diff options
Diffstat (limited to 'crypto/heimdal/tests/kdc/check-iprop.in')
| -rw-r--r-- | crypto/heimdal/tests/kdc/check-iprop.in | 248 |
1 files changed, 248 insertions, 0 deletions
diff --git a/crypto/heimdal/tests/kdc/check-iprop.in b/crypto/heimdal/tests/kdc/check-iprop.in new file mode 100644 index 0000000..4488246 --- /dev/null +++ b/crypto/heimdal/tests/kdc/check-iprop.in @@ -0,0 +1,248 @@ +#!/bin/sh +# +# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $Id$ +# + +srcdir="@srcdir@" +objdir="@objdir@" +EGREP="@EGREP@" + +# If there is no useful db support compile in, disable test +../db/have-db || exit 77 + +# Dont run this test in AFS, since it lacks support for AF_UNIX +expr "X`/bin/pwd || pwd`" : "X/afs/.*" > /dev/null 2>/dev/null && exit 77 + +R=TEST.H5L.SE + +port=@port@ + +cache="FILE:${objdir}/cache.krb5" +keytabfile=${objdir}/iprop.keytab +keytab="FILE:${keytabfile}" + +kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" +kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -r $R" +ipropdslave="${TESTS_ENVIRONMENT} ../../lib/kadm5/ipropd-slave" +ipropdmaster="${TESTS_ENVIRONMENT} ../../lib/kadm5/ipropd-master" +iproplog="${TESTS_ENVIRONMENT} ../../lib/kadm5/iprop-log" + +kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" + +KRB5_CONFIG="${objdir}/krb5.conf" +export KRB5_CONFIG + +rm -f ${keytabfile} +rm -f current-db* +rm -f current*.log +rm -f out-* +rm -f mkey.file* +rm -f messages.log + +> messages.log + +echo Creating database +${kadmin} -l \ + init \ + --realm-max-ticket-life=1day \ + --realm-max-renewable-life=1month \ + ${R} || exit 1 + +${kadmin} -l add -p foo --use-defaults user@${R} || exit 1 + +${kadmin} -l add --random-key --use-defaults iprop/localhost@${R} || exit 1 +${kadmin} -l ext -k ${keytab} iprop/localhost@${R} || exit 1 +${kadmin} -l add --random-key --use-defaults iprop/slave@${R} || exit 1 +${kadmin} -l ext -k ${keytab} iprop/slave@${R} || exit 1 + +echo foo > ${objdir}/foopassword + +# -- foo +ipds= +ipdm= +kdcpid= + +> iprop-stats +trap "echo 'killing ipropd s + m + kdc'; kill \${ipdm} \${ipds} \${kdcpid} >/dev/null 2>/dev/null; tail messages.log ; tail iprop-stats; exit 1;" EXIT + +echo Starting kdc +${kdc} & +kdcpid=$! + +sh ${srcdir}/wait-kdc.sh || exit 1 + +echo "starting master" +${ipropdmaster} --hostname=localhost -k ${keytab} \ + --database=${objdir}/current-db & +ipdm=$! +sh ${srcdir}/wait-kdc.sh ipropd-master || exit 1 + +echo "starting slave" +KRB5_CONFIG="${objdir}/krb5-slave.conf" \ +${ipropdslave} --hostname=slave -k ${keytab} localhost & +ipds=$! +sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1 + +echo "checking slave is up" +${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1 + +# ----------------- checking: pushing lives changes + +echo "Add host" +${kadmin} -l add --random-key --use-defaults host/foo@${R} || exit 1 +sleep 2 +KRB5_CONFIG="${objdir}/krb5-slave.conf" \ +${kadmin} -l get host/foo@${R} > /dev/null || exit 1 + +echo "Rename host" +${kadmin} -l rename host/foo@${R} host/bar@${R} || exit 1 +sleep 2 +KRB5_CONFIG="${objdir}/krb5-slave.conf" \ +${kadmin} -l get host/foo@${R} > /dev/null 2>/dev/null && exit 1 +KRB5_CONFIG="${objdir}/krb5-slave.conf" \ +${kadmin} -l get host/bar@${R} > /dev/null || exit 1 + +echo "Delete host" +${kadmin} -l delete host/bar@${R} || exit 1 +sleep 2 +KRB5_CONFIG="${objdir}/krb5-slave.conf" \ +${kadmin} -l get host/bar@${R} > /dev/null 2>/dev/null && exit 1 + +echo "kill slave" +> iprop-stats +kill ${ipds} +sleep 2 + +${EGREP} 'iprop/slave@TEST.H5L.SE.*Down' iprop-stats >/dev/null || exit 1 + +# ----------------- checking: slave is missing changes while down + +echo "doing changes while slave is down" +${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1 +${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1 + +echo "Makeing a copy of the master log file" +cp ${objdir}/current.log ${objdir}/current.log.tmp + +# ----------------- checking: checking that master and slaves resyncs + +echo "starting slave again" +> iprop-stats +> messages.log +KRB5_CONFIG="${objdir}/krb5-slave.conf" \ +${ipropdslave} --hostname=slave -k ${keytab} localhost & +ipds=$! +sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1 + +echo "checking slave is up again" +${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1 +echo "checking for replay problems" +${EGREP} 'Entry already exists in database' messages.log && exit 1 + +echo "kill slave and remove log and database" +kill ${ipds} +sleep 2 + +rm current.slave.log current-db.slave* || exit 1 +> iprop-stats +> messages.log +KRB5_CONFIG="${objdir}/krb5-slave.conf" \ +${ipropdslave} --hostname=slave -k ${keytab} localhost & +ipds=$! +sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1 + +echo "checking slave is up again" +${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1 +echo "checking for replay problems" +${EGREP} 'Entry already exists in database' messages.log && exit 1 + +# ----------------- checking: checking live truncation of master log + +${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1 +sleep 2 + +echo "live truncate on master log" +${iproplog} truncate || exit 1 +sleep 2 + +echo "Killing master and slave" +kill ${ipdm} ${ipds} >/dev/null 2>/dev/null + +sleep 2 +${EGREP} "^master down at " iprop-stats > /dev/null || exit 1 + +echo "compare versions on master and slave logs" +KRB5_CONFIG=${objdir}/krb5-slave.conf \ +${iproplog} last-version > slave-last.tmp +${iproplog} last-version > master-last.tmp +cmp master-last.tmp slave-last.tmp || exit 1 + +# ----------------- checking: master going backward +> iprop-stats +> messages.log + +echo "Going back to old version of the master log file" +cp ${objdir}/current.log.tmp ${objdir}/current.log + +echo "starting master" +${ipropdmaster} --hostname=localhost -k ${keytab} \ + --database=${objdir}/current-db & +ipdm=$! +sh ${srcdir}/wait-kdc.sh ipropd-master || exit 1 + +echo "starting slave" +KRB5_CONFIG="${objdir}/krb5-slave.conf" \ +${ipropdslave} --hostname=slave -k ${keytab} localhost & +ipds=$! +sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1 + +echo "checking slave is up again" +${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1 +echo "checking for replay problems" +${EGREP} 'Entry already exists in database' messages.log && exit 1 + +echo "pushing one change" +${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1 +sleep 2 + +trap "" EXIT +kill ${ipdm} ${ipds} ${kdcpid} + +echo "compare versions on master and slave logs" +KRB5_CONFIG=${objdir}/krb5-slave.conf \ +${iproplog} last-version > slave-last.tmp +${iproplog} last-version > master-last.tmp +cmp master-last.tmp slave-last.tmp || exit 1 + +exit $ec |
