From 7eda584262e95eb5d5e7b646c243d518d8a25242 Mon Sep 17 00:00:00 2001 From: Paul Park Date: Mon, 22 May 1995 19:45:02 +0000 Subject: [PATCH] Add gssapi.exp git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5846 dc483132-0cff-0310-8789-dd5450dbe970 --- src/tests/dejagnu/krb-standalone/.Sanitize | 1 + src/tests/dejagnu/krb-standalone/ChangeLog | 4 + src/tests/dejagnu/krb-standalone/gssapi.exp | 415 ++++++++++++++++++++ 3 files changed, 420 insertions(+) create mode 100644 src/tests/dejagnu/krb-standalone/gssapi.exp diff --git a/src/tests/dejagnu/krb-standalone/.Sanitize b/src/tests/dejagnu/krb-standalone/.Sanitize index 220d13be3..0d683ae69 100644 --- a/src/tests/dejagnu/krb-standalone/.Sanitize +++ b/src/tests/dejagnu/krb-standalone/.Sanitize @@ -23,6 +23,7 @@ Do-first: Things-to-keep: +gssapi.exp kadmin.exp rcp.exp rsh.exp diff --git a/src/tests/dejagnu/krb-standalone/ChangeLog b/src/tests/dejagnu/krb-standalone/ChangeLog index 4c1e0068f..2b1043261 100644 --- a/src/tests/dejagnu/krb-standalone/ChangeLog +++ b/src/tests/dejagnu/krb-standalone/ChangeLog @@ -1,4 +1,8 @@ +Mon May 22 15:44:09 EDT 1995 Paul Park (pjpark@mit.edu) + * gssapi.exp - Add dejagnu test for GSS-API client and server. + + Thu May 11 12:25:38 EDT 1995 Paul Park (pjpark@mit.edu) Add kadmin.exp for kadmin tests. diff --git a/src/tests/dejagnu/krb-standalone/gssapi.exp b/src/tests/dejagnu/krb-standalone/gssapi.exp new file mode 100644 index 000000000..b58cb0853 --- /dev/null +++ b/src/tests/dejagnu/krb-standalone/gssapi.exp @@ -0,0 +1,415 @@ +# Test for the GSS-API. +# This is a DejaGnu test script. +# This script tests that the GSS-API tester functions correctly. + +# This mostly just calls procedures in test/dejagnu/config/default.exp. + +if ![info exists KDESTROY] { + set KDESTROY [findfile $objdir/../../clients/kdestroy/kdestroy] +} + +if ![info exists GSSCLIENT] { + set GSSCLIENT [findfile $objdir/../../appl/gss-sample/gss-client] +} + +if ![info exists GSSSERVER] { + set GSSSERVER [findfile $objdir/../../appl/gss-sample/gss-server] +} + +# Set up the Kerberos files and environment. +if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} { + return +} + +# Initialize the Kerberos database. The argument tells +# setup_kerberos_db that it is being called from here. +if ![setup_kerberos_db 0] { + return +} + +# +# Like kinit in default.exp, but allows us to specify a different ccache. +# +proc our_kinit { name pass ccache } { + global KINIT + global spawn_id + + # Use kinit to get a ticket. + spawn $KINIT -c $ccache $name@KRBTEST.COM + expect { + "Password for $name@KRBTEST.COM:" { + verbose "kinit started" + } + timeout { + fail "kinit" + return 0 + } + eof { + fail "kinit" + return 0 + } + } + send "$pass\r" + # This last expect seems useless, but without it the test hangs on + # AIX. + expect { + "\r" { } + } + if ![check_exit_status kinit] { + return 0 + } + + return 1 +} + +# +# Destroys a particular ccache. +# +proc our_kdestroy { ccache } { + global KDESTROY + global spawn_id + + spawn $KDESTROY -c $ccache + if ![check_exit_status "kdestroy"] { + return 0 + } + return 1 +} + +# +# Stops the gss-server. +# +proc stop_gss_server { } { + global gss_server_pid + global gss_server_spawn_id + + if [info exists gss_server_pid] { + catch "close -i $gss_server_spawn_id" + catch "exec kill $gss_server_pid" + wait -i $gss_server_spawn_id + unset gss_server_pid + } +} + +# +# Restore environment variables possibly set. +# +proc gss_restore_env { } { + global env + global gss_save_ccname + global gss_save_ktname + + catch "unset env(KRB5CCNAME)" + if [info exists gss_save_ccname] { + set env(KRB5CCNAME) $gss_save_ccname + unset gss_save_ccname + } + catch "unset env(KRB5_KTNAME)" + if [info exists gss_save_ktname] { + set env(KRB5_KTNAME) $gss_save_ktname + unset gss_save_ktname + } +} + +proc doit { } { + global env + global KLIST + global KDESTROY + global KEY + global GSSTEST + global GSSSERVER + global GSSCLIENT + global hostname + global tmppwd + global spawn_id + global timeout + global gss_server_pid + global gss_server_spawn_id + global gss_save_ccname + global gss_save_ktname + + # Start up the kerberos and kadmind daemons. + if ![start_kerberos_daemons 0] { + fail gsstest + return + } + + # Use kadmin to add a key for us. + if ![add_kerberos_key gsstest0 0] { + fail gsstest + return + } + + # Use kadmin to add a key for us. + if ![add_kerberos_key gsstest1 0] { + fail gsstest + return + } + + # Use kadmin to add a key for us. + if ![add_kerberos_key gsstest2 0] { + fail gsstest + return + } + + # Use kadmin to add a key for us. + if ![add_kerberos_key gsstest3 0] { + fail gsstest + return + } + + # Use kadmin to add a service key for us. + if ![add_random_key gssservice/$hostname 0] { + fail gsstest + return + } + + # Use kdb5_edit to create a srvtab entry for gssservice + if ![setup_srvtab 0 gssservice] { + fail gsstest + return + } + + catch "exec rm -f $tmppwd/gss_tk_0 $tmppwd/gss_tk_1 $tmppwd/gss_tk_2 $tmppwd/gss_tk_3" + + # Use kinit to get a ticket. + if ![our_kinit gsstest0 gsstest0$KEY $tmppwd/gss_tk_0] { + fail gsstest + return + } + + # Use kinit to get a ticket. + if ![our_kinit gsstest1 gsstest1$KEY $tmppwd/gss_tk_1] { + fail gsstest + return + } + + # Use kinit to get a ticket. + if ![our_kinit gsstest2 gsstest2$KEY $tmppwd/gss_tk_2] { + fail gsstest + return + } + + # Use kinit to get a ticket. + if ![our_kinit gsstest3 gsstest3$KEY $tmppwd/gss_tk_3] { + fail gsstest + return + } + + # + # Save settings of KRB5CCNAME and KRB5_KTNAME + # + if [info exists env(KRB5CCNAME)] { + set gss_save_ccname $env(KRB5CCNAME) + } + if [info exists env(KRB5_KTNAME)] { + set gss_save_ktname $env(KRB5_KTNAME) + } + + # + # set KRB5CCNAME and KRB5_KTNAME + # + set env(KRB5_KTNAME) FILE:$tmppwd/srvtab + verbose "KRB5_KTNAME=$env(KRB5_KTNAME)" + + # Now start the gss-server. + spawn $GSSSERVER -port 5556 gssservice@$hostname + set gss_server_pid [exp_pid] + set gss_server_spawn_id $spawn_id + catch "exec sleep 4" + + # Start the client with client identity 0 + set env(KRB5CCNAME) $tmppwd/gss_tk_0 + verbose "KRB5CCNAME=$env(KRB5CCNAME)" + spawn $GSSCLIENT -port 5556 $hostname gssservice@$hostname "message from gsstest0" + expect_after -i $spawn_id { + timeout { + fail gssclient0 + catch "expect_after" + return + } + eof { + fail gssclient0 + catch "expect_after" + return + } + } + expect -i $spawn_id "Signature verified" + catch "expect_after" + expect_after -i $gss_server_spawn_id { + timeout { + fail gssclient0 + catch "expect_after" + return + } + eof { + fail gssclient0 + catch "expect_after" + return + } + } + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@KRBTEST.COM\" at" + expect -i $gss_server_spawn_id "Received message: \"message from gsstest0\"" + catch "expect_after" + if ![check_exit_status gssclient0] { + fail gssclient0 + return + } + pass gssclient0 + + # Start the client with client identity 1 + set env(KRB5CCNAME) $tmppwd/gss_tk_1 + verbose "KRB5CCNAME=$env(KRB5CCNAME)" + spawn $GSSCLIENT -port 5556 $hostname gssservice@$hostname "message from gsstest1" + expect_after -i $spawn_id { + timeout { + fail gssclient1 + catch "expect_after" + return + } + eof { + fail gssclient1 + catch "expect_after" + return + } + } + expect -i $spawn_id "Signature verified" + catch "expect_after" + expect_after -i $gss_server_spawn_id { + timeout { + fail gssclient1 + catch "expect_after" + return + } + eof { + fail gssclient1 + catch "expect_after" + return + } + } + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@KRBTEST.COM\" at" + expect -i $gss_server_spawn_id "Received message: \"message from gsstest1\"" + catch "expect_after" + if ![check_exit_status gssclient1] { + fail gssclient1 + return + } + pass gssclient1 + + # Start the client with client identity 2 + set env(KRB5CCNAME) $tmppwd/gss_tk_2 + verbose "KRB5CCNAME=$env(KRB5CCNAME)" + spawn $GSSCLIENT -port 5556 $hostname gssservice@$hostname "message from gsstest2" + expect_after -i $spawn_id { + timeout { + fail gssclient2 + catch "expect_after" + return + } + eof { + fail gssclient2 + catch "expect_after" + return + } + } + expect -i $spawn_id "Signature verified" + catch "expect_after" + expect_after -i $gss_server_spawn_id { + timeout { + fail gssclient2 + catch "expect_after" + return + } + eof { + fail gssclient2 + catch "expect_after" + return + } + } + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@KRBTEST.COM\" at" + expect -i $gss_server_spawn_id "Received message: \"message from gsstest2\"" + catch "expect_after" + if ![check_exit_status gssclient2] { + fail gssclient2 + return + } + pass gssclient2 + + # Start the client with client identity 3 + set env(KRB5CCNAME) $tmppwd/gss_tk_3 + verbose "KRB5CCNAME=$env(KRB5CCNAME)" + spawn $GSSCLIENT -port 5556 $hostname gssservice@$hostname "message from gsstest3" + expect_after -i $gss_server_spawn_id { + timeout { + fail gssclient3 + catch "expect_after" + return + } + eof { + fail gssclient3 + catch "expect_after" + return + } + } + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@KRBTEST.COM\" at" + expect -i $gss_server_spawn_id "Received message: \"message from gsstest3\"" + catch "expect_after" + expect_after -i $spawn_id { + timeout { + fail gssclient3 + catch "expect_after" + return + } + eof { + fail gssclient3 + catch "expect_after" + return + } + } + expect -i $spawn_id "Signature verified" + catch "expect_after" + if ![check_exit_status gssclient3] { + fail gssclient3 + return + } + pass gssclient3 + + stop_gss_server + gss_restore_env + + if ![our_kdestroy $tmppwd/gss_tk_0] { + fail gsstest + return + } + + if ![our_kdestroy $tmppwd/gss_tk_1] { + fail gsstest + return + } + + if ![our_kdestroy $tmppwd/gss_tk_2] { + fail gsstest + return + } + + if ![our_kdestroy $tmppwd/gss_tk_3] { + fail gsstest + return + } + + catch "exec rm -f $tmppwd/gss_tk_0 $tmppwd/gss_tk_1 $tmppwd/gss_tk_2 $tmppwd/gss_tk_3" + + return +} + +set status [catch doit msg] + +stop_gss_server +gss_restore_env +stop_kerberos_daemons + +if { $status != 0 } { + send_error "ERROR: error in gssapi.exp\n" + send_error "$msg\n" + exit 1 +} -- 2.26.2