diff options
| author | Greg Hudson <ghudson@mit.edu> | 2012-12-16 16:55:29 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-12-20 11:45:20 -0500 |
| commit | 966547dfeb011800d4b78b8e5d494813bc80559c (patch) | |
| tree | 4226bd168056336c965a4aa77c845093ef723da3 /src/tests/t_keyrollover.py | |
| parent | 76c27cf7e3161e0f20f8935d82ae0f2feb77b01a (diff) | |
| download | krb5-966547dfeb011800d4b78b8e5d494813bc80559c.zip krb5-966547dfeb011800d4b78b8e5d494813bc80559c.tar.gz krb5-966547dfeb011800d4b78b8e5d494813bc80559c.tar.bz2 | |
Simplify k5test.py environments
The initial k5test.py design, copied from the dejagnu suite, is to
create config files and environments for four expected roles: client,
server, master, and slave. This approach exaggerates the complexity
of the common case, where the configurations don't need to vary, and
limits us to having just one slave for kprop/iprop tests.
Instead, create just one configuration by default, and add a
special_env() method which sets up a differently configured
environment for the few test cases which need one. The run_as_*()
methods are collapsed into just run(), which accepts an optional
argument for the environment returned by special_env().
Diffstat (limited to 'src/tests/t_keyrollover.py')
| -rw-r--r-- | src/tests/t_keyrollover.py | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py index 9f9346a..29d1291 100644 --- a/src/tests/t_keyrollover.py +++ b/src/tests/t_keyrollover.py @@ -1,7 +1,7 @@ #!/usr/bin/python from k5test import * -rollover_krb5_conf = {'all' : {'libdefaults' : {'allow_weak_crypto' : 'true'}}} +rollover_krb5_conf = {'libdefaults': {'allow_weak_crypto': 'true'}} realm = K5Realm(krbtgt_keysalt='des-cbc-crc:normal', krb5_conf=rollover_krb5_conf) @@ -11,19 +11,19 @@ princ2 = 'host/test2@%s' % (realm.realm,) realm.addprinc(princ1) realm.addprinc(princ2) -realm.run_as_client([kvno, realm.host_princ]) +realm.run([kvno, realm.host_princ]) # Change key for TGS, keeping old key. realm.run_kadminl('cpw -randkey -e aes256-cts:normal -keepold krbtgt/%s@%s' % (realm.realm, realm.realm)) # Ensure that kvno still works with an old TGT. -realm.run_as_client([kvno, princ1]) +realm.run([kvno, princ1]) realm.run_kadminl('purgekeys krbtgt/%s@%s' % (realm.realm, realm.realm)) # Make sure an old TGT fails after purging old TGS key. -realm.run_as_client([kvno, princ2], expected_code=1) -output = realm.run_as_client([klist, '-e']) +realm.run([kvno, princ2], expected_code=1) +output = realm.run([klist, '-e']) expected = 'krbtgt/%s@%s\n\tEtype (skey, tkt): des-cbc-crc, des-cbc-crc' % \ (realm.realm, realm.realm) @@ -33,8 +33,8 @@ if expected not in output: # Check that new key actually works. realm.kinit(realm.user_princ, password('user')) -realm.run_as_client([kvno, realm.host_princ]) -output = realm.run_as_client([klist, '-e']) +realm.run([kvno, realm.host_princ]) +output = realm.run([klist, '-e']) expected = 'krbtgt/%s@%s\n\tEtype (skey, tkt): ' \ 'aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96' % \ @@ -60,7 +60,7 @@ output = realm.run_kadminl('getprinc krbtgt/%s' % realm.realm) if 'vno 1, aes256' not in output or 'vno 1, des3' not in output: fail('keyrollover: setup for TGS enctype test failed') # Now present the DES3 ticket to the KDC and make sure it's rejected. -realm.run_as_client([kvno, realm.host_princ], expected_code=1) +realm.run([kvno, realm.host_princ], expected_code=1) realm.stop() @@ -72,10 +72,10 @@ realm.stop() # multiple keys. r1, r2 = cross_realms(2) r1.run_kadminl('modprinc -kvno 0 krbtgt/%s' % r2.realm) -r1.run_as_client([kvno, r2.host_princ]) +r1.run([kvno, r2.host_princ]) r2.run_kadminl('cpw -pw newcross -keepold krbtgt/%s@%s' % (r2.realm, r1.realm)) r1.run_kadminl('cpw -pw newcross krbtgt/%s' % r2.realm) r1.run_kadminl('modprinc -kvno 0 krbtgt/%s' % r2.realm) -r1.run_as_client([kvno, r2.user_princ]) +r1.run([kvno, r2.user_princ]) success('keyrollover') |