oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,241 Commits 2 Branches 2 Tags
06ba7b15970a9e558993a830ba46e8e5cd3517d2
Commit Graph

497 Commits

Author SHA1 Message Date
Nicolas Williams
c6f24e99f0 Revamp cf/db.m4; test LMDB 2016-02-26 00:55:32 -06:00
Andrew Bartlett
960fa481be Add test for incorrect password 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2015-06-17 17:41:25 -05:00
Nicolas Williams
05a919b94b iprop slave: try incremental after complete xfer 
The following sequence of events results in slave B having a stale HDB:

 - slave A connects to master, master dumps HDB for the slave
 - kadm5 operations
 - slave B connects to master, master sends previously dumped HDB

slave B won't discover any updates until the next transaction.

The fix is simple: the slave should immediately call ihave() after
receiving a complete HDB.
 2015-05-20 10:07:52 -05:00
Love Hörnquist Åstrand
4c98e27eda call hdb_auth_status when password is wrong in the ENC-CHAL case too, thanks Andrew Bartlett for pointing this out 2015-04-28 08:54:24 -07:00
Nicolas Williams
487b6820f6 Revamp name canonicalization code 2015-03-24 11:49:58 -05:00
Nicolas Williams
d9e3e376a3 tests: Add simple key history test for kdc 
Use kadmin cpw with the --keepold parameter to create a history list.

Change-Id: I21811c840be0bd1b8dd8dc66e63f88f8da6fac7e
 2015-03-14 16:08:23 -04:00
Viktor Dukhovni
c3ddece8d4 Name canon kdc config breaks iprop 2015-03-04 17:04:20 -05:00
Love Hörnquist Åstrand
a220ed39eb try using as-is name_canon_rules 2014-09-09 18:36:57 +02:00
Love Hörnquist Åstrand
44ba0bcd24 no need to make chmod quiet, it supposed to be already because of \ 2014-08-23 19:29:04 -07:00
Love Hörnquist Åstrand
8504dce265 make quiet 2014-08-22 21:26:15 -07:00
Love Hörnquist Åstrand
a84b572747 resurrect password change support again 2014-08-22 20:19:36 -07:00
Love Hörnquist Åstrand
a6e136c739 make quiet 2014-02-18 08:27:00 -08:00
Love Hörnquist Åstrand
6a192f0dce clean files 2014-02-16 11:53:56 -08:00
Love Hörnquist Åstrand
54378de6b4 add an2ln-db.txt 2014-02-16 10:05:24 -08:00
Nicolas Williams
2f7eec7d2c Add very large MIT KDB princ entry for testing 
Constructed by doing repeated kadmin.local cpw commands with a policy
with -history 9.
 2013-11-20 01:08:22 -06:00
Love Hornquist Astrand
1881980d44 spelling 2013-10-18 10:45:59 +02:00
Love Hornquist Astrand
10f3c8b56e add possible to set rules on what enctypes to use based on glob matching on principal 2013-10-18 10:01:55 +02:00
Love Hornquist Astrand
499affd8fa tet setting policy 2013-10-18 09:06:52 +02:00
Nicolas Williams
36f22356c5 Add [manual] test of kinit cmd 
It's not ready to always be run.  First, it's slow.  Second, it tortures
the system.  Third, it doesn't look for signs of failure.  Fourth, if it
did it'd fail: because something about the racing is causing the KDC to
think that the foo principal doesn't exist.
 2013-09-12 12:14:41 -05:00
Love Hornquist Astrand
3484432cc5 clean log between test, dump log on failure 2013-07-19 14:53:22 +02:00
Love Hornquist Astrand
fdfe696821 if no db, don't check FAST 2013-06-05 20:33:29 -07:00
Love Hornquist Astrand
81263bc94c update leaks check 2013-04-24 17:59:25 -07:00
Viktor Dukhovni
a825143e73 The k5login_directory parameter and SYSTEM-K5LOGIN[:directory] are supposed to be directories, not path templates with %{luser} substitution 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:25:59 -07:00
Love Hornquist Astrand
edae63418e client logging too 2013-02-10 23:20:56 -08:00
Love Hornquist Astrand
da42d01d54 x 2013-02-10 21:12:34 -08:00
Love Hornquist Astrand
1adb5de80d fix logging to be sync 2013-02-10 21:11:53 -08:00
Love Hornquist Astrand
0c2e3d94bf default to open/write/close logging 2012-12-27 13:07:13 +01:00
Love Hornquist Astrand
ee068eaf21 note about = 2012-12-27 12:03:17 +01:00
Love Hornquist Astrand
4ebfd6b818 make sure logs are truncated 2012-10-07 11:11:17 -07:00
Love Hornquist Astrand
c707016669 scan whole logfile 2012-10-07 11:06:29 -07:00
Love Hornquist Astrand
703ae0e22d add db-dir 2012-10-01 09:50:32 -07:00
Love Hornquist Astrand
baf748fb8e catch better slave message now that iprop is more verbose 2012-10-01 09:36:11 -07:00
Nicolas Williams
20b5e2a2c6 Make check-authz run when objdir != srcdir 2012-06-14 11:53:55 -05:00
Viktor Dukhovni
1b3f1b57b4 Don't forget to sleep in 3DES del_enctype test. 
On NetBSD /bin/sh with vfork() is noticeably faster than /bin/bash,
and in particular the reader manages to read the the database before
slave replication completes.
 2012-05-28 16:13:14 +01:00
Nicolas Williams
0cee6d1d70 Update KDB in tests/kdc so check-hdb-mitdb passes 2012-05-03 14:24:19 -05:00
Roland C. Dowdeswell
2c5ec44d39 Look for auth_to_local in the default realm's realm section... 
...rather than the authenticated principal's realm section.  We do
this both to maintain compatibility with MIT and because it makes
more sense.  We should likely also fix the auth_to_local_names as
cursory inspection reveals that it has the same incompatibility.
 2012-04-19 23:43:12 +01:00
Nicolas Williams
839ab87c10 Regression test iprop of key rollover and del_enctype 2012-03-15 18:57:35 -05:00
Nicolas Williams
ca6a22276e Test that we copy forwardable/renewable flags from TGT in TGS-REQ 2012-03-14 23:58:40 -05:00
Love Hörnquist Åstrand
a8c51aa594 add basic sqlite tests (from Nico) 2012-02-29 08:32:57 -08:00
Love Hörnquist Åstrand
bf37778dbd make ipropd_slave tell its status in a status file 
The ipropd_slave will log its status to /var/heimdal/ipropd-slave-status
if its connecting, up to date, or disconnected.

The master will now also confirm to slaves that are are in fact up to date
if they just restart, before there was no confirmation, the slave just didn't
get any deltas.
 2012-02-15 20:59:54 -08:00
Nicolas Williams
47f60928bc Some more [capaths] testing 2012-02-07 14:02:24 -06:00
Love Hornquist Astrand
07a88f4b5a use no-store 2012-01-10 22:54:16 +01:00
Love Hornquist Astrand
a372712fd0 test tgs-req too 2012-01-10 22:54:16 +01:00
Nicolas Williams
e00b43a94b Address code review comments (k5login/foo in EXTRA_DIST) 2011-12-10 14:06:15 -06:00
Nicolas Williams
abd065be02 Add a test for krb5_kuserok() 2011-12-08 13:34:02 -06:00
Love Hörnquist Åstrand
b8c710a130 some more status 2011-12-03 13:36:39 -08:00
Love Hörnquist Åstrand
0e6bd29e44 use right directory 2011-12-03 13:36:32 -08:00
Nicolas Williams
89bae59b49 Fix error clobbering bug and code review comments 2011-12-02 01:04:22 -06:00
Nicolas Williams
da14596f0e Add a test for aname2lname 2011-12-02 01:03:31 -06:00
Love Hörnquist Åstrand
fa304162db test rsa mode too 2011-11-23 09:43:56 -08:00