diff options
Diffstat (limited to 'src/lib')
43 files changed, 276 insertions, 9418 deletions
diff --git a/src/lib/kadm5/Makefile.in b/src/lib/kadm5/Makefile.in index 175231e..4c502eb 100644 --- a/src/lib/kadm5/Makefile.in +++ b/src/lib/kadm5/Makefile.in @@ -19,7 +19,6 @@ clean:: SRCS = kadm_err.c \ chpass_util_strings.c \ - $(srcdir)/ovsec_glue.c \ $(srcdir)/misc_free.c \ $(srcdir)/kadm_rpc_xdr.c \ $(srcdir)/chpass_util.c \ @@ -29,7 +28,6 @@ SRCS = kadm_err.c \ OBJS = kadm_err.$(OBJEXT) \ chpass_util_strings.$(OBJEXT) \ - ovsec_glue.$(OBJEXT) \ misc_free.$(OBJEXT) \ kadm_rpc_xdr.$(OBJEXT) \ chpass_util.$(OBJEXT) \ @@ -40,7 +38,6 @@ OBJS = kadm_err.$(OBJEXT) \ STLIBOBJS = \ kadm_err.o \ chpass_util_strings.o \ - ovsec_glue.o \ misc_free.o \ kadm_rpc_xdr.o \ chpass_util.o \ diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h index 57e2586..33e2728 100644 --- a/src/lib/kadm5/admin.h +++ b/src/lib/kadm5/admin.h @@ -37,17 +37,11 @@ * releases (e.g. from 1.7 to 1.8). * - We will make some effort to avoid making incompatible changes for * bugfix releases, but will make them if necessary. - * - We make no commitments at all regarding the v1 API (obtained by - * defining USE_KADM5_API_VERSION to 1) and expect to remove it. */ #ifndef __KADM5_ADMIN_H__ #define __KADM5_ADMIN_H__ -#if !defined(USE_KADM5_API_VERSION) -#define USE_KADM5_API_VERSION 2 -#endif - #include <sys/types.h> #include <gssrpc/rpc.h> #include <krb5.h> @@ -181,10 +175,9 @@ typedef long kadm5_ret_t; #define KADM5_STRUCT_VERSION KADM5_STRUCT_VERSION_1 #define KADM5_API_VERSION_MASK 0x12345700 -#define KADM5_API_VERSION_1 (KADM5_API_VERSION_MASK|0x01) #define KADM5_API_VERSION_2 (KADM5_API_VERSION_MASK|0x02) -typedef struct _kadm5_principal_ent_t_v2 { +typedef struct _kadm5_principal_ent_t { krb5_principal principal; krb5_timestamp princ_expire_time; krb5_timestamp last_pwd_change; @@ -207,30 +200,7 @@ typedef struct _kadm5_principal_ent_t_v2 { krb5_int16 n_tl_data; krb5_tl_data *tl_data; krb5_key_data *key_data; -} kadm5_principal_ent_rec_v2, *kadm5_principal_ent_t_v2; - -typedef struct _kadm5_principal_ent_t_v1 { - krb5_principal principal; - krb5_timestamp princ_expire_time; - krb5_timestamp last_pwd_change; - krb5_timestamp pw_expiration; - krb5_deltat max_life; - krb5_principal mod_name; - krb5_timestamp mod_date; - krb5_flags attributes; - krb5_kvno kvno; - krb5_kvno mkvno; - char *policy; - long aux_attributes; -} kadm5_principal_ent_rec_v1, *kadm5_principal_ent_t_v1; - -#if USE_KADM5_API_VERSION == 1 -typedef struct _kadm5_principal_ent_t_v1 - kadm5_principal_ent_rec, *kadm5_principal_ent_t; -#else -typedef struct _kadm5_principal_ent_t_v2 - kadm5_principal_ent_rec, *kadm5_principal_ent_t; -#endif +} kadm5_principal_ent_rec, *kadm5_principal_ent_t; typedef struct _kadm5_policy_ent_t { char *policy; @@ -330,7 +300,6 @@ typedef struct __krb5_realm_params { * functions */ -#if USE_KADM5_API_VERSION > 1 krb5_error_code kadm5_get_config_params(krb5_context context, int use_kdc_config, kadm5_config_params *params_in, @@ -344,15 +313,10 @@ krb5_error_code kadm5_free_realm_params(krb5_context kcontext, krb5_error_code kadm5_get_admin_service_name(krb5_context, char *, char *, size_t); -#endif kadm5_ret_t kadm5_init(char *client_name, char *pass, char *service_name, -#if USE_KADM5_API_VERSION == 1 - char *realm, -#else kadm5_config_params *params, -#endif krb5_ui_4 struct_version, krb5_ui_4 api_version, char **db_args, @@ -360,11 +324,7 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass, kadm5_ret_t kadm5_init_with_password(char *client_name, char *pass, char *service_name, -#if USE_KADM5_API_VERSION == 1 - char *realm, -#else kadm5_config_params *params, -#endif krb5_ui_4 struct_version, krb5_ui_4 api_version, char **db_args, @@ -372,16 +332,11 @@ kadm5_ret_t kadm5_init_with_password(char *client_name, kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab, char *service_name, -#if USE_KADM5_API_VERSION == 1 - char *realm, -#else kadm5_config_params *params, -#endif krb5_ui_4 struct_version, krb5_ui_4 api_version, char **db_args, void **server_handle); -#if USE_KADM5_API_VERSION > 1 kadm5_ret_t kadm5_init_with_creds(char *client_name, krb5_ccache cc, char *service_name, @@ -390,7 +345,6 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name, krb5_ui_4 api_version, char **db_args, void **server_handle); -#endif kadm5_ret_t kadm5_lock(void *server_handle); kadm5_ret_t kadm5_unlock(void *server_handle); kadm5_ret_t kadm5_flush(void *server_handle); @@ -411,16 +365,10 @@ kadm5_ret_t kadm5_modify_principal(void *server_handle, long mask); kadm5_ret_t kadm5_rename_principal(void *server_handle, krb5_principal,krb5_principal); -#if USE_KADM5_API_VERSION == 1 -kadm5_ret_t kadm5_get_principal(void *server_handle, - krb5_principal principal, - kadm5_principal_ent_t *ent); -#else kadm5_ret_t kadm5_get_principal(void *server_handle, krb5_principal principal, kadm5_principal_ent_t ent, long mask); -#endif kadm5_ret_t kadm5_chpass_principal(void *server_handle, krb5_principal principal, char *pass); @@ -430,11 +378,6 @@ kadm5_ret_t kadm5_chpass_principal_3(void *server_handle, int n_ks_tuple, krb5_key_salt_tuple *ks_tuple, char *pass); -#if USE_KADM5_API_VERSION == 1 -kadm5_ret_t kadm5_randkey_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock **keyblock); -#else kadm5_ret_t kadm5_randkey_principal(void *server_handle, krb5_principal principal, krb5_keyblock **keyblocks, @@ -446,7 +389,6 @@ kadm5_ret_t kadm5_randkey_principal_3(void *server_handle, krb5_key_salt_tuple *ks_tuple, krb5_keyblock **keyblocks, int *n_keys); -#endif kadm5_ret_t kadm5_setv4key_principal(void *server_handle, krb5_principal principal, krb5_keyblock *keyblock); @@ -496,15 +438,9 @@ kadm5_ret_t kadm5_modify_policy(void *server_handle, kadm5_ret_t kadm5_modify_policy_internal(void *server_handle, kadm5_policy_ent_t entry, long mask); -#if USE_KADM5_API_VERSION == 1 -kadm5_ret_t kadm5_get_policy(void *server_handle, - kadm5_policy_t policy, - kadm5_policy_ent_t *ent); -#else kadm5_ret_t kadm5_get_policy(void *server_handle, kadm5_policy_t policy, kadm5_policy_ent_t ent); -#endif kadm5_ret_t kadm5_get_privs(void *server_handle, long *privs); @@ -529,11 +465,9 @@ kadm5_ret_t kadm5_get_policies(void *server_handle, char *exp, char ***pols, int *count); -#if USE_KADM5_API_VERSION > 1 kadm5_ret_t kadm5_free_key_data(void *server_handle, krb5_int16 *n_key_data, krb5_key_data *key_data); -#endif kadm5_ret_t kadm5_free_name_list(void *server_handle, char **names, int count); @@ -552,256 +486,6 @@ kadm5_ret_t kadm5_get_principal_keys(void *server_handle, krb5_keyblock **keyblocks, int *n_keys); -#if USE_KADM5_API_VERSION == 1 -/* - * OVSEC_KADM_API_VERSION_1 should be, if possible, compile-time - * compatible with KADM5_API_VERSION_2. Basically, this means we have - * to continue to provide all the old ovsec_kadm function and symbol - * names. - */ - -#define OVSEC_KADM_ACLFILE "/krb5/ovsec_adm.acl" -#define OVSEC_KADM_WORDFILE "/krb5/ovsec_adm.dict" - -#define OVSEC_KADM_ADMIN_SERVICE "ovsec_adm/admin" -#define OVSEC_KADM_CHANGEPW_SERVICE "ovsec_adm/changepw" -#define OVSEC_KADM_HIST_PRINCIPAL "ovsec_adm/history" - -typedef krb5_principal ovsec_kadm_princ_t; -typedef krb5_keyblock ovsec_kadm_keyblock; -typedef char *ovsec_kadm_policy_t; -typedef long ovsec_kadm_ret_t; - -enum ovsec_kadm_salttype { OVSEC_KADM_SALT_V4, OVSEC_KADM_SALT_NORMAL }; -enum ovsec_kadm_saltmod { OVSEC_KADM_MOD_KEEP, OVSEC_KADM_MOD_V4, OVSEC_KADM_MOD_NORMAL }; - -#define OVSEC_KADM_PW_FIRST_PROMPT \ - ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT)) -#define OVSEC_KADM_PW_SECOND_PROMPT \ - ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT)) - -/* - * Successful return code - */ -#define OVSEC_KADM_OK 0 - -/* - * Create/Modify masks - */ -/* principal */ -#define OVSEC_KADM_PRINCIPAL 0x000001 -#define OVSEC_KADM_PRINC_EXPIRE_TIME 0x000002 -#define OVSEC_KADM_PW_EXPIRATION 0x000004 -#define OVSEC_KADM_LAST_PWD_CHANGE 0x000008 -#define OVSEC_KADM_ATTRIBUTES 0x000010 -#define OVSEC_KADM_MAX_LIFE 0x000020 -#define OVSEC_KADM_MOD_TIME 0x000040 -#define OVSEC_KADM_MOD_NAME 0x000080 -#define OVSEC_KADM_KVNO 0x000100 -#define OVSEC_KADM_MKVNO 0x000200 -#define OVSEC_KADM_AUX_ATTRIBUTES 0x000400 -#define OVSEC_KADM_POLICY 0x000800 -#define OVSEC_KADM_POLICY_CLR 0x001000 -/* policy */ -#define OVSEC_KADM_PW_MAX_LIFE 0x004000 -#define OVSEC_KADM_PW_MIN_LIFE 0x008000 -#define OVSEC_KADM_PW_MIN_LENGTH 0x010000 -#define OVSEC_KADM_PW_MIN_CLASSES 0x020000 -#define OVSEC_KADM_PW_HISTORY_NUM 0x040000 -#define OVSEC_KADM_REF_COUNT 0x080000 - -/* - * permission bits - */ -#define OVSEC_KADM_PRIV_GET 0x01 -#define OVSEC_KADM_PRIV_ADD 0x02 -#define OVSEC_KADM_PRIV_MODIFY 0x04 -#define OVSEC_KADM_PRIV_DELETE 0x08 - -/* - * API versioning constants - */ -#define OVSEC_KADM_MASK_BITS 0xffffff00 - -#define OVSEC_KADM_STRUCT_VERSION_MASK 0x12345600 -#define OVSEC_KADM_STRUCT_VERSION_1 (OVSEC_KADM_STRUCT_VERSION_MASK|0x01) -#define OVSEC_KADM_STRUCT_VERSION OVSEC_KADM_STRUCT_VERSION_1 - -#define OVSEC_KADM_API_VERSION_MASK 0x12345700 -#define OVSEC_KADM_API_VERSION_1 (OVSEC_KADM_API_VERSION_MASK|0x01) - - -typedef struct _ovsec_kadm_principal_ent_t { - krb5_principal principal; - krb5_timestamp princ_expire_time; - krb5_timestamp last_pwd_change; - krb5_timestamp pw_expiration; - krb5_deltat max_life; - krb5_principal mod_name; - krb5_timestamp mod_date; - krb5_flags attributes; - krb5_kvno kvno; - krb5_kvno mkvno; - char *policy; - long aux_attributes; -} ovsec_kadm_principal_ent_rec, *ovsec_kadm_principal_ent_t; - -typedef struct _ovsec_kadm_policy_ent_t { - char *policy; - long pw_min_life; - long pw_max_life; - long pw_min_length; - long pw_min_classes; - long pw_history_num; - long policy_refcnt; -} ovsec_kadm_policy_ent_rec, *ovsec_kadm_policy_ent_t; - -/* - * functions - */ -ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *pass, - char *service_name, char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle); -ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name, - char *pass, - char *service_name, - char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char ** db_args, - void **server_handle); -ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name, - char *keytab, - char *service_name, - char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle); -ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle); -ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle); -ovsec_kadm_ret_t ovsec_kadm_create_principal(void *server_handle, - ovsec_kadm_principal_ent_t ent, - long mask, char *pass); -ovsec_kadm_ret_t ovsec_kadm_delete_principal(void *server_handle, - krb5_principal principal); -ovsec_kadm_ret_t ovsec_kadm_modify_principal(void *server_handle, - ovsec_kadm_principal_ent_t ent, - long mask); -ovsec_kadm_ret_t ovsec_kadm_rename_principal(void *server_handle, - krb5_principal,krb5_principal); -ovsec_kadm_ret_t ovsec_kadm_get_principal(void *server_handle, - krb5_principal principal, - ovsec_kadm_principal_ent_t *ent); -ovsec_kadm_ret_t ovsec_kadm_chpass_principal(void *server_handle, - krb5_principal principal, - char *pass); -ovsec_kadm_ret_t ovsec_kadm_randkey_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock **keyblock); -ovsec_kadm_ret_t ovsec_kadm_create_policy(void *server_handle, - ovsec_kadm_policy_ent_t ent, - long mask); -/* - * ovsec_kadm_create_policy_internal is not part of the supported, - * exposed API. It is available only in the server library, and you - * shouldn't use it unless you know why it's there and how it's - * different from ovsec_kadm_create_policy. - */ -ovsec_kadm_ret_t ovsec_kadm_create_policy_internal(void *server_handle, - ovsec_kadm_policy_ent_t - entry, long mask); -ovsec_kadm_ret_t ovsec_kadm_delete_policy(void *server_handle, - ovsec_kadm_policy_t policy); -ovsec_kadm_ret_t ovsec_kadm_modify_policy(void *server_handle, - ovsec_kadm_policy_ent_t ent, - long mask); -/* - * ovsec_kadm_modify_policy_internal is not part of the supported, - * exposed API. It is available only in the server library, and you - * shouldn't use it unless you know why it's there and how it's - * different from ovsec_kadm_modify_policy. - */ -ovsec_kadm_ret_t ovsec_kadm_modify_policy_internal(void *server_handle, - ovsec_kadm_policy_ent_t - entry, long mask); -ovsec_kadm_ret_t ovsec_kadm_get_policy(void *server_handle, - ovsec_kadm_policy_t policy, - ovsec_kadm_policy_ent_t *ent); -ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle, - long *privs); - -ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle, - krb5_principal princ, - char *new_pw, - char **ret_pw, - char *msg_ret); - -ovsec_kadm_ret_t ovsec_kadm_free_principal_ent(void *server_handle, - ovsec_kadm_principal_ent_t - ent); -ovsec_kadm_ret_t ovsec_kadm_free_policy_ent(void *server_handle, - ovsec_kadm_policy_ent_t ent); - -ovsec_kadm_ret_t ovsec_kadm_free_name_list(void *server_handle, - char **names, int count); - -ovsec_kadm_ret_t ovsec_kadm_get_principals(void *server_handle, - char *exp, char ***princs, - int *count); - -ovsec_kadm_ret_t ovsec_kadm_get_policies(void *server_handle, - char *exp, char ***pols, - int *count); - -#define OVSEC_KADM_FAILURE KADM5_FAILURE -#define OVSEC_KADM_AUTH_GET KADM5_AUTH_GET -#define OVSEC_KADM_AUTH_ADD KADM5_AUTH_ADD -#define OVSEC_KADM_AUTH_MODIFY KADM5_AUTH_MODIFY -#define OVSEC_KADM_AUTH_DELETE KADM5_AUTH_DELETE -#define OVSEC_KADM_AUTH_INSUFFICIENT KADM5_AUTH_INSUFFICIENT -#define OVSEC_KADM_BAD_DB KADM5_BAD_DB -#define OVSEC_KADM_DUP KADM5_DUP -#define OVSEC_KADM_RPC_ERROR KADM5_RPC_ERROR -#define OVSEC_KADM_NO_SRV KADM5_NO_SRV -#define OVSEC_KADM_BAD_HIST_KEY KADM5_BAD_HIST_KEY -#define OVSEC_KADM_NOT_INIT KADM5_NOT_INIT -#define OVSEC_KADM_UNK_PRINC KADM5_UNK_PRINC -#define OVSEC_KADM_UNK_POLICY KADM5_UNK_POLICY -#define OVSEC_KADM_BAD_MASK KADM5_BAD_MASK -#define OVSEC_KADM_BAD_CLASS KADM5_BAD_CLASS -#define OVSEC_KADM_BAD_LENGTH KADM5_BAD_LENGTH -#define OVSEC_KADM_BAD_POLICY KADM5_BAD_POLICY -#define OVSEC_KADM_BAD_PRINCIPAL KADM5_BAD_PRINCIPAL -#define OVSEC_KADM_BAD_AUX_ATTR KADM5_BAD_AUX_ATTR -#define OVSEC_KADM_BAD_HISTORY KADM5_BAD_HISTORY -#define OVSEC_KADM_BAD_MIN_PASS_LIFE KADM5_BAD_MIN_PASS_LIFE -#define OVSEC_KADM_PASS_Q_TOOSHORT KADM5_PASS_Q_TOOSHORT -#define OVSEC_KADM_PASS_Q_CLASS KADM5_PASS_Q_CLASS -#define OVSEC_KADM_PASS_Q_DICT KADM5_PASS_Q_DICT -#define OVSEC_KADM_PASS_REUSE KADM5_PASS_REUSE -#define OVSEC_KADM_PASS_TOOSOON KADM5_PASS_TOOSOON -#define OVSEC_KADM_POLICY_REF KADM5_POLICY_REF -#define OVSEC_KADM_INIT KADM5_INIT -#define OVSEC_KADM_BAD_PASSWORD KADM5_BAD_PASSWORD -#define OVSEC_KADM_PROTECT_PRINCIPAL KADM5_PROTECT_PRINCIPAL -#define OVSEC_KADM_BAD_SERVER_HANDLE KADM5_BAD_SERVER_HANDLE -#define OVSEC_KADM_BAD_STRUCT_VERSION KADM5_BAD_STRUCT_VERSION -#define OVSEC_KADM_OLD_STRUCT_VERSION KADM5_OLD_STRUCT_VERSION -#define OVSEC_KADM_NEW_STRUCT_VERSION KADM5_NEW_STRUCT_VERSION -#define OVSEC_KADM_BAD_API_VERSION KADM5_BAD_API_VERSION -#define OVSEC_KADM_OLD_LIB_API_VERSION KADM5_OLD_LIB_API_VERSION -#define OVSEC_KADM_OLD_SERVER_API_VERSION KADM5_OLD_SERVER_API_VERSION -#define OVSEC_KADM_NEW_LIB_API_VERSION KADM5_NEW_LIB_API_VERSION -#define OVSEC_KADM_NEW_SERVER_API_VERSION KADM5_NEW_SERVER_API_VERSION -#define OVSEC_KADM_SECURE_PRINC_MISSING KADM5_SECURE_PRINC_MISSING -#define OVSEC_KADM_NO_RENAME_SALT KADM5_NO_RENAME_SALT - -#endif /* USE_KADM5_API_VERSION == 1 */ - KADM5INT_END_DECLS #endif /* __KADM5_ADMIN_H__ */ diff --git a/src/lib/kadm5/admin_internal.h b/src/lib/kadm5/admin_internal.h index 6a9d31b..69e7bd6 100644 --- a/src/lib/kadm5/admin_internal.h +++ b/src/lib/kadm5/admin_internal.h @@ -29,7 +29,7 @@ if ((srvr->api_version & KADM5_MASK_BITS) != \ KADM5_API_VERSION_MASK) \ return KADM5_BAD_API_VERSION; \ - if (srvr->api_version < KADM5_API_VERSION_1) \ + if (srvr->api_version < KADM5_API_VERSION_2) \ return old_api_version; \ if (srvr->api_version > KADM5_API_VERSION_2) \ return new_api_version; \ diff --git a/src/lib/kadm5/chpass_util_strings.et b/src/lib/kadm5/chpass_util_strings.et index c65010a..d2c4c3d 100644 --- a/src/lib/kadm5/chpass_util_strings.et +++ b/src/lib/kadm5/chpass_util_strings.et @@ -1,4 +1,4 @@ -# this is really a string table for ovsec_kadm_chpass_principal_util +# this is really a string table for chpass_principal_util error_table ovku diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c index 4395453..4ebd1b7 100644 --- a/src/lib/kadm5/clnt/client_init.c +++ b/src/lib/kadm5/clnt/client_init.c @@ -231,20 +231,10 @@ static kadm5_ret_t _kadm5_init_any(char *client_name, * empty mask, and behave like version 2. */ memset(¶ms_local, 0, sizeof(params_local)); - if (api_version == KADM5_API_VERSION_1) { - realm = params_local.realm = (char *) params_in; - if (params_in) - params_local.mask = KADM5_CONFIG_REALM; - - /* Use old AUTH_GSSAPI for version 1 protocol. */ - params_local.mask |= KADM5_CONFIG_OLD_AUTH_GSSAPI; - params_in = ¶ms_local; - } else { - if (params_in && (params_in->mask & KADM5_CONFIG_REALM)) - realm = params_in->realm; - else - realm = NULL; - } + if (params_in && (params_in->mask & KADM5_CONFIG_REALM)) + realm = params_in->realm; + else + realm = NULL; #if 0 /* Since KDC config params can now be put in krb5.conf, these could show up even when you're just using the remote kadmin diff --git a/src/lib/kadm5/clnt/client_principal.c b/src/lib/kadm5/clnt/client_principal.c index 51135f4..56ad512 100644 --- a/src/lib/kadm5/clnt/client_principal.c +++ b/src/lib/kadm5/clnt/client_principal.c @@ -43,22 +43,8 @@ kadm5_create_principal(void *server_handle, if(princ == NULL) return EINVAL; - if (handle->api_version == KADM5_API_VERSION_1) { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1)); - } else { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); - } - if (handle->api_version == KADM5_API_VERSION_1) { - /* - * hack hack cough cough. - * krb5_unparse name dumps core if we pass it in garbage - * or null. So, since the client is not allowed to set mod_name - * anyway, we just fill it in with a dummy principal. The server of - * course ignores this. - */ - krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name); - } else - arg.rec.mod_name = NULL; + memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); + arg.rec.mod_name = NULL; if(!(mask & KADM5_POLICY)) arg.rec.policy = NULL; @@ -73,9 +59,6 @@ kadm5_create_principal(void *server_handle, r = create_principal_2(&arg, handle->clnt); - if (handle->api_version == KADM5_API_VERSION_1) - krb5_free_principal(handle->context, arg.rec.mod_name); - if(r == NULL) eret(); return r->code; @@ -104,22 +87,8 @@ kadm5_create_principal_3(void *server_handle, if(princ == NULL) return EINVAL; - if (handle->api_version == KADM5_API_VERSION_1) { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1)); - } else { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); - } - if (handle->api_version == KADM5_API_VERSION_1) { - /* - * hack hack cough cough. - * krb5_unparse name dumps core if we pass it in garbage - * or null. So, since the client is not allowed to set mod_name - * anyway, we just fill it in with a dummy principal. The server of - * course ignores this. - */ - krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name); - } else - arg.rec.mod_name = NULL; + memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); + arg.rec.mod_name = NULL; if(!(mask & KADM5_POLICY)) arg.rec.policy = NULL; @@ -134,9 +103,6 @@ kadm5_create_principal_3(void *server_handle, r = create_principal3_2(&arg, handle->clnt); - if (handle->api_version == KADM5_API_VERSION_1) - krb5_free_principal(handle->context, arg.rec.mod_name); - if(r == NULL) eret(); return r->code; @@ -174,17 +140,9 @@ kadm5_modify_principal(void *server_handle, memset(&arg, 0, sizeof(arg)); arg.mask = mask; arg.api_version = handle->api_version; - /* - * cough cough gag gag - * see comment in create_principal. - */ if(princ == NULL) return EINVAL; - if (handle->api_version == KADM5_API_VERSION_1) { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1)); - } else { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); - } + memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); if(!(mask & KADM5_POLICY)) arg.rec.policy = NULL; if (! (mask & KADM5_KEY_DATA)) { @@ -196,19 +154,10 @@ kadm5_modify_principal(void *server_handle, arg.rec.tl_data = NULL; } - if (handle->api_version == KADM5_API_VERSION_1) { - /* - * See comment in create_principal - */ - krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name); - } else - arg.rec.mod_name = NULL; + arg.rec.mod_name = NULL; r = modify_principal_2(&arg, handle->clnt); - if (handle->api_version == KADM5_API_VERSION_1) - krb5_free_principal(handle->context, arg.rec.mod_name); - if(r == NULL) eret(); return r->code; @@ -228,33 +177,13 @@ kadm5_get_principal(void *server_handle, if(princ == NULL) return EINVAL; arg.princ = princ; - if (handle->api_version == KADM5_API_VERSION_1) - arg.mask = KADM5_PRINCIPAL_NORMAL_MASK; - else - arg.mask = mask; + arg.mask = mask; arg.api_version = handle->api_version; r = get_principal_2(&arg, handle->clnt); if(r == NULL) eret(); - if (handle->api_version == KADM5_API_VERSION_1) { - kadm5_principal_ent_t_v1 *entp; - - entp = (kadm5_principal_ent_t_v1 *) ent; - if (r->code == 0) { - if (!(*entp = (kadm5_principal_ent_t_v1) - malloc(sizeof(kadm5_principal_ent_rec_v1)))) - return ENOMEM; - /* this memcpy works because the v1 structure is an initial - subset of the v2 struct. C guarantees that this will - result in the same layout in memory */ - memcpy(*entp, &r->rec, sizeof(**entp)); - } else { - *entp = NULL; - } - } else { - if (r->code == 0) - memcpy(ent, &r->rec, sizeof(r->rec)); - } + if (r->code == 0) + memcpy(ent, &r->rec, sizeof(r->rec)); return r->code; } @@ -460,29 +389,23 @@ kadm5_randkey_principal_3(void *server_handle, r = chrand_principal3_2(&arg, handle->clnt); if(r == NULL) eret(); - if (handle->api_version == KADM5_API_VERSION_1) { - if (key) - krb5_copy_keyblock(handle->context, &r->key, key); - } else { - if (n_keys) - *n_keys = r->n_keys; - if (key) { - if(r->n_keys) { - *key = (krb5_keyblock *) - malloc(r->n_keys*sizeof(krb5_keyblock)); - if (*key == NULL) - return ENOMEM; - for (i = 0; i < r->n_keys; i++) { - ret = krb5_copy_keyblock_contents(handle->context, - &r->keys[i], - &(*key)[i]); - if (ret) { - free(*key); - return ENOMEM; - } - } - } else *key = NULL; - } + if (n_keys) + *n_keys = r->n_keys; + if (key) { + if(r->n_keys) { + *key = malloc(r->n_keys * sizeof(krb5_keyblock)); + if (*key == NULL) + return ENOMEM; + for (i = 0; i < r->n_keys; i++) { + ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i], + &(*key)[i]); + if (ret) { + free(*key); + return ENOMEM; + } + } + } else + *key = NULL; } return r->code; @@ -508,29 +431,23 @@ kadm5_randkey_principal(void *server_handle, r = chrand_principal_2(&arg, handle->clnt); if(r == NULL) eret(); - if (handle->api_version == KADM5_API_VERSION_1) { - if (key) - krb5_copy_keyblock(handle->context, &r->key, key); - } else { - if (n_keys) - *n_keys = r->n_keys; - if (key) { - if(r->n_keys) { - *key = (krb5_keyblock *) - malloc(r->n_keys*sizeof(krb5_keyblock)); - if (*key == NULL) - return ENOMEM; - for (i = 0; i < r->n_keys; i++) { - ret = krb5_copy_keyblock_contents(handle->context, - &r->keys[i], - &(*key)[i]); - if (ret) { - free(*key); - return ENOMEM; - } - } - } else *key = NULL; - } + if (n_keys) + *n_keys = r->n_keys; + if (key) { + if(r->n_keys) { + *key = malloc(r->n_keys * sizeof(krb5_keyblock)); + if (*key == NULL) + return ENOMEM; + for (i = 0; i < r->n_keys; i++) { + ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i], + &(*key)[i]); + if (ret) { + free(*key); + return ENOMEM; + } + } + } else + *key = NULL; } return r->code; diff --git a/src/lib/kadm5/clnt/clnt_policy.c b/src/lib/kadm5/clnt/clnt_policy.c index 6877ec3..fc91245 100644 --- a/src/lib/kadm5/clnt/clnt_policy.c +++ b/src/lib/kadm5/clnt/clnt_policy.c @@ -103,22 +103,8 @@ kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent) r = get_policy_2(&arg, handle->clnt); if(r == NULL) return KADM5_RPC_ERROR; - if (handle->api_version == KADM5_API_VERSION_1) { - kadm5_policy_ent_t *entp; - - entp = (kadm5_policy_ent_t *) ent; - if(r->code == 0) { - if (!(*entp = (kadm5_policy_ent_t) - malloc(sizeof(kadm5_policy_ent_rec)))) - return ENOMEM; - memcpy(*entp, &r->rec, sizeof(**entp)); - } else { - *entp = NULL; - } - } else { - if (r->code == 0) - memcpy(ent, &r->rec, sizeof(r->rec)); - } + if (r->code == 0) + memcpy(ent, &r->rec, sizeof(r->rec)); return r->code; } diff --git a/src/lib/kadm5/clnt/libkadm5clnt.exports b/src/lib/kadm5/clnt/libkadm5clnt.exports index 7f11f32..6174847 100644 --- a/src/lib/kadm5/clnt/libkadm5clnt.exports +++ b/src/lib/kadm5/clnt/libkadm5clnt.exports @@ -58,29 +58,6 @@ krb5_klog_syslog krb5_read_realm_params krb5_string_to_flags krb5_string_to_keysalts -ovsec_kadm_chpass_principal -ovsec_kadm_chpass_principal_util -ovsec_kadm_create_policy -ovsec_kadm_create_principal -ovsec_kadm_delete_policy -ovsec_kadm_delete_principal -ovsec_kadm_destroy -ovsec_kadm_flush -ovsec_kadm_free_name_list -ovsec_kadm_free_policy_ent -ovsec_kadm_free_principal_ent -ovsec_kadm_get_policies -ovsec_kadm_get_policy -ovsec_kadm_get_principal -ovsec_kadm_get_principals -ovsec_kadm_get_privs -ovsec_kadm_init -ovsec_kadm_init_with_password -ovsec_kadm_init_with_skey -ovsec_kadm_modify_policy -ovsec_kadm_modify_principal -ovsec_kadm_randkey_principal -ovsec_kadm_rename_principal xdr_chpass3_arg xdr_chpass_arg xdr_chrand3_arg @@ -103,7 +80,6 @@ xdr_gprincs_arg xdr_gprincs_ret xdr_kadm5_policy_ent_rec xdr_kadm5_principal_ent_rec -xdr_kadm5_principal_ent_rec_v1 xdr_kadm5_ret_t xdr_krb5_deltat xdr_krb5_enctype diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c index 4e9e408..c357dbf 100644 --- a/src/lib/kadm5/kadm_rpc_xdr.c +++ b/src/lib/kadm5/kadm_rpc_xdr.c @@ -380,12 +380,6 @@ xdr_kadm5_ret_t(XDR *xdrs, kadm5_ret_t *objp) return (TRUE); } -bool_t xdr_kadm5_principal_ent_rec_v1(XDR *xdrs, - kadm5_principal_ent_rec *objp) -{ - return _xdr_kadm5_principal_ent_rec(xdrs, objp, KADM5_API_VERSION_1); -} - bool_t xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp) { @@ -413,15 +407,9 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, if (!xdr_krb5_deltat(xdrs, &objp->max_life)) { return (FALSE); } - if (v == KADM5_API_VERSION_1) { - if (!xdr_krb5_principal(xdrs, &objp->mod_name)) { - return (FALSE); - } - } else { - if (!xdr_nulltype(xdrs, (void **) &objp->mod_name, - xdr_krb5_principal)) { - return (FALSE); - } + if (!xdr_nulltype(xdrs, (void **) &objp->mod_name, + xdr_krb5_principal)) { + return (FALSE); } if (!xdr_krb5_timestamp(xdrs, &objp->mod_date)) { return (FALSE); @@ -441,35 +429,33 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, if (!xdr_long(xdrs, &objp->aux_attributes)) { return (FALSE); } - if (v != KADM5_API_VERSION_1) { - if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) { - return (FALSE); - } - if (!xdr_krb5_timestamp(xdrs, &objp->last_success)) { - return (FALSE); - } - if (!xdr_krb5_timestamp(xdrs, &objp->last_failed)) { - return (FALSE); - } - if (!xdr_krb5_kvno(xdrs, &objp->fail_auth_count)) { - return (FALSE); - } - if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) { - return (FALSE); - } - if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) { - return (FALSE); - } - if (!xdr_nulltype(xdrs, (void **) &objp->tl_data, - xdr_krb5_tl_data)) { - return FALSE; - } - n = objp->n_key_data; - if (!xdr_array(xdrs, (caddr_t *) &objp->key_data, - &n, ~0, sizeof(krb5_key_data), - xdr_krb5_key_data_nocontents)) { - return (FALSE); - } + if (!xdr_krb5_deltat(xdrs, &objp->max_renewable_life)) { + return (FALSE); + } + if (!xdr_krb5_timestamp(xdrs, &objp->last_success)) { + return (FALSE); + } + if (!xdr_krb5_timestamp(xdrs, &objp->last_failed)) { + return (FALSE); + } + if (!xdr_krb5_kvno(xdrs, &objp->fail_auth_count)) { + return (FALSE); + } + if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) { + return (FALSE); + } + if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) { + return (FALSE); + } + if (!xdr_nulltype(xdrs, (void **) &objp->tl_data, + xdr_krb5_tl_data)) { + return FALSE; + } + n = objp->n_key_data; + if (!xdr_array(xdrs, (caddr_t *) &objp->key_data, + &n, ~0, sizeof(krb5_key_data), + xdr_krb5_key_data_nocontents)) { + return (FALSE); } return (TRUE); } @@ -510,14 +496,8 @@ xdr_cprinc_arg(XDR *xdrs, cprinc_arg *objp) if (!xdr_ui_4(xdrs, &objp->api_version)) { return (FALSE); } - if (objp->api_version == KADM5_API_VERSION_1) { - if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) { - return (FALSE); - } - } else { - if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { - return (FALSE); - } + if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { + return (FALSE); } if (!xdr_long(xdrs, &objp->mask)) { return (FALSE); @@ -534,14 +514,8 @@ xdr_cprinc3_arg(XDR *xdrs, cprinc3_arg *objp) if (!xdr_ui_4(xdrs, &objp->api_version)) { return (FALSE); } - if (objp->api_version == KADM5_API_VERSION_1) { - if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) { - return (FALSE); - } - } else { - if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { - return (FALSE); - } + if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { + return (FALSE); } if (!xdr_long(xdrs, &objp->mask)) { return (FALSE); @@ -589,14 +563,8 @@ xdr_mprinc_arg(XDR *xdrs, mprinc_arg *objp) if (!xdr_ui_4(xdrs, &objp->api_version)) { return (FALSE); } - if (objp->api_version == KADM5_API_VERSION_1) { - if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) { - return (FALSE); - } - } else { - if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { - return (FALSE); - } + if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { + return (FALSE); } if (!xdr_long(xdrs, &objp->mask)) { return (FALSE); @@ -796,19 +764,10 @@ xdr_chrand_ret(XDR *xdrs, chrand_ret *objp) if (!xdr_kadm5_ret_t(xdrs, &objp->code)) { return (FALSE); } - if (objp->api_version == KADM5_API_VERSION_1) { - if(objp->code == KADM5_OK) { - if (!xdr_krb5_keyblock(xdrs, &objp->key)) { - return (FALSE); - } - } - } else { - if (objp->code == KADM5_OK) { - if (!xdr_array(xdrs, (char **)&objp->keys, &objp->n_keys, ~0, - sizeof(krb5_keyblock), - xdr_krb5_keyblock)) - return FALSE; - } + if (objp->code == KADM5_OK) { + if (!xdr_array(xdrs, (char **)&objp->keys, &objp->n_keys, ~0, + sizeof(krb5_keyblock), xdr_krb5_keyblock)) + return FALSE; } return (TRUE); @@ -823,8 +782,7 @@ xdr_gprinc_arg(XDR *xdrs, gprinc_arg *objp) if (!xdr_krb5_principal(xdrs, &objp->princ)) { return (FALSE); } - if ((objp->api_version > KADM5_API_VERSION_1) && - !xdr_long(xdrs, &objp->mask)) { + if (!xdr_long(xdrs, &objp->mask)) { return FALSE; } @@ -841,15 +799,9 @@ xdr_gprinc_ret(XDR *xdrs, gprinc_ret *objp) return (FALSE); } if(objp->code == KADM5_OK) { - if (objp->api_version == KADM5_API_VERSION_1) { - if (!xdr_kadm5_principal_ent_rec_v1(xdrs, &objp->rec)) { - return (FALSE); - } - } else { - if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { - return (FALSE); - } - } + if (!xdr_kadm5_principal_ent_rec(xdrs, &objp->rec)) { + return (FALSE); + } } return (TRUE); diff --git a/src/lib/kadm5/misc_free.c b/src/lib/kadm5/misc_free.c index 9dc91b5..066bc73 100644 --- a/src/lib/kadm5/misc_free.c +++ b/src/lib/kadm5/misc_free.c @@ -18,12 +18,8 @@ kadm5_free_policy_ent(void *server_handle, kadm5_policy_ent_t val) _KADM5_CHECK_HANDLE(server_handle); - if(val) { - if (val->policy) - free(val->policy); - if (handle->api_version == KADM5_API_VERSION_1) - free(val); - } + if (val) + free(val->policy); return KADM5_OK; } @@ -74,42 +70,31 @@ kadm5_ret_t kadm5_free_key_data(void *server_handle, } kadm5_ret_t -kadm5_free_principal_ent(void *server_handle, - kadm5_principal_ent_t val) +kadm5_free_principal_ent(void *server_handle, kadm5_principal_ent_t val) { - kadm5_server_handle_t handle = server_handle; + kadm5_server_handle_t handle = server_handle; + krb5_tl_data *tl; int i; _KADM5_CHECK_HANDLE(server_handle); - if(val) { - if(val->principal) - krb5_free_principal(handle->context, val->principal); - if(val->mod_name) - krb5_free_principal(handle->context, val->mod_name); - if(val->policy) - free(val->policy); - if (handle->api_version > KADM5_API_VERSION_1) { - if (val->n_key_data) { - for (i = 0; i < val->n_key_data; i++) - krb5_free_key_data_contents(handle->context, - &val->key_data[i]); - free(val->key_data); - } - if (val->tl_data) { - krb5_tl_data *tl; - - while (val->tl_data) { - tl = val->tl_data->tl_data_next; - free(val->tl_data->tl_data_contents); - free(val->tl_data); - val->tl_data = tl; - } - } - } - - if (handle->api_version == KADM5_API_VERSION_1) - free(val); + if (!val) + return KADM5_OK; + + krb5_free_principal(handle->context, val->principal); + krb5_free_principal(handle->context, val->mod_name); + free(val->policy); + if (val->n_key_data) { + for (i = 0; i < val->n_key_data; i++) + krb5_free_key_data_contents(handle->context, &val->key_data[i]); + free(val->key_data); + } + + while (val->tl_data) { + tl = val->tl_data->tl_data_next; + free(val->tl_data->tl_data_contents); + free(val->tl_data); + val->tl_data = tl; } return KADM5_OK; } diff --git a/src/lib/kadm5/ovsec_glue.c b/src/lib/kadm5/ovsec_glue.c deleted file mode 100644 index a3ae6de..0000000 --- a/src/lib/kadm5/ovsec_glue.c +++ /dev/null @@ -1,194 +0,0 @@ -#define USE_KADM5_API_VERSION 1 -#include <kadm5/admin.h> -#include <string.h> - -ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name, char *pass, - char *service_name, - char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle) -{ - return kadm5_init_with_password(client_name, pass, service_name, - realm, struct_version, api_version, db_args, - server_handle); -} - -ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name, char *keytab, - char *service_name, - char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle) -{ - return kadm5_init_with_skey(client_name, keytab, service_name, realm, - struct_version, api_version, db_args, - server_handle); -} - -ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *from_stash, - char *service_name, - char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle) -{ - return kadm5_init(client_name, from_stash, service_name, - realm, struct_version, api_version, db_args, - server_handle); -} - -ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle) -{ - return kadm5_destroy(server_handle); -} - -ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle) -{ - return kadm5_flush(server_handle); -} - -ovsec_kadm_ret_t ovsec_kadm_create_principal(void *server_handle, - ovsec_kadm_principal_ent_t entry, - long mask, - char *password) -{ - return kadm5_create_principal(server_handle, - (kadm5_principal_ent_t) - entry, mask, password); -} - - -ovsec_kadm_ret_t ovsec_kadm_delete_principal(void *server_handle, - krb5_principal principal) -{ - return kadm5_delete_principal(server_handle, principal); -} - - -ovsec_kadm_ret_t ovsec_kadm_modify_principal(void *server_handle, - ovsec_kadm_principal_ent_t entry, - long mask) -{ - return kadm5_modify_principal(server_handle, - (kadm5_principal_ent_t) entry, mask); -} - - -ovsec_kadm_ret_t ovsec_kadm_rename_principal(void *server_handle, - krb5_principal source, - krb5_principal target) -{ - return kadm5_rename_principal(server_handle, source, target); -} - -ovsec_kadm_ret_t ovsec_kadm_get_principal(void *server_handle, - krb5_principal principal, - ovsec_kadm_principal_ent_t *entry) -{ - return kadm5_get_principal(server_handle, principal, - (kadm5_principal_ent_t *) entry); -} - -ovsec_kadm_ret_t ovsec_kadm_chpass_principal(void *server_handle, - krb5_principal principal, - char *password) -{ - return kadm5_chpass_principal(server_handle, principal, password); -} - -ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle, - krb5_principal princ, - char *new_pw, - char **ret_pw, - char *msg_ret) -{ - /* Oh crap. Can't change the API without bumping the API version... */ - memset(msg_ret, '\0', 1024); - return kadm5_chpass_principal_util(server_handle, princ, new_pw, - ret_pw, msg_ret, 1024); -} - -ovsec_kadm_ret_t ovsec_kadm_randkey_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock **key) -{ - return kadm5_randkey_principal(server_handle, principal, key); -} - -ovsec_kadm_ret_t ovsec_kadm_create_policy(void *server_handle, - ovsec_kadm_policy_ent_t entry, - long mask) -{ - return kadm5_create_policy(server_handle, - (kadm5_policy_ent_t) entry, mask); -} - -ovsec_kadm_ret_t ovsec_kadm_delete_policy(void *server_handle, - ovsec_kadm_policy_t name) -{ - return kadm5_delete_policy(server_handle, (kadm5_policy_t) name); -} - -ovsec_kadm_ret_t ovsec_kadm_modify_policy(void *server_handle, - ovsec_kadm_policy_ent_t entry, - long mask) -{ - return kadm5_modify_policy(server_handle, - (kadm5_policy_ent_t) entry, mask); -} - - -ovsec_kadm_ret_t ovsec_kadm_get_policy(void *server_handle, - ovsec_kadm_policy_t name, - ovsec_kadm_policy_ent_t *entry) -{ - return kadm5_get_policy(server_handle, (kadm5_policy_t) name, - (kadm5_policy_ent_t *) entry); -} - - -ovsec_kadm_ret_t ovsec_kadm_free_policy_ent(void *server_handle, - ovsec_kadm_policy_ent_t val) -{ - return kadm5_free_policy_ent(server_handle, (kadm5_policy_ent_t) val); -} - -ovsec_kadm_ret_t ovsec_kadm_free_name_list(void *server_handle, - char **names, int count) -{ - return kadm5_free_name_list(server_handle, names, count); -} - -ovsec_kadm_ret_t -ovsec_kadm_free_principal_ent(void *server_handle, - ovsec_kadm_principal_ent_t val) -{ - return kadm5_free_principal_ent(server_handle, - (kadm5_principal_ent_t) val); -} - -ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle, long *privs) -{ - return kadm5_get_privs(server_handle, privs); -} - -ovsec_kadm_ret_t ovsec_kadm_get_principals(void *server_handle, - char *exp, - char ***princs, - int *count) -{ - return kadm5_get_principals(server_handle, exp, princs, count); -} - -ovsec_kadm_ret_t ovsec_kadm_get_policies(void *server_handle, - char *exp, - char ***pols, - int *count) -{ - return kadm5_get_policies(server_handle, exp, pols, count); -} - diff --git a/src/lib/kadm5/srv/libkadm5srv.exports b/src/lib/kadm5/srv/libkadm5srv.exports index 545d43b..35745be 100644 --- a/src/lib/kadm5/srv/libkadm5srv.exports +++ b/src/lib/kadm5/srv/libkadm5srv.exports @@ -90,29 +90,6 @@ master_keyblock master_keylist master_princ osa_free_princ_ent -ovsec_kadm_chpass_principal -ovsec_kadm_chpass_principal_util -ovsec_kadm_create_policy -ovsec_kadm_create_principal -ovsec_kadm_delete_policy -ovsec_kadm_delete_principal -ovsec_kadm_destroy -ovsec_kadm_flush -ovsec_kadm_free_name_list -ovsec_kadm_free_policy_ent -ovsec_kadm_free_principal_ent -ovsec_kadm_get_policies -ovsec_kadm_get_policy -ovsec_kadm_get_principal -ovsec_kadm_get_principals -ovsec_kadm_get_privs -ovsec_kadm_init -ovsec_kadm_init_with_password -ovsec_kadm_init_with_skey -ovsec_kadm_modify_policy -ovsec_kadm_modify_principal -ovsec_kadm_randkey_principal -ovsec_kadm_rename_principal passwd_check xdr_chpass3_arg xdr_chpass_arg @@ -136,7 +113,6 @@ xdr_gprincs_arg xdr_gprincs_ret xdr_kadm5_policy_ent_rec xdr_kadm5_principal_ent_rec -xdr_kadm5_principal_ent_rec_v1 xdr_kadm5_ret_t xdr_krb5_deltat xdr_krb5_enctype diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c index 77a83ba..e41ecca 100644 --- a/src/lib/kadm5/srv/server_init.c +++ b/src/lib/kadm5/srv/server_init.c @@ -113,13 +113,11 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name, void **server_handle) { /* - * A program calling init_with_creds *never* expects to prompt the - * user. Therefore, always pass a dummy password in case this is - * KADM5_API_VERSION_1. If this is KADM5_API_VERSION_2 and - * MKEY_FROM_KBD is non-zero, return an error. + * A program calling init_with_creds *never* expects to prompt + * the user. If this is KADM5_API_VERSION_2 and MKEY_FROM_KBD is + * non-zero, return an error. */ - if (api_version == KADM5_API_VERSION_2 && params && - (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) && + if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) && params->mkey_from_kbd) return KADM5_BAD_SERVER_PARAMS; return kadm5_init(client_name, NULL, service_name, params, @@ -138,12 +136,10 @@ kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab, { /* * A program calling init_with_skey *never* expects to prompt the - * user. Therefore, always pass a dummy password in case this is - * KADM5_API_VERSION_1. If this is KADM5_API_VERSION_2 and - * MKEY_FROM_KBD is non-zero, return an error. + * user. If this is KADM5_API_VERSION_2 and MKEY_FROM_KBD is + * non-zero, return an error. */ - if (api_version == KADM5_API_VERSION_2 && params && - (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) && + if (params && (params->mask & KADM5_CONFIG_MKEY_FROM_KBD) && params->mkey_from_kbd) return KADM5_BAD_SERVER_PARAMS; return kadm5_init(client_name, NULL, service_name, params, @@ -202,21 +198,11 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass, KADM5_NEW_SERVER_API_VERSION); /* - * Acquire relevant profile entries. In version 2, merge values + * Acquire relevant profile entries. Merge values * in params_in with values from profile, based on * params_in->mask. - * - * In version 1, we've given a realm (which may be NULL) instead - * of params_in. So use that realm, make params_in contain an - * empty mask, and behave like version 2. */ memset(¶ms_local, 0, sizeof(params_local)); - if (api_version == KADM5_API_VERSION_1) { - params_local.realm = (char *) params_in; - if (params_in) - params_local.mask = KADM5_CONFIG_REALM; - params_in = ¶ms_local; - } #if 0 /* Now that we look at krb5.conf as well as kdc.conf, we can expect to see admin_server being set sometimes. */ @@ -311,29 +297,9 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass, return ret; } - /* - * The KADM5_API_VERSION_1 spec said "If pass (or keytab) is NULL - * or an empty string, reads the master password from [the stash - * file]. Otherwise, the non-NULL password is ignored and the - * user is prompted for it via the tty." However, the code was - * implemented the other way: when a non-NULL password was - * provided, the stash file was used. This is somewhat more - * sensible, as then a local or remote client that provides a - * password does not prompt the user. This code maintains the - * previous actual behavior, and not the old spec behavior, - * because that is how the unit tests are written. - * - * In KADM5_API_VERSION_2, this decision is controlled by - * params. - * - * kdb_init_master's third argument is "from_keyboard". - */ ret = kdb_init_master(handle, handle->params.realm, - (handle->api_version == KADM5_API_VERSION_1 ? - ((pass == NULL) || !(strlen(pass))) : - ((handle->params.mask & KADM5_CONFIG_MKEY_FROM_KBD) - && handle->params.mkey_from_kbd) - )); + (handle->params.mask & KADM5_CONFIG_MKEY_FROM_KBD) + && handle->params.mkey_from_kbd); if (ret) { krb5_db_fini(handle->context); krb5_free_context(handle->context); diff --git a/src/lib/kadm5/srv/svr_misc_free.c b/src/lib/kadm5/srv/svr_misc_free.c index d203397..1c87f06 100644 --- a/src/lib/kadm5/srv/svr_misc_free.c +++ b/src/lib/kadm5/srv/svr_misc_free.c @@ -29,9 +29,6 @@ kadm5_free_principal_ent(void *server_handle, free(val->policy); /* XXX free key_data and tl_data */ - - if (handle->api_version == KADM5_API_VERSION_1) - free(val); } return KADM5_OK; } diff --git a/src/lib/kadm5/srv/svr_policy.c b/src/lib/kadm5/srv/svr_policy.c index 7add671..5b7828c 100644 --- a/src/lib/kadm5/srv/svr_policy.c +++ b/src/lib/kadm5/srv/svr_policy.c @@ -258,7 +258,6 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name, kadm5_policy_ent_t entry) { osa_policy_ent_t t; - kadm5_policy_ent_rec entry_local, **entry_orig, *new; int ret; kadm5_server_handle_t handle = server_handle; int cnt=1; @@ -267,16 +266,6 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name, krb5_clear_error_message(handle->context); - /* - * In version 1, entry is a pointer to a kadm5_policy_ent_t that - * should be filled with allocated memory. - */ - if (handle->api_version == KADM5_API_VERSION_1) { - entry_orig = (kadm5_policy_ent_rec **) entry; - *entry_orig = NULL; - entry = &entry_local; - } - if (name == (kadm5_policy_t) NULL) return EINVAL; if(strlen(name) == 0) @@ -299,16 +288,5 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name, entry->policy_refcnt = t->policy_refcnt; krb5_db_free_policy(handle->context, t); - if (handle->api_version == KADM5_API_VERSION_1) { - new = (kadm5_policy_ent_t) malloc(sizeof(kadm5_policy_ent_rec)); - if (new == NULL) { - free(entry->policy); - krb5_db_free_policy(handle->context, t); - return ENOMEM; - } - *new = *entry; - *entry_orig = new; - } - return KADM5_OK; } diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index 4ee842f..63f6aea 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -745,7 +745,6 @@ kadm5_get_principal(void *server_handle, krb5_principal principal, long mask; int i; kadm5_server_handle_t handle = server_handle; - kadm5_principal_ent_rec entry_local, *entry_orig; CHECK_HANDLE(server_handle); @@ -756,13 +755,7 @@ kadm5_get_principal(void *server_handle, krb5_principal principal, * entry is a pointer to a kadm5_principal_ent_t_v1 that should be * filled with allocated memory. */ - if (handle->api_version == KADM5_API_VERSION_1) { - mask = KADM5_PRINCIPAL_NORMAL_MASK; - entry_orig = entry; - entry = &entry_local; - } else { - mask = in_mask; - } + mask = in_mask; memset(entry, 0, sizeof(*entry)); @@ -833,102 +826,51 @@ kadm5_get_principal(void *server_handle, krb5_principal principal, if (ret) goto done; - /* - * It's my understanding that KADM5_API_VERSION_1 is for OpenVision admin - * system compatiblity and is not required to maintain at this point so I'm - * commenting out this code. - * -- Will Fiveash - */ -#if 0 /************** Begin IFDEF'ed OUT *******************************/ - if (handle->api_version == KADM5_API_VERSION_2) - entry->mkvno = 0; - else { - /* XXX I'll be damned if I know how to deal with this one --marc */ - entry->mkvno = 1; - } -#endif /**************** END IFDEF'ed OUT *******************************/ - - /* - * The new fields that only exist in version 2 start here - */ - if (handle->api_version == KADM5_API_VERSION_2) { - if (mask & KADM5_MAX_RLIFE) - entry->max_renewable_life = kdb.max_renewable_life; - if (mask & KADM5_LAST_SUCCESS) - entry->last_success = kdb.last_success; - if (mask & KADM5_LAST_FAILED) - entry->last_failed = kdb.last_failed; - if (mask & KADM5_FAIL_AUTH_COUNT) - entry->fail_auth_count = kdb.fail_auth_count; - if (mask & KADM5_TL_DATA) { - krb5_tl_data *tl, *tl2; - - entry->tl_data = NULL; - - tl = kdb.tl_data; - while (tl) { - if (tl->tl_data_type > 255) { - if ((tl2 = dup_tl_data(tl)) == NULL) { - ret = ENOMEM; - goto done; - } - tl2->tl_data_next = entry->tl_data; - entry->tl_data = tl2; - entry->n_tl_data++; - } + if (mask & KADM5_MAX_RLIFE) + entry->max_renewable_life = kdb.max_renewable_life; + if (mask & KADM5_LAST_SUCCESS) + entry->last_success = kdb.last_success; + if (mask & KADM5_LAST_FAILED) + entry->last_failed = kdb.last_failed; + if (mask & KADM5_FAIL_AUTH_COUNT) + entry->fail_auth_count = kdb.fail_auth_count; + if (mask & KADM5_TL_DATA) { + krb5_tl_data *tl, *tl2; - tl = tl->tl_data_next; - } - } - if (mask & KADM5_KEY_DATA) { - entry->n_key_data = kdb.n_key_data; - if(entry->n_key_data) { - entry->key_data = (krb5_key_data *) - malloc(entry->n_key_data*sizeof(krb5_key_data)); - if (entry->key_data == NULL) { - ret = ENOMEM; - goto done; - } - } else - entry->key_data = NULL; - - for (i = 0; i < entry->n_key_data; i++) - ret = krb5_copy_key_data_contents(handle->context, - &kdb.key_data[i], - &entry->key_data[i]); - if (ret) - goto done; - } - } + entry->tl_data = NULL; - /* - * If KADM5_API_VERSION_1, we return an allocated structure, and - * we need to convert the new structure back into the format the - * caller is expecting. - */ - if (handle->api_version == KADM5_API_VERSION_1) { - kadm5_principal_ent_t_v1 newv1; + tl = kdb.tl_data; + while (tl) { + if (tl->tl_data_type > 255) { + if ((tl2 = dup_tl_data(tl)) == NULL) { + ret = ENOMEM; + goto done; + } + tl2->tl_data_next = entry->tl_data; + entry->tl_data = tl2; + entry->n_tl_data++; + } - newv1 = ((kadm5_principal_ent_t_v1) calloc(1, sizeof(*newv1))); - if (newv1 == NULL) { - ret = ENOMEM; - goto done; - } + tl = tl->tl_data_next; + } + } + if (mask & KADM5_KEY_DATA) { + entry->n_key_data = kdb.n_key_data; + if(entry->n_key_data) { + entry->key_data = malloc(entry->n_key_data*sizeof(krb5_key_data)); + if (entry->key_data == NULL) { + ret = ENOMEM; + goto done; + } + } else + entry->key_data = NULL; - newv1->principal = entry->principal; - newv1->princ_expire_time = entry->princ_expire_time; - newv1->last_pwd_change = entry->last_pwd_change; - newv1->pw_expiration = entry->pw_expiration; - newv1->max_life = entry->max_life; - newv1->mod_name = entry->mod_name; - newv1->mod_date = entry->mod_date; - newv1->attributes = entry->attributes; - newv1->kvno = entry->kvno; - newv1->mkvno = entry->mkvno; - newv1->policy = entry->policy; - newv1->aux_attributes = entry->aux_attributes; - - *((kadm5_principal_ent_t_v1 *) entry_orig) = newv1; + for (i = 0; i < entry->n_key_data; i++) + ret = krb5_copy_key_data_contents(handle->context, + &kdb.key_data[i], + &entry->key_data[i]); + if (ret) + goto done; } ret = KADM5_OK; @@ -1625,25 +1567,11 @@ kadm5_randkey_principal_3(void *server_handle, goto done; if (keyblocks) { - if (handle->api_version == KADM5_API_VERSION_1) { - /* Version 1 clients will expect to see a DES_CRC enctype. */ - ret = krb5_dbe_find_enctype(handle->context, &kdb, - ENCTYPE_DES_CBC_CRC, - -1, -1, &key_data); - if (ret) - goto done; - - ret = decrypt_key_data(handle->context, act_mkey, 1, key_data, - keyblocks, NULL); - if (ret) - goto done; - } else { - ret = decrypt_key_data(handle->context, act_mkey, - kdb.n_key_data, kdb.key_data, - keyblocks, n_keys); - if (ret) - goto done; - } + ret = decrypt_key_data(handle->context, act_mkey, + kdb.n_key_data, kdb.key_data, + keyblocks, n_keys); + if (ret) + goto done; } /* key data changed, let the database provider know */ @@ -2112,23 +2040,11 @@ kadm5_get_principal_keys(void *server_handle /* IN */, } } - if (handle->api_version == KADM5_API_VERSION_1) { - /* Version 1 clients will expect to see a DES_CRC enctype. */ - if ((ret = krb5_dbe_find_enctype(handle->context, &kdb, - ENCTYPE_DES_CBC_CRC, - -1, -1, &key_data))) - goto done; - - if ((ret = decrypt_key_data(handle->context, mkey_ptr, 1, key_data, - keyblocks, NULL))) - goto done; - } else { - ret = decrypt_key_data(handle->context, mkey_ptr, - kdb.n_key_data, kdb.key_data, - keyblocks, n_keys); - if (ret) - goto done; - } + ret = decrypt_key_data(handle->context, mkey_ptr, + kdb.n_key_data, kdb.key_data, + keyblocks, n_keys); + if (ret) + goto done; } ret = KADM5_OK; diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/unit-test/Makefile.in index 91729d7..8afe66a 100644 --- a/src/lib/kadm5/unit-test/Makefile.in +++ b/src/lib/kadm5/unit-test/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=../../.. myfulldir=lib/kadm5/unit-test mydir=lib/kadm5/unit-test BUILDTOP=$(REL)..$(S)..$(S).. -DEFINES = -DUSE_KADM5_API_VERSION=1 +DEFINES = PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) KDB_DEP_LIB=$(DL_LIB) $(THREAD_LINKOPTS) @@ -55,9 +55,6 @@ server-iter-test: iter-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o server-iter-test iter-test.o \ $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS) -setkey-test.o: $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c - $(CC) $(ALL_CFLAGS) -UUSE_KADM5_API_VERSION -DUSE_KADM5_API_VERSION=2 -c $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c - server-setkey-test: setkey-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o server-setkey-test setkey-test.o \ $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS) diff --git a/src/lib/kadm5/unit-test/README.new-tests b/src/lib/kadm5/unit-test/README.new-tests deleted file mode 100644 index d63ecc2..0000000 --- a/src/lib/kadm5/unit-test/README.new-tests +++ /dev/null @@ -1,12 +0,0 @@ -The deja-gnu unit tests in this directory are arranged as follows: - -api.0: original unit tests for the ovsec_kadm_api - -api.1: additional tests for ovsec_kadm_api that run after api.0 - -api.2: Each file whose name is the same as a file in api.0 contains -all of the same tests, but using the kadm5 with KADM5_API_VERSION_1. -Each file with a -v2 suffix tests KADM5_API_VERSION_2-specific -functionality. New tests should be added to the files in this -directory, not api.0. Tests should be added to the lowest-numbered -version file they apply to. diff --git a/src/lib/kadm5/unit-test/api.0/chpass-principal.exp b/src/lib/kadm5/unit-test/api.0/chpass-principal.exp deleted file mode 100644 index 93869f7..0000000 --- a/src/lib/kadm5/unit-test/api.0/chpass-principal.exp +++ /dev/null @@ -1,176 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "chpass-principal 180" -proc test180 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_chpass_principal $server_handle "%s/a" FoobarBax - } $test] - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test180 } - -test "chpass-principal 180.5" -proc test1805 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_chpass_principal $server_handle "%s/a" FoobarBax - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test1805 } - -# -# admin with changepw service tickets try to change other principals -# password, failes with AUTH error -test "chpass-principal 180.625" -proc test180625 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_chpass_principal $server_handle "%s/a" password - } $test] "AUTH" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test180625 } - -test "chpass-principal 180.75" -proc test18075 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_chpass_principal $server_handle "%s/a" Foobar - } $test] "AUTH_CHANGEPW" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test18075 } - -test "chpass-principal 182" -proc test182 {} { - global test - - if { ! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_chpass_principal $server_handle kadmin/history password - } "PROTECT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test182 - -test "chpass-principal 183" -proc test183 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if { ! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_chpass_principal null "%s/a" password - } $test] "BAD_SERVER_HANDLE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test183 - -return "" diff --git a/src/lib/kadm5/unit-test/api.0/crte-policy.exp b/src/lib/kadm5/unit-test/api.0/crte-policy.exp deleted file mode 100644 index e2185c7..0000000 --- a/src/lib/kadm5/unit-test/api.0/crte-policy.exp +++ /dev/null @@ -1,956 +0,0 @@ -load_lib lib.t -api_exit -api_start - -# Description: (1) Fails for mask with undefined bit set. -# 01/24/94: pshuang: untried. -test "create-policy 1" -proc test1 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete policy \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - 0xF01000 - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test1 - -# Description: (2) Fails if caller connected with CHANGEPW_SERVICE. -test "create-policy 2" -proc test2 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy"; - return - } -} -if {$RPC} { test2 } - -# Description: (3) Fails for mask without POLICY bit set. -# 01/24/94: pshuang: untried. -test "create-policy 3" -proc test3 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete policy \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - 0x000000 - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test3 - -# Description: (4) Fails for mask with REF_COUNT bit set. -test "create-policy 4" -proc test4 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete policy \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY OVSEC_KADM_REF_COUNT} - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test4 - -# Description: (5) Fails for invalid policy name. -# 01/24/94: pshuang: untried. -test "create-policy 5" -proc test5 {} { - global test - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/"] \ - {OVSEC_KADM_POLICY} - } $test] "BAD_POLICY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test5 - -# Description: (6) Fails for existing policy name. -test "create-policy 6" -proc test6 {} { - global test -# set prms_id 777 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_create_policy $server_handle [simple_policy test-pol] \ - {OVSEC_KADM_POLICY} - } "DUP" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test6 - -# Description: (7) Fails for null policy name. -# 01/24/94: pshuang: untried. -test "create-policy 7" -proc test7 {} { - global test -# set prms_id 1977 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_create_policy $server_handle [simple_policy null] \ - {OVSEC_KADM_POLICY} - } "EINVAL" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test7 - -# Description: (8) Fails for empty-string policy name. -test "create-policy 8" -proc test8 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_create_policy $server_handle [simple_policy ""] \ - {OVSEC_KADM_POLICY} - } "BAD_POLICY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test8 - -# Description: (9) Accepts 0 for pw_min_life. -test "create-policy 9" -proc test9 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE} - } $test]]} { - fail "$test: create failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -# Description: (10) Accepts non-zero for pw_min_life. -test "create-policy 10" -proc test10 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_create_policy $server_handle {"%s/a" 32 0 0 0 0 0 } \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - -# Description: (11) Accepts 0 for pw_max_life. -test "create-policy 11" -proc test11 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MAX_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -# Description: (12) Accepts non-zero for pw_max_life. -test "create-policy 12" -proc test12 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_policy $server_handle {"%s/a" 0 32 0 0 0 0 } \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MAX_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -# Description: (13) Rejects 0 for pw_min_length. -test "create-policy 13" -proc test13 {} { - global test - global prompt - - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH} - } $test] "BAD_LENGTH" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -# Description: (14) Accepts non-zero for pw_min_length. -test "create-policy 14" -proc test14 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 8 0 0 0 } \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 3\n" - expect { - -re "8\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -# Description: (15) Rejects 0 for pw_min_classes. -test "create-policy 15" -proc test15 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -# Description: (16) Accepts 1 for pw_min_classes. -test "create-policy 16" -proc test16 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 1 0 0 } \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -# Description: (17) Accepts 4 for pw_min_classes. -test "create-policy 17" -proc test17 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 5 0 0} \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "5\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -# Description: (18) Rejects 5 for pw_min_classes. -test "create-policy 18" -proc test18 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 6 0 0} \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test18 - -# Description: (19) Rejects 0 for pw_history_num. -test "create-policy 19" -proc test19 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM} - } $test] "BAD_HISTORY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test19 - -# Description: (20) Accepts 1 for pw_history_num. -test "create-policy 20" -proc test20 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 1 0} \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test20 - -# Description: (21) Accepts 10 for pw_history_num. -test "create-policy 21" -proc test21 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 10 0} \ - {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "10\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21 - -# Description: (22) Fails for user with no access bits. -test "create-policy 22" -proc test22 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test22 - -# Description: (23) Fails for user with "get" but not "add". -test "create-policy 23" -proc test23 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test23 - -# Description: (24) Fails for user with "modify" but not "add". -# 01/24/94: pshuang: untried. -test "create-policy 24" -proc test24 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test24 - -# Description: (25) Fails for user with "delete" but not "add". -# 01/24/94: pshuang: untried. -test "create-policy 25" -proc test25 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test25 - -# Description: Succeeds for user with "add". -test "create-policy 26" -proc test26 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY} - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test26 - -# Description: Succeeds for user with "get" and "add". -# 01/24/94: pshuang: untried. -test "create-policy 27" -proc test27 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/get-add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY} - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test27 - -# Description: (28) Rejects null policy argument. -# 01/24/94: pshuang: untried. -test "create-policy 28" -proc test28 {} { - global test - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_create_policy $server_handle null {OVSEC_KADM_POLICY} - } "EINVAL" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "create-policy 30" -proc test30 {} { - global test - one_line_fail_test [format { - ovsec_kadm_create_policy null [simple_policy "%s/a"] \ - {OVSEC_KADM_POLICY} - } $test] "BAD_SERVER_HANDLE" -} -test30 - -return "" diff --git a/src/lib/kadm5/unit-test/api.0/crte-principal.exp b/src/lib/kadm5/unit-test/api.0/crte-principal.exp deleted file mode 100644 index 676a830..0000000 --- a/src/lib/kadm5/unit-test/api.0/crte-principal.exp +++ /dev/null @@ -1,1336 +0,0 @@ -load_lib lib.t -api_exit -api_start - -#test "create-principal 1" -# -#proc test1 {} { -# global test -# begin_dump -# one_line_fail_test [format { -# ovsec_kadm_create_principal $server_handle \ -# [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a" -# } $test $test] "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test1 - -test "create-principal 2" - -proc test2 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_create_principal $server_handle null \ - {OVSEC_KADM_PRINCIPAL} testpass - } "EINVAL" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test2 - -test "create-principal 3" -proc test3 {} { - global test -# set prms_id 777 -# setup_xfail {*-*-*} $prms_id - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} null - } $test] "EINVAL" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test3 - -test "create-principal 4" -proc test4 {} { - global test - - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} "" - } $test] "_Q_TOOSHORT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test4 - -test "create-principal 5" -proc test5 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle \ - [simple_principal "%s/a"] {0x100001} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test5 - -test "create-principal 6" -proc test6 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_LAST_PWD_CHANGE} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test6 - -test "create-principal 7" -proc test7 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_MOD_TIME} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test7 - -test "create-principal 8" -proc test8 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_MOD_NAME} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test8 - -test "create-principal 9" -proc test9 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_MKVNO} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test9 - -test "create-principal 10" -proc test10 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_AUX_ATTRIBUTES} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test10 - -test "create-principal 11" -proc test11 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_POLICY_CLR} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test11 - -test "create-principal 12" -proc test12 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" - -} -if {$RPC} { test12 } - -test "create-principal 13" -proc test13 {} { - global test - begin_dump - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -if {$RPC} { test13 } - -test "create-principal 14" -proc test14 {} { - global test - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -if {$RPC} { test14 } - -test "create-principal 15" -proc test15 {} { - global test - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -if {$RPC} { test15 } - -test "create-principal 16" -proc test16 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -if {$RPC} { test16 } - -test "create-principal 17" -proc test17 {} { - global test - - begin_dump - if {! (( [principal_exists "$test/a"]) || [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} testpass - } $test] "DUP" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test17 - -test "create-principal 18" -proc test18 {} { - global test - - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} tP - } $test] "_Q_TOOSHORT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test18 - -test "create-principal 19" -proc test19 {} { - global test - - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} testpassword - } $test] "_Q_CLASS" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test19 - -test "create-principal 20" -proc test20 {} { - global test - - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} Abyssinia - } $test] "_Q_DICT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test20 - -test "create-principal 21" -proc test21 {} { - global test - - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_create_principal $server_handle \ - [princ_w_pol "%s/a" non-existant-pol] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} NotinTheDictionary - } $test] "UNK_POLICY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test21 - -test "create-principal 23" -proc test23 {} { - global test - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - one_line_succeed_test \ - [format {ovsec_kadm_get_principal $server_handle "%s/a" p} $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test23 - -test "create-principal 24" -proc test24 {} { - global test - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - one_line_succeed_test \ - [format {ovsec_kadm_get_principal $server_handle "%s/a" p} $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test24 } - - -test "create-principal 28" -proc test28 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return - } - send "lindex \$principal 10\n" - expect { - -re "test-pol.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "create-principal 29" -proc test29 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PRINC_EXPIRE_TIME} \ - inTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 1\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test29 - -test "create-principal 30" -proc test30 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test30 - -test "create-principal 31" -proc test31 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol-nopw] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ - OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test31 - -test "create-principal 32" -proc test32 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ - OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} { - error_and_restart "$test: cannot retrieve policy" - return - } - - send "lindex \$principal 6\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting mod_date" - return - } - eof { - error_and_restart "$test: eof getting mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { $pw_expire != 0 } { - fail "$test: pw_expire $pw_expire should be 0" - return - } else { - pass "$test" - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { -perror"$test: unexpected failure in destroy" - return - } -} -test32 - -test "create-principal 33" -proc test33 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { -perror"$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle \ - {"%s/a" 0 0 1234 0 null 0 0 0 0 null 0} \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "1234.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test33 - -test "create-principal 34" -proc test34 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle \ - { "%s/a" 0 0 1234 0 null 0 0 0 0 test-pol-nopw 0} \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ - OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "1234.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test34 - -test "create-principal 35" -proc test35 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle \ - {"%s/a" 0 0 1234 0 null 0 0 0 0 test-pol 0} \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ - OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "1234.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test35 - -test "create-principal 36" -proc test36 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle \ - {"%s/a" 0 0 999999999 0 null 0 0 0 0 test-pol 0} \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ - OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy} ]} { - error_and_restart "$test: cannot retrieve policy" - return - } - - send "lindex \$principal 6\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting mod_date" - return - } - eof { - error_and_restart "$test: eof getting mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { $pw_expire != 999999999 } { - fail "$test: pw_expire $pw_expire should be 999999999" - return - } else { - pass "$test" - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { -perror"$test: unexpected failure in destroy" - return - } -} -test36 - -test "create-principal 37" -proc test37 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test37 - -test "create-principal 38" -proc test38 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \ - test-pol-nopw] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test38 - -test "create-principal 39" -proc test39 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if { ! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: cannot not retrieve principal" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} { - error_and_restart "$test: cannot retrieve policy" - return - } - send "lindex \$principal 6\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting mod_date" - return - } - eof { - error_and_restart "$test: eof getting mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { [expr "$mod_date + $pw_max_life - $pw_expire"] > 5 } { - fail "$test: pw_expire is wrong" - return - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { -perror"$test: unexpected failure in destroy" - return - } -} -test39 - -test "create-principal 40" -proc test40 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { -perror"$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - fail "$test: can not retreive principal" - return; - } - send "lindex \$principal 4\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test40 - -test "create-principal 43" -proc test43 {} { - global test - one_line_fail_test [format { - ovsec_kadm_create_principal null \ - [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a" - } $test $test] "BAD_SERVER_HANDLE" -} -test43 - -return "" diff --git a/src/lib/kadm5/unit-test/api.0/destroy.exp b/src/lib/kadm5/unit-test/api.0/destroy.exp deleted file mode 100644 index 0f10399..0000000 --- a/src/lib/kadm5/unit-test/api.0/destroy.exp +++ /dev/null @@ -1,203 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "destroy 1" - -proc test1 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {ovsec_kadm_destroy $server_handle} - end_dump_compare "no-diffs" -} -test1 - -#test "destroy 2" -# -#proc test2 {} { -# global test -# begin_dump -# if {! [cmd { -# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# }]} { -# perror "$test: unexpected failure on init" -# return -# } -# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# return -# } -# one_line_fail_test \ -# {ovsec_kadm_get_principal $server_handle admin principal} \ -# "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test2 - -#test "destroy 3" -#proc test3 {} { -# global test -# -# begin_dump -# if {! (( ! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} { -# error_and_restart "$test couldn't delete principal \"$test/a\"" -# return -# } -# if {! [cmd { -# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# }]} { -# perror "$test: unexpected failure on init" -# return -# } -# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# return -# } -# one_line_fail_test [format { -# ovsec_kadm_create_principal $server_handle \ -# [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a" -# } $test $test] "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test3 - -#test "destroy 4" -#proc test4 {} { -# global test prompt -# -# if {! (([principal_exists "$test/a"]) || [create_principal "$test/a"])} { -# error_and_restart "$test: couldn't create principal \"$test/a\"" -# return -# } -# begin_dump -# if {! ([cmd { -# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# }] && -# [cmd [format { -# ovsec_kadm_get_principal $server_handle "%s/a" principal -# } $test]])} { -# error_and_restart "$test: error getting principal" -# return; -# } -# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# return -# } -# one_line_fail_test [format { -# ovsec_kadm_modify_principal $server_handle \ -# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {OVSEC_KADM_KVNO} -# } $test "77"] "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test4 - -#test "destroy 5" -# -#proc test5 {} { -# global test -# -# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { -# error_and_restart "$test: couldn't create principal \"$test/a\"" -# return -# } -# begin_dump -# if {! [cmd { -# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# }]} { -# perror "$test: unexpected failure on init" -# return -# } -# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# return -# } -# one_line_fail_test [format { -# ovsec_kadm_delete_principal $server_handle "%s/a" -# } $test] "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test5 - -#test "destroy 6" -# -#proc test6 {} { -# global test -# begin_dump -# one_line_fail_test {ovsec_kadm_destroy $server_handle} "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test6 - - -#test "destroy 7" -# -#proc test7 {} { -# global test -# begin_dump -# if {! [cmd { -# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# }]} { -# perror "$test: unexpected failure in init" -# return -# } -# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# } -# one_line_fail_test {ovsec_kadm_destroy $server_handle} "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test7 - -test "destroy 8" -proc test8 {} { - global test - begin_dump - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } - one_line_succeed_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } - end_dump_compare "no-diffs" -} -test8 - -test "destroy 9" -proc test9 {} { - global test - one_line_fail_test {ovsec_kadm_destroy null} "BAD_SERVER_HANDLE" -} -test9 - -return "" diff --git a/src/lib/kadm5/unit-test/api.0/dlte-policy.exp b/src/lib/kadm5/unit-test/api.0/dlte-policy.exp deleted file mode 100644 index cd82738..0000000 --- a/src/lib/kadm5/unit-test/api.0/dlte-policy.exp +++ /dev/null @@ -1,207 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "delete-policy 2" -proc test2 {} { - global test -# set prms_id 744 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test \ - {ovsec_kadm_delete_policy $server_handle ""} "BAD_POL" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test2 - -test "delete-policy 5" -proc test5 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_policy $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if ${RPC} test5 - -test "delete-policy 6" -proc test6 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_policy $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if ${RPC} test6 - -test "delete-policy 7" -proc test7 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_policy $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test7 - -test "delete-policy 10" -proc test10 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_delete_policy $server_handle "%s/a" - } $test]]} { - fail "$test" - return - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - if { [policy_exists "$test/a"]} { - fail "$test" - return - } -} -test10 - -test "delete-policy 12" -proc test12 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test unexecpted failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \ - "%s/a"] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \ - NotinTheDictionary - } $test $test]]} { - fail "$test: can not create principal" - return; - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test \ - {ovsec_kadm_delete_policy $server_handle test-pol} "POLICY_REF" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "delete-policy 13" -proc test13 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_policy null "%s/a" - } $test] "BAD_SERVER_HANDLE" -} -test13 - -return "" diff --git a/src/lib/kadm5/unit-test/api.0/dlte-principal.exp b/src/lib/kadm5/unit-test/api.0/dlte-principal.exp deleted file mode 100644 index 5c617fb..0000000 --- a/src/lib/kadm5/unit-test/api.0/dlte-principal.exp +++ /dev/null @@ -1,329 +0,0 @@ -load_lib lib.t - -api_exit -api_start - -#test "delete-principal 1" -#proc test1 {} { -# global test -# one_line_fail_test [format { -# ovsec_kadm_delete_principal $server_handle "%s/a" -# } $test] "NOT_INIT" -#} -#test1 - -test "delete-principal 2" -proc test2 {} { - global test - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test \ - {ovsec_kadm_delete_principal $server_handle null} "EINVAL" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: unexpected failure in destroy" - return - } -} -test2 - -test "delete-principal 5" -proc test5 {} { - global test - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_principal $server_handle "%s/a" - } $test] "UNK_PRINC" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test5 - -test "delete-principal 6" -proc test6 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" test-pol])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test6 } - - -test "delete-principal 7" -proc test7 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test7 } - - -test "delete-principal 8" -proc test8 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test8 } - -test "delete-principal 9" -proc test9 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test9 } - -test "delete-principal 10" -proc test10 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test10 } - -test "delete-principal 11" -proc test11 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_delete_principal $server_handle "%s/a" - } $test]]} { - fail "$test: delete failed" - return; - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - if { [principal_exists "$test/a"] } { - fail "$test" - return - } -} -test11 - -test "delete-principal 12" -proc test12 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" test-pol])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} { - perror "$test: unexpected failure on get policy" - return - } - if { ! [cmd [format { - ovsec_kadm_delete_principal $server_handle "%s/a" - } $test]]} { - fail "$test: delete failed" - return - } - if { [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" p - } $test]]} { - fail "$test: principal still exists" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} { - perror "$test: unexpected failure on get policy" - return - } - send "lindex \$p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - - send "lindex \$p2 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { [expr "$oldref - 1"] != $newref } { - fail "$test: policy reference count is wrong" - return; - } - pass "$test" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} - -test12 - -test "delete-principal 13" -proc test13 {} { - global test - one_line_fail_test [format { - ovsec_kadm_delete_principal null "%s/a" - } $test] "BAD_SERVER_HANDLE" -} -test13 - -return "" - - - - - diff --git a/src/lib/kadm5/unit-test/api.0/get-policy.exp b/src/lib/kadm5/unit-test/api.0/get-policy.exp deleted file mode 100644 index 7b01814..0000000 --- a/src/lib/kadm5/unit-test/api.0/get-policy.exp +++ /dev/null @@ -1,199 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "get-policy 3" -proc test3 {} { - global test -# set prms_id 744 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {ovsec_kadm_get_policy $server_handle "" p} "BAD_POLICY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test3 - -test "get-policy 6" -proc test6 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test6 - -test "get-policy 7" -proc test7 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test7 - -test "get-policy 11" -proc test11 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin/get-pol StupidAdmin $OVSEC_KADM_ADMIN_SERVICE \ - null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {ovsec_kadm_get_policy $server_handle test-pol p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -test "get-policy 12" -proc test12 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin/get-pol StupidAdmin \ - $OVSEC_KADM_CHANGEPW_SERVICE null $OVSEC_KADM_STRUCT_VERSION \ - $OVSEC_KADM_API_VERSION_1 server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {ovsec_kadm_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "get-policy 15" -proc test15 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin/pol StupidAdmin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {ovsec_kadm_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "get-policy 16" -proc test16 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin/pol StupidAdmin $OVSEC_KADM_CHANGEPW_SERVICE \ - null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {ovsec_kadm_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -test "get-policy 17" -proc test17 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {ovsec_kadm_get_policy $server_handle test-pol p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -test "get-policy 18" -proc test18 {} { - global test - - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test18 - -test "get-policy 21" -proc test21 {} { - global test - - one_line_fail_test {ovsec_kadm_get_policy null "pol1" p} "BAD_SERVER_HANDLE" -} -test21 diff --git a/src/lib/kadm5/unit-test/api.0/get-principal.exp b/src/lib/kadm5/unit-test/api.0/get-principal.exp deleted file mode 100644 index cf055f7..0000000 --- a/src/lib/kadm5/unit-test/api.0/get-principal.exp +++ /dev/null @@ -1,346 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "get-principal 1" -proc test1 {} { - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test \ - {ovsec_kadm_get_principal $server_handle null p} "EINVAL" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test1 - -test "get-principal 2" -proc test2 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_get_principal $server_handle "%s/a" p - } $test] "UNK_PRINC" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test2 - -test "get-principal 3" -proc test3 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_get_principal $server_handle "%s/a" p - } $test] "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test3 } - -test "get-principal 4" -proc test4 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_get_principal $server_handle "%s/a" p - } $test] "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test4 } - -test "get-principal 5" -proc test5 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_get_principal $server_handle "%s/a" p - } $test] "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test5 } - -test "get-principal 6" -proc test6 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_get_principal $server_handle "%s/a" p - } $test] "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test6 } - -test "get-principal 7" -proc test7 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_get_principal $server_handle "%s/a" p - } $test] "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test7 } - - -test "get-principal 8" -proc test8 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_get_principal $server_handle "%s/a" p - } $test] "AUTH_GET" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test8 } - - -test "get-principal 9" -proc test9 {} { - global test - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {ovsec_kadm_get_principal $server_handle admin/none p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -test "get-principal 10" -proc test10 {} { - global test - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {ovsec_kadm_get_principal $server_handle admin/none p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - -test "get-principal 11" -proc test11 {} { - global test - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/get p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -test "get-principal 12" -proc test12 {} { - global test - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/get p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "get-principal 13" -proc test13 {} { - global test - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/add p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -test "get-principal 14" -proc test14 {} { - global test - if {! [cmd { - ovsec_kadm_init admin/get-mod admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/add p} - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -test "get-principal 15" -proc test15 {} { - one_line_fail_test \ - {ovsec_kadm_get_principal null "admin" p} "BAD_SERVER_HANDLE" -} -test15 - -return "" - - - - diff --git a/src/lib/kadm5/unit-test/api.0/init.exp b/src/lib/kadm5/unit-test/api.0/init.exp deleted file mode 100644 index d39ecce..0000000 --- a/src/lib/kadm5/unit-test/api.0/init.exp +++ /dev/null @@ -1,728 +0,0 @@ -load_lib lib.t - -# Assumptions: -# -# Principal "admin" exists, with "get", "add", "modify" and "delete" -# access bits and password "admin". -# The string "not-the-password" isn't the password of any user in the database. -# Database master password is "mrroot". - -api_exit -api_start -test "init 1" - -one_line_fail_test_nochk \ - {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE "" \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle} - -test "init 2" - -one_line_fail_test_nochk \ - {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE @ \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle} - -test "init 2.5" - -one_line_fail_test_nochk \ - {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE BAD.REALM \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle} - -test "init 3" - -proc test3 {} { - global test - if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - one_line_fail_test_nochk [format { - ovsec_kadm_init admin admin "%s/a" null $OVSEC_KADM_STRUCT_VERSION \ - $OVSEC_KADM_API_VERSION_1 server_handle - } $test] -} -if {$RPC} { test3 } - -test "init 4" - -proc test4 {} { - global test - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - one_line_fail_test_nochk [format { - ovsec_kadm_init admin admin "%s/a" null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } $test] -} -if {$RPC} { test4 } - -test "init 5" - -if {$RPC} { - one_line_fail_test_nochk { - ovsec_kadm_init admin admin admin null $OVSEC_KADM_STRUCT_VERSION \ - $OVSEC_KADM_API_VERSION_1 server_handle - } -} - -test "init 6" - -proc test6 {} { - global test - - send "ovsec_kadm_init admin null \$OVSEC_KADM_ADMIN_SERVICE null \$OVSEC_KADM_STRUCT_VERSION \$OVSEC_KADM_API_VERSION_1 server_handle\n" - - expect { - -re "assword\[^\r\n\]*: *" { } - eof { - fail "$test: eof instead of password prompt" - api_exit - api_start - return - } - timeout { - fail "$test: timeout instead of password prompt" - return - } - } - one_line_succeed_test "admin" - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if { $RPC } { test6 } - -test "init 7" -proc test7 {} { - global test - - send "ovsec_kadm_init admin \"\" \$OVSEC_KADM_ADMIN_SERVICE null \$OVSEC_KADM_STRUCT_VERSION \$OVSEC_KADM_API_VERSION_1 server_handle\n" - - expect { - -re "assword\[^\r\n\]*: *" { } - -re "\n\[^\n\]+key:\[^\n\]*$" { } - eof { - fail "$test: eof instead of password prompt" - api_exit - api_start - return - } - timeout { - fail "$test: timeout instead of password prompt" - return - } - } - one_line_succeed_test "admin" - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if { $RPC } { test7 } - -test "init 8" - -proc test8 {} { - global test - if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - one_line_fail_test_nochk [format { - ovsec_kadm_init "%s/a" admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } $test] -} -if {$RPC} { test8 } - -test "init 9" - -if {$RPC} { - global test - one_line_fail_test_nochk { - ovsec_kadm_init admin not-the-password $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } -} - -test "init 10" - -proc test10 {} { - global test -# set prms_id 562 -# setup_xfail {*-*-*} $prms_id - one_line_fail_test_nochk { - ovsec_kadm_init null admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } -} -test10 - -#test "init 11" -# -#proc test11 {} { -# global test -# set prms_id 563 -# setup_xfail {*-*-*} $prms_id -# one_line_fail_test_nochk { -# ovsec_kadm_init "" admin $OVSEC_KADM_ADMIN_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# } -#} -#test11 - -test "init 12" - -proc test12 {} { - global test - one_line_fail_test_nochk [format { - ovsec_kadm_init "%s/a" admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } $test] -} -if {$RPC} { test12 } - -test "init 13" - -proc test13 {} { - global test - one_line_fail_test_nochk [format { - ovsec_kadm_init "%s/a@SECURE-TEST.OV.COM" admin \ - $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION \ - $OVSEC_KADM_API_VERSION_1 server_handle - } $test] -} -if {$RPC} { test13 } - -test "init 14" - -proc test14 {} { - global test - one_line_fail_test_nochk [format { - ovsec_kadm_init "%s/a@BAD.REALM" admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } $test] -} -if {$RPC} { test14 } - -test "init 15" - -if {$RPC} { - one_line_fail_test_nochk { - ovsec_kadm_init admin@BAD.REALM admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } -} - -test "init 16" - -proc test16 {} { - global test - one_line_succeed_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test16 - -test "init 17" - -proc test17 {} { - global test - one_line_succeed_test { - ovsec_kadm_init admin@SECURE-TEST.OV.COM admin \ - $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION \ - $OVSEC_KADM_API_VERSION_1 server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test17 - -test "init 18" - -proc test18 {} { - global test - one_line_succeed_test { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test18 - -test "init 19" - -proc test19 {} { - global test - one_line_succeed_test { - ovsec_kadm_init admin@SECURE-TEST.OV.COM admin \ - $OVSEC_KADM_ADMIN_SERVICE SECURE-TEST.OV.COM \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test19 - -test "init 20" - -proc test20 {} { - global test - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - error_and_restart "$test: couldn't init database" - return - } - one_line_succeed_test \ - {ovsec_kadm_get_principal $server_handle admin principal} - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test20 - -#test "init 21" -# -#proc test21 {} { -# global test -# if {! [cmd { -# ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# }]} { -# error_and_restart "$test: couldn't init database" -# return -# } -# one_line_fail_test_nochk { -# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# } -# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# } -#} -#test21 - - -proc test22 {} { - global test prompt - set prompting 0 - send [string trim { - ovsec_kadm_init admin null null null $OVSEC_KADM_STRUCT_VERSION \ - $OVSEC_KADM_API_VERSION_1 server_handle - }] - send "\n" - expect { - -re "\n\[^\n\]+:\[^\n\]*$" { set prompting 1} - -re "\nOK .*$prompt$" { fail "$test: premature success" } - -re "\nERROR .*$prompt$" { fail "$test: premature failure" } - timeout { fail "$test: timeout" } - eof { fail "$test: eof" } - } - if {$prompting} { - one_line_succeed_test mrroot - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} { test22 } - -test "init 22.5" -proc test225 {} { - global test prompt - set prompting 0 - send [string trim { - ovsec_kadm_init admin null null null $OVSEC_KADM_STRUCT_VERSION \ - $OVSEC_KADM_API_VERSION_1 server_handle - }] - send "\n" - expect { - -re "\n\[^\n\]+:\[^\n\]*$" { set prompting 1} - -re "\nOK .*$prompt$" { fail "$test: premature success" } - -re "\nERROR .*$prompt$" { fail "$test: premature failure" } - timeout { fail "$test: timeout" } - eof { fail "$test: eof" } - } - if {$prompting} { - one_line_succeed_test mrroot - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} { test225 } - -test "init 23" - -proc test23 {} { - global test - one_line_succeed_test { - ovsec_kadm_init admin not-the-password $OVSEC_KADM_ADMIN_SERVICE \ - null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} { test23 } - -test "init 24" - -proc test24 {} { - global test - one_line_succeed_test { - ovsec_kadm_init admin admin null null $OVSEC_KADM_STRUCT_VERSION \ - $OVSEC_KADM_API_VERSION_1 server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} { test24 } - -test "init 25" - -proc test25 {} { - global test - one_line_succeed_test { - ovsec_kadm_init admin admin foobar null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} { test25 } - -test "init 26" - -#proc test26 {} { -# global test -# -# api_exit -# api_start -# one_line_fail_test_nochk { -# ovsec_kadm_get_principal $server_handle admin principal -# } -#} -#test26 - -#test "init 27" -# -#proc test27 {} { -# global test -# -# if {! ((! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} { -# error_and_restart "$test: couldn't delete principal \"$test/a\"" -# return -# } -# begin_dump -# if {[cmd [format { -# ovsec_kadm_create_principal $server_handle [simple_principal \ -# "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a" -# } $test $test]]} { -# fail "$test: unexpected success in add" -# return -# } -# end_dump_compare "no-diffs" -#} -#test27 - -#test "init 28" -# -#proc test28 {} { -# global test prompt -# -# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { -# error_and_restart "$test: couldn't create principal \"$test/a\"" -# return -# } -# begin_dump -# if {! ([cmd { -# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ -# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ -# server_handle -# }] && [cmd [format { -# ovsec_kadm_get_principal $server_handle "%s/a" principal -# } $test]])} { -# error_and_restart "$test: error getting principal" -# return; -# } -# send "lindex \$principal 8\n" -# expect { -# -re "\n(\[0-9\]+).*$prompt$" {set kvno $expect_out(1,string) } -# timeout { -# error_and_restart "$test: timeout getting principal kvno" -# return -# } -# eof { -# error_and_restart "$test: eof getting principal kvno" -# return -# } -# } -# api_exit -# api_start -# set new_kvno [expr "$kvno + 1"] -# if {[cmd [format { -# ovsec_kadm_modify_principal $server_handle \ -# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {OVSEC_KADM_KVNO} -# } $test $new_kvno]]} { -# fail "$test: unexpected success in modify" -# return; -# } -# end_dump_compare "no-diffs" -#} -#test28 - -#test "init 29" -# -#proc test29 {} { -# global test -# -# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { -# error_and_restart "$test: couldn't create principal \"$test/a\"" -# return -# } -# begin_dump -# if {[cmd [format { -# ovsec_kadm_delete_principal $server_handle "%s/a" -# } $test]]} { -# fail "$test: unexpected success in delete" -# return -# } -# end_dump_compare "no-diffs" -#} -#test29 - -test "init 30" -proc test30 {} { - global test - if {[cmd { - ovsec_kadm_init admin foobar $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - error_and_restart "$test: unexpected success" - return - } - one_line_succeed_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if ${RPC} { test30 } - -test "init 31" -proc test31 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $bad_struct_version_mask $OVSEC_KADM_API_VERSION_1 \ - server_handle - } "BAD_STRUCT_VERSION" -} -test31 - -test "init 32" -proc test32 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $no_struct_version_mask $OVSEC_KADM_API_VERSION_1 \ - server_handle - } "BAD_STRUCT_VERSION" -} -test32 - -test "init 33" -proc test33 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $old_struct_version $OVSEC_KADM_API_VERSION_1 \ - server_handle - } "OLD_STRUCT_VERSION" -} -test33 - -test "init 34" -proc test34 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $new_struct_version $OVSEC_KADM_API_VERSION_1 \ - server_handle - } "NEW_STRUCT_VERSION" -} -test34 - -test "init 35" -proc test35 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $bad_api_version_mask \ - server_handle - } "BAD_API_VERSION" -} -test35 - -test "init 36" -proc test36 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $no_api_version_mask \ - server_handle - } "BAD_API_VERSION" -} -test36 - -test "init 37" -proc test37 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $old_api_version \ - server_handle - } "OLD_LIB_API_VERSION" -} -if { $RPC } test37 - -test "init 38" -proc test38 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $old_api_version \ - server_handle - } "OLD_SERVER_API_VERSION" -} -if { ! $RPC } test38 - -test "init 39" -proc test39 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $new_api_version \ - server_handle - } "NEW_LIB_API_VERSION" -} -if { $RPC } test39 - -test "init 40" -proc test40 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $new_api_version \ - server_handle - } "NEW_SERVER_API_VERSION" -} -if { ! $RPC } test40 - -test "init 41" -proc test41 {} { - global test - one_line_fail_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_API_VERSION_1 $OVSEC_KADM_STRUCT_VERSION \ - server_handle - } "BAD_" -} -test41 - -test "init 42" -proc test42 {} { - global test - one_line_succeed_test { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } - if {! [cmd {ovsec_kadm_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test42 - - -proc test45_46 {service} { - global test kadmin_local env - - spawn $kadmin_local -q "delprinc -force $service" - expect { - -re "Principal .* deleted." {} - default { - perror "kadmin.local delprinc failed\n"; - } - } - expect eof - wait - - one_line_fail_test [concat {ovsec_kadm_init admin admin } \ - $service \ - { null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle}] "SECURE_PRINC_MISSING" - - # this leaves the keytab with an incorrect entry - spawn $kadmin_local -q "ank -randkey $service" - expect eof - wait - - # restart the api so it gets a new ccache - api_exit - api_start -} - -if {$RPC} { - test "init 45" - - test45_46 ovsec_adm/admin - - test "init 46" - - test45_46 ovsec_adm/changepw - - # re-extract the keytab so it is right - exec rm $env(K5ROOT)/ovsec_adm.srvtab - exec $env(MAKE_KEYTAB) -princ ovsec_adm/admin -princ ovsec_adm/changepw \ - -princ kadmin/admin -princ kadmin/changepw \ - $env(K5ROOT)/ovsec_adm.srvtab -} - -return "" - diff --git a/src/lib/kadm5/unit-test/api.0/mod-policy.exp b/src/lib/kadm5/unit-test/api.0/mod-policy.exp deleted file mode 100644 index ec55999..0000000 --- a/src/lib/kadm5/unit-test/api.0/mod-policy.exp +++ /dev/null @@ -1,703 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "modify-policy 2" -proc test2 {} { - global test - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test2 } - -test "modify-policy 4" -proc test4 {} { - global test - - if {! ([policy_exists "$test/a"] || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_REF_COUNT} - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test4 - -test "modify-policy 8" -proc test8 {} { - global test -# set prms_id 744 -# setup_xfail {*-*-*} $prms_id - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_modify_policy $server_handle [simple_policy ""] \ - {OVSEC_KADM_PW_MAX_LIFE} - } "BAD_POLICY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test8 - -test "modify-policy 9" -proc test9 {} { - global test - global prompt - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MIN_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -test "modify-policy 10" -proc test10 {} { - global test - global prompt - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle {"%s/a" 32 0 0 0 0 0} \ - {OVSEC_KADM_PW_MIN_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - - -test "modify-policy 11" -proc test11 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MAX_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -test "modify-policy 12" -proc test12 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle {"%s/a" 0 32 0 0 0 0} \ - {OVSEC_KADM_PW_MAX_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "modify-policy 13" -proc test13 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MIN_LENGTH} - } $test] "BAD_LENGTH" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -test "modify-policy 14" -proc test14 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 8 0 0 0} \ - {OVSEC_KADM_PW_MIN_LENGTH} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 3\n" - expect { - -re "8\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -test "modify-policy 15" -proc test15 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "modify-policy 16" -proc test16 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0} \ - {OVSEC_KADM_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -test "modify-policy 17" -proc test17 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 5 0 0} \ - {OVSEC_KADM_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "5\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -test "modify-policy 18" -proc test18 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 6 0 0} \ - {OVSEC_KADM_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test18 - -test "modify-policy 19" -proc test19 {} { - global test - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_HISTORY_NUM} - } $test] "BAD_HISTORY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test19 - -test "modify-policy 20" -proc test20 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 0 1 0} \ - {OVSEC_KADM_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test20 - -test "modify-policy 21" -proc test21 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 0 10 0} \ - {OVSEC_KADM_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - ovsec_kadm_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "10\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21 - -test "modify-policy 22" -proc test22 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test22 - -test "modify-policy 23" -proc test23 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test23 - -test "modify-policy 26" -proc test26 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MAX_LIFE} - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test26 - -test "modify-policy 30" -proc test30 {} { - global test - - one_line_fail_test [format { - ovsec_kadm_modify_policy null [simple_policy "%s/a"] \ - {OVSEC_KADM_PW_MAX_LIFE} - } $test] "BAD_SERVER_HANDLE" -} -test30 - -return "" diff --git a/src/lib/kadm5/unit-test/api.0/mod-principal.exp b/src/lib/kadm5/unit-test/api.0/mod-principal.exp deleted file mode 100644 index 2d68a19..0000000 --- a/src/lib/kadm5/unit-test/api.0/mod-principal.exp +++ /dev/null @@ -1,1943 +0,0 @@ -load_lib lib.t -api_exit -api_start - -#test "modify-principal 1" -#proc test1 {} { -# global test -# one_line_fail_test [format { -# ovsec_kadm_modify_principal $server_handle [simple_principal \ -# "%s/a"] {OVSEC_KADM_PW_EXPIRATION} -# } $test] "NOT_INIT" -#} -#test1 - -test "modify-principal 2" -proc test2 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test] "AUTH_MODIFY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test2 } - -test "modify-principal 4" -proc test4 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINCIPAL} - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test4 - - -test "modify-principal 5" -proc test5 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_LAST_PWD_CHANGE} - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test5 - -test "modify-principal 6" -proc test6 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_MOD_TIME} - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test6 - -test "modify-principal 7" -proc test7 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_MOD_NAME} - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test7 - -test "modify-principal 8" -proc test8 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_MKVNO} - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test8 - -test "modify-principal 9" -proc test9 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_AUX_ATTRIBUTES} - } $test] "BAD_MASK" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -test "modify-principal 10" -proc test10 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test] "UNK_PRINC" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - -test "modify-principal 11" -proc test11 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test] "AUTH_MOD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test11 } - -test "modify-principal 12" -proc test12 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test] "AUTH_MOD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test12 } - -test "modify-principal 13" -proc test13 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test] "AUTH_MOD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test13 } - -test "modify-principal 14" -proc test14 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test] "AUTH_MOD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test14 } - -test "modify-principal 15" -proc test15 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "modify-principal 17" -proc test17 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - no-policy] {OVSEC_KADM_POLICY} - } $test] "UNK_POLICY" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -test "modify-principal 18" -proc test18 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal "$test/a"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} { - perror "$test: unexpected failure on get policy" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {OVSEC_KADM_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 10\n" - expect { - -re "test-pol\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - send "lindex \$p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} { - perror "$test: unexpected failure on get policy" - return - } - - send "lindex \$p2 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { [expr "$oldref + 1"] != $newref } { - fail "$test: policy reference count is wrong" - return; - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test18 - -test "modify-principal 19" -proc test19 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal "$test/a"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} { - perror "$test: unexpected failure on get policy" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {OVSEC_KADM_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 10\n" - expect { - -re "test-pol\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - send "lindex \$p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} { - perror "$test: unexpected failure on get policy" - return - } - - send "lindex \$p2 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { [expr "$oldref + 1"] != $newref } { - fail "$test: policy reference count is wrong" - return; - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test19 - -test "modify-principal 20" -proc test20 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal_pol "$test/a" "test-pol"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} { - perror "$test: unexpected failure on get policy" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_POLICY_CLR} - } $test]]} { - perror "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 10\n" - expect { - -re "test-pol\n$prompt$" { fail "$test" } - -re "null\n$prompt$" { pass "$test" } - timeout { pass "$test" } - } - send "lindex \$p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} { - perror "$test: unexpected failure on get policy" - return - } - - send "lindex \$p2 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { [expr "$oldref - 1"] != $newref } { - fail "$test: policy reference count is wrong" - return; - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test20 - -test "modify-principal 21" -proc test21 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal_pol "$test/a" "test-pol"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} { - perror "$test: unexpected failure on get policy" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw old_p2}]} { - perror "$test: unexpected failure on get policy" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol-nopw] {OVSEC_KADM_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$old_p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - send "lindex \$old_p2 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set old_p2_ref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} { - perror "$test: unexpected failure on get policy" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw new_p2}]} { - perror "$test: unexpected failure on get policy" - return - } - - send "lindex \$new_p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - send "lindex \$new_p2 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set new_p2_ref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { [expr "$old_p1_ref - 1"] != $new_p1_ref } { - fail "$test: policy reference count is wrong" - return; - } - if { [expr "$old_p2_ref + 1"] != $new_p2_ref } { - fail "$test: policy reference count is wrong" - return; - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21 - -test "modify-principal 21.5" -proc test21.5 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal_pol "$test/a" "test-pol"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} { - perror "$test: unexpected failure on get policy" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {OVSEC_KADM_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$old_p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} { - perror "$test: unexpected failure on get policy" - return - } - - send "lindex \$new_p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - - if {$old_p1_ref != $new_p1_ref} { - fail "$test: policy reference count changed ($old_p1_ref to $new_p1_ref)" - return - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21.5 - -test "modify-principal 22" -proc test22 {} { - global test - global prompt - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PW_EXPIRATION} - } $test]]} { - fail "$test: modifiy failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test22 - -test "modify-principal 23" -proc test23 {} { - global test - global prompt - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" test-pol-nopw])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PW_EXPIRATION} - } $test]]} { - fail "$test: modifiy failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test23 - -test "modify-principal 24" -proc test24 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" "test-pol" ])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - error_and_restart "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PW_EXPIRATION} - } $test]]} { - fail "$test: could not modify principal" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - if { ! [cmd [format { - ovsec_kadm_get_policy $server_handle %s policy - } test-pol]]} { - error_and_restart "$test: cannot retrieve policy" - return - } - send "lindex \$principal 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting mod_date" - return - } - eof { - error_and_restart "$test: eof getting pw_mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { $pw_expire != 0 } { - fail "$test: pw_expire $pw_expire should be 0" - return - } else { - pass "$test" - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test24 - -test "modify-principal 25" -proc test25 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "1234\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test25 - -test "modify-principal 26" -proc test26 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" "test-pol-nopw" ])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "1234\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test26 - -test "modify-principal 27" -proc test27 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" "test-pol" ])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "1234\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test27 - -test "modify-principal 28" -proc test28 {} { - global test - global prompt -# set prms_id 1358 -# setup_xfail {*-*-*} $prms_id - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" "test-pol" ])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 999999999 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} { - error_and_restart "$test: cannot retrieve policy" - return - } - send "lindex \$principal 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_mod_date" - return - } - eof { - error_and_restart "$test: eof getting pw_mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { $pw_expire != 999999999 } { - fail "$test: pw_expire $pw_expire should be 999999999" - return - } - pass "$test" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "modify-principal 29" -proc test29 {} { - global test - global prompt - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { ! ([create_principal_pol "$test/a" test-pol])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_POLICY_CLR} - } $test]]} { - fail "$test: modifiy failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test29 - -test "modify-principal 30" -proc test30 {} { - global test - global prompt - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal_pol "$test/a" test-pol])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol-nopw] {OVSEC_KADM_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test30 - -test "modify-principal 31" -proc test31 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {OVSEC_KADM_POLICY} - } $test]]} { - fail "modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} { - error_and_restart "$test: cannot retrieve policy" - return - } - send "lindex \$principal 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_mod_date" - return - } - eof { - error_and_restart "$test: eof getting pw_mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { [expr "$pw_mod_date + $pw_max_life"] != $pw_expire } { - fail "$test: pw_expire is wrong" - return - } - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test31 - -test "modify-principal 32" -proc test32 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 1234 0 0 0 0 0 0 0 0 0 0} \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 1\n" - expect { - -re "1234\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test32 - -test "modify-principal 33" -proc test33 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_ALL_TIX 0 0 0 0} \ - {OVSEC_KADM_ATTRIBUTES} - } $test]]} { - fail "$test: modified fail" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 7\n" - expect { - -re "KRB5_KDB_DISALLOW_ALL_TIX.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test33 - -test "modify-principal 33.25" -proc test3325 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 KRB5_KDB_REQUIRES_PWCHANGE 0 0 0 0} \ - {OVSEC_KADM_ATTRIBUTES} - } $test]]} { - fail "$test: modified fail" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 7\n" - expect { - -re "KRB5_KDB_REQUIRES_PWCHANGE.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test3325 - -test "modify-principal 33.5" -proc test335 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_TGT_BASED 0 0 0 0} \ - {OVSEC_KADM_ATTRIBUTES} - } $test]]} { - fail "$test: modified fail" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 7\n" - expect { - -re "KRB5_KDB_DISALLOW_TGT_BASED.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test335 - - -test "modify-principal 34" -proc test34 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 0 3456 0 0 0 0 0 0 0} {OVSEC_KADM_MAX_LIFE} - } $test]]} { - fail "$test: modify failed" - return - } - - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 4\n" - expect { - -re "3456\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test34 - -test "modify-principal 35" -proc test35 {} { - global prompt - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - ovsec_kadm_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 0 7 0 0 0} {OVSEC_KADM_KVNO} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 8\n" - expect { - -re "7\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test35 - -test "modify-principal 36" -proc test36 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal_pol "$test/a" "test-pol"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol}]} { - perror "$test: unexpected failure on get policy" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {OVSEC_KADM_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 10\n" - expect { - -re "test-pol\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - send "lindex \$pol 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol2}]} { - perror "$test: unexpected failure on get policy" - return - } - send "lindex \$pol2 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { $oldref != $newref } { - fail "$test: policy reference count is wrong" - return; - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test36 - -test "modify-principal 37" -proc test37 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal "$test/a"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_POLICY_CLR} - } $test]]} { - fail "$test: modify failed" - return - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test37 - -test "modify-principal 38" -proc test38 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 1\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test38 - -test "modify-principal 39" -proc test39 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ - {OVSEC_KADM_MAX_LIFE} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - ovsec_kadm_get_principal $server_handle "%s/a" principal - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 4\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test39 - -test "modify-principal 40" -proc test40 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_modify_principal $server_handle null \ - {OVSEC_KADM_PRINC_EXPIRE_TIME} - } "EINVAL" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test40 - -test "modify-principal 43" -proc test43 {} { - global test - one_line_fail_test [format { - ovsec_kadm_modify_principal null [simple_principal \ - "%s/a"] {OVSEC_KADM_PW_EXPIRATION} - } $test] "BAD_SERVER_HANDLE" -} -test43 - -return "" diff --git a/src/lib/kadm5/unit-test/api.0/randkey-principal.exp b/src/lib/kadm5/unit-test/api.0/randkey-principal.exp deleted file mode 100644 index c967001..0000000 --- a/src/lib/kadm5/unit-test/api.0/randkey-principal.exp +++ /dev/null @@ -1,319 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "randkey-principal 1" -proc test1 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd [format { - ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } $test $test]]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] "PASS_TOOSOON" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test1 } - -test "randkey-principal 3" -proc test3 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd [format { - ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } $test $test]]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] "PASS_TOOSOON" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if ${RPC} { test3 } - -test "randkey-principal 13" -proc test13 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ - once-a-min] OVSEC_KADM_POLICY - } $test]]} { - perror "$test: failed modify" - return - } - one_line_succeed_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -test "randkey-principal 15" -proc test15 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] "AUTH_CHANGEPW" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test15 } - -test "randkey-principal 28" -proc test28 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "randkey-principal 28.25" -proc test2825 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] "AUTH" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test2825 } - -test "randkey-principal 28.5" -proc test285 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test285 - -test "randkey-principal 30" -proc test30 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [create_principal "$test/a"]} { - error_and_restart "$test: creating principal" - return - } - if {! [cmd [format { - ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } $test $test]]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test30 - -test "randkey-principal 31" -proc test31 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal "$test/a"]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd [format { - ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - } $test $test]]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_randkey_principal $server_handle "%s/a" key - } $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test31 - -test "randkey-principal 32" -proc test32 {} { - global test - - if { ! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - ovsec_kadm_randkey_principal $server_handle kadmin/history key - } "PROTECT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test32 - -test "randkey-principal 33" -proc test33 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if { ! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_randkey_principal null "%s/a" key - } $test] "BAD_SERVER_HANDLE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} - -test33 - -return "" diff --git a/src/lib/kadm5/unit-test/api.0/rename-principal.exp b/src/lib/kadm5/unit-test/api.0/rename-principal.exp deleted file mode 100644 index d5f012f..0000000 --- a/src/lib/kadm5/unit-test/api.0/rename-principal.exp +++ /dev/null @@ -1,509 +0,0 @@ -load_lib lib.t -api_exit -api_start - -#test "rename-principal 1" -#proc test1 {} { -# global test -# one_line_fail_test [format { -# ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" -# } $test $test] "NOT_INIT" -#} -#test1 - -test "rename-principal 2" -proc test2 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "INSUFFICIENT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - -} -if {$RPC} { test2 } - -test "rename-principal 3" -proc test3 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_INSUFFICIENT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test3 } - -test "rename-principal 4" -proc test4 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_INSUFFICIENT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test4 } - -test "rename-principal 5" -proc test5 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_INSUFFICIENT" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test5 } - -test "rename-principal 6" -proc test6 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/mod-add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test6 } - -test "rename-principal 7" -proc test7 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/mod-delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test7 } - -test "rename-principal 8" -proc test8 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/get-add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test8 } - -test "rename-principal 9" -proc test9 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/get-delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test9 } - -test "rename-principal 10" -proc test10 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/no-delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_DELETE" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test10 } - -test "rename-principal 11" -proc test11 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/no-add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH_ADD" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test11 } - -test "rename-principal 12" -proc test12 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test12 } - - -test "rename-principal 13" -proc test13 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "AUTH" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test13 } - -test "rename-principal 14" -proc test14 {} { - global test - - if {[principal_exists "$test/a"]} { - delete_principal "$test/a" - } - - if {[create_principal_with_keysalts "$test/a" "des-cbc-crc:v4"]} { - error_and_restart "$test: couldn't create no-salt principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -test "rename-principal 15" -proc test15 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( [principal_exists "$test/b"]) || - [create_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "DUP" - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "rename-principal 16" -proc test16 {} { - global test - one_line_fail_test [format { - ovsec_kadm_rename_principal null "%s/a" "%s/b" - } $test $test] "BAD_SERVER_HANDLE" -} -test16 - -test "rename-principal 18" -proc test18 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! (( ! [principal_exists "$test/b"]) || - [delete_principal "$test/b"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" - } $test $test] "NO_RENAME_SALT" - - if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test18 - -return "" diff --git a/src/lib/kadm5/unit-test/api.1/lock.exp b/src/lib/kadm5/unit-test/api.1/lock.exp deleted file mode 100644 index 02df75b..0000000 --- a/src/lib/kadm5/unit-test/api.1/lock.exp +++ /dev/null @@ -1,287 +0,0 @@ -# This is in api.1 so that it happens after all the tests in api.0. -# If some API function does not unlock the database then the server -# (whichs runs through all api tests) will still have it locked, and -# these tests will fail. - -load_lib lib.t - -api_exit - -if { $RPC } { - return -} - -send_user "UNTESTED: lock: DAL changes broke locking code (see MIT RT ticket 3201)\n" -untested "lock: DAL changes broke locking code (see MIT RT ticket 3201)" -return - -set locktest $LOCKTEST -set lockfile $env(K5ROOT)/kdb5.kadm5.lock - -# The lock tests use the program lock-test in the unit test -# directory. The basic idea is that lock-test can be told to acquire -# various kinds of locks and then wait for input before proceeding; -# this is necessary because otherwise we'd have no way to test locking -# interactions without a race condition. -# -# lock_test_start and lock_test_continue work together to give a crude -# form of continuations. lock_test_continue expects a list of -# commands for lock-test (passed on the command line) and responses -# (read from stdout). When it gets to a command of "wait", -# lock_test_continue returns, and its return value is a list of the -# arguments that it should be passed to continue processing that -# particular list of commands for that particular lock-test after -# whatever that requried lock-test to wait has been completed. -# -# lock_test is simply a wrapper for tests that do not involve wait. - -proc lock_test_setup {test cmds} { - global locktest spawn_id - - verbose "test $test" - - set cmdline "" - foreach cmdpair $cmds { - if {[lindex $cmdpair 0] == "eof"} { - break - } - set cmdline "$cmdline [lindex $cmdpair 0]" - } - - verbose "spawning $locktest $cmdline" - eval "spawn $locktest $cmdline" -} - -proc lock_test {test cmds} { - global spawn_id - - lock_test_setup $test $cmds - set lockany [lock_test_continue $test $spawn_id 0 "" 0 $cmds] - while {$lockany != {}} { - set lockany [eval lock_test_continue $lockany] - } -} - -proc lock_test_start {test cmds} { - global spawn_id - - lock_test_setup $test $cmds - return [lock_test_continue $test $spawn_id 0 "" 0 $cmds] -} - -proc lock_test_continue {test my_spawn_id test_failed fail_output cont cmds} { - global wait_error_index wait_errno_index wait_status_index - global spawn_id - - set spawn_id $my_spawn_id - - if {$cont == 1} { - send -i $spawn_id "\n" - } - - while {[llength $cmds] > 0} { - set cmdpair [lindex $cmds 0] - set cmds [lrange $cmds 1 end] - set cmd [lindex $cmdpair 0] - set output [lindex $cmdpair 1] - - verbose "test $test: command: $cmd" - - if {$cmd == "wait"} { - # ah, for continuations... - return [list $test $spawn_id $test_failed $fail_output 1 $cmds] - } - if {$cmd == "eof"} { - set status $output - set output "doesnotmatchanything" - } - - expect { - -i $spawn_id - -re "$output" { verbose "test $test: read: $output" } - timeout { - set test_failed 1 - set fail_output "timeout while waiting for $output" - } - eof { - if {$cmd != "eof"} { - set test_failed 1 - set fail_output "eof while waiting for $output" - } - } - } - - if {$test_failed == 1} { break } - } - - # In timeout cases, the process may not be dead yet. - catch { exec kill -9 [exp_pid -i $spawn_id] } x - set ret [wait -i $spawn_id] - verbose "% Exit $ret" 2 - - if {$test_failed == 0} { - if {[lindex $ret $wait_error_index] == -1} { - set test_failed 1 - set fail_output "wait returned error [lindex $ret $wait_errno_index]" - } else { - if { [lindex $ret $wait_status_index] == $status || - (($status<0) && ([lindex $ret $wait_status_index] == ($status+256))) } { - verbose "test $test: status $status" - } else { - set test_failed 1 - set fail_output "unexpected return status [lindex $ret $wait_status_index], should be $status" - } - } - } - - if {$test_failed == 0} { - pass $test - } else { - fail "$test: $fail_output" - } - - return {} -} - -set lock1 [lock_test_start 1 [list \ - [list shared "shared"] \ - [list release "released"] \ - [list wait ""] \ - [list eof 0]]] -eval lock_test_continue $lock1 - -set lock2 [lock_test_start 2 [list \ - [list exclusive exclusive] \ - [list release released] \ - [list wait ""] \ - [list eof 0]]] -eval lock_test_continue $lock2 - -set lock3 [lock_test_start 5 [list \ - [list permanent permanent] \ - [list release released] \ - [list wait ""] \ - [list eof 0]]] -eval lock_test_continue $lock3 - -set lock4 [lock_test_start 4 [list \ - [list release "Database not locked"] \ - [list wait ""] \ - [list eof 0]]] -eval lock_test_continue $lock4 - -set lock5 [lock_test_start 5 [list \ - [list shared shared] \ - [list wait ""] \ - [list eof 0]]] -set lock5_1 [lock_test_start 5.1 [list \ - [list shared shared] \ - [list wait ""] \ - [list eof 0]]] -eval lock_test_continue $lock5_1 -eval lock_test_continue $lock5 - -set lock6 [lock_test_start 6 [list \ - [list exclusive exclusive] \ - [list wait ""] \ - [list eof 0]]] -set lock6_1 [lock_test_start 6.1 [list \ - [list shared "Cannot lock database"] \ - [list wait ""] \ - [list eof 0]]] -eval lock_test_continue $lock6_1 -eval lock_test_continue $lock6 - -set lock7 [lock_test_start 7 [list \ - [list shared shared] \ - [list wait ""] \ - [list eof 0]]] -set lock7_1 [lock_test_start 7.1 [list \ - [list exclusive "Cannot lock database"] \ - [list wait ""] \ - [list eof 0]]] -eval lock_test_continue $lock7_1 -eval lock_test_continue $lock7 - -set lock8 [lock_test_start 8 [list \ - [list permanent permanent] \ - [list wait ""] \ - [list release "released" ] \ - [list wait ""] \ - [list eof 0]]] -set lock8_1 [lock_test_start 8.1 [list \ - [list "" "administration database lock file missing while opening database" ] \ - [list wait ""] \ - [list eof 1]]] -eval lock_test_continue $lock8_1 -eval set lock8 \[lock_test_continue $lock8\] -eval lock_test_continue $lock8 - -set lock9 [lock_test_start 9 [list \ - [list exclusive exclusive] \ - [list release released] \ - [list wait ""] \ - [list exclusive "database lock file missing while getting exclusive"] \ - [list wait ""] \ - [list eof 0]]] -set lock9_1 [lock_test_start 9.1 [list \ - [list permanent permanent] \ - [list wait ""] \ - [list release released] \ - [list wait ""] \ - [list eof 0]]] -eval set lock9 \[lock_test_continue $lock9\] -eval lock_test_continue $lock9 -eval set lock9_1 \[lock_test_continue $lock9_1\] -eval lock_test_continue $lock9_1 - -if {! [file exists $lockfile]} { - perror "lock file missing before test 10" -} -set lock10 [lock_test_start 10 [list \ - [list permanent permanent] \ - [list wait ""] \ - [list release released] \ - [list wait ""] \ - [list eof 0]]] -if {[file exists $lockfile]} { - fail "test 10: lock file exists" -} -eval set lock10 \[lock_test_continue $lock10\] -eval lock_test_continue $lock10 -if {[file exists $lockfile]} { - pass "test 11: lock file exists" -} else { - fail "test 11: lock file does not exist" -} - -set lock12 [lock_test_start 12 [list \ - [list shared shared] \ - [list wait ""] \ - [list eof 0]]] -set lock12_1 [lock_test_start 12.1 [list \ - [list "get test-pol" retrieved] \ - [list wait ""] \ - [list eof 0]]] -eval lock_test_continue $lock12_1 -eval lock_test_continue $lock12 - -set lock13 [lock_test_start 13 [list \ - [list "get lock13" "Principal or policy does not exist"] \ - [list wait ""] \ - [list "get lock13" retrieved] \ - [list wait ""] \ - [list eof 0]]] -set test13_spawn_id $spawn_id -# create_policy could call api_exit immediately when it starts up. -# If it does, and the spawn ID in $spawn_id is ours rather than its, -# it'll close our spawn ID. So, we call api_start to give it something -# to close. -api_start -create_policy lock13 -set api_spawn_id $spawn_id -set spawn_id $test13_spawn_id -eval set lock13 \[lock_test_continue $lock13\] -eval lock_test_continue $lock13 -set spawn_id $api_spawn_id -delete_policy lock13 diff --git a/src/lib/kadm5/unit-test/config/unix.exp b/src/lib/kadm5/unit-test/config/unix.exp index 3f36655..f14f126 100644 --- a/src/lib/kadm5/unit-test/config/unix.exp +++ b/src/lib/kadm5/unit-test/config/unix.exp @@ -151,13 +151,13 @@ proc api_start {} { eof { error "EOF starting API" } timeout { error "Timeout starting API" } } - send "set current_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION &~ \$OVSEC_KADM_STRUCT_VERSION_MASK\]\n" + send "set current_struct_version \[expr \$KADM5_STRUCT_VERSION &~ \$KADM5_STRUCT_VERSION_MASK\]\n" expect { -re "$prompt$" {} eof { error "EOF setting API varibles"} timeout { error "timeout setting API varibles"} } - send "set current_api_version \[expr \$OVSEC_KADM_API_VERSION_1 &~ \$OVSEC_KADM_API_VERSION_MASK\]\n" + send "set current_api_version \[expr \$KADM5_API_VERSION_2 &~ \$KADM5_API_VERSION_MASK\]\n" expect { -re "$prompt$" {} eof { error "EOF setting API varibles"} @@ -187,25 +187,25 @@ proc api_start {} { eof { error "EOF setting API varibles"} timeout { error "timeout setting API varibles"} } - send "set old_api_version \[expr \$OVSEC_KADM_API_VERSION_MASK | 0x00\]\n" + send "set old_api_version \[expr \$KADM5_API_VERSION_MASK | 0x00\]\n" expect { -re "$prompt$" {} eof { error "EOF setting API varibles"} timeout { error "timeout setting API varibles"} } - send "set old_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION_MASK | 0x00\]\n" + send "set old_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0x00\]\n" expect { -re "$prompt$" {} eof { error "EOF setting API varibles"} timeout { error "timeout setting API varibles"} } - send "set new_api_version \[expr \$OVSEC_KADM_API_VERSION_MASK | 0xca\]\n" + send "set new_api_version \[expr \$KADM5_API_VERSION_MASK | 0xca\]\n" expect { -re "$prompt$" {} eof { error "EOF setting API varibles"} timeout { error "timeout setting API varibles"} } - send "set new_struct_version \[expr \$OVSEC_KADM_STRUCT_VERSION_MASK | 0xca\]\n" + send "set new_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0xca\]\n" expect { -re "$prompt$" {} eof { error "EOF setting API varibles"} diff --git a/src/lib/kadm5/unit-test/destroy-test.c b/src/lib/kadm5/unit-test/destroy-test.c index 6d7435c..2610060 100644 --- a/src/lib/kadm5/unit-test/destroy-test.c +++ b/src/lib/kadm5/unit-test/destroy-test.c @@ -13,24 +13,23 @@ int main() { - ovsec_kadm_ret_t ret; + kadm5_ret_t ret; char *cp; int x; void *server_handle; kadm5_server_handle_t handle; for(x = 0; x < TEST_NUM; x++) { - ret = ovsec_kadm_init("admin", "admin", "ovsec_adm/admin", 0, - OVSEC_KADM_STRUCT_VERSION, - OVSEC_KADM_API_VERSION_1, NULL, - &server_handle); - if(ret != OVSEC_KADM_OK) { + ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0, + KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL, + &server_handle); + if(ret != KADM5_OK) { com_err("test", ret, "init"); exit(2); } handle = (kadm5_server_handle_t) server_handle; - cp = (char *) strdup(((char *) (strchr(handle->cache_name, ':')) + 1)); - ovsec_kadm_destroy(server_handle); + cp = strdup(strchr(handle->cache_name, ':') + 1); + kadm5_destroy(server_handle); if(access(cp, F_OK) == 0) { puts("ticket cache not destroyed"); exit(2); diff --git a/src/lib/kadm5/unit-test/handle-test.c b/src/lib/kadm5/unit-test/handle-test.c index 3f72385..231d950 100644 --- a/src/lib/kadm5/unit-test/handle-test.c +++ b/src/lib/kadm5/unit-test/handle-test.c @@ -11,12 +11,12 @@ int main(int argc, char *argv[]) { - ovsec_kadm_ret_t ret; + kadm5_ret_t ret; void *server_handle; kadm5_server_handle_t handle; kadm5_server_handle_rec orig_handle; - ovsec_kadm_policy_ent_t pol; - ovsec_kadm_principal_ent_t princ; + kadm5_policy_ent_rec pol; + kadm5_principal_ent_t princ; krb5_keyblock *key; krb5_principal tprinc; krb5_context context; @@ -24,103 +24,104 @@ int main(int argc, char *argv[]) kadm5_init_krb5_context(&context); - ret = ovsec_kadm_init("admin/none", "admin", "ovsec_adm/admin", 0, - OVSEC_KADM_STRUCT_VERSION, OVSEC_KADM_API_VERSION_1, NULL, - &server_handle); - if(ret != OVSEC_KADM_OK) { + ret = kadm5_init("admin/none", "admin", KADM5_ADMIN_SERVICE, NULL, + KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL, + &server_handle); + if(ret != KADM5_OK) { com_err("test", ret, "init"); exit(2); } handle = (kadm5_server_handle_t) server_handle; orig_handle = *handle; - handle->magic_number = OVSEC_KADM_STRUCT_VERSION; + handle->magic_number = KADM5_STRUCT_VERSION; krb5_parse_name(context, "testuser", &tprinc); - ret = ovsec_kadm_get_principal(server_handle, tprinc, &princ); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_get_principal(server_handle, tprinc, &princ, + KADM5_PRINCIPAL_NORMAL_MASK); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "get-principal", error_message(ret)); exit(1); } - ret = ovsec_kadm_get_policy(server_handle, "pol1", &pol); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_get_policy(server_handle, "pol1", &pol); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "get-policy", error_message(ret)); exit(1); } - ret = ovsec_kadm_create_principal(server_handle, princ, OVSEC_KADM_PRINCIPAL, "pass"); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_create_principal(server_handle, princ, KADM5_PRINCIPAL, "pass"); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "create-principal", error_message(ret)); exit(1); } - ret = ovsec_kadm_create_policy(server_handle, pol, OVSEC_KADM_POLICY); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_create_policy(server_handle, &pol, KADM5_POLICY); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "create-policy", error_message(ret)); exit(1); } - ret = ovsec_kadm_modify_principal(server_handle, princ, OVSEC_KADM_PW_EXPIRATION); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_modify_principal(server_handle, princ, KADM5_PW_EXPIRATION); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "modify-principal", error_message(ret)); exit(1); } - ret = ovsec_kadm_modify_policy(server_handle, pol, OVSEC_KADM_PW_MAX_LIFE); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_modify_policy(server_handle, &pol, KADM5_PW_MAX_LIFE); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "modify-policy", error_message(ret)); exit(1); } - ret = ovsec_kadm_delete_principal(server_handle, tprinc); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_delete_principal(server_handle, tprinc); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "delete-principal", error_message(ret)); exit(1); } - ret = ovsec_kadm_delete_policy(server_handle, "pol1"); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_delete_policy(server_handle, "pol1"); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "delete-policy", error_message(ret)); exit(1); } - ret = ovsec_kadm_chpass_principal(server_handle, tprinc, "FooBar"); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_chpass_principal(server_handle, tprinc, "FooBar"); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "chpass", error_message(ret)); exit(1); } - ret = ovsec_kadm_randkey_principal(server_handle, tprinc, &key); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_randkey_principal(server_handle, tprinc, &key, NULL); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "randkey", error_message(ret)); exit(1); } - ret = ovsec_kadm_rename_principal(server_handle, tprinc, tprinc); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_rename_principal(server_handle, tprinc, tprinc); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "rename", error_message(ret)); exit(1); } - ret = ovsec_kadm_destroy(server_handle); - if(ret != OVSEC_KADM_BAD_SERVER_HANDLE) { + ret = kadm5_destroy(server_handle); + if(ret != KADM5_BAD_SERVER_HANDLE) { fprintf(stderr, "%s -- returned -- %s\n", "destroy", error_message(ret)); exit(1); } *handle = orig_handle; - ret = ovsec_kadm_destroy(server_handle); - if (ret != OVSEC_KADM_OK) { + ret = kadm5_destroy(server_handle); + if (ret != KADM5_OK) { fprintf(stderr, "valid %s -- returned -- %s\n", "destroy", error_message(ret)); exit(1); diff --git a/src/lib/kadm5/unit-test/init-test.c b/src/lib/kadm5/unit-test/init-test.c index 575b24f..8e9ec82 100644 --- a/src/lib/kadm5/unit-test/init-test.c +++ b/src/lib/kadm5/unit-test/init-test.c @@ -1,4 +1,3 @@ -#undef USE_KADM5_API_VERSION #include <kadm5/admin.h> #include <com_err.h> #include <stdio.h> diff --git a/src/lib/kadm5/unit-test/iter-test.c b/src/lib/kadm5/unit-test/iter-test.c index 17e561e..3608150 100644 --- a/src/lib/kadm5/unit-test/iter-test.c +++ b/src/lib/kadm5/unit-test/iter-test.c @@ -4,7 +4,7 @@ int main(int argc, char **argv) { - ovsec_kadm_ret_t ret; + kadm5_ret_t ret; void *server_handle; char **names; int count, princ, i; @@ -15,23 +15,20 @@ int main(int argc, char **argv) } princ = (strcmp(argv[1], "-princ") == 0); - ret = ovsec_kadm_init("admin", "admin", OVSEC_KADM_ADMIN_SERVICE, 0, - OVSEC_KADM_STRUCT_VERSION, - OVSEC_KADM_API_VERSION_1, NULL, - &server_handle); - if (ret != OVSEC_KADM_OK) { + ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0, + KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL, + &server_handle); + if (ret != KADM5_OK) { com_err("iter-test", ret, "while initializing"); exit(1); } if (princ) - ret = ovsec_kadm_get_principals(server_handle, argv[2], &names, - &count); + ret = kadm5_get_principals(server_handle, argv[2], &names, &count); else - ret = ovsec_kadm_get_policies(server_handle, argv[2], - &names, &count); - - if (ret != OVSEC_KADM_OK) { + ret = kadm5_get_policies(server_handle, argv[2], &names, &count); + + if (ret != KADM5_OK) { com_err("iter-test", ret, "while retrieving list"); exit(1); } @@ -39,9 +36,9 @@ int main(int argc, char **argv) for (i = 0; i < count; i++) printf("%d: %s\n", i, names[i]); - ovsec_kadm_free_name_list(server_handle, names, count); + kadm5_free_name_list(server_handle, names, count); - (void) ovsec_kadm_destroy(server_handle); + (void) kadm5_destroy(server_handle); return 0; } diff --git a/src/lib/kadm5/unit-test/lib/lib.t b/src/lib/kadm5/unit-test/lib/lib.t index 2027794..361c727 100644 --- a/src/lib/kadm5/unit-test/lib/lib.t +++ b/src/lib/kadm5/unit-test/lib/lib.t @@ -18,8 +18,8 @@ proc lib_start_api {} { api_exit set lib_pid [api_start] if {! [cmd { - ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ - $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ + $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ lib_handle }]} { error "$test: unexpected failure in init" @@ -120,8 +120,8 @@ proc create_principal {name} { lib_start_api set ret [cmd [format { - ovsec_kadm_create_principal $lib_handle [simple_principal \ - "%s"] {OVSEC_KADM_PRINCIPAL} "%s" + kadm5_create_principal $lib_handle [simple_principal \ + "%s"] {KADM5_PRINCIPAL} "%s" } $name $name]] return $ret @@ -131,8 +131,8 @@ proc create_policy {name} { lib_start_api set ret [cmd [format { - ovsec_kadm_create_policy $lib_handle [simple_policy "%s"] \ - {OVSEC_KADM_POLICY} + kadm5_create_policy $lib_handle [simple_policy "%s"] \ + {KADM5_POLICY} } $name $name]] return $ret @@ -142,8 +142,8 @@ proc create_principal_pol {name policy} { lib_start_api set ret [cmd [format { - ovsec_kadm_create_principal $lib_handle [princ_w_pol "%s" \ - "%s"] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} "%s" + kadm5_create_principal $lib_handle [princ_w_pol "%s" \ + "%s"] {KADM5_PRINCIPAL KADM5_POLICY} "%s" } $name $policy $name]] return $ret @@ -153,7 +153,7 @@ proc delete_principal {name} { lib_start_api set ret [cmd [format { - ovsec_kadm_delete_principal $lib_handle "%s" + kadm5_delete_principal $lib_handle "%s" } $name]] return $ret @@ -162,7 +162,7 @@ proc delete_principal {name} { proc delete_policy {name} { lib_start_api - set ret [cmd [format {ovsec_kadm_delete_policy $lib_handle "%s"} $name]] + set ret [cmd [format {kadm5_delete_policy $lib_handle "%s"} $name]] return $ret } @@ -173,7 +173,7 @@ proc principal_exists {name} { lib_start_api set ret [cmd [format { - ovsec_kadm_get_principal $lib_handle "%s" principal + kadm5_get_principal $lib_handle "%s" principal } $name]] # puts stdout "Finishing principal_exists." @@ -187,7 +187,7 @@ proc policy_exists {name} { # puts stdout "Starting policy_exists." set ret [cmd [format { - ovsec_kadm_get_policy $lib_handle "%s" policy + kadm5_get_policy $lib_handle "%s" policy } $name]] # puts stdout "Finishing policy_exists." diff --git a/src/lib/kadm5/unit-test/lock-test.c b/src/lib/kadm5/unit-test/lock-test.c index 489b7b8..85049a7 100644 --- a/src/lib/kadm5/unit-test/lock-test.c +++ b/src/lib/kadm5/unit-test/lock-test.c @@ -1,8 +1,3 @@ -#if USE_KADM5_API_VERSION == 1 -#undef USE_KADM5_API_VERSION -#define USE_KADM5_API_VERSION 2 -#endif - #include <stdio.h> #include <krb5.h> #include <kadm5/admin.h> diff --git a/src/lib/kadm5/unit-test/randkey-test.c b/src/lib/kadm5/unit-test/randkey-test.c index 4b17bcb..12e9e23 100644 --- a/src/lib/kadm5/unit-test/randkey-test.c +++ b/src/lib/kadm5/unit-test/randkey-test.c @@ -10,7 +10,7 @@ int main() { - ovsec_kadm_ret_t ret; + kadm5_ret_t ret; krb5_keyblock *keys[TEST_NUM]; krb5_principal tprinc; krb5_keyblock *newkey; @@ -22,24 +22,21 @@ int main() kadm5_init_krb5_context(&context); krb5_parse_name(context, "testuser", &tprinc); - ret = ovsec_kadm_init("admin", "admin", "ovsec_adm/admin", 0, - OVSEC_KADM_STRUCT_VERSION, - OVSEC_KADM_API_VERSION_1, NULL, - &server_handle); - if(ret != OVSEC_KADM_OK) { + ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, NULL, + KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, NULL, + &server_handle); + if(ret != KADM5_OK) { com_err("test", ret, "init"); exit(2); } for(x = 0; x < TEST_NUM; x++) { - ovsec_kadm_randkey_principal(server_handle, tprinc, &newkey); + kadm5_randkey_principal(server_handle, tprinc, &keys[x], NULL); for(i = 0; i < x; i++) { if (!memcmp(newkey->contents, keys[i]->contents, newkey->length)) puts("match found"); } - krb5_copy_keyblock(context, newkey, &keys[x]); - krb5_free_keyblock(context, newkey); } - ovsec_kadm_destroy(server_handle); + kadm5_destroy(server_handle); exit(0); } diff --git a/src/lib/kadm5/unit-test/site.exp b/src/lib/kadm5/unit-test/site.exp index 18b435d..7fe3974 100644 --- a/src/lib/kadm5/unit-test/site.exp +++ b/src/lib/kadm5/unit-test/site.exp @@ -1,2 +1,2 @@ -set tool ovsec_kadm_srv_tcl +set tool kadm5_srv_tcl set prompt "% " diff --git a/src/lib/rpc/unit-test/lib/helpers.exp b/src/lib/rpc/unit-test/lib/helpers.exp index b69be5b..963fff4 100644 --- a/src/lib/rpc/unit-test/lib/helpers.exp +++ b/src/lib/rpc/unit-test/lib/helpers.exp @@ -50,7 +50,7 @@ proc expect_kadm_ok {} { global kadmin_tcl_spawn_id expect { -i $kadmin_tcl_spawn_id - -re "^OK OVSEC_KADM_OK \[^\n\]*\n" {} + -re "^OK KADM5_OK \[^\n\]*\n" {} -re "^ERROR \[^\n\]*\n" { perror "kadmin tcl subprocess reported unexpected error" } -re "^marshall_new_creds: \[^\n\]*\n" { exp_continue } -re "^gssapi_\[^\n\]*\n" { exp_continue } @@ -68,7 +68,7 @@ proc setup_database {} { send_user "TOP=$TOP\n" set_from_env TESTDIR $env(TOP)/testing - set_from_env CLNTTCL $TESTDIR/util/ovsec_kadm_clnt_tcl + set_from_env CLNTTCL $TESTDIR/util/kadm5_clnt_tcl set_from_env TCLUTIL $TESTDIR/tcl/util.t set env(TCLUTIL) $TCLUTIL set_from_env MAKE_KEYTAB $TESTDIR/scripts/make-host-keytab.pl @@ -96,22 +96,22 @@ proc setup_database {} { } expect_tcl_prompt - send_tcl_cmd_await_echo {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle} + send_tcl_cmd_await_echo {kadm5_init admin admin $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 server_handle} expect_kadm_ok expect "^% " - send_tcl_cmd_await_echo {ovsec_kadm_create_principal $server_handle [simple_principal server/$h] {OVSEC_KADM_PRINCIPAL} admin} + send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal server/$h] {KADM5_PRINCIPAL} admin} expect_kadm_ok expect "^% " - send_tcl_cmd_await_echo {ovsec_kadm_randkey_principal $server_handle server/$h key} + send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle server/$h key null} expect_kadm_ok expect "^% " - send_tcl_cmd_await_echo {ovsec_kadm_create_principal $server_handle [simple_principal notserver/$h] {OVSEC_KADM_PRINCIPAL} admin} + send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal notserver/$h] {KADM5_PRINCIPAL} admin} expect_kadm_ok expect "^% " - send_tcl_cmd_await_echo {ovsec_kadm_randkey_principal $server_handle notserver/$h key} + send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle notserver/$h key null} expect_kadm_ok expect "^% " - send_tcl_cmd_await_echo {ovsec_kadm_destroy $server_handle} + send_tcl_cmd_await_echo {kadm5_destroy $server_handle} expect_kadm_ok expect "^% " wait -nowait -i $spawn_id diff --git a/src/lib/rpc/unit-test/rpc_test_setup.sh b/src/lib/rpc/unit-test/rpc_test_setup.sh index 0f8ca9d..968f52a 100755 --- a/src/lib/rpc/unit-test/rpc_test_setup.sh +++ b/src/lib/rpc/unit-test/rpc_test_setup.sh @@ -8,7 +8,7 @@ # $Source$ DUMMY=${TESTDIR=$TOP/testing} -DUMMY=${CLNTTCL=$TESTDIR/util/ovsec_kadm_clnt_tcl} +DUMMY=${CLNTTCL=$TESTDIR/util/kadm5_clnt_tcl} DUMMY=${TCLUTIL=$TESTDIR/tcl/util.t}; export TCLUTIL DUMMY=${MAKE_KEYTAB=$TESTDIR/scripts/make-host-keytab.pl} @@ -26,13 +26,13 @@ export CANON_HOST cat - > /tmp/rpc_test_setup$$ <<\EOF source $env(TCLUTIL) set h $env(CANON_HOST) -puts stdout [ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle] +puts stdout [kadm5_init admin admin $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 server_handle] if ![info exists server_handle] { exit 1 } -puts stdout [ovsec_kadm_create_principal $server_handle [simple_principal server/$h] {OVSEC_KADM_PRINCIPAL} admin] -puts stdout [ovsec_kadm_randkey_principal $server_handle server/$h key] -puts stdout [ovsec_kadm_create_principal $server_handle [simple_principal notserver/$h] {OVSEC_KADM_PRINCIPAL} admin] -puts stdout [ovsec_kadm_randkey_principal $server_handle notserver/$h key] -puts stdout [ovsec_kadm_destroy $server_handle] +puts stdout [kadm5_create_principal $server_handle [simple_principal server/$h] {KADM5_PRINCIPAL} admin] +puts stdout [kadm5_randkey_principal $server_handle server/$h key null] +puts stdout [kadm5_create_principal $server_handle [simple_principal notserver/$h] {KADM5_PRINCIPAL} admin] +puts stdout [kadm5_randkey_principal $server_handle notserver/$h key null] +puts stdout [kadm5_destroy $server_handle] EOF eval "$CLNTTCL $REDIRECT < /tmp/rpc_test_setup$$" if test $? != 0 ; then |