xref: /freebsd-9.3-release/crypto/heimdal/tests/kdc/check-iprop.in

#!/bin/sh
#
# Copyright (c) 2006 - 2007 Kungliga Tekniska H�gskolan
# (Royal Institute of Technology, Stockholm, Sweden). 
# All rights reserved. 
#
# Redistribution and use in source and binary forms, with or without 
# modification, are permitted provided that the following conditions 
# are met: 
#
# 1. Redistributions of source code must retain the above copyright 
#    notice, this list of conditions and the following disclaimer. 
#
# 2. Redistributions in binary form must reproduce the above copyright 
#    notice, this list of conditions and the following disclaimer in the 
#    documentation and/or other materials provided with the distribution. 
#
# 3. Neither the name of the Institute nor the names of its contributors 
#    may be used to endorse or promote products derived from this software 
#    without specific prior written permission. 
#
# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
# ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
# SUCH DAMAGE. 
#
# $Id$
#

srcdir="@srcdir@"
objdir="@objdir@"
EGREP="@EGREP@"

# If there is no useful db support compile in, disable test
../db/have-db || exit 77

# Dont run this test in AFS, since it lacks support for AF_UNIX
expr "X`/bin/pwd || pwd`" : "X/afs/.*" > /dev/null 2>/dev/null && exit 77

R=TEST.H5L.SE

port=@port@

cache="FILE:${objdir}/cache.krb5"
keytabfile=${objdir}/iprop.keytab
keytab="FILE:${keytabfile}"

kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port"
kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -r $R"
ipropdslave="${TESTS_ENVIRONMENT} ../../lib/kadm5/ipropd-slave"
ipropdmaster="${TESTS_ENVIRONMENT} ../../lib/kadm5/ipropd-master"
iproplog="${TESTS_ENVIRONMENT} ../../lib/kadm5/iprop-log"

kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog"

KRB5_CONFIG="${objdir}/krb5.conf"
export KRB5_CONFIG

rm -f ${keytabfile}
rm -f current-db*
rm -f current*.log
rm -f out-*
rm -f mkey.file*
rm -f messages.log

> messages.log

echo Creating database
${kadmin} -l \
    init \
    --realm-max-ticket-life=1day \
    --realm-max-renewable-life=1month \
    ${R} || exit 1

${kadmin} -l add -p foo --use-defaults user@${R} || exit 1

${kadmin} -l add --random-key --use-defaults iprop/localhost@${R} || exit 1
${kadmin} -l ext -k ${keytab} iprop/localhost@${R} || exit 1
${kadmin} -l add --random-key --use-defaults iprop/slave@${R} || exit 1
${kadmin} -l ext -k ${keytab} iprop/slave@${R} || exit 1

echo foo > ${objdir}/foopassword

# -- foo
ipds=
ipdm=
kdcpid=

> iprop-stats
trap "echo 'killing ipropd s + m + kdc'; kill \${ipdm} \${ipds} \${kdcpid} >/dev/null 2>/dev/null; tail messages.log ; tail iprop-stats; exit 1;" EXIT

echo Starting kdc
${kdc} &
kdcpid=$!

sh ${srcdir}/wait-kdc.sh || exit 1

echo "starting master"
${ipropdmaster} --hostname=localhost -k ${keytab} \
    --database=${objdir}/current-db &
ipdm=$!
sh ${srcdir}/wait-kdc.sh ipropd-master || exit 1

echo "starting slave"
KRB5_CONFIG="${objdir}/krb5-slave.conf" \
${ipropdslave} --hostname=slave -k ${keytab} localhost &
ipds=$!
sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1

echo "checking slave is up"
${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1

# ----------------- checking: pushing lives changes

echo "Add host"
${kadmin} -l add --random-key --use-defaults host/foo@${R} || exit 1
sleep 2
KRB5_CONFIG="${objdir}/krb5-slave.conf" \
${kadmin} -l get host/foo@${R} > /dev/null || exit 1

echo "Rename host"
${kadmin} -l rename host/foo@${R} host/bar@${R} || exit 1
sleep 2
KRB5_CONFIG="${objdir}/krb5-slave.conf" \
${kadmin} -l get host/foo@${R} > /dev/null 2>/dev/null && exit 1
KRB5_CONFIG="${objdir}/krb5-slave.conf" \
${kadmin} -l get host/bar@${R} > /dev/null || exit 1

echo "Delete host"
${kadmin} -l delete host/bar@${R} || exit 1
sleep 2
KRB5_CONFIG="${objdir}/krb5-slave.conf" \
${kadmin} -l get host/bar@${R} > /dev/null 2>/dev/null && exit 1

echo "kill slave"
> iprop-stats
kill ${ipds}
sleep 2

${EGREP} 'iprop/slave@TEST.H5L.SE.*Down' iprop-stats >/dev/null || exit 1

# ----------------- checking: slave is missing changes while down

echo "doing changes while slave is down"
${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1
${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1

echo "Makeing a copy of the master log file"
cp ${objdir}/current.log ${objdir}/current.log.tmp

# ----------------- checking: checking that master and slaves resyncs

echo "starting slave again"
> iprop-stats
> messages.log
KRB5_CONFIG="${objdir}/krb5-slave.conf" \
${ipropdslave} --hostname=slave -k ${keytab} localhost &
ipds=$!
sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1

echo "checking slave is up again"
${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1
echo "checking for replay problems"
${EGREP} 'Entry already exists in database' messages.log && exit 1

echo "kill slave and remove log and database"
kill ${ipds}
sleep 2

rm current.slave.log current-db.slave* || exit 1
> iprop-stats
> messages.log
KRB5_CONFIG="${objdir}/krb5-slave.conf" \
${ipropdslave} --hostname=slave -k ${keytab} localhost &
ipds=$!
sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1

echo "checking slave is up again"
${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1
echo "checking for replay problems"
${EGREP} 'Entry already exists in database' messages.log && exit 1

# ----------------- checking: checking live truncation of master log

${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1
sleep 2

echo "live truncate on master log"
${iproplog} truncate || exit 1
sleep 2

echo "Killing master and slave"
kill ${ipdm} ${ipds} >/dev/null 2>/dev/null

sleep 2
${EGREP} "^master down at " iprop-stats > /dev/null || exit 1

echo "compare versions on master and slave logs"
KRB5_CONFIG=${objdir}/krb5-slave.conf \
${iproplog} last-version > slave-last.tmp
${iproplog} last-version > master-last.tmp
cmp master-last.tmp slave-last.tmp || exit 1

# ----------------- checking: master going backward
> iprop-stats
> messages.log

echo "Going back to old version of the master log file"
cp ${objdir}/current.log.tmp ${objdir}/current.log

echo "starting master"
${ipropdmaster} --hostname=localhost -k ${keytab} \
    --database=${objdir}/current-db &
ipdm=$!
sh ${srcdir}/wait-kdc.sh ipropd-master || exit 1

echo "starting slave"
KRB5_CONFIG="${objdir}/krb5-slave.conf" \
${ipropdslave} --hostname=slave -k ${keytab} localhost &
ipds=$!
sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1

echo "checking slave is up again"
${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1
echo "checking for replay problems"
${EGREP} 'Entry already exists in database' messages.log && exit 1

echo "pushing one change"
${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1
sleep 2

trap "" EXIT
kill ${ipdm} ${ipds} ${kdcpid}

echo "compare versions on master and slave logs"
KRB5_CONFIG=${objdir}/krb5-slave.conf \
${iproplog} last-version > slave-last.tmp
${iproplog} last-version > master-last.tmp
cmp master-last.tmp slave-last.tmp || exit 1

exit $ec