From: Paul Park Date: Fri, 12 May 1995 20:19:35 +0000 (+0000) Subject: Add kadmin.exp for kadmin tests X-Git-Tag: krb5-1.0-beta6~1986 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=18614884fe6e988fdad08c0c2f803b67079aa9b7;p=krb5.git Add kadmin.exp for kadmin tests git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5811 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/tests/dejagnu/krb-standalone/.Sanitize b/src/tests/dejagnu/krb-standalone/.Sanitize index d7351ab25..220d13be3 100644 --- a/src/tests/dejagnu/krb-standalone/.Sanitize +++ b/src/tests/dejagnu/krb-standalone/.Sanitize @@ -23,6 +23,7 @@ Do-first: Things-to-keep: +kadmin.exp rcp.exp rsh.exp sample.exp diff --git a/src/tests/dejagnu/krb-standalone/ChangeLog b/src/tests/dejagnu/krb-standalone/ChangeLog index 6b91783f2..4c1e0068f 100644 --- a/src/tests/dejagnu/krb-standalone/ChangeLog +++ b/src/tests/dejagnu/krb-standalone/ChangeLog @@ -1,3 +1,7 @@ + +Thu May 11 12:25:38 EDT 1995 Paul Park (pjpark@mit.edu) + Add kadmin.exp for kadmin tests. + Wed May 10 17:00:01 1995 Ezra Peisach * .Sanitize (Things-to-keep): Add sample.exp diff --git a/src/tests/dejagnu/krb-standalone/kadmin.exp b/src/tests/dejagnu/krb-standalone/kadmin.exp new file mode 100644 index 000000000..155f71f4d --- /dev/null +++ b/src/tests/dejagnu/krb-standalone/kadmin.exp @@ -0,0 +1,876 @@ +# Kerberos kadmin test. +# This is a DejaGnu test script. +# This script tests Kerberos kadmin5 using kdb5_edit as verification. + +# Set up the kerberos database. +if {![get_hostname] \ + || ![setup_kerberos_files] \ + || ![setup_kerberos_env] \ + || ![setup_kerberos_db 0]} { + return +} + +# find kpasswd +if ![info exists KPASSWD] { + set KPASSWD [findfile $objdir/../../kadmin/kpasswd/kpasswd] +} + +# find kdestroy +if ![info exists KDESTROY] { + set KDESTROY [findfile $objdir/../../clients/kdestroy/kdestroy] +} + +#++ +# kadmin_add - Test add new v5 principal function of kadmin. +# +# Adds principal $pname with password $password. Returns 1 on success. +#-- +proc kadmin_add { pname password } { + global KADMIN + global KDB5_EDIT + global KEY + global spawn_id + global tmppwd + global kadmind_spawn_id + + set good 0 + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM ank $pname + expect_after { + timeout { + fail "kadmin add $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin add $pname" + catch "expect_after" + return 0 + } + } + expect "Enter new password for $pname :" { send "$password\r" } + expect "Re-enter new password for $pname :" { send "$password\r" } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + expect "principal $pname added" { set good 1 } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin add)" + catch "close -i $spawn_id" + # + # Read the kadmind message too. It checks the operation of kadmind, + # and also, on some systems the write to standard error will block if + # too many messages back up. + # + expect -i $kadmind_spawn_id "Add Principal operation for $pname successfully issued by krbtest/kadmin5@KRBTEST.COM" + if { $good == 1 } { + # + # use kdb5_edit to verify that a principal was created and that its + # salt types are 0 (normal). + # + spawn $KDB5_EDIT -m -d $tmppwd/db -r KRBTEST.COM + expect_after { -i $spawn_id + timeout { + fail "kadmin add $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin add $pname" + catch "expect_after" + return 0 + } + } + set good 0 + expect -i $spawn_id "Enter KDC database master key" { + send "masterkey$KEY\r" + } + expect "kdb5_edit:" { send "show $pname\r" } + expect { + -re "Name: $pname@KRBTEST.COM\r\nKey version: 1\r\n.*Last modified by krbtest/kadmin5@KRBTEST.COM.*Salt: 0.*Alt salt: 0" { + set good 1 + } + } + expect "kdb5_edit:" { send "q\r" } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kdb5_edit show)" + catch "close -i $spawn_id" + if { $good == 1 } { + pass "kadmin add $pname" + return 1 + } + else { + fail "kadmin add $pname" + return 0 + } + } + else { + fail "kadmin add $pname" + return 0 + } +} + +#++ +# kadmin_addv4 - Test add new v4 principal subfunction of kadmin. +# +# Adds principal $pname with $password with V4 salt. Returns 1 on success. +#-- +proc kadmin_addv4 { pname password } { + global KADMIN + global KDB5_EDIT + global KEY + global spawn_id + global tmppwd + global kadmind_spawn_id + + set good 0 + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM ank $pname salttype=v4 + expect_after { + timeout { + fail "kadmin addv4 $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin addv4 $pname" + catch "expect_after" + return 0 + } + } + expect "Enter new password for $pname :" { send "$password\r" } + expect "Re-enter new password for $pname :" { send "$password\r" } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + expect "principal $pname added" { set good 1 } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin addv4)" + catch "close -i $spawn_id" + expect -i $kadmind_spawn_id "Add Principal operation for $pname successfully issued by krbtest/kadmin5@KRBTEST.COM" + if { $good == 1 } { + # + # use kdb5_edit to verify that a principal was created and that its + # salt types are 1 (v4). + # + spawn $KDB5_EDIT -m -d $tmppwd/db -r KRBTEST.COM + expect_after { -i $spawn_id + timeout { + fail "kadmin addv4 $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin addv4 $pname" + catch "expect_after" + return 0 + } + } + set good 0 + expect -i $spawn_id "Enter KDC database master key" { + send "masterkey$KEY\r" + } + expect "kdb5_edit:" { send "show $pname\r" } + expect { + -re "Name: $pname@KRBTEST.COM\r\nKey version: 1\r\n.*Last modified by krbtest/kadmin5@KRBTEST.COM.*Salt: 1.*Alt salt: 1" { + set good 1 + } + } + expect "kdb5_edit:" { send "q\r" } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kdb5_edit show)" + catch "close -i $spawn_id" + if { $good == 1 } { + pass "kadmin addv4 $pname" + return 1 + } + else { + fail "kadmin addv4 $pname" + return 0 + } + } + else { + fail "kadmin addv4 $pname" + return 0 + } +} + +#++ +# kadmin_add_rnd - Test add new v5 principal with random key function. +# +# Adds principal $pname with random key. Returns 1 on success. +#-- +proc kadmin_add_rnd { pname } { + global KADMIN + global KDB5_EDIT + global KEY + global spawn_id + global tmppwd + global kadmind_spawn_id + + set good 0 + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM ark $pname + expect_after { + timeout { + fail "kadmin add_rnd $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin add_rnd $pname" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + expect "principal $pname added" { set good 1 } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin add_rnt)" + catch "close -i $spawn_id" + expect -i $kadmind_spawn_id "Add Principal operation for $pname successfully issued by krbtest/kadmin5@KRBTEST.COM" + if { $good == 1 } { + # + # use kdb5_edit to verify that a principal was created and that its + # salt types are 0 (normal). + # + spawn $KDB5_EDIT -m -d $tmppwd/db -r KRBTEST.COM + expect_after { -i $spawn_id + timeout { + fail "kadmin add_rnd $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin add_rnd $pname" + catch "expect_after" + return 0 + } + } + set good 0 + expect -i $spawn_id "Enter KDC database master key" { + send "masterkey$KEY\r" + } + expect "kdb5_edit:" { send "show $pname\r" } + expect { + -re "Name: $pname@KRBTEST.COM\r\nKey version: 1\r\n.*Last modified by krbtest/kadmin5@KRBTEST.COM.*Salt: 0.*Alt salt: 0" { + set good 1 + } + } + expect "kdb5_edit:" { send "q\r" } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kdb5_edit show)" + catch "close -i $spawn_id" + if { $good == 1 } { + pass "kadmin add_rnd $pname" + return 1 + } + else { + fail "kadmin add_rnd $pname" + return 0 + } + } + else { + fail "kadmin add_rnd $pname" + return 0 + } +} + +#++ +# kadmin_show - Test show principal function of kadmin. +# +# Retrieves entry for $pname. Returns 1 on success. +#-- +proc kadmin_show { pname } { + global KADMIN + global KEY + global spawn_id + + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM show $pname + expect_after { + timeout { + fail "kadmin show $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin show $pname" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" + send "adminpass$KEY\r" + expect -re "\r.*-*Principal: $pname.*Last modified by: .*Flags:.*-*" + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin show)" + catch "close -i $spawn_id" + pass "kadmin show $pname" + return 1 +} + +#++ +# kadmin_cpw - Test change password function of kadmin +# +# Change password of $pname to $password. Returns 1 on success. +#-- +proc kadmin_cpw { pname password } { + global KADMIN + global KEY + global spawn_id + global kadmind_spawn_id + + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM cpw $pname + expect_after { + timeout { + fail "kadmin cpw $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin cpw $pname" + catch "expect_after" + return 0 + } + } + expect "Enter new password for $pname:" { send "$password\r" } + expect "Re-enter new password for $pname:" { send "$password\r" } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + # When in doubt, jam one of these in there. + expect "\r" + expect "password changed for $pname" + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin cpw)" + catch "close -i $spawn_id" + expect -i $kadmind_spawn_id "Change Password operation for $pname successfully issued by krbtest/kadmin5@KRBTEST.COM" + pass "kadmin cpw $pname" + return 1 +} + +#++ +# kadmin_cpw_rnd - Test change random key function of kadmin. +# +# Changes principal $pname's key to a new random key. Returns 1 on success. +#-- +proc kadmin_cpw_rnd { pname } { + global KADMIN + global KEY + global spawn_id + global kadmind_spawn_id + + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM crk $pname + expect_after { + timeout { + fail "kadmin cpw_rnd $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin cpw_rnd $pname" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + # When in doubt, jam one of these in there. + expect "\r" + expect "password changed for $pname" + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin cpw_rnd)" + catch "close -i $spawn_id" + expect -i $kadmind_spawn_id "Change Random Password operation for $pname successfully issued by krbtest/kadmin5@KRBTEST.COM" + pass "kadmin cpw_rnd $pname" + return 1 +} + +#++ +# kadmin_modify - Test modify principal function of kadmin. +# +# Modifies principal $pname with flags $flags. Returns 1 on success. +#-- +proc kadmin_modify { pname flags } { + global KADMIN + global KEY + global spawn_id + global kadmind_spawn_id + + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM modent $pname $flags + expect_after { + timeout { + fail "kadmin modify $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin modify $pname" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" + send "adminpass$KEY\r" + expect "principal $pname modified" + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin modify)" + catch "close -i $spawn_id" + expect -i $kadmind_spawn_id "Modify Principal operation for $pname successfully issued by krbtest/kadmin5@KRBTEST.COM" + pass "kadmin modify $pname" + return 1 +} + +#++ +# kadmin_rename - Test rename function of kadmin. +# +# Rename principal $pname to $npname. Returns 1 on success. +#-- +proc kadmin_rename { pname npname } { + global KADMIN + global KDB5_EDIT + global KEY + global spawn_id + global tmppwd + global kadmind_spawn_id + + set good 0 + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM renent -force $pname $npname + expect_after { + timeout { + fail "kadmin renent $pname $npname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin renent $pname $npname" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + expect "principal $pname renamed to $npname" { set good 1 } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin rename)" + catch "close -i $spawn_id" + expect -i $kadmind_spawn_id "Rename Principal operation from $pname to $npname successfully issued by krbtest/kadmin5@KRBTEST.COM" + if { $good == 1 } { + # + # use kdb5_edit to verify that the new principal was created and that its + # salt types are 0 (normal). + # + spawn $KDB5_EDIT -m -d $tmppwd/db -r KRBTEST.COM + expect_after { -i $spawn_id + timeout { + fail "kadmin renent $pname $npname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin renent $pname $npname" + catch "expect_after" + return 0 + } + } + set good 0 + expect -i $spawn_id "Enter KDC database master key" { + send "masterkey$KEY\r" + } + expect "kdb5_edit:" { send "show $npname\r" } + expect { + -re "Name: $npname@KRBTEST.COM\r\n.*Last modified by krbtest/kadmin5@KRBTEST.COM.*Salt: 0.*Alt salt: 0" { + set good 1 + } + } + expect "kdb5_edit:" { send "q\r" } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kdb5_edit show)" + catch "close -i $spawn_id" + + if { $good == 1 } { + # + # use kdb5_edit to verify that the old principal is not present. + # + spawn $KDB5_EDIT -m -d $tmppwd/db -r KRBTEST.COM + expect_after { + timeout { + fail "kadmin renent $pname $npname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin renent $pname $npname" + catch "expect_after" + return 0 + } + } + set good 0 + expect "Enter KDC database master key" { send "masterkey$KEY\r" } + expect "kdb5_edit:" { send "show $pname\r" } + expect "Principal $pname not found" { set good 1 } + expect "kdb5_edit:" { send "q\r" } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kdb5_edit show)" + catch "close -i $spawn_id" + if { $good == 1 } { + pass "kadmin renent $pname $npname" + return 1 + } + else { + fail "kadmin renent $pname $npname" + return 0 + } + } + else { + fail "kadmin renent $pname $npname" + return 0 + } + } + else { + fail "kadmin renent $pname $npname" + return 0 + } +} + +#++ +# kadmin_list - Test list database function of kadmin. +# +# Lists the database and verifies that output matches regular expression +# "(.*@KRBTEST.COM)*". Returns 1 on success. +#-- +proc kadmin_list { } { + global KADMIN + global KEY + global spawn_id + + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM ldb + expect_after { + timeout { + fail "kadmin ldb" + catch "expect_after" + return 0 + } + eof { + fail "kadmin ldb" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + expect -re "\(.*@KRBTEST.COM\r\n\)*" + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin list)" + catch "close -i $spawn_id" + pass "kadmin ldb" + return 1 +} + +#++ +# kadmin_extract - Test extract service key function of kadmin. +# +# Extracts service key for service name $name instance $instance. Returns +# 1 on success. +#-- +proc kadmin_extract { instance name } { + global KADMIN + global KEY + global spawn_id + + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM xst $instance $name + expect_after { + timeout { + fail "kadmin xst $instance $name" + catch "expect_after" + return 0 + } + eof { + fail "kadmin xst $instance $name" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + expect "extracted entry $name to key table $instance-new-srvtab" + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin xst)" + catch "close -i $spawn_id" + catch "exec rm -f $instance-new-srvtab" + pass "kadmin xst $instance $name" + return 1 +} + +#++ +# kadmin_extractv4 - Test extract service key in v4 format function of +# kadmin. +# +# Extracts service key for service name $name instance $instance in version +# 4 format. Returns 1 on success. +#-- +proc kadmin_extractv4 { instance name } { + global KADMIN + global KEY + global spawn_id + + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM xst4 $instance $name + expect_after { + timeout { + fail "kadmin xst4 $instance $name" + catch "expect_after" + return 0 + } + eof { + fail "kadmin xst4 $instance $name" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + expect "extracted entry $name to key table $instance-new-v4-srvtab" + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin xst4)" + catch "close -i $spawn_id" + catch "exec rm -f $instance-new-v4-srvtab" + pass "kadmin xst4 $instance $name" + return 1 +} + +#++ +# kadmin_delete - Test delete principal function of kadmin. +# +# Deletes principal $pname. Returns 1 on success. +#-- +proc kadmin_delete { pname } { + global KADMIN + global KDB5_EDIT + global KEY + global spawn_id + global tmppwd + global kadmind_spawn_id + + set good 0 + spawn $KADMIN -m -p krbtest/kadmin5@KRBTEST.COM delent -force $pname + expect_after { + timeout { + fail "kadmin delent $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin delent $pname" + catch "expect_after" + return 0 + } + } + expect "Enter password for krbtest/kadmin5@KRBTEST.COM:" { + send "adminpass$KEY\r" + } + expect "principal $pname deleted" { set good 1 } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kadmin delent)" + catch "close -i $spawn_id" + expect -i $kadmind_spawn_id "Delete Principal operation for $pname successfully issued by krbtest/kadmin5@KRBTEST.COM" + if { $good == 1 } { + # + # use kdb5_edit to verify that the old principal is not present. + # + spawn $KDB5_EDIT -m -d $tmppwd/db -r KRBTEST.COM + expect_after { -i $spawn_id + timeout { + fail "kadmin delent $pname" + catch "expect_after" + return 0 + } + eof { + fail "kadmin delent $pname" + catch "expect_after" + return 0 + } + } + set good 0 + expect -i $spawn_id "Enter KDC database master key" { + send "masterkey$KEY\r" + } + expect "kdb5_edit:" { send "show $pname\r" } + expect "Principal $pname not found" { set good 1 } + expect "kdb5_edit:" { send "q\r" } + expect_after + expect eof + set k_stat [wait -i $spawn_id] + verbose "wait -i $spawn_id returned $k_stat (kdb5_edit show)" + catch "close -i $spawn_id" + if { $good == 1 } { + pass "kadmin delent $pname" + return 1 + } + else { + fail "kadmin delent $pname" + return 0 + } + } + else { + fail "kadmin delent $pname" + return 0 + } +} + +#++ +# kpasswd_cpw - Test password changing using kpasswd. +# +# Change $princ's password from $opw to $npw. Returns 1 on success. +#-- +proc kpasswd_cpw { princ opw npw } { + global KPASSWD + global kadmind_spawn_id + + spawn $KPASSWD -u $princ + expect_after { + timeout { + fail "kpasswd $princ $npw" + catch "expect_after" + return 0 + } + eof { + fail "kpasswd $princ $npw" + catch "expect_after" + return 0 + } + } + expect "Enter old password for $princ:" { send "$opw\r" } + expect "Enter new password:" { send "$npw\r" } + expect "Re-enter new password:" { send "$npw\r" } + expect -i $kadmind_spawn_id "changed password for $princ" + if ![check_exit_status "kpasswd"] { + fail "kpasswd $princ $npw" + return 0 + } + pass "kpasswd $princ $npw" + return 1 +} + +#++ +# kdestroy +#-- +proc kdestroy { } { + global KDESTROY + + spawn $KDESTROY + if ![check_exit_status "kdestroy"] { + return 0 + } + return 1 +} + +# Wrap the tests in a procedure, so that we can kill the daemons if +# we get some sort of error. + +proc kadmin_test { } { + + # Start up the kerberos and kadmind daemons + if {![start_kerberos_daemons 0] } { + return + } + + # Test basic kadmin functions. + if {![kadmin_add v5principal/instance1 v5principal] \ + || ![kadmin_addv4 v4principal/instance2 v4principal] \ + || ![kadmin_add_rnd v5random] \ + || ![kadmin_show v5principal/instance1] \ + || ![kadmin_show v4principal/instance2] \ + || ![kadmin_show v5random] \ + || ![kadmin_cpw v5principal/instance1 faroutman] \ + || ![kadmin_cpw v4principal/instance2 honkydory] \ + || ![kadmin_cpw_rnd v5random] \ + || ![kadmin_modify v5random -allow_tickets] \ + || ![kadmin_modify v5random +allow_tickets] \ + || ![kadmin_rename v5random randomkey] \ + || ![kadmin_show randomkey] \ + || ![kadmin_list] \ + || ![kadmin_extract instance1 v5principal] \ + || ![kadmin_extractv4 instance2 v4principal] \ + || ![kadmin_delete randomkey] \ + || ![kadmin_delete v4principal/instance2] \ + || ![kadmin_delete v5principal/instance1]} { + return + } + + # now test kpasswd + if {![kadmin_add testprinc/instance thisisatest] \ + || ![kpasswd_cpw testprinc/instance thisisatest anothertest] \ + || ![kpasswd_cpw testprinc/instance anothertest goredsox] \ + || ![kadmin_delete testprinc/instance]} { + return + } + + # now test that we can kinit with principals/passwords. + if {![kadmin_add testprinc1/instance thisisatest] \ + || ![kinit testprinc1/instance thisisatest 0] \ + || ![kdestroy] \ + || ![kpasswd_cpw testprinc1/instance thisisatest anothertest] \ + || ![kinit testprinc1/instance anothertest 0] \ + || ![kdestroy] \ + || ![kpasswd_cpw testprinc1/instance anothertest goredsox] \ + || ![kinit testprinc1/instance goredsox 0] \ + || ![kdestroy] \ + || ![kadmin_cpw testprinc1/instance betterwork] \ + || ![kinit testprinc1/instance betterwork 0] \ + || ![kdestroy] \ + || ![kadmin_delete testprinc1/instance]} { + return + } + + verbose "kadmin_test succeeded" +} + +# Run the test. +set status [catch kadmin_test msg] + +# Shut down the kerberos daemons and the rsh daemon. +stop_kerberos_daemons + +if { $status != 0 } { + send_error "ERROR: error in kadmin.exp\n" + send_error "$msg\n" + exit 1 +}