name-type=hostbased-service host@host.test.h5l.se || \
 	{ exitcode=1 ; echo test failed; }
 done
@@ -132,17 +132,18 @@ done
 echo "spnego"
 ${context} \
    --mech-type=spnego \
+    --mech-types= \
    --ret-mech-type=krb5 \
    --name-type=hostbased-service \
    host@host.test.h5l.se || \
    { exitcode=1 ; echo test failed; }

 echo "test failure cases"
-${context} --mech-type=ntlm --ret-mech-type=krb5 \
+${context} --mech-type=ntlm --mech-types= --ret-mech-type=krb5 \
    --name-type=hostbased-service host@host.test.h5l.se 2> /dev/null && \
    { exitcode=1 ; echo test failed; }

-${context} --mech-type=krb5 --ret-mech-type=ntlm \
+${context} --mech-type=krb5 --mech-types= --ret-mech-type=ntlm \
    --name-type=hostbased-service host@host.test.h5l.se 2> /dev/null && \
    { exitcode=1 ; echo test failed; }

@@ -159,7 +160,7 @@ for arg in \

    echo "no NTLM acceptor cred ${arg}"
    NTLM_ACCEPTOR_CCACHE="${cacheds}-no"
-    ${context} --mech-type=spnego \
+    ${context} --mech-type=spnego --mech-types= \
        $arg \
 	--client-name=user1@TEST.H5L.SE \
        --name-type=hostbased-service \
@@ -170,7 +171,7 @@ for arg in \

    echo "no NTLM initiator cred ${arg}"
    NTLM_USER_FILE="${srcdir}/ntlm-user-file.txt-no"
-    ${context} --mech-type=spnego \
+    ${context} --mech-type=spnego --mech-types= \
        $arg \
 	--client-name=user1@TEST.H5L.SE \
        --name-type=hostbased-service \
@@ -181,7 +182,7 @@ for arg in \

    echo "no krb5 acceptor cred ${arg}"
    KRB5_KTNAME="${keytab}-no"
-    ${context} --mech-type=spnego \
+    ${context} --mech-type=spnego --mech-types= \
        $arg \
 	--client-name=user1@TEST.H5L.SE \
 	--server-no-delegate \
@@ -193,7 +194,7 @@ for arg in \

    echo "no krb5 initiator cred ${arg}"
    KRB5CCNAME="${cache}-no"
-    ${context} --mech-type=spnego \
+    ${context} --mech-type=spnego --mech-types= \
        $arg \
 	--client-name=user1@TEST.H5L.SE \
 	--server-no-delegate \