1#!/bin/sh 2# 3# Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan 4# (Royal Institute of Technology, Stockholm, Sweden). 5# All rights reserved. 6# 7# Redistribution and use in source and binary forms, with or without 8# modification, are permitted provided that the following conditions 9# are met: 10# 11# 1. Redistributions of source code must retain the above copyright 12# notice, this list of conditions and the following disclaimer. 13# 14# 2. Redistributions in binary form must reproduce the above copyright 15# notice, this list of conditions and the following disclaimer in the 16# documentation and/or other materials provided with the distribution. 17# 18# 3. Neither the name of the Institute nor the names of its contributors 19# may be used to endorse or promote products derived from this software 20# without specific prior written permission. 21# 22# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32# SUCH DAMAGE. 33 34env_setup="@env_setup@" 35confdir="@confdir@" 36testdir="@testdir@" 37 38. ${env_setup} 39 40# If there is no useful db support compile in, disable test 41${have_db} || exit 77 42 43testfailed="echo test failed; cat messages.log; exit \$ec" 44 45# If there is no useful db support compile in, disable test 46${have_db} || exit 77 47 48R=TEST.H5L.SE 49R2=TEST2.H5L.SE 50 51port=@port@ 52pwport=@pwport@ 53 54logfile=${testdir}/messages.log 55 56kadmin="${kadmin} -l -r $R" 57kdc="${kdc} --addresses=localhost -P $port" 58kpasswdd="${kpasswdd} --addresses=localhost -p $pwport" 59 60server=host/datan.test.h5l.se 61cache="FILE:${testdir}/cache.krb5" 62keytabfile=${testdir}/server.keytab 63keytab="FILE:${keytabfile}" 64 65kinit="${kinit} -c $cache ${afs_no_afslog}" 66klist="${klist} -c $cache" 67kgetcred="${kgetcred} -c $cache" 68kdestroy="${kdestroy} -c $cache ${afs_no_unlog}" 69 70KRB5_CONFIG="${confdir}/krb5.conf" 71export KRB5_CONFIG 72 73mkdir ${testdir} 74 75rm -f ${testdir}/${keytabfile} 76rm -f ${testdir}/current-db* 77rm -f ${testdir}/out-* 78rm -f ${testdir}/mkey.file* 79 80> ${logfile} 81 82echo "Creating database for $R" 83${kadmin} \ 84 init \ 85 --realm-max-ticket-life=1day \ 86 --realm-max-renewable-life=1month \ 87 ${R} || exit 1 88 89${kadmin} add -p foo --use-defaults foo@${R} || exit 1 90${kadmin} add -p kaka --use-defaults ${server}@${R} || exit 1 91${kadmin} ext -k ${keytab} ${server}@${R} || exit 1 92 93echo "Creating database for ${R2}" 94${kadmin} \ 95 init \ 96 --realm-max-ticket-life=1day \ 97 --realm-max-renewable-life=1month \ 98 ${R2} || exit 1 99 100${kadmin} add -p foo --use-defaults bar@${R2} || exit 1 101 102echo "Doing database check for ${R} ${R2}" 103${kadmin} check ${R} || exit 1 104${kadmin} check ${R2} || exit 1 105 106echo foo > ${testdir}/foopassword 107 108echo Starting kdc 109env ${HEIM_MALLOC_DEBUG} ${kdc} & 110kdcpid=$! 111 112sh ${wait_kdc} KDC ${logfile} 113if [ "$?" != 0 ] ; then 114 kill -9 ${kdcpid} 115 exit 1 116fi 117 118echo Starting kpasswdd 119env ${HEIM_MALLOC_DEBUG} ${kpasswdd} & 120kpasswddpid=$! 121 122trap "kill -9 ${kdcpid} ${kpasswddpid}; echo signal killing kdc; exit \$ec;" EXIT 123 124ec=0 125 126echo "Getting client initial tickets"; > ${logfile} 127${kinit} --password-file=${testdir}/foopassword foo@$R || \ 128 { ec=1 ; eval "${testfailed}"; } 129echo "Getting tickets"; > ${logfile} 130${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } 131echo "Listing tickets"; > ${logfile} 132${klist} > /dev/null || { ec=1 ; eval "${testfailed}"; } 133${test_ap_req} ${server}@${R} ${keytab} ${cache} || \ 134 { ec=1 ; eval "${testfailed}"; } 135${kdestroy} 136 137echo "checking ${R}" 138 139pw=ak4unandsop39NuJ 140 141echo "Changing password" 142cat > cpw.tmp <<EOF 143expect Password 144password foo\n 145expect New password 146send ${pw}\n 147expect New password 148send ${pw}\n 149expect Success 150EOF 151 152${rkpty} cpw.tmp env ${kpasswd} foo@${R} || \ 153 { ec=$? ; eval "${testfailed}"; } 154 155rm cpw.tmp 156 157echo ${pw} > ${testdir}/barpassword 158 159 160echo "Getting client initial tickets for ${R}"; > ${logfile} 161${kinit} --password-file=${testdir}/barpassword foo@$R || \ 162 { ec=1 ; eval "${testfailed}"; } 163echo "Getting tickets"; > ${logfile} 164${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } 165echo "Listing tickets"; > ${logfile} 166${klist} > /dev/null || { ec=1 ; eval "${testfailed}"; } 167${test_ap_req} ${server}@${R} ${keytab} ${cache} || \ 168 { ec=1 ; eval "${testfailed}"; } 169${kdestroy} 170 171 172echo "checking ${R2}" 173 174cat > cpw.tmp <<EOF 175expect Password 176password foo\n 177expect New password 178send ${pw}\n 179expect New password 180send ${pw}\n 181expect Success 182EOF 183 184${rkpty} cpw.tmp ${kpasswd} bar@${R2} || \ 185 { ec=$? ; eval "${testfailed}"; } 186 187rm cpw.tmp 188 189 190echo "Getting client initial tickets for ${R2}"; > ${logfile} 191${kinit} --password-file=${testdir}/barpassword bar@${R2} || \ 192 { ec=1 ; eval "${testfailed}"; } 193${kdestroy} 194 195 196echo "killing kdc (${kdcpid} ${kpasswddpid})" 197sh ${leaks_kill} kdc $kdcpid || exit 1 198sh ${leaks_kill} kpasswdd $kpasswddpid || exit 1 199 200trap "" EXIT 201 202exit $ec 203