From 62562bc0c81eec62d2dcbfeec1de0e6f1a5262bc Mon Sep 17 00:00:00 2001 From: Ezra Peisach Date: Tue, 22 Aug 2000 15:43:40 +0000 Subject: [PATCH] * v4gssftp.exp: New tests for the krb4 compatible interface to gssftp git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12627 dc483132-0cff-0310-8789-dd5450dbe970 --- src/tests/dejagnu/krb-standalone/ChangeLog | 4 + src/tests/dejagnu/krb-standalone/v4gssftp.exp | 399 ++++++++++++++++++ 2 files changed, 403 insertions(+) create mode 100644 src/tests/dejagnu/krb-standalone/v4gssftp.exp diff --git a/src/tests/dejagnu/krb-standalone/ChangeLog b/src/tests/dejagnu/krb-standalone/ChangeLog index 01a6e06c5..2fa694210 100644 --- a/src/tests/dejagnu/krb-standalone/ChangeLog +++ b/src/tests/dejagnu/krb-standalone/ChangeLog @@ -1,3 +1,7 @@ +Tue Aug 22 11:43:14 2000 Ezra Peisach + + * v4gssftp.exp: New tests for the krb4 compatible interface to gssftp. + 2000-08-08 Ezra Peisach * v4standalone.exp: New set of tests for basic V4 functionality. diff --git a/src/tests/dejagnu/krb-standalone/v4gssftp.exp b/src/tests/dejagnu/krb-standalone/v4gssftp.exp new file mode 100644 index 000000000..f78f5e84a --- /dev/null +++ b/src/tests/dejagnu/krb-standalone/v4gssftp.exp @@ -0,0 +1,399 @@ +# Kerberos ftp test. +# This is a DejaGnu test script. +# This script tests Kerberos ftp. +# Originally written by Ian Lance Taylor, Cygnus Support, . +# Modified bye Ezra Peisach for GSSAPI support. + +# Find the programs we need. We use the binaries from the build tree +# if they exist. If they do not, then they must be in PATH. We +# expect $objdir to be .../kerberos/build/tests/dejagnu + +if ![info exists FTP] { + set FTP [findfile $objdir/../../appl/gssftp/ftp/ftp] +} + +if ![info exists FTPD] { + set FTPD [findfile $objdir/../../appl/gssftp/ftpd/ftpd] +} + +# If we do not have what is for a V4 test - return +if ![v4_compatible_enctype] { + return +} + +# Make sure .klogin is reasonable. +if ![check_k5login ftp] { + return +} + +# Set up the kerberos database. +if {![get_hostname] \ + || ![setup_kerberos_files] \ + || ![setup_kerberos_env] \ + || ![setup_kerberos_db 0]} { + return +} + +# A procedure to start up the ftp daemon. + +proc start_ftp_daemon { } { + global FTPD + global tmppwd + global ftpd_spawn_id + global ftpd_pid + + # The -p argument tells it to accept a single connection, so we + # don't need to use inetd. The 3021 is the port to listen at. + # We rely on KRB5_KTNAME being set to the proper keyfile as there is + # no way to cleanly set it with the gssapi API. + spawn $FTPD -p 3021 -r $tmppwd/krb.conf + set ftpd_spawn_id $spawn_id + set ftpd_pid [exp_pid] + + # Give the ftp daemon a few seconds to get set up. + catch "exec sleep 2" +} + +# A procedure to stop the ftp daemon. + +proc stop_ftp_daemon { } { + global ftpd_spawn_id + global ftpd_pid + + if [info exists ftpd_pid] { + catch "close -i $ftpd_spawn_id" + catch "exec kill $ftpd_pid" + catch "wait -i $ftpd_spawn_id" + unset ftpd_pid + } +} + +# Create a file to use for ftp testing. +set file [open tmpdir/ftp-test w] +puts $file "This file is used for ftp testing." +close $file + +# Test that a file was copied correctly. +proc check_file { filename } { + if ![file exists $filename] { + verbose "$filename does not exist" + send_log "$filename does not exist\n" + return 0 + } + + set file [open $filename r] + if { [gets $file line] == -1 } { + verbose "$filename is empty" + send_log "$filename is empty\n" + close $file + return 0 + } + + if ![string match "This file is used for ftp testing." $line] { + verbose "$filename contains $line" + send_log "$filename contains $line\n" + close $file + return 0 + } + + if { [gets $file line] != -1} { + verbose "$filename is too long ($line)" + send_log "$filename is too long ($line)\n" + close $file + return 0 + } + + close $file + + return 1 +} + +# +# Restore environment variables possibly set. +# +proc ftp_restore_env { } { + global env + global ftp_save_ktname + + catch "unset env(KRB5_KTNAME)" + if [info exists ftp_save_ktname] { + set env(KRB5_KTNAME) $ftp_save_ktname + unset ftp_save_ktname + } +} + +# Wrap the tests in a procedure, so that we can kill the daemons if +# we get some sort of error. + +proc v4ftp_test { } { + global FTP + global KEY + global hostname + global localhostname + global env + global ftpd_spawn_id + global ftpd_pid + global spawn_id + global tmppwd + global ftp_save_ktname + + # Start up the kerberos and kadmind daemons and get a srvtab and a + # ticket file. + if {![start_kerberos_daemons 0] \ + || ![add_random_key ftp/$hostname 0] \ + || ![setup_srvtab 0 ftp] \ + || ![add_kerberos_key $env(USER) 0] \ + || ![v4kinit $env(USER) $env(USER)$KEY 0]} { + return + } + + # + # Save settings of KRB5_KTNAME + # + if [info exists env(KRB5_KTNAME)] { + set ftp_save_ktname $env(KRB5_KTNAME) + } + + # + # set KRB5_KTNAME + # + set env(KRB5_KTNAME) FILE:$tmppwd/srvtab + verbose "KRB5_KTNAME=$env(KRB5_KTNAME)" + + # Start the ftp daemon. + start_ftp_daemon + + # Make an ftp client connection to it. + spawn $FTP $hostname 3021 + + expect_after { + timeout { + fail "$testname (timeout)" + catch "expect_after" + return + } + eof { + fail "$testname (eof)" + catch "expect_after" + return + } + } + + set testname "ftp connection(v4)" + expect -nocase "connected to $hostname" + expect -nocase -re "$localhostname.*ftp server .version \[0-9.\]*. ready." + expect -re "Using authentication type GSSAPI; ADAT must follow" + expect "GSSAPI accepted as authentication type" + expect "GSSAPI error major: Miscellaneous failure" + expect "GSSAPI error minor: Unsupported credentials cache format version number" + expect "GSSAPI error: initializing context" + expect "GSSAPI authentication failed" + expect -re "Using authentication type KERBEROS_V4; ADAT must follow" + expect { + "Kerberos V4 authentication succeeded" { pass "ftp authentication" } + eof { fail "ftp authentication" ; catch "expect_after" ; return } + "Kerberos V4 authentication failed" { fail "ftp authentication"; + send "quit\r"; catch "expect_after"; + return} + } + expect -nocase "name ($hostname:$env(USER)): " + send "$env(USER)\r" +# expect "User $env(USER) logged in." +# expect "Remote system type is UNIX." +# expect "Using binary mode to transfer files." + expect "ftp> " { + pass $testname + } + + set testname "binary(v4)" + send "binary\r" + expect "ftp> " { + pass $testname + } + + set testname "status(v4)" + send "status\r" + expect -nocase "connected to $hostname." + expect "Authentication type: KERBEROS_V4" + expect "ftp> " { + pass $testname + } + + set testname "ls(v4)" + send "ls $tmppwd/ftp-test\r" + expect -re "Opening ASCII mode data connection for .*ls." + expect -re ".* $tmppwd/ftp-test" + expect "ftp> " { + pass $testname + } + + set testname "nlist(v4)" + send "nlist $tmppwd/ftp-test\r" + expect -re "Opening ASCII mode data connection for file list." + expect -re "$tmppwd/ftp-test" + expect -re ".* Transfer complete." + expect "ftp> " { + pass $testname + } + + set testname "ls missing(v4)" + send "ls $tmppwd/ftp-testmiss\r" + expect -re "Opening ASCII mode data connection for .*ls." + expect { + -re "$tmppwd/ftp-testmiss not found" {} + -re "$tmppwd/ftp-testmiss: No such file or directory" + } + expect "ftp> " { + pass $testname + } + + + set testname "get(v4)" + catch "exec rm -f tmpdir/copy" + send "get $tmppwd/ftp-test $tmppwd/copy\r" + expect "Opening BINARY mode data connection for $tmppwd/ftp-test" + expect "Transfer complete" + expect -re "\[0-9\]+ bytes received in \[0-9.e-\]+ seconds" + expect "ftp> " + if [check_file tmpdir/copy] { + pass $testname + } else { + fail $testname + } + + set testname "put(v4)" + catch "exec rm -f tmpdir/copy" + send "put $tmppwd/ftp-test $tmppwd/copy\r" + expect "Opening BINARY mode data connection for $tmppwd/copy" + expect "Transfer complete" + expect -re "\[0-9\]+ bytes sent in \[0-9.e-\]+ seconds" + expect "ftp> " + if [check_file tmpdir/copy] { + pass $testname + } else { + fail $testname + } + + set testname "cd(v4)" + send "cd $tmppwd\r" + expect "CWD command successful." + expect "ftp> " { + pass $testname + } + + set testname "lcd(v4)" + send "lcd tmpdir\r" + expect "Local directory now $tmppwd" + expect "ftp> " { + pass $testname + } + + set testname "local get(v4)" + catch "exec rm -f tmpdir/copy" + send "get ftp-test copy\r" + expect "Opening BINARY mode data connection for ftp-test" + expect "Transfer complete" + expect -re "\[0-9\]+ bytes received in \[0-9.e-\]+ seconds" + expect "ftp> " + if [check_file tmpdir/copy] { + pass $testname + } else { + fail $testname + } + + set testname "start encryption(v4)" + send "private\r" + expect "Data channel protection level set to private" + expect "ftp> " { + pass $testname + } + + set testname "status(v4)" + send "status\r" + expect "Protection Level: private" + expect "ftp> " { + pass $testname + } + + set testname "encrypted get(v4)" + catch "exec rm -f tmpdir/copy" + send "get ftp-test copy\r" + expect "Opening BINARY mode data connection for ftp-test" + expect "Transfer complete" + expect { + -re "\[0-9\]+ bytes received in \[0-9.e-\]+ seconds" {} + -re "krb_rd_priv failed for KERBEROS_V4" { + fail $testname + send "quit\r" + catch "expect_after" + return + } + } + expect "ftp> " + if [check_file tmpdir/copy] { + pass $testname + } else { + fail $testname + } + + set testname "close(v4)" + send "close\r" + expect "Goodbye." + expect "ftp> " + set status_list [wait -i $ftpd_spawn_id] + verbose "wait -i $ftpd_spawn_id returned $status_list ($testname)" + catch "close -i $ftpd_spawn_id" + if { [lindex $status_list 2] != 0 || [lindex $status_list 3] != 0 } { + send_log "exit status: $status_list\n" + verbose "exit status: $status_list" + fail $testname + } else { + pass $testname + unset ftpd_pid + } + + set testname "quit(v4)" + send "quit\r" + expect "\r" + if [check_exit_status $testname] { + pass $testname + } + +} + +# The ftp client will look in $HOME/.netrc for the user name to use. +# To avoid confusing the testsuite, point $HOME at a directory where +# we know there is no .netrc file. +if [info exists env(HOME)] { + set home $env(HOME) +} elseif [info exists home] { + unset home +} +set env(HOME) $tmppwd + +# Run the test. Logging in sometimes takes a while, so increase the +# timeout. +set oldtimeout $timeout +set timeout 60 +set status [catch v4ftp_test msg] +set timeout $oldtimeout + +# Shut down the kerberos daemons and the ftp daemon. +stop_kerberos_daemons + +stop_ftp_daemon + +ftp_restore_env + +# Reset $HOME, for safety in case we are going to run more tests. +if [info exists home] { + set env(HOME) $home +} else { + unset env(HOME) +} + +if { $status != 0 } { + send_error "ERROR: error in ftp.exp\n" + send_error "$msg\n" + exit 1 +} -- 2.26.2