aboutsummaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/kadm5/Makefile.in3
-rw-r--r--src/lib/kadm5/admin.h320
-rw-r--r--src/lib/kadm5/admin_internal.h2
-rw-r--r--src/lib/kadm5/chpass_util_strings.et2
-rw-r--r--src/lib/kadm5/clnt/client_init.c18
-rw-r--r--src/lib/kadm5/clnt/client_principal.c169
-rw-r--r--src/lib/kadm5/clnt/clnt_policy.c18
-rw-r--r--src/lib/kadm5/clnt/libkadm5clnt.exports24
-rw-r--r--src/lib/kadm5/kadm_rpc_xdr.c136
-rw-r--r--src/lib/kadm5/misc_free.c59
-rw-r--r--src/lib/kadm5/ovsec_glue.c194
-rw-r--r--src/lib/kadm5/srv/libkadm5srv.exports24
-rw-r--r--src/lib/kadm5/srv/server_init.c54
-rw-r--r--src/lib/kadm5/srv/svr_misc_free.c3
-rw-r--r--src/lib/kadm5/srv/svr_policy.c22
-rw-r--r--src/lib/kadm5/srv/svr_principal.c188
-rw-r--r--src/lib/kadm5/unit-test/Makefile.in5
-rw-r--r--src/lib/kadm5/unit-test/README.new-tests12
-rw-r--r--src/lib/kadm5/unit-test/api.0/chpass-principal.exp176
-rw-r--r--src/lib/kadm5/unit-test/api.0/crte-policy.exp956
-rw-r--r--src/lib/kadm5/unit-test/api.0/crte-principal.exp1336
-rw-r--r--src/lib/kadm5/unit-test/api.0/destroy.exp203
-rw-r--r--src/lib/kadm5/unit-test/api.0/dlte-policy.exp207
-rw-r--r--src/lib/kadm5/unit-test/api.0/dlte-principal.exp329
-rw-r--r--src/lib/kadm5/unit-test/api.0/get-policy.exp199
-rw-r--r--src/lib/kadm5/unit-test/api.0/get-principal.exp346
-rw-r--r--src/lib/kadm5/unit-test/api.0/init.exp728
-rw-r--r--src/lib/kadm5/unit-test/api.0/mod-policy.exp703
-rw-r--r--src/lib/kadm5/unit-test/api.0/mod-principal.exp1943
-rw-r--r--src/lib/kadm5/unit-test/api.0/randkey-principal.exp319
-rw-r--r--src/lib/kadm5/unit-test/api.0/rename-principal.exp509
-rw-r--r--src/lib/kadm5/unit-test/api.1/lock.exp287
-rw-r--r--src/lib/kadm5/unit-test/config/unix.exp12
-rw-r--r--src/lib/kadm5/unit-test/destroy-test.c15
-rw-r--r--src/lib/kadm5/unit-test/handle-test.c69
-rw-r--r--src/lib/kadm5/unit-test/init-test.c1
-rw-r--r--src/lib/kadm5/unit-test/iter-test.c25
-rw-r--r--src/lib/kadm5/unit-test/lib/lib.t24
-rw-r--r--src/lib/kadm5/unit-test/lock-test.c5
-rw-r--r--src/lib/kadm5/unit-test/randkey-test.c17
-rw-r--r--src/lib/kadm5/unit-test/site.exp2
-rw-r--r--src/lib/rpc/unit-test/lib/helpers.exp16
-rwxr-xr-xsrc/lib/rpc/unit-test/rpc_test_setup.sh14
43 files changed, 276 insertions, 9418 deletions
diff --git a/src/lib/kadm5/Makefile.in b/src/lib/kadm5/Makefile.in
index 175231e..4c502eb 100644
--- a/src/lib/kadm5/Makefile.in
+++ b/src/lib/kadm5/Makefile.in
@@ -19,7 +19,6 @@ clean::
SRCS = kadm_err.c \
chpass_util_strings.c \
- $(srcdir)/ovsec_glue.c \
$(srcdir)/misc_free.c \
$(srcdir)/kadm_rpc_xdr.c \
$(srcdir)/chpass_util.c \
@@ -29,7 +28,6 @@ SRCS = kadm_err.c \
OBJS = kadm_err.$(OBJEXT) \
chpass_util_strings.$(OBJEXT) \
- ovsec_glue.$(OBJEXT) \
misc_free.$(OBJEXT) \
kadm_rpc_xdr.$(OBJEXT) \
chpass_util.$(OBJEXT) \
@@ -40,7 +38,6 @@ OBJS = kadm_err.$(OBJEXT) \
STLIBOBJS = \
kadm_err.o \
chpass_util_strings.o \
- ovsec_glue.o \
misc_free.o \
kadm_rpc_xdr.o \
chpass_util.o \
diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h
index 57e2586..33e2728 100644
--- a/src/lib/kadm5/admin.h
+++ b/src/lib/kadm5/admin.h
@@ -37,17 +37,11 @@
* releases (e.g. from 1.7 to 1.8).
* - We will make some effort to avoid making incompatible changes for
* bugfix releases, but will make them if necessary.
- * - We make no commitments at all regarding the v1 API (obtained by
- * defining USE_KADM5_API_VERSION to 1) and expect to remove it.
*/
#ifndef __KADM5_ADMIN_H__
#define __KADM5_ADMIN_H__
-#if !defined(USE_KADM5_API_VERSION)
-#define USE_KADM5_API_VERSION 2
-#endif
-
#include <sys/types.h>
#include <gssrpc/rpc.h>
#include <krb5.h>
@@ -181,10 +175,9 @@ typedef long kadm5_ret_t;
#define KADM5_STRUCT_VERSION KADM5_STRUCT_VERSION_1
#define KADM5_API_VERSION_MASK 0x12345700
-#define KADM5_API_VERSION_1 (KADM5_API_VERSION_MASK|0x01)
#define KADM5_API_VERSION_2 (KADM5_API_VERSION_MASK|0x02)
-typedef struct _kadm5_principal_ent_t_v2 {
+typedef struct _kadm5_principal_ent_t {
krb5_principal principal;
krb5_timestamp princ_expire_time;
krb5_timestamp last_pwd_change;
@@ -207,30 +200,7 @@ typedef struct _kadm5_principal_ent_t_v2 {
krb5_int16 n_tl_data;
krb5_tl_data *tl_data;
krb5_key_data *key_data;
-} kadm5_principal_ent_rec_v2, *kadm5_principal_ent_t_v2;
-
-typedef struct _kadm5_principal_ent_t_v1 {
- krb5_principal principal;
- krb5_timestamp princ_expire_time;
- krb5_timestamp last_pwd_change;
- krb5_timestamp pw_expiration;
- krb5_deltat max_life;
- krb5_principal mod_name;
- krb5_timestamp mod_date;
- krb5_flags attributes;
- krb5_kvno kvno;
- krb5_kvno mkvno;
- char *policy;
- long aux_attributes;
-} kadm5_principal_ent_rec_v1, *kadm5_principal_ent_t_v1;
-
-#if USE_KADM5_API_VERSION == 1
-typedef struct _kadm5_principal_ent_t_v1
- kadm5_principal_ent_rec, *kadm5_principal_ent_t;
-#else
-typedef struct _kadm5_principal_ent_t_v2
- kadm5_principal_ent_rec, *kadm5_principal_ent_t;
-#endif
+} kadm5_principal_ent_rec, *kadm5_principal_ent_t;
typedef struct _kadm5_policy_ent_t {
char *policy;
@@ -330,7 +300,6 @@ typedef struct __krb5_realm_params {
* functions
*/
-#if USE_KADM5_API_VERSION > 1
krb5_error_code kadm5_get_config_params(krb5_context context,
int use_kdc_config,
kadm5_config_params *params_in,
@@ -344,15 +313,10 @@ krb5_error_code kadm5_free_realm_params(krb5_context kcontext,
krb5_error_code kadm5_get_admin_service_name(krb5_context, char *,
char *, size_t);
-#endif
kadm5_ret_t kadm5_init(char *client_name, char *pass,
char *service_name,
-#if USE_KADM5_API_VERSION == 1
- char *realm,
-#else
kadm5_config_params *params,
-#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
@@ -360,11 +324,7 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
kadm5_ret_t kadm5_init_with_password(char *client_name,
char *pass,
char *service_name,
-#if USE_KADM5_API_VERSION == 1
- char *realm,
-#else
kadm5_config_params *params,
-#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
@@ -372,16 +332,11 @@ kadm5_ret_t kadm5_init_with_password(char *client_name,
kadm5_ret_t kadm5_init_with_skey(char *client_name,
char *keytab,
char *service_name,
-#if USE_KADM5_API_VERSION == 1
- char *realm,
-#else
kadm5_config_params *params,
-#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
-#if USE_KADM5_API_VERSION > 1
kadm5_ret_t kadm5_init_with_creds(char *client_name,
krb5_ccache cc,
char *service_name,
@@ -390,7 +345,6 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
-#endif
kadm5_ret_t kadm5_lock(void *server_handle);
kadm5_ret_t kadm5_unlock(void *server_handle);
kadm5_ret_t kadm5_flush(void *server_handle);
@@ -411,16 +365,10 @@ kadm5_ret_t kadm5_modify_principal(void *server_handle,
long mask);
kadm5_ret_t kadm5_rename_principal(void *server_handle,
krb5_principal,krb5_principal);
-#if USE_KADM5_API_VERSION == 1
-kadm5_ret_t kadm5_get_principal(void *server_handle,
- krb5_principal principal,
- kadm5_principal_ent_t *ent);
-#else
kadm5_ret_t kadm5_get_principal(void *server_handle,
krb5_principal principal,
kadm5_principal_ent_t ent,
long mask);
-#endif
kadm5_ret_t kadm5_chpass_principal(void *server_handle,
krb5_principal principal,
char *pass);
@@ -430,11 +378,6 @@ kadm5_ret_t kadm5_chpass_principal_3(void *server_handle,
int n_ks_tuple,
krb5_key_salt_tuple *ks_tuple,
char *pass);
-#if USE_KADM5_API_VERSION == 1
-kadm5_ret_t kadm5_randkey_principal(void *server_handle,
- krb5_principal principal,
- krb5_keyblock **keyblock);
-#else
kadm5_ret_t kadm5_randkey_principal(void *server_handle,
krb5_principal principal,
krb5_keyblock **keyblocks,
@@ -446,7 +389,6 @@ kadm5_ret_t kadm5_randkey_principal_3(void *server_handle,
krb5_key_salt_tuple *ks_tuple,
krb5_keyblock **keyblocks,
int *n_keys);
-#endif
kadm5_ret_t kadm5_setv4key_principal(void *server_handle,
krb5_principal principal,
krb5_keyblock *keyblock);
@@ -496,15 +438,9 @@ kadm5_ret_t kadm5_modify_policy(void *server_handle,
kadm5_ret_t kadm5_modify_policy_internal(void *server_handle,
kadm5_policy_ent_t
entry, long mask);
-#if USE_KADM5_API_VERSION == 1
-kadm5_ret_t kadm5_get_policy(void *server_handle,
- kadm5_policy_t policy,
- kadm5_policy_ent_t *ent);
-#else
kadm5_ret_t kadm5_get_policy(void *server_handle,
kadm5_policy_t policy,
kadm5_policy_ent_t ent);
-#endif
kadm5_ret_t kadm5_get_privs(void *server_handle,
long *privs);
@@ -529,11 +465,9 @@ kadm5_ret_t kadm5_get_policies(void *server_handle,
char *exp, char ***pols,
int *count);
-#if USE_KADM5_API_VERSION > 1
kadm5_ret_t kadm5_free_key_data(void *server_handle,
krb5_int16 *n_key_data,
krb5_key_data *key_data);
-#endif
kadm5_ret_t kadm5_free_name_list(void *server_handle, char **names,
int count);
@@ -552,256 +486,6 @@ kadm5_ret_t kadm5_get_principal_keys(void *server_handle,
krb5_keyblock **keyblocks,
int *n_keys);
-#if USE_KADM5_API_VERSION == 1
-/*
- * OVSEC_KADM_API_VERSION_1 should be, if possible, compile-time
- * compatible with KADM5_API_VERSION_2. Basically, this means we have
- * to continue to provide all the old ovsec_kadm function and symbol
- * names.
- */
-
-#define OVSEC_KADM_ACLFILE "/krb5/ovsec_adm.acl"
-#define OVSEC_KADM_WORDFILE "/krb5/ovsec_adm.dict"
-
-#define OVSEC_KADM_ADMIN_SERVICE "ovsec_adm/admin"
-#define OVSEC_KADM_CHANGEPW_SERVICE "ovsec_adm/changepw"
-#define OVSEC_KADM_HIST_PRINCIPAL "ovsec_adm/history"
-
-typedef krb5_principal ovsec_kadm_princ_t;
-typedef krb5_keyblock ovsec_kadm_keyblock;
-typedef char *ovsec_kadm_policy_t;
-typedef long ovsec_kadm_ret_t;
-
-enum ovsec_kadm_salttype { OVSEC_KADM_SALT_V4, OVSEC_KADM_SALT_NORMAL };
-enum ovsec_kadm_saltmod { OVSEC_KADM_MOD_KEEP, OVSEC_KADM_MOD_V4, OVSEC_KADM_MOD_NORMAL };
-
-#define OVSEC_KADM_PW_FIRST_PROMPT \
- ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT))
-#define OVSEC_KADM_PW_SECOND_PROMPT \
- ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT))
-
-/*
- * Successful return code
- */
-#define OVSEC_KADM_OK 0
-
-/*
- * Create/Modify masks
- */
-/* principal */
-#define OVSEC_KADM_PRINCIPAL 0x000001
-#define OVSEC_KADM_PRINC_EXPIRE_TIME 0x000002
-#define OVSEC_KADM_PW_EXPIRATION 0x000004
-#define OVSEC_KADM_LAST_PWD_CHANGE 0x000008
-#define OVSEC_KADM_ATTRIBUTES 0x000010
-#define OVSEC_KADM_MAX_LIFE 0x000020
-#define OVSEC_KADM_MOD_TIME 0x000040
-#define OVSEC_KADM_MOD_NAME 0x000080
-#define OVSEC_KADM_KVNO 0x000100
-#define OVSEC_KADM_MKVNO 0x000200
-#define OVSEC_KADM_AUX_ATTRIBUTES 0x000400
-#define OVSEC_KADM_POLICY 0x000800
-#define OVSEC_KADM_POLICY_CLR 0x001000
-/* policy */
-#define OVSEC_KADM_PW_MAX_LIFE 0x004000
-#define OVSEC_KADM_PW_MIN_LIFE 0x008000
-#define OVSEC_KADM_PW_MIN_LENGTH 0x010000
-#define OVSEC_KADM_PW_MIN_CLASSES 0x020000
-#define OVSEC_KADM_PW_HISTORY_NUM 0x040000
-#define OVSEC_KADM_REF_COUNT 0x080000
-
-/*
- * permission bits
- */
-#define OVSEC_KADM_PRIV_GET 0x01
-#define OVSEC_KADM_PRIV_ADD 0x02
-#define OVSEC_KADM_PRIV_MODIFY 0x04
-#define OVSEC_KADM_PRIV_DELETE 0x08
-
-/*
- * API versioning constants
- */
-#define OVSEC_KADM_MASK_BITS 0xffffff00
-
-#define OVSEC_KADM_STRUCT_VERSION_MASK 0x12345600
-#define OVSEC_KADM_STRUCT_VERSION_1 (OVSEC_KADM_STRUCT_VERSION_MASK|0x01)
-#define OVSEC_KADM_STRUCT_VERSION OVSEC_KADM_STRUCT_VERSION_1
-
-#define OVSEC_KADM_API_VERSION_MASK 0x12345700
-#define OVSEC_KADM_API_VERSION_1 (OVSEC_KADM_API_VERSION_MASK|0x01)
-
-
-typedef struct _ovsec_kadm_principal_ent_t {
- krb5_principal principal;
- krb5_timestamp princ_expire_time;
- krb5_timestamp last_pwd_change;
- krb5_timestamp pw_expiration;
- krb5_deltat max_life;
- krb5_principal mod_name;
- krb5_timestamp mod_date;
- krb5_flags attributes;
- krb5_kvno kvno;
- krb5_kvno mkvno;
- char *policy;
- long aux_attributes;
-} ovsec_kadm_principal_ent_rec, *ovsec_kadm_principal_ent_t;
-
-typedef struct _ovsec_kadm_policy_ent_t {
- char *policy;
- long pw_min_life;
- long pw_max_life;
- long pw_min_length;
- long pw_min_classes;
- long pw_history_num;
- long policy_refcnt;
-} ovsec_kadm_policy_ent_rec, *ovsec_kadm_policy_ent_t;
-
-/*
- * functions
- */
-ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *pass,
- char *service_name, char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle);
-ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name,
- char *pass,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char ** db_args,
- void **server_handle);
-ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name,
- char *keytab,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle);
-ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle);
-ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle);
-ovsec_kadm_ret_t ovsec_kadm_create_principal(void *server_handle,
- ovsec_kadm_principal_ent_t ent,
- long mask, char *pass);
-ovsec_kadm_ret_t ovsec_kadm_delete_principal(void *server_handle,
- krb5_principal principal);
-ovsec_kadm_ret_t ovsec_kadm_modify_principal(void *server_handle,
- ovsec_kadm_principal_ent_t ent,
- long mask);
-ovsec_kadm_ret_t ovsec_kadm_rename_principal(void *server_handle,
- krb5_principal,krb5_principal);
-ovsec_kadm_ret_t ovsec_kadm_get_principal(void *server_handle,
- krb5_principal principal,
- ovsec_kadm_principal_ent_t *ent);
-ovsec_kadm_ret_t ovsec_kadm_chpass_principal(void *server_handle,
- krb5_principal principal,
- char *pass);
-ovsec_kadm_ret_t ovsec_kadm_randkey_principal(void *server_handle,
- krb5_principal principal,
- krb5_keyblock **keyblock);
-ovsec_kadm_ret_t ovsec_kadm_create_policy(void *server_handle,
- ovsec_kadm_policy_ent_t ent,
- long mask);
-/*
- * ovsec_kadm_create_policy_internal is not part of the supported,
- * exposed API. It is available only in the server library, and you
- * shouldn't use it unless you know why it's there and how it's
- * different from ovsec_kadm_create_policy.
- */
-ovsec_kadm_ret_t ovsec_kadm_create_policy_internal(void *server_handle,
- ovsec_kadm_policy_ent_t
- entry, long mask);
-ovsec_kadm_ret_t ovsec_kadm_delete_policy(void *server_handle,
- ovsec_kadm_policy_t policy);
-ovsec_kadm_ret_t ovsec_kadm_modify_policy(void *server_handle,
- ovsec_kadm_policy_ent_t ent,
- long mask);
-/*
- * ovsec_kadm_modify_policy_internal is not part of the supported,
- * exposed API. It is available only in the server library, and you
- * shouldn't use it unless you know why it's there and how it's
- * different from ovsec_kadm_modify_policy.
- */
-ovsec_kadm_ret_t ovsec_kadm_modify_policy_internal(void *server_handle,
- ovsec_kadm_policy_ent_t
- entry, long mask);
-ovsec_kadm_ret_t ovsec_kadm_get_policy(void *server_handle,
- ovsec_kadm_policy_t policy,
- ovsec_kadm_policy_ent_t *ent);
-ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle,
- long *privs);
-
-ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle,
- krb5_principal princ,
- char *new_pw,
- char **ret_pw,
- char *msg_ret);
-
-ovsec_kadm_ret_t ovsec_kadm_free_principal_ent(void *server_handle,
- ovsec_kadm_principal_ent_t
- ent);
-ovsec_kadm_ret_t ovsec_kadm_free_policy_ent(void *server_handle,
- ovsec_kadm_policy_ent_t ent);
-
-ovsec_kadm_ret_t ovsec_kadm_free_name_list(void *server_handle,
- char **names, int count);
-
-ovsec_kadm_ret_t ovsec_kadm_get_principals(void *server_handle,
- char *exp, char ***princs,
- int *count);
-
-ovsec_kadm_ret_t ovsec_kadm_get_policies(void *server_handle,
- char *exp, char ***pols,
- int *count);
-
-#define OVSEC_KADM_FAILURE KADM5_FAILURE
-#define OVSEC_KADM_AUTH_GET KADM5_AUTH_GET
-#define OVSEC_KADM_AUTH_ADD KADM5_AUTH_ADD
-#define OVSEC_KADM_AUTH_MODIFY KADM5_AUTH_MODIFY
-#define OVSEC_KADM_AUTH_DELETE KADM5_AUTH_DELETE
-#define OVSEC_KADM_AUTH_INSUFFICIENT KADM5_AUTH_INSUFFICIENT
-#define OVSEC_KADM_BAD_DB KADM5_BAD_DB
-#define OVSEC_KADM_DUP KADM5_DUP
-#define OVSEC_KADM_RPC_ERROR KADM5_RPC_ERROR
-#define OVSEC_KADM_NO_SRV KADM5_NO_SRV
-#define OVSEC_KADM_BAD_HIST_KEY KADM5_BAD_HIST_KEY
-#define OVSEC_KADM_NOT_INIT KADM5_NOT_INIT
-#define OVSEC_KADM_UNK_PRINC KADM5_UNK_PRINC
-#define OVSEC_KADM_UNK_POLICY KADM5_UNK_POLICY
-#define OVSEC_KADM_BAD_MASK KADM5_BAD_MASK
-#define OVSEC_KADM_BAD_CLASS KADM5_BAD_CLASS
-#define OVSEC_KADM_BAD_LENGTH KADM5_BAD_LENGTH
-#define OVSEC_KADM_BAD_POLICY KADM5_BAD_POLICY
-#define OVSEC_KADM_BAD_PRINCIPAL KADM5_BAD_PRINCIPAL
-#define OVSEC_KADM_BAD_AUX_ATTR KADM5_BAD_AUX_ATTR
-#define OVSEC_KADM_BAD_HISTORY KADM5_BAD_HISTORY
-#define OVSEC_KADM_BAD_MIN_PASS_LIFE KADM5_BAD_MIN_PASS_LIFE
-#define OVSEC_KADM_PASS_Q_TOOSHORT KADM5_PASS_Q_TOOSHORT
-#define OVSEC_KADM_PASS_Q_CLASS KADM5_PASS_Q_CLASS
-#define OVSEC_KADM_PASS_Q_DICT KADM5_PASS_Q_DICT
-#define OVSEC_KADM_PASS_REUSE KADM5_PASS_REUSE
-#define OVSEC_KADM_PASS_TOOSOON KADM5_PASS_TOOSOON
-#define OVSEC_KADM_POLICY_REF KADM5_POLICY_REF
-#define OVSEC_KADM_INIT KADM5_INIT
-#define OVSEC_KADM_BAD_PASSWORD KADM5_BAD_PASSWORD
-#define OVSEC_KADM_PROTECT_PRINCIPAL KADM5_PROTECT_PRINCIPAL
-#define OVSEC_KADM_BAD_SERVER_HANDLE KADM5_BAD_SERVER_HANDLE
-#define OVSEC_KADM_BAD_STRUCT_VERSION KADM5_BAD_STRUCT_VERSION
-#define OVSEC_KADM_OLD_STRUCT_VERSION KADM5_OLD_STRUCT_VERSION
-#define OVSEC_KADM_NEW_STRUCT_VERSION KADM5_NEW_STRUCT_VERSION
-#define OVSEC_KADM_BAD_API_VERSION KADM5_BAD_API_VERSION
-#define OVSEC_KADM_OLD_LIB_API_VERSION KADM5_OLD_LIB_API_VERSION
-#define OVSEC_KADM_OLD_SERVER_API_VERSION KADM5_OLD_SERVER_API_VERSION
-#define OVSEC_KADM_NEW_LIB_API_VERSION KADM5_NEW_LIB_API_VERSION
-#define OVSEC_KADM_NEW_SERVER_API_VERSION KADM5_NEW_SERVER_API_VERSION
-#define OVSEC_KADM_SECURE_PRINC_MISSING KADM5_SECURE_PRINC_MISSING
-#define OVSEC_KADM_NO_RENAME_SALT KADM5_NO_RENAME_SALT
-
-#endif /* USE_KADM5_API_VERSION == 1 */
-
KADM5INT_END_DECLS
#endif /* __KADM5_ADMIN_H__ */
diff --git a/src/lib/kadm5/admin_internal.h b/src/lib/kadm5/admin_internal.h
index 6a9d31b..69e7bd6 100644
--- a/src/lib/kadm5/admin_internal.h
+++ b/src/lib/kadm5/admin_internal.h
@@ -29,7 +29,7 @@
if ((srvr->api_version & KADM5_MASK_BITS) != \
KADM5_API_VERSION_MASK) \
return KADM5_BAD_API_VERSION; \
- if (srvr->api_version < KADM5_API_VERSION_1) \
+ if (srvr->api_version < KADM5_API_VERSION_2) \
return old_api_version; \
if (srvr->api_version > KADM5_API_VERSION_2) \
return new_api_version; \
diff --git a/src/lib/kadm5/chpass_util_strings.et b/src/lib/kadm5/chpass_util_strings.et
index c65010a..d2c4c3d 100644
--- a/src/lib/kadm5/chpass_util_strings.et
+++ b/src/lib/kadm5/chpass_util_strings.et
@@ -1,4 +1,4 @@
-# this is really a string table for ovsec_kadm_chpass_principal_util
+# this is really a string table for chpass_principal_util
error_table ovku
diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c
index 4395453..4ebd1b7 100644
--- a/src/lib/kadm5/clnt/client_init.c
+++ b/src/lib/kadm5/clnt/client_init.c
@@ -231,20 +231,10 @@ static kadm5_ret_t _kadm5_init_any(char *client_name,
* empty mask, and behave like version 2.
*/
memset(&params_local, 0, sizeof(params_local));
- if (api_version == KADM5_API_VERSION_1) {
- realm = params_local.realm = (char *) params_in;
- if (params_in)
- params_local.mask = KADM5_CONFIG_REALM;
-
- /* Use old AUTH_GSSAPI for version 1 protocol. */
- params_local.mask |= KADM5_CONFIG_OLD_AUTH_GSSAPI;
- params_in = &params_local;
- } else {
- if (params_in && (params_in->mask & KADM5_CONFIG_REALM))
- realm = params_in->realm;
- else
- realm = NULL;
- }
+ if (params_in && (params_in->mask & KADM5_CONFIG_REALM))
+ realm = params_in->realm;
+ else
+ realm = NULL;
#if 0 /* Since KDC config params can now be put in krb5.conf, these
could show up even when you're just using the remote kadmin
diff --git a/src/lib/kadm5/clnt/client_principal.c b/src/lib/kadm5/clnt/client_principal.c
index 51135f4..56ad512 100644
--- a/src/lib/kadm5/clnt/client_principal.c
+++ b/src/lib/kadm5/clnt/client_principal.c
@@ -43,22 +43,8 @@ kadm5_create_principal(void *server_handle,
if(princ == NULL)
return EINVAL;
- if (handle->api_version == KADM5_API_VERSION_1) {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
- } else {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
- }
- if (handle->api_version == KADM5_API_VERSION_1) {
- /*
- * hack hack cough cough.
- * krb5_unparse name dumps core if we pass it in garbage
- * or null. So, since the client is not allowed to set mod_name
- * anyway, we just fill it in with a dummy principal. The server of
- * course ignores this.
- */
- krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
- } else
- arg.rec.mod_name = NULL;
+ memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
+ arg.rec.mod_name = NULL;
if(!(mask & KADM5_POLICY))
arg.rec.policy = NULL;
@@ -73,9 +59,6 @@ kadm5_create_principal(void *server_handle,
r = create_principal_2(&arg, handle->clnt);
- if (handle->api_version == KADM5_API_VERSION_1)
- krb5_free_principal(handle->context, arg.rec.mod_name);
-
if(r == NULL)
eret();
return r->code;
@@ -104,22 +87,8 @@ kadm5_create_principal_3(void *server_handle,
if(princ == NULL)
return EINVAL;
- if (handle->api_version == KADM5_API_VERSION_1) {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
- } else {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
- }
- if (handle->api_version == KADM5_API_VERSION_1) {
- /*
- * hack hack cough cough.
- * krb5_unparse name dumps core if we pass it in garbage
- * or null. So, since the client is not allowed to set mod_name
- * anyway, we just fill it in with a dummy principal. The server of
- * course ignores this.
- */
- krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
- } else
- arg.rec.mod_name = NULL;
+ memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
+ arg.rec.mod_name = NULL;
if(!(mask & KADM5_POLICY))
arg.rec.policy = NULL;
@@ -134,9 +103,6 @@ kadm5_create_principal_3(void *server_handle,
r = create_principal3_2(&arg, handle->clnt);
- if (handle->api_version == KADM5_API_VERSION_1)
- krb5_free_principal(handle->context, arg.rec.mod_name);
-
if(r == NULL)
eret();
return r->code;
@@ -174,17 +140,9 @@ kadm5_modify_principal(void *server_handle,
memset(&arg, 0, sizeof(arg));
arg.mask = mask;
arg.api_version = handle->api_version;
- /*
- * cough cough gag gag
- * see comment in create_principal.
- */
if(princ == NULL)
return EINVAL;
- if (handle->api_version == KADM5_API_VERSION_1) {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
- } else {
- memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
- }
+ memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
if(!(mask & KADM5_POLICY))
arg.rec.policy = NULL;
if (! (mask & KADM5_KEY_DATA)) {
@@ -196,19 +154,10 @@ kadm5_modify_principal(void *server_handle,
arg.rec.tl_data = NULL;
}
- if (handle->api_version == KADM5_API_VERSION_1) {
- /*
- * See comment in create_principal
- */
- krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
- } else
- arg.rec.mod_name = NULL;
+ arg.rec.mod_name = NULL;
r = modify_principal_2(&arg, handle->clnt);
- if (handle->api_version == KADM5_API_VERSION_1)
- krb5_free_principal(handle->context, arg.rec.mod_name);
-
if(r == NULL)
eret();
return r->code;
@@ -228,33 +177,13 @@ kadm5_get_principal(void *server_handle,
if(princ == NULL)
return EINVAL;
arg.princ = princ;
- if (handle->api_version == KADM5_API_VERSION_1)
- arg.mask = KADM5_PRINCIPAL_NORMAL_MASK;
- else
- arg.mask = mask;
+ arg.mask = mask;
arg.api_version = handle->api_version;
r = get_principal_2(&arg, handle->clnt);
if(r == NULL)
eret();
- if (handle->api_version == KADM5_API_VERSION_1) {
- kadm5_principal_ent_t_v1 *entp;
-
- entp = (kadm5_principal_ent_t_v1 *) ent;
- if (r->code == 0) {
- if (!(*entp = (kadm5_principal_ent_t_v1)
- malloc(sizeof(kadm5_principal_ent_rec_v1))))
- return ENOMEM;
- /* this memcpy works because the v1 structure is an initial
- subset of the v2 struct. C guarantees that this will
- result in the same layout in memory */
- memcpy(*entp, &r->rec, sizeof(**entp));
- } else {
- *entp = NULL;
- }
- } else {
- if (r->code == 0)
- memcpy(ent, &r->rec, sizeof(r->rec));
- }
+ if (r->code == 0)
+ memcpy(ent, &r->rec, sizeof(r->rec));
return r->code;
}
@@ -460,29 +389,23 @@ kadm5_randkey_principal_3(void *server_handle,
r = chrand_principal3_2(&arg, handle->clnt);
if(r == NULL)
eret();
- if (handle->api_version == KADM5_API_VERSION_1) {
- if (key)
- krb5_copy_keyblock(handle->context, &r->key, key);
- } else {
- if (n_keys)
- *n_keys = r->n_keys;
- if (key) {
- if(r->n_keys) {
- *key = (krb5_keyblock *)
- malloc(r->n_keys*sizeof(krb5_keyblock));
- if (*key == NULL)
- return ENOMEM;
- for (i = 0; i < r->n_keys; i++) {
- ret = krb5_copy_keyblock_contents(handle->context,
- &r->keys[i],
- &(*key)[i]);
- if (ret) {
- free(*key);
- return ENOMEM;
- }
- }
- } else *key = NULL;
- }
+ if (n_keys)
+ *n_keys = r->n_keys;
+ if (key) {
+ if(r->n_keys) {
+ *key = malloc(r->n_keys * sizeof(krb5_keyblock));
+ if (*key == NULL)
+ return ENOMEM;
+ for (i = 0; i < r->n_keys; i++) {
+ ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i],
+ &(*key)[i]);
+ if (ret) {
+ free(*key);
+ return ENOMEM;
+ }
+ }
+ } else
+ *key = NULL;
}
return r->code;
@@ -508,29 +431,23 @@ kadm5_randkey_principal(void *server_handle,
r = chrand_principal_2(&arg, handle->clnt);
if(r == NULL)
eret();
- if (handle->api_version == KADM5_API_VERSION_1) {
- if (key)
- krb5_copy_keyblock(handle->context, &r->key, key);
- } else {
- if (n_keys)
- *n_keys = r->n_keys;
- if (key) {
- if(r->n_keys) {
- *key = (krb5_keyblock *)
- malloc(r->n_keys*sizeof(krb5_keyblock));
- if (*key == NULL)
- return ENOMEM;
- for (i = 0; i < r->n_keys; i++) {
- ret = krb5_copy_keyblock_contents(handle->context,
- &r->keys[i],
- &(*key)[i]);
- if (ret) {
- free(*key);
- return ENOMEM;
- }
- }
- } else *key = NULL;
- }
+ if (n_keys)
+ *n_keys = r->n_keys;
+ if (key) {
+ if(r->n_keys) {
+ *key = malloc(r->n_keys * sizeof(krb5_keyblock));
+ if (*key == NULL)
+ return ENOMEM;
+ for (i = 0; i < r->n_keys; i++) {
+ ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i],
+ &(*key)[i]);
+ if (ret) {
+ free(*key);
+ return ENOMEM;
+ }
+ }
+ } else
+ *key = NULL;
}
return r->code;
diff --git a/src/lib/kadm5/clnt/clnt_policy.c b/src/lib/kadm5/clnt/clnt_policy.c
index 6877ec3..fc91245 100644
--- a/src/lib/kadm5/clnt/clnt_policy.c
+++ b/src/lib/kadm5/clnt/clnt_policy.c
@@ -103,22 +103,8 @@ kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent)
r = get_policy_2(&arg, handle->clnt);
if(r == NULL)
return KADM5_RPC_ERROR;
- if (handle->api_version == KADM5_API_VERSION_1) {
- kadm5_policy_ent_t *entp;
-
- entp = (kadm5_policy_ent_t *) ent;
- if(r->code == 0) {
- if (!(*entp = (kadm5_policy_ent_t)
- malloc(sizeof(kadm5_policy_ent_rec))))
- return ENOMEM;
- memcpy(*entp, &r->rec, sizeof(**entp));
- } else {
- *entp = NULL;
- }
- } else {
- if (r->code == 0)
- memcpy(ent, &r->rec, sizeof(r->rec));
- }
+ if (r->code == 0)
+ memcpy(ent, &r->rec, sizeof(r->rec));
return r->code;
}
diff --git a/src/lib/kadm5/clnt/libkadm5clnt.exports b/src/lib/kadm5/clnt/libkadm5clnt.exports
index 7f11f32..6174847 100644
--- a/src/lib/kadm5/clnt/libkadm5clnt.exports
+++ b/src/lib/kadm5/clnt/libkadm5clnt.exports
@@ -58,29 +58,6 @@ krb5_klog_syslog
krb5_read_realm_params
krb5_string_to_flags
krb5_string_to_keysalts
-ovsec_kadm_chpass_principal
-ovsec_kadm_chpass_principal_util
-ovsec_kadm_create_policy
-ovsec_kadm_create_principal
-ovsec_kadm_delete_policy
-ovsec_kadm_delete_principal
-ovsec_kadm_destroy
-ovsec_kadm_flush
-ovsec_kadm_free_name_list
-ovsec_kadm_free_policy_ent
-ovsec_kadm_free_principal_ent
-ovsec_kadm_get_policies
-ovsec_kadm_get_policy
-ovsec_kadm_get_principal
-ovsec_kadm_get_principals
-ovsec_kadm_get_privs
-ovsec_kadm_init
-ovsec_kadm_init_with_password
-ovsec_kadm_init_with_skey
-ovsec_kadm_modify_policy
-ovsec_kadm_modify_principal
-ovsec_kadm_randkey_principal
-ovsec_kadm_rename_principal
xdr_chpass3_arg
xdr_chpass_arg
xdr_chrand3_arg
@@ -103,7 +80,6 @@ xdr_gprincs_arg
xdr_gprincs_ret
xdr_kadm5_policy_ent_rec
xdr_kadm5_principal_ent_rec
-xdr_kadm5_principal_ent_rec_v1
xdr_kadm5_ret_t
xdr_krb5_deltat
xdr_krb5_enctype
diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
index 4e9e408..c357dbf 100644
--- a/src/lib/kadm5/kadm_rpc_xdr.c
+++ b/src/lib/kadm5/kadm_rpc_xdr.c
@@ -380,12 +380,6 @@ xdr_kadm5_ret_t(XDR *xdrs, kadm5_ret_t *objp)
return (TRUE);
}
-bool_t xdr_kadm5_principal_ent_rec_v1(XDR *xdrs,
- kadm5_principal_ent_rec *objp)
-{
- return _xdr_kadm5_principal_ent_rec(xdrs, objp, KADM5_API_VERSION_1);
-}
-
bool_t xdr_kadm5_principal_ent_rec(XDR *xdrs,
kadm5_principal_ent_rec *objp)
{
@@ -413,15 +407,9 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp,
if (!xdr_krb5_deltat(xdrs, &objp->max_life)) {
return (FALSE);
}
- if (v == KADM5_API_VERSION_1) {
- if (!xdr_krb5_principal(xdrs, &objp->mod_name)) {
- return (FALSE);
- }
- } else {
- if (!xdr_nulltype(xdrs, (void **) &objp->mod_name,
- xdr_krb5_principal)) {
- return (FALSE);
- }
+ if (!xdr_nulltype(xdrs, (void **) &objp->mod_name,
+ xdr_krb5_principal)) {
+ return (FALSE);
}
if (!xdr_krb5_timestamp(xdrs, &objp->mod_date)) {
return (FALSE);
@@ -441,35 +429,33 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp,
if (!xdr_long(xdrs, &objp->aux_attributes)) {
return (FALSE);
}
- if (v != KADM5_API_VERSION_1) {
- if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) {
- return (FALSE);
- }
- if (!xdr_krb5_timestamp(xdrs, &objp->last_success)) {
- return (FALSE);
- }
- if (!xdr_krb5_timestamp(xdrs, &objp->last_failed)) {
- return (FALSE);
- }
- if (!xdr_krb5_kvno(xdrs, &objp->fail_auth_count)) {
- return (FALSE);
- }
- if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) {
- return (FALSE);
- }
- if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) {
- return (FALSE);
- }
- if (!xdr_nulltype(xdrs, (void **) &objp->tl_data,
- xdr_krb5_tl_data)) {
- return FALSE;
- }
- n = objp->n_key_data;
- if (!xdr_array(xdrs, (caddr_t *) &objp->key_data,
- &n, ~0, sizeof(krb5_key_data),
- xdr_krb5_key_data_nocontents)) {
- return (FALSE);
- }
+ if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_timestamp(xdrs, &objp->last_success)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_timestamp(xdrs, &objp->last_failed)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_kvno(xdrs, &objp->fail_auth_count)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) {
+ return (FALSE);
+ }
+ if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) {
+ return (FALSE);
+ }
+ if (!xdr_nulltype(xdrs, (void **) &objp->tl_data,
+ xdr_krb5_tl_data)) {
+ return FALSE;
+ }
+ n = objp->n_key_data;
+ if (!xdr_array(xdrs, (caddr_t *) &objp->key_data,
+ &n, ~0, sizeof(krb5_key_data),
+ xdr_krb5_key_data_nocontents)) {
+ return (FALSE);
}
return (TRUE);
}
@@ -510,14 +496,8 @@ xdr_cprinc_arg(XDR *xdrs, cprinc_arg *objp)
if (!xdr_ui_4(xdrs, &objp->api_version)) {
return (FALSE);
}
- if (objp->api_version == KADM5_API_VERSION_1) {
- if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) {
- return (FALSE);
- }
- } else {
- if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
- return (FALSE);
- }
+ if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
+ return (FALSE);
}
if (!xdr_long(xdrs, &objp->mask)) {
return (FALSE);
@@ -534,14 +514,8 @@ xdr_cprinc3_arg(XDR *xdrs, cprinc3_arg *objp)
if (!xdr_ui_4(xdrs, &objp->api_version)) {
return (FALSE);
}
- if (objp->api_version == KADM5_API_VERSION_1) {
- if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) {
- return (FALSE);
- }
- } else {
- if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
- return (FALSE);
- }
+ if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
+ return (FALSE);
}
if (!xdr_long(xdrs, &objp->mask)) {
return (FALSE);
@@ -589,14 +563,8 @@ xdr_mprinc_arg(XDR *xdrs, mprinc_arg *objp)
if (!xdr_ui_4(xdrs, &objp->api_version)) {
return (FALSE);
}
- if (objp->api_version == KADM5_API_VERSION_1) {
- if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) {
- return (FALSE);
- }
- } else {
- if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
- return (FALSE);
- }
+ if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
+ return (FALSE);
}
if (!xdr_long(xdrs, &objp->mask)) {
return (FALSE);
@@ -796,19 +764,10 @@ xdr_chrand_ret(XDR *xdrs, chrand_ret *objp)
if (!xdr_kadm5_ret_t(xdrs, &objp->code)) {
return (FALSE);
}
- if (objp->api_version == KADM5_API_VERSION_1) {
- if(objp->code == KADM5_OK) {
- if (!xdr_krb5_keyblock(xdrs, &objp->key)) {
- return (FALSE);
- }
- }
- } else {
- if (objp->code == KADM5_OK) {
- if (!xdr_array(xdrs, (char **)&objp->keys, &objp->n_keys, ~0,
- sizeof(krb5_keyblock),
- xdr_krb5_keyblock))
- return FALSE;
- }
+ if (objp->code == KADM5_OK) {
+ if (!xdr_array(xdrs, (char **)&objp->keys, &objp->n_keys, ~0,
+ sizeof(krb5_keyblock), xdr_krb5_keyblock))
+ return FALSE;
}
return (TRUE);
@@ -823,8 +782,7 @@ xdr_gprinc_arg(XDR *xdrs, gprinc_arg *objp)
if (!xdr_krb5_principal(xdrs, &objp->princ)) {
return (FALSE);
}
- if ((objp->api_version > KADM5_API_VERSION_1) &&
- !xdr_long(xdrs, &objp->mask)) {
+ if (!xdr_long(xdrs, &objp->mask)) {
return FALSE;
}
@@ -841,15 +799,9 @@ xdr_gprinc_ret(XDR *xdrs, gprinc_ret *objp)
return (FALSE);
}
if(objp->code == KADM5_OK) {
- if (objp->api_version == KADM5_API_VERSION_1) {
- if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) {
- return (FALSE);
- }
- } else {
- if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
- return (FALSE);
- }
- }
+ if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) {
+ return (FALSE);
+ }
}
return (TRUE);
diff --git a/src/lib/kadm5/misc_free.c b/src/lib/kadm5/misc_free.c
index 9dc91b5..066bc73 100644
--- a/src/lib/kadm5/misc_free.c
+++ b/src/lib/kadm5/misc_free.c
@@ -18,12 +18,8 @@ kadm5_free_policy_ent(void *server_handle, kadm5_policy_ent_t val)
_KADM5_CHECK_HANDLE(server_handle);
- if(val) {
- if (val->policy)
- free(val->policy);
- if (handle->api_version == KADM5_API_VERSION_1)
- free(val);
- }
+ if (val)
+ free(val->policy);
return KADM5_OK;
}
@@ -74,42 +70,31 @@ kadm5_ret_t kadm5_free_key_data(void *server_handle,
}
kadm5_ret_t
-kadm5_free_principal_ent(void *server_handle,
- kadm5_principal_ent_t val)
+kadm5_free_principal_ent(void *server_handle, kadm5_principal_ent_t val)
{
- kadm5_server_handle_t handle = server_handle;
+ kadm5_server_handle_t handle = server_handle;
+ krb5_tl_data *tl;
int i;
_KADM5_CHECK_HANDLE(server_handle);
- if(val) {
- if(val->principal)
- krb5_free_principal(handle->context, val->principal);
- if(val->mod_name)
- krb5_free_principal(handle->context, val->mod_name);
- if(val->policy)
- free(val->policy);
- if (handle->api_version > KADM5_API_VERSION_1) {
- if (val->n_key_data) {
- for (i = 0; i < val->n_key_data; i++)
- krb5_free_key_data_contents(handle->context,
- &val->key_data[i]);
- free(val->key_data);
- }
- if (val->tl_data) {
- krb5_tl_data *tl;
-
- while (val->tl_data) {
- tl = val->tl_data->tl_data_next;
- free(val->tl_data->tl_data_contents);
- free(val->tl_data);
- val->tl_data = tl;
- }
- }
- }
-
- if (handle->api_version == KADM5_API_VERSION_1)
- free(val);
+ if (!val)
+ return KADM5_OK;
+
+ krb5_free_principal(handle->context, val->principal);
+ krb5_free_principal(handle->context, val->mod_name);
+ free(val->policy);
+ if (val->n_key_data) {
+ for (i = 0; i < val->n_key_data; i++)
+ krb5_free_key_data_contents(handle->context, &val->key_data[i]);
+ free(val->key_data);
+ }
+
+ while (val->tl_data) {
+ tl = val->tl_data->tl_data_next;
+ free(val->tl_data->tl_data_contents);
+ free(val->tl_data);
+ val->tl_data = tl;
}
return KADM5_OK;
}
diff --git a/src/lib/kadm5/ovsec_glue.c b/src/lib/kadm5/ovsec_glue.c
deleted file mode 100644
index a3ae6de..0000000
--- a/src/lib/kadm5/ovsec_glue.c
+++ /dev/null
@@ -1,194 +0,0 @@
-#define USE_KADM5_API_VERSION 1
-#include <kadm5/admin.h>
-#include <string.h>
-
-ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name, char *pass,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle)
-{
- return kadm5_init_with_password(client_name, pass, service_name,
- realm, struct_version, api_version, db_args,
- server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name, char *keytab,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle)
-{
- return kadm5_init_with_skey(client_name, keytab, service_name, realm,
- struct_version, api_version, db_args,
- server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *from_stash,
- char *service_name,
- char *realm,
- krb5_ui_4 struct_version,
- krb5_ui_4 api_version,
- char **db_args,
- void **server_handle)
-{
- return kadm5_init(client_name, from_stash, service_name,
- realm, struct_version, api_version, db_args,
- server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle)
-{
- return kadm5_destroy(server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle)
-{
- return kadm5_flush(server_handle);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_create_principal(void *server_handle,
- ovsec_kadm_principal_ent_t entry,
- long mask,
- char *password)
-{
- return kadm5_create_principal(server_handle,
- (kadm5_principal_ent_t)
- entry, mask, password);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_delete_principal(void *server_handle,
- krb5_principal principal)
-{
- return kadm5_delete_principal(server_handle, principal);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_modify_principal(void *server_handle,
- ovsec_kadm_principal_ent_t entry,
- long mask)
-{
- return kadm5_modify_principal(server_handle,
- (kadm5_principal_ent_t) entry, mask);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_rename_principal(void *server_handle,
- krb5_principal source,
- krb5_principal target)
-{
- return kadm5_rename_principal(server_handle, source, target);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_get_principal(void *server_handle,
- krb5_principal principal,
- ovsec_kadm_principal_ent_t *entry)
-{
- return kadm5_get_principal(server_handle, principal,
- (kadm5_principal_ent_t *) entry);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_chpass_principal(void *server_handle,
- krb5_principal principal,
- char *password)
-{
- return kadm5_chpass_principal(server_handle, principal, password);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle,
- krb5_principal princ,
- char *new_pw,
- char **ret_pw,
- char *msg_ret)
-{
- /* Oh crap. Can't change the API without bumping the API version... */
- memset(msg_ret, '\0', 1024);
- return kadm5_chpass_principal_util(server_handle, princ, new_pw,
- ret_pw, msg_ret, 1024);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_randkey_principal(void *server_handle,
- krb5_principal principal,
- krb5_keyblock **key)
-{
- return kadm5_randkey_principal(server_handle, principal, key);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_create_policy(void *server_handle,
- ovsec_kadm_policy_ent_t entry,
- long mask)
-{
- return kadm5_create_policy(server_handle,
- (kadm5_policy_ent_t) entry, mask);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_delete_policy(void *server_handle,
- ovsec_kadm_policy_t name)
-{
- return kadm5_delete_policy(server_handle, (kadm5_policy_t) name);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_modify_policy(void *server_handle,
- ovsec_kadm_policy_ent_t entry,
- long mask)
-{
- return kadm5_modify_policy(server_handle,
- (kadm5_policy_ent_t) entry, mask);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_get_policy(void *server_handle,
- ovsec_kadm_policy_t name,
- ovsec_kadm_policy_ent_t *entry)
-{
- return kadm5_get_policy(server_handle, (kadm5_policy_t) name,
- (kadm5_policy_ent_t *) entry);
-}
-
-
-ovsec_kadm_ret_t ovsec_kadm_free_policy_ent(void *server_handle,
- ovsec_kadm_policy_ent_t val)
-{
- return kadm5_free_policy_ent(server_handle, (kadm5_policy_ent_t) val);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_free_name_list(void *server_handle,
- char **names, int count)
-{
- return kadm5_free_name_list(server_handle, names, count);
-}
-
-ovsec_kadm_ret_t
-ovsec_kadm_free_principal_ent(void *server_handle,
- ovsec_kadm_principal_ent_t val)
-{
- return kadm5_free_principal_ent(server_handle,
- (kadm5_principal_ent_t) val);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle, long *privs)
-{
- return kadm5_get_privs(server_handle, privs);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_get_principals(void *server_handle,
- char *exp,
- char ***princs,
- int *count)
-{
- return kadm5_get_principals(server_handle, exp, princs, count);
-}
-
-ovsec_kadm_ret_t ovsec_kadm_get_policies(void *server_handle,
- char *exp,
- char ***pols,
- int *count)
-{
- return kadm5_get_policies(server_handle, exp, pols, count);
-}
-
diff --git a/src/lib/kadm5/srv/libkadm5srv.exports b/src/lib/kadm5/srv/libkadm5srv.exports
index 545d43b..35745be 100644
--- a/src/lib/kadm5/srv/libkadm5srv.exports
+++ b/src/lib/kadm5/srv/libkadm5srv.exports
@@ -90,29 +90,6 @@ master_keyblock
master_keylist
master_princ
osa_free_princ_ent
-ovsec_kadm_chpass_principal
-ovsec_kadm_chpass_principal_util
-ovsec_kadm_create_policy
-ovsec_kadm_create_principal
-ovsec_kadm_delete_policy
-ovsec_kadm_delete_principal
-ovsec_kadm_destroy
-ovsec_kadm_flush
-ovsec_kadm_free_name_list
-ovsec_kadm_free_policy_ent
-ovsec_kadm_free_principal_ent
-ovsec_kadm_get_policies
-ovsec_kadm_get_policy
-ovsec_kadm_get_principal
-ovsec_kadm_get_principals
-ovsec_kadm_get_privs
-ovsec_kadm_init
-ovsec_kadm_init_with_password
-ovsec_kadm_init_with_skey
-ovsec_kadm_modify_policy
-ovsec_kadm_modify_principal
-ovsec_kadm_randkey_principal
-ovsec_kadm_rename_principal
passwd_check
xdr_chpass3_arg
xdr_chpass_arg
@@ -136,7 +113,6 @@ xdr_gprincs_arg
xdr_gprincs_ret
xdr_kadm5_policy_ent_rec
xdr_kadm5_principal_ent_rec
-xdr_kadm5_principal_ent_rec_v1
xdr_kadm5_ret_t
xdr_krb5_deltat
xdr_krb5_enctype
diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c
index 77a83ba..e41ecca 100644
--- a/src/lib/kadm5/srv/server_init.c
+++ b/src/lib/kadm5/srv/server_init.c
@@ -113,13 +113,11 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name,
void **server_handle)
{
/*
- * A program calling init_with_creds *never* expects to prompt the
- * user. Therefore, always pass a dummy password in case this is
- * KADM5_API_VERSION_1. If this is KADM5_API_VERSION_2 and
- * MKEY_FROM_KBD is non-zero, return an error.
+ * A program calling init_with_creds *never* expects to prompt
+ * the user. If this is KADM5_API_VERSION_2 and MKEY_FROM_KBD is
+ * non-zero, return an error.
*/
- if (api_version == KADM5_API_VERSION_2 && params &&
- (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
+ if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
params->mkey_from_kbd)
return KADM5_BAD_SERVER_PARAMS;
return kadm5_init(client_name, NULL, service_name, params,
@@ -138,12 +136,10 @@ kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
{
/*
* A program calling init_with_skey *never* expects to prompt the
- * user. Therefore, always pass a dummy password in case this is
- * KADM5_API_VERSION_1. If this is KADM5_API_VERSION_2 and
- * MKEY_FROM_KBD is non-zero, return an error.
+ * user. If this is KADM5_API_VERSION_2 and MKEY_FROM_KBD is
+ * non-zero, return an error.
*/
- if (api_version == KADM5_API_VERSION_2 && params &&
- (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
+ if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) &&
params->mkey_from_kbd)
return KADM5_BAD_SERVER_PARAMS;
return kadm5_init(client_name, NULL, service_name, params,
@@ -202,21 +198,11 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
KADM5_NEW_SERVER_API_VERSION);
/*
- * Acquire relevant profile entries. In version 2, merge values
+ * Acquire relevant profile entries. Merge values
* in params_in with values from profile, based on
* params_in->mask.
- *
- * In version 1, we've given a realm (which may be NULL) instead
- * of params_in. So use that realm, make params_in contain an
- * empty mask, and behave like version 2.
*/
memset(&params_local, 0, sizeof(params_local));
- if (api_version == KADM5_API_VERSION_1) {
- params_local.realm = (char *) params_in;
- if (params_in)
- params_local.mask = KADM5_CONFIG_REALM;
- params_in = &params_local;
- }
#if 0 /* Now that we look at krb5.conf as well as kdc.conf, we can
expect to see admin_server being set sometimes. */
@@ -311,29 +297,9 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
return ret;
}
- /*
- * The KADM5_API_VERSION_1 spec said "If pass (or keytab) is NULL
- * or an empty string, reads the master password from [the stash
- * file]. Otherwise, the non-NULL password is ignored and the
- * user is prompted for it via the tty." However, the code was
- * implemented the other way: when a non-NULL password was
- * provided, the stash file was used. This is somewhat more
- * sensible, as then a local or remote client that provides a
- * password does not prompt the user. This code maintains the
- * previous actual behavior, and not the old spec behavior,
- * because that is how the unit tests are written.
- *
- * In KADM5_API_VERSION_2, this decision is controlled by
- * params.
- *
- * kdb_init_master's third argument is "from_keyboard".
- */
ret = kdb_init_master(handle, handle->params.realm,
- (handle->api_version == KADM5_API_VERSION_1 ?
- ((pass == NULL) || !(strlen(pass))) :
- ((handle->params.mask & KADM5_CONFIG_MKEY_FROM_KBD)
- && handle->params.mkey_from_kbd)
- ));
+ (handle->params.mask & KADM5_CONFIG_MKEY_FROM_KBD)
+ && handle->params.mkey_from_kbd);
if (ret) {
krb5_db_fini(handle->context);
krb5_free_context(handle->context);
diff --git a/src/lib/kadm5/srv/svr_misc_free.c b/src/lib/kadm5/srv/svr_misc_free.c
index d203397..1c87f06 100644
--- a/src/lib/kadm5/srv/svr_misc_free.c
+++ b/src/lib/kadm5/srv/svr_misc_free.c
@@ -29,9 +29,6 @@ kadm5_free_principal_ent(void *server_handle,
free(val->policy);
/* XXX free key_data and tl_data */
-
- if (handle->api_version == KADM5_API_VERSION_1)
- free(val);
}
return KADM5_OK;
}
diff --git a/src/lib/kadm5/srv/svr_policy.c b/src/lib/kadm5/srv/svr_policy.c
index 7add671..5b7828c 100644
--- a/src/lib/kadm5/srv/svr_policy.c
+++ b/src/lib/kadm5/srv/svr_policy.c
@@ -258,7 +258,6 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name,
kadm5_policy_ent_t entry)
{
osa_policy_ent_t t;
- kadm5_policy_ent_rec entry_local, **entry_orig, *new;
int ret;
kadm5_server_handle_t handle = server_handle;
int cnt=1;
@@ -267,16 +266,6 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name,
krb5_clear_error_message(handle->context);
- /*
- * In version 1, entry is a pointer to a kadm5_policy_ent_t that
- * should be filled with allocated memory.
- */
- if (handle->api_version == KADM5_API_VERSION_1) {
- entry_orig = (kadm5_policy_ent_rec **) entry;
- *entry_orig = NULL;
- entry = &entry_local;
- }
-
if (name == (kadm5_policy_t) NULL)
return EINVAL;
if(strlen(name) == 0)
@@ -299,16 +288,5 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name,
entry->policy_refcnt = t->policy_refcnt;
krb5_db_free_policy(handle->context, t);
- if (handle->api_version == KADM5_API_VERSION_1) {
- new = (kadm5_policy_ent_t) malloc(sizeof(kadm5_policy_ent_rec));
- if (new == NULL) {
- free(entry->policy);
- krb5_db_free_policy(handle->context, t);
- return ENOMEM;
- }
- *new = *entry;
- *entry_orig = new;
- }
-
return KADM5_OK;
}
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index 4ee842f..63f6aea 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -745,7 +745,6 @@ kadm5_get_principal(void *server_handle, krb5_principal principal,
long mask;
int i;
kadm5_server_handle_t handle = server_handle;
- kadm5_principal_ent_rec entry_local, *entry_orig;
CHECK_HANDLE(server_handle);
@@ -756,13 +755,7 @@ kadm5_get_principal(void *server_handle, krb5_principal principal,
* entry is a pointer to a kadm5_principal_ent_t_v1 that should be
* filled with allocated memory.
*/
- if (handle->api_version == KADM5_API_VERSION_1) {
- mask = KADM5_PRINCIPAL_NORMAL_MASK;
- entry_orig = entry;
- entry = &entry_local;
- } else {
- mask = in_mask;
- }
+ mask = in_mask;
memset(entry, 0, sizeof(*entry));
@@ -833,102 +826,51 @@ kadm5_get_principal(void *server_handle, krb5_principal principal,
if (ret)
goto done;
- /*
- * It's my understanding that KADM5_API_VERSION_1 is for OpenVision admin
- * system compatiblity and is not required to maintain at this point so I'm
- * commenting out this code.
- * -- Will Fiveash
- */
-#if 0 /************** Begin IFDEF'ed OUT *******************************/
- if (handle->api_version == KADM5_API_VERSION_2)
- entry->mkvno = 0;
- else {
- /* XXX I'll be damned if I know how to deal with this one --marc */
- entry->mkvno = 1;
- }
-#endif /**************** END IFDEF'ed OUT *******************************/
-
- /*
- * The new fields that only exist in version 2 start here
- */
- if (handle->api_version == KADM5_API_VERSION_2) {
- if (mask & KADM5_MAX_RLIFE)
- entry->max_renewable_life = kdb.max_renewable_life;
- if (mask & KADM5_LAST_SUCCESS)
- entry->last_success = kdb.last_success;
- if (mask & KADM5_LAST_FAILED)
- entry->last_failed = kdb.last_failed;
- if (mask & KADM5_FAIL_AUTH_COUNT)
- entry->fail_auth_count = kdb.fail_auth_count;
- if (mask & KADM5_TL_DATA) {
- krb5_tl_data *tl, *tl2;
-
- entry->tl_data = NULL;
-
- tl = kdb.tl_data;
- while (tl) {
- if (tl->tl_data_type > 255) {
- if ((tl2 = dup_tl_data(tl)) == NULL) {
- ret = ENOMEM;
- goto done;
- }
- tl2->tl_data_next = entry->tl_data;
- entry->tl_data = tl2;
- entry->n_tl_data++;
- }
+ if (mask & KADM5_MAX_RLIFE)
+ entry->max_renewable_life = kdb.max_renewable_life;
+ if (mask & KADM5_LAST_SUCCESS)
+ entry->last_success = kdb.last_success;
+ if (mask & KADM5_LAST_FAILED)
+ entry->last_failed = kdb.last_failed;
+ if (mask & KADM5_FAIL_AUTH_COUNT)
+ entry->fail_auth_count = kdb.fail_auth_count;
+ if (mask & KADM5_TL_DATA) {
+ krb5_tl_data *tl, *tl2;
- tl = tl->tl_data_next;
- }
- }
- if (mask & KADM5_KEY_DATA) {
- entry->n_key_data = kdb.n_key_data;
- if(entry->n_key_data) {
- entry->key_data = (krb5_key_data *)
- malloc(entry->n_key_data*sizeof(krb5_key_data));
- if (entry->key_data == NULL) {
- ret = ENOMEM;
- goto done;
- }
- } else
- entry->key_data = NULL;
-
- for (i = 0; i < entry->n_key_data; i++)
- ret = krb5_copy_key_data_contents(handle->context,
- &kdb.key_data[i],
- &entry->key_data[i]);
- if (ret)
- goto done;
- }
- }
+ entry->tl_data = NULL;
- /*
- * If KADM5_API_VERSION_1, we return an allocated structure, and
- * we need to convert the new structure back into the format the
- * caller is expecting.
- */
- if (handle->api_version == KADM5_API_VERSION_1) {
- kadm5_principal_ent_t_v1 newv1;
+ tl = kdb.tl_data;
+ while (tl) {
+ if (tl->tl_data_type > 255) {
+ if ((tl2 = dup_tl_data(tl)) == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+ tl2->tl_data_next = entry->tl_data;
+ entry->tl_data = tl2;
+ entry->n_tl_data++;
+ }
- newv1 = ((kadm5_principal_ent_t_v1) calloc(1, sizeof(*newv1)));
- if (newv1 == NULL) {
- ret = ENOMEM;
- goto done;
- }
+ tl = tl->tl_data_next;
+ }
+ }
+ if (mask & KADM5_KEY_DATA) {
+ entry->n_key_data = kdb.n_key_data;
+ if(entry->n_key_data) {
+ entry->key_data = malloc(entry->n_key_data*sizeof(krb5_key_data));
+ if (entry->key_data == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+ } else
+ entry->key_data = NULL;
- newv1->principal = entry->principal;
- newv1->princ_expire_time = entry->princ_expire_time;
- newv1->last_pwd_change = entry->last_pwd_change;
- newv1->pw_expiration = entry->pw_expiration;
- newv1->max_life = entry->max_life;
- newv1->mod_name = entry->mod_name;
- newv1->mod_date = entry->mod_date;
- newv1->attributes = entry->attributes;
- newv1->kvno = entry->kvno;
- newv1->mkvno = entry->mkvno;
- newv1->policy = entry->policy;
- newv1->aux_attributes = entry->aux_attributes;
-
- *((kadm5_principal_ent_t_v1 *) entry_orig) = newv1;
+ for (i = 0; i < entry->n_key_data; i++)
+ ret = krb5_copy_key_data_contents(handle->context,
+ &kdb.key_data[i],
+ &entry->key_data[i]);
+ if (ret)
+ goto done;
}
ret = KADM5_OK;
@@ -1625,25 +1567,11 @@ kadm5_randkey_principal_3(void *server_handle,
goto done;
if (keyblocks) {
- if (handle->api_version == KADM5_API_VERSION_1) {
- /* Version 1 clients will expect to see a DES_CRC enctype. */
- ret = krb5_dbe_find_enctype(handle->context, &kdb,
- ENCTYPE_DES_CBC_CRC,
- -1, -1, &key_data);
- if (ret)
- goto done;
-
- ret = decrypt_key_data(handle->context, act_mkey, 1, key_data,
- keyblocks, NULL);
- if (ret)
- goto done;
- } else {
- ret = decrypt_key_data(handle->context, act_mkey,
- kdb.n_key_data, kdb.key_data,
- keyblocks, n_keys);
- if (ret)
- goto done;
- }
+ ret = decrypt_key_data(handle->context, act_mkey,
+ kdb.n_key_data, kdb.key_data,
+ keyblocks, n_keys);
+ if (ret)
+ goto done;
}
/* key data changed, let the database provider know */
@@ -2112,23 +2040,11 @@ kadm5_get_principal_keys(void *server_handle /* IN */,
}
}
- if (handle->api_version == KADM5_API_VERSION_1) {
- /* Version 1 clients will expect to see a DES_CRC enctype. */
- if ((ret = krb5_dbe_find_enctype(handle->context, &kdb,
- ENCTYPE_DES_CBC_CRC,
- -1, -1, &key_data)))
- goto done;
-
- if ((ret = decrypt_key_data(handle->context, mkey_ptr, 1, key_data,
- keyblocks, NULL)))
- goto done;
- } else {
- ret = decrypt_key_data(handle->context, mkey_ptr,
- kdb.n_key_data, kdb.key_data,
- keyblocks, n_keys);
- if (ret)
- goto done;
- }
+ ret = decrypt_key_data(handle->context, mkey_ptr,
+ kdb.n_key_data, kdb.key_data,
+ keyblocks, n_keys);
+ if (ret)
+ goto done;
}
ret = KADM5_OK;
diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/unit-test/Makefile.in
index 91729d7..8afe66a 100644
--- a/src/lib/kadm5/unit-test/Makefile.in
+++ b/src/lib/kadm5/unit-test/Makefile.in
@@ -2,7 +2,7 @@ thisconfigdir=../../..
myfulldir=lib/kadm5/unit-test
mydir=lib/kadm5/unit-test
BUILDTOP=$(REL)..$(S)..$(S)..
-DEFINES = -DUSE_KADM5_API_VERSION=1
+DEFINES =
PROG_LIBPATH=-L$(TOPLIBD)
PROG_RPATH=$(KRB5_LIBDIR)
KDB_DEP_LIB=$(DL_LIB) $(THREAD_LINKOPTS)
@@ -55,9 +55,6 @@ server-iter-test: iter-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o server-iter-test iter-test.o \
$(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
-setkey-test.o: $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c
- $(CC) $(ALL_CFLAGS) -UUSE_KADM5_API_VERSION -DUSE_KADM5_API_VERSION=2 -c $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c
-
server-setkey-test: setkey-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o server-setkey-test setkey-test.o \
$(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
diff --git a/src/lib/kadm5/unit-test/README.new-tests b/src/lib/kadm5/unit-test/README.new-tests
deleted file mode 100644
index d63ecc2..0000000
--- a/src/lib/kadm5/unit-test/README.new-tests
+++ /dev/null
@@ -1,12 +0,0 @@
-The deja-gnu unit tests in this directory are arranged as follows:
-
-api.0: original unit tests for the ovsec_kadm_api
-
-api.1: additional tests for ovsec_kadm_api that run after api.0
-
-api.2: Each file whose name is the same as a file in api.0 contains
-all of the same tests, but using the kadm5 with KADM5_API_VERSION_1.
-Each file with a -v2 suffix tests KADM5_API_VERSION_2-specific
-functionality. New tests should be added to the files in this
-directory, not api.0. Tests should be added to the lowest-numbered
-version file they apply to.
diff --git a/src/lib/kadm5/unit-test/api.0/chpass-principal.exp b/src/lib/kadm5/unit-test/api.0/chpass-principal.exp
deleted file mode 100644
index 93869f7..0000000
--- a/src/lib/kadm5/unit-test/api.0/chpass-principal.exp
+++ /dev/null
@@ -1,176 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "chpass-principal 180"
-proc test180 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_chpass_principal $server_handle "%s/a" FoobarBax
- } $test]
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test180 }
-
-test "chpass-principal 180.5"
-proc test1805 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_chpass_principal $server_handle "%s/a" FoobarBax
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test1805 }
-
-#
-# admin with changepw service tickets try to change other principals
-# password, failes with AUTH error
-test "chpass-principal 180.625"
-proc test180625 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_chpass_principal $server_handle "%s/a" password
- } $test] "AUTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test180625 }
-
-test "chpass-principal 180.75"
-proc test18075 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_chpass_principal $server_handle "%s/a" Foobar
- } $test] "AUTH_CHANGEPW"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test18075 }
-
-test "chpass-principal 182"
-proc test182 {} {
- global test
-
- if { ! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_chpass_principal $server_handle kadmin/history password
- } "PROTECT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test182
-
-test "chpass-principal 183"
-proc test183 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if { ! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_chpass_principal null "%s/a" password
- } $test] "BAD_SERVER_HANDLE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test183
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/crte-policy.exp b/src/lib/kadm5/unit-test/api.0/crte-policy.exp
deleted file mode 100644
index e2185c7..0000000
--- a/src/lib/kadm5/unit-test/api.0/crte-policy.exp
+++ /dev/null
@@ -1,956 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-# Description: (1) Fails for mask with undefined bit set.
-# 01/24/94: pshuang: untried.
-test "create-policy 1"
-proc test1 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- 0xF01000
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test1
-
-# Description: (2) Fails if caller connected with CHANGEPW_SERVICE.
-test "create-policy 2"
-proc test2 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy";
- return
- }
-}
-if {$RPC} { test2 }
-
-# Description: (3) Fails for mask without POLICY bit set.
-# 01/24/94: pshuang: untried.
-test "create-policy 3"
-proc test3 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- 0x000000
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3
-
-# Description: (4) Fails for mask with REF_COUNT bit set.
-test "create-policy 4"
-proc test4 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_REF_COUNT}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test4
-
-# Description: (5) Fails for invalid policy name.
-# 01/24/94: pshuang: untried.
-test "create-policy 5"
-proc test5 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/"] \
- {OVSEC_KADM_POLICY}
- } $test] "BAD_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-# Description: (6) Fails for existing policy name.
-test "create-policy 6"
-proc test6 {} {
- global test
-# set prms_id 777
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_policy $server_handle [simple_policy test-pol] \
- {OVSEC_KADM_POLICY}
- } "DUP"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test6
-
-# Description: (7) Fails for null policy name.
-# 01/24/94: pshuang: untried.
-test "create-policy 7"
-proc test7 {} {
- global test
-# set prms_id 1977
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_policy $server_handle [simple_policy null] \
- {OVSEC_KADM_POLICY}
- } "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test7
-
-# Description: (8) Fails for empty-string policy name.
-test "create-policy 8"
-proc test8 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_policy $server_handle [simple_policy ""] \
- {OVSEC_KADM_POLICY}
- } "BAD_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-# Description: (9) Accepts 0 for pw_min_life.
-test "create-policy 9"
-proc test9 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE}
- } $test]]} {
- fail "$test: create failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-# Description: (10) Accepts non-zero for pw_min_life.
-test "create-policy 10"
-proc test10 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 32 0 0 0 0 0 } \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-# Description: (11) Accepts 0 for pw_max_life.
-test "create-policy 11"
-proc test11 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MAX_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-# Description: (12) Accepts non-zero for pw_max_life.
-test "create-policy 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 32 0 0 0 0 } \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MAX_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-# Description: (13) Rejects 0 for pw_min_length.
-test "create-policy 13"
-proc test13 {} {
- global test
- global prompt
-
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH}
- } $test] "BAD_LENGTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-# Description: (14) Accepts non-zero for pw_min_length.
-test "create-policy 14"
-proc test14 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 8 0 0 0 } \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 3\n"
- expect {
- -re "8\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-# Description: (15) Rejects 0 for pw_min_classes.
-test "create-policy 15"
-proc test15 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-# Description: (16) Accepts 1 for pw_min_classes.
-test "create-policy 16"
-proc test16 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 1 0 0 } \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-# Description: (17) Accepts 4 for pw_min_classes.
-test "create-policy 17"
-proc test17 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 5 0 0} \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "5\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-# Description: (18) Rejects 5 for pw_min_classes.
-test "create-policy 18"
-proc test18 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 6 0 0} \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-# Description: (19) Rejects 0 for pw_history_num.
-test "create-policy 19"
-proc test19 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM}
- } $test] "BAD_HISTORY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-# Description: (20) Accepts 1 for pw_history_num.
-test "create-policy 20"
-proc test20 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 1 0} \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-# Description: (21) Accepts 10 for pw_history_num.
-test "create-policy 21"
-proc test21 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 10 0} \
- {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "10\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-# Description: (22) Fails for user with no access bits.
-test "create-policy 22"
-proc test22 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test22
-
-# Description: (23) Fails for user with "get" but not "add".
-test "create-policy 23"
-proc test23 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test23
-
-# Description: (24) Fails for user with "modify" but not "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 24"
-proc test24 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test24
-
-# Description: (25) Fails for user with "delete" but not "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 25"
-proc test25 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test25
-
-# Description: Succeeds for user with "add".
-test "create-policy 26"
-proc test26 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-# Description: Succeeds for user with "get" and "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 27"
-proc test27 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get-add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test27
-
-# Description: (28) Rejects null policy argument.
-# 01/24/94: pshuang: untried.
-test "create-policy 28"
-proc test28 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_policy $server_handle null {OVSEC_KADM_POLICY}
- } "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "create-policy 30"
-proc test30 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_create_policy null [simple_policy "%s/a"] \
- {OVSEC_KADM_POLICY}
- } $test] "BAD_SERVER_HANDLE"
-}
-test30
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/crte-principal.exp b/src/lib/kadm5/unit-test/api.0/crte-principal.exp
deleted file mode 100644
index 676a830..0000000
--- a/src/lib/kadm5/unit-test/api.0/crte-principal.exp
+++ /dev/null
@@ -1,1336 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-#test "create-principal 1"
-#
-#proc test1 {} {
-# global test
-# begin_dump
-# one_line_fail_test [format {
-# ovsec_kadm_create_principal $server_handle \
-# [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a"
-# } $test $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test1
-
-test "create-principal 2"
-
-proc test2 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_create_principal $server_handle null \
- {OVSEC_KADM_PRINCIPAL} testpass
- } "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test2
-
-test "create-principal 3"
-proc test3 {} {
- global test
-# set prms_id 777
-# setup_xfail {*-*-*} $prms_id
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} null
- } $test] "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test3
-
-test "create-principal 4"
-proc test4 {} {
- global test
-
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} ""
- } $test] "_Q_TOOSHORT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test4
-
-test "create-principal 5"
-proc test5 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [simple_principal "%s/a"] {0x100001} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test5
-
-test "create-principal 6"
-proc test6 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_LAST_PWD_CHANGE} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test6
-
-test "create-principal 7"
-proc test7 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MOD_TIME} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test7
-
-test "create-principal 8"
-proc test8 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MOD_NAME} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test8
-
-test "create-principal 9"
-proc test9 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MKVNO} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test9
-
-test "create-principal 10"
-proc test10 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_AUX_ATTRIBUTES} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test10
-
-test "create-principal 11"
-proc test11 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_POLICY_CLR} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test11
-
-test "create-principal 12"
-proc test12 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-
-}
-if {$RPC} { test12 }
-
-test "create-principal 13"
-proc test13 {} {
- global test
- begin_dump
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test13 }
-
-test "create-principal 14"
-proc test14 {} {
- global test
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test14 }
-
-test "create-principal 15"
-proc test15 {} {
- global test
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test15 }
-
-test "create-principal 16"
-proc test16 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test16 }
-
-test "create-principal 17"
-proc test17 {} {
- global test
-
- begin_dump
- if {! (( [principal_exists "$test/a"]) || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} testpass
- } $test] "DUP"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test17
-
-test "create-principal 18"
-proc test18 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} tP
- } $test] "_Q_TOOSHORT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test18
-
-test "create-principal 19"
-proc test19 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} testpassword
- } $test] "_Q_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test19
-
-test "create-principal 20"
-proc test20 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} Abyssinia
- } $test] "_Q_DICT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test20
-
-test "create-principal 21"
-proc test21 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" non-existant-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} NotinTheDictionary
- } $test] "UNK_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test21
-
-test "create-principal 23"
-proc test23 {} {
- global test
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- one_line_succeed_test \
- [format {ovsec_kadm_get_principal $server_handle "%s/a" p} $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test23
-
-test "create-principal 24"
-proc test24 {} {
- global test
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- one_line_succeed_test \
- [format {ovsec_kadm_get_principal $server_handle "%s/a" p} $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test24 }
-
-
-test "create-principal 28"
-proc test28 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "create-principal 29"
-proc test29 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PRINC_EXPIRE_TIME} \
- inTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 1\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test29
-
-test "create-principal 30"
-proc test30 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "create-principal 31"
-proc test31 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol-nopw] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "create-principal 32"
-proc test32 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
-
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 0 } {
- fail "$test: pw_expire $pw_expire should be 0"
- return
- } else {
- pass "$test"
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-perror"$test: unexpected failure in destroy"
- return
- }
-}
-test32
-
-test "create-principal 33"
-proc test33 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
-perror"$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- {"%s/a" 0 0 1234 0 null 0 0 0 0 null 0} \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test33
-
-test "create-principal 34"
-proc test34 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- { "%s/a" 0 0 1234 0 null 0 0 0 0 test-pol-nopw 0} \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test34
-
-test "create-principal 35"
-proc test35 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- {"%s/a" 0 0 1234 0 null 0 0 0 0 test-pol 0} \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test35
-
-test "create-principal 36"
-proc test36 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle \
- {"%s/a" 0 0 999999999 0 null 0 0 0 0 test-pol 0} \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \
- OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy} ]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
-
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 999999999 } {
- fail "$test: pw_expire $pw_expire should be 999999999"
- return
- } else {
- pass "$test"
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-perror"$test: unexpected failure in destroy"
- return
- }
-}
-test36
-
-test "create-principal 37"
-proc test37 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test37
-
-test "create-principal 38"
-proc test38 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \
- test-pol-nopw] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test38
-
-test "create-principal 39"
-proc test39 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if { ! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: cannot not retrieve principal"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { [expr "$mod_date + $pw_max_life - $pw_expire"] > 5 } {
- fail "$test: pw_expire is wrong"
- return
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-perror"$test: unexpected failure in destroy"
- return
- }
-}
-test39
-
-test "create-principal 40"
-proc test40 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
-perror"$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- fail "$test: can not retreive principal"
- return;
- }
- send "lindex \$principal 4\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test40
-
-test "create-principal 43"
-proc test43 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_create_principal null \
- [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a"
- } $test $test] "BAD_SERVER_HANDLE"
-}
-test43
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/destroy.exp b/src/lib/kadm5/unit-test/api.0/destroy.exp
deleted file mode 100644
index 0f10399..0000000
--- a/src/lib/kadm5/unit-test/api.0/destroy.exp
+++ /dev/null
@@ -1,203 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "destroy 1"
-
-proc test1 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_destroy $server_handle}
- end_dump_compare "no-diffs"
-}
-test1
-
-#test "destroy 2"
-#
-#proc test2 {} {
-# global test
-# begin_dump
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test \
-# {ovsec_kadm_get_principal $server_handle admin principal} \
-# "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test2
-
-#test "destroy 3"
-#proc test3 {} {
-# global test
-#
-# begin_dump
-# if {! (( ! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} {
-# error_and_restart "$test couldn't delete principal \"$test/a\""
-# return
-# }
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# ovsec_kadm_create_principal $server_handle \
-# [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a"
-# } $test $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test3
-
-#test "destroy 4"
-#proc test4 {} {
-# global test prompt
-#
-# if {! (([principal_exists "$test/a"]) || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! ([cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }] &&
-# [cmd [format {
-# ovsec_kadm_get_principal $server_handle "%s/a" principal
-# } $test]])} {
-# error_and_restart "$test: error getting principal"
-# return;
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# ovsec_kadm_modify_principal $server_handle \
-# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {OVSEC_KADM_KVNO}
-# } $test "77"] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test4
-
-#test "destroy 5"
-#
-#proc test5 {} {
-# global test
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# ovsec_kadm_delete_principal $server_handle "%s/a"
-# } $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test5
-
-#test "destroy 6"
-#
-#proc test6 {} {
-# global test
-# begin_dump
-# one_line_fail_test {ovsec_kadm_destroy $server_handle} "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test6
-
-
-#test "destroy 7"
-#
-#proc test7 {} {
-# global test
-# begin_dump
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure in init"
-# return
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# }
-# one_line_fail_test {ovsec_kadm_destroy $server_handle} "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test7
-
-test "destroy 8"
-proc test8 {} {
- global test
- begin_dump
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
- end_dump_compare "no-diffs"
-}
-test8
-
-test "destroy 9"
-proc test9 {} {
- global test
- one_line_fail_test {ovsec_kadm_destroy null} "BAD_SERVER_HANDLE"
-}
-test9
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/dlte-policy.exp b/src/lib/kadm5/unit-test/api.0/dlte-policy.exp
deleted file mode 100644
index cd82738..0000000
--- a/src/lib/kadm5/unit-test/api.0/dlte-policy.exp
+++ /dev/null
@@ -1,207 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "delete-policy 2"
-proc test2 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {ovsec_kadm_delete_policy $server_handle ""} "BAD_POL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "delete-policy 5"
-proc test5 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} test5
-
-test "delete-policy 6"
-proc test6 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} test6
-
-test "delete-policy 7"
-proc test7 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test7
-
-test "delete-policy 10"
-proc test10 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_delete_policy $server_handle "%s/a"
- } $test]]} {
- fail "$test"
- return
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if { [policy_exists "$test/a"]} {
- fail "$test"
- return
- }
-}
-test10
-
-test "delete-policy 12"
-proc test12 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test unexecpted failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \
- "%s/a"] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \
- NotinTheDictionary
- } $test $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {ovsec_kadm_delete_policy $server_handle test-pol} "POLICY_REF"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "delete-policy 13"
-proc test13 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_policy null "%s/a"
- } $test] "BAD_SERVER_HANDLE"
-}
-test13
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/dlte-principal.exp b/src/lib/kadm5/unit-test/api.0/dlte-principal.exp
deleted file mode 100644
index 5c617fb..0000000
--- a/src/lib/kadm5/unit-test/api.0/dlte-principal.exp
+++ /dev/null
@@ -1,329 +0,0 @@
-load_lib lib.t
-
-api_exit
-api_start
-
-#test "delete-principal 1"
-#proc test1 {} {
-# global test
-# one_line_fail_test [format {
-# ovsec_kadm_delete_principal $server_handle "%s/a"
-# } $test] "NOT_INIT"
-#}
-#test1
-
-test "delete-principal 2"
-proc test2 {} {
- global test
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {ovsec_kadm_delete_principal $server_handle null} "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "delete-principal 5"
-proc test5 {} {
- global test
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "UNK_PRINC"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-test "delete-principal 6"
-proc test6 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" test-pol])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test6 }
-
-
-test "delete-principal 7"
-proc test7 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test7 }
-
-
-test "delete-principal 8"
-proc test8 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test8 }
-
-test "delete-principal 9"
-proc test9 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test9 }
-
-test "delete-principal 10"
-proc test10 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test10 }
-
-test "delete-principal 11"
-proc test11 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test]]} {
- fail "$test: delete failed"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if { [principal_exists "$test/a"] } {
- fail "$test"
- return
- }
-}
-test11
-
-test "delete-principal 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" test-pol])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_delete_principal $server_handle "%s/a"
- } $test]]} {
- fail "$test: delete failed"
- return
- }
- if { [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test]]} {
- fail "$test: principal still exists"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- send "lindex \$p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- send "lindex \$p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$oldref - 1"] != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- pass "$test"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-
-test12
-
-test "delete-principal 13"
-proc test13 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_delete_principal null "%s/a"
- } $test] "BAD_SERVER_HANDLE"
-}
-test13
-
-return ""
-
-
-
-
-
diff --git a/src/lib/kadm5/unit-test/api.0/get-policy.exp b/src/lib/kadm5/unit-test/api.0/get-policy.exp
deleted file mode 100644
index 7b01814..0000000
--- a/src/lib/kadm5/unit-test/api.0/get-policy.exp
+++ /dev/null
@@ -1,199 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "get-policy 3"
-proc test3 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {ovsec_kadm_get_policy $server_handle "" p} "BAD_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3
-
-test "get-policy 6"
-proc test6 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test6
-
-test "get-policy 7"
-proc test7 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test7
-
-test "get-policy 11"
-proc test11 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/get-pol StupidAdmin $OVSEC_KADM_ADMIN_SERVICE \
- null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_policy $server_handle test-pol p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "get-policy 12"
-proc test12 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/get-pol StupidAdmin \
- $OVSEC_KADM_CHANGEPW_SERVICE null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "get-policy 15"
-proc test15 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/pol StupidAdmin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "get-policy 16"
-proc test16 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/pol StupidAdmin $OVSEC_KADM_CHANGEPW_SERVICE \
- null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-test "get-policy 17"
-proc test17 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_policy $server_handle test-pol p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "get-policy 18"
-proc test18 {} {
- global test
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test18
-
-test "get-policy 21"
-proc test21 {} {
- global test
-
- one_line_fail_test {ovsec_kadm_get_policy null "pol1" p} "BAD_SERVER_HANDLE"
-}
-test21
diff --git a/src/lib/kadm5/unit-test/api.0/get-principal.exp b/src/lib/kadm5/unit-test/api.0/get-principal.exp
deleted file mode 100644
index cf055f7..0000000
--- a/src/lib/kadm5/unit-test/api.0/get-principal.exp
+++ /dev/null
@@ -1,346 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "get-principal 1"
-proc test1 {} {
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {ovsec_kadm_get_principal $server_handle null p} "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test1
-
-test "get-principal 2"
-proc test2 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "UNK_PRINC"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "get-principal 3"
-proc test3 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test3 }
-
-test "get-principal 4"
-proc test4 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test4 }
-
-test "get-principal 5"
-proc test5 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test5 }
-
-test "get-principal 6"
-proc test6 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test6 }
-
-test "get-principal 7"
-proc test7 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test7 }
-
-
-test "get-principal 8"
-proc test8 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_get_principal $server_handle "%s/a" p
- } $test] "AUTH_GET"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test8 }
-
-
-test "get-principal 9"
-proc test9 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_principal $server_handle admin/none p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "get-principal 10"
-proc test10 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_principal $server_handle admin/none p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-test "get-principal 11"
-proc test11 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/get p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "get-principal 12"
-proc test12 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/get p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "get-principal 13"
-proc test13 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/add p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "get-principal 14"
-proc test14 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin/get-mod admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/add p}
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "get-principal 15"
-proc test15 {} {
- one_line_fail_test \
- {ovsec_kadm_get_principal null "admin" p} "BAD_SERVER_HANDLE"
-}
-test15
-
-return ""
-
-
-
-
diff --git a/src/lib/kadm5/unit-test/api.0/init.exp b/src/lib/kadm5/unit-test/api.0/init.exp
deleted file mode 100644
index d39ecce..0000000
--- a/src/lib/kadm5/unit-test/api.0/init.exp
+++ /dev/null
@@ -1,728 +0,0 @@
-load_lib lib.t
-
-# Assumptions:
-#
-# Principal "admin" exists, with "get", "add", "modify" and "delete"
-# access bits and password "admin".
-# The string "not-the-password" isn't the password of any user in the database.
-# Database master password is "mrroot".
-
-api_exit
-api_start
-test "init 1"
-
-one_line_fail_test_nochk \
- {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE "" \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle}
-
-test "init 2"
-
-one_line_fail_test_nochk \
- {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE @ \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle}
-
-test "init 2.5"
-
-one_line_fail_test_nochk \
- {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE BAD.REALM \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle}
-
-test "init 3"
-
-proc test3 {} {
- global test
- if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- one_line_fail_test_nochk [format {
- ovsec_kadm_init admin admin "%s/a" null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- } $test]
-}
-if {$RPC} { test3 }
-
-test "init 4"
-
-proc test4 {} {
- global test
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- one_line_fail_test_nochk [format {
- ovsec_kadm_init admin admin "%s/a" null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test]
-}
-if {$RPC} { test4 }
-
-test "init 5"
-
-if {$RPC} {
- one_line_fail_test_nochk {
- ovsec_kadm_init admin admin admin null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }
-}
-
-test "init 6"
-
-proc test6 {} {
- global test
-
- send "ovsec_kadm_init admin null \$OVSEC_KADM_ADMIN_SERVICE null \$OVSEC_KADM_STRUCT_VERSION \$OVSEC_KADM_API_VERSION_1 server_handle\n"
-
- expect {
- -re "assword\[^\r\n\]*: *" { }
- eof {
- fail "$test: eof instead of password prompt"
- api_exit
- api_start
- return
- }
- timeout {
- fail "$test: timeout instead of password prompt"
- return
- }
- }
- one_line_succeed_test "admin"
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if { $RPC } { test6 }
-
-test "init 7"
-proc test7 {} {
- global test
-
- send "ovsec_kadm_init admin \"\" \$OVSEC_KADM_ADMIN_SERVICE null \$OVSEC_KADM_STRUCT_VERSION \$OVSEC_KADM_API_VERSION_1 server_handle\n"
-
- expect {
- -re "assword\[^\r\n\]*: *" { }
- -re "\n\[^\n\]+key:\[^\n\]*$" { }
- eof {
- fail "$test: eof instead of password prompt"
- api_exit
- api_start
- return
- }
- timeout {
- fail "$test: timeout instead of password prompt"
- return
- }
- }
- one_line_succeed_test "admin"
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if { $RPC } { test7 }
-
-test "init 8"
-
-proc test8 {} {
- global test
- if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- one_line_fail_test_nochk [format {
- ovsec_kadm_init "%s/a" admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test]
-}
-if {$RPC} { test8 }
-
-test "init 9"
-
-if {$RPC} {
- global test
- one_line_fail_test_nochk {
- ovsec_kadm_init admin not-the-password $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
-}
-
-test "init 10"
-
-proc test10 {} {
- global test
-# set prms_id 562
-# setup_xfail {*-*-*} $prms_id
- one_line_fail_test_nochk {
- ovsec_kadm_init null admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
-}
-test10
-
-#test "init 11"
-#
-#proc test11 {} {
-# global test
-# set prms_id 563
-# setup_xfail {*-*-*} $prms_id
-# one_line_fail_test_nochk {
-# ovsec_kadm_init "" admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }
-#}
-#test11
-
-test "init 12"
-
-proc test12 {} {
- global test
- one_line_fail_test_nochk [format {
- ovsec_kadm_init "%s/a" admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test]
-}
-if {$RPC} { test12 }
-
-test "init 13"
-
-proc test13 {} {
- global test
- one_line_fail_test_nochk [format {
- ovsec_kadm_init "%s/a@SECURE-TEST.OV.COM" admin \
- $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- } $test]
-}
-if {$RPC} { test13 }
-
-test "init 14"
-
-proc test14 {} {
- global test
- one_line_fail_test_nochk [format {
- ovsec_kadm_init "%s/a@BAD.REALM" admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test]
-}
-if {$RPC} { test14 }
-
-test "init 15"
-
-if {$RPC} {
- one_line_fail_test_nochk {
- ovsec_kadm_init admin@BAD.REALM admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
-}
-
-test "init 16"
-
-proc test16 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test16
-
-test "init 17"
-
-proc test17 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin@SECURE-TEST.OV.COM admin \
- $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test17
-
-test "init 18"
-
-proc test18 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test18
-
-test "init 19"
-
-proc test19 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin@SECURE-TEST.OV.COM admin \
- $OVSEC_KADM_ADMIN_SERVICE SECURE-TEST.OV.COM \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test19
-
-test "init 20"
-
-proc test20 {} {
- global test
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- error_and_restart "$test: couldn't init database"
- return
- }
- one_line_succeed_test \
- {ovsec_kadm_get_principal $server_handle admin principal}
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test20
-
-#test "init 21"
-#
-#proc test21 {} {
-# global test
-# if {! [cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }]} {
-# error_and_restart "$test: couldn't init database"
-# return
-# }
-# one_line_fail_test_nochk {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }
-# if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# }
-#}
-#test21
-
-
-proc test22 {} {
- global test prompt
- set prompting 0
- send [string trim {
- ovsec_kadm_init admin null null null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }]
- send "\n"
- expect {
- -re "\n\[^\n\]+:\[^\n\]*$" { set prompting 1}
- -re "\nOK .*$prompt$" { fail "$test: premature success" }
- -re "\nERROR .*$prompt$" { fail "$test: premature failure" }
- timeout { fail "$test: timeout" }
- eof { fail "$test: eof" }
- }
- if {$prompting} {
- one_line_succeed_test mrroot
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test22 }
-
-test "init 22.5"
-proc test225 {} {
- global test prompt
- set prompting 0
- send [string trim {
- ovsec_kadm_init admin null null null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }]
- send "\n"
- expect {
- -re "\n\[^\n\]+:\[^\n\]*$" { set prompting 1}
- -re "\nOK .*$prompt$" { fail "$test: premature success" }
- -re "\nERROR .*$prompt$" { fail "$test: premature failure" }
- timeout { fail "$test: timeout" }
- eof { fail "$test: eof" }
- }
- if {$prompting} {
- one_line_succeed_test mrroot
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test225 }
-
-test "init 23"
-
-proc test23 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin not-the-password $OVSEC_KADM_ADMIN_SERVICE \
- null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test23 }
-
-test "init 24"
-
-proc test24 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin null null $OVSEC_KADM_STRUCT_VERSION \
- $OVSEC_KADM_API_VERSION_1 server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test24 }
-
-test "init 25"
-
-proc test25 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin foobar null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test25 }
-
-test "init 26"
-
-#proc test26 {} {
-# global test
-#
-# api_exit
-# api_start
-# one_line_fail_test_nochk {
-# ovsec_kadm_get_principal $server_handle admin principal
-# }
-#}
-#test26
-
-#test "init 27"
-#
-#proc test27 {} {
-# global test
-#
-# if {! ((! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} {
-# error_and_restart "$test: couldn't delete principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {[cmd [format {
-# ovsec_kadm_create_principal $server_handle [simple_principal \
-# "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a"
-# } $test $test]]} {
-# fail "$test: unexpected success in add"
-# return
-# }
-# end_dump_compare "no-diffs"
-#}
-#test27
-
-#test "init 28"
-#
-#proc test28 {} {
-# global test prompt
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! ([cmd {
-# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
-# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
-# server_handle
-# }] && [cmd [format {
-# ovsec_kadm_get_principal $server_handle "%s/a" principal
-# } $test]])} {
-# error_and_restart "$test: error getting principal"
-# return;
-# }
-# send "lindex \$principal 8\n"
-# expect {
-# -re "\n(\[0-9\]+).*$prompt$" {set kvno $expect_out(1,string) }
-# timeout {
-# error_and_restart "$test: timeout getting principal kvno"
-# return
-# }
-# eof {
-# error_and_restart "$test: eof getting principal kvno"
-# return
-# }
-# }
-# api_exit
-# api_start
-# set new_kvno [expr "$kvno + 1"]
-# if {[cmd [format {
-# ovsec_kadm_modify_principal $server_handle \
-# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {OVSEC_KADM_KVNO}
-# } $test $new_kvno]]} {
-# fail "$test: unexpected success in modify"
-# return;
-# }
-# end_dump_compare "no-diffs"
-#}
-#test28
-
-#test "init 29"
-#
-#proc test29 {} {
-# global test
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {[cmd [format {
-# ovsec_kadm_delete_principal $server_handle "%s/a"
-# } $test]]} {
-# fail "$test: unexpected success in delete"
-# return
-# }
-# end_dump_compare "no-diffs"
-#}
-#test29
-
-test "init 30"
-proc test30 {} {
- global test
- if {[cmd {
- ovsec_kadm_init admin foobar $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- error_and_restart "$test: unexpected success"
- return
- }
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if ${RPC} { test30 }
-
-test "init 31"
-proc test31 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $bad_struct_version_mask $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } "BAD_STRUCT_VERSION"
-}
-test31
-
-test "init 32"
-proc test32 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $no_struct_version_mask $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } "BAD_STRUCT_VERSION"
-}
-test32
-
-test "init 33"
-proc test33 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $old_struct_version $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } "OLD_STRUCT_VERSION"
-}
-test33
-
-test "init 34"
-proc test34 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $new_struct_version $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } "NEW_STRUCT_VERSION"
-}
-test34
-
-test "init 35"
-proc test35 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $bad_api_version_mask \
- server_handle
- } "BAD_API_VERSION"
-}
-test35
-
-test "init 36"
-proc test36 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $no_api_version_mask \
- server_handle
- } "BAD_API_VERSION"
-}
-test36
-
-test "init 37"
-proc test37 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $old_api_version \
- server_handle
- } "OLD_LIB_API_VERSION"
-}
-if { $RPC } test37
-
-test "init 38"
-proc test38 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $old_api_version \
- server_handle
- } "OLD_SERVER_API_VERSION"
-}
-if { ! $RPC } test38
-
-test "init 39"
-proc test39 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $new_api_version \
- server_handle
- } "NEW_LIB_API_VERSION"
-}
-if { $RPC } test39
-
-test "init 40"
-proc test40 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $new_api_version \
- server_handle
- } "NEW_SERVER_API_VERSION"
-}
-if { ! $RPC } test40
-
-test "init 41"
-proc test41 {} {
- global test
- one_line_fail_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_API_VERSION_1 $OVSEC_KADM_STRUCT_VERSION \
- server_handle
- } "BAD_"
-}
-test41
-
-test "init 42"
-proc test42 {} {
- global test
- one_line_succeed_test {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }
- if {! [cmd {ovsec_kadm_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test42
-
-
-proc test45_46 {service} {
- global test kadmin_local env
-
- spawn $kadmin_local -q "delprinc -force $service"
- expect {
- -re "Principal .* deleted." {}
- default {
- perror "kadmin.local delprinc failed\n";
- }
- }
- expect eof
- wait
-
- one_line_fail_test [concat {ovsec_kadm_init admin admin } \
- $service \
- { null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle}] "SECURE_PRINC_MISSING"
-
- # this leaves the keytab with an incorrect entry
- spawn $kadmin_local -q "ank -randkey $service"
- expect eof
- wait
-
- # restart the api so it gets a new ccache
- api_exit
- api_start
-}
-
-if {$RPC} {
- test "init 45"
-
- test45_46 ovsec_adm/admin
-
- test "init 46"
-
- test45_46 ovsec_adm/changepw
-
- # re-extract the keytab so it is right
- exec rm $env(K5ROOT)/ovsec_adm.srvtab
- exec $env(MAKE_KEYTAB) -princ ovsec_adm/admin -princ ovsec_adm/changepw \
- -princ kadmin/admin -princ kadmin/changepw \
- $env(K5ROOT)/ovsec_adm.srvtab
-}
-
-return ""
-
diff --git a/src/lib/kadm5/unit-test/api.0/mod-policy.exp b/src/lib/kadm5/unit-test/api.0/mod-policy.exp
deleted file mode 100644
index ec55999..0000000
--- a/src/lib/kadm5/unit-test/api.0/mod-policy.exp
+++ /dev/null
@@ -1,703 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "modify-policy 2"
-proc test2 {} {
- global test
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2 }
-
-test "modify-policy 4"
-proc test4 {} {
- global test
-
- if {! ([policy_exists "$test/a"] ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_REF_COUNT}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test4
-
-test "modify-policy 8"
-proc test8 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_modify_policy $server_handle [simple_policy ""] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } "BAD_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-test "modify-policy 9"
-proc test9 {} {
- global test
- global prompt
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MIN_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "modify-policy 10"
-proc test10 {} {
- global test
- global prompt
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 32 0 0 0 0 0} \
- {OVSEC_KADM_PW_MIN_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-
-test "modify-policy 11"
-proc test11 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "modify-policy 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 32 0 0 0 0} \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "modify-policy 13"
-proc test13 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MIN_LENGTH}
- } $test] "BAD_LENGTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "modify-policy 14"
-proc test14 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 8 0 0 0} \
- {OVSEC_KADM_PW_MIN_LENGTH}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 3\n"
- expect {
- -re "8\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "modify-policy 15"
-proc test15 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "modify-policy 16"
-proc test16 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0} \
- {OVSEC_KADM_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-test "modify-policy 17"
-proc test17 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 5 0 0} \
- {OVSEC_KADM_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "5\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "modify-policy 18"
-proc test18 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 6 0 0} \
- {OVSEC_KADM_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-test "modify-policy 19"
-proc test19 {} {
- global test
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_HISTORY_NUM}
- } $test] "BAD_HISTORY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-test "modify-policy 20"
-proc test20 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 0 1 0} \
- {OVSEC_KADM_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-test "modify-policy 21"
-proc test21 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 0 10 0} \
- {OVSEC_KADM_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "10\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-test "modify-policy 22"
-proc test22 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test22
-
-test "modify-policy 23"
-proc test23 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test23
-
-test "modify-policy 26"
-proc test26 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-test "modify-policy 30"
-proc test30 {} {
- global test
-
- one_line_fail_test [format {
- ovsec_kadm_modify_policy null [simple_policy "%s/a"] \
- {OVSEC_KADM_PW_MAX_LIFE}
- } $test] "BAD_SERVER_HANDLE"
-}
-test30
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/mod-principal.exp b/src/lib/kadm5/unit-test/api.0/mod-principal.exp
deleted file mode 100644
index 2d68a19..0000000
--- a/src/lib/kadm5/unit-test/api.0/mod-principal.exp
+++ /dev/null
@@ -1,1943 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-#test "modify-principal 1"
-#proc test1 {} {
-# global test
-# one_line_fail_test [format {
-# ovsec_kadm_modify_principal $server_handle [simple_principal \
-# "%s/a"] {OVSEC_KADM_PW_EXPIRATION}
-# } $test] "NOT_INIT"
-#}
-#test1
-
-test "modify-principal 2"
-proc test2 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2 }
-
-test "modify-principal 4"
-proc test4 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINCIPAL}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test4
-
-
-test "modify-principal 5"
-proc test5 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_LAST_PWD_CHANGE}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-test "modify-principal 6"
-proc test6 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MOD_TIME}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test6
-
-test "modify-principal 7"
-proc test7 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MOD_NAME}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test7
-
-test "modify-principal 8"
-proc test8 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MKVNO}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-test "modify-principal 9"
-proc test9 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_AUX_ATTRIBUTES}
- } $test] "BAD_MASK"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "modify-principal 10"
-proc test10 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "UNK_PRINC"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-test "modify-principal 11"
-proc test11 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test11 }
-
-test "modify-principal 12"
-proc test12 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test12 }
-
-test "modify-principal 13"
-proc test13 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test13 }
-
-test "modify-principal 14"
-proc test14 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test14 }
-
-test "modify-principal 15"
-proc test15 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "modify-principal 17"
-proc test17 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- no-policy] {OVSEC_KADM_POLICY}
- } $test] "UNK_POLICY"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "modify-principal 18"
-proc test18 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal "$test/a"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- send "lindex \$p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$oldref + 1"] != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-test "modify-principal 19"
-proc test19 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal "$test/a"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- send "lindex \$p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$oldref + 1"] != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-test "modify-principal 20"
-proc test20 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_POLICY_CLR}
- } $test]]} {
- perror "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { fail "$test" }
- -re "null\n$prompt$" { pass "$test" }
- timeout { pass "$test" }
- }
- send "lindex \$p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$oldref - 1"] != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-test "modify-principal 21"
-proc test21 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw old_p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol-nopw] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$old_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- send "lindex \$old_p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set old_p2_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw new_p2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$new_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- send "lindex \$new_p2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set new_p2_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { [expr "$old_p1_ref - 1"] != $new_p1_ref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { [expr "$old_p2_ref + 1"] != $new_p2_ref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-test "modify-principal 21.5"
-proc test21.5 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$old_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$new_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- if {$old_p1_ref != $new_p1_ref} {
- fail "$test: policy reference count changed ($old_p1_ref to $new_p1_ref)"
- return
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21.5
-
-test "modify-principal 22"
-proc test22 {} {
- global test
- global prompt
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modifiy failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test22
-
-test "modify-principal 23"
-proc test23 {} {
- global test
- global prompt
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" test-pol-nopw])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modifiy failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test23
-
-test "modify-principal 24"
-proc test24 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- error_and_restart "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: could not modify principal"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_get_policy $server_handle %s policy
- } test-pol]]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 0 } {
- fail "$test: pw_expire $pw_expire should be 0"
- return
- } else {
- pass "$test"
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test24
-
-test "modify-principal 25"
-proc test25 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test25
-
-test "modify-principal 26"
-proc test26 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol-nopw" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-test "modify-principal 27"
-proc test27 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test27
-
-test "modify-principal 28"
-proc test28 {} {
- global test
- global prompt
-# set prms_id 1358
-# setup_xfail {*-*-*} $prms_id
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 999999999 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 999999999 } {
- fail "$test: pw_expire $pw_expire should be 999999999"
- return
- }
- pass "$test"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "modify-principal 29"
-proc test29 {} {
- global test
- global prompt
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { ! ([create_principal_pol "$test/a" test-pol])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_POLICY_CLR}
- } $test]]} {
- fail "$test: modifiy failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test29
-
-test "modify-principal 30"
-proc test30 {} {
- global test
- global prompt
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal_pol "$test/a" test-pol])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol-nopw] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "modify-principal 31"
-proc test31 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { [expr "$pw_mod_date + $pw_max_life"] != $pw_expire } {
- fail "$test: pw_expire is wrong"
- return
- }
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "modify-principal 32"
-proc test32 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 1234 0 0 0 0 0 0 0 0 0 0} \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 1\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test32
-
-test "modify-principal 33"
-proc test33 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_ALL_TIX 0 0 0 0} \
- {OVSEC_KADM_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_DISALLOW_ALL_TIX.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test33
-
-test "modify-principal 33.25"
-proc test3325 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_REQUIRES_PWCHANGE 0 0 0 0} \
- {OVSEC_KADM_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_REQUIRES_PWCHANGE.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3325
-
-test "modify-principal 33.5"
-proc test335 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_TGT_BASED 0 0 0 0} \
- {OVSEC_KADM_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_DISALLOW_TGT_BASED.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test335
-
-
-test "modify-principal 34"
-proc test34 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 3456 0 0 0 0 0 0 0} {OVSEC_KADM_MAX_LIFE}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 4\n"
- expect {
- -re "3456\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test34
-
-test "modify-principal 35"
-proc test35 {} {
- global prompt
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- ovsec_kadm_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 0 7 0 0 0} {OVSEC_KADM_KVNO}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 8\n"
- expect {
- -re "7\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test35
-
-test "modify-principal 36"
-proc test36 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {OVSEC_KADM_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- send "lindex \$pol 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- send "lindex \$pol2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { $oldref != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test36
-
-test "modify-principal 37"
-proc test37 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal "$test/a"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_POLICY_CLR}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test37
-
-test "modify-principal 38"
-proc test38 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test38
-
-test "modify-principal 39"
-proc test39 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
- {OVSEC_KADM_MAX_LIFE}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_get_principal $server_handle "%s/a" principal
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 4\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test39
-
-test "modify-principal 40"
-proc test40 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_modify_principal $server_handle null \
- {OVSEC_KADM_PRINC_EXPIRE_TIME}
- } "EINVAL"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test40
-
-test "modify-principal 43"
-proc test43 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_modify_principal null [simple_principal \
- "%s/a"] {OVSEC_KADM_PW_EXPIRATION}
- } $test] "BAD_SERVER_HANDLE"
-}
-test43
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/randkey-principal.exp b/src/lib/kadm5/unit-test/api.0/randkey-principal.exp
deleted file mode 100644
index c967001..0000000
--- a/src/lib/kadm5/unit-test/api.0/randkey-principal.exp
+++ /dev/null
@@ -1,319 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "randkey-principal 1"
-proc test1 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test] "PASS_TOOSOON"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test1 }
-
-test "randkey-principal 3"
-proc test3 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test] "PASS_TOOSOON"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} { test3 }
-
-test "randkey-principal 13"
-proc test13 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
- once-a-min] OVSEC_KADM_POLICY
- } $test]]} {
- perror "$test: failed modify"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "randkey-principal 15"
-proc test15 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test] "AUTH_CHANGEPW"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test15 }
-
-test "randkey-principal 28"
-proc test28 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "randkey-principal 28.25"
-proc test2825 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test] "AUTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2825 }
-
-test "randkey-principal 28.5"
-proc test285 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test285
-
-test "randkey-principal 30"
-proc test30 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [create_principal "$test/a"]} {
- error_and_restart "$test: creating principal"
- return
- }
- if {! [cmd [format {
- ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "randkey-principal 31"
-proc test31 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal "$test/a"]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_randkey_principal $server_handle "%s/a" key
- } $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "randkey-principal 32"
-proc test32 {} {
- global test
-
- if { ! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- ovsec_kadm_randkey_principal $server_handle kadmin/history key
- } "PROTECT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test32
-
-test "randkey-principal 33"
-proc test33 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if { ! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_randkey_principal null "%s/a" key
- } $test] "BAD_SERVER_HANDLE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-
-test33
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.0/rename-principal.exp b/src/lib/kadm5/unit-test/api.0/rename-principal.exp
deleted file mode 100644
index d5f012f..0000000
--- a/src/lib/kadm5/unit-test/api.0/rename-principal.exp
+++ /dev/null
@@ -1,509 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-#test "rename-principal 1"
-#proc test1 {} {
-# global test
-# one_line_fail_test [format {
-# ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
-# } $test $test] "NOT_INIT"
-#}
-#test1
-
-test "rename-principal 2"
-proc test2 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "INSUFFICIENT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-
-}
-if {$RPC} { test2 }
-
-test "rename-principal 3"
-proc test3 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_INSUFFICIENT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test3 }
-
-test "rename-principal 4"
-proc test4 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_INSUFFICIENT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test4 }
-
-test "rename-principal 5"
-proc test5 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_INSUFFICIENT"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test5 }
-
-test "rename-principal 6"
-proc test6 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/mod-add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test6 }
-
-test "rename-principal 7"
-proc test7 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/mod-delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test7 }
-
-test "rename-principal 8"
-proc test8 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get-add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test8 }
-
-test "rename-principal 9"
-proc test9 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/get-delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test9 }
-
-test "rename-principal 10"
-proc test10 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/no-delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_DELETE"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test10 }
-
-test "rename-principal 11"
-proc test11 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/no-add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH_ADD"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test11 }
-
-test "rename-principal 12"
-proc test12 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test12 }
-
-
-test "rename-principal 13"
-proc test13 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "AUTH"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test13 }
-
-test "rename-principal 14"
-proc test14 {} {
- global test
-
- if {[principal_exists "$test/a"]} {
- delete_principal "$test/a"
- }
-
- if {[create_principal_with_keysalts "$test/a" "des-cbc-crc:v4"]} {
- error_and_restart "$test: couldn't create no-salt principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test]
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "rename-principal 15"
-proc test15 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( [principal_exists "$test/b"]) ||
- [create_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "DUP"
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "rename-principal 16"
-proc test16 {} {
- global test
- one_line_fail_test [format {
- ovsec_kadm_rename_principal null "%s/a" "%s/b"
- } $test $test] "BAD_SERVER_HANDLE"
-}
-test16
-
-test "rename-principal 18"
-proc test18 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! (( ! [principal_exists "$test/b"]) ||
- [delete_principal "$test/b"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b"
- } $test $test] "NO_RENAME_SALT"
-
- if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.1/lock.exp b/src/lib/kadm5/unit-test/api.1/lock.exp
deleted file mode 100644
index 02df75b..0000000
--- a/src/lib/kadm5/unit-test/api.1/lock.exp
+++ /dev/null
@@ -1,287 +0,0 @@
-# This is in api.1 so that it happens after all the tests in api.0.
-# If some API function does not unlock the database then the server
-# (whichs runs through all api tests) will still have it locked, and
-# these tests will fail.
-
-load_lib lib.t
-
-api_exit
-
-if { $RPC } {
- return
-}
-
-send_user "UNTESTED: lock: DAL changes broke locking code (see MIT RT ticket 3201)\n"
-untested "lock: DAL changes broke locking code (see MIT RT ticket 3201)"
-return
-
-set locktest $LOCKTEST
-set lockfile $env(K5ROOT)/kdb5.kadm5.lock
-
-# The lock tests use the program lock-test in the unit test
-# directory. The basic idea is that lock-test can be told to acquire
-# various kinds of locks and then wait for input before proceeding;
-# this is necessary because otherwise we'd have no way to test locking
-# interactions without a race condition.
-#
-# lock_test_start and lock_test_continue work together to give a crude
-# form of continuations. lock_test_continue expects a list of
-# commands for lock-test (passed on the command line) and responses
-# (read from stdout). When it gets to a command of "wait",
-# lock_test_continue returns, and its return value is a list of the
-# arguments that it should be passed to continue processing that
-# particular list of commands for that particular lock-test after
-# whatever that requried lock-test to wait has been completed.
-#
-# lock_test is simply a wrapper for tests that do not involve wait.
-
-proc lock_test_setup {test cmds} {
- global locktest spawn_id
-
- verbose "test $test"
-
- set cmdline ""
- foreach cmdpair $cmds {
- if {[lindex $cmdpair 0] == "eof"} {
- break
- }
- set cmdline "$cmdline [lindex $cmdpair 0]"
- }
-
- verbose "spawning $locktest $cmdline"
- eval "spawn $locktest $cmdline"
-}
-
-proc lock_test {test cmds} {
- global spawn_id
-
- lock_test_setup $test $cmds
- set lockany [lock_test_continue $test $spawn_id 0 "" 0 $cmds]
- while {$lockany != {}} {
- set lockany [eval lock_test_continue $lockany]
- }
-}
-
-proc lock_test_start {test cmds} {
- global spawn_id
-
- lock_test_setup $test $cmds
- return [lock_test_continue $test $spawn_id 0 "" 0 $cmds]
-}
-
-proc lock_test_continue {test my_spawn_id test_failed fail_output cont cmds} {
- global wait_error_index wait_errno_index wait_status_index
- global spawn_id
-
- set spawn_id $my_spawn_id
-
- if {$cont == 1} {
- send -i $spawn_id "\n"
- }
-
- while {[llength $cmds] > 0} {
- set cmdpair [lindex $cmds 0]
- set cmds [lrange $cmds 1 end]
- set cmd [lindex $cmdpair 0]
- set output [lindex $cmdpair 1]
-
- verbose "test $test: command: $cmd"
-
- if {$cmd == "wait"} {
- # ah, for continuations...
- return [list $test $spawn_id $test_failed $fail_output 1 $cmds]
- }
- if {$cmd == "eof"} {
- set status $output
- set output "doesnotmatchanything"
- }
-
- expect {
- -i $spawn_id
- -re "$output" { verbose "test $test: read: $output" }
- timeout {
- set test_failed 1
- set fail_output "timeout while waiting for $output"
- }
- eof {
- if {$cmd != "eof"} {
- set test_failed 1
- set fail_output "eof while waiting for $output"
- }
- }
- }
-
- if {$test_failed == 1} { break }
- }
-
- # In timeout cases, the process may not be dead yet.
- catch { exec kill -9 [exp_pid -i $spawn_id] } x
- set ret [wait -i $spawn_id]
- verbose "% Exit $ret" 2
-
- if {$test_failed == 0} {
- if {[lindex $ret $wait_error_index] == -1} {
- set test_failed 1
- set fail_output "wait returned error [lindex $ret $wait_errno_index]"
- } else {
- if { [lindex $ret $wait_status_index] == $status ||
- (($status<0) && ([lindex $ret $wait_status_index] == ($status+256))) } {
- verbose "test $test: status $status"
- } else {
- set test_failed 1
- set fail_output "unexpected return status [lindex $ret $wait_status_index], should be $status"
- }
- }
- }
-
- if {$test_failed == 0} {
- pass $test
- } else {
- fail "$test: $fail_output"
- }
-
- return {}
-}
-
-set lock1 [lock_test_start 1 [list \
- [list shared "shared"] \
- [list release "released"] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock1
-
-set lock2 [lock_test_start 2 [list \
- [list exclusive exclusive] \
- [list release released] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock2
-
-set lock3 [lock_test_start 5 [list \
- [list permanent permanent] \
- [list release released] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock3
-
-set lock4 [lock_test_start 4 [list \
- [list release "Database not locked"] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock4
-
-set lock5 [lock_test_start 5 [list \
- [list shared shared] \
- [list wait ""] \
- [list eof 0]]]
-set lock5_1 [lock_test_start 5.1 [list \
- [list shared shared] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock5_1
-eval lock_test_continue $lock5
-
-set lock6 [lock_test_start 6 [list \
- [list exclusive exclusive] \
- [list wait ""] \
- [list eof 0]]]
-set lock6_1 [lock_test_start 6.1 [list \
- [list shared "Cannot lock database"] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock6_1
-eval lock_test_continue $lock6
-
-set lock7 [lock_test_start 7 [list \
- [list shared shared] \
- [list wait ""] \
- [list eof 0]]]
-set lock7_1 [lock_test_start 7.1 [list \
- [list exclusive "Cannot lock database"] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock7_1
-eval lock_test_continue $lock7
-
-set lock8 [lock_test_start 8 [list \
- [list permanent permanent] \
- [list wait ""] \
- [list release "released" ] \
- [list wait ""] \
- [list eof 0]]]
-set lock8_1 [lock_test_start 8.1 [list \
- [list "" "administration database lock file missing while opening database" ] \
- [list wait ""] \
- [list eof 1]]]
-eval lock_test_continue $lock8_1
-eval set lock8 \[lock_test_continue $lock8\]
-eval lock_test_continue $lock8
-
-set lock9 [lock_test_start 9 [list \
- [list exclusive exclusive] \
- [list release released] \
- [list wait ""] \
- [list exclusive "database lock file missing while getting exclusive"] \
- [list wait ""] \
- [list eof 0]]]
-set lock9_1 [lock_test_start 9.1 [list \
- [list permanent permanent] \
- [list wait ""] \
- [list release released] \
- [list wait ""] \
- [list eof 0]]]
-eval set lock9 \[lock_test_continue $lock9\]
-eval lock_test_continue $lock9
-eval set lock9_1 \[lock_test_continue $lock9_1\]
-eval lock_test_continue $lock9_1
-
-if {! [file exists $lockfile]} {
- perror "lock file missing before test 10"
-}
-set lock10 [lock_test_start 10 [list \
- [list permanent permanent] \
- [list wait ""] \
- [list release released] \
- [list wait ""] \
- [list eof 0]]]
-if {[file exists $lockfile]} {
- fail "test 10: lock file exists"
-}
-eval set lock10 \[lock_test_continue $lock10\]
-eval lock_test_continue $lock10
-if {[file exists $lockfile]} {
- pass "test 11: lock file exists"
-} else {
- fail "test 11: lock file does not exist"
-}
-
-set lock12 [lock_test_start 12 [list \
- [list shared shared] \
- [list wait ""] \
- [list eof 0]]]
-set lock12_1 [lock_test_start 12.1 [list \
- [list "get test-pol" retrieved] \
- [list wait ""] \
- [list eof 0]]]
-eval lock_test_continue $lock12_1
-eval lock_test_continue $lock12
-
-set lock13 [lock_test_start 13 [list \
- [list "get lock13" "Principal or policy does not exist"] \
- [list wait ""] \
- [list "get lock13" retrieved] \
- [list wait ""] \
- [list eof 0]]]
-set test13_spawn_id $spawn_id
-# create_policy could call api_exit immediately when it starts up.
-# If it does, and the spawn ID in $spawn_id is ours rather than its,
-# it'll close our spawn ID. So, we call api_start to give it something
-# to close.
-api_start
-create_policy lock13
-set api_spawn_id $spawn_id
-set spawn_id $test13_spawn_id
-eval set lock13 \[lock_test_continue $lock13\]
-eval lock_test_continue $lock13
-set spawn_id $api_spawn_id
-delete_policy lock13
diff --git a/src/lib/kadm5/unit-test/config/unix.exp b/src/lib/kadm5/unit-test/config/unix.exp
index 3f36655..f14f126 100644
--- a/src/lib/kadm5/unit-test/config/unix.exp
+++ b/src/lib/kadm5/unit-test/config/unix.exp
@@ -151,13 +151,13 @@ proc api_start {} {
eof { error "EOF starting API" }
timeout { error "Timeout starting API" }
}
- send "set current_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION &~ \$OVSEC_KADM_STRUCT_VERSION_MASK\]\n"
+ send "set current_struct_version \[expr \$KADM5_STRUCT_VERSION &~ \$KADM5_STRUCT_VERSION_MASK\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set current_api_version \[expr \$OVSEC_KADM_API_VERSION_1 &~ \$OVSEC_KADM_API_VERSION_MASK\]\n"
+ send "set current_api_version \[expr \$KADM5_API_VERSION_2 &~ \$KADM5_API_VERSION_MASK\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
@@ -187,25 +187,25 @@ proc api_start {} {
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set old_api_version \[expr \$OVSEC_KADM_API_VERSION_MASK | 0x00\]\n"
+ send "set old_api_version \[expr \$KADM5_API_VERSION_MASK | 0x00\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set old_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION_MASK | 0x00\]\n"
+ send "set old_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0x00\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set new_api_version \[expr \$OVSEC_KADM_API_VERSION_MASK | 0xca\]\n"
+ send "set new_api_version \[expr \$KADM5_API_VERSION_MASK | 0xca\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
timeout { error "timeout setting API varibles"}
}
- send "set new_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION_MASK | 0xca\]\n"
+ send "set new_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0xca\]\n"
expect {
-re "$prompt$" {}
eof { error "EOF setting API varibles"}
diff --git a/src/lib/kadm5/unit-test/destroy-test.c b/src/lib/kadm5/unit-test/destroy-test.c
index 6d7435c..2610060 100644
--- a/src/lib/kadm5/unit-test/destroy-test.c
+++ b/src/lib/kadm5/unit-test/destroy-test.c
@@ -13,24 +13,23 @@
int main()
{
- ovsec_kadm_ret_t ret;
+ kadm5_ret_t ret;
char *cp;
int x;
void *server_handle;
kadm5_server_handle_t handle;
for(x = 0; x < TEST_NUM; x++) {
- ret = ovsec_kadm_init("admin", "admin", "ovsec_adm/admin", 0,
- OVSEC_KADM_STRUCT_VERSION,
- OVSEC_KADM_API_VERSION_1, NULL,
- &server_handle);
- if(ret != OVSEC_KADM_OK) {
+ ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
+ KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
+ &server_handle);
+ if(ret != KADM5_OK) {
com_err("test", ret, "init");
exit(2);
}
handle = (kadm5_server_handle_t) server_handle;
- cp = (char *) strdup(((char *) (strchr(handle->cache_name, ':')) + 1));
- ovsec_kadm_destroy(server_handle);
+ cp = strdup(strchr(handle->cache_name, ':') + 1);
+ kadm5_destroy(server_handle);
if(access(cp, F_OK) == 0) {
puts("ticket cache not destroyed");
exit(2);
diff --git a/src/lib/kadm5/unit-test/handle-test.c b/src/lib/kadm5/unit-test/handle-test.c
index 3f72385..231d950 100644
--- a/src/lib/kadm5/unit-test/handle-test.c
+++ b/src/lib/kadm5/unit-test/handle-test.c
@@ -11,12 +11,12 @@
int main(int argc, char *argv[])
{
- ovsec_kadm_ret_t ret;
+ kadm5_ret_t ret;
void *server_handle;
kadm5_server_handle_t handle;
kadm5_server_handle_rec orig_handle;
- ovsec_kadm_policy_ent_t pol;
- ovsec_kadm_principal_ent_t princ;
+ kadm5_policy_ent_rec pol;
+ kadm5_principal_ent_t princ;
krb5_keyblock *key;
krb5_principal tprinc;
krb5_context context;
@@ -24,103 +24,104 @@ int main(int argc, char *argv[])
kadm5_init_krb5_context(&context);
- ret = ovsec_kadm_init("admin/none", "admin", "ovsec_adm/admin", 0,
- OVSEC_KADM_STRUCT_VERSION, OVSEC_KADM_API_VERSION_1, NULL,
- &server_handle);
- if(ret != OVSEC_KADM_OK) {
+ ret = kadm5_init("admin/none", "admin", KADM5_ADMIN_SERVICE, NULL,
+ KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
+ &server_handle);
+ if(ret != KADM5_OK) {
com_err("test", ret, "init");
exit(2);
}
handle = (kadm5_server_handle_t) server_handle;
orig_handle = *handle;
- handle->magic_number = OVSEC_KADM_STRUCT_VERSION;
+ handle->magic_number = KADM5_STRUCT_VERSION;
krb5_parse_name(context, "testuser", &tprinc);
- ret = ovsec_kadm_get_principal(server_handle, tprinc, &princ);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_get_principal(server_handle, tprinc, &princ,
+ KADM5_PRINCIPAL_NORMAL_MASK);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "get-principal",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_get_policy(server_handle, "pol1", &pol);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_get_policy(server_handle, "pol1", &pol);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "get-policy",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_create_principal(server_handle, princ, OVSEC_KADM_PRINCIPAL, "pass");
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_create_principal(server_handle, princ, KADM5_PRINCIPAL, "pass");
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "create-principal",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_create_policy(server_handle, pol, OVSEC_KADM_POLICY);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_create_policy(server_handle, &pol, KADM5_POLICY);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "create-policy",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_modify_principal(server_handle, princ, OVSEC_KADM_PW_EXPIRATION);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_modify_principal(server_handle, princ, KADM5_PW_EXPIRATION);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "modify-principal",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_modify_policy(server_handle, pol, OVSEC_KADM_PW_MAX_LIFE);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_modify_policy(server_handle, &pol, KADM5_PW_MAX_LIFE);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "modify-policy",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_delete_principal(server_handle, tprinc);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_delete_principal(server_handle, tprinc);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "delete-principal",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_delete_policy(server_handle, "pol1");
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_delete_policy(server_handle, "pol1");
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "delete-policy",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_chpass_principal(server_handle, tprinc, "FooBar");
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_chpass_principal(server_handle, tprinc, "FooBar");
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "chpass",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_randkey_principal(server_handle, tprinc, &key);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_randkey_principal(server_handle, tprinc, &key, NULL);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "randkey",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_rename_principal(server_handle, tprinc, tprinc);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_rename_principal(server_handle, tprinc, tprinc);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "rename",
error_message(ret));
exit(1);
}
- ret = ovsec_kadm_destroy(server_handle);
- if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) {
+ ret = kadm5_destroy(server_handle);
+ if(ret != KADM5_BAD_SERVER_HANDLE) {
fprintf(stderr, "%s -- returned -- %s\n", "destroy",
error_message(ret));
exit(1);
}
*handle = orig_handle;
- ret = ovsec_kadm_destroy(server_handle);
- if (ret != OVSEC_KADM_OK) {
+ ret = kadm5_destroy(server_handle);
+ if (ret != KADM5_OK) {
fprintf(stderr, "valid %s -- returned -- %s\n", "destroy",
error_message(ret));
exit(1);
diff --git a/src/lib/kadm5/unit-test/init-test.c b/src/lib/kadm5/unit-test/init-test.c
index 575b24f..8e9ec82 100644
--- a/src/lib/kadm5/unit-test/init-test.c
+++ b/src/lib/kadm5/unit-test/init-test.c
@@ -1,4 +1,3 @@
-#undef USE_KADM5_API_VERSION
#include <kadm5/admin.h>
#include <com_err.h>
#include <stdio.h>
diff --git a/src/lib/kadm5/unit-test/iter-test.c b/src/lib/kadm5/unit-test/iter-test.c
index 17e561e..3608150 100644
--- a/src/lib/kadm5/unit-test/iter-test.c
+++ b/src/lib/kadm5/unit-test/iter-test.c
@@ -4,7 +4,7 @@
int main(int argc, char **argv)
{
- ovsec_kadm_ret_t ret;
+ kadm5_ret_t ret;
void *server_handle;
char **names;
int count, princ, i;
@@ -15,23 +15,20 @@ int main(int argc, char **argv)
}
princ = (strcmp(argv[1], "-princ") == 0);
- ret = ovsec_kadm_init("admin", "admin", OVSEC_KADM_ADMIN_SERVICE, 0,
- OVSEC_KADM_STRUCT_VERSION,
- OVSEC_KADM_API_VERSION_1, NULL,
- &server_handle);
- if (ret != OVSEC_KADM_OK) {
+ ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
+ KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
+ &server_handle);
+ if (ret != KADM5_OK) {
com_err("iter-test", ret, "while initializing");
exit(1);
}
if (princ)
- ret = ovsec_kadm_get_principals(server_handle, argv[2], &names,
- &count);
+ ret = kadm5_get_principals(server_handle, argv[2], &names, &count);
else
- ret = ovsec_kadm_get_policies(server_handle, argv[2],
- &names, &count);
-
- if (ret != OVSEC_KADM_OK) {
+ ret = kadm5_get_policies(server_handle, argv[2], &names, &count);
+
+ if (ret != KADM5_OK) {
com_err("iter-test", ret, "while retrieving list");
exit(1);
}
@@ -39,9 +36,9 @@ int main(int argc, char **argv)
for (i = 0; i < count; i++)
printf("%d: %s\n", i, names[i]);
- ovsec_kadm_free_name_list(server_handle, names, count);
+ kadm5_free_name_list(server_handle, names, count);
- (void) ovsec_kadm_destroy(server_handle);
+ (void) kadm5_destroy(server_handle);
return 0;
}
diff --git a/src/lib/kadm5/unit-test/lib/lib.t b/src/lib/kadm5/unit-test/lib/lib.t
index 2027794..361c727 100644
--- a/src/lib/kadm5/unit-test/lib/lib.t
+++ b/src/lib/kadm5/unit-test/lib/lib.t
@@ -18,8 +18,8 @@ proc lib_start_api {} {
api_exit
set lib_pid [api_start]
if {! [cmd {
- ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
- $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
+ kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
+ $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
lib_handle
}]} {
error "$test: unexpected failure in init"
@@ -120,8 +120,8 @@ proc create_principal {name} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_create_principal $lib_handle [simple_principal \
- "%s"] {OVSEC_KADM_PRINCIPAL} "%s"
+ kadm5_create_principal $lib_handle [simple_principal \
+ "%s"] {KADM5_PRINCIPAL} "%s"
} $name $name]]
return $ret
@@ -131,8 +131,8 @@ proc create_policy {name} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_create_policy $lib_handle [simple_policy "%s"] \
- {OVSEC_KADM_POLICY}
+ kadm5_create_policy $lib_handle [simple_policy "%s"] \
+ {KADM5_POLICY}
} $name $name]]
return $ret
@@ -142,8 +142,8 @@ proc create_principal_pol {name policy} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_create_principal $lib_handle [princ_w_pol "%s" \
- "%s"] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} "%s"
+ kadm5_create_principal $lib_handle [princ_w_pol "%s" \
+ "%s"] {KADM5_PRINCIPAL KADM5_POLICY} "%s"
} $name $policy $name]]
return $ret
@@ -153,7 +153,7 @@ proc delete_principal {name} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_delete_principal $lib_handle "%s"
+ kadm5_delete_principal $lib_handle "%s"
} $name]]
return $ret
@@ -162,7 +162,7 @@ proc delete_principal {name} {
proc delete_policy {name} {
lib_start_api
- set ret [cmd [format {ovsec_kadm_delete_policy $lib_handle "%s"} $name]]
+ set ret [cmd [format {kadm5_delete_policy $lib_handle "%s"} $name]]
return $ret
}
@@ -173,7 +173,7 @@ proc principal_exists {name} {
lib_start_api
set ret [cmd [format {
- ovsec_kadm_get_principal $lib_handle "%s" principal
+ kadm5_get_principal $lib_handle "%s" principal
} $name]]
# puts stdout "Finishing principal_exists."
@@ -187,7 +187,7 @@ proc policy_exists {name} {
# puts stdout "Starting policy_exists."
set ret [cmd [format {
- ovsec_kadm_get_policy $lib_handle "%s" policy
+ kadm5_get_policy $lib_handle "%s" policy
} $name]]
# puts stdout "Finishing policy_exists."
diff --git a/src/lib/kadm5/unit-test/lock-test.c b/src/lib/kadm5/unit-test/lock-test.c
index 489b7b8..85049a7 100644
--- a/src/lib/kadm5/unit-test/lock-test.c
+++ b/src/lib/kadm5/unit-test/lock-test.c
@@ -1,8 +1,3 @@
-#if USE_KADM5_API_VERSION == 1
-#undef USE_KADM5_API_VERSION
-#define USE_KADM5_API_VERSION 2
-#endif
-
#include <stdio.h>
#include <krb5.h>
#include <kadm5/admin.h>
diff --git a/src/lib/kadm5/unit-test/randkey-test.c b/src/lib/kadm5/unit-test/randkey-test.c
index 4b17bcb..12e9e23 100644
--- a/src/lib/kadm5/unit-test/randkey-test.c
+++ b/src/lib/kadm5/unit-test/randkey-test.c
@@ -10,7 +10,7 @@
int main()
{
- ovsec_kadm_ret_t ret;
+ kadm5_ret_t ret;
krb5_keyblock *keys[TEST_NUM];
krb5_principal tprinc;
krb5_keyblock *newkey;
@@ -22,24 +22,21 @@ int main()
kadm5_init_krb5_context(&context);
krb5_parse_name(context, "testuser", &tprinc);
- ret = ovsec_kadm_init("admin", "admin", "ovsec_adm/admin", 0,
- OVSEC_KADM_STRUCT_VERSION,
- OVSEC_KADM_API_VERSION_1, NULL,
- &server_handle);
- if(ret != OVSEC_KADM_OK) {
+ ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, NULL,
+ KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL,
+ &server_handle);
+ if(ret != KADM5_OK) {
com_err("test", ret, "init");
exit(2);
}
for(x = 0; x < TEST_NUM; x++) {
- ovsec_kadm_randkey_principal(server_handle, tprinc, &newkey);
+ kadm5_randkey_principal(server_handle, tprinc, &keys[x], NULL);
for(i = 0; i < x; i++) {
if (!memcmp(newkey->contents, keys[i]->contents, newkey->length))
puts("match found");
}
- krb5_copy_keyblock(context, newkey, &keys[x]);
- krb5_free_keyblock(context, newkey);
}
- ovsec_kadm_destroy(server_handle);
+ kadm5_destroy(server_handle);
exit(0);
}
diff --git a/src/lib/kadm5/unit-test/site.exp b/src/lib/kadm5/unit-test/site.exp
index 18b435d..7fe3974 100644
--- a/src/lib/kadm5/unit-test/site.exp
+++ b/src/lib/kadm5/unit-test/site.exp
@@ -1,2 +1,2 @@
-set tool ovsec_kadm_srv_tcl
+set tool kadm5_srv_tcl
set prompt "% "
diff --git a/src/lib/rpc/unit-test/lib/helpers.exp b/src/lib/rpc/unit-test/lib/helpers.exp
index b69be5b..963fff4 100644
--- a/src/lib/rpc/unit-test/lib/helpers.exp
+++ b/src/lib/rpc/unit-test/lib/helpers.exp
@@ -50,7 +50,7 @@ proc expect_kadm_ok {} {
global kadmin_tcl_spawn_id
expect {
-i $kadmin_tcl_spawn_id
- -re "^OK OVSEC_KADM_OK \[^\n\]*\n" {}
+ -re "^OK KADM5_OK \[^\n\]*\n" {}
-re "^ERROR \[^\n\]*\n" { perror "kadmin tcl subprocess reported unexpected error" }
-re "^marshall_new_creds: \[^\n\]*\n" { exp_continue }
-re "^gssapi_\[^\n\]*\n" { exp_continue }
@@ -68,7 +68,7 @@ proc setup_database {} {
send_user "TOP=$TOP\n"
set_from_env TESTDIR $env(TOP)/testing
- set_from_env CLNTTCL $TESTDIR/util/ovsec_kadm_clnt_tcl
+ set_from_env CLNTTCL $TESTDIR/util/kadm5_clnt_tcl
set_from_env TCLUTIL $TESTDIR/tcl/util.t
set env(TCLUTIL) $TCLUTIL
set_from_env MAKE_KEYTAB $TESTDIR/scripts/make-host-keytab.pl
@@ -96,22 +96,22 @@ proc setup_database {} {
}
expect_tcl_prompt
- send_tcl_cmd_await_echo {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle}
+ send_tcl_cmd_await_echo {kadm5_init admin admin $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 server_handle}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_create_principal $server_handle [simple_principal server/$h] {OVSEC_KADM_PRINCIPAL} admin}
+ send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal server/$h] {KADM5_PRINCIPAL} admin}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_randkey_principal $server_handle server/$h key}
+ send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle server/$h key null}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_create_principal $server_handle [simple_principal notserver/$h] {OVSEC_KADM_PRINCIPAL} admin}
+ send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal notserver/$h] {KADM5_PRINCIPAL} admin}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_randkey_principal $server_handle notserver/$h key}
+ send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle notserver/$h key null}
expect_kadm_ok
expect "^% "
- send_tcl_cmd_await_echo {ovsec_kadm_destroy $server_handle}
+ send_tcl_cmd_await_echo {kadm5_destroy $server_handle}
expect_kadm_ok
expect "^% "
wait -nowait -i $spawn_id
diff --git a/src/lib/rpc/unit-test/rpc_test_setup.sh b/src/lib/rpc/unit-test/rpc_test_setup.sh
index 0f8ca9d..968f52a 100755
--- a/src/lib/rpc/unit-test/rpc_test_setup.sh
+++ b/src/lib/rpc/unit-test/rpc_test_setup.sh
@@ -8,7 +8,7 @@
# $Source$
DUMMY=${TESTDIR=$TOP/testing}
-DUMMY=${CLNTTCL=$TESTDIR/util/ovsec_kadm_clnt_tcl}
+DUMMY=${CLNTTCL=$TESTDIR/util/kadm5_clnt_tcl}
DUMMY=${TCLUTIL=$TESTDIR/tcl/util.t}; export TCLUTIL
DUMMY=${MAKE_KEYTAB=$TESTDIR/scripts/make-host-keytab.pl}
@@ -26,13 +26,13 @@ export CANON_HOST
cat - > /tmp/rpc_test_setup$$ <<\EOF
source $env(TCLUTIL)
set h $env(CANON_HOST)
-puts stdout [ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle]
+puts stdout [kadm5_init admin admin $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 server_handle]
if ![info exists server_handle] { exit 1 }
-puts stdout [ovsec_kadm_create_principal $server_handle [simple_principal server/$h] {OVSEC_KADM_PRINCIPAL} admin]
-puts stdout [ovsec_kadm_randkey_principal $server_handle server/$h key]
-puts stdout [ovsec_kadm_create_principal $server_handle [simple_principal notserver/$h] {OVSEC_KADM_PRINCIPAL} admin]
-puts stdout [ovsec_kadm_randkey_principal $server_handle notserver/$h key]
-puts stdout [ovsec_kadm_destroy $server_handle]
+puts stdout [kadm5_create_principal $server_handle [simple_principal server/$h] {KADM5_PRINCIPAL} admin]
+puts stdout [kadm5_randkey_principal $server_handle server/$h key null]
+puts stdout [kadm5_create_principal $server_handle [simple_principal notserver/$h] {KADM5_PRINCIPAL} admin]
+puts stdout [kadm5_randkey_principal $server_handle notserver/$h key null]
+puts stdout [kadm5_destroy $server_handle]
EOF
eval "$CLNTTCL $REDIRECT < /tmp/rpc_test_setup$$"
if test $? != 0 ; then
generated by cgit v1.1 at 2024-08-03 19:56:09 +0000