Add keytab kinit test cases

Create a test script for keytab-related tests.  Move the kvno wrapping
test there from t_general.py, and augment it to better match what's in
standalone.exp.  Add tests for kinit with keytab, including kinit with
the most-preferred enctype missing from the keytab (which currently
fails).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25815 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
index 47ca131ecbd08b8e27d10d4a8aaec50f08556b1c..9c5d269a1396971c69f2c310070bc741a8fe8cb0 100644 (file)
--- a/src/tests/Makefile.in
+++ b/src/tests/Makefile.in
@@ -72,6 +72,7 @@ check-pytests::
        $(RUNPYTEST) $(srcdir)/t_stringattr.py $(PYTESTFLAGS)
        $(RUNPYTEST) $(srcdir)/t_crossrealm.py $(PYTESTFLAGS)
        $(RUNPYTEST) $(srcdir)/t_skew.py $(PYTESTFLAGS)
+       $(RUNPYTEST) $(srcdir)/t_keytab.py $(PYTESTFLAGS)
 #      $(RUNPYTEST) $(srcdir)/kdc_realm/kdcref.py $(PYTESTFLAGS)
 
 clean::

diff --git a/src/tests/t_general.py b/src/tests/t_general.py
index c02a581a50d8f2171ff0fd67cb63da0d4ea690bd..73d2b080b1343935c4f28b2c4aafc313066effdc 100755 (executable)
--- a/src/tests/t_general.py
+++ b/src/tests/t_general.py
@@ -39,15 +39,4 @@ for realm in multipass_realms(create_host=False):
     if 'No credentials cache found' not in output:
         fail('Expected error message not seen in klist output')
 
-    # Test handling of kvno values beyond 255.
-    princ = 'foo/bar@%s' % realm.realm
-    realm.addprinc(princ)
-    realm.run_kadminl('modprinc -kvno 252 %s' % princ)
-    for kvno in range(253, 259):
-        realm.run_kadminl('ktadd -k %s %s' % (realm.keytab, princ))
-        realm.klist_keytab(princ)
-    output = realm.run_kadminl('getprinc %s' % princ)
-    if 'Key: vno 258,' not in output:
-        fail('Expected vno not seen in kadmin.local output')
-
 success('Dump/load, FAST kinit, kdestroy, kvno wrapping')

diff --git a/src/tests/t_keytab.py b/src/tests/t_keytab.py
new file mode 100644 (file)
index 0000000..b45bfa6
--- /dev/null
+++ b/src/tests/t_keytab.py
@@ -0,0 +1,29 @@
+#!/usr/bin/python
+from k5test import *
+
+realm = K5Realm(start_kadmind=False)
+
+# Test kinit with a keytab.
+realm.kinit(realm.host_princ, flags=['-k'])
+
+# Test kinit with a partial keytab.
+pkeytab = realm.keytab + '.partial'
+realm.run_as_master([ktutil], input=('rkt %s\ndelent 1\nwkt %s\n' %
+                                     (realm.keytab, pkeytab)))
+realm.kinit(realm.host_princ, flags=['-k', '-t', pkeytab], expected_code=1)
+
+# Test handling of kvno values beyond 255.
+princ = 'foo/bar@%s' % realm.realm
+realm.addprinc(princ)
+os.remove(realm.keytab)
+realm.run_kadminl('modprinc -kvno 252 %s' % princ)
+for kvno in range(253, 259):
+    realm.run_kadminl('ktadd -k %s %s' % (realm.keytab, princ))
+    realm.kinit(princ, flags=['-k'])
+    realm.klist_keytab(princ)
+    os.remove(realm.keytab)
+output = realm.run_kadminl('getprinc %s' % princ)
+if 'Key: vno 258,' not in output:
+    fail('Expected vno not seen in kadmin.local output')
+
+success('Keytab-related tests')