Revise last change to better resemble the original test, keeping the

min-lifetime test code collected together.  Change policy to have a
minimum password lifetime of 10s instead of 30s, and reduce the test
delays accordingly.

ticket: 6358

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21868 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 19 insertions, 22 deletions

diff --git a/src/kadmin/passwd/unit-test/kpasswd.0/changing.exp b/src/kadmin/passwd/unit-test/kpasswd.0/changing.exp
index 25c2a59..3d7dc4b 100644
--- a/src/kadmin/passwd/unit-test/kpasswd.0/changing.exp
+++ b/src/kadmin/passwd/unit-test/kpasswd.0/changing.exp
@@ -12,22 +12,7 @@ if [info exist env(DEBUG)] { debug 1 }
 # Here are the tests
 #
 
-# Under "make check", init_db will just have been run and we could
-# jump right into the too-soon test.  But if someone is working with
-# the test suite manually, init_db may have been run a while ago.
-# So, force some known state, first.
-verbose "(sleeping 30 seconds so pol2 password can be changed)"
-sleep 30
-
-test_win {pol2} {successful change} pol2 pol222222 polbbbbbb
-
-set pol2_time [expr 31 + [timestamp]]
-
-test_3pass {pol2} {D.15: too soon to change password} pol2 \
-	polbbbbbb pol333333 pol333333 \
-	4 {Password cannot be changed because it was changed too recently.  Please wait until .*[12][0-9][0-9][0-9] before you change it.  If you need to change your password before then, contact your system security administrator.}
-
-#
+set pol2_time [timestamp]
 
 test_3pass {test2} {D.5: different new passwords} test2 test2 test2 foobar \
 	4 {New passwords do not match - password not changed.}
@@ -106,11 +91,23 @@ test_win {pol1} {successful change} pol1 polAAAAAA polBBBBBB
 test_win {pol1} {successful change} pol1 polBBBBBB polCCCCCC
 test_win {pol1} {successful change} pol1 polCCCCCC pol111111
 
-# Now delay a little longer (if needed) and try changing pol2's
-# password again.
-set delay [expr $pol2_time - [timestamp]]
-verbose "(sleeping $delay seconds)"
+# Under "make check", init_db will just have been run and we could
+# jump right into the too-soon test.  But if someone is working with
+# the test suite manually, init_db may have been run a while ago.
+# So, force some known state, first.
+set delay [expr $pol2_time + 11 - [timestamp]]
+verbose "(sleeping $delay seconds so pol2 password can be changed)"
 sleep $delay
 
-test_win {pol2} {password min life passed} pol2 polbbbbbb pol333333
+test_win {pol2} {successful change} pol2 pol222222 polbbbbbb
+
+test_3pass {pol2} {D.15: too soon to change password} pol2 \
+	polbbbbbb pol222222 pol222222 \
+	4 {Password cannot be changed because it was changed too recently.  Please wait until .*[12][0-9][0-9][0-9] before you change it.  If you need to change your password before then, contact your system security administrator.}
+
+# Now delay a little longer (if needed) and try changing pol2's
+# password again.
+verbose "(sleeping 10 seconds)"
+sleep 10
 
+test_win {pol2} {password min life passed} pol2 polbbbbbb pol222222
diff --git a/src/kadmin/testing/scripts/init_db b/src/kadmin/testing/scripts/init_db
index 93b6fa1..7296e1f 100755
--- a/src/kadmin/testing/scripts/init_db
+++ b/src/kadmin/testing/scripts/init_db
@@ -106,7 +106,7 @@ set cmds {
 
     {ovsec_kadm_create_policy $server_handle "test-pol 0 10000 8 2 3 0" \
 	    {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH OVSEC_KADM_PW_MIN_CLASSES OVSEC_KADM_PW_MAX_LIFE OVSEC_KADM_PW_HISTORY_NUM}}
-    {ovsec_kadm_create_policy $server_handle "once-a-min 30 0 0 0 0 0" \
+    {ovsec_kadm_create_policy $server_handle "once-a-min 10 0 0 0 0 0" \
 	    {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE}}
     {ovsec_kadm_create_policy $server_handle "dict-only 0 0 0 0 0 0" \
 	    {OVSEC_KADM_POLICY}}