diff options
Diffstat (limited to 'crypto/heimdal/tests/gss/check-basic.in')
-rw-r--r-- | crypto/heimdal/tests/gss/check-basic.in | 156 |
1 files changed, 156 insertions, 0 deletions
diff --git a/crypto/heimdal/tests/gss/check-basic.in b/crypto/heimdal/tests/gss/check-basic.in new file mode 100644 index 0000000..b6b95f6 --- /dev/null +++ b/crypto/heimdal/tests/gss/check-basic.in @@ -0,0 +1,156 @@ +#!/bin/sh +# +# Copyright (c) 2007 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $Id$ +# + +srcdir="@srcdir@" +objdir="@objdir@" + +# If there is no useful db support compile in, disable test +../db/have-db || exit 77 + +R=TEST.H5L.SE + +port=@port@ + +keytabfile=${objdir}/server.keytab +keytab="FILE:${keytabfile}" +nokeytab="FILE:no-such-keytab" +cache="FILE:krb5ccfile" +nocache="FILE:no-such-cache" + +kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" +kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" +kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" + +acquire_cred="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_acquire_cred" +test_kcred="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_kcred" + +KRB5_CONFIG="${objdir}/krb5.conf" +export KRB5_CONFIG + +KRB5_KTNAME="${keytab}" +export KRB5_KTNAME +KRB5CCNAME="${cache}" +export KRB5CCNAME + +rm -f ${keytabfile} +rm -f current-db* +rm -f out-* +rm -f mkey.file* + +> messages.log + +echo Creating database +${kadmin} \ + init \ + --realm-max-ticket-life=1day \ + --realm-max-renewable-life=1month \ + ${R} || exit 1 + +echo upw > ${objdir}/foopassword + +${kadmin} add -p upw --use-defaults user@${R} || exit 1 +${kadmin} add -p upw --use-defaults another@${R} || exit 1 +${kadmin} add -p p1 --use-defaults host/host.test.h5l.se@${R} || exit 1 +${kadmin} ext -k ${keytab} host/host.test.h5l.se@${R} || exit 1 + +echo "Doing database check" +${kadmin} check ${R} || exit 1 + +echo Starting kdc +${kdc} & +kdcpid=$! + +sh ${srcdir}/../kdc/wait-kdc.sh +if [ "$?" != 0 ] ; then + kill ${kdcpid} + exit 1 +fi + +trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT + +exitcode=0 + +echo "initial ticket" +${kinit} --password-file=${objdir}/foopassword user@${R} || exitcode=1 + +echo "keytab" +${acquire_cred} \ + --acquire-type=accept \ + --acquire-name=host@host.test.h5l.se || exit 1 +echo "keytab w/o name" +${acquire_cred} \ + --acquire-type=accept || exit 1 +echo "keytab w/ wrong name" +${acquire_cred} \ + --acquire-type=accept \ + --acquire-name=host@host2.test.h5l.se 2>/dev/null && exit 1 +echo "init using keytab" +${acquire_cred} \ + --acquire-type=initiate \ + --acquire-name=host@host.test.h5l.se || exit 1 +echo "init using existing cc" +${acquire_cred} \ + --name-type=user-name \ + --acquire-type=initiate \ + --acquire-name=user || exit 1 + +KRB5CCNAME=${nocache} + +echo "fail init using existing cc" +${acquire_cred} \ + --name-type=user-name \ + --acquire-type=initiate \ + --acquire-name=user 2>/dev/null && exit 1 + +echo "use gss_krb5_ccache_name" +${acquire_cred} \ + --name-type=user-name \ + --ccache=${cache} \ + --acquire-type=initiate \ + --acquire-name=user >/dev/null || exit 1 + +KRB5CCNAME=${cache} +KRB5_KTNAME=${nokeytab} + +echo "kcred" +${test_kcred} || exit 1 + +trap "" EXIT + +echo "killing kdc (${kdcpid})" +kill ${kdcpid} 2> /dev/null + +exit $exitcode |