From: Barry Jaspan Date: Wed, 12 Jun 1996 21:12:07 +0000 (+0000) Subject: add KADM5_API_VERSION_2 tests X-Git-Tag: krb5-1.0-beta7~368 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=4d2c129c56250a584a1644f7b2588b773e379bd0;p=krb5.git add KADM5_API_VERSION_2 tests git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8334 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/doc/kadm5/api-unit-test.tex b/doc/kadm5/api-unit-test.tex index 8985263c3..7ca056f43 100644 --- a/doc/kadm5/api-unit-test.tex +++ b/doc/kadm5/api-unit-test.tex @@ -26,14 +26,16 @@ \newcommand{\Number}[1]{\item[Number:] #1} \newcommand{\Reason}[1]{\item[Reason:] #1} -%\newcommand{\Call}[1]{\item[Call:] #1} \newcommand{\Expected}[1]{\item[Expected:] #1} \newcommand{\Conditions}[1]{\item[Conditions:] #1} \newcommand{\Priority}[1]{\item[Priority:] #1} \newcommand{\Status}[1]{\item[Status:] #1} +\newcommand{\Vtwonote}[1]{\item[V2 note:] #1} +\newcommand{\Version}[1]{\item[Version:] #1} +\newcommand{\Call}[1]{} +%\newcommand{\Call}[1]{\item[Call:] #1} %\newcommand{\Number}[1]{} %\newcommand{\Reason}[1]{} -\newcommand{\Call}[1]{} %\newcommand{\Expected}[1]{} %\newcommand{\Conditions}[1]{} %\newcommand{\Priority}[1]{} @@ -50,15 +52,15 @@ Unit Test Description\footnote{\rcsHeader}} \section{Introduction} -The following is a description of a black-box unit test of the -OpenV*Secure Admin API. Each API function is listed, followed by the -tests that shoud be performed on it. +The following is a description of a black-box unit test of the KADM5 +API. Each API function is listed, followed by the tests that shoud be +performed on it. -The tests described here are based on the ``OV*Secure Admin Functional -Specifications'' revision 1.41, dated August 18, 1994. - -Since inter-realm functionality is not a requirement for OpenV*Secure -1.0, it is not tested. +The tests described here are based on the ``Kerberos Administration +System KADM5 API Functional Specifications'', revision 1.68. This +document was originally written based on the OpenVision API functional +specifications, version 1.41, dated August 18, 1994, and many +indications of the original version remain. All tests which test for success should verify, using some means other than the return value of the function being tested, that the requested @@ -70,10 +72,9 @@ have taken place did, and that the new, modified data is in effect; for get operations, verify that the data retrieved is the data that should actually be in the database. -As of now the tests are being re-worked to use database comparision routines -simular to the GUI tests. This routines are not completly in place yet. The -purpose for using these routines is for better detection of incorrect -database modification. +The tests would be better if they compared the actual contents of the +database before and after each test, rather than relying on the KADM5 +API to report the results of changes. Similarly, all tests which test for failure should verify that the no component of the requested operation took place. For example: if @@ -109,21 +110,31 @@ invalidating a server handle. So there is a program that calls init and changes the handle magic number, and then attempts to call each API function with the corrupted server handle. +A number of tests have been added or changed to correspond with KADM5 +API version 2. Tests which are only performed against the newer +version specify the version number in the test description. + \section{ovsec_kadm_init} \numtest{1}{ \Reason{An empty string realm is rejected.} \Status{Implemented} +\Vtwonote{The empty string is now passed as the realm field of the +parameters structure.} } \numtest{2}{ \Reason{A realm containing invalid characters is rejected.} \Status{Implemented} +\Vtwonote{The invalid character is now passed as the realm field of the +parameters structure.} } \numtest{2.5}{ \Reason{A non-existent realm is rejected.} \Status{Implemented} +\Vtwonote{The non-existent realm is now passed as the realm field of the +parameters structure.} } \numtest{3}{ @@ -227,6 +238,8 @@ with the corrupted server handle. \numtest{19}{ \Reason{Valid invocation (explicit service realm).} \Status{Implemented} +\Vtwonote{The explicit realm is now passed as the realm field of the +configuration parameters.} } \numtest{20}{ @@ -243,12 +256,14 @@ with the corrupted server handle. \Reason{A null password causes master-key prompting.} \Conditions{local} \Status{Implemented} +\Vtwonote{Obsolete.} } \numtest{22.5}{ \Reason{A empty string password causes master-key prompting.} \Conditions{local} \Status{Implemented} +\Vtwonote{Obsolete.} } %\numtest{23}{ @@ -403,6 +418,161 @@ exist.} \Status{Implemented} } +\numtest{100}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the profile field of the configuration parameters, if +set.} +\Status{Implemented} +} + +\numtest{101}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the kadmind_port field of the configuration parameters, +if set.} +\Conditions{RPC} +\Status{Implemented} +} + +\numtest{102}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the admin_server field of the configuration parameters, +if set with only an admin server name.} +\Conditions{RPC} +\Status{Implemented} +} + +\numtest{102.5}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the admin_server field of the configuratin parameters, +if set with a host name and port number.} +\Conditions{RPC} +} + +\numtest{103}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the dbname field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{104}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the admin_dbname field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{105}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the admin_lockfile field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{106}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the mkey_from_kbd field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{107}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the stash_file field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{108}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the mkey_name field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{109}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the max_life field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{110}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the max_rlife field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{111}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the expiration field of the configuration parameters, if +set.} +\Status{Implemented} +\Conditions{local} +} + +\numtest{112}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the flags field of the configuration parameters, if +set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{113}{ +\Version{KADM5_API_VERSION_2} +\Reason{Obeys the keysalts and num_keysalts field of the configuration +parameters, if set.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{114}{ +\Version{KADM5_API_VERSION_2} +\Reason{Returns KADM5_BAD_SERVER_PARAMS if any client-only parameters +are specified to server-side init.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{115}{ +\Version{KADM5_API_VERSION_2} +\Reason{Returns KADM5_BAD_CLIENT_PARAMS if any client-only parameters +are specified to server-side init.} +\Conditions{RPC} +\Status{Implemented} +} + +\numtest{150}{ +\Version{KADM5_API_VERSION_2} +\Reason{init_with_creds works when given an open ccache with a valid +credential for ADMIN_SERVICE.} +\Conditions{RPC} +} + +\numtest{150}{ +\Version{KADM5_API_VERSION_2} +\Reason{init_with_creds works when given an open ccache with a valid +credential for CHANGEPW_SERVICE.} +\Conditions{RPC} +} + +\numtest{150}{ +\Version{KADM5_API_VERSION_2} +\Reason{init_with_creds fails with KADM5_GSS_ERROR when given an open +ccache without a valid credential.} +\Conditions{RPC} +} + \section{ovsec_kadm_destroy} \numtest{1}{ @@ -1468,6 +1638,12 @@ Base & Modify access? & Own password? & Service & Pass/Fail \\ \hline \Conditions{RPC} } +\numtest{200}{ +\Version{KADM5_API_VERSION_2} +\Reason{Creates a key for the principal for each unique encryption +type/salt type in use.} +\Status{Implemented} +} \section{ovsec_kadm_chpass_principal_util} @@ -1573,28 +1749,34 @@ Number & Modify Access? & Own Key? & Service & Pass/Fail & Implemented? \\ \hlin \Priority{High} \Reason{Fails for user with ``get'' but not ``modify'' access, on other's password.} +\Vtwonote{Change-password instead of modify access.} } \numtest{26}{ \Reason{Fails for user with ``delete'' but not ``modify'' access, on other's password.} +\Vtwonote{Change-password instead of modify access.} } \numtest{27}{ \Reason{Fails for user with ``add'' but not ``modify'' access, on other's password.} +\Vtwonote{Change-password instead of modify access.} } \numtest{28}{ \Reason{Succeeds for user with ``get'' and ``modify'' access, on other's password.} \Status{Implemented} +\Vtwonote{Change-password instead of modify access.} } + \numtest{28.25}{ \Priority{High} \Reason{Fails for user with get and modify access on others password When conneceted with CHANGEPW_SERVICE} \Status{Implemented} +\Vtwonote{Change-password instead of modify access.} } \numtest{28.5}{ @@ -1602,7 +1784,7 @@ Number & Modify Access? & Own Key? & Service & Pass/Fail & Implemented? \\ \hlin \Reason{Succeeds for user with ``modify'' but not ``get'' access, on other's password.} \Status{Implemented} - +\Vtwonote{Change-password instead of modify access.} } \numtest{29}{ @@ -1636,6 +1818,11 @@ Number & Modify Access? & Own Key? & Service & Pass/Fail & Implemented? \\ \hlin \Conditions{RPC} } +\numtest{100}{ +\Version{KADM5_API_VERSION_2} +\Reason{Returns a key for each unique encryption type specified in the +keysalts.} +} \section{ovsec_kadm_get_principal} @@ -1744,6 +1931,35 @@ Number & Modify Access? & Own Key? & Service & Pass/Fail & Implemented? \\ \hlin \Conditions{RPC} } +\numtest{100}{ +\Version{KADM5_API_VERSION_2} +\Reason{If KADM5_PRINCIPAL_NORMAL_MASK is specified, the key_data and +tl_data fields are NULL/zero.} +\Status{Implemented} +} + +\numtest{101}{ +\Version{KADM5_API_VERSION_2} +\Reason{If KADM5_KEY_DATA is specified, the key_data fields contain +data but the contents are all NULL.} +\Conditions{RPC} +\Status{Implemented} +} + +\numtest{102}{ +\Version{KADM5_API_VERSION_2} +\Reason{If KADM5_KEY_DATA is specified, the key_data fields contain +data and the contents are all non-NULL.} +\Conditions{local} +\Status{Implemented} +} + +\numtest{103}{ +\Version{KADM5_API_VERSION_2} +\Reason{If KADM5_TL_DATA is specified, the tl_data fields contain data.} +\Status{Implemented} +} + \section{ovsec_kadm_create_policy}