From: Ken Raeburn Date: Wed, 1 Sep 1999 21:06:55 +0000 (+0000) Subject: des3 testing. move out principal expiration time in test db by 30 years X-Git-Tag: krb5-1.2-beta1~263 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=4f36c4c7f86567fa11597b562c111e614e155bfd;p=krb5.git des3 testing. move out principal expiration time in test db by 30 years git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11765 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/tests/dejagnu/config/ChangeLog b/src/tests/dejagnu/config/ChangeLog index f464d3ee2..4cecec791 100644 --- a/src/tests/dejagnu/config/ChangeLog +++ b/src/tests/dejagnu/config/ChangeLog @@ -1,3 +1,28 @@ +1999-08-31 Ken Raeburn + + * default.exp (setup_kerberos_files): Set kdc_supported_enctypes + in kdc.conf, and include des3-cbc-sha1:normal. + (setup_kerberos_db): If setting up krbtgt to use des3, now use + only des3, not des3 and des-crc both. + +1999-08-30 Ken Raeburn + + * default.exp (des3_krbtgt): New variable. + (setup_kerberos_files): Remove des3 from supported_enctypes in + kdc.conf. + (setup_kerberos_db): If des3_krbtgt is set, change krbtgt key, and + get a des3 key in addition to des. + +1999-08-27 Ken Raeburn + + * default.exp: Set default principal expiration a bit further into + the future. + +1999-08-26 Tom Yu + + * default.exp (setup_kerberos_files): Tweak enctypes entered into + config files to exercise 3DES a little. + Fri Jan 30 23:48:57 1998 Tom Yu * default.exp: Add kpasswd_server to krb5.conf. diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp index c5b626192..6b53e3522 100644 --- a/src/tests/dejagnu/config/default.exp +++ b/src/tests/dejagnu/config/default.exp @@ -15,6 +15,8 @@ set timeout 100 set stty_init {erase \^h kill \^u} set env(TERM) dumb +set des3_krbtgt 1 + # We do everything in a temporary directory. if ![file isdirectory tmpdir] {catch "exec mkdir tmpdir" status} @@ -309,7 +311,7 @@ proc setup_kerberos_files { } { set conffile [open tmpdir/krb5.conf w] puts $conffile "\[libdefaults\]" puts $conffile " default_realm = $REALMNAME" - puts $conffile "default_tgs_enctypes = des3-cbc-md5 des-cbc-md5 des-cbc-crc" + puts $conffile "default_tgs_enctypes = des-cbc-md5 des-cbc-crc" puts $conffile "" puts $conffile "\[realms\]" puts $conffile " $REALMNAME = \{" @@ -350,9 +352,11 @@ proc setup_kerberos_files { } { puts $conffile " max_renewable_life = 3:00:00" puts $conffile " master_key_type = des-cbc-md5" puts $conffile " master_key_name = master/key" - puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" +# des3-cbc-sha1:normal + puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" + puts $conffile " kdc_supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" puts $conffile " kdc_ports = 3088" - puts $conffile " default_principal_expiration = 99.12.31.23.59.59" + puts $conffile " default_principal_expiration = 2037.12.31.23.59.59" puts $conffile " default_principal_flags = -postdateable forwardable" puts $conffile " \}" puts $conffile "" @@ -579,6 +583,7 @@ proc setup_kerberos_db { standalone } { global KEY global tmppwd global spawn_id + global des3_krbtgt if {!$standalone && [file exists tmpdir/db.ok]} { return 1 @@ -730,6 +735,46 @@ proc setup_kerberos_db { standalone } { return 0 } + if $des3_krbtgt { + # Set the TGT key to DES3. + spawn $KADMIN_LOCAL -r $REALMNAME -e des3-cbc-sha1:normal + expect_after { + timeout { + catch "expect_after" + fail "kadmin.local (timeout)" + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + eof { + catch "expect_after" + fail "kadmin.local (eof)" + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + } + expect "kadmin.local: " + send "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r" + # It echos... + expect "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r" + expect { + "Key for \"krbtgt/$REALMNAME@$REALMNAME\" randomized." { } + } + expect "kadmin.local: " + send "quit\r" + expect "\r" + expect_after + if ![check_exit_status kadmin_local] { + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + } + if ![setup_kadmind_srvtab] { return 0 }