+Tue Mar 26 00:38:14 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
+
+ * default.exp (start_kerberos_daemons): New methodology for
+ starting KDC so that the KDC will not hang on a full
+ output buffer which is being ignored.
+ (setup_kerberos_files): Enable des3 encryption types.
+
Thu Mar 14 15:20:33 1996 Mark Eichin <eichin@cygnus.com>
* default.exp (add_kerberos_key): clarify "lost KDC" text.
set conffile [open tmpdir/krb5.conf w]
puts $conffile "\[libdefaults\]"
puts $conffile " default_realm = $REALMNAME"
+ puts $conffile "default_tgs_enctypes = des3-cbc-md5 des-cbc-md5 des-cbc-crc"
puts $conffile ""
puts $conffile "\[realms\]"
puts $conffile " $REALMNAME = \{"
puts $conffile " admin_server = STDERR"
puts $conffile " admin_server = FILE:$tmppwd/kadmind5.log"
puts $conffile " kdc = FILE:$tmppwd/kdc.log"
- puts $conffile " kdc = STDERR"
puts $conffile " default = FILE:$tmppwd/others.log"
close $conffile
}
puts $conffile " max_renewable_life = 3:00:00"
puts $conffile " default_principal_expiration = 99.12.31.23.59.59"
puts $conffile " default_principal_flags = -postdateable -forwardable"
- puts $conffile " supported_enctypes = des-cbc-crc:normal des:normal des:v4 des:norealm des:onlyrealm"
+ puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm des3-cbc-md5:normal"
puts $conffile " \}"
puts $conffile ""
close $conffile
}
# Start up the kerberos daemon
+ # Why are we doing all this with the log file you may ask.
+ # We need a handle on when the server starts. If we log the output
+ # of the server to say stderr, then if we stop looking for output,
+ # buffers will fill and the server will stop working....
+ # So, we look to see when a line is added to the log file and then
+ # check it..
+ set kdc_lfile $tmppwd/kdc.log
+ set retry 30
+
+ if ![file exists $kdc_lfile] then {
+ catch [exec touch $kdc_lfile]
+ catch "exec sleep 1"
+ }
+
+ set start [file mtime $kdc_lfile]
+
spawn $KRB5KDC -r $REALMNAME -n
set kdc_pid [exp_pid]
set kdc_spawn_id $spawn_id
+ for {set count 0} {$count < $retry} {incr count} {
+ if { [file mtime $kdc_lfile] != $start } then {
+ send_user win\r
+ break;
+ }
+ catch "exec sleep 1"
+ }
+
+ if {$count >= $retry} {
+ fail "krb5kdc"
+ stop_kerberos_daemons
+ return 0
+ }
+
+ spawn -open [open "|tail -1 $kdc_lfile"]
+
expect {
"while.*\r" {
fail "krb5kdc"
stop_kerberos_daemons
return 0
}
- "commencing operation\r" { }
+ "commencing operation\n" { }
timeout {
fail "krb5kdc"
stop_kerberos_daemons
}
}
+ # And cleanup for the tail -1...
+ wait
+
if {$standalone} {
pass "krb5kdc"
}