From 72449bf93b648911e83e17c83dcdf2e65340b7b0 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Wed, 12 Nov 2008 21:49:35 +0000 Subject: [PATCH] Add basic kprop test, and a little more debugging support git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21078 dc483132-0cff-0310-8789-dd5450dbe970 --- src/tests/dejagnu/config/default.exp | 18 ++- src/tests/dejagnu/krb-standalone/kprop.exp | 164 +++++++++++++++++++++ 2 files changed, 179 insertions(+), 3 deletions(-) create mode 100644 src/tests/dejagnu/krb-standalone/kprop.exp diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp index 138a391d6..9e6320728 100644 --- a/src/tests/dejagnu/config/default.exp +++ b/src/tests/dejagnu/config/default.exp @@ -413,9 +413,10 @@ file delete $tmppwd/krb5.conf $tmppwd/kdc.conf $tmppwd/krb.realms $tmppwd/krb.co proc delete_db {} { global tmppwd file delete $tmppwd/kdc-db $tmppwd/kdc-db.ok $tmppwd/kdc-db.kadm5 \ - $tmppwd/kdc-db.ulog \ $tmppwd/kdc-db.kadm5.lock \ - $tmppwd/slave-db \ + $tmppwd/kdc-db.ulog \ + $tmppwd/slave-db $tmppwd/slave-db.ok $tmppwd/slave-db.kadm5 $tmppwd/slave-db.kadm5.lock \ + $tmppwd/slave-db~ $tmppwd/slave-db~.ok $tmppwd/slave-db~.kadm5 $tmppwd/slave-db~.kadm5.lock \ $tmppwd/srvtab $tmppwd/cpw_srvtab } @@ -463,6 +464,8 @@ foreach i { {T_INETD $objdir/t_inetd} {KPROPLOG $objdir/../../slave/kproplog} {KPASSWD $objdir/../../clients/kpasswd/kpasswd} + {KPROPD $objdir/../../slave/kpropd} + {KPROP $objdir/../../slave/kprop} } { set varname [lindex $i 0] if ![info exists $varname] { @@ -812,6 +815,7 @@ proc modify_principal { name args } { # client tries +1 and +6 # kadmind +4 # kpasswd +5 +# (nothing) +6 # krb524 +7 # application servers (krlogind, telnetd, krshd, ftpd, etc) +8 # iprop +9 (if enabled) @@ -2798,11 +2802,19 @@ proc krb_exit { } { } # helpful sometimes for debugging the test suite -proc spawn_xterm { } { +proc export_debug_envvars { } { global env foreach i {KDB5_UTIL KRB5KDC KADMIND KADMIN KADMIN_LOCAL KINIT KTUTIL KLIST RLOGIN RLOGIND FTP FTPD KPASSWD REALMNAME GSSCLIENT} { global $i if [info exists $i] { set env($i) [set $i] } } +} +proc spawn_xterm { } { + export_debug_envvars exec "xterm" } +proc spawn_shell { } { + export_debug_envvars + spawn "sh" + exp_interact +} diff --git a/src/tests/dejagnu/krb-standalone/kprop.exp b/src/tests/dejagnu/krb-standalone/kprop.exp new file mode 100644 index 000000000..f65bdd9b7 --- /dev/null +++ b/src/tests/dejagnu/krb-standalone/kprop.exp @@ -0,0 +1,164 @@ +# Password-changing Kerberos test. +# This is a DejaGnu test script. + +# We are about to start up a couple of daemon processes. We do all +# the rest of the tests inside a proc, so that we can easily kill the +# processes when the procedure ends. + +proc setup_slave {} { + global tmppwd hostname REALMNAME + file delete $tmppwd/slave-stash $tmppwd/slave-acl + file copy -force $tmppwd/stash:foo $tmppwd/slave-stash + file copy -force $tmppwd/acl $tmppwd/slave-acl + if ![file exists $tmppwd/kpropdacl] { + set aclfile [open $tmppwd/kpropd-acl w] + puts $aclfile "host/$hostname@$REALMNAME" + close $aclfile + } + file copy -force $tmppwd/adb.lock $tmppwd/slave-adb.lock + foreach suffix { {} .kadm5 .kadm5.lock .ok } { + file copy -force $tmppwd/kdc-db$suffix $tmppwd/slave-db$suffix + } +} + +proc start_kpropd {} { + global kpropd_pid kpropd_spawn_id KPROPD T_INETD KDB5_UTIL portbase tmppwd + global spawn_id + + envstack_push + setup_kerberos_env slave +# spawn $T_INETD [expr 10 + $portbase] $KPROPD -f $tmppwd/incoming-slave-datatrans -p $KDB5_UTIL + spawn $KPROPD -S -d -P [expr 10 + $portbase] -s $tmppwd/srvtab -f $tmppwd/incoming-slave-datatrans -p $KDB5_UTIL -a $tmppwd/kpropd-acl +# spawn strace -o /tmp/3 -f $KPROPD -S -d -P [expr 10 + $portbase] -s $tmppwd/srvtab -f $tmppwd/incoming-slave-datatrans -p $KDB5_UTIL -a $tmppwd/kpropd-acl + set kpropd_pid [exp_pid] + set kpropd_spawn_id $spawn_id + envstack_pop +} + +proc scan_kpropd_output {} { + global timeout kpropd_spawn_id + + # See if kpropd logged anything. + set timeout 1 + expect { + -i $kpropd_spawn_id + eof { + fail "kprop (server exited)" + return + } + timeout { } + -re "Connection from \[a-zA-Z.-\]*" { } + -re "krb5_recvauth" { } + -re "Rejected connection" { + fail "kprop (rejected)" + return + } + } +} + +proc doit { } { + global KLIST KDESTROY + global REALMNAME KEY + global KADMIN_LOCAL KTUTIL KDB5_UTIL KPROPLOG KPROP kpropd_spawn_id + global hostname tmppwd spawn_id timeout + global KRBIV supported_enctypes portbase mode ulog des3_krbtgt + + # Delete any db, ulog files + delete_db + + # Initialize the Kerberos database. The argument tells + # setup_kerberos_db that it is being called from here. + if ![setup_kerberos_db 0] { + return + } + setup_slave + if ![start_kerberos_daemons 0] { + return + } + if ![add_random_key host/$hostname 0] { + fail "kprop (host key)" + return + } + if ![setup_srvtab 0] { + fail "kprop (srvtab)" + return + } + + # Get kprop server up and running. + envstack_push + setup_kerberos_env slave + start_kpropd + envstack_pop + + # Use kadmin to add a key. + if ![add_kerberos_key wakawaka 0] { + return + } + + # Dump master database. + envstack_push + setup_kerberos_env kdc + spawn $KDB5_UTIL dump $tmppwd/slave_datatrans + expect eof + if ![check_exit_status "kprop (kdb5_util dump)"] { return } + + # Just in case kpropd is a little slow in starting up... + sleep 1 + + # Try a propagation. + spawn $KPROP -f $tmppwd/slave_datatrans -P [expr 10 + $portbase] -s $tmppwd/srvtab $hostname + expect eof + set kprop_exit [check_exit_status "kprop (exit status)"] + # log output for debugging + scan_kpropd_output + if !$kprop_exit { return } + + # Examine new database. + setup_kerberos_env slave + spawn $KADMIN_LOCAL -r $REALMNAME -q listprincs + expect { + wakawaka@ { + expect eof + } + eof { + fail "kprop (updated slave data)" + return + } + timeout { + fail "kprop (examining new db)" + return + } + } + pass "kprop" +} + +run_once kprop { + catch "unset kpropd_pid" + catch "unset kpropd_spawn_id" + + # Set up the Kerberos files and environment. + if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} { + return + } + + set status [catch doit msg] + + stop_kerberos_daemons + + # if kpropd is running, kill it + if [info exists kpropd_pid] { + catch { + exec kill $kpropd_pid + expect -i $kpropd_spawn_id eof + wait -i $kpropd_spawn_id + } + } + + delete_db + + if { $status != 0 } { + send_error "ERROR: error in kprop.exp\n" + send_error "$msg\n" + exit 1 + } +} -- 2.26.2