# Kerberos database. We have to do this such that we don't interfere
# with any existing Kerberos database. We will create all the files
# in the directory tmpdir, which will have been created by the
-# testsuite default script. We will use KRBTEST.COM as our Kerberos
-# realm name.
+# testsuite default script. We will use $REALMNAME as our Kerberos
+# realm name, defaulting to KRBTEST.COM.
set timeout 100
}
}
+# set the realm. The user can override this on the runtest line.
+if ![info exists REALMNAME] {
+ set REALMNAME "KRBTEST.COM"
+}
+verbose "Test realm is $REALMNAME"
+
# Find some programs we need. We use the binaries from the build tree
# if they exist. If they do not, then they must be in PATH. We
# expect $objdir to be ...tests/dejagnu.
# success, 0 on failure.
proc setup_kerberos_files { } {
+ global REALMNAME
global hostname
global domain
global tmppwd
if ![file exists tmpdir/krb5.conf] {
set conffile [open tmpdir/krb5.conf w]
puts $conffile "\[libdefaults\]"
- puts $conffile " default_realm = KRBTEST.COM"
+ puts $conffile " default_realm = $REALMNAME"
puts $conffile ""
puts $conffile "\[realms\]"
- puts $conffile " KRBTEST.COM = \{"
+ puts $conffile " $REALMNAME = \{"
puts $conffile " kdc = $hostname:3088"
puts $conffile " admin_server = $hostname:3750"
puts $conffile " \}"
puts $conffile ""
puts $conffile "\[domain_realm\]"
- puts $conffile " .$domain = KRBTEST.COM"
- puts $conffile " $domain = KRBTEST.COM"
+ puts $conffile " .$domain = $REALMNAME"
+ puts $conffile " $domain = $REALMNAME"
puts $conffile ""
puts $conffile "\[logging\]"
puts $conffile " admin_server = STDERR"
puts $conffile " kdc_ports = 3085,3086,3087,3088,3089"
puts $conffile ""
puts $conffile "\[realms\]"
- puts $conffile " KRBTEST.COM = \{"
+ puts $conffile " $REALMNAME = \{"
puts $conffile " database_name = $tmppwd/db"
puts $conffile " master_key_name = master/key"
puts $conffile " master_key_type = des-cbc-md5"
# Create ACL file.
if ![file exists tmpdir/acl] {
set aclfile [open tmpdir/acl w]
- puts $aclfile "krbtest/admin@KRBTEST.COM *"
+ puts $aclfile "krbtest/admin@$REALMNAME *"
close $aclfile
}
# Set the environment variables needed to run Kerberos programs.
proc setup_kerberos_env { } {
+ global REALMNAME
global env
global tmppwd
global hostname
set env(KRB5RCACHEDIR) $tmppwd
verbose "KRB5RCACHEDIR=$env(KRB5RCACHEDIR)"
- # Tell the Kerberos tools how to contact the KRBTEST.COM server.
- set env(KERBEROS_SERVER) "KRBTEST.COM:$hostname:3088"
+ # Tell the Kerberos tools how to contact the $REALMNAME server.
+ set env(KERBEROS_SERVER) "$REALMNAME:$hostname:3088"
verbose "KERBEROS_SERVER=$env(KERBEROS_SERVER)"
# Tell the dynamic loader where to get our shared libraries
# may successfully communicate.
# Returns 1 on success, 0 on failure.
proc setup_kadmind_srvtab { } {
+ global REALMNAME
global KDB5_EDIT
global KEY
global tmppwd
catch "exec rm -f tmpdir/cpw_srvtab"
- spawn $KDB5_EDIT -r KRBTEST.COM
+ spawn $KDB5_EDIT -r $REALMNAME
expect_after {
timeout {
fail "kdb5_edit cpw_srvtab"
}
}
expect "kdb5_edit:"
- send "xst KRBTEST.COM changepw\r"
- expect "'changepw/KRBTEST.COM@KRBTEST.COM' added to keytab"
+ send "xst $REALMNAME changepw\r"
+ expect "'changepw/$REALMNAME@$REALMNAME' added to keytab"
expect "kdb5_edit:"
send "quit\r"
expect "\r"
return 0
}
- catch "exec mv -f KRBTEST.COM-new-srvtab tmpdir/cpw_srvtab" exec_output
+ catch "exec mv -f $REALMNAME-new-srvtab tmpdir/cpw_srvtab" exec_output
if ![string match "" $exec_output] {
send_log "$exec_output\n"
verbose $exec_output
# pass at relevant points. Returns 1 on success, 0 on failure.
proc setup_kerberos_db { standalone } {
+ global REALMNAME
global KDB5_CREATE
global KDB5_STASH
global KDB5_EDIT
return 0
}
- spawn $KDB5_CREATE -r KRBTEST.COM
+ spawn $KDB5_CREATE -r $REALMNAME
expect {
"Enter KDC database master key:" {
verbose "kdb5_create started"
}
# Stash the master key in a file.
- spawn $KDB5_STASH -r KRBTEST.COM
+ spawn $KDB5_STASH -r $REALMNAME
expect {
"Enter KDC database master key:" {
verbose "kdb5_stash started"
}
# Add an admin user.
- spawn $KDB5_EDIT -r KRBTEST.COM
+ spawn $KDB5_EDIT -r $REALMNAME
expect_after {
timeout {
catch "expect_after"
}
}
expect "kdb5_edit:"
- send "ank krbtest/admin@KRBTEST.COM\r"
+ send "ank krbtest/admin@$REALMNAME\r"
expect "Enter password:"
send "adminpass$KEY\r"
expect "Re-enter password for verification:"
send "adminpass$KEY\r"
expect "kdb5_edit:"
- send "ark changepw/KRBTEST.COM@KRBTEST.COM\r"
+ send "ark changepw/$REALMNAME@$REALMNAME\r"
expect "kdb5_edit:"
send "quit\r"
expect "\r"
# success, 0 on failure.
proc start_kerberos_daemons { standalone } {
+ global REALMNAME
global KRB5KDC
global KADMIND
global KEY
}
# Start up the kerberos daemon
- spawn $KRB5KDC -r KRBTEST.COM -n
+ spawn $KRB5KDC -r $REALMNAME -n
set kdc_pid [exp_pid]
set kdc_spawn_id $spawn_id
catch "exec sleep 2"
# Start up the kadmind daemon
- spawn $KADMIND -a $tmppwd/acl -r KRBTEST.COM -n
+ spawn $KADMIND -a $tmppwd/acl -r $REALMNAME -n
set kadmind_pid [exp_pid]
set kadmind_spawn_id $spawn_id
expect {
# failure.
proc add_kerberos_key { kkey standalone } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
# Use kadmin to add an key.
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME
expect_after {
timeout {
fail "kadmin $kkey"
}
}
expect "kadmin5:"
- send "ank $kkey@KRBTEST.COM\r"
- expect "Enter password for krbtest/admin@KRBTEST.COM:"
+ send "ank $kkey@$REALMNAME\r"
+ expect "Enter password for krbtest/admin@$REALMNAME:"
send "adminpass$KEY\r"
- expect "Enter new password for $kkey@KRBTEST.COM :"
+ expect "Enter new password for $kkey@$REALMNAME :"
send "$kkey"
send "$KEY\r"
- expect "Re-enter new password for $kkey@KRBTEST.COM :"
+ expect "Re-enter new password for $kkey@$REALMNAME :"
send "$kkey"
send "$KEY\r"
expect {
- "principal $kkey@KRBTEST.COM added" { }
- "Principal $kkey@KRBTEST.COM already exists" { }
+ "principal $kkey@$REALMNAME added" { }
+ "Principal $kkey@$REALMNAME already exists" { }
}
expect "kadmin5:"
send "q\r"
# Returns 1 on success, 0 on failure.
proc add_random_key { kkey standalone } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
# Use kadmin to add an key.
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME
expect_after {
timeout {
fail "kadmin $kkey"
}
}
expect "kadmin5:"
- send "ark $kkey@KRBTEST.COM\r"
- expect "Enter password for krbtest/admin@KRBTEST.COM:"
+ send "ark $kkey@$REALMNAME\r"
+ expect "Enter password for krbtest/admin@$REALMNAME:"
send "adminpass$KEY\r"
expect {
- "principal $kkey@KRBTEST.COM added" { }
- "Principal $kkey@KRBTEST.COM already exists" { }
+ "principal $kkey@$REALMNAME added" { }
+ "Principal $kkey@$REALMNAME already exists" { }
}
expect "kadmin5:"
send "q\r"
# success, 0 on failure. If the id field is not provided, host is used.
proc setup_srvtab { standalone {id host} } {
+ global REALMNAME
global KDB5_EDIT
global KEY
global tmppwd
catch "exec rm -f $hostname-new-srvtab"
- spawn $KDB5_EDIT -r KRBTEST.COM
+ spawn $KDB5_EDIT -r $REALMNAME
expect_after {
timeout {
fail "kdb5_edit srvtab"
}
expect "kdb5_edit:"
send "xst $hostname $id\r"
- expect "'$id/$hostname@KRBTEST.COM' added to keytab"
+ expect "'$id/$hostname@$REALMNAME' added to keytab"
expect "kdb5_edit:"
send "quit\r"
expect "\r"
# at relevant points. Returns 1 on success, 0 on failure.
proc kinit { name pass standalone } {
+ global REALMNAME
global KINIT
global spawn_id
# Use kinit to get a ticket.
- spawn $KINIT $name@KRBTEST.COM
+ spawn $KINIT $name@$REALMNAME
expect {
- "Password for $name@KRBTEST.COM:" {
+ "Password for $name@$REALMNAME:" {
verbose "kinit started"
}
timeout {
# A procedure to start up the rlogin daemon.
proc start_rlogin_daemon { option } {
+ global REALMNAME
global KRLOGIND
global LOGINKRB5
global ROOT_PROMPT
# don't need to use inetd. The 3543 is the port to listen at.
# Note that tmppwd here is a shell variable, which is set in
# setup_root_shell, not a TCL variable.
- send -i $rlogin_spawn_id "$KRLOGIND -k -c -D 3543 -S \$tmppwd/srvtab -M KRBTEST.COM -L $LOGINKRB5 $option &\r"
+ send -i $rlogin_spawn_id "$KRLOGIND -k -c -D 3543 -S \$tmppwd/srvtab -M $REALMNAME -L $LOGINKRB5 $option &\r"
expect {
-i $rlogin_spawn_id
-re "$ROOT_PROMPT" { }
# we get some sort of error.
proc rlogin_test { } {
+ global REALMNAME
global RLOGIN
global BINSH
global SHELL_PROMPT
start_rlogin_daemon -k
# Make an rlogin connection.
- spawn $RLOGIN $hostname -k KRBTEST.COM -D 3543
+ spawn $RLOGIN $hostname -k $REALMNAME -D 3543
expect_after {
timeout {
# Try an encrypted connection.
start_rlogin_daemon -e
- spawn $RLOGIN $hostname -x -k KRBTEST.COM -D 3543
+ spawn $RLOGIN $hostname -x -k $REALMNAME -D 3543
expect_after {
timeout {
# A procedure to start up the telnet daemon.
proc start_telnet_daemon { } {
+ global REALMNAME
global TELNETD
global LOGINKRB5
global ROOT_PROMPT
# we don't need to use inetd. The 3023 is the port to listen at.
# Note that tmppwd here is a shell variable, which is set in
# setup_root_shell, not a TCL variable.
- send -i $rlogin_spawn_id "$TELNETD -debug -t \$tmppwd/srvtab -R KRBTEST.COM -L $LOGINKRB5 -X KERBEROS_V4 3023 &\r"
+ send -i $rlogin_spawn_id "$TELNETD -debug -t \$tmppwd/srvtab -R $REALMNAME -L $LOGINKRB5 -X KERBEROS_V4 3023 &\r"
expect {
-i $rlogin_spawn_id
-re "$ROOT_PROMPT" { }
# we get some sort of error.
proc telnet_test { } {
+ global REALMNAME
global TELNET
global BINSH
global SHELL_PROMPT
# Try an authenticated connection.
start_telnet_daemon
- spawn $TELNET -a -k KRBTEST.COM $hostname -3023
+ spawn $TELNET -a -k $REALMNAME $hostname -3023
expect_after {
timeout {
# # Try an authenticated encrypted connection.
# start_telnet_daemon
-# spawn $TELNET -a -x -k KRBTEST.COM $hostname -3023
+# spawn $TELNET -a -x -k $REALMNAME $hostname -3023
#
# expect_after {
# timeout {
# Like kinit in default.exp, but allows us to specify a different ccache.
#
proc our_kinit { name pass ccache } {
+ global REALMNAME
global KINIT
global spawn_id
# Use kinit to get a ticket.
- spawn $KINIT -c $ccache $name@KRBTEST.COM
+ spawn $KINIT -c $ccache $name@$REALMNAME
expect {
- "Password for $name@KRBTEST.COM:" {
+ "Password for $name@$REALMNAME:" {
verbose "kinit started"
}
timeout {
}
proc doit { } {
+ global REALMNAME
global env
global KLIST
global KDESTROY
return
}
}
- expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@KRBTEST.COM\" at"
+ expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@$REALMNAME\" at"
expect -i $gss_server_spawn_id "Received message: \"message from gsstest0\""
catch "expect_after"
if ![check_exit_status gssclient0] {
return
}
}
- expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@KRBTEST.COM\" at"
+ expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@$REALMNAME\" at"
expect -i $gss_server_spawn_id "Received message: \"message from gsstest1\""
catch "expect_after"
if ![check_exit_status gssclient1] {
return
}
}
- expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@KRBTEST.COM\" at"
+ expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@$REALMNAME\" at"
expect -i $gss_server_spawn_id "Received message: \"message from gsstest2\""
catch "expect_after"
if ![check_exit_status gssclient2] {
return
}
}
- expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@KRBTEST.COM\" at"
+ expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@$REALMNAME\" at"
expect -i $gss_server_spawn_id "Received message: \"message from gsstest3\""
catch "expect_after"
expect_after -i $spawn_id {
return
}
}
- expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@KRBTEST.COM\" at"
+ expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@$REALMNAME\" at"
expect -i $gss_server_spawn_id "Received message: \"message from gsstest0\""
catch "expect_after"
if ![check_exit_status gssclient0] {
return
}
}
- expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@KRBTEST.COM\" at"
+ expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@$REALMNAME\" at"
expect -i $gss_server_spawn_id "Received message: \"message from gsstest1\""
catch "expect_after"
if ![check_exit_status gssclient1] {
return
}
}
- expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@KRBTEST.COM\" at"
+ expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@$REALMNAME\" at"
expect -i $gss_server_spawn_id "Received message: \"message from gsstest2\""
catch "expect_after"
if ![check_exit_status gssclient2] {
return
}
}
- expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@KRBTEST.COM\" at"
+ expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@$REALMNAME\" at"
expect -i $gss_server_spawn_id "Received message: \"message from gsstest3\""
catch "expect_after"
expect_after -i $spawn_id {
# Adds principal $pname with password $password. Returns 1 on success.
#--
proc kadmin_add { pname password } {
+ global REALMNAME
global KADMIN
global KDB5_EDIT
global KEY
global kadmind_spawn_id
set good 0
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM ank $pname
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME ank $pname
expect_after {
timeout {
fail "kadmin add $pname"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
expect "Enter new password for $pname :" { send "$password\r" }
# and also, on some systems the write to standard error will block if
# too many messages back up.
#
- expect -i $kadmind_spawn_id "Add Principal operation for $pname successfully issued by krbtest/admin@KRBTEST.COM"
+ expect -i $kadmind_spawn_id "Add Principal operation for $pname successfully issued by krbtest/admin@$REALMNAME"
if { $good == 1 } {
#
# use kdb5_edit to verify that a principal was created and that its
# salt types are 0 (normal).
#
- spawn $KDB5_EDIT -r KRBTEST.COM
+ spawn $KDB5_EDIT -r $REALMNAME
expect_after { -i $spawn_id
timeout {
fail "kadmin add $pname"
}
set good 0
expect "kdb5_edit:" { send "show $pname\r" }
- expect "Name: $pname@KRBTEST.COM" { set good 1 }
+ expect "Name: $pname@$REALMNAME" { set good 1 }
expect "kdb5_edit:" { send "q\r" }
expect_after
expect eof
# Adds principal $pname with random key. Returns 1 on success.
#--
proc kadmin_add_rnd { pname } {
+ global REALMNAME
global KADMIN
global KDB5_EDIT
global KEY
global kadmind_spawn_id
set good 0
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM ark $pname
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME ark $pname
expect_after {
timeout {
fail "kadmin add_rnd $pname"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
expect "principal $pname added" { set good 1 }
set k_stat [wait -i $spawn_id]
verbose "wait -i $spawn_id returned $k_stat (kadmin add_rnt)"
catch "close -i $spawn_id"
- expect -i $kadmind_spawn_id "Add Principal operation for $pname successfully issued by krbtest/admin@KRBTEST.COM"
+ expect -i $kadmind_spawn_id "Add Principal operation for $pname successfully issued by krbtest/admin@$REALMNAME"
if { $good == 1 } {
#
# use kdb5_edit to verify that a principal was created and that its
# salt types are 0 (normal).
#
- spawn $KDB5_EDIT -r KRBTEST.COM
+ spawn $KDB5_EDIT -r $REALMNAME
expect_after { -i $spawn_id
timeout {
fail "kadmin add_rnd $pname"
}
set good 0
expect "kdb5_edit:" { send "show $pname\r" }
- expect "Name: $pname@KRBTEST.COM" { set good 1 }
+ expect "Name: $pname@$REALMNAME" { set good 1 }
expect "kdb5_edit:" { send "q\r" }
expect_after
expect eof
# Retrieves entry for $pname. Returns 1 on success.
#--
proc kadmin_show { pname } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM show $pname
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME show $pname
expect_after {
timeout {
fail "kadmin show $pname"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:"
+ expect "Enter password for krbtest/admin@$REALMNAME:"
send "adminpass$KEY\r"
expect -re "\r.*-*Principal: $pname.*Flags: .*Key: .*-*"
expect_after
# Change password of $pname to $password. Returns 1 on success.
#--
proc kadmin_cpw { pname password } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
global kadmind_spawn_id
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM cpw $pname
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME cpw $pname
expect_after {
timeout {
fail "kadmin cpw $pname"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
expect "Enter new password for $pname:" { send "$password\r" }
set k_stat [wait -i $spawn_id]
verbose "wait -i $spawn_id returned $k_stat (kadmin cpw)"
catch "close -i $spawn_id"
- expect -i $kadmind_spawn_id "Change Password operation for $pname successfully issued by krbtest/admin@KRBTEST.COM"
+ expect -i $kadmind_spawn_id "Change Password operation for $pname successfully issued by krbtest/admin@$REALMNAME"
pass "kadmin cpw $pname"
return 1
}
# Changes principal $pname's key to a new random key. Returns 1 on success.
#--
proc kadmin_cpw_rnd { pname } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
global kadmind_spawn_id
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM crk $pname
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME crk $pname
expect_after {
timeout {
fail "kadmin cpw_rnd $pname"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
# When in doubt, jam one of these in there.
set k_stat [wait -i $spawn_id]
verbose "wait -i $spawn_id returned $k_stat (kadmin cpw_rnd)"
catch "close -i $spawn_id"
- expect -i $kadmind_spawn_id "Change Random Password operation for $pname successfully issued by krbtest/admin@KRBTEST.COM"
+ expect -i $kadmind_spawn_id "Change Random Password operation for $pname successfully issued by krbtest/admin@$REALMNAME"
pass "kadmin cpw_rnd $pname"
return 1
}
# Modifies principal $pname with flags $flags. Returns 1 on success.
#--
proc kadmin_modify { pname flags } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
global kadmind_spawn_id
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM modent $pname $flags
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME -- modent $pname $flags
expect_after {
timeout {
fail "kadmin modify $pname"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:"
+ expect "Enter password for krbtest/admin@$REALMNAME:"
send "adminpass$KEY\r"
expect "principal $pname modified"
expect_after
set k_stat [wait -i $spawn_id]
verbose "wait -i $spawn_id returned $k_stat (kadmin modify)"
catch "close -i $spawn_id"
- expect -i $kadmind_spawn_id "Modify Principal operation for $pname successfully issued by krbtest/admin@KRBTEST.COM"
+ expect -i $kadmind_spawn_id "Modify Principal operation for $pname successfully issued by krbtest/admin@$REALMNAME"
pass "kadmin modify $pname"
return 1
}
# Rename principal $pname to $npname. Returns 1 on success.
#--
proc kadmin_rename { pname npname } {
+ global REALMNAME
global KADMIN
global KDB5_EDIT
global KEY
global kadmind_spawn_id
set good 0
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM renent -force $pname $npname
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME -- renent -force $pname $npname
expect_after {
timeout {
fail "kadmin renent $pname $npname"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
expect "principal $pname renamed to $npname" { set good 1 }
set k_stat [wait -i $spawn_id]
verbose "wait -i $spawn_id returned $k_stat (kadmin rename)"
catch "close -i $spawn_id"
- expect -i $kadmind_spawn_id "Rename Principal operation from $pname to $npname successfully issued by krbtest/admin@KRBTEST.COM"
+ expect -i $kadmind_spawn_id "Rename Principal operation from $pname to $npname successfully issued by krbtest/admin@$REALMNAME"
if { $good == 1 } {
#
# use kdb5_edit to verify that the new principal was created and that its
# salt types are 0 (normal).
#
- spawn $KDB5_EDIT -r KRBTEST.COM
+ spawn $KDB5_EDIT -r $REALMNAME
expect_after { -i $spawn_id
timeout {
fail "kadmin renent $pname $npname"
}
set good 0
expect "kdb5_edit:" { send "show $npname\r" }
- expect "Name: $npname@KRBTEST.COM" { set good 1 }
+ expect "Name: $npname@$REALMNAME" { set good 1 }
expect "kdb5_edit:" { send "q\r" }
expect_after
expect eof
#
# use kdb5_edit to verify that the old principal is not present.
#
- spawn $KDB5_EDIT -r KRBTEST.COM
+ spawn $KDB5_EDIT -r $REALMNAME
expect_after {
timeout {
fail "kadmin renent $pname $npname"
# kadmin_list - Test list database function of kadmin.
#
# Lists the database and verifies that output matches regular expression
-# "(.*@KRBTEST.COM)*". Returns 1 on success.
+# "(.*@$REALMNAME)*". Returns 1 on success.
#--
proc kadmin_list { } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM ldb
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME ldb
expect_after {
timeout {
fail "kadmin ldb"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
- expect -re "\(.*@KRBTEST.COM\r\n\)*"
+ expect -re "\(.*@$REALMNAME\r\n\)*"
expect_after
expect eof
set k_stat [wait -i $spawn_id]
# 1 on success.
#--
proc kadmin_extract { instance name } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM xst $instance $name
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME xst $instance $name
expect_after {
timeout {
fail "kadmin xst $instance $name"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
expect "extracted entry $name to key table $instance-new-srvtab"
# 4 format. Returns 1 on success.
#--
proc kadmin_extractv4 { instance name } {
+ global REALMNAME
global KADMIN
global KEY
global spawn_id
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM xst4 $instance $name
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME xst4 $instance $name
expect_after {
timeout {
fail "kadmin xst4 $instance $name"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
expect "extracted entry $name to key table $instance-new-v4-srvtab"
# Deletes principal $pname. Returns 1 on success.
#--
proc kadmin_delete { pname } {
+ global REALMNAME
global KADMIN
global KDB5_EDIT
global KEY
global kadmind_spawn_id
set good 0
- spawn $KADMIN -m -p krbtest/admin@KRBTEST.COM delent -force $pname
+ spawn $KADMIN -m -p krbtest/admin@$REALMNAME -- delent -force $pname
expect_after {
timeout {
fail "kadmin delent $pname"
return 0
}
}
- expect "Enter password for krbtest/admin@KRBTEST.COM:" {
+ expect "Enter password for krbtest/admin@$REALMNAME:" {
send "adminpass$KEY\r"
}
expect "principal $pname deleted" { set good 1 }
set k_stat [wait -i $spawn_id]
verbose "wait -i $spawn_id returned $k_stat (kadmin delent)"
catch "close -i $spawn_id"
- expect -i $kadmind_spawn_id "Delete Principal operation for $pname successfully issued by krbtest/admin@KRBTEST.COM"
+ expect -i $kadmind_spawn_id "Delete Principal operation for $pname successfully issued by krbtest/admin@$REALMNAME"
if { $good == 1 } {
#
# use kdb5_edit to verify that the old principal is not present.
#
- spawn $KDB5_EDIT -r KRBTEST.COM
+ spawn $KDB5_EDIT -r $REALMNAME
expect_after { -i $spawn_id
timeout {
fail "kadmin delent $pname"
# daemon).
proc start_rsh_daemon { } {
+ global REALMNAME
global KRSHD
global RCP
global tmppwd
# The -D argument tells it to accept a single connection, so we
# don't need to use inetd. The 3544 is the port to listen at.
- spawn $KRSHD -k -c -D 3544 -P [file dirname $RCP] -S $tmppwd/srvtab -M KRBTEST.COM
+ spawn $KRSHD -k -c -D 3544 -P [file dirname $RCP] -S $tmppwd/srvtab -M $REALMNAME
set krshd_spawn_id $spawn_id
set krshd_pid [exp_pid]
# Test copying one file to another.
proc rcp_one_test { testname options frompref topref } {
+ global REALMNAME
global RCP
global tmppwd
set from [format "%s%s" $frompref $tmppwd/rcp-test]
set to [format "%s%s" $topref $tmppwd/copy]
- send_log "$RCP $options -D 3544 -N -k KRBTEST.COM $from $to\n"
- verbose "$RCP $options -D 3544 -N -k KRBTEST.COM $from $to"
- catch "exec $RCP $options -D 3544 -N -k KRBTEST.COM $from $to" exec_output
+ send_log "$RCP $options -D 3544 -N -k $REALMNAME $from $to\n"
+ verbose "$RCP $options -D 3544 -N -k $REALMNAME $from $to"
+ catch "exec $RCP $options -D 3544 -N -k $REALMNAME $from $to" exec_output
if ![string match "" $exec_output] {
send_log "$exec_output\n"
# A procedure to start up the rsh daemon.
proc start_rsh_daemon { option } {
+ global REALMNAME
global KRSHD
global tmppwd
global krshd_spawn_id
# The -D argument tells it to accept a single connection, so we
# don't need to use inetd. The 3544 is the port to listen at.
- spawn $KRSHD -k -c -D 3544 -S $tmppwd/srvtab -M KRBTEST.COM -A $option
+ spawn $KRSHD -k -c -D 3544 -S $tmppwd/srvtab -M $REALMNAME -A $option
set krshd_spawn_id $spawn_id
set krshd_pid [exp_pid]
# we get some sort of error.
proc rsh_test { } {
+ global REALMNAME
global RSH
global KEY
global BINSH
# Run rsh date.
set testname "date"
- spawn $RSH $hostname -k KRBTEST.COM -D 3544 -A date
+ spawn $RSH $hostname -k $REALMNAME -D 3544 -A date
expect {
-re "\[A-Za-z0-9 :\]+\[\r\n\]+$" {
set result $expect_out(0,string)
set failed no
start_rsh_daemon -ek
set testname "encrypted rsh"
- spawn $RSH $hostname -x -k KRBTEST.COM -D 3544 -A echo hello
+ spawn $RSH $hostname -x -k $REALMNAME -D 3544 -A echo hello
expect {
"hello" { }
timeout {
# Check stderr
start_rsh_daemon -k
set testname "rsh to stderr"
- spawn $RSH $hostname -k KRBTEST.COM -D 3544 -A $BINSH -c "'echo hello 1>&2'"
+ spawn $RSH $hostname -k $REALMNAME -D 3544 -A $BINSH -c "'echo hello 1>&2'"
expect {
"hello" { }
timeout {
start_rsh_daemon -e
set testname "encrypted rsh to stderr"
- spawn $RSH $hostname -x -k KRBTEST.COM -D 3544 -A $BINSH -c "'echo hello 1>&2'"
+ spawn $RSH $hostname -x -k $REALMNAME -D 3544 -A $BINSH -c "'echo hello 1>&2'"
expect {
"hello" { }
timeout {
}
proc test_sclient { msg } {
+ global REALMNAME
global SCLIENT
global hostname
global spawn_id
}
expect {
- "You are krbtest/admin@KRBTEST.COM\r" {
+ "You are krbtest/admin@$REALMNAME\r" {
verbose "received valid sample message"}
eof {
fail $msg
-# Standalone Kerberos test.
+ # Standalone Kerberos test.
# This is a DejaGnu test script.
# This script tests that the Kerberos tools can talk to each other.
# processes when the procedure ends.
proc doit { } {
+ global REALMNAME
global KLIST
global KDESTROY
global KEY
# Make sure that klist can see the ticket.
spawn $KLIST
expect {
- -re "Ticket cache:\[ \]*$tmppwd/tkt.*Default principal:\[ \]*krbtest/admin@KRBTEST.COM.*krbtgt/KRBTEST.COM@KRBTEST.COM\r\n" {
+ -re "Ticket cache:\[ \]*$tmppwd/tkt.*Default principal:\[ \]*krbtest/admin@$REALMNAME.*krbtgt/$REALMNAME@$REALMNAME\r\n" {
verbose "klist started"
}
timeout {