1#!/bin/sh 2# 3# Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan 4# (Royal Institute of Technology, Stockholm, Sweden). 5# All rights reserved. 6# 7# Redistribution and use in source and binary forms, with or without 8# modification, are permitted provided that the following conditions 9# are met: 10# 11# 1. Redistributions of source code must retain the above copyright 12# notice, this list of conditions and the following disclaimer. 13# 14# 2. Redistributions in binary form must reproduce the above copyright 15# notice, this list of conditions and the following disclaimer in the 16# documentation and/or other materials provided with the distribution. 17# 18# 3. Neither the name of the Institute nor the names of its contributors 19# may be used to endorse or promote products derived from this software 20# without specific prior written permission. 21# 22# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32# SUCH DAMAGE. 33 34top_builddir="@top_builddir@" 35env_setup="@env_setup@" 36objdir="@objdir@" 37 38testfailed="echo test failed; cat messages.log; exit 1" 39 40. ${env_setup} 41 42# If there is no useful db support compile in, disable test 43${have_db} || exit 77 44 45R=TEST.H5L.SE 46R2=TEST2.H5L.SE 47 48port=@port@ 49 50kadmin="${kadmin} -l -r $R" 51kdc="${kdc} --addresses=localhost -P $port" 52 53afsserver=afs/test.h5l.se 54hostserver=host/server.test.h5l.se 55cache="FILE:${objdir}/cache.krb5" 56 57kinit="${kinit} -c $cache ${afs_no_afslog}" 58klist="${klist} -c $cache" 59kgetcred="${kgetcred} -c $cache" 60kdestroy="${kdestroy} -c $cache ${afs_no_unlog}" 61 62KRB5_CONFIG="${objdir}/krb5.conf" 63export KRB5_CONFIG 64 65rm -f ${keytabfile} 66rm -f current-db* 67rm -f out-* 68rm -f mkey.file* 69 70> messages.log 71 72echo Creating database 73${kadmin} \ 74 init \ 75 --realm-max-ticket-life=1day \ 76 --realm-max-renewable-life=1month \ 77 ${R} || exit 1 78 79${kadmin} \ 80 init \ 81 --realm-max-ticket-life=1day \ 82 --realm-max-renewable-life=1month \ 83 ${R2} || exit 1 84 85${kadmin} cpw -r krbtgt/${R}@${R} || exit 1 86 87${kadmin} add -p foo --use-defaults foo@${R} || exit 1 88${kadmin} add -p kaka --use-defaults ${afsserver}@${R} || exit 1 89${kadmin} add -p kaka --use-defaults ${hostserver}@${R} || exit 1 90${kadmin} add_enctype -r ${afsserver}@${R} des-cbc-crc || exit 1 91${kadmin} add_enctype -r ${hostserver}@${R} des-cbc-crc || exit 1 92 93echo "Doing database check" 94${kadmin} check ${R} || exit 1 95 96echo foo > ${objdir}/foopassword 97 98echo Starting kdc 99${kdc} & 100kdcpid=$! 101 102sh ${wait_kdc} 103if [ "$?" != 0 ] ; then 104 kill -9 ${kdcpid} 105 exit 1 106fi 107 108trap "kill -9 ${kdcpid}; echo signal killing kdc; exit 1;" EXIT 109 110ec=0 111 112echo "Getting client initial tickets"; > messages.log 113${kinit} --password-file=${objdir}/foopassword foo@$R || \ 114 { ec=1 ; eval "${testfailed}"; } 115echo "Getting non des tickets (afs)"; > messages.log 116${kgetcred} ${afsserver}@${R} || { ec=1 ; eval "${testfailed}"; } 117${klist} -v | grep des-cbc-crc > /dev/null && { ec=1 ; eval "${testfailed}"; } 118echo "Getting non des tickets (host/)"; > messages.log 119${kgetcred} ${hostserver}@${R} || { ec=1 ; eval "${testfailed}"; } 120${klist} -v | grep des-cbc-crc > /dev/null && { ec=1 ; eval "${testfailed}"; } 121${kdestroy} 122 123 124echo "Getting client initial tickets"; > messages.log 125${kinit} --password-file=${objdir}/foopassword foo@$R || \ 126 { ec=1 ; eval "${testfailed}"; } 127echo "Getting des tickets (fail test)"; > messages.log 128${kgetcred} -e des-cbc-crc ${hostserver}@${R} 2>/dev/null && \ 129 { ec=1 ; eval "${testfailed}"; } 130echo "Getting non des tickets"; > messages.log 131${kgetcred} ${afsserver}@${R} || { ec=1 ; eval "${testfailed}"; } 132${klist} -v | grep des-cbc-crc > /dev/null && { ec=1 ; eval "${testfailed}"; } 133 134 135KRB5_CONFIG="${objdir}/krb5-weak.conf" 136 137echo "Getting client initial tickets"; > messages.log 138${kinit} --password-file=${objdir}/foopassword foo@$R || \ 139 { ec=1 ; eval "${testfailed}"; } 140 141echo "Getting non des tickets (host/), failure test"; > messages.log 142${kgetcred} -e des-cbc-crc ${hostserver}@${R} 2>/dev/null && \ 143 { ec=1 ; eval "${testfailed}"; } 144${klist} -v | grep des-cbc-crc > /dev/null && { ec=1 ; eval "${testfailed}"; } 145 146echo "Getting des tickets (afs)"; > messages.log 147${kgetcred} -e des-cbc-crc ${afsserver}@${R} || { ec=1 ; eval "${testfailed}"; } 148${klist} -v | grep des-cbc-crc > /dev/null || { ec=1 ; eval "${testfailed}"; } 149 150${kdestroy} 151 152 153 154${kdestroy} 155 156echo "killing kdc (${kdcpid})" 157sh ${leaks_kill} kdc $kdcpid || exit 1 158 159trap "" EXIT 160 161exit $ec 162