aboutsummaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2009-08-13 21:25:54 +0000
committerGreg Hudson <ghudson@mit.edu>2009-08-13 21:25:54 +0000
commit1ddf7efda0fa665d86431dfc2a57e90e892b81ab (patch)
tree141ed4abf608f1143e4344aaae0f244dc62d578b /src/lib
parent45eefd6a6fa51ccf67aaf073c0237bbbd142ae81 (diff)
downloadkrb5-1ddf7efda0fa665d86431dfc2a57e90e892b81ab.zip
krb5-1ddf7efda0fa665d86431dfc2a57e90e892b81ab.tar.gz
krb5-1ddf7efda0fa665d86431dfc2a57e90e892b81ab.tar.bz2
Remove kadmin v1 API support
The kadmin v1 API and the even older ovsec_kadm_* API were legacy when kadmin was first incorporated in 1996, and compatibility with them is no longer believed to be necessary. The uninstalled kadmin/passwd has been removed (since it used the ovsec API). The test suite has been updated to use the v2 API where appropriate, and the parts specifically designed to test the old API have been excised. ticket: 6544 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22521 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/kadm5/Makefile.in3
-rw-r--r--src/lib/kadm5/admin.h320
-rw-r--r--src/lib/kadm5/admin_internal.h2
-rw-r--r--src/lib/kadm5/chpass_util_strings.et2
-rw-r--r--src/lib/kadm5/clnt/client_init.c18
-rw-r--r--src/lib/kadm5/clnt/client_principal.c169
-rw-r--r--src/lib/kadm5/clnt/clnt_policy.c18
-rw-r--r--src/lib/kadm5/clnt/libkadm5clnt.exports24
-rw-r--r--src/lib/kadm5/kadm_rpc_xdr.c136
-rw-r--r--src/lib/kadm5/misc_free.c59
-rw-r--r--src/lib/kadm5/ovsec_glue.c194
-rw-r--r--src/lib/kadm5/srv/libkadm5srv.exports24
-rw-r--r--src/lib/kadm5/srv/server_init.c54
-rw-r--r--src/lib/kadm5/srv/svr_misc_free.c3
-rw-r--r--src/lib/kadm5/srv/svr_policy.c22
-rw-r--r--src/lib/kadm5/srv/svr_principal.c188
-rw-r--r--src/lib/kadm5/unit-test/Makefile.in5
-rw-r--r--src/lib/kadm5/unit-test/README.new-tests12
-rw-r--r--src/lib/kadm5/unit-test/api.0/chpass-principal.exp176
-rw-r--r--src/lib/kadm5/unit-test/api.0/crte-policy.exp956
-rw-r--r--src/lib/kadm5/unit-test/api.0/crte-principal.exp1336
-rw-r--r--src/lib/kadm5/unit-test/api.0/destroy.exp203
-rw-r--r--src/lib/kadm5/unit-test/api.0/dlte-policy.exp207
-rw-r--r--src/lib/kadm5/unit-test/api.0/dlte-principal.exp329
-rw-r--r--src/lib/kadm5/unit-test/api.0/get-policy.exp199
-rw-r--r--src/lib/kadm5/unit-test/api.0/get-principal.exp346
-rw-r--r--src/lib/kadm5/unit-test/api.0/init.exp728
-rw-r--r--src/lib/kadm5/unit-test/api.0/mod-policy.exp703
-rw-r--r--src/lib/kadm5/unit-test/api.0/mod-principal.exp1943
-rw-r--r--src/lib/kadm5/unit-test/api.0/randkey-principal.exp319
-rw-r--r--src/lib/kadm5/unit-test/api.0/rename-principal.exp509
-rw-r--r--src/lib/kadm5/unit-test/api.1/lock.exp287
-rw-r--r--src/lib/kadm5/unit-test/config/unix.exp12
-rw-r--r--src/lib/kadm5/unit-test/destroy-test.c15
-rw-r--r--src/lib/kadm5/unit-test/handle-test.c69
-rw-r--r--src/lib/kadm5/unit-test/init-test.c1
-rw-r--r--src/lib/kadm5/unit-test/iter-test.c25
-rw-r--r--src/lib/kadm5/unit-test/lib/lib.t24
-rw-r--r--src/lib/kadm5/unit-test/lock-test.c5
-rw-r--r--src/lib/kadm5/unit-test/randkey-test.c17
-rw-r--r--src/lib/kadm5/unit-test/site.exp2
-rw-r--r--src/lib/rpc/unit-test/lib/helpers.exp16
-rwxr-xr-xsrc/lib/rpc/unit-test/rpc_test_setup.sh14
43 files changed, 276 insertions, 9418 deletions
diff --git a/src/lib/kadm5/Makefile.in b/src/lib/kadm5/Makefile.in
index 175231e..4c502eb 100644
--- a/src/lib/kadm5/Makefile.in
+++ b/src/lib/kadm5/Makefile.in
@@ -19,7 +19,6 @@ clean::
SRCS = kadm_err.c \
chpass_util_strings.c \
- $(srcdir)/ovsec_glue.c \
$(srcdir)/misc_free.c \
$(srcdir)/kadm_rpc_xdr.c \
$(srcdir)/chpass_util.c \
@@ -29,7 +28,6 @@ SRCS = kadm_err.c \
OBJS = kadm_err.$(OBJEXT) \
chpass_util_strings.$(OBJEXT) \
- ovsec_glue.$(OBJEXT) \
misc_free.$(OBJEXT) \
kadm_rpc_xdr.$(OBJEXT) \
chpass_util.$(OBJEXT) \
@@ -40,7 +38,6 @@ OBJS = kadm_err.$(OBJEXT) \
STLIBOBJS = \
kadm_err.o \
chpass_util_strings.o \
- ovsec_glue.o \
misc_free.o \
kadm_rpc_xdr.o \
chpass_util.o \
diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h
index 57e2586..33e2728 100644
--- a/src/lib/kadm5/admin.h
+++ b/src/lib/kadm5/admin.h
@@ -37,17 +37,11 @@
* releases (e.g. from 1.7 to 1.8).
* - We will make some effort to avoid making incompatible changes for
* bugfix releases, but will make them if necessary.
- * - We make no commitments at all regarding the v1 API (obtained by
- * defining USE_KADM5_API_VERSION to 1) and expect to remove it.
*/
#ifndef __KADM5_ADMIN_H__
#define __KADM5_ADMIN_H__
-#if !defined(USE_KADM5_API_VERSION)
-#define USE_KADM5_API_VERSION 2
-#endif
-
#include <sys/types.h>
#include <gssrpc/rpc.h>
#include <krb5.h>
@@ -181,10 +175,9 @@ typedef long kadm5_ret_t;
#define KADM5_STRUCT_VERSION KADM5_STRUCT_VERSION_1
#define KADM5_API_VERSION_MASK 0x12345700
-#define KADM5_API_VERSION_1 (KADM5_API_VERSION_MASK|0x01)
#define KADM5_API_VERSION_2 (KADM5_API_VERSION_MASK|0x02)
-typedef struct _kadm5_principal_ent_t_v2 {
+typedef struct _kadm5_principal_ent_t {
krb5_principal principal;
krb5_timestamp princ_expire_time;
krb5_timestamp last_pwd_change;
@@ -207,30 +200,7 @@ typedef struct _kadm5_principal_ent_t_v2 {
krb5_int16 n_tl_data;
krb5_tl_data *tl_data;
krb5_key_data *key_data;
-} kadm5_principal_ent_rec_v2, *kadm5_principal_ent_t_v2;
-
-typedef struct _kadm5_principal_ent_t_v1 {
- krb5_principal principal;
- krb5_timestamp princ_expire_time;
- krb5_timestamp last_pwd_change;
- krb5_timestamp pw_expiration;
- krb5_deltat max_life;
- krb5_principal mod_name;
- krb5_timestamp mod_date;
- krb5_flags attributes;
- krb5_kvno kvno;
- krb5_kvno mkvno;
- char *policy;
- long aux_attributes;
-} kadm5_principal_ent_rec_v1, *kadm5_principal_ent_t_v1;
-
-#if USE_KADM5_API_VERSION == 1
-typedef struct _kadm5_principal_ent_t_v1
- kadm5_principal_ent_rec, *kadm5_principal_ent_t;
-#else
-typedef struct _kadm5_principal_ent_t_v2
- kadm5_principal_ent_rec, *kadm5_principal_ent_t;
-#endif
+} kadm5_principal_ent_rec, *kadm5_principal_ent_t;
typedef struct _kadm5_policy_ent_t {
char *policy;
@@ -330,7 +300,6 @@ typedef struct __krb5_realm_params {
* functions
*/
-#if USE_KADM5_API_VERSION > 1
krb5_error_code kadm5_get_config_params(krb5_context context,
int use_kdc_config,
kadm5_config_params *params_in,
@@ -344,15 +313,10 @@ krb5_error_code kadm5_free_realm_params(krb5_context kcontext,
krb5_error_code kadm5_get_admin_service_name(krb5_context, char *,
char *, size_t);
-#endif
kadm5_ret_t kadm5_init(char *client_name, char *pass,
char *service_name,
-#if USE_KADM5_API_VERSION == 1
- char *realm,
-#else
kadm5_config_params *params,
-#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
@@ -360,11 +324,7 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
kadm5_ret_t kadm5_init_with_password(char *client_name,
char *pass,
char *service_name,
-#if USE_KADM5_API_VERSION == 1
- char *realm,
-#else
kadm5_config_params *params,
-#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
@@ -372,16 +332,11 @@ kadm5_ret_t kadm5_init_with_password(char *client_name,
kadm5_ret_t kadm5_init_with_skey(char *client_name,
char *keytab,
char *service_name,
-#if USE_KADM5_API_VERSION == 1
- char *realm,
-#else
kadm5_config_params *params,
-#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
-#if USE_KADM5_API_VERSION > 1
kadm5_ret_t kadm5_init_with_creds(char *client_name,
krb5_ccache cc,
char *service_name,
@@ -390,7 +345,6 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
-#endif
kadm5_ret_t kadm5_lock(void *server_handle);
kadm5_ret_t kadm5_unlock(void *server_handle);
kadm5_ret_t kadm5_flush(void *server_handle);
@@ -411,16 +365,10 @@ kadm5_ret_t kadm5_modify_principal(void *server_handle,
long mask);
kadm5_ret_t kadm5_rename_principal(void *server_handle,
krb5_principal,krb5_principal);
-#if USE_KADM5_API_VERSION == 1
-kadm5_ret_t kadm5_get_principal(void *server_handle,
- krb5_principal principal,
- kadm5_principal_ent_t *ent);
-#else
kadm5_ret_t kadm5_get_principal(void *server_handle,
krb5_principal principal,
kadm5_principal_ent_t ent,
long mask);
-#endif
kadm5_ret_t kadm5_chpass_principal(void *server_handle,
krb5_principal principal,
char *pass);
@@ -430,11 +378,6 @@ kadm5_ret_t kadm5_chpass_principal_3(void *server_handle,
int n_ks_tuple,
krb5_key_salt_tuple *ks_tuple,
char *pass);
-#if USE_KADM5_API_VERSION == 1
-kadm5_ret_t kadm5_randkey_principal(void *server_handle,
- krb5_principal principal,
- krb5_keyblock **keyblock);
-#else
kadm5_ret_t kadm5_randkey_principal(void *server_handle,
krb5_principal principal,
krb5_keyblock **keyblocks,
@@ -446,7 +389,6 @@ kadm5_ret_t kadm5_randkey_principal_3(void *server_handle,
krb5_key_salt_tuple *ks_tuple,
krb5_keyblock **keyblocks,
int *n_keys);
-#endif
kadm5_ret_t kadm5_setv4key_principal(void *server_handle,
krb5_principal principal,
krb5_keyblock *keyblock);
@@ -496,15 +438,9 @@ kadm5_ret_t kadm5_modify_policy(void *server_handle,
kadm5_ret_t kadm5_modify_policy_internal(void *server_handle,
kadm5_policy_ent_t
entry, long mask);
-#if USE_KADM5_API_VERSION == 1
-kadm5_ret_t kadm5_get_policy(void *server_handle,
- kadm5_policy_t policy,
- kadm5_policy_ent_t *ent);
-#else
kadm5_ret_t kadm5_get_policy(void *server_handle,
kadm5_policy_t policy,
kadm5_policy_ent_t ent);
-#endif
kadm5_ret_t kadm5_get_privs(void *server_handle,
long *privs);
@@ -529,11 +465,9 @@ kadm5_ret_t kadm5_get_policies(void *server_handle,
char *exp, char ***pols,
int *count);
-#if USE_KADM5_API_VERSION > 1
kadm5_ret_t kadm5_free_key_data(void *server_handle,
krb5_int16 *n_key_data,
krb5_key_data *key_data);
-#endif
kadm5_ret_t kadm5_free_name_list(void *server_handle, char **names,
int count);
@@ -552,256 +486,6 @@ kadm5_ret_t kadm5_get_principal_keys(void *server_handle,
krb5_keyblock **keyblocks,
int *n_keys);
-#if USE_KADM5_API_VERSION == 1
-/*
- * OVSEC_KADM_API_VERSION_1 should be, if possible, compile-time
- * compatible with KADM5_API_VERSION_2. Basically, this means we have
- * to continue to provide all the old ovsec_kadm function and symbol
- * names.
- */
-
-#define OVSEC_KADM_ACLFILE "/krb5/ovsec_adm.acl"
-#define OVSEC_KADM_WORDFILE "/krb5/ovsec_adm.dict"
-
-#define OVSEC_KADM_ADMIN_SERVICE "ovsec_adm/admin"
-#define OVSEC_KADM_CHANGEPW_SERVICE "ovsec_adm/changepw"
-#define OVSEC_KADM_HIST_PRINCIPAL "ovsec_adm/history"
-
-typedef krb5_principal ovsec_kadm_princ_t;
-typedef krb5_keyblock ovsec_kadm_keyblock;
-typedef char *ovsec_kadm_policy_t;
-typedef long ovsec_kadm_ret_t;
-
-enum ovsec_kadm_salttype { OVSEC_KADM_SALT_V4, OVSEC_KADM_SALT_NORMAL };
-enum ovsec_kadm_saltmod { OVSEC_KADM_MOD_KEEP, OVSEC_KADM_MOD_V4, OVSEC_KADM_MOD_NORMAL };
-
-#define OVSEC_KADM_PW_FIRST_PROMPT \
- ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT))
-#define OVSEC_KADM_PW_SECOND_PROMPT \
- ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT))
-
-/*
- * Successful return code
- */
-#define OVSEC_KADM_OK 0
-
-/*
- * Create/Modify masks
- */
-/* principal */
-#define OVSEC_KADM_PRINCIPAL 0x000001
-#define OVSEC_KADM_PRINC_EXPIRE_TIME 0x000002
-#define OVSEC_KADM_PW_EXPIRATION 0x000004
-#define OVSEC_KADM_LAST_PWD_CHANGE 0x000008
-#define OVSEC_KADM_ATTRIBUTES 0x000010
-#define OVSEC_KADM_MAX_LIFE 0x000020
-#define OVSEC_KADM_MOD_TIME 0x000040
-#define OVSEC_KADM_MOD_NAME 0x000080
-#define OVSEC_KADM_KVNO 0x000100
-#define OVSEC_KADM_MKVNO 0x000200
-#define OVSEC_KADM_AUX_ATTRIBUTES 0x000400
-#define OVSEC_KADM_POLICY 0x000800
-#define OVSEC_KADM_POLICY_CLR 0x001000
-/* policy */
-#define OVSEC_KADM_PW_MAX_LIFE 0x004000
-#define OVSEC_KADM_PW_MIN_LIFE 0x008000
-#define OVSEC_KADM_PW_MIN_LENGTH 0x010000
-#define OVSEC_KADM_PW_MIN_CLASSES 0x020000
-#define OVSEC_KADM_PW_HISTORY_NUM 0x040000
-#define OVSEC_KADM_REF_COUNT 0x080000
-
-/*
- * permission bits
- */
-#define OVSEC_KADM_PRIV_GET 0x01
-#define OVSEC_KADM_PRIV_ADD 0x02
-#define OVSEC_KADM_PRIV_MODIFY 0x04
-#define OVSEC_KADM_PRIV_DELETE 0x08
-
-/*
- * API versioning constants
- */
-#define OVSEC_KADM_MASK_BITS 0xffffff00
-
-#define OVSEC_KADM_STRUCT_VERSION_MASK 0x12345600
-#define OVSEC_KADM_STRUCT_VERSION_1 (OVSEC_KADM_STRUCT_VERSION_MASK|0x01)
-#define OVSEC_KADM_STRUCT_VERSION OVSEC_KADM_STRUCT_VERSION_1
-
-#define OVSEC_KADM_API_VERSION_MASK 0x12345700
-#define OVSEC_KADM_API_VERSION_1 (OVSEC_KADM_API_VERSION_MASK|0x01)
-
-
-typedef struct _ovsec_kadm_principal_ent_t {
- krb5_principal principal;
- krb5_timestamp princ_expire_time;
- krb5_timestamp last_pwd_change;
- krb5_timestamp pw_expiration;
- krb5_deltat max_life;
- krb5_principal mod_name;
- krb5_timestamp mod_date;
- krb5_flags attributes;
- krb5_kvno kvno;
- krb5_kvno mkvno;
- char *policy;
- long aux_attributes;
-} ovsec_kadm_principal_ent_rec, *ovsec_kadm_principal_ent_t;
-
-typedef struct _ovsec_kadm_policy_ent_t {
- char *policy;
- long pw_min_life;
- long pw_max_life;
- long pw_min_length;
- long pw_min_classes;
- long pw_history_num;
- long policy_refcnt;
-} ovsec_kadm_policy_ent_rec, *ovsec_kadm_policy_ent_t;
-
-/*
- * functions
- */
-ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *pass,
- char *service_name, char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle);
-ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name,
- char *pass,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char ** db_args,
- void **server_handle);
-ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name,
- char *keytab,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle);
-ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle);
-ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle);
-ovsec_kadm_ret_t ovsec_kadm_create_principal(void *server_handle,
- ovsec_kadm_principal_ent_t ent,
- long mask, char *pass);
-ovsec_kadm_ret_t ovsec_kadm_delete_principal(void *server_handle,
- krb5_principal principal);
-ovsec_kadm_ret_t ovsec_kadm_modify_principal(void *server_handle,
- ovsec_kadm_principal_ent_t ent,
- long mask);
-ovsec_kadm_ret_t ovsec_kadm_rename_principal(void *server_handle,
- krb5_principal,krb5_principal);
-ovsec_kadm_ret_t ovsec_kadm_get_principal(void *server_handle,
- krb5_principal principal,
- ovsec_kadm_principal_ent_t *ent);
-ovsec_kadm_ret_t ovsec_kadm_chpass_principal(void *server_handle,
- krb5_principal principal,
- char *pass);
-ovsec_kadm_ret_t ovsec_kadm_randkey_principal(void *server_handle,
- krb5_principal principal,
- krb5_keyblock **keyblock);
-ovsec_kadm_ret_t ovsec_kadm_create_policy(void *server_handle,
- ovsec_kadm_policy_ent_t ent,
- long mask);
-/*
- * ovsec_kadm_create_policy_internal is not part of the supported,
- * exposed API. It is available only in the server library, and you
- * shouldn't use it unless you know why it's there and how it's
- * different from ovsec_kadm_create_policy.
- */
-ovsec_kadm_ret_t ovsec_kadm_create_policy_internal(void *server_handle,
- ovsec_kadm_policy_ent_t
- entry, long mask);
-ovsec_kadm_ret_t ovsec_kadm_delete_policy(void *server_handle,
- ovsec_kadm_policy_t policy);
-ovsec_kadm_ret_t ovsec_kadm_modify_policy(void *server_handle,
- ovsec_kadm_policy_ent_t ent,
- long mask);
-/*
- * ovsec_kadm_modify_policy_internal is not part of the supported,
- * exposed API. It is available only in the server library, and you
- * shouldn't use it unless you know why it's there and how it's
- * different from ovsec_kadm_modify_policy.
- */
-ovsec_kadm_ret_t ovsec_kadm_modify_policy_internal(void *server_handle,
- ovsec_kadm_policy_ent_t
- entry, long mask);
-ovsec_kadm_ret_t ovsec_kadm_get_policy(void *server_handle,
- ovsec_kadm_policy_t policy,
- ovsec_kadm_policy_ent_t *ent);
-ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle,
- long *privs);
-
-ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle,
- krb5_principal princ,
- char *new_pw,
- char **ret_pw,
- char *msg_ret);
-
-ovsec_kadm_ret_t ovsec_kadm_free_principal_ent(void *server_handle,
- ovsec_kadm_principal_ent_t
- ent);
-ovsec_kadm_ret_t ovsec_kadm_free_policy_ent(void *server_handle,
- ovsec_kadm_policy_ent_t ent);
-
-ovsec_kadm_ret_t ovsec_kadm_free_name_list(void *server_handle,
- char **names, int count);
-
-ovsec_kadm_ret_t ovsec_kadm_get_principals(void *server_handle,
- char *exp, char ***princs,
- int *count);
-
-ovsec_kadm_ret_t ovsec_kadm_get_policies(void *server_handle,
- char *exp, char ***pols,
- int *count);
-
-#define OVSEC_KADM_FAILURE KADM5_FAILURE
-#define OVSEC_KADM_AUTH_GET KADM5_AUTH_GET
-#define OVSEC_KADM_AUTH_ADD KADM5_AUTH_ADD
-#define OVSEC_KADM_AUTH_MODIFY KADM5_AUTH_MODIFY
-#define OVSEC_KADM_AUTH_DELETE KADM5_AUTH_DELETE
-#define OVSEC_KADM_AUTH_INSUFFICIENT KADM5_AUTH_INSUFFICIENT
-#define OVSEC_KADM_BAD_DB KADM5_BAD_DB
-#define OVSEC_KADM_DUP KADM5_DUP
-#define OVSEC_KADM_RPC_ERROR KADM5_RPC_ERROR
-#define OVSEC_KADM_NO_SRV KADM5_NO_SRV
-#define OVSEC_KADM_BAD_HIST_KEY KADM5_BAD_HIST_KEY
-#define OVSEC_KADM_NOT_INIT KADM5_NOT_INIT
-#define OVSEC_KADM_UNK_PRINC KADM5_UNK_PRINC
-#define OVSEC_KADM_UNK_POLICY KADM5_UNK_POLICY
-#define OVSEC_KADM_BAD_MASK KADM5_BAD_MASK
-#define OVSEC_KADM_BAD_CLASS KADM5_BAD_CLASS
-#define OVSEC_KADM_BAD_LENGTH KADM5_BAD_LENGTH
-#define OVSEC_KADM_BAD_POLICY KADM5_BAD_POLICY
-#define OVSEC_KADM_BAD_PRINCIPAL KADM5_BAD_PRINCIPAL
-#define OVSEC_KADM_BAD_AUX_ATTR KADM5_BAD_AUX_ATTR
-#define OVSEC_KADM_BAD_HISTORY KADM5_BAD_HISTORY
-#define OVSEC_KADM_BAD_MIN_PASS_LIFE KADM5_BAD_MIN_PASS_LIFE
-#define OVSEC_KADM_PASS_Q_TOOSHORT KADM5_PASS_Q_TOOSHORT
-#define OVSEC_KADM_PASS_Q_CLASS KADM5_PASS_Q_CLASS
-#define OVSEC_KADM_PASS_Q_DICT KADM5_PASS_Q_DICT
-#define OVSEC_KADM_PASS_REUSE KADM5_PASS_REUSE
-#define OVSEC_KADM_PASS_TOOSOON KADM5_PASS_TOOSOON
-#define OVSEC_KADM_POLICY_REF KADM5_POLICY_REF
-#define OVSEC_KADM_INIT KADM5_INIT
-#define OVSEC_KADM_BAD_PASSWORD KADM5_BAD_PASSWORD
-#define OVSEC_KADM_PROTECT_PRINCIPAL KADM5_PROTECT_PRINCIPAL
-#define OVSEC_KADM_BAD_SERVER_HANDLE KADM5_BAD_SERVER_HANDLE
-#define OVSEC_KADM_BAD_STRUCT_VERSION KADM5_BAD_STRUCT_VERSION
-#define OVSEC_KADM_OLD_STRUCT_VERSION KADM5_OLD_STRUCT_VERSION
-#define OVSEC_KADM_NEW_STRUCT_VERSION KADM5_NEW_STRUCT_VERSION
-#define OVSEC_KADM_BAD_API_VERSION KADM5_BAD_API_VERSION
-#define OVSEC_KADM_OLD_LIB_API_VERSION KADM5_OLD_LIB_API_VERSION
-#define OVSEC_KADM_OLD_SERVER_API_VERSION KADM5_OLD_SERVER_API_VERSION
-#define OVSEC_KADM_NEW_LIB_API_VERSION KADM5_NEW_LIB_API_VERSION
-#define OVSEC_KADM_NEW_SERVER_API_VERSION KADM5_NEW_SERVER_API_VERSION
-#define OVSEC_KADM_SECURE_PRINC_MISSING KADM5_SECURE_PRINC_MISSING
-#define OVSEC_KADM_NO_RENAME_SALT KADM5_NO_RENAME_SALT
-
-#endif /* USE_KADM5_API_VERSION == 1 */
-
KADM5INT_END_DECLS
#endif /* __KADM5_ADMIN_H__ */
diff --git a/src/lib/kadm5/admin_internal.h b/src/lib/kadm5/admin_internal.h
index 6a9d31b..69e7bd6 100644
--- a/src/lib/kadm5/admin_internal.h
+++ b/src/lib/kadm5/admin_internal.h
@@ -29,7 +29,7 @@
if ((srvr->api_version & KADM5_MASK_BITS) != \
KADM5_API_VERSION_MASK) \
return KADM5_BAD_API_VERSION; \
- if (srvr->api_version < KADM5_API_VERSION_1) \
+ if (srvr->api_version < KADM5_API_VERSION_2) \
return old_api_version; \
if (srvr->api_version > KADM5_API_VERSION_2) \
return new_api_version; \
diff --git a/src/lib/kadm5/chpass_util_strings.et b/src/lib/kadm5/chpass_util_strings.et
index c65010a..d2c4c3d 100644
--- a/src/lib/kadm5/chpass_util_strings.et
+++ b/src/lib/kadm5/chpass_util_strings.et
@@ -1,4 +1,4 @@
-# this is really a string table for ovsec_kadm_chpass_principal_util
+# this is really a string table for chpass_principal_util
error_table ovku
diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c
index 4395453..4ebd1b7 100644
--- a/src/lib/kadm5/clnt/client_init.c
+++ b/src/lib/kadm5/clnt/client_init.c
@@ -231,20 +231,10 @@ static kadm5_ret_t _kadm5_init_any(char *client_name,
* empty mask, and behave like version 2.
*/
memset(&params_local, 0, sizeof(params_local));
- if (api_version == KADM5_API_VERSION_1) {
- realm = params_local.realm = (char *) params_in;
- if (params_in)
- params_local.mask = KADM5_CONFIG_REALM;
-
- /* Use old AUTH_GSSAPI for version 1 protocol. */
- params_local.mask |= KADM5_CONFIG_OLD_AUTH_GSSAPI;
- params_in = &params_local;
- } else {
- if (params_in && (params_in->mask & KADM5_CONFIG_REALM))
- realm = params_in->realm;
- else
- realm = NULL;
- }
+ if (params_in && (params_in->mask & KADM5_CONFIG_REALM))
+ realm = params_in->realm;
+ else
+ realm = NULL;
#if 0 /* Since KDC config params can now be put in krb5.conf, these
could show up even when you're just using the remote kadmin
diff --git a/src/lib/kadm5/clnt/client_principal.c b/src/lib/kadm5/clnt/client_principal.c
index 51135f4..56ad512 100644
--- a/src/lib/kadm5/clnt/client_principal.c
+++ b/src/lib/kadm5/clnt/client_principal.c
@@ -43,22 +43,8 @@ kadm5_create_principal(void *server_handle,
if(princ == NULL)
return EINVAL;
- if (handle->api_version == KADM5_API_VERSION_1) {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
- } else {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
- }
- if (handle->api_version == KADM5_API_VERSION_1) {
- /*
- * hack hack cough cough.
- * krb5_unparse name dumps core if we pass it in garbage
- * or null. So, since the client is not allowed to set mod_name
- * anyway, we just fill it in with a dummy principal. The server of
- * course ignores this.
- */
- krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
- } else
- arg.rec.mod_name = NULL;
+ memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
+ arg.rec.mod_name = NULL;
if(!(mask & KADM5_POLICY))
arg.rec.policy = NULL;
@@ -73,9 +59,6 @@ kadm5_create_principal(void *server_handle,
r = create_principal_2(&arg, handle->clnt);
- if (handle->api_version == KADM5_API_VERSION_1)
- krb5_free_principal(handle->context, arg.rec.mod_name);
-
if(r == NULL)
eret();
return r->code;
@@ -104,22 +87,8 @@ kadm5_create_principal_3(void *server_handle,
if(princ == NULL)
return EINVAL;
- if (handle->api_version == KADM5_API_VERSION_1) {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
- } else {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
- }
- if (handle->api_version == KADM5_API_VERSION_1) {
- /*
- * hack hack cough cough.
- * krb5_unparse name dumps core if we pass it in garbage
- * or null. So, since the client is not allowed to set mod_name
- * anyway, we just fill it in with a dummy principal. The server of
- * course ignores this.
- */
- krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
- } else
- arg.rec.mod_name = NULL;
+ memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
+ arg.rec.mod_name = NULL;
if(!(mask & KADM5_POLICY))
arg.rec.policy = NULL;
@@ -134,9 +103,6 @@ kadm5_create_principal_3(void *server_handle,
r = create_principal3_2(&arg, handle->clnt);
- if (handle->api_version == KADM5_API_VERSION_1)
- krb5_free_principal(handle->context, arg.rec.mod_name);
-
if(r == NULL)
eret();
return r->code;
@@ -174,17 +140,9 @@ kadm5_modify_principal(void *server_handle,
memset(&arg, 0, sizeof(arg));
arg.mask = mask;
arg.api_version = handle->api_version;
- /*
- * cough cough gag gag
- * see comment in create_principal.
- */
if(princ == NULL)
return EINVAL;
- if (handle->api_version == KADM5_API_VERSION_1) {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
- } else {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
- }
+ memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
if(!(mask & KADM5_POLICY))
arg.rec.policy = NULL;
if (! (mask & KADM5_KEY_DATA)) {
@@ -196,19 +154,10 @@ kadm5_modify_principal(void *server_handle,
arg.rec.tl_data = NULL;
}
- if (handle->api_version == KADM5_API_VERSION_1) {
- /*
- * See comment in create_principal
- */
- krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
- } else
- arg.rec.mod_name = NULL;
+ arg.rec.mod_name = NULL;
r = modify_principal_2(&arg, handle->clnt);
- if (handle->api_version == KADM5_API_VERSION_1)
- krb5_free_principal(handle->context, arg.rec.mod_name);
-
if(r == NULL)
eret();
return r->code;
@@ -228,33 +177,13 @@ kadm5_get_principal(void *server_handle,
if(princ == NULL)
return EINVAL;
arg.princ = princ;
- if (handle->api_version == KADM5_API_VERSION_1)
- arg.mask = KADM5_PRINCIPAL_NORMAL_MASK;
- else
- arg.mask = mask;
+ arg.mask = mask;
arg.api_version = handle->api_version;
r = get_principal_2(&arg, handle->clnt);
if(r == NULL)
eret();
- if (handle->api_version == KADM5_API_VERSION_1) {
- kadm5_principal_ent_t_v1 *entp;
-
- entp = (kadm5_principal_ent_t_v1 *) ent;
- if (r->code == 0) {
- if (!(*entp = (kadm5_principal_ent_t_v1)
- malloc(sizeof(kadm5_principal_ent_rec_v1))))
- return ENOMEM;
- /* this memcpy works because the v1 structure is an initial
- subset of the v2 struct. C guarantees that this will
- result in the same layout in memory */
- memcpy(*entp, &r->rec, sizeof(**entp));
- } else {
- *entp = NULL;
- }
- } else {
- if (r->code == 0)
- memcpy(ent, &r->rec, sizeof(r->rec));
- }
+ if (r->code == 0)
+ memcpy(ent, &r->rec, sizeof(r->rec));
return r->code;
}
@@ -460,29 +389,23 @@ kadm5_randkey_principal_3(void *server_handle,
r = chrand_principal3_2(&arg, handle->clnt);
if(r == NULL)
eret();
- if (handle->api_version == KADM5_API_VERSION_1) {
- if (key)
- krb5_copy_keyblock(handle->context, &r->key, key);
- } else {
- if (n_keys)
- *n_keys = r->n_keys;
- if (key) {
- if(r->n_keys) {
- *key = (krb5_keyblock *)
- malloc(r->n_keys*sizeof(krb5_keyblock));
- if (*key == NULL)
- return ENOMEM;
- for (i = 0; i < r->n_keys; i++) {
- ret = krb5_copy_keyblock_contents(handle->context,
- &r->keys[i],
- &(*key)[i]);
- if (ret) {
- free(*key);
- return ENOMEM;
- }
- }
- } else *key = NULL;
- }
+ if (n_keys)
+ *n_keys = r->n_keys;
+ if (key) {
+ if(r->n_keys) {
+ *key = malloc(r->n_keys * sizeof(krb5_keyblock));
+ if (*key == NULL)
+ return ENOMEM;
+ for (i = 0; i < r->n_keys; i++) {
+ ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i],
+ &(*key)[i]);
+ if (ret) {
+ free(*key);
+ return ENOMEM;
+ }
+ }
+ } else
+ *key = NULL;
}
return r->code;
@@ -508,29 +431,23 @@ kadm5_randkey_principal(void *server_handle,
r = chrand_principal_2(&arg, handle->clnt);
if(r == NULL)
eret();
- if (handle->api_version == KADM5_API_VERSION_1) {
- if (key)
- krb5_copy_keyblock(handle->context, &r->key, key);
- } else {
- if (n_keys)
- *n_keys = r->n_keys;
- if (key) {
- if(r->n_keys) {
- *key = (krb5_keyblock *)
- malloc(r->n_keys*sizeof(krb5_keyblock));
- if (*key == NULL)
- return ENOMEM;
- for (i = 0; i < r->n_keys; i++) {
- ret = krb5_copy_keyblock_contents(handle->context,
- &r->keys[i],
- &(*key)[i]);
- if (ret) {
- free(*key);
- return ENOMEM;
- }
- }
- } else *key = NULL;
- }
+ if (n_keys)
+ *n_keys = r->n_keys;
+ if (key) {
+ if(r->n_keys) {
+ *key = malloc(r->n_keys * sizeof(krb5_keyblock));
+ if (*key == NULL)
+ return ENOMEM;
+ for (i = 0; i < r->n_keys; i++) {
+ ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i],
+ &(*key)[i]);
+ if (ret) {
+ free(*key);
+ return ENOMEM;
+ }
+ }
+ } else
+ *key = NULL;
}
return r->code;
diff --git a/src/lib/kadm5/clnt/clnt_policy.c b/src/lib/kadm5/clnt/clnt_policy.c
index 6877ec3..fc91245 100644
--- a/src/lib/kadm5/clnt/clnt_policy.c
+++ b/src/lib/kadm5/clnt/clnt_policy.c
@@ -103,22 +103,8 @@ kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent)
r = get_policy_2(&arg, handle->clnt);
if(r == NULL)
return KADM5_RPC_ERROR;
- if (handle->api_version == KADM5_API_VERSION_1) {
- kadm5_policy_ent_t *entp;
-
- entp = (kadm5_policy_ent_t *) ent;
- if(r->code == 0) {
- if (!(*entp = (kadm5_policy_ent_t)
- malloc(sizeof(kadm5_policy_ent_rec))))
- return ENOMEM;
- memcpy(*entp, &r->rec, sizeof(**entp));
- } else {
- *entp = NULL;
- }
- } else {
- if (r->code == 0)
- memcpy(ent, &r->rec, sizeof(r->rec));
- }
+ if (r->code == 0)
+ memcpy(ent, &r->rec, sizeof(r->rec));
return r->code;
}
diff --git a/src/lib/kadm5/clnt/libkadm5clnt.exports b/src/lib/kadm5/clnt/libkadm5clnt.exports
index 7f11f32..6174847 100644
--- a/src/lib/kadm5/clnt/libkadm5clnt.exports
+++ b/src/lib/kadm5/clnt/libkadm5clnt.exports
@@ -58,29 +58,6 @@ krb5_klog_syslog
krb5_read_realm_params
krb5_string_to_flags
krb5_string_to_keysalts
-ovsec_kadm_chpass_principal
-ovsec_kadm_chpass_principal_util
-ovsec_kadm_create_policy
-ovsec_kadm_create_principal
-ovsec_kadm_delete_policy
-ovsec_kadm_delete_principal
-ovsec_kadm_destroy
-ovsec_kadm_flush
-ovsec_kadm_free_name_list
-ovsec_kadm_free_policy_ent
-ovsec_kadm_free_principal_ent
-ovsec_kadm_get_policies
-ovsec_kadm_get_policy
-ovsec_kadm_get_principal
-ovsec_kadm_get_principals
-ovsec_kadm_get_privs
-ovsec_kadm_init
-ovsec_kadm_init_with_password
-ovsec_kadm_init_with_skey
-ovsec_kadm_modify_policy
-ovsec_kadm_modify_principal
-ovsec_kadm_randkey_principal
-ovsec_kadm_rename_principal
xdr_chpass3_arg
xdr_chpass_arg
xdr_chrand3_arg
@@ -103,7 +80,6 @@ xdr_gprincs_arg
xdr_gprincs_ret
xdr_kadm5_policy_ent_rec
xdr_kadm5_principal_ent_rec
-xdr_kadm5_principal_ent_rec_v1
xdr_kadm5_ret_t
xdr_krb5_deltat
xdr_krb5_enctype
diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
index 4e9e408..c357dbf 100644
--- a/src/lib/kadm5/kadm_rpc_xdr.c
+++ b/src/lib/kadm5/kadm_rpc_xdr.c
@@ -380,12 +380,6 @@ xdr_kadm5_ret_t(XDR *xdrs, kadm5_ret_t *objp)
return (TRUE);
}
-bool_t xdr_kadm5_principal_ent_rec_v1(XDR *xdrs,
- kadm5_principal_ent_rec *objp)
-{
- return _xdr_kadm5_principal_ent_rec(xdrs, objp, KADM5_API_VERSION_1);
-}
-
bool_t xdr_kadm5_principal_ent_rec(XDR *xdrs,
kadm5_principal_ent_rec *objp)
{
@@ -413,15 +407,9 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp,
if (!xdr_krb5_deltat(xdrs, &objp->max_life)) {
return (FALSE);
}
- if (v == KADM5_API_VERSION_1) {
- if (!xdr_krb5_principal(xdrs, &objp->mod_name)) {
- return (FALSE);
- }
- } else {
- if (!xdr_nulltype(xdrs, (void **) &objp->mod_name,
- xdr_krb5_principal)) {
- return (FALSE);
- }
+ if (!xdr_nulltype(xdrs, (void **) &objp->mod_name,
+ xdr_krb5_principal)) {
+ return (FALSE);
}
if (!xdr_krb5_timestamp(xdrs, &objp->mod_date)) {
return (FALSE);
@@ -441,35 +429,33 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp,
if (!xdr_long(xdrs, &objp->aux_attributes)) {
return (FALSE);
}
- if (v != KADM5_API_VERSION_1) {
- if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) {
- return (FALSE);
- }
- if (!xdr_krb5_timestamp(xdrs, &objp->last_success)) {
- return (FALSE);
- }
- if (!xdr_krb5_timestamp(xdrs, &objp->last_failed)) {
- return (FALSE);
- }
- if (!xdr_krb5_kvno(xdrs, &objp->fail_auth_count)) {
- return (FALSE);
- }
- if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) {
- return (FALSE);
- }
- if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) {
- return (FALSE);
- }
- if (!xdr_nulltype(xdrs, (void **) &objp->tl_data,
- xdr_krb5_tl_data)) {
- return FALSE;
- }
- n = objp->n_key_data;
- if (!xdr_array(xdrs, (caddr_t *) &objp->key_data,
- &n, ~0, sizeof(krb5_key_data),
- xdr_krb5_key_data_nocontents)) {
- return (FALSE);
- }
+ if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_timestamp(xdrs, &objp->last_success)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_timestamp(xdrs, &objp->last_failed)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_kvno(xdrs, &objp->fail_auth_count)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) {
+ return (FALSE);
+ }
+ if (!xdr_nulltype(xdrs, (void **) &objp->tl_data,
+ xdr_krb5_tl_data)) {
+ return FALSE;
+ }
+ n = objp->n_key_data;
+ if (!xdr_array(xdrs, (caddr_t *) &objp->key_data,
+ &n, ~0, sizeof(krb5_key_data),
+ xdr_krb5_key_data_nocontents)) {
+ return (FALSE);
}
return (TRUE);
}
@@ -510,14 +496,8 @@ xdr_cprinc_arg(XDR *xdrs, cprinc_arg *objp)
if (!xdr_ui_4(xdrs, &objp->api_version)) {
return (FALSE);
}
- if (objp->api_version == KADM5_API_VERSION_1) {
- if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) {
- return (FALSE);
- }
- } else {
- if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
- return (FALSE);
- }
+ if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
+ return (FALSE);
}
if (!xdr_long(xdrs, &objp->mask)) {
return (FALSE);
@@ -534,14 +514,8 @@ xdr_cprinc3_arg(XDR *xdrs, cprinc3_arg *objp)
if (!xdr_ui_4(xdrs, &objp->api_version)) {
return (FALSE);
}
- if (objp->api_version == KADM5_API_VERSION_1) {
- if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) {
- return (FALSE);
- }
- } else {
- if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
- return (FALSE);
- }
+ if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
+ return (FALSE);
}
if (!xdr_long(xdrs, &objp->mask)) {
return (FALSE);
@@ -589,14 +563,8 @@ xdr_mprinc_arg(XDR *xdrs, mprinc_arg *objp)
if (!xdr_ui_4(xdrs, &objp->api_version)) {
return (FALSE);
}
- if (objp->api_version == KADM5_API_VERSION_1) {
- if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) {
- return (FALSE);
- }
- } else {
- if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
- return (FALSE);
- }
+ if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
+ return (FALSE);
}
if (!xdr_long(xdrs, &objp->mask)) {
return (FALSE);
@@ -796,19 +764,10 @@ xdr_chrand_ret(XDR *xdrs, chrand_ret *objp)
if (!xdr_kadm5_ret_t(xdrs, &objp->code)) {
return (FALSE);
}
- if (objp->api_version == KADM5_API_VERSION_1) {
- if(objp->code == KADM5_OK) {
- if (!xdr_krb5_keyblock(xdrs, &objp->key)) {
- return (FALSE);
- }
- }
- } else {
- if (objp->code == KADM5_OK) {
- if (!xdr_array(xdrs, (char **)&objp->keys, &objp->n_keys, ~0,
- sizeof(krb5_keyblock),
- xdr_krb5_keyblock))
- return FALSE;
- }
+ if (objp->code == KADM5_OK) {
+ if (!xdr_array(xdrs, (char **)&objp->keys, &objp->n_keys, ~0,
+ sizeof(krb5_keyblock), xdr_krb5_keyblock))
+ return FALSE;
}
return (TRUE);
@@ -823,8 +782,7 @@ xdr_gprinc_arg(XDR *xdrs, gprinc_arg *objp)
if (!xdr_krb5_principal(xdrs, &objp->princ)) {
return (FALSE);
}
- if ((objp->api_version > KADM5_API_VERSION_1) &&
- !xdr_long(xdrs, &objp->mask)) {
+ if (!xdr_long(xdrs, &objp->mask)) {
return FALSE;
}
@@ -841,15 +799,9 @@ xdr_gprinc_ret(XDR *xdrs, gprinc_ret *objp)
return (FALSE);
}
if(objp->code == KADM5_OK) {
- if (objp->api_version == KADM5_API_VERSION_1) {
- if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) {
- return (FALSE);
- }
- } else {
- if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
- return (FALSE);
- }
- }
+ if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
+ return (FALSE);
+ }
}
return (TRUE);
diff --git a/src/lib/kadm5/misc_free.c b/src/lib/kadm5/misc_free.c
index 9dc91b5..066bc73 100644
--- a/src/lib/kadm5/misc_free.c
+++ b/src/lib/kadm5/misc_free.c
@@ -18,12 +18,8 @@ kadm5_free_policy_ent(void *server_handle, kadm5_policy_ent_t val)
_KADM5_CHECK_HANDLE(server_handle);
- if(val) {
- if (val->policy)
- free(val->policy);
- if (handle->api_version == KADM5_API_VERSION_1)
- free(val);
- }
+ if (val)
+ free(val->policy);
return KADM5_OK;
}
@@ -74,42 +70,31 @@ kadm5_ret_t kadm5_free_key_data(void *server_handle,
}
kadm5_ret_t
-kadm5_free_principal_ent(void *server_handle,
- kadm5_principal_ent_t val)
+kadm5_free_principal_ent(void *server_handle, kadm5_principal_ent_t val)
{
- kadm5_server_handle_t handle = server_handle;
+ kadm5_server_handle_t handle = server_handle;
+ krb5_tl_data *tl;
int i;
_KADM5_CHECK_HANDLE(server_handle);
- if(val) {
- if(val->principal)
- krb5_free_principal(handle->context, val->principal);
- if(val->mod_name)
- krb5_free_principal(handle->context, val->mod_name);
- if(val->policy)
- free(val->policy);
- if (handle->api_version > KADM5_API_VERSION_1) {
- if (val->n_key_data) {
- for (i = 0; i < val->n_key_data; i++)
- krb5_free_key_data_contents(handle->context,
- &val->key_data[i]);
- free(val->key_data);
- }
- if (val->tl_data) {
- krb5_tl_data *tl;
-
- while (val->tl_data) {
- tl = val->tl_data->tl_data_next;
- free(val->tl_data->tl_data_contents);
- free(val->tl_data);
- val->tl_data = tl;
- }
- }
- }
-
- if (handle->api_version == KADM5_API_VERSION_1)
- free(val);
+ if (!val)
+ return KADM5_OK;
+
+ krb5_free_principal(handle->context, val->principal);
+ krb5_free_principal(handle->context, val->mod_name);
+ free(val->policy);
+ if (val->n_key_data) {
+ for (i = 0; i < val->n_key_data; i++)
+ krb5_free_key_data_contents(handle->context, &val->key_data[i]);
+ free(val->key_data);
+ }
+
+ while (val->tl_data) {
+ tl = val->tl_data->tl_data_next;
+ free(val->tl_data->tl_data_contents);
+ free(val->tl_data);
+ val->tl_data = tl;
}
return KADM5_OK;
}
diff --git a/src/lib/kadm5/ovsec_glue.c b/src/lib/kadm5/ovsec_glue.c
deleted file mode 100644
index a3ae6de..0000000
--- a/src/lib/kadm5/ovsec_glue.c
+++ /dev/null
@@ -1,194 +0,0 @@
-#define USE_KADM5_API_VERSION 1
-#include <kadm5/admin.h>
-#include <string.h>
-
-ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name, char *pass,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle)
-{
- return kadm5_init_with_password(client_name, pass, service_name,
- realm, struct_version, api_version, db_args,
- server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name, char *keytab,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle)
-{
- return kadm5_init_with_skey(client_name, keytab, service_name, realm,
- struct_version, api_version, db_args,
- server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *from_stash,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle)
-{
- return kadm5_init(client_name, from_stash, service_name,
- realm, struct_version, api_version, db_args,
- server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle)
-{
- return kadm5_destroy(server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle)
-{
- return kadm5_flush(server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_create_principal(void *server_handle,
- ovsec_kadm_principal_ent_t entry,
- long mask,
- char *password)
-{
- return kadm5_create_principal(server_handle,
- (kadm5_principal_ent_t)
- entry, mask, password);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_delete_principal(void *server_handle,
- krb5_principal principal)
-{
- return kadm5_delete_principal(server_handle, principal);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_modify_principal(void *server_handle,
- ovsec_kadm_principal_ent_t entry,
- long mask)
-{
- return kadm5_modify_principal(server_handle,
- (kadm5_principal_ent_t) entry, mask);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_rename_principal(void *server_handle,
- krb5_principal source,
- krb5_principal target)
-{
- return kadm5_rename_principal(server_handle, source, target);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_get_principal(void *server_handle,
- krb5_principal principal,
- ovsec_kadm_principal_ent_t *entry)
-{
- return kadm5_get_principal(server_handle, principal,
- (kadm5_principal_ent_t *) entry);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_chpass_principal(void *server_handle,
- krb5_principal principal,
- char *password)
-{
- return kadm5_chpass_principal(server_handle, principal, password);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle,
- krb5_principal princ,
- char *new_pw,
- char **ret_pw,
- char *msg_ret)
-{
- /* Oh crap. Can't change the API without bumping the API version... */
- memset(msg_ret, '\0', 1024);
- return kadm5_chpass_principal_util(server_handle, princ, new_pw,
- ret_pw, msg_ret, 1024);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_randkey_principal(void *server_handle,
- krb5_principal principal,
- krb5_keyblock **key)
-{
- return kadm5_randkey_principal(server_handle, principal, key);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_create_policy(void *server_handle,
- ovsec_kadm_policy_ent_t entry,
- long mask)
-{
- return kadm5_create_policy(server_handle,
- (kadm5_policy_ent_t) entry, mask);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_delete_policy(void *server_handle,
- ovsec_kadm_policy_t name)
-{
- return kadm5_delete_policy(server_handle, (kadm5_policy_t) name);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_modify_policy(void *server_handle,
- ovsec_kadm_policy_ent_t entry,
- long mask)
-{
- return kadm5_modify_policy(server_handle,
- (kadm5_policy_ent_t) entry, mask);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_get_policy(void *server_handle,
- ovsec_kadm_policy_t name,
- ovsec_kadm_policy_ent_t *entry)
-{
- return kadm5_get_policy(server_handle, (kadm5_policy_t) name,
- (kadm5_policy_ent_t *) entry);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_free_policy_ent(void *server_handle,
- ovsec_kadm_policy_ent_t val)
-{
- return kadm5_free_policy_ent(server_handle, (kadm5_policy_ent_t) val);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_free_name_list(void *server_handle,
- char **names, int count)
-{
- return kadm5_free_name_list(server_handle, names, count);
-}
-
-ovsec_kadm_ret_t
-ovsec_kadm_free_principal_ent(void *server_handle,
- ovsec_kadm_principal_ent_t val)
-{
- return kadm5_free_principal_ent(server_handle,
- (kadm5_principal_ent_t) val);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle, long *privs)
-{
- return kadm5_get_privs(server_handle, privs);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_get_principals(void *server_handle,
- char *exp,
- char ***princs,
- int *count)
-{
- return kadm5_get_principals(server_handle, exp, princs, count);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_get_policies(void *server_handle,
- char *exp,
- char ***pols,
- int *count)
-{
- return kadm5_get_policies(server_handle, exp, pols, count);
-}
-
diff --git a/src/lib/kadm5/srv/libkadm5srv.exports b/src/lib/kadm5/srv/libkadm5srv.exports
index 545d43b..35745be 100644
--- a/src/lib/kadm5/srv/libkadm5srv.exports
+++ b/src/lib/kadm5/srv/libkadm5srv.exports
@@ -90,29 +90,6 @@ master_keyblock
master_keylist
master_princ
osa_free_princ_ent
-ovsec_kadm_chpass_principal
-ovsec_kadm_chpass_principal_util
-ovsec_kadm_create_policy
-ovsec_kadm_create_principal
-ovsec_kadm_delete_policy
-ovsec_kadm_delete_principal
-ovsec_kadm_destroy
-ovsec_kadm_flush
-ovsec_kadm_free_name_list
-ovsec_kadm_free_policy_ent
-ovsec_kadm_free_principal_ent
-ovsec_kadm_get_policies
-ovsec_kadm_get_policy
-ovsec_kadm_get_principal
-ovsec_kadm_get_principals
-ovsec_kadm_get_privs
-ovsec_kadm_init
-ovsec_kadm_init_with_password
-ovsec_kadm_init_with_skey
-ovsec_kadm_modify_policy
-ovsec_kadm_modify_principal
-ovsec_kadm_randkey_principal
-ovsec_kadm_rename_principal
passwd_check
xdr_chpass3_arg
xdr_chpass_arg
@@ -136,7 +113,6 @@ xdr_gprincs_arg
xdr_gprincs_ret
xdr_kadm5_policy_ent_rec
xdr_kadm5_principal_ent_rec
-xdr_kadm5_principal_ent_rec_v1
xdr_kadm5_ret_t
xdr_krb5_deltat
xdr_krb5_enctype
diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c
index 77a83ba..e41ecca 100644
--- a/src/lib/kadm5/srv/server_init.c
+++ b/src/lib/kadm5/srv/server_init.c
@@ -113,13 +113,11 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name,
void **server_handle)
{
/*
- * A program calling init_with_creds *never* expects to prompt the
- * user. Therefore, always pass a dummy password in case this is
- * KADM5_API_VERSION_1. If this is KADM5_API_VERSION_2 and
- * MKEY_FROM_KBD is non-zero, return an error.
+ * A program calling init_with_creds *never* expects to prompt
+ * the user. If this is KADM5_API_VERSION_2 and MKEY_FROM_KBD is
+ * non-zero, return an error.
*/
- if (api_version == KADM5_API_VERSION_2 && params &&
- (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
+ if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
params->mkey_from_kbd)
return KADM5_BAD_SERVER_PARAMS;
return kadm5_init(client_name, NULL, service_name, params,
@@ -138,12 +136,10 @@ kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
{
/*
* A program calling init_with_skey *never* expects to prompt the
- * user. Therefore, always pass a dummy password in case this is
- * KADM5_API_VERSION_1. If this is KADM5_API_VERSION_2 and
- * MKEY_FROM_KBD is non-zero, return an error.
+ * user. If this is KADM5_API_VERSION_2 and MKEY_FROM_KBD is
+ * non-zero, return an error.
*/
- if (api_version == KADM5_API_VERSION_2 && params &&
- (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
+ if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
params->mkey_from_kbd)
return KADM5_BAD_SERVER_PARAMS;
return kadm5_init(client_name, NULL, service_name, params,
@@ -202,21 +198,11 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
KADM5_NEW_SERVER_API_VERSION);
/*
- * Acquire relevant profile entries. In version 2, merge values
+ * Acquire relevant profile entries. Merge values
* in params_in with values from profile, based on
* params_in->mask.
- *
- * In version 1, we've given a realm (which may be NULL) instead
- * of params_in. So use that realm, make params_in contain an
- * empty mask, and behave like version 2.
*/
memset(&params_local, 0, sizeof(params_local));
- if (api_version == KADM5_API_VERSION_1) {
- params_local.realm = (char *) params_in;
- if (params_in)
- params_local.mask = KADM5_CONFIG_REALM;
- params_in = &params_local;
- }
#if 0 /* Now that we look at krb5.conf as well as kdc.conf, we can
expect to see admin_server being set sometimes. */
@@ -311,29 +297,9 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
return ret;
}
- /*
- * The KADM5_API_VERSION_1 spec said "If pass (or keytab) is NULL
- * or an empty string, reads the master password from [the stash
- * file]. Otherwise, the non-NULL password is ignored and the
- * user is prompted for it via the tty." However, the code was
- * implemented the other way: when a non-NULL password was
- * provided, the stash file was used. This is somewhat more
- * sensible, as then a local or remote client that provides a
- * password does not prompt the user. This code maintains the
- * previous actual behavior, and not the old spec behavior,
- * because that is how the unit tests are written.
- *
- * In KADM5_API_VERSION_2, this decision is controlled by
- * params.
- *
- * kdb_init_master's third argument is "from_keyboard".
- */
ret = kdb_init_master(handle, handle->params.realm,
- (handle->api_version == KADM5_API_VERSION_1 ?
- ((pass == NULL) || !(strlen(pass))) :
- ((handle->params.mask & KADM5_CONFIG_MKEY_FROM_KBD)
- && handle->params.mkey_from_kbd)
- ));
+ (handle->params.mask & KADM5_CONFIG_MKEY_FROM_KBD)
+ && handle->params.mkey_from_kbd);
if (ret) {
krb5_db_fini(handle->context);
krb5_free_context(handle->context);
diff --git a/src/lib/kadm5/srv/svr_misc_free.c b/src/lib/kadm5/srv/svr_misc_free.c
index d203397..1c87f06 100644
--- a/src/lib/kadm5/srv/svr_misc_free.c
+++ b/src/lib/kadm5/srv/svr_misc_free.c
@@ -29,9 +29,6 @@ kadm5_free_principal_ent(void *server_handle,
free(val->policy);
/* XXX free key_data and tl_data */
-
- if (handle->api_version == KADM5_API_VERSION_1)
- free(val);
}
return KADM5_OK;
}
diff --git a/src/lib/kadm5/srv/svr_policy.c b/src/lib/kadm5/srv/svr_policy.c
index 7add671..5b7828c 100644
--- a/src/lib/kadm5/srv/svr_policy.c
+++ b/src/lib/kadm5/srv/svr_policy.c
@@ -258,7 +258,6 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name,
kadm5_policy_ent_t entry)
{
osa_policy_ent_t t;
- kadm5_policy_ent_rec entry_local, **entry_orig, *new;
int ret;
kadm5_server_handle_t handle = server_handle;
int cnt=1;
@@ -267,16 +266,6 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name,
krb5_clear_error_message(handle->context);
- /*
- * In version 1, entry is a pointer to a kadm5_policy_ent_t that
- * should be filled with allocated memory.
- */
- if (handle->api_version == KADM5_API_VERSION_1) {
- entry_orig = (kadm5_policy_ent_rec **) entry;
- *entry_orig = NULL;
- entry = &entry_local;
- }
-
if (name == (kadm5_policy_t) NULL)
return EINVAL;
if(strlen(name) == 0)
@@ -299,16 +288,5 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name,
entry->policy_refcnt = t->policy_refcnt;
krb5_db_free_policy(handle->context, t);
- if (handle->api_version == KADM5_API_VERSION_1) {
- new = (kadm5_policy_ent_t) malloc(sizeof(kadm5_policy_ent_rec));
- if (new == NULL) {
- free(entry->policy);
- krb5_db_free_policy(handle->context, t);
- return ENOMEM;
- }
- *new = *entry;
- *entry_orig = new;
- }
-
return KADM5_OK;
}
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index 4ee842f..63f6aea 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -745,7 +745,6 @@ kadm5_get_principal(void *server_handle, krb5_principal principal,
long mask;
int i;
kadm5_server_handle_t handle = server_handle;
- kadm5_principal_ent_rec entry_local, *entry_orig;
CHECK_HANDLE(server_handle);
@@ -756,13 +755,7 @@ kadm5_get_principal(void *server_handle, krb5_principal principal,
* entry is a pointer to a kadm5_principal_ent_t_v1 that should be
* filled with allocated memory.
*/
- if (handle->api_version == KADM5_API_VERSION_1) {
- mask = KADM5_PRINCIPAL_NORMAL_MASK;
- entry_orig = entry;
- entry = &entry_local;
- } else {
- mask = in_mask;
- }
+ mask = in_mask;
memset(entry, 0, sizeof(*entry));
@@ -833,102 +826,51 @@ kadm5_get_principal(void *server_handle, krb5_principal principal,
if (ret)
goto done;
- /*
- * It's my understanding that KADM5_API_VERSION_1 is for OpenVision admin
- * system compatiblity and is not required to maintain at this point so I'm
- * commenting out this code.
- * -- Will Fiveash
- */
-#if 0 /************** Begin IFDEF'ed OUT *******************************/
- if (handle->api_version == KADM5_API_VERSION_2)
- entry->mkvno = 0;
- else {
- /* XXX I'll be damned if I know how to deal with this one --marc */
- entry->mkvno = 1;
- }
-#endif /**************** END IFDEF'ed OUT *******************************/
-
- /*
- * The new fields that only exist in version 2 start here
- */
- if (handle->api_version == KADM5_API_VERSION_2) {
- if (mask & KADM5_MAX_RLIFE)
- entry->max_renewable_life = kdb.max_renewable_life;
- if (mask & KADM5_LAST_SUCCESS)
- entry->last_success = kdb.last_success;
- if (mask & KADM5_LAST_FAILED)
- entry->last_failed = kdb.last_failed;
- if (mask & KADM5_FAIL_AUTH_COUNT)
- entry->fail_auth_count = kdb.fail_auth_count;
- if (mask & KADM5_TL_DATA) {
- krb5_tl_data *tl, *tl2;
-
- entry->tl_data = NULL;
-
- tl = kdb.tl_data;
- while (tl) {
- if (tl->tl_data_type > 255) {
- if ((tl2 = dup_tl_data(tl)) == NULL) {
- ret = ENOMEM;
- goto done;
- }
- tl2->tl_data_next = entry->tl_data;
- entry->tl_data = tl2;
- entry->n_tl_data++;
- }
+ if (mask & KADM5_MAX_RLIFE)
+ entry->max_renewable_life = kdb.max_renewable_life;
+ if (mask & KADM5_LAST_SUCCESS)
+ entry->last_success = kdb.last_success;
+ if (mask & KADM5_LAST_FAILED)
+ entry->last_failed = kdb.last_failed;
+ if (mask & KADM5_FAIL_AUTH_COUNT)
+ entry->fail_auth_count = kdb.fail_auth_count;
+ if (mask & KADM5_TL_DATA) {
+ krb5_tl_data *tl, *tl2;
- tl = tl->tl_data_next;
- }
- }
- if (mask & KADM5_KEY_DATA) {
- entry->n_key_data = kdb.n_key_data;
- if(entry->n_key_data) {
- entry->key_data = (krb5_key_data *)
- malloc(entry->n_key_data*sizeof(krb5_key_data));
- if (entry->key_data == NULL) {
- ret = ENOMEM;
- goto done;
- }
- } else
- entry->key_data = NULL;
-
- for (i = 0; i < entry->n_key_data; i++)
- ret = krb5_copy_key_data_contents(handle->context,
- &kdb.key_data[i],
- &entry->key_data[i]);
- if (ret)
- goto done;
- }
- }
+ entry->tl_data = NULL;
- /*
- * If KADM5_API_VERSION_1, we return an allocated structure, and
- * we need to convert the new structure back into the format the
- * caller is expecting.
- */
- if (handle->api_version == KADM5_API_VERSION_1) {
- kadm5_principal_ent_t_v1 newv1;
+ tl = kdb.tl_data;
+ while (tl) {
+ if (tl->tl_data_type > 255) {
+ if ((tl2 = dup_tl_data(tl)) == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+ tl2->tl_data_next = entry->tl_data;
+ entry->tl_data = tl2;
+ entry->n_tl_data++;
+ }
- newv1 = ((kadm5_principal_ent_t_v1) calloc(1, sizeof(*newv1)));
- if (newv1 == NULL) {
- ret = ENOMEM;
- goto done;
- }
+ tl = tl->tl_data_next;
+ }
+ }
+ if (mask & KADM5_KEY_DATA) {
+ entry->n_key_data = kdb.n_key_data;
+ if(entry->n_key_data) {
+ entry->key_data = malloc(entry->n_key_data*sizeof(krb5_key_data));
+ if (entry->key_data == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+ } else
+ entry->key_data = NULL;
- newv1->principal = entry->principal;
- newv1->princ_expire_time = entry->princ_expire_time;
- newv1->last_pwd_change = entry->last_pwd_change;
- newv1->pw_expiration = entry->pw_expiration;
- newv1->max_life = entry->max_life;
- newv1->mod_name = entry->mod_name;
- newv1->mod_date = entry->mod_date;
- newv1->attributes = entry->attributes;
- newv1->kvno = entry->kvno;
- newv1->mkvno = entry->mkvno;
- newv1->policy = entry->policy;
- newv1->aux_attributes = entry->aux_attributes;
-
- *((kadm5_principal_ent_t_v1 *) entry_orig) = newv1;
+ for (i = 0; i < entry->n_key_data; i++)
+ ret = krb5_copy_key_data_contents(handle->context,
+ &kdb.key_data[i],
+ &entry->key_data[i]);
+ if (ret)
+ goto done;
}
ret = KADM5_OK;
@@ -1625,25 +1567,11 @@ kadm5_randkey_principal_3(void *server_handle,
goto done;
if (keyblocks) {
- if (handle->api_version == KADM5_API_VERSION_1) {
- /* Version 1 clients will expect to see a DES_CRC enctype. */
- ret = krb5_dbe_find_enctype(handle->context, &kdb,
- ENCTYPE_DES_CBC_CRC,
- -1, -1, &key_data);
- if (ret)
- goto done;
-
- ret = decrypt_key_data(handle->context, act_mkey, 1, key_data,
- keyblocks, NULL);
- if (ret)
- goto done;
- } else {
- ret = decrypt_key_data(handle->context, act_mkey,
- kdb.n_key_data, kdb.key_data,
- keyblocks, n_keys);
- if (ret)
- goto done;
- }
+ ret = decrypt_key_data(handle->context, act_mkey,
+ kdb.n_key_data, kdb.key_data,
+ keyblocks, n_keys);
+ if (ret)
+ goto done;
}
/* key data changed, let the database provider know */
@@ -2112,23 +2040,11 @@ kadm5_get_principal_keys(void *server_handle /* IN */,
}
}
- if (handle->api_version == KADM5_API_VERSION_1) {
- /* Version 1 clients will expect to see a DES_CRC enctype. */
- if ((ret = krb5_dbe_find_enctype(handle->context, &kdb,
- ENCTYPE_DES_CBC_CRC,
- -1, -1, &key_data)))
- goto done;
-
- if ((ret = decrypt_key_data(handle->context, mkey_ptr, 1, key_data,
- keyblocks, NULL)))
- goto done;
- } else {
- ret = decrypt_key_data(handle->context, mkey_ptr,
- kdb.n_key_data, kdb.key_data,
- keyblocks, n_keys);
- if (ret)
- goto done;
- }
+ ret = decrypt_key_data(handle->context, mkey_ptr,
+ kdb.n_key_data, kdb.key_data,
+ keyblocks, n_keys);
+ if (ret)
+ goto done;
}
ret = KADM5_OK;
diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/unit-test/Makefile.in
index 91729d7..8afe66a 100644
--- a/src/lib/kadm5/unit-test/Makefile.in
+++ b/src/lib/kadm5/unit-test/Makefile.in
@@ -2,7 +2,7 @@ thisconfigdir=../../..
myfulldir=lib/kadm5/unit-test
mydir=lib/kadm5/unit-test
BUILDTOP=$(REL)..$(S)..$(S)..
-DEFINES = -DUSE_KADM5_API_VERSION=1
+DEFINES =
PROG_LIBPATH=-L$(TOPLIBD)
PROG_RPATH=$(KRB5_LIBDIR)
KDB_DEP_LIB=$(DL_LIB) $(THREAD_LINKOPTS)
@@ -55,9 +55,6 @@ server-iter-test: iter-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o server-iter-test iter-test.o \
$(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
-setkey-test.o: $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c
- $(CC) $(ALL_CFLAGS) -UUSE_KADM5_API_VERSION -DUSE_KADM5_API_VERSION=2 -c $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c
-
server-setkey-test: setkey-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o server-setkey-test setkey-test.o \
$(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
diff --git a/src/lib/kadm5/unit-test/README.new-tests b/src/lib/kadm5/unit-test/README.new-tests
deleted file mode 100644
index d63ecc2..0000000
--- a/src/lib/kadm5/unit-test/README.new-tests
+++ /dev/null
@@ -1,12 +0,0 @@
-The deja-gnu unit tests in this directory are arranged as follows:
-
-api.0: original unit tests for the ovsec_kadm_api
-
-api.1: additional tests for ovsec_kadm_api that run after api.0
-
-api.2: Each file whose name is the same as a file in api.0 contains
-all of the same tests, but using the kadm5 with KADM5_API_VERSION_1.
-Each file with a -v2 suffix tests KADM5_API_VERSION_2-specific
-functionality. New tests should be added to the files in this
-directory, not api.0. Tests should be added to the lowest-numbered
-version file they apply to.
diff --git a/src/lib/kadm5/unit-test/api.0/chpass-principal.exp b/src/lib/kadm5/unit-test/api.0/chpass-principal.exp
deleted file mode 100644
index 93869f7..0000000
--- a/src/lib/kadm5/unit-test/api.0/chpass-principal.exp
+++ /dev/null
@@ -1,176 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "chpass-principal 180"
-proc test180 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_chpass_principal $server_handle "%s/a" FoobarBax
- } $test]
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test180 }
-
-test "chpass-principal 180.5"
-proc test1805 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_chpass_principal $server_handle "%s/a" FoobarBax
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test1805 }
-
-#
-# admin with changepw service tickets try to change other principals
-# password, failes with AUTH error
-test "chpass-principal 180.625"
-proc test180625 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_chpass_principal $server_handle "%s/a" password
- } $test] "AUTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test180625 }
-
-test "chpass-principal 180.75"
-proc test18075 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_chpass_principal $server_handle "%s/a" Foobar
- } $test] "AUTH_CHANGEPW"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test18075 }
-
-test "chpass-principal 182"
-proc test182 {} {
- global test
-
- if { ! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_chpass_principal $server_handle kadmin/history password
- } "PROTECT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test182
-
-test "chpass-principal 183"
-proc test183 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if { ! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_chpass_principal null "%s/a" password
- } $test] "BAD_SERVER_HANDLE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test183
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/crte-policy.exp b/src/lib/kadm5/unit-test/api.0/crte-policy.exp
deleted file mode 100644
index e2185c7..0000000
--- a/src/lib/kadm5/unit-test/api.0/crte-policy.exp
+++ /dev/null
@@ -1,956 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-# Description: (1) Fails for mask with undefined bit set.
-# 01/24/94: pshuang: untried.
-test "create-policy 1"
-proc test1 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- 0xF01000
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test1
-
-# Description: (2) Fails if caller connected with CHANGEPW_SERVICE.
-test "create-policy 2"
-proc test2 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy";
- return
- }
-}
-if {$RPC} { test2 }
-
-# Description: (3) Fails for mask without POLICY bit set.
-# 01/24/94: pshuang: untried.
-test "create-policy 3"
-proc test3 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- 0x000000
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3
-
-# Description: (4) Fails for mask with REF_COUNT bit set.
-test "create-policy 4"
-proc test4 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_REF_COUNT}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test4
-
-# Description: (5) Fails for invalid policy name.
-# 01/24/94: pshuang: untried.
-test "create-policy 5"
-proc test5 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/"] \
- {OVSEC_KADM_POLICY}
- } $test] "BAD_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-# Description: (6) Fails for existing policy name.
-test "create-policy 6"
-proc test6 {} {
- global test
-# set prms_id 777
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_policy $server_handle [simple_policy test-pol] \
- {OVSEC_KADM_POLICY}
- } "DUP"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test6
-
-# Description: (7) Fails for null policy name.
-# 01/24/94: pshuang: untried.
-test "create-policy 7"
-proc test7 {} {
- global test
-# set prms_id 1977
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_policy $server_handle [simple_policy null] \
- {OVSEC_KADM_POLICY}
- } "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test7
-
-# Description: (8) Fails for empty-string policy name.
-test "create-policy 8"
-proc test8 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_policy $server_handle [simple_policy ""] \
- {OVSEC_KADM_POLICY}
- } "BAD_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-# Description: (9) Accepts 0 for pw_min_life.
-test "create-policy 9"
-proc test9 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE}
- } $test]]} {
- fail "$test: create failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-# Description: (10) Accepts non-zero for pw_min_life.
-test "create-policy 10"
-proc test10 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 32 0 0 0 0 0 } \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-# Description: (11) Accepts 0 for pw_max_life.
-test "create-policy 11"
-proc test11 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MAX_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-# Description: (12) Accepts non-zero for pw_max_life.
-test "create-policy 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 32 0 0 0 0 } \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MAX_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-# Description: (13) Rejects 0 for pw_min_length.
-test "create-policy 13"
-proc test13 {} {
- global test
- global prompt
-
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH}
- } $test] "BAD_LENGTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-# Description: (14) Accepts non-zero for pw_min_length.
-test "create-policy 14"
-proc test14 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 8 0 0 0 } \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 3\n"
- expect {
- -re "8\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-# Description: (15) Rejects 0 for pw_min_classes.
-test "create-policy 15"
-proc test15 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-# Description: (16) Accepts 1 for pw_min_classes.
-test "create-policy 16"
-proc test16 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 1 0 0 } \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-# Description: (17) Accepts 4 for pw_min_classes.
-test "create-policy 17"
-proc test17 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 5 0 0} \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "5\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-# Description: (18) Rejects 5 for pw_min_classes.
-test "create-policy 18"
-proc test18 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 6 0 0} \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-# Description: (19) Rejects 0 for pw_history_num.
-test "create-policy 19"
-proc test19 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM}
- } $test] "BAD_HISTORY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-# Description: (20) Accepts 1 for pw_history_num.
-test "create-policy 20"
-proc test20 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 1 0} \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-# Description: (21) Accepts 10 for pw_history_num.
-test "create-policy 21"
-proc test21 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 10 0} \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "10\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-# Description: (22) Fails for user with no access bits.
-test "create-policy 22"
-proc test22 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test22
-
-# Description: (23) Fails for user with "get" but not "add".
-test "create-policy 23"
-proc test23 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test23
-
-# Description: (24) Fails for user with "modify" but not "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 24"
-proc test24 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test24
-
-# Description: (25) Fails for user with "delete" but not "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 25"
-proc test25 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test25
-
-# Description: Succeeds for user with "add".
-test "create-policy 26"
-proc test26 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-# Description: Succeeds for user with "get" and "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 27"
-proc test27 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get-add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test27
-
-# Description: (28) Rejects null policy argument.
-# 01/24/94: pshuang: untried.
-test "create-policy 28"
-proc test28 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_policy $server_handle null {OVSEC_KADM_POLICY}
- } "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "create-policy 30"
-proc test30 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_create_policy null [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "BAD_SERVER_HANDLE"
-}
-test30
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/crte-principal.exp b/src/lib/kadm5/unit-test/api.0/crte-principal.exp
deleted file mode 100644
index 676a830..0000000
--- a/src/lib/kadm5/unit-test/api.0/crte-principal.exp
+++ /dev/null
@@ -1,1336 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-#test "create-principal 1"
-#
-#proc test1 {} {
-# global test
-# begin_dump
-# one_line_fail_test [format {
-# ovsec_kadm_create_principal $server_handle \
-# [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a"
-# } $test $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test1
-
-test "create-principal 2"
-
-proc test2 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_principal $server_handle null \
- {OVSEC_KADM_PRINCIPAL} testpass
- } "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test2
-
-test "create-principal 3"
-proc test3 {} {
- global test
-# set prms_id 777
-# setup_xfail {*-*-*} $prms_id
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} null
- } $test] "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test3
-
-test "create-principal 4"
-proc test4 {} {
- global test
-
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} ""
- } $test] "_Q_TOOSHORT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test4
-
-test "create-principal 5"
-proc test5 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [simple_principal "%s/a"] {0x100001} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test5
-
-test "create-principal 6"
-proc test6 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_LAST_PWD_CHANGE} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test6
-
-test "create-principal 7"
-proc test7 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MOD_TIME} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test7
-
-test "create-principal 8"
-proc test8 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MOD_NAME} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test8
-
-test "create-principal 9"
-proc test9 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MKVNO} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test9
-
-test "create-principal 10"
-proc test10 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_AUX_ATTRIBUTES} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test10
-
-test "create-principal 11"
-proc test11 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_POLICY_CLR} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test11
-
-test "create-principal 12"
-proc test12 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-
-}
-if {$RPC} { test12 }
-
-test "create-principal 13"
-proc test13 {} {
- global test
- begin_dump
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test13 }
-
-test "create-principal 14"
-proc test14 {} {
- global test
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test14 }
-
-test "create-principal 15"
-proc test15 {} {
- global test
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test15 }
-
-test "create-principal 16"
-proc test16 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test16 }
-
-test "create-principal 17"
-proc test17 {} {
- global test
-
- begin_dump
- if {! (( [principal_exists "$test/a"]) || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "DUP"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test17
-
-test "create-principal 18"
-proc test18 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} tP
- } $test] "_Q_TOOSHORT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test18
-
-test "create-principal 19"
-proc test19 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} testpassword
- } $test] "_Q_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test19
-
-test "create-principal 20"
-proc test20 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} Abyssinia
- } $test] "_Q_DICT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test20
-
-test "create-principal 21"
-proc test21 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" non-existant-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} NotinTheDictionary
- } $test] "UNK_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test21
-
-test "create-principal 23"
-proc test23 {} {
- global test
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- one_line_succeed_test \
- [format {ovsec_kadm_get_principal $server_handle "%s/a" p} $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test23
-
-test "create-principal 24"
-proc test24 {} {
- global test
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- one_line_succeed_test \
- [format {ovsec_kadm_get_principal $server_handle "%s/a" p} $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test24 }
-
-
-test "create-principal 28"
-proc test28 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "create-principal 29"
-proc test29 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PRINC_EXPIRE_TIME} \
- inTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 1\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test29
-
-test "create-principal 30"
-proc test30 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "create-principal 31"
-proc test31 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol-nopw] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "create-principal 32"
-proc test32 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
-
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 0 } {
- fail "$test: pw_expire $pw_expire should be 0"
- return
- } else {
- pass "$test"
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-perror"$test: unexpected failure in destroy"
- return
- }
-}
-test32
-
-test "create-principal 33"
-proc test33 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
-perror"$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- {"%s/a" 0 0 1234 0 null 0 0 0 0 null 0} \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test33
-
-test "create-principal 34"
-proc test34 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- { "%s/a" 0 0 1234 0 null 0 0 0 0 test-pol-nopw 0} \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test34
-
-test "create-principal 35"
-proc test35 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- {"%s/a" 0 0 1234 0 null 0 0 0 0 test-pol 0} \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test35
-
-test "create-principal 36"
-proc test36 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- {"%s/a" 0 0 999999999 0 null 0 0 0 0 test-pol 0} \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy} ]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
-
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 999999999 } {
- fail "$test: pw_expire $pw_expire should be 999999999"
- return
- } else {
- pass "$test"
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-perror"$test: unexpected failure in destroy"
- return
- }
-}
-test36
-
-test "create-principal 37"
-proc test37 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test37
-
-test "create-principal 38"
-proc test38 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \
- test-pol-nopw] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test38
-
-test "create-principal 39"
-proc test39 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if { ! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: cannot not retrieve principal"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { [expr "$mod_date + $pw_max_life - $pw_expire"] > 5 } {
- fail "$test: pw_expire is wrong"
- return
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-perror"$test: unexpected failure in destroy"
- return
- }
-}
-test39
-
-test "create-principal 40"
-proc test40 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
-perror"$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 4\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test40
-
-test "create-principal 43"
-proc test43 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_create_principal null \
- [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a"
- } $test $test] "BAD_SERVER_HANDLE"
-}
-test43
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/destroy.exp b/src/lib/kadm5/unit-test/api.0/destroy.exp
deleted file mode 100644
index 0f10399..0000000
--- a/src/lib/kadm5/unit-test/api.0/destroy.exp
+++ /dev/null
@@ -1,203 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "destroy 1"
-
-proc test1 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_destroy $server_handle}
- end_dump_compare "no-diffs"
-}
-test1
-
-#test "destroy 2"
-#
-#proc test2 {} {
-# global test
-# begin_dump
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test \
-# {ovsec_kadm_get_principal $server_handle admin principal} \
-# "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test2
-
-#test "destroy 3"
-#proc test3 {} {
-# global test
-#
-# begin_dump
-# if {! (( ! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} {
-# error_and_restart "$test couldn't delete principal \"$test/a\""
-# return
-# }
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# ovsec_kadm_create_principal $server_handle \
-# [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a"
-# } $test $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test3
-
-#test "destroy 4"
-#proc test4 {} {
-# global test prompt
-#
-# if {! (([principal_exists "$test/a"]) || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! ([cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }] &&
-# [cmd [format {
-# ovsec_kadm_get_principal $server_handle "%s/a" principal
-# } $test]])} {
-# error_and_restart "$test: error getting principal"
-# return;
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# ovsec_kadm_modify_principal $server_handle \
-# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {OVSEC_KADM_KVNO}
-# } $test "77"] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test4
-
-#test "destroy 5"
-#
-#proc test5 {} {
-# global test
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# ovsec_kadm_delete_principal $server_handle "%s/a"
-# } $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test5
-
-#test "destroy 6"
-#
-#proc test6 {} {
-# global test
-# begin_dump
-# one_line_fail_test {ovsec_kadm_destroy $server_handle} "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test6
-
-
-#test "destroy 7"
-#
-#proc test7 {} {
-# global test
-# begin_dump
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure in init"
-# return
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# }
-# one_line_fail_test {ovsec_kadm_destroy $server_handle} "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test7
-
-test "destroy 8"
-proc test8 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
- end_dump_compare "no-diffs"
-}
-test8
-
-test "destroy 9"
-proc test9 {} {
- global test
- one_line_fail_test {ovsec_kadm_destroy null} "BAD_SERVER_HANDLE"
-}
-test9
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/dlte-policy.exp b/src/lib/kadm5/unit-test/api.0/dlte-policy.exp
deleted file mode 100644
index cd82738..0000000
--- a/src/lib/kadm5/unit-test/api.0/dlte-policy.exp
+++ /dev/null
@@ -1,207 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "delete-policy 2"
-proc test2 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {ovsec_kadm_delete_policy $server_handle ""} "BAD_POL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "delete-policy 5"
-proc test5 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} test5
-
-test "delete-policy 6"
-proc test6 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} test6
-
-test "delete-policy 7"
-proc test7 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test7
-
-test "delete-policy 10"
-proc test10 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_delete_policy $server_handle "%s/a"
- } $test]]} {
- fail "$test"
- return
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if { [policy_exists "$test/a"]} {
- fail "$test"
- return
- }
-}
-test10
-
-test "delete-policy 12"
-proc test12 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test unexecpted failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \
- "%s/a"] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \
- NotinTheDictionary
- } $test $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {ovsec_kadm_delete_policy $server_handle test-pol} "POLICY_REF"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "delete-policy 13"
-proc test13 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_policy null "%s/a"
- } $test] "BAD_SERVER_HANDLE"
-}
-test13
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/dlte-principal.exp b/src/lib/kadm5/unit-test/api.0/dlte-principal.exp
deleted file mode 100644
index 5c617fb..0000000
--- a/src/lib/kadm5/unit-test/api.0/dlte-principal.exp
+++ /dev/null
@@ -1,329 +0,0 @@
-load_lib lib.t
-
-api_exit
-api_start
-
-#test "delete-principal 1"
-#proc test1 {} {
-# global test
-# one_line_fail_test [format {
-# ovsec_kadm_delete_principal $server_handle "%s/a"
-# } $test] "NOT_INIT"
-#}
-#test1
-
-test "delete-principal 2"
-proc test2 {} {
- global test
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {ovsec_kadm_delete_principal $server_handle null} "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "delete-principal 5"
-proc test5 {} {
- global test
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "UNK_PRINC"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-test "delete-principal 6"
-proc test6 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" test-pol])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test6 }
-
-
-test "delete-principal 7"
-proc test7 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test7 }
-
-
-test "delete-principal 8"
-proc test8 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test8 }
-
-test "delete-principal 9"
-proc test9 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test9 }
-
-test "delete-principal 10"
-proc test10 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test10 }
-
-test "delete-principal 11"
-proc test11 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test]]} {
- fail "$test: delete failed"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if { [principal_exists "$test/a"] } {
- fail "$test"
- return
- }
-}
-test11
-
-test "delete-principal 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" test-pol])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test]]} {
- fail "$test: delete failed"
- return
- }
- if { [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test]]} {
- fail "$test: principal still exists"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- send "lindex \$p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- send "lindex \$p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$oldref - 1"] != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- pass "$test"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-
-test12
-
-test "delete-principal 13"
-proc test13 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_delete_principal null "%s/a"
- } $test] "BAD_SERVER_HANDLE"
-}
-test13
-
-return ""
-
-
-
-
-
diff --git a/src/lib/kadm5/unit-test/api.0/get-policy.exp b/src/lib/kadm5/unit-test/api.0/get-policy.exp
deleted file mode 100644
index 7b01814..0000000
--- a/src/lib/kadm5/unit-test/api.0/get-policy.exp
+++ /dev/null
@@ -1,199 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "get-policy 3"
-proc test3 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {ovsec_kadm_get_policy $server_handle "" p} "BAD_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3
-
-test "get-policy 6"
-proc test6 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test6
-
-test "get-policy 7"
-proc test7 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test7
-
-test "get-policy 11"
-proc test11 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/get-pol StupidAdmin $OVSEC_KADM_ADMIN_SERVICE \
- null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_policy $server_handle test-pol p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "get-policy 12"
-proc test12 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/get-pol StupidAdmin \
- $OVSEC_KADM_CHANGEPW_SERVICE null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "get-policy 15"
-proc test15 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/pol StupidAdmin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "get-policy 16"
-proc test16 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/pol StupidAdmin $OVSEC_KADM_CHANGEPW_SERVICE \
- null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-test "get-policy 17"
-proc test17 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_policy $server_handle test-pol p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "get-policy 18"
-proc test18 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test18
-
-test "get-policy 21"
-proc test21 {} {
- global test
-
- one_line_fail_test {ovsec_kadm_get_policy null "pol1" p} "BAD_SERVER_HANDLE"
-}
-test21
diff --git a/src/lib/kadm5/unit-test/api.0/get-principal.exp b/src/lib/kadm5/unit-test/api.0/get-principal.exp
deleted file mode 100644
index cf055f7..0000000
--- a/src/lib/kadm5/unit-test/api.0/get-principal.exp
+++ /dev/null
@@ -1,346 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "get-principal 1"
-proc test1 {} {
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {ovsec_kadm_get_principal $server_handle null p} "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test1
-
-test "get-principal 2"
-proc test2 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "UNK_PRINC"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "get-principal 3"
-proc test3 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test3 }
-
-test "get-principal 4"
-proc test4 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test4 }
-
-test "get-principal 5"
-proc test5 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test5 }
-
-test "get-principal 6"
-proc test6 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test6 }
-
-test "get-principal 7"
-proc test7 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test7 }
-
-
-test "get-principal 8"
-proc test8 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test8 }
-
-
-test "get-principal 9"
-proc test9 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_principal $server_handle admin/none p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "get-principal 10"
-proc test10 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_principal $server_handle admin/none p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-test "get-principal 11"
-proc test11 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/get p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "get-principal 12"
-proc test12 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/get p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "get-principal 13"
-proc test13 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/add p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "get-principal 14"
-proc test14 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/get-mod admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/add p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "get-principal 15"
-proc test15 {} {
- one_line_fail_test \
- {ovsec_kadm_get_principal null "admin" p} "BAD_SERVER_HANDLE"
-}
-test15
-
-return ""
-
-
-
-
diff --git a/src/lib/kadm5/unit-test/api.0/init.exp b/src/lib/kadm5/unit-test/api.0/init.exp
deleted file mode 100644
index d39ecce..0000000
--- a/src/lib/kadm5/unit-test/api.0/init.exp
+++ /dev/null
@@ -1,728 +0,0 @@
-load_lib lib.t
-
-# Assumptions:
-#
-# Principal "admin" exists, with "get", "add", "modify" and "delete"
-# access bits and password "admin".
-# The string "not-the-password" isn't the password of any user in the database.
-# Database master password is "mrroot".
-
-api_exit
-api_start
-test "init 1"
-
-one_line_fail_test_nochk \
- {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE "" \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle}
-
-test "init 2"
-
-one_line_fail_test_nochk \
- {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE @ \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle}
-
-test "init 2.5"
-
-one_line_fail_test_nochk \
- {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE BAD.REALM \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle}
-
-test "init 3"
-
-proc test3 {} {
- global test
- if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- one_line_fail_test_nochk [format {
- ovsec_kadm_init admin admin "%s/a" null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- } $test]
-}
-if {$RPC} { test3 }
-
-test "init 4"
-
-proc test4 {} {
- global test
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- one_line_fail_test_nochk [format {
- ovsec_kadm_init admin admin "%s/a" null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test]
-}
-if {$RPC} { test4 }
-
-test "init 5"
-
-if {$RPC} {
- one_line_fail_test_nochk {
- ovsec_kadm_init admin admin admin null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }
-}
-
-test "init 6"
-
-proc test6 {} {
- global test
-
- send "ovsec_kadm_init admin null \$OVSEC_KADM_ADMIN_SERVICE null \$OVSEC_KADM_STRUCT_VERSION \$OVSEC_KADM_API_VERSION_1 server_handle\n"
-
- expect {
- -re "assword\[^\r\n\]*: *" { }
- eof {
- fail "$test: eof instead of password prompt"
- api_exit
- api_start
- return
- }
- timeout {
- fail "$test: timeout instead of password prompt"
- return
- }
- }
- one_line_succeed_test "admin"
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if { $RPC } { test6 }
-
-test "init 7"
-proc test7 {} {
- global test
-
- send "ovsec_kadm_init admin \"\" \$OVSEC_KADM_ADMIN_SERVICE null \$OVSEC_KADM_STRUCT_VERSION \$OVSEC_KADM_API_VERSION_1 server_handle\n"
-
- expect {
- -re "assword\[^\r\n\]*: *" { }
- -re "\n\[^\n\]+key:\[^\n\]*$" { }
- eof {
- fail "$test: eof instead of password prompt"
- api_exit
- api_start
- return
- }
- timeout {
- fail "$test: timeout instead of password prompt"
- return
- }
- }
- one_line_succeed_test "admin"
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if { $RPC } { test7 }
-
-test "init 8"
-
-proc test8 {} {
- global test
- if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- one_line_fail_test_nochk [format {
- ovsec_kadm_init "%s/a" admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test]
-}
-if {$RPC} { test8 }
-
-test "init 9"
-
-if {$RPC} {
- global test
- one_line_fail_test_nochk {
- ovsec_kadm_init admin not-the-password $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
-}
-
-test "init 10"
-
-proc test10 {} {
- global test
-# set prms_id 562
-# setup_xfail {*-*-*} $prms_id
- one_line_fail_test_nochk {
- ovsec_kadm_init null admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
-}
-test10
-
-#test "init 11"
-#
-#proc test11 {} {
-# global test
-# set prms_id 563
-# setup_xfail {*-*-*} $prms_id
-# one_line_fail_test_nochk {
-# ovsec_kadm_init "" admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }
-#}
-#test11
-
-test "init 12"
-
-proc test12 {} {
- global test
- one_line_fail_test_nochk [format {
- ovsec_kadm_init "%s/a" admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test]
-}
-if {$RPC} { test12 }
-
-test "init 13"
-
-proc test13 {} {
- global test
- one_line_fail_test_nochk [format {
- ovsec_kadm_init "%s/a@SECURE-TEST.OV.COM" admin \
- $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- } $test]
-}
-if {$RPC} { test13 }
-
-test "init 14"
-
-proc test14 {} {
- global test
- one_line_fail_test_nochk [format {
- ovsec_kadm_init "%s/a@BAD.REALM" admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test]
-}
-if {$RPC} { test14 }
-
-test "init 15"
-
-if {$RPC} {
- one_line_fail_test_nochk {
- ovsec_kadm_init admin@BAD.REALM admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
-}
-
-test "init 16"
-
-proc test16 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test16
-
-test "init 17"
-
-proc test17 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin@SECURE-TEST.OV.COM admin \
- $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test17
-
-test "init 18"
-
-proc test18 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test18
-
-test "init 19"
-
-proc test19 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin@SECURE-TEST.OV.COM admin \
- $OVSEC_KADM_ADMIN_SERVICE SECURE-TEST.OV.COM \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test19
-
-test "init 20"
-
-proc test20 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- error_and_restart "$test: couldn't init database"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_principal $server_handle admin principal}
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test20
-
-#test "init 21"
-#
-#proc test21 {} {
-# global test
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# error_and_restart "$test: couldn't init database"
-# return
-# }
-# one_line_fail_test_nochk {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# }
-#}
-#test21
-
-
-proc test22 {} {
- global test prompt
- set prompting 0
- send [string trim {
- ovsec_kadm_init admin null null null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }]
- send "\n"
- expect {
- -re "\n\[^\n\]+:\[^\n\]*$" { set prompting 1}
- -re "\nOK .*$prompt$" { fail "$test: premature success" }
- -re "\nERROR .*$prompt$" { fail "$test: premature failure" }
- timeout { fail "$test: timeout" }
- eof { fail "$test: eof" }
- }
- if {$prompting} {
- one_line_succeed_test mrroot
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test22 }
-
-test "init 22.5"
-proc test225 {} {
- global test prompt
- set prompting 0
- send [string trim {
- ovsec_kadm_init admin null null null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }]
- send "\n"
- expect {
- -re "\n\[^\n\]+:\[^\n\]*$" { set prompting 1}
- -re "\nOK .*$prompt$" { fail "$test: premature success" }
- -re "\nERROR .*$prompt$" { fail "$test: premature failure" }
- timeout { fail "$test: timeout" }
- eof { fail "$test: eof" }
- }
- if {$prompting} {
- one_line_succeed_test mrroot
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test225 }
-
-test "init 23"
-
-proc test23 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin not-the-password $OVSEC_KADM_ADMIN_SERVICE \
- null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test23 }
-
-test "init 24"
-
-proc test24 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin null null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test24 }
-
-test "init 25"
-
-proc test25 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin foobar null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test25 }
-
-test "init 26"
-
-#proc test26 {} {
-# global test
-#
-# api_exit
-# api_start
-# one_line_fail_test_nochk {
-# ovsec_kadm_get_principal $server_handle admin principal
-# }
-#}
-#test26
-
-#test "init 27"
-#
-#proc test27 {} {
-# global test
-#
-# if {! ((! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} {
-# error_and_restart "$test: couldn't delete principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {[cmd [format {
-# ovsec_kadm_create_principal $server_handle [simple_principal \
-# "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a"
-# } $test $test]]} {
-# fail "$test: unexpected success in add"
-# return
-# }
-# end_dump_compare "no-diffs"
-#}
-#test27
-
-#test "init 28"
-#
-#proc test28 {} {
-# global test prompt
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! ([cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }] && [cmd [format {
-# ovsec_kadm_get_principal $server_handle "%s/a" principal
-# } $test]])} {
-# error_and_restart "$test: error getting principal"
-# return;
-# }
-# send "lindex \$principal 8\n"
-# expect {
-# -re "\n(\[0-9\]+).*$prompt$" {set kvno $expect_out(1,string) }
-# timeout {
-# error_and_restart "$test: timeout getting principal kvno"
-# return
-# }
-# eof {
-# error_and_restart "$test: eof getting principal kvno"
-# return
-# }
-# }
-# api_exit
-# api_start
-# set new_kvno [expr "$kvno + 1"]
-# if {[cmd [format {
-# ovsec_kadm_modify_principal $server_handle \
-# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {OVSEC_KADM_KVNO}
-# } $test $new_kvno]]} {
-# fail "$test: unexpected success in modify"
-# return;
-# }
-# end_dump_compare "no-diffs"
-#}
-#test28
-
-#test "init 29"
-#
-#proc test29 {} {
-# global test
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {[cmd [format {
-# ovsec_kadm_delete_principal $server_handle "%s/a"
-# } $test]]} {
-# fail "$test: unexpected success in delete"
-# return
-# }
-# end_dump_compare "no-diffs"
-#}
-#test29
-
-test "init 30"
-proc test30 {} {
- global test
- if {[cmd {
- ovsec_kadm_init admin foobar $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- error_and_restart "$test: unexpected success"
- return
- }
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if ${RPC} { test30 }
-
-test "init 31"
-proc test31 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $bad_struct_version_mask $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } "BAD_STRUCT_VERSION"
-}
-test31
-
-test "init 32"
-proc test32 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $no_struct_version_mask $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } "BAD_STRUCT_VERSION"
-}
-test32
-
-test "init 33"
-proc test33 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $old_struct_version $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } "OLD_STRUCT_VERSION"
-}
-test33
-
-test "init 34"
-proc test34 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $new_struct_version $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } "NEW_STRUCT_VERSION"
-}
-test34
-
-test "init 35"
-proc test35 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $bad_api_version_mask \
- server_handle
- } "BAD_API_VERSION"
-}
-test35
-
-test "init 36"
-proc test36 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $no_api_version_mask \
- server_handle
- } "BAD_API_VERSION"
-}
-test36
-
-test "init 37"
-proc test37 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $old_api_version \
- server_handle
- } "OLD_LIB_API_VERSION"
-}
-if { $RPC } test37
-
-test "init 38"
-proc test38 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $old_api_version \
- server_handle
- } "OLD_SERVER_API_VERSION"
-}
-if { ! $RPC } test38
-
-test "init 39"
-proc test39 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $new_api_version \
- server_handle
- } "NEW_LIB_API_VERSION"
-}
-if { $RPC } test39
-
-test "init 40"
-proc test40 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $new_api_version \
- server_handle
- } "NEW_SERVER_API_VERSION"
-}
-if { ! $RPC } test40
-
-test "init 41"
-proc test41 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_API_VERSION_1 $OVSEC_KADM_STRUCT_VERSION \
- server_handle
- } "BAD_"
-}
-test41
-
-test "init 42"
-proc test42 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test42
-
-
-proc test45_46 {service} {
- global test kadmin_local env
-
- spawn $kadmin_local -q "delprinc -force $service"
- expect {
- -re "Principal .* deleted." {}
- default {
- perror "kadmin.local delprinc failed\n";
- }
- }
- expect eof
- wait
-
- one_line_fail_test [concat {ovsec_kadm_init admin admin } \
- $service \
- { null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle}] "SECURE_PRINC_MISSING"
-
- # this leaves the keytab with an incorrect entry
- spawn $kadmin_local -q "ank -randkey $service"
- expect eof
- wait
-
- # restart the api so it gets a new ccache
- api_exit
- api_start
-}
-
-if {$RPC} {
- test "init 45"
-
- test45_46 ovsec_adm/admin
-
- test "init 46"
-
- test45_46 ovsec_adm/changepw
-
- # re-extract the keytab so it is right
- exec rm $env(K5ROOT)/ovsec_adm.srvtab
- exec $env(MAKE_KEYTAB) -princ ovsec_adm/admin -princ ovsec_adm/changepw \
- -princ kadmin/admin -princ kadmin/changepw \
- $env(K5ROOT)/ovsec_adm.srvtab
-}
-
-return ""
-
diff --git a/src/lib/kadm5/unit-test/api.0/mod-policy.exp b/src/lib/kadm5/unit-test/api.0/mod-policy.exp
deleted file mode 100644
index ec55999..0000000
--- a/src/lib/kadm5/unit-test/api.0/mod-policy.exp
+++ /dev/null
@@ -1,703 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "modify-policy 2"
-proc test2 {} {
- global test
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2 }
-
-test "modify-policy 4"
-proc test4 {} {
- global test
-
- if {! ([policy_exists "$test/a"] ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_REF_COUNT}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test4
-
-test "modify-policy 8"
-proc test8 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_modify_policy $server_handle [simple_policy ""] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } "BAD_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-test "modify-policy 9"
-proc test9 {} {
- global test
- global prompt
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MIN_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "modify-policy 10"
-proc test10 {} {
- global test
- global prompt
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 32 0 0 0 0 0} \
- {OVSEC_KADM_PW_MIN_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-
-test "modify-policy 11"
-proc test11 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "modify-policy 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 32 0 0 0 0} \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "modify-policy 13"
-proc test13 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MIN_LENGTH}
- } $test] "BAD_LENGTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "modify-policy 14"
-proc test14 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 8 0 0 0} \
- {OVSEC_KADM_PW_MIN_LENGTH}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 3\n"
- expect {
- -re "8\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "modify-policy 15"
-proc test15 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "modify-policy 16"
-proc test16 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0} \
- {OVSEC_KADM_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-test "modify-policy 17"
-proc test17 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 5 0 0} \
- {OVSEC_KADM_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "5\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "modify-policy 18"
-proc test18 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 6 0 0} \
- {OVSEC_KADM_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-test "modify-policy 19"
-proc test19 {} {
- global test
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_HISTORY_NUM}
- } $test] "BAD_HISTORY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-test "modify-policy 20"
-proc test20 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 0 1 0} \
- {OVSEC_KADM_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-test "modify-policy 21"
-proc test21 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 0 10 0} \
- {OVSEC_KADM_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "10\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-test "modify-policy 22"
-proc test22 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test22
-
-test "modify-policy 23"
-proc test23 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test23
-
-test "modify-policy 26"
-proc test26 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-test "modify-policy 30"
-proc test30 {} {
- global test
-
- one_line_fail_test [format {
- ovsec_kadm_modify_policy null [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test] "BAD_SERVER_HANDLE"
-}
-test30
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/mod-principal.exp b/src/lib/kadm5/unit-test/api.0/mod-principal.exp
deleted file mode 100644
index 2d68a19..0000000
--- a/src/lib/kadm5/unit-test/api.0/mod-principal.exp
+++ /dev/null
@@ -1,1943 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-#test "modify-principal 1"
-#proc test1 {} {
-# global test
-# one_line_fail_test [format {
-# ovsec_kadm_modify_principal $server_handle [simple_principal \
-# "%s/a"] {OVSEC_KADM_PW_EXPIRATION}
-# } $test] "NOT_INIT"
-#}
-#test1
-
-test "modify-principal 2"
-proc test2 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2 }
-
-test "modify-principal 4"
-proc test4 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test4
-
-
-test "modify-principal 5"
-proc test5 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_LAST_PWD_CHANGE}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-test "modify-principal 6"
-proc test6 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MOD_TIME}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test6
-
-test "modify-principal 7"
-proc test7 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MOD_NAME}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test7
-
-test "modify-principal 8"
-proc test8 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MKVNO}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-test "modify-principal 9"
-proc test9 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_AUX_ATTRIBUTES}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "modify-principal 10"
-proc test10 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "UNK_PRINC"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-test "modify-principal 11"
-proc test11 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test11 }
-
-test "modify-principal 12"
-proc test12 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test12 }
-
-test "modify-principal 13"
-proc test13 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test13 }
-
-test "modify-principal 14"
-proc test14 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test14 }
-
-test "modify-principal 15"
-proc test15 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "modify-principal 17"
-proc test17 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- no-policy] {OVSEC_KADM_POLICY}
- } $test] "UNK_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "modify-principal 18"
-proc test18 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal "$test/a"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- send "lindex \$p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$oldref + 1"] != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-test "modify-principal 19"
-proc test19 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal "$test/a"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- send "lindex \$p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$oldref + 1"] != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-test "modify-principal 20"
-proc test20 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_POLICY_CLR}
- } $test]]} {
- perror "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { fail "$test" }
- -re "null\n$prompt$" { pass "$test" }
- timeout { pass "$test" }
- }
- send "lindex \$p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$oldref - 1"] != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-test "modify-principal 21"
-proc test21 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw old_p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol-nopw] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$old_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- send "lindex \$old_p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set old_p2_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw new_p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$new_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- send "lindex \$new_p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set new_p2_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$old_p1_ref - 1"] != $new_p1_ref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { [expr "$old_p2_ref + 1"] != $new_p2_ref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-test "modify-principal 21.5"
-proc test21.5 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$old_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$new_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- if {$old_p1_ref != $new_p1_ref} {
- fail "$test: policy reference count changed ($old_p1_ref to $new_p1_ref)"
- return
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21.5
-
-test "modify-principal 22"
-proc test22 {} {
- global test
- global prompt
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modifiy failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test22
-
-test "modify-principal 23"
-proc test23 {} {
- global test
- global prompt
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" test-pol-nopw])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modifiy failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test23
-
-test "modify-principal 24"
-proc test24 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- error_and_restart "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: could not modify principal"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_get_policy $server_handle %s policy
- } test-pol]]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 0 } {
- fail "$test: pw_expire $pw_expire should be 0"
- return
- } else {
- pass "$test"
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test24
-
-test "modify-principal 25"
-proc test25 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test25
-
-test "modify-principal 26"
-proc test26 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol-nopw" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-test "modify-principal 27"
-proc test27 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test27
-
-test "modify-principal 28"
-proc test28 {} {
- global test
- global prompt
-# set prms_id 1358
-# setup_xfail {*-*-*} $prms_id
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 999999999 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 999999999 } {
- fail "$test: pw_expire $pw_expire should be 999999999"
- return
- }
- pass "$test"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "modify-principal 29"
-proc test29 {} {
- global test
- global prompt
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { ! ([create_principal_pol "$test/a" test-pol])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_POLICY_CLR}
- } $test]]} {
- fail "$test: modifiy failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test29
-
-test "modify-principal 30"
-proc test30 {} {
- global test
- global prompt
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal_pol "$test/a" test-pol])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol-nopw] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "modify-principal 31"
-proc test31 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { [expr "$pw_mod_date + $pw_max_life"] != $pw_expire } {
- fail "$test: pw_expire is wrong"
- return
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "modify-principal 32"
-proc test32 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 1234 0 0 0 0 0 0 0 0 0 0} \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 1\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test32
-
-test "modify-principal 33"
-proc test33 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_ALL_TIX 0 0 0 0} \
- {OVSEC_KADM_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_DISALLOW_ALL_TIX.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test33
-
-test "modify-principal 33.25"
-proc test3325 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_REQUIRES_PWCHANGE 0 0 0 0} \
- {OVSEC_KADM_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_REQUIRES_PWCHANGE.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3325
-
-test "modify-principal 33.5"
-proc test335 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_TGT_BASED 0 0 0 0} \
- {OVSEC_KADM_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_DISALLOW_TGT_BASED.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test335
-
-
-test "modify-principal 34"
-proc test34 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 3456 0 0 0 0 0 0 0} {OVSEC_KADM_MAX_LIFE}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 4\n"
- expect {
- -re "3456\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test34
-
-test "modify-principal 35"
-proc test35 {} {
- global prompt
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 0 7 0 0 0} {OVSEC_KADM_KVNO}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 8\n"
- expect {
- -re "7\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test35
-
-test "modify-principal 36"
-proc test36 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- send "lindex \$pol 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- send "lindex \$pol2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { $oldref != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test36
-
-test "modify-principal 37"
-proc test37 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal "$test/a"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_POLICY_CLR}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test37
-
-test "modify-principal 38"
-proc test38 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test38
-
-test "modify-principal 39"
-proc test39 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MAX_LIFE}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 4\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test39
-
-test "modify-principal 40"
-proc test40 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_modify_principal $server_handle null \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test40
-
-test "modify-principal 43"
-proc test43 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_modify_principal null [simple_principal \
- "%s/a"] {OVSEC_KADM_PW_EXPIRATION}
- } $test] "BAD_SERVER_HANDLE"
-}
-test43
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/randkey-principal.exp b/src/lib/kadm5/unit-test/api.0/randkey-principal.exp
deleted file mode 100644
index c967001..0000000
--- a/src/lib/kadm5/unit-test/api.0/randkey-principal.exp
+++ /dev/null
@@ -1,319 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "randkey-principal 1"
-proc test1 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test] "PASS_TOOSOON"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test1 }
-
-test "randkey-principal 3"
-proc test3 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test] "PASS_TOOSOON"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} { test3 }
-
-test "randkey-principal 13"
-proc test13 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- once-a-min] OVSEC_KADM_POLICY
- } $test]]} {
- perror "$test: failed modify"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "randkey-principal 15"
-proc test15 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test] "AUTH_CHANGEPW"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test15 }
-
-test "randkey-principal 28"
-proc test28 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "randkey-principal 28.25"
-proc test2825 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test] "AUTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2825 }
-
-test "randkey-principal 28.5"
-proc test285 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test285
-
-test "randkey-principal 30"
-proc test30 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [create_principal "$test/a"]} {
- error_and_restart "$test: creating principal"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "randkey-principal 31"
-proc test31 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal "$test/a"]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "randkey-principal 32"
-proc test32 {} {
- global test
-
- if { ! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_randkey_principal $server_handle kadmin/history key
- } "PROTECT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test32
-
-test "randkey-principal 33"
-proc test33 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if { ! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal null "%s/a" key
- } $test] "BAD_SERVER_HANDLE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-
-test33
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/rename-principal.exp b/src/lib/kadm5/unit-test/api.0/rename-principal.exp
deleted file mode 100644
index d5f012f..0000000
--- a/src/lib/kadm5/unit-test/api.0/rename-principal.exp
+++ /dev/null
@@ -1,509 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-#test "rename-principal 1"
-#proc test1 {} {
-# global test
-# one_line_fail_test [format {
-# ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
-# } $test $test] "NOT_INIT"
-#}
-#test1
-
-test "rename-principal 2"
-proc test2 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "INSUFFICIENT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-
-}
-if {$RPC} { test2 }
-
-test "rename-principal 3"
-proc test3 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_INSUFFICIENT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test3 }
-
-test "rename-principal 4"
-proc test4 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_INSUFFICIENT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test4 }
-
-test "rename-principal 5"
-proc test5 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_INSUFFICIENT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test5 }
-
-test "rename-principal 6"
-proc test6 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/mod-add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test6 }
-
-test "rename-principal 7"
-proc test7 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/mod-delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test7 }
-
-test "rename-principal 8"
-proc test8 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get-add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test8 }
-
-test "rename-principal 9"
-proc test9 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get-delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test9 }
-
-test "rename-principal 10"
-proc test10 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/no-delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test10 }
-
-test "rename-principal 11"
-proc test11 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/no-add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test11 }
-
-test "rename-principal 12"
-proc test12 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test12 }
-
-
-test "rename-principal 13"
-proc test13 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test13 }
-
-test "rename-principal 14"
-proc test14 {} {
- global test
-
- if {[principal_exists "$test/a"]} {
- delete_principal "$test/a"
- }
-
- if {[create_principal_with_keysalts "$test/a" "des-cbc-crc:v4"]} {
- error_and_restart "$test: couldn't create no-salt principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "rename-principal 15"
-proc test15 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( [principal_exists "$test/b"]) ||
- [create_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "DUP"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "rename-principal 16"
-proc test16 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_rename_principal null "%s/a" "%s/b"
- } $test $test] "BAD_SERVER_HANDLE"
-}
-test16
-
-test "rename-principal 18"
-proc test18 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "NO_RENAME_SALT"
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.1/lock.exp b/src/lib/kadm5/unit-test/api.1/lock.exp
deleted file mode 100644
index 02df75b..0000000
--- a/src/lib/kadm5/unit-test/api.1/lock.exp
+++ /dev/null
@@ -1,287 +0,0 @@
-# This is in api.1 so that it happens after all the tests in api.0.
-# If some API function does not unlock the database then the server
-# (whichs runs through all api tests) will still have it locked, and
-# these tests will fail.
-
-load_lib lib.t
-
-api_exit
-
-if { $RPC } {
- return
-}
-
-send_user "UNTESTED: lock: DAL changes broke locking code (see MIT RT ticket 3201)\n"
-untested "lock: DAL changes broke locking code (see MIT RT ticket 3201)"
-return
-
-set locktest $LOCKTEST
-set lockfile $env(K5ROOT)/kdb5.kadm5.lock
-
-# The lock tests use the program lock-test in the unit test
-# directory. The basic idea is that lock-test can be told to acquire
-# various kinds of locks and then wait for input before proceeding;
-# this is necessary because otherwise we'd have no way to test locking
-# interactions without a race condition.
-#
-# lock_test_start and lock_test_continue work together to give a crude
-# form of continuations. lock_test_continue expects a list of
-# commands for lock-test (passed on the command line) and responses
-# (read from stdout). When it gets to a command of "wait",
-# lock_test_continue returns, and its return value is a list of the
-# arguments that it should be passed to continue processing that
-# particular list of commands for that particular lock-test after
-# whatever that requried lock-test to wait has been completed.
-#
-# lock_test is simply a wrapper for tests that do not involve wait.
-
-proc lock_test_setup {test cmds} {
- global locktest spawn_id
-
- verbose "test $test"
-
- set cmdline ""
- foreach cmdpair $cmds {
- if {[lindex $cmdpair 0] == "eof"} {
- break
- }
- set cmdline "$cmdline [lindex $cmdpair 0]"
- }
-
- verbose "spawning $locktest $cmdline"
- eval "spawn $locktest $cmdline"
-}
-
-proc lock_test {test cmds} {
- global spawn_id
-
- lock_test_setup $test $cmds
- set lockany [lock_test_continue $test $spawn_id 0 "" 0 $cmds]
- while {$lockany != {}} {
- set lockany [eval lock_test_continue $lockany]
- }
-}
-
-proc lock_test_start {test cmds} {
- global spawn_id
-
- lock_test_setup $test $cmds
- return [lock_test_continue $test $spawn_id 0 "" 0 $cmds]
-}
-
-proc lock_test_continue {test my_spawn_id test_failed fail_output cont cmds} {
- global wait_error_index wait_errno_index wait_status_index
- global spawn_id
-
- set spawn_id $my_spawn_id
-
- if {$cont == 1} {
- send -i $spawn_id "\n"
- }
-
- while {[llength $cmds] > 0} {
- set cmdpair [lindex $cmds 0]
- set cmds [lrange $cmds 1 end]
- set cmd [lindex $cmdpair 0]
- set output [lindex $cmdpair 1]
-
- verbose "test $test: command: $cmd"
-
- if {$cmd == "wait"} {
- # ah, for continuations...
- return [list $test $spawn_id $test_failed $fail_output 1 $cmds]
- }
- if {$cmd == "eof"} {
- set status $output
- set output "doesnotmatchanything"
- }
-
- expect {
- -i $spawn_id
- -re "$output" { verbose "test $test: read: $output" }
- timeout {
- set test_failed 1
- set fail_output "timeout while waiting for $output"
- }
- eof {
- if {$cmd != "eof"} {
- set test_failed 1
- set fail_output "eof while waiting for $output"
- }
- }
- }
-
- if {$test_failed == 1} { break }
- }
-
- # In timeout cases, the process may not be dead yet.
- catch { exec kill -9 [exp_pid -i $spawn_id] } x
- set ret [wait -i $spawn_id]
- verbose "% Exit $ret" 2
-
- if {$test_failed == 0} {
- if {[lindex $ret $wait_error_index] == -1} {
- set test_failed 1
- set fail_output "wait returned error [lindex $ret $wait_errno_index]"
- } else {
- if { [lindex $ret $wait_status_index] == $status ||
- (($status<0) && ([lindex $ret $wait_status_index] == ($status+256))) } {
- verbose "test $test: status $status"
- } else {
- set test_failed 1
- set fail_output "unexpected return status [lindex $ret $wait_status_index], should be $status"
- }
- }
- }
-
- if {$test_failed == 0} {
- pass $test
- } else {
- fail "$test: $fail_output"
- }
-
- return {}
-}
-
-set lock1 [lock_test_start 1 [list \
- [list shared "shared"] \
- [list release "released"] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock1
-
-set lock2 [lock_test_start 2 [list \
- [list exclusive exclusive] \
- [list release released] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock2
-
-set lock3 [lock_test_start 5 [list \
- [list permanent permanent] \
- [list release released] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock3
-
-set lock4 [lock_test_start 4 [list \
- [list release "Database not locked"] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock4
-
-set lock5 [lock_test_start 5 [list \
- [list shared shared] \
- [list wait ""] \
- [list eof 0]]]
-set lock5_1 [lock_test_start 5.1 [list \
- [list shared shared] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock5_1
-eval lock_test_continue $lock5
-
-set lock6 [lock_test_start 6 [list \
- [list exclusive exclusive] \
- [list wait ""] \
- [list eof 0]]]
-set lock6_1 [lock_test_start 6.1 [list \
- [list shared "Cannot lock database"] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock6_1
-eval lock_test_continue $lock6
-
-set lock7 [lock_test_start 7 [list \
- [list shared shared] \
- [list wait ""] \
- [list eof 0]]]
-set lock7_1 [lock_test_start 7.1 [list \
- [list exclusive "Cannot lock database"] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock7_1
-eval lock_test_continue $lock7
-
-set lock8 [lock_test_start 8 [list \
- [list permanent permanent] \
- [list wait ""] \
- [list release "released" ] \
- [list wait ""] \
- [list eof 0]]]
-set lock8_1 [lock_test_start 8.1 [list \
- [list "" "administration database lock file missing while opening database" ] \
- [list wait ""] \
- [list eof 1]]]
-eval lock_test_continue $lock8_1
-eval set lock8 \[lock_test_continue $lock8\]
-eval lock_test_continue $lock8
-
-set lock9 [lock_test_start 9 [list \
- [list exclusive exclusive] \
- [list release released] \
- [list wait ""] \
- [list exclusive "database lock file missing while getting exclusive"] \
- [list wait ""] \
- [list eof 0]]]
-set lock9_1 [lock_test_start 9.1 [list \
- [list permanent permanent] \
- [list wait ""] \
- [list release released] \
- [list wait ""] \
- [list eof 0]]]
-eval set lock9 \[lock_test_continue $lock9\]
-eval lock_test_continue $lock9
-eval set lock9_1 \[lock_test_continue $lock9_1\]
-eval lock_test_continue $lock9_1
-
-if {! [file exists $lockfile]} {
- perror "lock file missing before test 10"
-}
-set lock10 [lock_test_start 10 [list \
- [list permanent permanent] \
- [list wait ""] \
- [list release released] \
- [list wait ""] \
- [list eof 0]]]
-if {[file exists $lockfile]} {
- fail "test 10: lock file exists"
-}
-eval set lock10 \[lock_test_continue $lock10\]
-eval lock_test_continue $lock10
-if {[file exists $lockfile]} {
- pass "test 11: lock file exists"
-} else {
- fail "test 11: lock file does not exist"
-}
-
-set lock12 [lock_test_start 12 [list \
- [list shared shared] \
- [list wait ""] \
- [list eof 0]]]
-set lock12_1 [lock_test_start 12.1 [list \
- [list "get test-pol" retrieved] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock12_1
-eval lock_test_continue $lock12
-
-set lock13 [lock_test_start 13 [list \
- [list "get lock13" "Principal or policy does not exist"] \
- [list wait ""] \
- [list "get lock13" retrieved] \
- [list wait ""] \
- [list eof 0]]]
-set test13_spawn_id $spawn_id
-# create_policy could call api_exit immediately when it starts up.
-# If it does, and the spawn ID in $spawn_id is ours rather than its,
-# it'll close our spawn ID. So, we call api_start to give it something
-# to close.
-api_start
-create_policy lock13
-set api_spawn_id $spawn_id
-set spawn_id $test13_spawn_id
-eval set lock13 \[lock_test_continue $lock13\]
-eval lock_test_continue $lock13
-set spawn_id $api_spawn_id
-delete_policy lock13
diff --git a/src/lib/kadm5/unit-test/config/unix.exp b/src/lib/kadm5/unit-test/config/unix.exp
index 3f36655..f14f126 100644
--- a/src/lib/kadm5/unit-test/config/unix.exp
+++ b/src/lib/kadm5/unit-test/config/unix.exp
@@ -151,13 +151,13 @@ proc api_start {} {
eof { error "EOF starting API" }
timeout { error "Timeout starting API" }
}
- send "set current_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION &~ \$OVSEC_KADM_STRUCT_VERSION_MASK\]\n"
+ send "set current_struct_version \[expr \$KADM5_STRUCT_VERSION &~ \$KADM5_STRUCT_VERSION_MASK\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set current_api_version \[expr \$OVSEC_KADM_API_VERSION_1 &~ \$OVSEC_KADM_API_VERSION_MASK\]\n"
+ send "set current_api_version \[expr \$KADM5_API_VERSION_2 &~ \$KADM5_API_VERSION_MASK\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
@@ -187,25 +187,25 @@ proc api_start {} {
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set old_api_version \[expr \$OVSEC_KADM_API_VERSION_MASK | 0x00\]\n"
+ send "set old_api_version \[expr \$KADM5_API_VERSION_MASK | 0x00\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set old_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION_MASK | 0x00\]\n"
+ send "set old_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0x00\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set new_api_version \[expr \$OVSEC_KADM_API_VERSION_MASK | 0xca\]\n"
+ send "set new_api_version \[expr \$KADM5_API_VERSION_MASK | 0xca\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set new_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION_MASK | 0xca\]\n"
+ send "set new_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0xca\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
diff --git a/src/lib/kadm5/unit-test/destroy-test.c b/src/lib/kadm5/unit-test/destroy-test.c
index 6d7435c..2610060 100644
--- a/src/lib/kadm5/unit-test/destroy-test.c
+++ b/src/lib/kadm5/unit-test/destroy-test.c
@@ -13,24 +13,23 @@
int main()
{
- ovsec_kadm_ret_t ret;
+ kadm5_ret_t ret;
char *cp;
int x;
void *server_handle;
kadm5_server_handle_t handle;
for(x = 0; x < TEST_NUM; x++) {
- ret = ovsec_kadm_init("admin", "admin", "ovsec_adm/admin", 0,
- OVSEC_KADM_STRUCT_VERSION,
- OVSEC_KADM_API_VERSION_1, NULL,
- &server_handle);
- if(ret != OVSEC_KADM_OK) {
+ ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
+ KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
+ &server_handle);
+ if(ret != KADM5_OK) {
com_err("test", ret, "init");
exit(2);
}
handle = (kadm5_server_handle_t) server_handle;
- cp = (char *) strdup(((char *) (strchr(handle->cache_name, ':')) + 1));
- ovsec_kadm_destroy(server_handle);
+ cp = strdup(strchr(handle->cache_name, ':') + 1);
+ kadm5_destroy(server_handle);
if(access(cp, F_OK) == 0) {
puts("ticket cache not destroyed");
exit(2);
diff --git a/src/lib/kadm5/unit-test/handle-test.c b/src/lib/kadm5/unit-test/handle-test.c
index 3f72385..231d950 100644
--- a/src/lib/kadm5/unit-test/handle-test.c
+++ b/src/lib/kadm5/unit-test/handle-test.c
@@ -11,12 +11,12 @@
int main(int argc, char *argv[])
{
- ovsec_kadm_ret_t ret;
+ kadm5_ret_t ret;
void *server_handle;
kadm5_server_handle_t handle;
kadm5_server_handle_rec orig_handle;
- ovsec_kadm_policy_ent_t pol;
- ovsec_kadm_principal_ent_t princ;
+ kadm5_policy_ent_rec pol;
+ kadm5_principal_ent_t princ;
krb5_keyblock *key;
krb5_principal tprinc;
krb5_context context;
@@ -24,103 +24,104 @@ int main(int argc, char *argv[])
kadm5_init_krb5_context(&context);
- ret = ovsec_kadm_init("admin/none", "admin", "ovsec_adm/admin", 0,
- OVSEC_KADM_STRUCT_VERSION, OVSEC_KADM_API_VERSION_1, NULL,
- &server_handle);
- if(ret != OVSEC_KADM_OK) {
+ ret = kadm5_init("admin/none", "admin", KADM5_ADMIN_SERVICE, NULL,
+ KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
+ &server_handle);
+ if(ret != KADM5_OK) {
com_err("test", ret, "init");
exit(2);
}
handle = (kadm5_server_handle_t) server_handle;
orig_handle = *handle;
- handle->magic_number = OVSEC_KADM_STRUCT_VERSION;
+ handle->magic_number = KADM5_STRUCT_VERSION;
krb5_parse_name(context, "testuser", &tprinc);
- ret = ovsec_kadm_get_principal(server_handle, tprinc, &princ);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_get_principal(server_handle, tprinc, &princ,
+ KADM5_PRINCIPAL_NORMAL_MASK);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "get-principal",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_get_policy(server_handle, "pol1", &pol);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_get_policy(server_handle, "pol1", &pol);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "get-policy",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_create_principal(server_handle, princ, OVSEC_KADM_PRINCIPAL, "pass");
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_create_principal(server_handle, princ, KADM5_PRINCIPAL, "pass");
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "create-principal",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_create_policy(server_handle, pol, OVSEC_KADM_POLICY);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_create_policy(server_handle, &pol, KADM5_POLICY);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "create-policy",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_modify_principal(server_handle, princ, OVSEC_KADM_PW_EXPIRATION);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_modify_principal(server_handle, princ, KADM5_PW_EXPIRATION);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "modify-principal",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_modify_policy(server_handle, pol, OVSEC_KADM_PW_MAX_LIFE);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_modify_policy(server_handle, &pol, KADM5_PW_MAX_LIFE);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "modify-policy",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_delete_principal(server_handle, tprinc);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_delete_principal(server_handle, tprinc);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "delete-principal",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_delete_policy(server_handle, "pol1");
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_delete_policy(server_handle, "pol1");
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "delete-policy",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_chpass_principal(server_handle, tprinc, "FooBar");
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_chpass_principal(server_handle, tprinc, "FooBar");
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "chpass",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_randkey_principal(server_handle, tprinc, &key);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_randkey_principal(server_handle, tprinc, &key, NULL);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "randkey",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_rename_principal(server_handle, tprinc, tprinc);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_rename_principal(server_handle, tprinc, tprinc);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "rename",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_destroy(server_handle);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_destroy(server_handle);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "destroy",
error_message(ret));
exit(1);
}
*handle = orig_handle;
- ret = ovsec_kadm_destroy(server_handle);
- if (ret != OVSEC_KADM_OK) {
+ ret = kadm5_destroy(server_handle);
+ if (ret != KADM5_OK) {
fprintf(stderr, "valid %s -- returned -- %s\n", "destroy",
error_message(ret));
exit(1);
diff --git a/src/lib/kadm5/unit-test/init-test.c b/src/lib/kadm5/unit-test/init-test.c
index 575b24f..8e9ec82 100644
--- a/src/lib/kadm5/unit-test/init-test.c
+++ b/src/lib/kadm5/unit-test/init-test.c
@@ -1,4 +1,3 @@
-#undef USE_KADM5_API_VERSION
#include <kadm5/admin.h>
#include <com_err.h>
#include <stdio.h>
diff --git a/src/lib/kadm5/unit-test/iter-test.c b/src/lib/kadm5/unit-test/iter-test.c
index 17e561e..3608150 100644
--- a/src/lib/kadm5/unit-test/iter-test.c
+++ b/src/lib/kadm5/unit-test/iter-test.c
@@ -4,7 +4,7 @@
int main(int argc, char **argv)
{
- ovsec_kadm_ret_t ret;
+ kadm5_ret_t ret;
void *server_handle;
char **names;
int count, princ, i;
@@ -15,23 +15,20 @@ int main(int argc, char **argv)
}
princ = (strcmp(argv[1], "-princ") == 0);
- ret = ovsec_kadm_init("admin", "admin", OVSEC_KADM_ADMIN_SERVICE, 0,
- OVSEC_KADM_STRUCT_VERSION,
- OVSEC_KADM_API_VERSION_1, NULL,
- &server_handle);
- if (ret != OVSEC_KADM_OK) {
+ ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
+ KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
+ &server_handle);
+ if (ret != KADM5_OK) {
com_err("iter-test", ret, "while initializing");
exit(1);
}
if (princ)
- ret = ovsec_kadm_get_principals(server_handle, argv[2], &names,
- &count);
+ ret = kadm5_get_principals(server_handle, argv[2], &names, &count);
else
- ret = ovsec_kadm_get_policies(server_handle, argv[2],
- &names, &count);
-
- if (ret != OVSEC_KADM_OK) {
+ ret = kadm5_get_policies(server_handle, argv[2], &names, &count);
+
+ if (ret != KADM5_OK) {
com_err("iter-test", ret, "while retrieving list");
exit(1);
}
@@ -39,9 +36,9 @@ int main(int argc, char **argv)
for (i = 0; i < count; i++)
printf("%d: %s\n", i, names[i]);
- ovsec_kadm_free_name_list(server_handle, names, count);
+ kadm5_free_name_list(server_handle, names, count);
- (void) ovsec_kadm_destroy(server_handle);
+ (void) kadm5_destroy(server_handle);
return 0;
}
diff --git a/src/lib/kadm5/unit-test/lib/lib.t b/src/lib/kadm5/unit-test/lib/lib.t
index 2027794..361c727 100644
--- a/src/lib/kadm5/unit-test/lib/lib.t
+++ b/src/lib/kadm5/unit-test/lib/lib.t
@@ -18,8 +18,8 @@ proc lib_start_api {} {
api_exit
set lib_pid [api_start]
if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
+ kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
+ $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
lib_handle
}]} {
error "$test: unexpected failure in init"
@@ -120,8 +120,8 @@ proc create_principal {name} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_create_principal $lib_handle [simple_principal \
- "%s"] {OVSEC_KADM_PRINCIPAL} "%s"
+ kadm5_create_principal $lib_handle [simple_principal \
+ "%s"] {KADM5_PRINCIPAL} "%s"
} $name $name]]
return $ret
@@ -131,8 +131,8 @@ proc create_policy {name} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_create_policy $lib_handle [simple_policy "%s"] \
- {OVSEC_KADM_POLICY}
+ kadm5_create_policy $lib_handle [simple_policy "%s"] \
+ {KADM5_POLICY}
} $name $name]]
return $ret
@@ -142,8 +142,8 @@ proc create_principal_pol {name policy} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_create_principal $lib_handle [princ_w_pol "%s" \
- "%s"] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} "%s"
+ kadm5_create_principal $lib_handle [princ_w_pol "%s" \
+ "%s"] {KADM5_PRINCIPAL KADM5_POLICY} "%s"
} $name $policy $name]]
return $ret
@@ -153,7 +153,7 @@ proc delete_principal {name} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_delete_principal $lib_handle "%s"
+ kadm5_delete_principal $lib_handle "%s"
} $name]]
return $ret
@@ -162,7 +162,7 @@ proc delete_principal {name} {
proc delete_policy {name} {
lib_start_api
- set ret [cmd [format {ovsec_kadm_delete_policy $lib_handle "%s"} $name]]
+ set ret [cmd [format {kadm5_delete_policy $lib_handle "%s"} $name]]
return $ret
}
@@ -173,7 +173,7 @@ proc principal_exists {name} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_get_principal $lib_handle "%s" principal
+ kadm5_get_principal $lib_handle "%s" principal
} $name]]
# puts stdout "Finishing principal_exists."
@@ -187,7 +187,7 @@ proc policy_exists {name} {
# puts stdout "Starting policy_exists."
set ret [cmd [format {
- ovsec_kadm_get_policy $lib_handle "%s" policy
+ kadm5_get_policy $lib_handle "%s" policy
} $name]]
# puts stdout "Finishing policy_exists."
diff --git a/src/lib/kadm5/unit-test/lock-test.c b/src/lib/kadm5/unit-test/lock-test.c
index 489b7b8..85049a7 100644
--- a/src/lib/kadm5/unit-test/lock-test.c
+++ b/src/lib/kadm5/unit-test/lock-test.c
@@ -1,8 +1,3 @@
-#if USE_KADM5_API_VERSION == 1
-#undef USE_KADM5_API_VERSION
-#define USE_KADM5_API_VERSION 2
-#endif
-
#include <stdio.h>
#include <krb5.h>
#include <kadm5/admin.h>
diff --git a/src/lib/kadm5/unit-test/randkey-test.c b/src/lib/kadm5/unit-test/randkey-test.c
index 4b17bcb..12e9e23 100644
--- a/src/lib/kadm5/unit-test/randkey-test.c
+++ b/src/lib/kadm5/unit-test/randkey-test.c
@@ -10,7 +10,7 @@
int main()
{
- ovsec_kadm_ret_t ret;
+ kadm5_ret_t ret;
krb5_keyblock *keys[TEST_NUM];
krb5_principal tprinc;
krb5_keyblock *newkey;
@@ -22,24 +22,21 @@ int main()
kadm5_init_krb5_context(&context);
krb5_parse_name(context, "testuser", &tprinc);
- ret = ovsec_kadm_init("admin", "admin", "ovsec_adm/admin", 0,
- OVSEC_KADM_STRUCT_VERSION,
- OVSEC_KADM_API_VERSION_1, NULL,
- &server_handle);
- if(ret != OVSEC_KADM_OK) {
+ ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, NULL,
+ KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
+ &server_handle);
+ if(ret != KADM5_OK) {
com_err("test", ret, "init");
exit(2);
}
for(x = 0; x < TEST_NUM; x++) {
- ovsec_kadm_randkey_principal(server_handle, tprinc, &newkey);
+ kadm5_randkey_principal(server_handle, tprinc, &keys[x], NULL);
for(i = 0; i < x; i++) {
if (!memcmp(newkey->contents, keys[i]->contents, newkey->length))
puts("match found");
}
- krb5_copy_keyblock(context, newkey, &keys[x]);
- krb5_free_keyblock(context, newkey);
}
- ovsec_kadm_destroy(server_handle);
+ kadm5_destroy(server_handle);
exit(0);
}
diff --git a/src/lib/kadm5/unit-test/site.exp b/src/lib/kadm5/unit-test/site.exp
index 18b435d..7fe3974 100644
--- a/src/lib/kadm5/unit-test/site.exp
+++ b/src/lib/kadm5/unit-test/site.exp
@@ -1,2 +1,2 @@
-set tool ovsec_kadm_srv_tcl
+set tool kadm5_srv_tcl
set prompt "% "
diff --git a/src/lib/rpc/unit-test/lib/helpers.exp b/src/lib/rpc/unit-test/lib/helpers.exp
index b69be5b..963fff4 100644
--- a/src/lib/rpc/unit-test/lib/helpers.exp
+++ b/src/lib/rpc/unit-test/lib/helpers.exp
@@ -50,7 +50,7 @@ proc expect_kadm_ok {} {
global kadmin_tcl_spawn_id
expect {
-i $kadmin_tcl_spawn_id
- -re "^OK OVSEC_KADM_OK \[^\n\]*\n" {}
+ -re "^OK KADM5_OK \[^\n\]*\n" {}
-re "^ERROR \[^\n\]*\n" { perror "kadmin tcl subprocess reported unexpected error" }
-re "^marshall_new_creds: \[^\n\]*\n" { exp_continue }
-re "^gssapi_\[^\n\]*\n" { exp_continue }
@@ -68,7 +68,7 @@ proc setup_database {} {
send_user "TOP=$TOP\n"
set_from_env TESTDIR $env(TOP)/testing
- set_from_env CLNTTCL $TESTDIR/util/ovsec_kadm_clnt_tcl
+ set_from_env CLNTTCL $TESTDIR/util/kadm5_clnt_tcl
set_from_env TCLUTIL $TESTDIR/tcl/util.t
set env(TCLUTIL) $TCLUTIL
set_from_env MAKE_KEYTAB $TESTDIR/scripts/make-host-keytab.pl
@@ -96,22 +96,22 @@ proc setup_database {} {
}
expect_tcl_prompt
- send_tcl_cmd_await_echo {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle}
+ send_tcl_cmd_await_echo {kadm5_init admin admin $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 server_handle}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_create_principal $server_handle [simple_principal server/$h] {OVSEC_KADM_PRINCIPAL} admin}
+ send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal server/$h] {KADM5_PRINCIPAL} admin}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_randkey_principal $server_handle server/$h key}
+ send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle server/$h key null}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_create_principal $server_handle [simple_principal notserver/$h] {OVSEC_KADM_PRINCIPAL} admin}
+ send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal notserver/$h] {KADM5_PRINCIPAL} admin}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_randkey_principal $server_handle notserver/$h key}
+ send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle notserver/$h key null}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_destroy $server_handle}
+ send_tcl_cmd_await_echo {kadm5_destroy $server_handle}
expect_kadm_ok
expect "^% "
wait -nowait -i $spawn_id
diff --git a/src/lib/rpc/unit-test/rpc_test_setup.sh b/src/lib/rpc/unit-test/rpc_test_setup.sh
index 0f8ca9d..968f52a 100755
--- a/src/lib/rpc/unit-test/rpc_test_setup.sh
+++ b/src/lib/rpc/unit-test/rpc_test_setup.sh
@@ -8,7 +8,7 @@
# $Source$
DUMMY=${TESTDIR=$TOP/testing}
-DUMMY=${CLNTTCL=$TESTDIR/util/ovsec_kadm_clnt_tcl}
+DUMMY=${CLNTTCL=$TESTDIR/util/kadm5_clnt_tcl}
DUMMY=${TCLUTIL=$TESTDIR/tcl/util.t}; export TCLUTIL
DUMMY=${MAKE_KEYTAB=$TESTDIR/scripts/make-host-keytab.pl}
@@ -26,13 +26,13 @@ export CANON_HOST
cat - > /tmp/rpc_test_setup$$ <<\EOF
source $env(TCLUTIL)
set h $env(CANON_HOST)
-puts stdout [ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle]
+puts stdout [kadm5_init admin admin $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 server_handle]
if ![info exists server_handle] { exit 1 }
-puts stdout [ovsec_kadm_create_principal $server_handle [simple_principal server/$h] {OVSEC_KADM_PRINCIPAL} admin]
-puts stdout [ovsec_kadm_randkey_principal $server_handle server/$h key]
-puts stdout [ovsec_kadm_create_principal $server_handle [simple_principal notserver/$h] {OVSEC_KADM_PRINCIPAL} admin]
-puts stdout [ovsec_kadm_randkey_principal $server_handle notserver/$h key]
-puts stdout [ovsec_kadm_destroy $server_handle]
+puts stdout [kadm5_create_principal $server_handle [simple_principal server/$h] {KADM5_PRINCIPAL} admin]
+puts stdout [kadm5_randkey_principal $server_handle server/$h key null]
+puts stdout [kadm5_create_principal $server_handle [simple_principal notserver/$h] {KADM5_PRINCIPAL} admin]
+puts stdout [kadm5_randkey_principal $server_handle notserver/$h key null]
+puts stdout [kadm5_destroy $server_handle]
EOF
eval "$CLNTTCL $REDIRECT < /tmp/rpc_test_setup$$"
if test $? != 0 ; then
generated by cgit v1.1 at 2024-07-09 19:55:38 +0000