1#!/bin/sh 2# 3# Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan 4# (Royal Institute of Technology, Stockholm, Sweden). 5# All rights reserved. 6# 7# Redistribution and use in source and binary forms, with or without 8# modification, are permitted provided that the following conditions 9# are met: 10# 11# 1. Redistributions of source code must retain the above copyright 12# notice, this list of conditions and the following disclaimer. 13# 14# 2. Redistributions in binary form must reproduce the above copyright 15# notice, this list of conditions and the following disclaimer in the 16# documentation and/or other materials provided with the distribution. 17# 18# 3. Neither the name of the Institute nor the names of its contributors 19# may be used to endorse or promote products derived from this software 20# without specific prior written permission. 21# 22# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32# SUCH DAMAGE. 33 34top_builddir="@top_builddir@" 35env_setup="@env_setup@" 36objdir="@objdir@" 37 38. ${env_setup} 39 40# If there is no useful db support compiled in, disable test 41${have_db} || exit 77 42 43testfailed="echo test failed; cat messages.log; exit \$ec" 44 45# If there is no useful db support compiled in, disable test 46${have_db} || exit 77 47 48R=TEST.H5L.SE 49R2=TEST2.H5L.SE 50 51port=@port@ 52pwport=@pwport@ 53 54kadmin="${kadmin} -l -r $R" 55kdc="${kdc} --addresses=localhost -P $port" 56kpasswdd="${kpasswdd} --addresses=localhost -p $pwport" 57 58server=host/datan.test.h5l.se 59cache="FILE:${objdir}/cache.krb5" 60keytabfile=${objdir}/server.keytab 61keytab="FILE:${keytabfile}" 62 63kinit="${kinit} -c $cache ${afs_no_afslog}" 64klist="${klist} -c $cache" 65kgetcred="${kgetcred} -c $cache" 66kdestroy="${kdestroy} -c $cache ${afs_no_unlog}" 67 68KRB5_CONFIG="${objdir}/krb5.conf" 69export KRB5_CONFIG 70 71rm -f ${keytabfile} 72rm -f current-db* 73rm -f out-* 74rm -f mkey.file* 75 76> messages.log 77 78echo "Creating database for $R" 79${kadmin} \ 80 init \ 81 --realm-max-ticket-life=1day \ 82 --realm-max-renewable-life=1month \ 83 ${R} || exit 1 84 85${kadmin} add -p foo --use-defaults foo@${R} || exit 1 86${kadmin} add -p kaka --use-defaults ${server}@${R} || exit 1 87${kadmin} ext -k ${keytab} ${server}@${R} || exit 1 88 89echo "Creating database for ${R2}" 90${kadmin} \ 91 init \ 92 --realm-max-ticket-life=1day \ 93 --realm-max-renewable-life=1month \ 94 ${R2} || exit 1 95 96${kadmin} add -p foo --use-defaults bar@${R2} || exit 1 97 98echo "Doing database check for ${R} ${R2}" 99${kadmin} check ${R} || exit 1 100${kadmin} check ${R2} || exit 1 101 102echo foo > ${objdir}/foopassword 103 104echo Starting kdc ; > messages.log 105env ${HEIM_MALLOC_DEBUG} ${kdc} --detach --testing || 106 { echo "kdc failed to start"; exit 1; } 107kdcpid=`getpid kdc` 108 109echo Starting kpasswdd 110env ${HEIM_MALLOC_DEBUG} ${kpasswdd} --detach || 111 { echo "kpasswdd failed to start"; exit 1; } 112kpasswddpid=`getpid kpasswdd` 113 114trap "kill -9 ${kdcpid} ${kpasswddpid}; echo signal killing kdc; exit \$ec;" EXIT 115 116ec=0 117 118echo "Getting client initial tickets"; > messages.log 119${kinit} --password-file=${objdir}/foopassword foo@$R || \ 120 { ec=1 ; eval "${testfailed}"; } 121echo "Getting tickets"; > messages.log 122${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } 123echo "Listing tickets"; > messages.log 124${klist} > /dev/null || { ec=1 ; eval "${testfailed}"; } 125${test_ap_req} ${server}@${R} ${keytab} ${cache} || \ 126 { ec=1 ; eval "${testfailed}"; } 127${kdestroy} 128 129echo "checking ${R}" 130 131pw=ak4unandsop39NuJ 132 133echo "Changing password" 134cat > cpw.tmp <<EOF 135expect Password 136password foo\n 137expect New password 138send ${pw}\n 139expect New password 140send ${pw}\n 141expect Success 142EOF 143 144${rkpty} cpw.tmp env ${kpasswd} foo@${R} || \ 145 { ec=$? ; eval "${testfailed}"; } 146 147rm cpw.tmp 148 149echo ${pw} > ${objdir}/barpassword 150 151 152echo "Getting client initial tickets for ${R}"; > messages.log 153${kinit} --password-file=${objdir}/barpassword foo@$R || \ 154 { ec=1 ; eval "${testfailed}"; } 155echo "Getting tickets"; > messages.log 156${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } 157echo "Listing tickets"; > messages.log 158${klist} > /dev/null || { ec=1 ; eval "${testfailed}"; } 159${test_ap_req} ${server}@${R} ${keytab} ${cache} || \ 160 { ec=1 ; eval "${testfailed}"; } 161${kdestroy} 162 163 164echo "checking ${R2}" 165 166cat > cpw.tmp <<EOF 167expect Password 168password foo\n 169expect New password 170send ${pw}\n 171expect New password 172send ${pw}\n 173expect Success 174EOF 175 176${rkpty} cpw.tmp ../../kpasswd/kpasswd bar@${R2} || \ 177 { ec=$? ; eval "${testfailed}"; } 178 179rm cpw.tmp 180 181 182echo "Getting client initial tickets for ${R2}"; > messages.log 183${kinit} --password-file=${objdir}/barpassword bar@${R2} || \ 184 { ec=1 ; eval "${testfailed}"; } 185${kdestroy} 186 187 188echo "killing kdc (${kdcpid} ${kpasswddpid})" 189sh ${leaks_kill} kdc $kdcpid || exit 1 190sh ${leaks_kill} kpasswdd $kpasswddpid || exit 1 191 192trap "" EXIT 193 194exit $ec 195