rpms/krb5
5
0
Fork 0
Code Issues Pull Requests Releases Activity
970430cbff
krb5/Remove-TCL-based-libkadm5-API-tests.patch
Antonio Torres ad88d4fd50 Add patches to support OpenSSL 3.0.0 
Signed-off-by: Antonio Torres <antorres@redhat.com>
2021-12-03 11:25:46 +01:00

18230 lines
478 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From ddb189ff95350afc0e3e063016a0f0dd5213dc4c Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Fri, 16 Apr 2021 10:24:04 -0400
Subject: [PATCH] Remove TCL-based libkadm5 API tests
[antorres@redhat.com: remove diff for .gitignore]
---
.gitignore | 20 -
doc/kadm5/api-unit-test.tex | 2680 -----------------
src/config/pre.in | 18 +-
src/configure.ac | 31 +-
src/kadmin/Makefile.in | 2 +-
src/kadmin/testing/Makefile.in | 8 -
src/kadmin/testing/deps | 1 -
src/kadmin/testing/proto/kdc.conf.proto | 16 -
src/kadmin/testing/proto/krb5.conf.proto | 32 -
src/kadmin/testing/proto/ovsec_adm.dict | 3 -
src/kadmin/testing/scripts/Makefile.in | 18 -
src/kadmin/testing/scripts/deps | 1 -
src/kadmin/testing/scripts/env-setup.shin | 104 -
src/kadmin/testing/scripts/init_db | 229 --
src/kadmin/testing/scripts/start_servers | 69 -
.../testing/scripts/start_servers_local | 157 -
src/kadmin/testing/scripts/stop_servers | 60 -
src/kadmin/testing/scripts/stop_servers_local | 44 -
src/kadmin/testing/tcl/util.t | 58 -
src/kadmin/testing/util/Makefile.in | 42 -
src/kadmin/testing/util/bsddb_dump.c | 65 -
src/kadmin/testing/util/deps | 16 -
src/kadmin/testing/util/tcl_kadm5.c | 2566 ----------------
src/kadmin/testing/util/tcl_kadm5.h | 3 -
src/kadmin/testing/util/tcl_kadm5_syntax | 57 -
src/kadmin/testing/util/tcl_krb5_hash.c | 167 -
src/kadmin/testing/util/test.c | 38 -
src/lib/kadm5/Makefile.in | 3 +-
src/lib/kadm5/unit-test/Makefile.in | 143 -
src/lib/kadm5/unit-test/api.2/crte-policy.exp | 927 ------
src/lib/kadm5/unit-test/api.2/get-policy.exp | 199 --
src/lib/kadm5/unit-test/api.2/mod-policy.exp | 675 -----
.../api.current/chpass-principal-v2.exp | 68 -
.../api.current/chpass-principal.exp | 176 --
.../unit-test/api.current/crte-policy.exp | 927 ------
.../unit-test/api.current/crte-principal.exp | 1336 --------
.../kadm5/unit-test/api.current/destroy.exp | 203 --
.../unit-test/api.current/dlte-policy.exp | 208 --
.../unit-test/api.current/dlte-principal.exp | 253 --
.../unit-test/api.current/get-policy.exp | 199 --
.../api.current/get-principal-v2.exp | 250 --
.../unit-test/api.current/get-principal.exp | 346 ---
.../kadm5/unit-test/api.current/init-v2.exp | 506 ----
src/lib/kadm5/unit-test/api.current/init.exp | 699 -----
.../unit-test/api.current/mod-policy.exp | 711 -----
.../api.current/mod-principal-v2.exp | 115 -
.../unit-test/api.current/mod-principal.exp | 1606 ----------
.../api.current/randkey-principal-v2.exp | 61 -
.../api.current/randkey-principal.exp | 297 --
src/lib/kadm5/unit-test/config/unix.exp | 222 --
src/lib/kadm5/unit-test/deps | 86 -
src/lib/kadm5/unit-test/destroy-test.c | 48 -
src/lib/kadm5/unit-test/diff-files/destroy-1 | 2 -
src/lib/kadm5/unit-test/diff-files/no-diffs | 2 -
src/lib/kadm5/unit-test/handle-test.c | 140 -
src/lib/kadm5/unit-test/init-test.c | 39 -
src/lib/kadm5/unit-test/iter-test.c | 51 -
src/lib/kadm5/unit-test/lib/lib.t | 306 --
src/lib/kadm5/unit-test/lock-test.c | 105 -
src/lib/kadm5/unit-test/randkey-test.c | 42 -
src/lib/kadm5/unit-test/setkey-test.c | 246 --
src/lib/kadm5/unit-test/site.exp | 2 -
62 files changed, 7 insertions(+), 17697 deletions(-)
delete mode 100644 doc/kadm5/api-unit-test.tex
delete mode 100644 src/kadmin/testing/Makefile.in
delete mode 100644 src/kadmin/testing/deps
delete mode 100644 src/kadmin/testing/proto/kdc.conf.proto
delete mode 100644 src/kadmin/testing/proto/krb5.conf.proto
delete mode 100644 src/kadmin/testing/proto/ovsec_adm.dict
delete mode 100644 src/kadmin/testing/scripts/Makefile.in
delete mode 100644 src/kadmin/testing/scripts/deps
delete mode 100755 src/kadmin/testing/scripts/env-setup.shin
delete mode 100755 src/kadmin/testing/scripts/init_db
delete mode 100755 src/kadmin/testing/scripts/start_servers
delete mode 100755 src/kadmin/testing/scripts/start_servers_local
delete mode 100755 src/kadmin/testing/scripts/stop_servers
delete mode 100755 src/kadmin/testing/scripts/stop_servers_local
delete mode 100644 src/kadmin/testing/tcl/util.t
delete mode 100644 src/kadmin/testing/util/Makefile.in
delete mode 100644 src/kadmin/testing/util/bsddb_dump.c
delete mode 100644 src/kadmin/testing/util/deps
delete mode 100644 src/kadmin/testing/util/tcl_kadm5.c
delete mode 100644 src/kadmin/testing/util/tcl_kadm5.h
delete mode 100644 src/kadmin/testing/util/tcl_kadm5_syntax
delete mode 100644 src/kadmin/testing/util/tcl_krb5_hash.c
delete mode 100644 src/kadmin/testing/util/test.c
delete mode 100644 src/lib/kadm5/unit-test/Makefile.in
delete mode 100644 src/lib/kadm5/unit-test/api.2/crte-policy.exp
delete mode 100644 src/lib/kadm5/unit-test/api.2/get-policy.exp
delete mode 100644 src/lib/kadm5/unit-test/api.2/mod-policy.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/chpass-principal.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/crte-policy.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/crte-principal.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/destroy.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/dlte-policy.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/dlte-principal.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/get-policy.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/get-principal.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/init-v2.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/init.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/mod-policy.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/mod-principal.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
delete mode 100644 src/lib/kadm5/unit-test/api.current/randkey-principal.exp
delete mode 100644 src/lib/kadm5/unit-test/config/unix.exp
delete mode 100644 src/lib/kadm5/unit-test/deps
delete mode 100644 src/lib/kadm5/unit-test/destroy-test.c
delete mode 100644 src/lib/kadm5/unit-test/diff-files/destroy-1
delete mode 100644 src/lib/kadm5/unit-test/diff-files/no-diffs
delete mode 100644 src/lib/kadm5/unit-test/handle-test.c
delete mode 100644 src/lib/kadm5/unit-test/init-test.c
delete mode 100644 src/lib/kadm5/unit-test/iter-test.c
delete mode 100644 src/lib/kadm5/unit-test/lib/lib.t
delete mode 100644 src/lib/kadm5/unit-test/lock-test.c
delete mode 100644 src/lib/kadm5/unit-test/randkey-test.c
delete mode 100644 src/lib/kadm5/unit-test/setkey-test.c
delete mode 100644 src/lib/kadm5/unit-test/site.exp
diff --git a/doc/kadm5/api-unit-test.tex b/doc/kadm5/api-unit-test.tex
deleted file mode 100644
index 014242037..000000000
--- a/doc/kadm5/api-unit-test.tex
+++ /dev/null
@@ -1,2680 +0,0 @@
-% This document is included for historical purposes only, and does not
-% apply to krb5 today.
-
-\documentstyle[times,fullpage]{article}
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%% Make _ actually generate an _, and allow line-breaking after it.
-\let\underscore=\_
-\catcode`_=13
-\def_{\underscore\penalty75\relax}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-\newcommand{\test}[1]{\begin{description}
-\setlength{\itemsep}{0pt}
-#1
-\end{description}
-
-}
-
-\newcommand{\numtest}[2]{\begin{description}
-\setlength{\itemsep}{0pt}
-\Number{#1}
-#2
-\end{description}
-
-}
-
-\newcommand{\Number}[1]{\item[Number:] #1}
-\newcommand{\Reason}[1]{\item[Reason:] #1}
-\newcommand{\Expected}[1]{\item[Expected:] #1}
-\newcommand{\Conditions}[1]{\item[Conditions:] #1}
-\newcommand{\Priority}[1]{\item[Priority:] #1}
-\newcommand{\Status}[1]{\item[Status:] #1}
-\newcommand{\Vtwonote}[1]{\item[V2 note:] #1}
-\newcommand{\Version}[1]{\item[Version:] #1}
-\newcommand{\Call}[1]{}
-%\newcommand{\Call}[1]{\item[Call:] #1}
-%\newcommand{\Number}[1]{}
-%\newcommand{\Reason}[1]{}
-%\newcommand{\Expected}[1]{}
-%\newcommand{\Conditions}[1]{}
-%\newcommand{\Priority}[1]{}
-
-\title{KADM5 Admin API\\
-Unit Test Description}
-\author{Jonathan I. Kamens}
-
-\begin{document}
-
-\maketitle
-
-%\tableofcontents
-
-\section{Introduction}
-
-The following is a description of a black-box unit test of the KADM5
-API. Each API function is listed, followed by the tests that should be
-performed on it.
-
-The tests described here are based on the ``Kerberos Administration
-System KADM5 API Functional Specifications'', revision 1.68. This
-document was originally written based on the OpenVision API functional
-specifications, version 1.41, dated August 18, 1994, and many
-indications of the original version remain.
-
-All tests which test for success should verify, using some means other
-than the return value of the function being tested, that the requested
-operation was successfully performed. For example: for init, test
-that other operations can be performed after init; for destroy, test
-that other operations can't be performed after destroy; for modify
-functions, verify that all modifications to the database which should
-have taken place did, and that the new, modified data is in effect;
-for get operations, verify that the data retrieved is the data that
-should actually be in the database.
-
-The tests would be better if they compared the actual contents of the
-database before and after each test, rather than relying on the KADM5
-API to report the results of changes.
-
-Similarly, all tests which test for failure should verify that the
-no component of the requested operation took place. For example: if
-init fails, other operations should not work. If a modify fails, all
-data in the database should be the same as it was before the attempt
-to modify, and the old data should still be what is enforced.
-Furthermore, tests which test for failure should verify that the
-failure code returned is correct for the specific failure condition
-tested.
-
-Most of the tests listed below should be run twice -- once locally on
-the server after linking against the server API library, and once
-talking to the server via authenticated Sun RPC after linking against
-the client API library. Tests which should only be run locally or via
-RPC are labelled with a ``local'' or ``RPC''.
-
-Furthermore, in addition to the tests labelled below, a test should be
-implemented to verify that a client can't perform operations on the
-server through the client API library when it's linked against
-standard Sun RPC instead of OpenV*Secure's authenticated Sun RPC.
-This will require a client with a modified version of ovsec_kadm_init
-which doesn't call auth_gssapi_create. This client should call this
-modified ovsec_kadm_init and then call some other admin API function,
-specifying arguments to both functions that would work if the
-authenticated Sun RPC had been used, but shouldn't if authentication
-wasn't used. The test should verify that the API function call after
-the init doesn't succeed.
-
-There is also another test to see if all the API functions handle getting an
-invalid server handle correctly. This is not done as part of the tests that
-are run through the TCL program cause the TCL program has no way of
-invalidating a server handle. So there is a program that calls init and
-changes the handle magic number, and then attempts to call each API function
-with the corrupted server handle.
-
-A number of tests have been added or changed to correspond with KADM5
-API version 2. Tests which are only performed against the newer
-version specify the version number in the test description.
-
-\section{ovsec_kadm_init}
-
-\numtest{1}{
-\Reason{An empty string realm is rejected.}
-\Status{Implemented}
-\Vtwonote{The empty string is now passed as the realm field of the
-parameters structure.}
-}
-
-\numtest{2}{
-\Reason{A realm containing invalid characters is rejected.}
-\Status{Implemented}
-\Vtwonote{The invalid character is now passed as the realm field of the
-parameters structure.}
-}
-
-\numtest{2.5}{
-\Reason{A non-existent realm is rejected.}
-\Status{Implemented}
-\Vtwonote{The non-existent realm is now passed as the realm field of the
-parameters structure.}
-}
-
-\numtest{3}{
-\Reason{A bad service name representing an existing principal
- (different from the client principal) is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{A bad service name representing a non-existent
- principal is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{A bad service name identical to the (existing) client
- name is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{A null password causes password prompting.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{An empty-string causes password prompting}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{An incorrect password which is the password of another
- user is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Reason{An incorrect password which isn't the password of any
- user is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{A null client_name is rejected.}
-\Status{Implemented}
-}
-
-% Empty string client name is legal.
-%\numtest{11}{
-%\Reason{An empty-string client_name is rejected.}
-%}
-
-\numtest{12}{
-\Reason{A client_name referring to a non-existent principal in
- the default realm is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Reason{A client_name referring to a non-existent principal
- with the local realm specified explicitly is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Reason{A client_name referring to a non-existent principal in
- a nonexistent realm is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Reason{A client_name referring to an existing principal in a
- nonexistent realm is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Reason{Valid invocation.}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Reason{Valid invocation (explicit client realm).}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Reason{Valid invocation (CHANGEPW_SERVICE).}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Reason{Valid invocation (explicit service realm).}
-\Status{Implemented}
-\Vtwonote{The explicit realm is now passed as the realm field of the
-configuration parameters.}
-}
-
-\numtest{20}{
-\Reason{Valid invocation (database access allowed after init).}
-\Status{Implemented}
-}
-
-%\numtest{21}{
-%\Reason{Init fails when called twice in a row.}
-%\Status{Implemented}
-%}
-
-\numtest{22}{
-\Reason{A null password causes master-key prompting.}
-\Conditions{local}
-\Status{Implemented}
-\Vtwonote{Obsolete.}
-}
-
-\numtest{22.5}{
-\Reason{A empty string password causes master-key prompting.}
-\Conditions{local}
-\Status{Implemented}
-\Vtwonote{Obsolete.}
-}
-
-%\numtest{23}{
-%\Reason{A non-null password causes reading from the kstash.}
-%\Conditions{local}
-%\Status{Implemented}
-%}
-
-\numtest{24}{
-\Reason{Null service name is ignored in local invocation.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{25}{
-\Reason{Non-null service name is ignored in local invocation.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-%\numtest{26}{
-%\Reason{Can't do ``get'' operation before calling init.}
-%\Status{Implemented}
-%}
-
-%\numtest{27}{
-%\Reason{Can't do ``add'' operation before calling init.}
-%\Status{Implemented}
-%}
-
-%\numtest{28}{
-%\Reason{Can't do ``modify'' operation before calling init.}
-%\Status{Implemented}
-%}
-
-%\numtest{29}{
-%\Reason{Can't do ``delete'' operation before calling init.}
-%\Status{Implemented}
-%}
-
-\numtest{30}{
-\Reason{Can init after failed init attempt.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Priority{High}
-\Reason{Return BAD_STRUCT_VERSION when the mask bits are set to invalid values}
-\Status{Implemented}
-}
-
-\numtest{32}{
-\Priority{High}
-\Reason{Return BAD_STRUCT_VERSION when the mask bits are not set}
-\Status{Implemented}
-}
-
-\numtest{33}{
-\Priority{High}
-\Reason{Return OLD_STRUCT_VERSION when attempting to use an old/unsupported
- structure version}
-\Status{Implemented}
-}
-
-\numtest{34}{
-\Priority{High}
-\Reason{Return NEW_STRUCT_VERSION when attempting to use a newer version of
- of the structure then what is supported}
-\Status{Implemented}
-}
-
-\numtest{35}{
-\Priority{High}
-\Reason{Return BAD_API_VERSION when the mask bits are set to invalid values}
-\Status{Implemented}
-}
-
-\numtest{36}{
-\Priority{High}
-\Reason{Return BAD_API_VERSION when the mask bits are not set}
-\Status{Implemented}
-}
-
-\numtest{37}{
-\Priority{High}
-\Reason{Return OLD_LIB_API_VERSION when using an old/unsuppored
- api version number}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{38}{
-\Priority{High}
-\Reason{Return OLD_SERVER_API_VERSION attempting to use an
- old/unsupported api version number}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{39}{
-\Priority{High}
-\Reason{Return NEW_LIB_API_VERSION when using a newer api
- version number then supported}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{40}{
-\Priority{High}
-\Reason{Return NEW_SERVER_API_VERSION when using a newer api version
- number then supported}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{41}{
-\Priority{High}
-\Reason{Return BAD_XXX_VERSION when the API and the structure
- version numbers are reversed}
-\Status{Implemented}
-}
-
-\numtest{42}{
-\Priority{High}
-\Reason{Succeeds when using valid api and struct version numbers and masks}
-\Status{Implemented}
-}
-
-\numtest{43}{
-\Priority{Low}
-\Reason{Returns two different server handle when called twice with same info}
-}
-
-\numtest{44}{
-\Priority{Low}
-\Reason{Returns two different server handles when called twice with
- different info}
-}
-
-\numtest{45}{
-\Priority{Bug fix, secure-install/3390}
-\Reason{Returns SECURE_PRINC_MISSING when ADMIN_SERVICE does not
-exist.}
-\Status{Implemented}
-}
-
-\numtest{46}{
-\Priority{Bug fix, secure-install/3390}
-\Reason{Returns SECURE_PRINC_MISSING when CHANGEPW_SERVICE does not
-exist.}
-\Status{Implemented}
-}
-
-\numtest{100}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the profile field of the configuration parameters, if
-set.}
-\Status{Implemented}
-}
-
-\numtest{101}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the kadmind_port field of the configuration parameters,
-if set.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{102}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the admin_server field of the configuration parameters,
-if set with only an admin server name.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{102.5}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the admin_server field of the configuration parameters,
-if set with a host name and port number.}
-\Conditions{RPC}
-}
-
-\numtest{103}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the dbname field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{104}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the admin_dbname field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{105}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the admin_lockfile field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{106}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the mkey_from_kbd field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{107}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the stash_file field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{108}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the mkey_name field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{109}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the max_life field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{110}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the max_rlife field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{111}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the expiration field of the configuration parameters, if
-set.}
-\Status{Implemented}
-\Conditions{local}
-}
-
-\numtest{112}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the flags field of the configuration parameters, if
-set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{113}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Obeys the keysalts and num_keysalts field of the configuration
-parameters, if set.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{114}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Returns KADM5_BAD_SERVER_PARAMS if any client-only parameters
-are specified to server-side init.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{115}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Returns KADM5_BAD_CLIENT_PARAMS if any client-only parameters
-are specified to server-side init.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{116}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Two calls to init with clients having different privileges
-succeeds, and both clients maintain their correct privileges.}
-\Priority{Bug fix}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{117}{
-\Version{KADM5_API_VERSION_2}
-\Reason{The max_life field defaults to value specified in the API
-Functional Specification when kdc.conf is unreadable.}
-\Priority{Bug fix, krb5-admin/18}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{150}{
-\Version{KADM5_API_VERSION_2}
-\Reason{init_with_creds works when given an open ccache with a valid
-credential for ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{151}{
-\Version{KADM5_API_VERSION_2}
-\Reason{init_with_creds works when given an open ccache with a valid
-credential for CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{152}{
-\Version{KADM5_API_VERSION_2}
-\Reason{init_with_creds fails with KRB5_FCC_NOFILE (was
- KADM5_GSS_ERROR) when given an open
-ccache with no credentials.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{153}{
-\Version{KADM5_API_VERSION_2}
-\Reason{init_with_creds fails with KRB5_CC_NOTFOUND (was
- KADM5_GSS_ERROR) when given an open
-ccache without credentials for ADMIN_SERVICE or CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{154}{
-\Version{KADM5_API_VERSION_2}
-\Reason{If the KRB5_KDC_PROFILE environment variable is set to a filename
-that does not exist, init fails with ENOENT.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\section{ovsec_kadm_destroy}
-
-\numtest{1}{
-\Reason{Valid invocation.}
-\Status{Implemented}
-}
-
-%\numtest{2}{
-%\Reason{Valid invocation (``get'' not allowed after destroy).}
-%\Status{Implemented}
-%}
-
-%\numtest{3}{
-%\Reason{Valid invocation (``add'' not allowed after destroy).}
-%\Status{Implemented}
-%}
-
-%\numtest{4}{
-%\Reason{Valid invocation (``modify'' not allowed after destroy).}
-%\Status{Implemented}
-%}
-
-%\numtest{5}{
-%\Reason{Valid invocation (``delete'' not allowed after destroy).}
-%\Status{Implemented}
-%}
-
-%\numtest{6}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-%\numtest{7}{
-%\Reason{Fails if invoked twice in a row.}
-%\Status{Implemented}
-%}
-
-\numtest{8}{
-\Reason{Database can be reinitialized after destroy.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{client}
-}
-
-\section{ovsec_kadm_create_principal}
-
-%In the tests below, ``getu'' refers to a user who has only ``get'' access,
-%''addu'' refers to a user who has only ``add'' access, ``modifyu'' refers to
-%a user who has only ``modify'' access, and ``deleteu'' refers to a user
-%who has only ``delete'' access. ``amu'' refers to a user with ``add'' and
-%''modify'' access. ``new_princ'' refers to a principal entry structure
-%filled in as follows:
-%
-% krb5_parse_name("newuser", \&new_princ.principal);
-% krb5_timeofday(\&new_princ.princ_expire_time);
-% new_princ.princ_expire_time += 130;
-% krb5_timeofday(\&new_princ.last_pwd_change);
-% new_princ.last_pwd_change += 140;
-% krb5_timeofday(\&new_princ.pw_expiration);
-% new_princ.pw_expiration += 150;
-% new_princ.max_life = 160;
-% krb5_parse_name("usera", \&new_princ.mod_name);
-% krb5_timeofday(\&new_princ.mod_date);
-% new_princ.mod_date += 170;
-% new_princ.attributes = 0xabcdabcd;
-% new_princ.kvno = 180;
-% new_princ.mkvno = 190;
-% new_princ.policy = null;
-% new_princ.aux_attributes = 0xdeadbeef;
-%
-%The offsets of 130 through 190 above are used to ensure that the
-%fields are all known to be different from each other, so that
-%accidentally switched fields can be detected. Some of the fields in
-%this structure may be changed by the tests, but they should clean up
-%after themselves.
-
-%\numtest{1}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-\numtest{2}{
-\Reason{Fails on null princ argument.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails on null password argument.}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Fails on empty-string password argument.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails when mask contains undefined bit.}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{Fails when mask contains LAST_PWD_CHANGE bit.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails when mask contains MOD_TIME bit.}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails when mask contains MOD_NAME bit.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Reason{Fails when mask contains MKVNO bit.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Fails when mask contains AUX_ATTRIBUTES bit.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Fails when mask contains POLICY_CLR bit.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Reason{Fails for caller with no access bits.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Reason{Fails when caller has ``get'' access and not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Reason{Fails when caller has ``modify'' access and not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Reason{Fails when caller has ``delete'' access and not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Reason{Fails when caller connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Reason{Fails on attempt to create existing principal.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Reason{Fails when password is too short.}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Reason{Fails when password has too few classes.}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Reason{Fails when password is in dictionary.}
-\Status{Implemented}
-}
-
-\numtest{21}{
-\Reason{Nonexistent policy is rejected.}
-\Status{Implemented}
-}
-
-\numtest{22}{
-\Reason{Fails on invalid principal name.}
-\Status{Implemented}
-}
-
-\numtest{23}{
-\Reason{Valid invocation.}
-\Status{Implemented}
-}
-
-\numtest{24}{
-\Reason{Succeeds when caller has ``add'' access and another one.}
-\Status{Implemented}
-}
-
-%\numtest{25}{
-%\Reason{Fails when password is too short, when override_qual is true.}
-%}
-
-%\numtest{26}{
-%\Reason{Fails when password has too few classes, when
-% override_qual is true.}
-%}
-
-%\numtest{27}{
-%\Reason{Fails when password is in dictionary, when override_qual is
-% true.}
-%}
-
-\numtest{28}{
-\Reason{Succeeds when assigning policy.}
-\Status{Implemented}
-}
-
-\numtest{29}{
-\Priority{High}
-\Reason{Allows 0 (never) for princ_expire_time.}
-\Status{Implemented}
-}
-
-\numtest{30}{
-\Reason{Allows 0 (never) for pw_expiration when there's no policy.}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Reason{Allows 0 (never) for pw_expiration when there's a policy with
- 0 for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{32}{
-\Reason{Accepts 0 (never) for pw_expiration when there's a policy with
- non-zero pw_max_life, and sets pw_expiration to zero.}
-\Status{Implemented}
-}
-
-\numtest{33}{
-\Reason{Accepts and sets non-zero pw_expiration when no policy.}
-\Status{Implemented}
-}
-
-\numtest{34}{
-\Reason{Accepts and sets non-zero pw_expiration when there's a policy
- with zero pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{35}{
-\Reason{Accepts and sets non-zero pw_expiration when there's a policy
- with pw_max_life later than the specified pw_expiration.}
-\Status{Implemented}
-}
-
-\numtest{36}{
-\Reason{Accepts and sets non-zero pw_expiration greater than now_pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{37}{
-\Priority{High}
-\Reason{Sets pw_expiration to 0 (never) if there's no policy and no
- specified pw_expiration.}
-\Status{Implemented}
-}
-
-\numtest{38}{
-\Priority{High}
-\Reason{Sets pw_expiration to 0 (never) if it isn't specified and the
- policy has a 0 (never) pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{39}{
-\Priority{High}
-\Reason{Sets pw_expiration to now + pw_max_life if it isn't specified
- and the policy has a non-zero pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{40}{
-\Priority{High}
-\Reason{Allows 0 (forever) for max_life.}
-\Status{Implemented}
-}
-
-\numtest{41}{
-\Priority{High}
-\Reason{Doesn't modify or free mod_name on success.}
-}
-
-\numtest{42}{
-\Priority{High}
-\Reason{Doesn't modify or free mod_name on failure.}
-}
-
-\numtest{43}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{44}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_delete_principal}
-
-%\numtest{1}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-\numtest{2}{
-\Reason{Fails on null principal.}
-\Status{Implemented}
-}
-
-% Empty string principal is legal.
-%\numtest{3}{
-%\Reason{Fails on empty-string principal.}
-%}
-
-% There is not invalid principal names
-%\numtest{4}{
-%\Reason{Fails on invalid principal name.}
-%}
-
-\numtest{5}{
-\Priority{High}
-\Reason{Fails on nonexistent principal.}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{Fails when caller connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Priority{High}
-\Reason{Fails if caller has ``add'' access and not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Fails if caller has ``modify'' access and not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Fails if caller has ``get'' access and not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Fails if caller has no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Valid invocation.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Valid invocation (on principal with policy).}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_modify_principal}
-
-%\numtest{1}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails if user connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails on mask with undefined bit set.}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Fails on mask with PRINCIPAL set.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Priority{High}
-\Reason{Fails on mask with LAST_PWD_CHANGE set.}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{Fails on mask with MOD_TIME set.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails on mask with MOD_NAME set.}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails on mask with MKVNO set.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Fails on mask with AUX_ATTRIBUTES set.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Fails on nonexistent principal.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Fails for user with ``get'' access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Fails for user with ``add'' access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{High}
-\Reason{Fails for user with ``delete'' access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Succeeds for user with ``modify'' access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Reason{Succeeds for user with ``modify'' and another access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{High}
-\Reason{Fails when nonexistent policy is specified.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Priority{High}
-\Reason{Succeeds when existent policy is specified.}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Reason{Updates policy count when setting policy from none.}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Reason{Updates policy count when clearing policy from set.}
-\Status{Implemented}
-}
-
-\numtest{21}{
-\Reason{Updates policy count when setting policy from other policy.}
-\Status{Implemented}
-}
-
-\numtest{21.5}{
-\Reason{Policy reference count remains unchanged when policy is
- changed to itself.}
-\Status{Implemented.}
-}
-
-\numtest{22}{
-\Reason{Allows 0 (never) for pw_expiration when there's no policy.}
-\Status{Implemented}
-}
-
-\numtest{23}{
-\Reason{Allows 0 (never) for pw_expiration when there's a policy with
- 0 for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{24}{
-\Reason{Accepts 0 (never) for pw_expiration when there's a policy with
- non-zero pw_max_life, but actually sets pw_expiration to
- last_pwd_change + pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{25}{
-\Reason{Accepts and sets non-zero pw_expiration when no policy.}
-\Status{Implemented}
-}
-
-\numtest{26}{
-\Reason{Accepts and sets non-zero pw_expiration when there's a policy
- with zero pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{27}{
-\Reason{Accepts and sets non-zero pw_expiration when there's a policy
- with pw_max_life later than the specified pw_expiration.}
-\Status{Implemented}
-}
-
-\numtest{28}{
-\Reason{Accepts non-zero pw_expiration and limits it to last_pwd_change +
- pw_max_life when it's later than last_pwd_change + non-zero
- pw_max_life in policy.}
-\Status{Implemented}
-}
-
-\numtest{29}{
-\Priority{High}
-\Reason{Sets pw_expiration to 0 (never) when a policy is cleared and
-no pw_expiration is specified.}
-\Status{Implemented}
-}
-
-\numtest{30}{
-\Priority{High}
-\Reason{Sets pw_expiration to 0 (never) if it isn't specified and the
- new policy has a 0 (never) pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Priority{High}
-\Reason{Sets pw_expiration to now + pw_max_life if it isn't specified
- and the new policy has a non-zero pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{32}{
-\Priority{High}
-\Reason{Accepts princ_expire_time change.}
-\Status{Implemented}
-}
-
-
-
-\numtest{33}{
-\Priority{High}
-\Reason{Accepts attributes change.}
-\Status{Implemented}
-}
-
-\numtest{33.25}{
-\Priority{High}
-\Reason{Accepts attributes change (KRB5_KDB_REQUIRES_PW_CHANGE).}
-\Status{Implemented}
-}
-
-\numtest{33.5}{
-\Priority{High}
-\Reason{Accepts attributes change (KRB5_DISALLOW_TGT_BASE).}
-\Status{Implemented}
-}
-
-\numtest{33.75}{
-\Priority{High}
-\Reason{Accepts attributes change (KRB5_PW_CHANGE_SERVICE).}
-\Status{Implemented}
-}
-
-\numtest{34}{
-\Priority{High}
-\Reason{Accepts max_life change.}
-\Status{Implemented}
-}
-
-\numtest{35}{
-\Priority{High}
-\Reason{Accepts kvno change.}
-\Status{Implemented}
-}
-
-\numtest{36}{
-\Reason{Behaves correctly when policy is set to the same as it was
- before.}
-\Status{Implemented}
-}
-
-\numtest{37}{
-\Reason{Behaves properly when POLICY_CLR is specified and there was no
- policy before.}
-\Status{Implemented}
-}
-
-\numtest{38}{
-\Priority{High}
-\Reason{Accepts 0 (never) for princ_expire_time.}
-\Status{Implemented}
-}
-
-\numtest{39}{
-\Priority{High}
-\Reason{Accepts 0 for max_life.}
-\Status{Implemented}
-}
-
-\numtest{40}{
-\Reason{Rejects null principal argument.}
-\Status{Implemented}
-}
-
-\numtest{41}{
-\Priority{High}
-\Reason{Doesn't modify or free mod_name on success.}
-}
-
-\numtest{42}{
-\Priority{High}
-\Reason{Doesn't modify or free mod_name on failure.}
-}
-
-\numtest{43}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{44}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-\numtest{100}{
-\Version{KADM5_API_VERSION_2}
-\Priority{bug-fix}
-\Reason{Accepts max_rlife change.}
-\Status{Implemented}
-}
-
-\numtest{101}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Rejects last_success change.}
-\Status{Implemented}
-}
-
-\numtest{102}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Rejects last_failed change.}
-\Status{Implemented}
-}
-
-\numtest{103}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Rejects fail_auth_count change.}
-\Status{Implemented}
-}
-
-\numtest{103.5}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Rejects key_data change.}
-\Status{Implemented}
-}
-
-\numtest{104}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Accepts tl_data change when all types are greater than 256.}
-\Status{Implemented}
-}
-
-\numtest{105}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Returns KADM5_BAD_TL_TYPE when given tl_data with a type less
-than 256.}
-\Status{Implemented}
-}
-
-\section{ovsec_kadm_rename_principal}
-
-%\numtest{1}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails if user connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Fails for user with ``modify'' access and not ``add'' or
-``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails for user with ``get'' access and not ``add'' or
-``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{Fails for user with ``modify'' and ``add'' but not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails for user with ``modify'' and ``delete'' but not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails for user with ``get'' and ``add'' but not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Reason{Fails for user with ``get'' and ``delete'' but not ``add.''}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Fails for user with ``modify'', ``get'' and ``add'', but not
- ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Fails for user with ``modify'', ``get'' and ``delete'', but
- not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Fails for user with ``add'' but not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Fails for user with ``delete'' but not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{High}
-\Reason{Succeeds for user with ``add'' and ``delete'', when that user
-has non-name-based salt.}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Fails if target principal name exists.}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-\numtest{18}{
-\Priority{bug fix}
-\Reason{Returns NO_RENAME_SALT when asked to rename a principal whose
-salt depends on the principal name.}
-\Status{Implemented}
-}
-
-\section{ovsec_kadm_chpass_principal}
-\label{ovseckadmchpassprincipal}
-
-\subsection{Quality/history enforcement tests}
-
-This section lists a series of tests which will be run a number of
-times, with various parameter settings (e.g., which access bits user
-has, whether user connected with ADMIN_SERVICE or CHANGEPW_SERVICE,
-etc.). The table following the
-list of tests gives the various parameter settings under which the
-tests should be run, as well which should succeed and which should
-fail for each choice of parameter settings.
-
-\subsubsection{List of tests}
-
-The test number of each of these tests is an offset from the base
-given in the table below.
-
-\numtest{1}{
-\Priority{High}
-\Reason{With history setting of 1, change password to itself.}
-}
-
-\numtest{2}{
-\Reason{With history setting of 2 but no password changes since
- principal creation, change password to itself.}
-}
-
-\numtest{3}{
-\Reason{With history setting of 2 and one password change since
- principal creation, change password to itself
- and directly previous password.}
-}
-
-\numtest{4}{
-\Priority{High}
-\Reason{With a history setting of 3 and no password changes,
- change password to itself.}
-}
-
-\numtest{5}{
-\Priority{High}
-\Reason{With a history setting of 3 and 1 password change,
- change password to itself or previous password.}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{With a history setting of 3 and 2 password changes,
- change password to itself and the two previous passwords.}
-}
-
-\numtest{7}{
-\Priority{High}
-\Reason{Change to previously unused password when now -
- last_pwd_change $<$ pw_min_life.}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Change to previously unused password that doesn't contain enough
- character classes.}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Change to previously unused password that's too short.}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Change to previously unused password that's in the dictionary.}
-}
-
-\subsubsection{List of parameter settings}
-
-In the table below, ``7 passes'' means that test 7 above passes and
-the rest of the tests fail.
-
-\begin{tabular}{llllll}
-Base & Modify access? & Own password? & Service & Pass/Fail \\ \hline
-0 & No & Yes & ADMIN & all fail \\
-20 & No & Yes & CHANGEPW & all fail \\
-40 & No & No & ADMIN & all fail \\
-60 & No & No & CHANGEPW & all fail \\
-80 & Yes & Yes & ADMIN & 7 passes \\
-100 & Yes & Yes & CHANGEPW & all fail \\
-120 & Yes & No & ADMIN & 7 passes \\
-140 & Yes & No & CHANGEPW & all fail \\
-\end{tabular}
-
-\subsection{Other quality/history tests}
-
-\numtest{161}{
-\Priority{High}
-\Reason{With history of 1, can change password to anything other than
- itself that doesn't conflict with other quality
- rules.}
-}
-
-\numtest{162}{
-\Reason{With history of 2 and 2 password changes, can change password
- to original password.}
-}
-
-\numtest{163}{
-\Priority{High}
-\Reason{With history of 3 and 3 password changes, can change password
- to original password.}
-}
-
-\numtest{164}{
-\Priority{High}
-\Reason{Can change password when now - last_pwd_change $>$ pw_min_life.}
-}
-
-\numtest{165}{
-\Priority{High}
-\Reason{Can change password when it contains exactly the number of
- classes required by the policy.}
-}
-
-\numtest{166}{
-\Priority{High}
-\Reason{Can change password when it is exactly the length required by
- the policy.}
-}
-
-\numtest{167}{
-\Priority{High}
-\Reason{Can change password to a word that isn't in the dictionary.}
-}
-
-
-\subsection{Other tests}
-
-%\numtest{168}{
-%\Reason{Fails if database not initialized.}
-%}
-
-\numtest{169}{
-\Reason{Fails for non-existent principal.}
-}
-
-\numtest{170}{
-\Reason{Fails for null password.}
-}
-
-\numtest{171}{
-\Priority{High}
-\Reason{Fails for empty-string password.}
-}
-
-\numtest{172}{
-\Priority{High}
-\Reason{Pw_expiration is set to now + max_pw_life if policy exists and
- has non-zero max_pw_life.}
-}
-
-\numtest{173}{
-\Priority{High}
-\Reason{Pw_expiration is set to 0 if policy exists and has zero
- max_pw_life.}
-}
-
-\numtest{174}{
-\Priority{High}
-\Reason{Pw_expiration is set to 0 if no policy.}
-}
-
-\numtest{175}{
-\Priority{High}
-\Reason{KRB5_KDC_REQUIRES_PWCHANGE bit is cleared when password is
- successfully changed.}
-}
-
-\numtest{176}{
-\Priority{High}
-\Reason{Fails for user with no access bits, on other's password.}
-}
-
-\numtest{177}{
-\Priority{High}
-\Reason{Fails for user with ``get'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{178}{
-\Reason{Fails for user with ``delete'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{179}{
-\Reason{Fails for user with ``add'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{180}{
-\Reason{Succeeds for user with ``get'' and ``modify'' access, on
- other's password.}
-\Status{Implemented}
-}
-
-\numtest{180.5}{
-\Priority{High}
-\Reason{Succeeds for user with ``modify'' but not ``get'' access, on
- other's password.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-\numtest{180.625}{
-\Priority{High}
-\Reason{Fails for user with modify when connecting with CHANGEPW_SERVICE on
- others password}
-\Conditions{RPC}
-\Status{Implemented}
-}
-\numtest{180.75}{
-\Priority{High}
-\Reason{Fails for user with modify when connecting with CHANGEPW_SERVICE
- on other's password which has expired}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-%\numtest{181}{
-%\Reason{Password that would succeed if override_qual were false fails
-% if override_qual is true.}
-%\Expected{Returns CANNOT_OVERRIDE.}
-%}
-
-\numtest{182}{
-\Priority{High}
-\Reason{Can not change key of ovsec_adm/history principal.}
-\Status{Implemented}
-}
-
-\numtest{183}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{184}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-\numtest{200}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Creates a key for the principal for each unique encryption
-type/salt type in use.}
-\Status{Implemented}
-}
-
-\section{ovsec_kadm_chpass_principal_util}
-
-Rerun all the tests listed for ovsec_kadm_chpass_principal above in
-Section \ref{ovseckadmchpassprincipal}. Verify that they succeed
-and fail in the same circumstances. Also verify that in each failure
-case, the error message returned in msg_ret is as specified in the
-functional specification.
-
-Also, run the following additional tests.
-
-\numtest{1}{
-\Reason{Null msg_ret is rejected.}
-}
-
-\numtest{2}{
-\Priority{High}
-\Reason{New password is put into pw_ret, when it's prompted for.}
-}
-
-\numtest{3}{
-\Priority{High}
-Reason{New password is put into pw_ret, when it's supplied by the
- caller.}
-}
-
-\numtest{4}{
-\Priority{High}
-\Reason{Successful invocation when pw_ret is null.}
-}
-
-
-
-\section{ovsec_kadm_randkey_principal}
-
-\subsection{TOOSOON enforcement tests}
-
-This test should be run a number of times, as indicated in the table
-following it. The table also indicates the expected result of each
-run of the test.
-
-\test{
-\Reason{Change key when now - last_pwd_change $<$ pw_min_life.}
-}
-
-\subsubsection{List of parameter settings}
-
-\begin{tabular}{llllll}
-Number & Modify Access? & Own Key? & Service & Pass/Fail & Implemented? \\ \hline
-1 & No & Yes & ADMIN & fail & Yes \\
-3 & No & Yes & CHANGEPW & fail & Yes \\
-5 & No & No & ADMIN & fail \\
-7 & No & No & CHANGEPW & fail \\
-9 & Yes & Yes & ADMIN & pass \\
-11 & Yes & Yes & CHANGEPW & fail \\
-13 & Yes & No & ADMIN & pass & Yes \\
-15 & Yes & No & CHANGEPW & fail & Yes \\
-\end{tabular}
-
-\subsection{Other tests}
-
-\numtest{17}{
-\Reason{Fails if database not initialized.}
-}
-
-\numtest{18}{
-\Reason{Fails for non-existent principal.}
-}
-
-\numtest{19}{
-\Reason{Fails for null keyblock pointer.}
-}
-
-\numtest{20}{
-\Priority{High}
-\Reason{Pw_expiration is set to now + max_pw_life if policy exists and
- has non-zero max_pw_life.}
-}
-
-\numtest{21}{
-\Priority{High}
-\Reason{Pw_expiration is set to 0 if policy exists and has zero
- max_pw_life.}
-}
-
-\numtest{22}{
-\Priority{High}
-\Reason{Pw_expiration is set to 0 if no policy.}
-}
-
-\numtest{23}{
-\Priority{High}
-\Reason{KRB5_KDC_REQUIRES_PWCHANGE bit is cleared when key is
- successfully changed.}
-}
-
-\numtest{24}{
-\Priority{High}
-\Reason{Fails for user with no access bits, on other's password.}
-}
-
-\numtest{25}{
-\Priority{High}
-\Reason{Fails for user with ``get'' but not ``modify'' access, on
- other's password.}
-\Vtwonote{Change-password instead of modify access.}
-}
-
-\numtest{26}{
-\Reason{Fails for user with ``delete'' but not ``modify'' access, on
- other's password.}
-\Vtwonote{Change-password instead of modify access.}
-}
-
-\numtest{27}{
-\Reason{Fails for user with ``add'' but not ``modify'' access, on
- other's password.}
-\Vtwonote{Change-password instead of modify access.}
-}
-
-\numtest{28}{
-\Reason{Succeeds for user with ``get'' and ``modify'' access, on
- other's password.}
-\Status{Implemented}
-\Vtwonote{Change-password instead of modify access.}
-}
-
-\numtest{28.25}{
-\Priority{High}
-\Reason{Fails for user with get and modify access on others password
- When conneceted with CHANGEPW_SERVICE}
-\Status{Implemented}
-\Vtwonote{Change-password instead of modify access.}
-}
-
-\numtest{28.5}{
-\Priority{High}
-\Reason{Succeeds for user with ``modify'' but not ``get'' access, on
- other's password.}
-\Status{Implemented}
-\Vtwonote{Change-password instead of modify access.}
-}
-
-\numtest{29}{
-\Reason{The new key that's assigned is truly random. XXX not sure how
- to test this.}
-}
-
-\numtest{30}{
-\Reason{Succeeds for own key, no other access bits when connecting with CHANGEPW service}
-\Status{Implemented}
-}
-\numtest{31}{
-\Reason{Succeeds for own key, no other access bits when connecting with ADMIM service}
-\Status{Implemented}
-}
-
-\numtest{32}{
-\Reason{Cannot change ovsec_adm/history key}
-\Status{Implemented}
-}
-
-\numtest{33}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{34}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-\numtest{100}{
-\Version{KADM5_API_VERSION_2}
-\Reason{Returns a key for each unique encryption type specified in the
-keysalts.}
-}
-
-\section{ovsec_kadm_get_principal}
-
-\numtest{1}{
-\Reason{Fails for null ent.}
-\Status{Implemented}
-}
-
-\numtest{2}{
-\Reason{Fails for non-existent principal.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Priority{High}
-\Reason{Fails for user with no access bits, retrieving other principal.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Priority{High}
-\Reason{Fails for user with ``add'' but not ``get'', getting principal
- other than his own, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails for user with ``modify'' but not ``get'', getting
- principal other than his own, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{Fails for user with ``delete'' but not ``get'', getting
- principal other than his own, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails for user with ``delete'' but not ``get'', getting
- principal other than his own, using CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Fails for user with ``get'', getting principal other than his
- own, using CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Succeeds for user without ``get'', retrieving self, using
- ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Succeeds for user without ``get'', retrieving self, using
- CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Succeeds for user with ``get'', retrieving self, using
- ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Reason{Succeeds for user with ``get'', retrieving self, using
- CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Succeeds for user with ``get'', retrieving other user, using
- ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Reason{Succeeds for user with ``get'' and ``modify'', retrieving
- other principal, using ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-\numtest{100}{
-\Version{KADM5_API_VERSION_2}
-\Reason{If KADM5_PRINCIPAL_NORMAL_MASK is specified, the key_data and
-tl_data fields are NULL/zero.}
-\Status{Implemented}
-}
-
-\numtest{101}{
-\Version{KADM5_API_VERSION_2}
-\Reason{If KADM5_KEY_DATA is specified, the key_data fields contain
-data but the contents are all NULL.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{102}{
-\Version{KADM5_API_VERSION_2}
-\Reason{If KADM5_KEY_DATA is specified, the key_data fields contain
-data and the contents are all non-NULL.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{103}{
-\Version{KADM5_API_VERSION_2}
-\Reason{If KADM5_TL_DATA is specified, the tl_data field contains the
-correct tl_data and no entries whose type is less than 256.}
-\Status{Implemented}
-}
-
-
-\section{ovsec_kadm_create_policy}
-
-\numtest{1}{
-\Reason{Fails for mask with undefined bit set.}
-\Status{Implemented - untested}
-}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails if caller connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails for mask without POLICY bit set.}
-\Status{Implemented - untested}
-}
-
-\numtest{4}{
-\Reason{Fails for mask with REF_COUNT bit set.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails for invalid policy name.}
-\Status{Implemented - untested}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{Fails for existing policy name.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails for null policy name.}
-\Status{Implemented - untested}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Fails for empty-string policy name.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Accepts 0 for pw_min_life.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_min_life.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Accepts 0 for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Rejects 0 for pw_min_length.}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_min_length.}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Rejects 0 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Priority{High}
-\Reason{Accepts 1 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{High}
-\Reason{Accepts 4 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Priority{High}
-\Reason{Rejects 5 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Priority{High}
-\Reason{Rejects 0 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Priority{High}
-\Reason{Accepts 1 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{21}{
-\Priority{High}
-\Reason{Accepts 10 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{21.5}{
-\Reason{Rejects 11 for pw_history_num.}
-\Status{Implemented - untested}
-}
-
-\numtest{22}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{23}{
-\Priority{High}
-\Reason{Fails for user with ``get'' but not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{24}{
-\Reason{Fails for user with ``modify'' but not ``add.''}
-\Conditions{RPC}
-\Status{Implemented - untested}
-}
-
-\numtest{25}{
-\Reason{Fails for user with ``delete'' but not ``add.''}
-\Conditions{RPC}
-\Status{Implemented - untested}
-}
-
-\numtest{26}{
-\Priority{High}
-\Reason{Succeeds for user with ``add.''}
-\Status{Implemented}
-}
-
-\numtest{27}{
-\Reason{Succeeds for user with ``get'' and ``add.''}
-\Status{Implemented - untested}
-}
-
-\numtest{28}{
-\Reason{Rejects null policy argument.}
-\Status{Implemented - untested}
-}
-
-\numtest{29}{
-\Reason{Rejects pw_min_life greater than pw_max_life.}
-}
-
-\numtest{30}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_delete_policy}
-
-\numtest{1}{
-\Reason{Fails for null policy name.}
-}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails for empty-string policy name.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails for non-existent policy name.}
-}
-
-\numtest{4}{
-\Reason{Fails for bad policy name.}
-}
-
-\numtest{5}{
-\Priority{High}
-\Reason{Fails if caller connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Priority{High}
-\Reason{Fails for user with ``add'' but not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails for user with ``modify'' but not ``delete''.}
-\Conditions{RPC}
-}
-
-\numtest{9}{
-\Reason{Fails for user with ``get'' but not ``delete.''}
-\Conditions{RPC}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Succeeds for user with only ``delete''.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Succeeds for user with ``delete'' and ``add''.}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Fails for policy with non-zero reference count.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_modify_policy}
-
-\numtest{1}{
-\Reason{Fails for mask with undefined bit set.}
-\Conditions{RPC}
-}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails if caller connected with CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails for mask with POLICY bit set.}
-}
-
-\numtest{4}{
-\Reason{Fails for mask with REF_COUNT bit set.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails for invalid policy name.}
-}
-
-\numtest{6}{
-\Reason{Fails for non-existent policy name.}
-}
-
-\numtest{7}{
-\Reason{Fails for null policy name.}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Fails for empty-string policy name.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Accepts 0 for pw_min_life.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_min_life.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Accepts 0 for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Accepts 0 for pw_min_length.}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_min_length.}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Rejects 0 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Priority{High}
-\Reason{Accepts 1 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{High}
-\Reason{Accepts 4 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Priority{High}
-\Reason{Rejects 5 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Priority{High}
-\Reason{Rejects 0 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Priority{High}
-\Reason{Accepts 1 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{21}{
-\Priority{High}
-\Reason{Accepts 10 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{22}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{23}{
-\Priority{High}
-\Reason{Fails for user with ``get'' but not ``modify''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{24}{
-\Reason{Fails for user with ``add'' but not ``modify.''}
-\Conditions{RPC}
-}
-
-\numtest{25}{
-\Reason{Fails for user with ``delete'' but not ``modify.''}
-\Conditions{RPC}
-}
-
-\numtest{26}{
-\Priority{High}
-\Reason{Succeeds for user with ``modify.''}
-\Status{Implemented}
-}
-
-\numtest{27}{
-\Reason{Succeeds for user with ``get'' and ``modify.''}
-}
-
-\numtest{28}{
-\Reason{Rejects null policy argument.}
-}
-
-\numtest{29}{
-\Reason{Rejects change which makes pw_min_life greater than
- pw_max_life.}
-}
-
-\numtest{30}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-\section{ovsec_kadm_get_policy}
-
-\numtest{1}{
-\Reason{Fails for null policy.}
-}
-
-\numtest{2}{
-\Reason{Fails for invalid policy name.}
-}
-
-\numtest{3}{
-\Priority{High}
-\Reason{Fails for empty-string policy name.}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Fails for non-existent policy name.}
-}
-
-\numtest{5}{
-\Reason{Fails for null ent.}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{Fails for user with no access bits trying to get other's
- policy, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Priority{High}
-\Reason{Fails for user with ``add'' but not ``get'' trying to get
- other's policy, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails for user with ``modify'' but not ``get'' trying to get
- other's policy, using ADMIN_SERVICE.}
-\Conditions{RPC}
-}
-
-\numtest{9}{
-\Reason{Fails for user with ``delete'' but not ``get'' trying to get
- other's policy, using ADMIN_SERVICE.}
-\Conditions{RPC}
-}
-
-\numtest{10}{
-\Reason{Fails for user with ``delete'' but not ``get'' trying to get
- other's policy, using CHANGEPW_SERVICE.}
-\Conditions{RPC}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Succeeds for user with only ``get'', trying to get own policy,
- using ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Succeeds for user with only ``get'', trying to get own policy,
- using CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Reason{Succeeds for user with ``add'' and ``get'', trying to get own
- policy, using ADMIN_SERVICE.}
-}
-
-\numtest{14}{
-\Reason{Succeeds for user with ``add'' and ``get'', trying to get own
- policy, using CHANGEPW_SERVICE.}
-}
-
-\numtest{15}{
-\Reason{Succeeds for user without ``get'', trying to get own policy,
- using ADMIN_SERVICE.}
-}
-
-\numtest{16}{
-\Priority{High}
-\Reason{Succeeds for user without ``get'', trying to get own policy,
- using CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{High}
-\Reason{Succeeds for user with ``get'', trying to get other's policy,
- using ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Priority{High}
-\Reason{Fails for user with ``get'', trying to get other's policy,
- using CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Reason{Succeeds for user with ``modify'' and ``get'', trying to get
- other's policy, using ADMIN_SERVICE.}
-}
-
-\numtest{20}{
-\Reason{Fails for user with ``modify'' and ``get'', trying to get
- other's policy, using CHANGEPW_SERVICE.}
-}
-
-\numtest{21}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{22}{
-\Priority{Low}
-\Reason{Connects to correct server when multiple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_free_principal_ent}
-
-In addition to the tests listed here, a memory-leak detector such as
-TestCenter, Purify or dbmalloc should be used to verify that the
-memory freed by this function is really freed.
-
-\numtest{1}{
-\Reason{Null princ succeeds.}
-}
-
-\numtest{2}{
-\Reason{Non-null princ succeeds.}
-}
-
-
-\section{ovsec_kadm_free_policy_ent}
-
-In addition to the tests listed here, a memory-leak detector such as
-TestCenter, Purify or dbmalloc should be used to verify that the
-memory freed by this function is really freed.
-
-\numtest{1}{
-\Reason{Null policy succeeds.}
-}
-
-\numtest{2}{
-\Reason{Non-null policy succeeds.}
-}
-
-
-
-\section{ovsec_kadm_get_privs}
-
-\numtest{1}{
-\Reason{Fails for null pointer argument.}
-}
-
-This test should be run with the 16 possible combinations of access
-bits (since there are 4 access bits, there are $2^4 = 16$ possible
-combinations of them):
-
-\numtest{2}{
-\Priority{High}
-\Reason{Returns correct bit mask for access bits of user.}
-\Conditions{RPC}
-}
-
-This test should be run locally:
-
-\numtest{3}{
-\Priority{High}
-\Reason{Returns 0x0f.}
-\Conditions{local}
-}
-
-\end{document}
diff --git a/src/config/pre.in b/src/config/pre.in
index 3752174c7..b2d17b077 100644
--- a/src/config/pre.in
+++ b/src/config/pre.in
@@ -228,16 +228,8 @@ KRB5_INCSUBDIRS = \
$(KRB5_INCDIR)/gssapi \
$(KRB5_INCDIR)/gssrpc
-#
-# Macros used by the KADM5 (OV-based) unit test system.
-# XXX check which of these are actually used!
-#
SKIPTESTS = $(BUILDTOP)/skiptests
-TESTDIR = $(BUILDTOP)/kadmin/testing
-STESTDIR = $(top_srcdir)/kadmin/testing
-ENV_SETUP = $(TESTDIR)/scripts/env-setup.sh
-CLNTTCL = $(TESTDIR)/util/kadm5_clnt_tcl
-SRVTCL = $(TESTDIR)/util/kadm5_srv_tcl
+
# Dejagnu variables.
# We have to set the host with --host so that setup_xfail will work.
# If we don't set it, then the host type used is "native", which
@@ -249,14 +241,6 @@ RUNTEST = runtest $(DEJAFLAGS)
RUNPYTEST = PYTHONPATH=$(top_srcdir)/util VALGRIND="$(VALGRIND)" \
$(PYTHON)
-START_SERVERS = $(STESTDIR)/scripts/start_servers $(TEST_SERVER) $(TEST_PATH)
-START_SERVERS_LOCAL = $(STESTDIR)/scripts/start_servers_local
-
-STOP_SERVERS = $(STESTDIR)/scripts/stop_servers $(TEST_SERVER) $(TEST_PATH)
-STOP_SERVERS_LOCAL = $(STESTDIR)/scripts/stop_servers_local
-#
-# End of macros for the KADM5 unit test system.
-#
transform = @program_transform_name@
diff --git a/src/configure.ac b/src/configure.ac
index 61778dcd0..4f16fee45 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -991,33 +991,9 @@ ath_compat=
AC_ARG_ENABLE([athena],
[ --enable-athena build with MIT Project Athena configuration],
ath_compat=compat,)
-# The following are tests for the presence of programs required for
-# kadmin testing.
-AC_CHECK_PROG(have_RUNTEST,runtest,runtest)
-AC_CHECK_PROG(have_PERL,perl,perl)
-if test "$have_PERL" = perl -a "$have_RUNTEST" = runtest -a "$TCL_LIBS" != ""; then
- DO_TEST=ok
-fi
-AC_SUBST(DO_TEST)
-
-# The following are substituted into kadmin/testing/scripts/env-setup.sh
-RBUILD=`pwd`
-AC_SUBST(RBUILD)
-case "$srcdir" in
-/*) S_TOP=$srcdir ;;
-*) S_TOP=`pwd`/$srcdir ;;
-esac
-AC_SUBST(S_TOP)
-AC_PATH_PROG(EXPECT,expect)
-# For kadmin/testing/util/Makefile.in
-if test "$TCL_LIBS" != "" ; then
- DO_ALL=tcl
-fi
-AC_SUBST(DO_ALL)
+
KRB5_AC_PRIOCNTL_HACK
-K5_GEN_FILE(kadmin/testing/scripts/env-setup.sh:kadmin/testing/scripts/env-setup.shin)
-# for lib/kadm5
-AC_CHECK_PROG(RUNTEST,runtest,runtest)
+
AC_CHECK_PROG(PERL,perl,perl)
# lib/gssapi
@@ -1552,7 +1528,7 @@ V5_AC_OUTPUT_MAKEFILE(.
lib/rpc lib/rpc/unit-test
- lib/kadm5 lib/kadm5/clnt lib/kadm5/srv lib/kadm5/unit-test
+ lib/kadm5 lib/kadm5/clnt lib/kadm5/srv
lib/krad
lib/apputils
@@ -1588,7 +1564,6 @@ V5_AC_OUTPUT_MAKEFILE(.
clients/kdestroy clients/kpasswd clients/ksu clients/kswitch
kadmin kadmin/cli kadmin/dbutil kadmin/ktutil kadmin/server
- kadmin/testing kadmin/testing/scripts kadmin/testing/util
appl
appl/sample appl/sample/sclient appl/sample/sserver
diff --git a/src/kadmin/Makefile.in b/src/kadmin/Makefile.in
index f4061f4f7..87cfa43fd 100644
--- a/src/kadmin/Makefile.in
+++ b/src/kadmin/Makefile.in
@@ -1,6 +1,6 @@
mydir=kadmin
BUILDTOP=$(REL)..
-SUBDIRS = cli dbutil ktutil server testing
+SUBDIRS = cli dbutil ktutil server
all:
diff --git a/src/kadmin/testing/Makefile.in b/src/kadmin/testing/Makefile.in
deleted file mode 100644
index 5b803cb23..000000000
--- a/src/kadmin/testing/Makefile.in
+++ /dev/null
@@ -1,8 +0,0 @@
-mydir=kadmin$(S)testing
-BUILDTOP=$(REL)..$(S)..
-SUBDIRS = scripts util
-
-all:
-
-clean:
- -$(RM) -r krb5-test-root admin_* init-* *.rcache2 ovsec-*
diff --git a/src/kadmin/testing/deps b/src/kadmin/testing/deps
deleted file mode 100644
index 2feac3c9d..000000000
--- a/src/kadmin/testing/deps
+++ /dev/null
@@ -1 +0,0 @@
-# No dependencies here.
diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto
deleted file mode 100644
index 8a4b87de1..000000000
--- a/src/kadmin/testing/proto/kdc.conf.proto
+++ /dev/null
@@ -1,16 +0,0 @@
-[kdcdefaults]
- kdc_listen = 1750
- kdc_tcp_listen = 1750
-
-[realms]
- __REALM__ = {
- profile = __K5ROOT__/krb5.conf
- database_name = __K5ROOT__/kdb5
- key_stash_file = __K5ROOT__/.k5.__REALM__
- acl_file = __K5ROOT__/ovsec_adm.acl
- dict_file = __K5ROOT__/ovsec_adm.dict
- kadmind_port = 1751
- kpasswd_port = 1752
- master_key_type = des3-hmac-sha1
- supported_enctypes = des3-hmac-sha1:normal aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
- }
diff --git a/src/kadmin/testing/proto/krb5.conf.proto b/src/kadmin/testing/proto/krb5.conf.proto
deleted file mode 100644
index a1c57119c..000000000
--- a/src/kadmin/testing/proto/krb5.conf.proto
+++ /dev/null
@@ -1,32 +0,0 @@
-[libdefaults]
- default_realm = __REALM__
- default_keytab_name = FILE:__K5ROOT__/keytab
- dns_fallback = no
- dns_canonicalize_hostname = fallback
- qualify_shortname = ""
- plugin_base_dir = __PLUGIN_DIR__
- allow_weak_crypto = true
-
-[realms]
- __REALM__ = {
- kdc = __HOSTNAME__:1750
- admin_server = __HOSTNAME__:1751
- database_module = foobar_db2_module_blah
- }
-
-[domain_realm]
- __HOSTNAME__ = __REALM__
-
-[logging]
- admin_server = FILE:__K5ROOT__/syslog
- kdc = FILE:__K5ROOT__/syslog
- default = FILE:__K5ROOT__/syslog
-
-
-# THIS SHOULD BE IN KDC.CONF INSTEAD!
-[dbmodules]
- db_module_dir = __MODDIR__
- foobar_db2_module_blah = {
- db_library = db2
- database_name = __K5ROOT__/kdb5
- }
diff --git a/src/kadmin/testing/proto/ovsec_adm.dict b/src/kadmin/testing/proto/ovsec_adm.dict
deleted file mode 100644
index b54e3a85e..000000000
--- a/src/kadmin/testing/proto/ovsec_adm.dict
+++ /dev/null
@@ -1,3 +0,0 @@
-Abyssinia
-Discordianism
-foo
diff --git a/src/kadmin/testing/scripts/Makefile.in b/src/kadmin/testing/scripts/Makefile.in
deleted file mode 100644
index 635930511..000000000
--- a/src/kadmin/testing/scripts/Makefile.in
+++ /dev/null
@@ -1,18 +0,0 @@
-mydir=kadmin$(S)testing$(S)scripts
-BUILDTOP=$(REL)..$(S)..$(S)..
-
-all: env-setup.sh runenv.sh $(GEN_SCRIPTS)
-
-# Should only rebuild env_setup.sh here (use CONFIG_FILES=), but the weird krb5
-# makefile post-processing is unconditional and would trash the makefile.
-env-setup.sh: env-setup.stamp
-env-setup.stamp: $(srcdir)/env-setup.shin $(BUILDTOP)/config.status \
- Makefile
- (cd $(BUILDTOP) && \
- CONFIG_FILES=$(mydir)/env-setup.sh:$(mydir)/env-setup.shin $(SHELL) \
- config.status)
- chmod +x env-setup.sh
- touch env-setup.stamp
-
-clean:
- -rm -f env-setup.sh env-setup.stamp
diff --git a/src/kadmin/testing/scripts/deps b/src/kadmin/testing/scripts/deps
deleted file mode 100644
index 2feac3c9d..000000000
--- a/src/kadmin/testing/scripts/deps
+++ /dev/null
@@ -1 +0,0 @@
-# No dependencies here.
diff --git a/src/kadmin/testing/scripts/env-setup.shin b/src/kadmin/testing/scripts/env-setup.shin
deleted file mode 100755
index 88f8ad1aa..000000000
--- a/src/kadmin/testing/scripts/env-setup.shin
+++ /dev/null
@@ -1,104 +0,0 @@
-#!/bin/sh
-#
-# The KADM5 unit tests were developed to work under gmake. As a
-# result, they expect to inherit a number of environment variables.
-# Rather than rewrite the tests, we simply use this script as an
-# execution wrapper that sets all the necessary environment variables
-# before running the program specified on its command line.
-#
-# The variable settings all came from OV's config.mk.
-#
-# Usage: env-setup.sh <command line>
-#
-
-TOP=@RBUILD@/kadmin
-STOP=@S_TOP@/kadmin
-export TOP
-export STOP
-# These two may be needed in case $libdir references them.
-prefix=@prefix@
-exec_prefix=@exec_prefix@
-libdir=@libdir@ ; eval "libdir=$libdir"; export libdir
-
-# The shared library run time setup
-TOPLIBD=@RBUILD@/lib
-PROG_LIBPATH=-L@RBUILD@/lib
-BUILDTOP=@RBUILD@
-# XXX kludge!
-PROG_RPATH=@RBUILD@/lib
-# This converts $(TOPLIBD) to $TOPLIBD
-cat > /tmp/env_setup$$ <<\EOF
-@KRB5_RUN_ENV@
-EOF
-
-foo=`sed -e 's/(//g' -e 's/)//g' -e 's/\\\$\\\$/\$/g' /tmp/env_setup$$`
-eval $foo
-export @KRB5_RUN_VARS@
-
-# This will get put in setup.csh for convenience
-KRB5_RUN_ENV_CSH=`eval echo "$foo" | \
- sed -e 's/\([^=]*\)=\(.*\)/setenv \1 \2/g'`
-export KRB5_RUN_ENV_CSH
-rm /tmp/env_setup$$
-
-TESTDIR=$TOP/testing; export TESTDIR
-STESTDIR=$STOP/testing; export STESTDIR
-if [ "$K5ROOT" = "" ]; then
- K5ROOT="`cd $TESTDIR; pwd`/krb5-test-root"
- export K5ROOT
-fi
-
-# If $VERBOSE_TEST is non-null, enter verbose mode. Set $VERBOSE to
-# true or false so its exit status identifies the mode.
-if test x$VERBOSE_TEST = x; then
- VERBOSE=false
-else
- VERBOSE=true
-fi
-export VERBOSE
-
-REALM=SECURE-TEST.OV.COM; export REALM
-
-if test x$EXPECT = x; then
- EXPECT=@EXPECT@; export EXPECT
-fi
-
-COMPARE_DUMP=$TESTDIR/scripts/compare_dump.pl; export COMPARE_DUMP
-INITDB=$STESTDIR/scripts/init_db; export INITDB
-SIMPLE_DUMP=$TESTDIR/scripts/simple_dump.pl; export SIMPLE_DUMP
-TCLUTIL=$STESTDIR/tcl/util.t; export TCLUTIL
-BSDDB_DUMP=$TESTDIR/util/bsddb_dump; export BSDDB_DUMP
-CLNTTCL=$TESTDIR/util/kadm5_clnt_tcl; export CLNTTCL
-SRVTCL=$TESTDIR/util/kadm5_srv_tcl; export SRVTCL
-
-HOSTNAME=`hostname | tr '[A-Z]' '[a-z]'`
-export HOSTNAME
-
-KRB5_CONFIG=$K5ROOT/krb5.conf; export KRB5_CONFIG
-KRB5_KDC_PROFILE=$K5ROOT/kdc.conf; export KRB5_KDC_PROFILE
-KRB5_KTNAME=$K5ROOT/ovsec_adm.keytab; export KRB5_KTNAME
-KRB5_CLIENT_KTNAME=$K5ROOT/client_keytab; export KRB5_CLIENT_KTNAME
-KRB5CCNAME=$K5ROOT/krb5cc_unit-test; export KRB5CCNAME
-GSS_MECH_CONFIG=$K5ROOT/mech.conf; export GSS_MECH_CONFIG
-
-# Make sure we don't get confused by translated messages
-# or localized times.
-LC_ALL=C; export LC_ALL
-
-if [ "x$PS_ALL" = "x" ]; then
- if ps auxww >/dev/null 2>&1; then
- PS_ALL="ps auxww"
- PS_PID="ps uwwp"
- elif ps -ef >/dev/null 2>&1; then
- PS_ALL="ps -ef"
- PS_PID="ps -fp"
- else
- PS_ALL="ps auxww"
- PS_PID="ps uwwp"
- echo "WARNING! Cannot auto-detect ps type, assuming BSD."
- fi
-
- export PS_ALL PS_PID
-fi
-
-exec ${1+"$@"}
diff --git a/src/kadmin/testing/scripts/init_db b/src/kadmin/testing/scripts/init_db
deleted file mode 100755
index 216f62793..000000000
--- a/src/kadmin/testing/scripts/init_db
+++ /dev/null
@@ -1,229 +0,0 @@
-#!/bin/sh
-
-if $VERBOSE; then
- REDIRECT=
-else
- REDIRECT='>/dev/null'
-fi
-
-# Requires that $K5ROOT, /etc/krb.conf, and .k5.$REALM be world-writeable.
-
-if [ "$TOP" = "" ]; then
- echo "init_db: Environment variable \$TOP must point to top of build tree" 1>&2
- exit 1
-fi
-
-if [ "$STOP" = "" ]; then
- echo "init_db: Environment variable \$STOP must point to top of source tree" 1>&2
- exit 1
-fi
-
-if [ "$libdir" = "" ]; then
- echo "init_db: Environment variable \$libdir must point to library install directory" 1>&2
- exit 1
-fi
-
-IROOT=$TOP/..
-ADMIN=$TOP/dbutil
-BIN=$IROOT/bin
-ETC=$IROOT/etc
-MODDIR=$TOP/../plugins/kdb
-SBIN=$TOP/keytab:$TOP/server
-DUMMY=${REALM=SECURE-TEST.OV.COM}; export REALM
-
-. ./runenv.sh
-
-if [ ! -d $MODDIR ]; then
- echo "+++" 1>&2
- echo "+++ Error! $MODDIR does not exist!" 1>&2
- echo "+++ The MODDIR variable should point to the directory in which" 1>&2
- echo "+++ database modules have been installed for testing." 1>&2
- echo "+++" 1>&2
- exit 1
-fi
-
-DUMMY=${TESTDIR=$TOP/testing}; export TESTDIR
-DUMMY=${STESTDIR=$STOP/testing}
-DUMMY=${SRVTCL=$TESTDIR/util/kadm5_srv_tcl}; export SRVTCL
-DUMMY=${TCLUTIL=$STESTDIR/tcl/util.t}; export TCLUTIL
-
-PATH=$ADMIN:$BIN:$ETC:$SBIN:$PATH; export PATH
-
-if [ ! -x $SRVTCL ]; then
- echo "+++" 1>&2
- echo "+++ Error! $SRVTCL does not exist!" 1>&2
- echo "+++ It was probably not compiled because TCL was not available. If you" 1>&2
- echo "+++ now have TCL installed, cd into that directory, re-run configure" 1>&2
- echo "+++ with the --with-tcl option, and then re-run make." 1>&2
- echo "+++" 1>&2
-
- exit 1
-fi
-
-rm -rf $K5ROOT/*
-if [ -d $K5ROOT ]; then
- true
-else
- mkdir $K5ROOT
-fi
-
-# touch $K5ROOT/syslog
-# for pid in `$PS_ALL | awk '/syslogd/ && !/awk/ {print $2}'` ; do
-# case "$pid" in
-# xxx) ;;
-# *)
-# if $VERBOSE; then $PS_PID$pid | grep -v COMMAND; fi
-# kill -1 $pid
-# ;;
-# esac
-# done
-
-sed -e "s/__REALM__/$REALM/g" -e "s#__K5ROOT__#$K5ROOT#g" \
- -e "s/__HOSTNAME__/$HOSTNAME/g" \
- -e "s#__MODDIR__#$MODDIR#g" \
- < $STESTDIR/proto/krb5.conf.proto > $K5ROOT/krb5.conf
-sed -e "s/__REALM__/$REALM/g" -e "s#__K5ROOT__#$K5ROOT#g" \
- < $STESTDIR/proto/kdc.conf.proto > $K5ROOT/kdc.conf
-
-eval kdb5_util -r $REALM create -W -P mrroot -s $REDIRECT || exit 1
-
-cp $STESTDIR/proto/ovsec_adm.dict $K5ROOT/ovsec_adm.dict
-
-cat - > /tmp/init_db$$ <<\EOF
-source $env(TCLUTIL)
-set r $env(REALM)
-if {[info exists env(USER)]} {
- set whoami $env(USER)
-} else {
- set whoami [exec whoami]
-}
-
-set cmds {
- {kadm5_init $env(SRVTCL) mrroot null \
- [config_params {KADM5_CONFIG_REALM} $r] $KADM5_STRUCT_VERSION \
- $KADM5_API_VERSION_3 server_handle}
-
- {kadm5_create_policy $server_handle "test-pol 0 10000 8 2 3 0 2 90 180" \
- {KADM5_POLICY KADM5_PW_MIN_LENGTH KADM5_PW_MIN_CLASSES KADM5_PW_MAX_LIFE KADM5_PW_HISTORY_NUM KADM5_PW_MAX_FAILURE KADM5_PW_FAILURE_COUNT_INTERVAL KADM5_PW_LOCKOUT_DURATION}}
- {kadm5_create_policy $server_handle "once-a-min 10 0 0 0 0 0 0 0 0" \
- {KADM5_POLICY KADM5_PW_MIN_LIFE}}
- {kadm5_create_policy $server_handle "dict-only 0 0 0 0 0 0 0 0 0" \
- {KADM5_POLICY}}
- {kadm5_create_policy $server_handle [simple_policy test-pol-nopw] \
- {KADM5_POLICY}}
-
- {kadm5_create_principal $server_handle \
- [simple_principal testuser@$r] {KADM5_PRINCIPAL} notathena}
- {kadm5_create_principal $server_handle \
- [simple_principal test1@$r] {KADM5_PRINCIPAL} test1}
- {kadm5_create_principal $server_handle \
- [simple_principal test2@$r] {KADM5_PRINCIPAL} test2}
- {kadm5_create_principal $server_handle \
- [simple_principal test3@$r] {KADM5_PRINCIPAL} test3}
- {kadm5_create_principal $server_handle \
- [simple_principal admin@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/get@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/modify@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/delete@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/add@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/none@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/rename@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/mod-add@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/mod-delete@$r] {KADM5_PRINCIPAL} \
- admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/get-add@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/get-delete@$r] {KADM5_PRINCIPAL} \
- admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/get-mod@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/no-add@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [simple_principal admin/no-delete@$r] {KADM5_PRINCIPAL} admin}
- {kadm5_create_principal $server_handle \
- [princ_w_pol pol1@$r test-pol] {KADM5_PRINCIPAL \
- KADM5_POLICY} pol111111}
- {kadm5_create_principal $server_handle \
- [princ_w_pol pol2@$r once-a-min] {KADM5_PRINCIPAL \
- KADM5_POLICY} pol222222}
- {kadm5_create_principal $server_handle \
- [princ_w_pol pol3@$r dict-only] {KADM5_PRINCIPAL \
- KADM5_POLICY} pol333333}
- {kadm5_create_principal $server_handle \
- [princ_w_pol admin/get-pol@$r test-pol-nopw] \
- {KADM5_PRINCIPAL KADM5_POLICY} StupidAdmin}
- {kadm5_create_principal $server_handle \
- [princ_w_pol admin/pol@$r test-pol-nopw] {KADM5_PRINCIPAL \
- KADM5_POLICY} StupidAdmin}
-
- {kadm5_create_principal $server_handle \
- [simple_principal changepw/kerberos] \
- {KADM5_PRINCIPAL} {XXX THIS IS WRONG}}
-
- {kadm5_create_principal $server_handle \
- [simple_principal $whoami] \
- {KADM5_PRINCIPAL} $whoami}
-
- {kadm5_create_principal $server_handle \
- [simple_principal testkeys@$r] {KADM5_PRINCIPAL} testkeys}
-
- {kadm5_destroy $server_handle}
-}
-
-foreach cmd $cmds {
- if {[catch $cmd output]} {
- puts stderr "Error! Command: $cmd\nError: $output"
- exit 1
- } else {
- puts stdout $output
- }
-}
-EOF
-eval "$SRVTCL < /tmp/init_db$$ $REDIRECT"
-rm /tmp/init_db$$
-
-if [ $? -ne 0 ]; then
- echo "Error in $SRVTCL!" 1>&2
- exit 1
-fi
-
-cat > $K5ROOT/ovsec_adm.acl <<EOF
-admin@$REALM admcilse
-admin/get@$REALM il
-admin/modify@$REALM mc
-admin/delete@$REALM d
-admin/add@$REALM a
-admin/get-pol@$REALM il
-admin/rename@$REALM adil
-admin/mod-add@$REALM amc
-admin/mod-delete@$REALM mcd
-admin/get-add@$REALM ail
-admin/get-delete@$REALM ild
-admin/get-mod@$REALM ilmc
-admin/no-add@$REALM mcdil
-admin/no-delete@$REALM amcil
-changepw/kerberos@$REALM cil
-
-EOF
-
-# Create $K5ROOT/setup.csh to make it easy to run other programs against
-# the test db
-cat > $K5ROOT/setup.csh <<EOF
-setenv KRB5_CONFIG $KRB5_CONFIG
-setenv KRB5_KDC_PROFILE $KRB5_KDC_PROFILE
-setenv KRB5_KTNAME $KRB5_KTNAME
-setenv KRB5_CLIENT_KTNAME $KRB5_CLIENT_KTNAME
-setenv GSS_MECH_CONFIG $GSS_MECH_CONFIG
-$KRB5_RUN_ENV_CSH
-EOF
-
diff --git a/src/kadmin/testing/scripts/start_servers b/src/kadmin/testing/scripts/start_servers
deleted file mode 100755
index 05519e4ee..000000000
--- a/src/kadmin/testing/scripts/start_servers
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/bin/sh
-#
-# Usage: start_servers [hostname [path]]
-#
-# This script turns a host into a OpenV*Secure primary server for the
-# realm SECURE-TEST.OV.COM. If no arguments are specified,
-# the local host is affected. Otherwise, the host hostname is
-# affected; the path argument is the top of the Secure install tree on
-# that host, and if it is not specified the current canonical value of
-# TOP is used.
-
-DUMMY=${TESTDIR=$TOP/testing}
-DUMMY=${STESTDIR=$STOP/testing}
-DUMMY=${START_SERVERS_LOCAL=$STESTDIR/scripts/start_servers_local}
-# This'll be wrong sometimes
-DUMMY=${RSH_CMD=rsh}
-
-local=1
-
-if [ $# -gt 0 ]; then
- if [ $# != 1 -a $# != 2 ]; then
- echo "Usage: $0 [hostname [path]]" 1>&2
- exit 1
- fi
-
- local=0
- hostname=$1
- if [ $# = 1 ]; then
- rempath=`sh -c "cd $TOP && pwd"`
- else
- rempath=$2
- fi
-fi
-
-if [ $local = 0 ]; then
-
- # Fix up the local krb5.conf to point to the remote
- sed -e "s/__REALM__/$REALM/g" -e "s#__K5ROOT__#$K5ROOT#g" \
- -e "s/__HOSTNAME__/$HOSTNAME/g" \
- -e "s#__MODDIR__#$TOP/../plugins/kdb#g"\
- -e "s#__PLUGIN_DIR__#$TOP/../plugins#g"\
- < $STESTDIR/proto/krb5.conf.proto > $K5ROOT/krb5.conf
-
-# Using /usr/ucb/rsh and getting rid of "-k $REALM" until we get
-# around to fixing the fact that Kerberos rsh doesn't strip out "-k
-# REALM" when falling back.
-
- START_SERVERS_LOCAL=`echo $START_SERVERS_LOCAL|sed "s%$TOP%$rempath%"`
- CMD="$RSH_CMD $hostname -n \
- \"sh -c 'VERBOSE_TEST=$VERBOSE_TEST TOP=$rempath \
- $rempath/testing/scripts/env-setup.sh \
- $START_SERVERS_LOCAL $rempath'\""
-
- if $VERBOSE; then
- echo "+++"
- echo "+++ Begin execution of start_servers_local on $hostname"
- echo "+++"
- echo $CMD
- fi
- eval $CMD
- if $VERBOSE; then
- echo "+++"
- echo "+++ End execution of start_servers_local on $hostname"
- echo "+++"
- fi
-else
- $START_SERVERS_LOCAL
-fi
-
diff --git a/src/kadmin/testing/scripts/start_servers_local b/src/kadmin/testing/scripts/start_servers_local
deleted file mode 100755
index 858e88031..000000000
--- a/src/kadmin/testing/scripts/start_servers_local
+++ /dev/null
@@ -1,157 +0,0 @@
-#!/bin/sh
-
-DUMMY=${TESTDIR=$TOP/testing}
-DUMMY=${STESTDIR=$STOP/testing}
-DUMMY=${INITDB=$STESTDIR/scripts/init_db}
-DUMMY=${SRVTCL=$TESTDIR/util/kadm5_srv_tcl}; export SRVTCL
-DUMMY=${STOP_SERVERS_LOCAL=$STESTDIR/scripts/stop_servers_local}
-DUMMY=${KRB5RCACHEDIR=$TESTDIR} ; export KRB5RCACHEDIR
-
-. ./runenv.sh
-
-if [ -d /usr/tmp ]; then
- usrtmp=/usr/tmp
-else
- usrtmp=/var/tmp
-fi
-
-$STOP_SERVERS_LOCAL -start_servers
-
-if $VERBOSE; then
- REDIRECT=
-else
- REDIRECT='>/dev/null'
-fi
-
-while :; do
- case $1 in
- -keysalt)
- shift
- if [ $# -gt 0 ]; then
- keysalts="$keysalts $1"
- else
- break
- fi
- ;;
- -kdcport)
- shift
- if [ $# -gt 0 ]; then
- kdcport=$1
- else
- break
- fi
- ;;
- *)
- break
- ;;
- esac
- shift
-done
-
-if [ $# -gt 1 ]; then
- echo "Usage: $0 [-kdcport port] [-keysalts tuple] ... [top]" 1>&2
- exit 1
-elif [ $# = 1 ]; then
- TOP=$1
- export TOP
-fi
-
-# create a fresh db
-
-$INITDB "$keysalts" || exit 1
-
-# Post-process the config files based on our arguments
-if [ "$keysalts" != "" ]; then
- sedcmd="s/\([ ]*supported_enctypes =\).*/\1 $keysalts/"
- sed -e "$sedcmd" < $K5ROOT/kdc.conf > $K5ROOT/kdc.conf.new
- mv $K5ROOT/kdc.conf.new $K5ROOT/kdc.conf
-fi
-if [ "$kdcport" != "" ] ; then
- sedcmd="s/\(kdc_ports = .*\)[ ]*/\1, $kdcport/"
- sed -e "$sedcmd" < $K5ROOT/kdc.conf > $K5ROOT/kdc.conf.new
- mv $K5ROOT/kdc.conf.new $K5ROOT/kdc.conf
-fi
-
-# allow admin to krlogin as root (for cleanup)
-DUMMY=${REALM=SECURE-TEST.OV.COM}; export REALM
-
-cat - > /tmp/start_servers_local$$ <<\EOF
-if { [catch {
- source $env(STOP)/testing/tcl/util.t
- set r $env(REALM)
- set q $env(HOSTNAME)
- puts stdout [kadm5_init $env(SRVTCL) mrroot null \
- [config_params {KADM5_CONFIG_REALM} $r] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 server_handle]
- puts stdout [kadm5_create_principal $server_handle \
- [simple_principal host/$q@$r] {KADM5_PRINCIPAL} notathena]
- puts stdout [kadm5_destroy $server_handle]
-} err]} {
- puts stderr "initialization error: $err"
- exit 1
-}
-exit 0
-EOF
-eval "$SRVTCL < /tmp/start_servers_local$$ $REDIRECT"
-x=$?
-rm /tmp/start_servers_local$$
-if test $x != 0 ; then exit 1 ; fi
-
-# run the servers (from the build tree)
-
-adm_start_file=/tmp/adm_server_start.$$
-kdc_start_file=/tmp/kdc_server_start.$$
-
-rm -f $kdc_start_file
-
-if test "x$USER" = x ; then
- USER=$LOGNAME ; export USER
-fi
-
-kdc_args="-R dfl:kdc_rcache.$USER"
-
-(trap "" 2; $TOP/../kdc/krb5kdc $kdc_args; touch $kdc_start_file) \
- < /dev/null > $usrtmp/kdc-log.$USER 2>&1 &
-
-s=1
-max_s=60
-sofar_s=0
-timewait_s=300
-
-ovadm_args=-W
-
-rm -f $adm_start_file
-
-(sleep 1; $TOP/server/kadmind $ovadm_args; \
- touch $adm_start_file) < /dev/null > $usrtmp/kadm-log.$USER 2>&1 &
-
-# wait until they start
-
-while [ $sofar_s -le $max_s ]; do
- if $VERBOSE; then
- echo "Sleeping for $s seconds to allow servers" \
- "to start..."
- fi
-
- sofar_s=`expr $sofar_s + $s`
-
- sleep $s
-
- if [ -f $adm_start_file -a -f $kdc_start_file ]; then
- break
- fi
-done
-
-if [ $sofar_s -gt $max_s ]; then
- echo "Admin server or KDC failed to start after $sofar_s" \
- "seconds." 1>&2
- if [ ! -f $adm_start_file ]; then
- echo " No admin server start file $adm_start_file." 1>&2
- fi
- if [ ! -f $kdc_start_file ]; then
- echo " No KDC start file $adm_start_file." 1>&2
- fi
- exit 1
-fi
-
-rm -f $kdc_start_file $adm_start_file
diff --git a/src/kadmin/testing/scripts/stop_servers b/src/kadmin/testing/scripts/stop_servers
deleted file mode 100755
index b7f8384ca..000000000
--- a/src/kadmin/testing/scripts/stop_servers
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/bin/sh
-#
-# Usage: stop_servers [hostname [path]]
-#
-# This script turns a host into a OpenV*Secure primary server for the
-# realm SECURE-TEST.OV.COM. If no arguments are specified,
-# the local host is affected. Otherwise, the host hostname is
-# affected; the path argument is the top of the Secure install tree on
-# that host, and if it is not specified the current canonical value of
-# TOP is used.
-
-DUMMY=${TESTDIR=$TOP/testing}
-DUMMY=${STESTDIR=$STOP/testing}
-DUMMY=${STOP_SERVERS_LOCAL=$STESTDIR/scripts/stop_servers_local}
-# This'll be wrong sometimes
-DUMMY=${RSH_CMD=rsh}
-
-local=1
-
-if [ $# -gt 0 ]; then
- if [ $# != 1 -a $# != 2 ]; then
- echo "Usage: $0 [hostname [path]]" 1>&2
- exit 1
- fi
-
- local=0
- hostname=$1
- if [ $# = 1 ]; then
- rempath=`sh -c "cd $TOP && pwd"`
- else
- rempath=$2
- fi
-fi
-
-if [ $local = 0 ]; then
- if $VERBOSE; then
- echo "+++ Stopping servers on remote host $hostname..."
- fi
-
- STOP_SERVERS_LOCAL=`echo $STOP_SERVERS_LOCAL | sed "s%$TOP%$rempath%"`
- CMD="$RSH_CMD $hostname -n \
- \"sh -c 'VERBOSE_TEST=$VERBOSE_TEST TOP=$rempath \
- $rempath/testing/scripts/env-setup.sh \
- $STOP_SERVERS_LOCAL $rempath'\""
-
- if $VERBOSE; then
- echo "+++"
- echo "+++ Begin execution of stop_servers_local on $hostname"
- echo "+++"
- echo $CMD
- fi
- eval $CMD
- if $VERBOSE; then
- echo "+++"
- echo "+++ End execution of stop_servers_local on $hostname"
- echo "+++"
- fi
-else
- $STOP_SERVERS_LOCAL
-fi
diff --git a/src/kadmin/testing/scripts/stop_servers_local b/src/kadmin/testing/scripts/stop_servers_local
deleted file mode 100755
index 24a9de7b3..000000000
--- a/src/kadmin/testing/scripts/stop_servers_local
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-DUMMY=${TESTDIR=$TOP/testing}
-DUMMY=${KRB5RCACHEDIR=$TESTDIR}
-
-while [ $# -gt 0 ] ; do
- case $1 in
- -start_servers)
- start_servers=$1
- ;;
- *)
- TOP=$1
- export TOP
- ;;
- esac
- shift
-done
-
-# kill any running servers.
-
-if $VERBOSE; then echo "Killing servers:"; fi
-
-for pid in xxx \
- `$PS_ALL | grep krb5kdc | grep -v grep | awk '{print $2}'` \
- `$PS_ALL | grep kadmind | grep -v grep | awk '{print $2}'` \
- ; do
- case "$pid" in
- xxx)
- ;;
- *)
- if $VERBOSE; then $PS_PID$pid | grep -v COMMAND; fi
- kill $pid
- ;;
- esac
-done
-
-# Destroy the kdc replay cache so we don't lose if we try to run the
-# KDC as another unix user.
-if test "x$USER" = x ; then
- USER=$LOGNAME
-fi
-rm -f $KRB5RCACHEDIR/krb5kdc_rcache.$USER
-
-exit 0
diff --git a/src/kadmin/testing/tcl/util.t b/src/kadmin/testing/tcl/util.t
deleted file mode 100644
index 6751f89e6..000000000
--- a/src/kadmin/testing/tcl/util.t
+++ /dev/null
@@ -1,58 +0,0 @@
-proc simple_principal {name} {
- return "{$name} 0 0 0 0 {$name} 0 0 0 0 null 0"
-}
-
-proc princ_w_pol {name policy} {
- return "{$name} 0 0 0 0 {$name} 0 0 0 0 {$policy} 0"
-}
-
-proc simple_policy {name} {
- return "{$name} 0 0 0 0 0 0 0 0 0"
-}
-
-proc config_params {masks values} {
- if {[llength $masks] != [llength $values]} {
- error "config_params: length of mask and values differ"
- }
-
- set params [list $masks 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 {}]
- for {set i 0} {$i < [llength $masks]} {incr i} {
- set mask [lindex $masks $i]
- set value [lindex $values $i]
- switch -glob -- $mask {
- "KADM5_CONFIG_REALM" {set params [lreplace $params 1 1 $value]}
- "KADM5_CONFIG_KADMIND_PORT" {
- set params [lreplace $params 2 2 $value]}
- "KADM5_CONFIG_ADMIN_SERVER" {
- set params [lreplace $params 3 3 $value]}
- "KADM5_CONFIG_DBNAME" {set params [lreplace $params 4 4 $value]}
- "KADM5_CONFIG_ADBNAME" {set params [lreplace $params 5 5 $value]}
- "KADM5_CONFIG_ADB_LOCKFILE" {
- set params [lreplace $params 6 6 $value]}
- "KADM5_CONFIG_ACL_FILE" {set params [lreplace $params 8 8 $value]}
- "KADM5_CONFIG_DICT_FILE" {
- set params [lreplace $params 9 9 $value]}
- "KADM5_CONFIG_MKEY_FROM_KBD" {
- set params [lreplace $params 10 10 $value]}
- "KADM5_CONFIG_STASH_FILE" {
- set params [lreplace $params 11 11 $value]}
- "KADM5_CONFIG_MKEY_NAME" {
- set params [lreplace $params 12 12 $value]}
- "KADM5_CONFIG_ENCTYPE" {set params [lreplace $params 13 13 $value]}
- "KADM5_CONFIG_MAX_LIFE" {
- set params [lreplace $params 14 14 $value]}
- "KADM5_CONFIG_MAX_RLIFE" {
- set params [lreplace $params 15 15 $value]}
- "KADM5_CONFIG_EXPIRATION" {
- set params [lreplace $params 16 16 $value]}
- "KADM5_CONFIG_FLAGS" {set params [lreplace $params 17 17 $value]}
- "KADM5_CONFIG_ENCTYPES" {
- set params [lreplace $params 18 19 [llength $value] $value]}
- "*" {error "config_params: unknown mask $mask"}
- }
- }
- return $params
-}
-
-
-
diff --git a/src/kadmin/testing/util/Makefile.in b/src/kadmin/testing/util/Makefile.in
deleted file mode 100644
index 7785c742e..000000000
--- a/src/kadmin/testing/util/Makefile.in
+++ /dev/null
@@ -1,42 +0,0 @@
-mydir=kadmin$(S)testing$(S)util
-BUILDTOP=$(REL)..$(S)..$(S)..
-LOCALINCLUDES = $(TCL_INCLUDES) -I$(BUILDTOP)/lib/kdb/
-# Force Tcl headers to use stdarg.h, because krb5 does too, and if
-# Tcl uses varargs.h it'll just mess things up.
-DEFINES= -DHAS_STDARG
-KRB5_PTHREAD_LIB=$(THREAD_LINKOPTS)
-
-PROG_LIBPATH=-L$(TOPLIBD) $(TCL_LIBPATH)
-PROG_RPATH=$(KRB5_LIBDIR)$(TCL_RPATH)
-
-SRCS = $(srcdir)/tcl_kadm5.c $(srcdir)/test.c
-OBJS = tcl_kadm5.o test.o
-
-CLNTPROG= kadm5_clnt_tcl
-SRVPROG = kadm5_srv_tcl
-
-DO_ALL=@DO_ALL@
-
-all: all-$(DO_ALL)
-
-all-:
- @echo "+++"
- @echo "+++ WARNING: Tcl not available. The kadm5 tests will not be run."
- @echo "+++"
- @echo 'Skipped kadm5 tests: Tcl not found' >> $(SKIPTESTS)
-
-all-tcl: $(CLNTPROG) $(SRVPROG)
-
-$(SRVPROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o $(SRVPROG) $(OBJS) $(TCL_MAYBE_RPATH) \
- $(KADMSRV_LIBS) $(KRB5_PTHREAD_LIB) $(KRB5_BASE_LIBS) $(TCL_LIBS)
-
-$(CLNTPROG): $(OBJS) $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o $(CLNTPROG) $(OBJS) $(TCL_MAYBE_RPATH) \
- $(KRB5_PTHREAD_LIB) $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS) $(TCL_LIBS)
-
-bsddb_dump: bsddb_dump.o
- $(CC_LINK) -o bsddb_dump bsddb_dump.o $(KADMSRV_LIBS)
-
-clean:
- $(RM) $(CLNTPROG) $(SRVPROG)
diff --git a/src/kadmin/testing/util/bsddb_dump.c b/src/kadmin/testing/util/bsddb_dump.c
deleted file mode 100644
index 5dbe7ae9c..000000000
--- a/src/kadmin/testing/util/bsddb_dump.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * $Id$
- */
-
-#include <sys/file.h>
-#include <fcntl.h>
-#include <db.h>
-#include <stdio.h>
-
-main(int argc, char *argv[])
-{
- char *file;
- DB *db;
- DBT dbkey, dbdata;
- int code, i;
-
- HASHINFO info;
-
- info.hash = NULL;
- info.bsize = 256;
- info.ffactor = 8;
- info.nelem = 25000;
- info.lorder = 0;
-
- if (argc != 2) {
- fprintf(stderr, "usage: argv[0] dbfile\n");
- exit(2);
- }
-
- file = argv[1];
-
- if((db = dbopen(file, O_RDWR, 0666, DB_HASH, &info)) == NULL) {
- perror("Opening db file");
- exit(1);
- }
-
- if ((code = (*db->seq)(db, &dbkey, &dbdata, R_FIRST)) == -1) {
- perror("starting db iteration");
- exit(1);
- }
-
- while (code == 0) {
- for (i=0; i<dbkey.size; i++)
- printf("%02x", (int) ((unsigned char *) dbkey.data)[i]);
- printf("\t");
- for (i=0; i<dbdata.size; i++)
- printf("%02x", (int) ((unsigned char *) dbdata.data)[i]);
- printf("\n");
-
- code = (*db->seq)(db, &dbkey, &dbdata, R_NEXT);
- }
-
- if (code == -1) {
- perror("during db iteration");
- exit(1);
- }
-
- if ((*db->close)(db) == -1) {
- perror("closing db");
- exit(1);
- }
-
- exit(0);
-}
diff --git a/src/kadmin/testing/util/deps b/src/kadmin/testing/util/deps
deleted file mode 100644
index ca828a85c..000000000
--- a/src/kadmin/testing/util/deps
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# Generated makefile dependencies follow.
-#
-$(OUTPRE)tcl_kadm5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
- $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
- $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/lib/kdb/adb_err.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
- $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
- $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
- $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
- $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
- $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \
- $(top_srcdir)/include/krb5.h tcl_kadm5.c tcl_kadm5.h
-$(OUTPRE)test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- tcl_kadm5.h test.c
diff --git a/src/kadmin/testing/util/tcl_kadm5.c b/src/kadmin/testing/util/tcl_kadm5.c
deleted file mode 100644
index 864a929c8..000000000
--- a/src/kadmin/testing/util/tcl_kadm5.c
+++ /dev/null
@@ -1,2566 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include "autoconf.h"
-#include <stdio.h>
-#include <string.h>
-#if HAVE_TCL_H
-#include <tcl.h>
-#elif HAVE_TCL_TCL_H
-#include <tcl/tcl.h>
-#endif
-#define USE_KADM5_API_VERSION 2
-#include <kadm5/admin.h>
-#include <com_err.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <adb_err.h>
-#include "tcl_kadm5.h"
-
-struct flagval {
- char *name;
- krb5_flags val;
-};
-
-/* XXX This should probably be in the hash table like server_handle */
-static krb5_context context;
-
-static struct flagval krb5_flags_array[] = {
- {"KRB5_KDB_DISALLOW_POSTDATED", KRB5_KDB_DISALLOW_POSTDATED},
- {"KRB5_KDB_DISALLOW_FORWARDABLE", KRB5_KDB_DISALLOW_FORWARDABLE},
- {"KRB5_KDB_DISALLOW_TGT_BASED", KRB5_KDB_DISALLOW_TGT_BASED},
- {"KRB5_KDB_DISALLOW_RENEWABLE", KRB5_KDB_DISALLOW_RENEWABLE},
- {"KRB5_KDB_DISALLOW_PROXIABLE", KRB5_KDB_DISALLOW_PROXIABLE},
- {"KRB5_KDB_DISALLOW_DUP_SKEY", KRB5_KDB_DISALLOW_DUP_SKEY},
- {"KRB5_KDB_DISALLOW_ALL_TIX", KRB5_KDB_DISALLOW_ALL_TIX},
- {"KRB5_KDB_REQUIRES_PRE_AUTH", KRB5_KDB_REQUIRES_PRE_AUTH},
- {"KRB5_KDB_REQUIRES_HW_AUTH", KRB5_KDB_REQUIRES_HW_AUTH},
- {"KRB5_KDB_REQUIRES_PWCHANGE", KRB5_KDB_REQUIRES_PWCHANGE},
- {"KRB5_KDB_DISALLOW_SVR", KRB5_KDB_DISALLOW_SVR},
- {"KRB5_KDB_PWCHANGE_SERVICE", KRB5_KDB_PWCHANGE_SERVICE}
-};
-
-static struct flagval aux_attributes[] = {
- {"KADM5_POLICY", KADM5_POLICY}
-};
-
-static struct flagval principal_mask_flags[] = {
- {"KADM5_PRINCIPAL", KADM5_PRINCIPAL},
- {"KADM5_PRINC_EXPIRE_TIME", KADM5_PRINC_EXPIRE_TIME},
- {"KADM5_PW_EXPIRATION", KADM5_PW_EXPIRATION},
- {"KADM5_LAST_PWD_CHANGE", KADM5_LAST_PWD_CHANGE},
- {"KADM5_ATTRIBUTES", KADM5_ATTRIBUTES},
- {"KADM5_MAX_LIFE", KADM5_MAX_LIFE},
- {"KADM5_MOD_TIME", KADM5_MOD_TIME},
- {"KADM5_MOD_NAME", KADM5_MOD_NAME},
- {"KADM5_KVNO", KADM5_KVNO},
- {"KADM5_MKVNO", KADM5_MKVNO},
- {"KADM5_AUX_ATTRIBUTES", KADM5_AUX_ATTRIBUTES},
- {"KADM5_POLICY", KADM5_POLICY},
- {"KADM5_POLICY_CLR", KADM5_POLICY_CLR},
- {"KADM5_MAX_RLIFE", KADM5_MAX_RLIFE},
- {"KADM5_LAST_SUCCESS", KADM5_LAST_SUCCESS},
- {"KADM5_LAST_FAILED", KADM5_LAST_FAILED},
- {"KADM5_FAIL_AUTH_COUNT", KADM5_FAIL_AUTH_COUNT},
- {"KADM5_KEY_DATA", KADM5_KEY_DATA},
- {"KADM5_TL_DATA", KADM5_TL_DATA},
- {"KADM5_PRINCIPAL_NORMAL_MASK", KADM5_PRINCIPAL_NORMAL_MASK}
-};
-
-static struct flagval policy_mask_flags[] = {
- {"KADM5_POLICY", KADM5_POLICY},
- {"KADM5_PW_MAX_LIFE", KADM5_PW_MAX_LIFE},
- {"KADM5_PW_MIN_LIFE", KADM5_PW_MIN_LIFE},
- {"KADM5_PW_MIN_LENGTH", KADM5_PW_MIN_LENGTH},
- {"KADM5_PW_MIN_CLASSES", KADM5_PW_MIN_CLASSES},
- {"KADM5_PW_HISTORY_NUM", KADM5_PW_HISTORY_NUM},
- {"KADM5_REF_COUNT", KADM5_REF_COUNT},
- {"KADM5_PW_MAX_FAILURE", KADM5_PW_MAX_FAILURE},
- {"KADM5_PW_FAILURE_COUNT_INTERVAL", KADM5_PW_FAILURE_COUNT_INTERVAL},
- {"KADM5_PW_LOCKOUT_DURATION", KADM5_PW_LOCKOUT_DURATION},
-};
-
-static struct flagval config_mask_flags[] = {
- {"KADM5_CONFIG_REALM", KADM5_CONFIG_REALM},
- {"KADM5_CONFIG_DBNAME", KADM5_CONFIG_DBNAME},
- {"KADM5_CONFIG_MKEY_NAME", KADM5_CONFIG_MKEY_NAME},
- {"KADM5_CONFIG_MAX_LIFE", KADM5_CONFIG_MAX_LIFE},
- {"KADM5_CONFIG_MAX_RLIFE", KADM5_CONFIG_MAX_RLIFE},
- {"KADM5_CONFIG_EXPIRATION", KADM5_CONFIG_EXPIRATION},
- {"KADM5_CONFIG_FLAGS", KADM5_CONFIG_FLAGS},
- {"KADM5_CONFIG_STASH_FILE", KADM5_CONFIG_STASH_FILE},
- {"KADM5_CONFIG_ENCTYPE", KADM5_CONFIG_ENCTYPE},
- {"KADM5_CONFIG_ADBNAME", KADM5_CONFIG_ADBNAME},
- {"KADM5_CONFIG_ADB_LOCKFILE", KADM5_CONFIG_ADB_LOCKFILE},
- {"KADM5_CONFIG_ACL_FILE", KADM5_CONFIG_ACL_FILE},
- {"KADM5_CONFIG_KADMIND_PORT", KADM5_CONFIG_KADMIND_PORT},
- {"KADM5_CONFIG_ENCTYPES", KADM5_CONFIG_ENCTYPES},
- {"KADM5_CONFIG_ADMIN_SERVER", KADM5_CONFIG_ADMIN_SERVER},
- {"KADM5_CONFIG_DICT_FILE", KADM5_CONFIG_DICT_FILE},
- {"KADM5_CONFIG_MKEY_FROM_KBD", KADM5_CONFIG_MKEY_FROM_KBD},
-};
-
-static struct flagval priv_flags[] = {
- {"KADM5_PRIV_GET", KADM5_PRIV_GET},
- {"KADM5_PRIV_ADD", KADM5_PRIV_ADD},
- {"KADM5_PRIV_MODIFY", KADM5_PRIV_MODIFY},
- {"KADM5_PRIV_DELETE", KADM5_PRIV_DELETE}
-};
-
-
-static char *arg_error = "wrong # args";
-
-static Tcl_HashTable *struct_table = 0;
-
-static int put_server_handle(Tcl_Interp *interp, void *handle, char **name)
-{
- int i = 1, newPtr = 0;
- static char buf[20];
- Tcl_HashEntry *entry;
-
- if (! struct_table) {
- if (! (struct_table =
- malloc(sizeof(*struct_table)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
- Tcl_InitHashTable(struct_table, TCL_STRING_KEYS);
- }
-
- do {
- sprintf(buf, "kadm5_handle%d", i);
- entry = Tcl_CreateHashEntry(struct_table, buf, &newPtr);
- i++;
- } while (! newPtr);
-
- Tcl_SetHashValue(entry, handle);
-
- *name = buf;
-
- return TCL_OK;
-}
-
-static int get_server_handle(Tcl_Interp *interp, const char *name,
- void **handle)
-{
- Tcl_HashEntry *entry;
-
- if(!strcasecmp(name, "null"))
- *handle = 0;
- else {
- if (! (struct_table &&
- (entry = Tcl_FindHashEntry(struct_table, name)))) {
- Tcl_AppendResult(interp, "unknown server handle ", name, 0);
- return TCL_ERROR;
- }
- *handle = (void *) Tcl_GetHashValue(entry);
- }
- return TCL_OK;
-}
-
-static int remove_server_handle(Tcl_Interp *interp, const char *name)
-{
- Tcl_HashEntry *entry;
-
- if (! (struct_table &&
- (entry = Tcl_FindHashEntry(struct_table, name)))) {
- Tcl_AppendResult(interp, "unknown server handle ", name, 0);
- return TCL_ERROR;
- }
-
- Tcl_SetHashValue(entry, NULL);
- return TCL_OK;
-}
-
-#define GET_HANDLE(num_args, ignored) \
- void *server_handle; \
- const char *whoami = argv[0]; \
- argv++, argc--; \
- if (argc != num_args + 1) { \
- Tcl_AppendResult(interp, whoami, ": ", arg_error, 0); \
- return TCL_ERROR; \
- } \
- { \
- int ltcl_ret; \
- if ((ltcl_ret = get_server_handle(interp, argv[0], &server_handle)) \
- != TCL_OK) { \
- return ltcl_ret; \
- } \
- } \
- argv++, argc--;
-
-static Tcl_HashTable *create_flag_table(struct flagval *flags, int size)
-{
- Tcl_HashTable *table;
- Tcl_HashEntry *entry;
- int i;
-
- if (! (table = (Tcl_HashTable *) malloc(sizeof(Tcl_HashTable)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_InitHashTable(table, TCL_STRING_KEYS);
-
- for (i = 0; i < size; i++) {
- int newPtr;
-
- if (! (entry = Tcl_CreateHashEntry(table, flags[i].name, &newPtr))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_SetHashValue(entry, &flags[i].val);
- }
-
- return table;
-}
-
-
-static Tcl_DString *unparse_str(char *in_str)
-{
- Tcl_DString *str;
-
- if (! (str = malloc(sizeof(*str)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_DStringInit(str);
-
- if (! in_str) {
- Tcl_DStringAppend(str, "null", -1);
- }
- else {
- Tcl_DStringAppend(str, in_str, -1);
- }
-
- return str;
-}
-
-
-
-static int parse_str(Tcl_Interp *interp, const char *in_str, char **out_str)
-{
- if (! in_str) {
- *out_str = 0;
- }
- else if (! strcasecmp(in_str, "null")) {
- *out_str = 0;
- }
- else {
- *out_str = (char *) in_str;
- }
- return TCL_OK;
-}
-
-
-static void set_ok(Tcl_Interp *interp, char *string)
-{
- Tcl_SetResult(interp, "OK", TCL_STATIC);
- Tcl_AppendElement(interp, "KADM5_OK");
- Tcl_AppendElement(interp, string);
-}
-
-
-
-static Tcl_DString *unparse_err(kadm5_ret_t code)
-{
- char *code_string;
- const char *error_string;
- Tcl_DString *dstring;
-
- switch (code) {
- case KADM5_FAILURE: code_string = "KADM5_FAILURE"; break;
- case KADM5_AUTH_GET: code_string = "KADM5_AUTH_GET"; break;
- case KADM5_AUTH_ADD: code_string = "KADM5_AUTH_ADD"; break;
- case KADM5_AUTH_MODIFY:
- code_string = "KADM5_AUTH_MODIFY"; break;
- case KADM5_AUTH_DELETE:
- code_string = "KADM5_AUTH_DELETE"; break;
- case KADM5_AUTH_INSUFFICIENT:
- code_string = "KADM5_AUTH_INSUFFICIENT"; break;
- case KADM5_BAD_DB: code_string = "KADM5_BAD_DB"; break;
- case KADM5_DUP: code_string = "KADM5_DUP"; break;
- case KADM5_RPC_ERROR: code_string = "KADM5_RPC_ERROR"; break;
- case KADM5_NO_SRV: code_string = "KADM5_NO_SRV"; break;
- case KADM5_BAD_HIST_KEY:
- code_string = "KADM5_BAD_HIST_KEY"; break;
- case KADM5_NOT_INIT: code_string = "KADM5_NOT_INIT"; break;
- case KADM5_INIT: code_string = "KADM5_INIT"; break;
- case KADM5_BAD_PASSWORD:
- code_string = "KADM5_BAD_PASSWORD"; break;
- case KADM5_UNK_PRINC: code_string = "KADM5_UNK_PRINC"; break;
- case KADM5_UNK_POLICY: code_string = "KADM5_UNK_POLICY"; break;
- case KADM5_BAD_MASK: code_string = "KADM5_BAD_MASK"; break;
- case KADM5_BAD_CLASS: code_string = "KADM5_BAD_CLASS"; break;
- case KADM5_BAD_LENGTH: code_string = "KADM5_BAD_LENGTH"; break;
- case KADM5_BAD_POLICY: code_string = "KADM5_BAD_POLICY"; break;
- case KADM5_BAD_HISTORY: code_string = "KADM5_BAD_HISTORY"; break;
- case KADM5_BAD_PRINCIPAL:
- code_string = "KADM5_BAD_PRINCIPAL"; break;
- case KADM5_BAD_AUX_ATTR:
- code_string = "KADM5_BAD_AUX_ATTR"; break;
- case KADM5_PASS_Q_TOOSHORT:
- code_string = "KADM5_PASS_Q_TOOSHORT"; break;
- case KADM5_PASS_Q_CLASS:
- code_string = "KADM5_PASS_Q_CLASS"; break;
- case KADM5_PASS_Q_DICT:
- code_string = "KADM5_PASS_Q_DICT"; break;
- case KADM5_PASS_REUSE: code_string = "KADM5_PASS_REUSE"; break;
- case KADM5_PASS_TOOSOON:
- code_string = "KADM5_PASS_TOOSOON"; break;
- case KADM5_POLICY_REF:
- code_string = "KADM5_POLICY_REF"; break;
- case KADM5_PROTECT_PRINCIPAL:
- code_string = "KADM5_PROTECT_PRINCIPAL"; break;
- case KADM5_BAD_SERVER_HANDLE:
- code_string = "KADM5_BAD_SERVER_HANDLE"; break;
- case KADM5_BAD_STRUCT_VERSION:
- code_string = "KADM5_BAD_STRUCT_VERSION"; break;
- case KADM5_OLD_STRUCT_VERSION:
- code_string = "KADM5_OLD_STRUCT_VERSION"; break;
- case KADM5_NEW_STRUCT_VERSION:
- code_string = "KADM5_NEW_STRUCT_VERSION"; break;
- case KADM5_BAD_API_VERSION:
- code_string = "KADM5_BAD_API_VERSION"; break;
- case KADM5_OLD_LIB_API_VERSION:
- code_string = "KADM5_OLD_LIB_API_VERSION"; break;
- case KADM5_OLD_SERVER_API_VERSION:
- code_string = "KADM5_OLD_SERVER_API_VERSION"; break;
- case KADM5_NEW_LIB_API_VERSION:
- code_string = "KADM5_NEW_LIB_API_VERSION"; break;
- case KADM5_NEW_SERVER_API_VERSION:
- code_string = "KADM5_NEW_SERVER_API_VERSION"; break;
- case KADM5_SECURE_PRINC_MISSING:
- code_string = "KADM5_SECURE_PRINC_MISSING"; break;
- case KADM5_NO_RENAME_SALT:
- code_string = "KADM5_NO_RENAME_SALT"; break;
- case KADM5_BAD_CLIENT_PARAMS:
- code_string = "KADM5_BAD_CLIENT_PARAMS"; break;
- case KADM5_BAD_SERVER_PARAMS:
- code_string = "KADM5_BAD_SERVER_PARAMS"; break;
- case KADM5_AUTH_LIST:
- code_string = "KADM5_AUTH_LIST"; break;
- case KADM5_AUTH_CHANGEPW:
- code_string = "KADM5_AUTH_CHANGEPW"; break;
- case KADM5_GSS_ERROR: code_string = "KADM5_GSS_ERROR"; break;
- case KADM5_BAD_TL_TYPE: code_string = "KADM5_BAD_TL_TYPE"; break;
- case KADM5_MISSING_CONF_PARAMS:
- code_string = "KADM5_MISSING_CONF_PARAMS"; break;
- case KADM5_BAD_SERVER_NAME:
- code_string = "KADM5_BAD_SERVER_NAME"; break;
- case KADM5_MISSING_KRB5_CONF_PARAMS:
- code_string = "KADM5_MISSING_KRB5_CONF_PARAMS"; break;
- case KADM5_XDR_FAILURE: code_string = "KADM5_XDR_FAILURE"; break;
- case KADM5_CANT_RESOLVE: code_string = "KADM5_CANT_RESOLVE"; break;
-
-
- case OSA_ADB_DUP: code_string = "OSA_ADB_DUP"; break;
- case OSA_ADB_NOENT: code_string = "ENOENT"; break;
- case OSA_ADB_DBINIT: code_string = "OSA_ADB_DBINIT"; break;
- case OSA_ADB_BAD_POLICY: code_string = "Bad policy name"; break;
- case OSA_ADB_BAD_PRINC: code_string = "Bad principal name"; break;
- case OSA_ADB_BAD_DB: code_string = "Invalid database."; break;
- case OSA_ADB_XDR_FAILURE: code_string = "OSA_ADB_XDR_FAILURE"; break;
- case OSA_ADB_BADLOCKMODE: code_string = "OSA_ADB_BADLOCKMODE"; break;
- case OSA_ADB_CANTLOCK_DB: code_string = "OSA_ADB_CANTLOCK_DB"; break;
- case OSA_ADB_NOTLOCKED: code_string = "OSA_ADB_NOTLOCKED"; break;
- case OSA_ADB_NOLOCKFILE: code_string = "OSA_ADB_NOLOCKFILE"; break;
- case OSA_ADB_NOEXCL_PERM: code_string = "OSA_ADB_NOEXCL_PERM"; break;
-
- case KRB5_KDB_INUSE: code_string = "KRB5_KDB_INUSE"; break;
- case KRB5_KDB_UK_SERROR: code_string = "KRB5_KDB_UK_SERROR"; break;
- case KRB5_KDB_UK_RERROR: code_string = "KRB5_KDB_UK_RERROR"; break;
- case KRB5_KDB_UNAUTH: code_string = "KRB5_KDB_UNAUTH"; break;
- case KRB5_KDB_NOENTRY: code_string = "KRB5_KDB_NOENTRY"; break;
- case KRB5_KDB_ILL_WILDCARD: code_string = "KRB5_KDB_ILL_WILDCARD"; break;
- case KRB5_KDB_DB_INUSE: code_string = "KRB5_KDB_DB_INUSE"; break;
- case KRB5_KDB_DB_CHANGED: code_string = "KRB5_KDB_DB_CHANGED"; break;
- case KRB5_KDB_TRUNCATED_RECORD:
- code_string = "KRB5_KDB_TRUNCATED_RECORD"; break;
- case KRB5_KDB_RECURSIVELOCK:
- code_string = "KRB5_KDB_RECURSIVELOCK"; break;
- case KRB5_KDB_NOTLOCKED: code_string = "KRB5_KDB_NOTLOCKED"; break;
- case KRB5_KDB_BADLOCKMODE: code_string = "KRB5_KDB_BADLOCKMODE"; break;
- case KRB5_KDB_DBNOTINITED: code_string = "KRB5_KDB_DBNOTINITED"; break;
- case KRB5_KDB_DBINITED: code_string = "KRB5_KDB_DBINITED"; break;
- case KRB5_KDB_ILLDIRECTION: code_string = "KRB5_KDB_ILLDIRECTION"; break;
- case KRB5_KDB_NOMASTERKEY: code_string = "KRB5_KDB_NOMASTERKEY"; break;
- case KRB5_KDB_BADMASTERKEY: code_string = "KRB5_KDB_BADMASTERKEY"; break;
- case KRB5_KDB_INVALIDKEYSIZE:
- code_string = "KRB5_KDB_INVALIDKEYSIZE"; break;
- case KRB5_KDB_CANTREAD_STORED:
- code_string = "KRB5_KDB_CANTREAD_STORED"; break;
- case KRB5_KDB_BADSTORED_MKEY:
- code_string = "KRB5_KDB_BADSTORED_MKEY"; break;
- case KRB5_KDB_CANTLOCK_DB: code_string = "KRB5_KDB_CANTLOCK_DB"; break;
- case KRB5_KDB_DB_CORRUPT: code_string = "KRB5_KDB_DB_CORRUPT"; break;
-
- case KRB5_PARSE_ILLCHAR: code_string = "KRB5_PARSE_ILLCHAR"; break;
- case KRB5_PARSE_MALFORMED: code_string = "KRB5_PARSE_MALFORMED"; break;
- case KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN: code_string = "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN"; break;
- case KRB5_REALM_UNKNOWN: code_string = "KRB5_REALM_UNKNOWN"; break;
- case KRB5_KDC_UNREACH: code_string = "KRB5_KDC_UNREACH"; break;
- case KRB5_KDCREP_MODIFIED: code_string = "KRB5_KDCREP_MODIFIED"; break;
- case KRB5KRB_AP_ERR_BAD_INTEGRITY: code_string = "KRB5KRB_AP_ERR_BAD_INTEGRITY"; break;
- case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN: code_string = "KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN"; break;
- case KRB5_CONFIG_BADFORMAT: code_string = "KRB5_CONFIG_BADFORMAT"; break;
-
- case KRB5_CC_NOTFOUND: code_string = "KRB5_CC_NOTFOUND"; break;
- case KRB5_FCC_NOFILE: code_string = "KRB5_FCC_NOFILE"; break;
-
- case EINVAL: code_string = "EINVAL"; break;
- case ENOENT: code_string = "ENOENT"; break;
-
- default:
- fprintf(stderr, "**** CODE %ld (%s) ***\n", (long) code,
- error_message (code));
- code_string = "UNKNOWN";
- break;
- }
-
- error_string = error_message(code);
-
- if (! (dstring = (Tcl_DString *) malloc(sizeof(Tcl_DString)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX Do we really want to exit? Ok if this is */
- /* just a test program, but what about if it gets */
- /* used for other things later? */
- }
-
- Tcl_DStringInit(dstring);
-
- if (! (Tcl_DStringAppendElement(dstring, "ERROR") &&
- Tcl_DStringAppendElement(dstring, code_string) &&
- Tcl_DStringAppendElement(dstring, error_string))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- return dstring;
-}
-
-
-
-static void stash_error(Tcl_Interp *interp, krb5_error_code code)
-{
- Tcl_DString *dstring = unparse_err(code);
- Tcl_DStringResult(interp, dstring);
- Tcl_DStringFree(dstring);
- free(dstring);
-}
-
-static Tcl_DString *unparse_key_data(krb5_key_data *key_data, int n_key_data)
-{
- Tcl_DString *str;
- char buf[2048];
- int i, j;
-
- if (! (str = malloc(sizeof(*str)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_DStringInit(str);
- for (i = 0; i < n_key_data; i++) {
- krb5_key_data *key = &key_data[i];
-
- Tcl_DStringStartSublist(str);
- sprintf(buf, "%d", key->key_data_type[0]);
- Tcl_DStringAppendElement(str, buf);
- sprintf(buf, "%d", key->key_data_ver > 1 ?
- key->key_data_type[1] : -1);
- Tcl_DStringAppendElement(str, buf);
- if (key->key_data_contents[0]) {
- sprintf(buf, "0x");
- for (j = 0; j < key->key_data_length[0]; j++) {
- sprintf(buf + 2*(j+1), "%02x",
- key->key_data_contents[0][j]);
- }
- } else *buf = '\0';
- Tcl_DStringAppendElement(str, buf);
- Tcl_DStringEndSublist(str);
- }
-
- return str;
-}
-
-static Tcl_DString *unparse_tl_data(krb5_tl_data *tl_data, int n_tl_data)
-{
- Tcl_DString *str;
- char buf[2048];
-
- if (! (str = malloc(sizeof(*str)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_DStringInit(str);
- Tcl_DStringStartSublist(str);
- for (; tl_data; tl_data = tl_data->tl_data_next) {
- Tcl_DStringStartSublist(str);
- sprintf(buf, "%d", tl_data->tl_data_type);
- Tcl_DStringAppendElement(str, buf);
- sprintf(buf, "%d", tl_data->tl_data_length);
- Tcl_DStringAppendElement(str, buf);
- Tcl_DStringAppend(str, " ", 1);
- Tcl_DStringAppend(str, (char *) tl_data->tl_data_contents,
- tl_data->tl_data_length);
- Tcl_DStringEndSublist(str);
- }
- Tcl_DStringEndSublist(str);
-
- return str;
-}
-
-static Tcl_DString *unparse_flags(struct flagval *array, int size,
- krb5_int32 flags)
-{
- int i;
- Tcl_DString *str;
-
- if (! (str = malloc(sizeof(*str)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_DStringInit(str);
-
- for (i = 0; i < size; i++) {
- if (flags & array[i].val) {
- Tcl_DStringAppendElement(str, array[i].name);
- }
- }
-
- return str;
-}
-
-
-static int parse_flags(Tcl_Interp *interp, Tcl_HashTable *table,
- struct flagval *array, int size, const char *str,
- krb5_flags *flags)
-{
- int tmp, argc, i, retcode = TCL_OK;
- const char **argv;
- Tcl_HashEntry *entry;
-
- if (Tcl_GetInt(interp, str, &tmp) == TCL_OK) {
- *flags = tmp;
- return TCL_OK;
- }
- Tcl_ResetResult(interp);
-
- if (Tcl_SplitList(interp, str, &argc, &argv) != TCL_OK) {
- return TCL_ERROR;
- }
-
- if (! table) {
- table = create_flag_table(array, size);
- }
-
- *flags = 0;
-
- for (i = 0; i < argc; i++) {
- if (! (entry = Tcl_FindHashEntry(table, argv[i]))) {
- Tcl_AppendResult(interp, "unknown krb5 flag ", argv[i], 0);
- retcode = TCL_ERROR;
- break;
- }
- *flags |= *(krb5_flags *) Tcl_GetHashValue(entry);
- }
-
- Tcl_Free((char *) argv);
- return(retcode);
-}
-
-static Tcl_DString *unparse_privs(krb5_flags flags)
-{
- return unparse_flags(priv_flags, sizeof(priv_flags) /
- sizeof(struct flagval), flags);
-}
-
-
-static Tcl_DString *unparse_krb5_flags(krb5_flags flags)
-{
- return unparse_flags(krb5_flags_array, sizeof(krb5_flags_array) /
- sizeof(struct flagval), flags);
-}
-
-static int parse_krb5_flags(Tcl_Interp *interp, const char *str,
- krb5_flags *flags)
-{
- krb5_flags tmp;
- static Tcl_HashTable *table = 0;
- int tcl_ret;
-
- if ((tcl_ret = parse_flags(interp, table, krb5_flags_array,
- sizeof(krb5_flags_array) /
- sizeof(struct flagval),
- str, &tmp)) != TCL_OK) {
- return tcl_ret;
- }
-
- *flags = tmp;
- return TCL_OK;
-}
-
-static Tcl_DString *unparse_aux_attributes(krb5_int32 flags)
-{
- return unparse_flags(aux_attributes, sizeof(aux_attributes) /
- sizeof(struct flagval), flags);
-}
-
-
-static int parse_aux_attributes(Tcl_Interp *interp, const char *str,
- long *flags)
-{
- krb5_flags tmp;
- static Tcl_HashTable *table = 0;
- int tcl_ret;
-
- if ((tcl_ret = parse_flags(interp, table, aux_attributes,
- sizeof(aux_attributes) /
- sizeof(struct flagval),
- str, &tmp)) != TCL_OK) {
- return tcl_ret;
- }
-
- *flags = tmp;
- return TCL_OK;
-}
-
-static int parse_principal_mask(Tcl_Interp *interp, const char *str,
- krb5_int32 *flags)
-{
- krb5_flags tmp;
- static Tcl_HashTable *table = 0;
- int tcl_ret;
-
- if ((tcl_ret = parse_flags(interp, table, principal_mask_flags,
- sizeof(principal_mask_flags) /
- sizeof(struct flagval),
- str, &tmp)) != TCL_OK) {
- return tcl_ret;
- }
-
- *flags = tmp;
- return TCL_OK;
-}
-
-static int parse_policy_mask(Tcl_Interp *interp, const char *str,
- krb5_int32 *flags)
-{
- krb5_flags tmp;
- static Tcl_HashTable *table = 0;
- int tcl_ret;
-
- if ((tcl_ret = parse_flags(interp, table, policy_mask_flags,
- sizeof(policy_mask_flags) /
- sizeof(struct flagval),
- str, &tmp)) != TCL_OK) {
- return tcl_ret;
- }
-
- *flags = tmp;
- return TCL_OK;
-}
-
-
-static Tcl_DString *unparse_principal_ent(kadm5_principal_ent_t princ,
- krb5_int32 mask)
-{
- Tcl_DString *str, *tmp_dstring;
- char *tmp;
- char buf[20];
- krb5_error_code krb5_ret;
-
- if (! (str = malloc(sizeof(*str)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_DStringInit(str);
-
- tmp = 0; /* It looks to me from looking at the library source */
- /* code for krb5_parse_name that the pointer passed into */
- /* it should be initialized to 0 if I want it do be */
- /* allocated automatically. */
- if (mask & KADM5_PRINCIPAL) {
- krb5_ret = krb5_unparse_name(context, princ->principal, &tmp);
- if (krb5_ret) {
- /* XXX Do we want to return an error? Not sure. */
- Tcl_DStringAppendElement(str, "[unparsable principal]");
- }
- else {
- Tcl_DStringAppendElement(str, tmp);
- free(tmp);
- }
- } else
- Tcl_DStringAppendElement(str, "null");
-
- sprintf(buf, "%u", (unsigned int)princ->princ_expire_time);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%u", (unsigned int)princ->last_pwd_change);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%u", (unsigned int)princ->pw_expiration);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%d", princ->max_life);
- Tcl_DStringAppendElement(str, buf);
-
- tmp = 0;
- if (mask & KADM5_MOD_NAME) {
- if ((krb5_ret = krb5_unparse_name(context, princ->mod_name, &tmp))) {
- /* XXX */
- Tcl_DStringAppendElement(str, "[unparsable principal]");
- }
- else {
- Tcl_DStringAppendElement(str, tmp);
- free(tmp);
- }
- } else
- Tcl_DStringAppendElement(str, "null");
-
- sprintf(buf, "%u", (unsigned int)princ->mod_date);
- Tcl_DStringAppendElement(str, buf);
-
- if (mask & KADM5_ATTRIBUTES) {
- tmp_dstring = unparse_krb5_flags(princ->attributes);
- Tcl_DStringAppendElement(str, tmp_dstring->string);
- Tcl_DStringFree(tmp_dstring);
- free(tmp_dstring);
- } else
- Tcl_DStringAppendElement(str, "null");
-
- sprintf(buf, "%d", princ->kvno);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%d", princ->mkvno);
- Tcl_DStringAppendElement(str, buf);
-
- /* XXX This may be dangerous, because the contents of the policy */
- /* field are undefined if the POLICY bit isn't set. However, I */
- /* think it's a bug for the field not to be null in that case */
- /* anyway, so we should assume that it will be null so that we'll */
- /* catch it if it isn't. */
-
- tmp_dstring = unparse_str(princ->policy);
- Tcl_DStringAppendElement(str, tmp_dstring->string);
- Tcl_DStringFree(tmp_dstring);
- free(tmp_dstring);
-
- tmp_dstring = unparse_aux_attributes(princ->aux_attributes);
- Tcl_DStringAppendElement(str, tmp_dstring->string);
- Tcl_DStringFree(tmp_dstring);
- free(tmp_dstring);
-
- sprintf(buf, "%d", princ->max_renewable_life);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%u", (unsigned int)princ->last_success);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%u", (unsigned int)princ->last_failed);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%d", princ->fail_auth_count);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%d", princ->n_key_data);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%d", princ->n_tl_data);
- Tcl_DStringAppendElement(str, buf);
-
- tmp_dstring = unparse_key_data(princ->key_data, princ->n_key_data);
- Tcl_DStringAppendElement(str, tmp_dstring->string);
- Tcl_DStringFree(tmp_dstring);
- free(tmp_dstring);
-
- tmp_dstring = unparse_tl_data(princ->tl_data, princ->n_tl_data);
- Tcl_DStringAppendElement(str, tmp_dstring->string);
- Tcl_DStringFree(tmp_dstring);
- free(tmp_dstring);
-
- return str;
-}
-
-static int parse_keysalts(Tcl_Interp *interp, const char *list,
- krb5_key_salt_tuple **keysalts,
- int num_keysalts)
-{
- const char **argv, **argv1 = NULL;
- int i, tmp, argc, argc1, retcode;
-
- *keysalts = NULL;
- if (list == NULL)
- return TCL_OK;
-
- if ((retcode = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) {
- return retcode;
- }
- if (argc != num_keysalts) {
- Tcl_SetResult(interp, "wrong number of keysalts", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
- *keysalts = (krb5_key_salt_tuple *)
- malloc(sizeof(krb5_key_salt_tuple)*num_keysalts);
- for (i = 0; i < num_keysalts; i++) {
- if ((retcode = Tcl_SplitList(interp, argv[i], &argc1, &argv1)) !=
- TCL_OK) {
- goto finished;
- }
- if (argc1 != 2) {
- Tcl_SetResult(interp, "wrong # of fields in keysalt", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
- /* XXX this used to be argv1[1] too! */
- if ((retcode = Tcl_GetInt(interp, argv1[0], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing ks_enctype");
- retcode = TCL_ERROR;
- goto finished;
- }
- (*keysalts)[i].ks_enctype = tmp;
- if ((retcode = Tcl_GetInt(interp, argv1[1], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing ks_salttype");
- goto finished;
- }
- (*keysalts)[i].ks_salttype = tmp;
-
- Tcl_Free((char *) argv1);
- argv1 = NULL;
- }
-
-finished:
- if (argv1) {
- Tcl_Free((char *) argv1);
- }
- Tcl_Free((char *) argv);
- return retcode;
-}
-
-static int parse_key_data(Tcl_Interp *interp, const char *list,
- krb5_key_data **key_data,
- int n_key_data)
-{
- const char **argv = NULL;
- int argc, retcode;
-
- *key_data = NULL;
- if (list == NULL) {
- if (n_key_data != 0) {
- Tcl_SetResult(interp, "wrong number of key_datas", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- } else
- return TCL_OK;
- }
-
- if ((retcode = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) {
- return retcode;
- }
- if (argc != n_key_data) {
- Tcl_SetResult(interp, "wrong number of key_datas", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if (argc != 0) {
- Tcl_SetResult(interp, "cannot parse key_data yet", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
-
-finished:
- Tcl_Free((char *) argv);
- return retcode;
-}
-
-static int parse_tl_data(Tcl_Interp *interp, const char *list,
- krb5_tl_data **tlp,
- int n_tl_data)
-{
- krb5_tl_data *tl, *tl2;
- const char **argv = NULL, **argv1 = NULL;
- int i, tmp, argc, argc1, retcode;
-
- *tlp = NULL;
- if (list == NULL) {
- if (n_tl_data != 0) {
- Tcl_SetResult(interp, "wrong number of tl_datas", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- } else
- return TCL_OK;
- }
-
- if ((retcode = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) {
- return retcode;
- }
- if (argc != n_tl_data) {
- Tcl_SetResult(interp, "wrong number of tl_datas", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
-
- tl = tl2 = NULL;
- for (i = 0; i < n_tl_data; i++) {
- tl2 = (krb5_tl_data *) malloc(sizeof(krb5_tl_data));
- memset(tl2, 0, sizeof(krb5_tl_data));
- tl2->tl_data_next = tl;
- tl = tl2;
- }
- tl2 = tl;
-
- for (i = 0; i < n_tl_data; i++) {
- if ((retcode = Tcl_SplitList(interp, argv[i], &argc1, &argv1)) !=
- TCL_OK) {
- goto finished;
- }
- if (argc1 != 3) {
- Tcl_SetResult(interp, "wrong # of fields in tl_data", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
- if ((retcode = Tcl_GetInt(interp, argv1[0], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing tl_data_type");
- retcode = TCL_ERROR;
- goto finished;
- }
- tl->tl_data_type = tmp;
- if ((retcode = Tcl_GetInt(interp, argv1[1], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing tl_data_length");
- retcode = TCL_ERROR;
- goto finished;
- }
- tl->tl_data_length = tmp;
- if (tl->tl_data_length != strlen(argv1[2])) {
- Tcl_SetResult(interp, "length != string length", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
- tl->tl_data_contents = (krb5_octet *) strdup(argv1[2]);
-
- Tcl_Free((char *) argv1);
- argv1 = NULL;
- tl = tl->tl_data_next;
- }
- if (tl != NULL) {
- Tcl_SetResult(interp, "tl is not NULL!", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
- *tlp = tl2;
-
-finished:
- if (argv1) {
- Tcl_Free((char *) argv1);
- }
- Tcl_Free((char *) argv);
- return retcode;
-}
-
-static int parse_config_params(Tcl_Interp *interp, char *list,
- kadm5_config_params *params)
-{
- static Tcl_HashTable *table = 0;
- const char **argv = NULL;
- int tmp, argc, retcode;
-
- memset(params, 0, sizeof(kadm5_config_params));
- if (list == NULL)
- return TCL_OK;
-
- if ((retcode = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) {
- return retcode;
- }
-
- if (argc != 20) {
- Tcl_SetResult(interp, "wrong # args in config params structure",
- TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if ((retcode = parse_flags(interp, table, config_mask_flags,
- sizeof(config_mask_flags) /
- sizeof(struct flagval),
- argv[0], &tmp)) != TCL_OK) {
- goto finished;
- }
- params->mask = tmp;
-
- if ((retcode = parse_str(interp, argv[1], &params->realm)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing realm name");
- retcode = TCL_ERROR;
- goto finished;
- }
- if ((retcode = Tcl_GetInt(interp, argv[2], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing kadmind_port");
- retcode = TCL_ERROR;
- goto finished;
- }
- params->kadmind_port = tmp;
- if ((retcode = parse_str(interp, argv[3], &params->admin_server))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing profile name");
- retcode = TCL_ERROR;
- goto finished;
- }
- if ((retcode = parse_str(interp, argv[4], &params->dbname)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing profile name");
- retcode = TCL_ERROR;
- goto finished;
- }
- /* Ignore argv[5], which used to set the admin_dbname field. */
- /* Ignore argv[6], which used to set the admin_lockfile field. */
- /* Ignore argv[7], which used to set the admin_keytab field. */
- if ((retcode = parse_str(interp, argv[8], &params->acl_file)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing acl_file name");
- retcode = TCL_ERROR;
- goto finished;
- }
- if ((retcode = parse_str(interp, argv[9], &params->dict_file)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing dict_file name");
- retcode = TCL_ERROR;
- goto finished;
- }
- if ((retcode = Tcl_GetInt(interp, argv[10], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing mkey_from_kbd");
- retcode = TCL_ERROR;
- goto finished;
- }
- params->mkey_from_kbd = tmp;
- if ((retcode = parse_str(interp, argv[11], &params->stash_file)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing stash_file name");
- retcode = TCL_ERROR;
- goto finished;
- }
- if ((retcode = parse_str(interp, argv[12], &params->mkey_name)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing mkey_name name");
- retcode = TCL_ERROR;
- goto finished;
- }
- if ((retcode = Tcl_GetInt(interp, argv[13], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing enctype");
- retcode = TCL_ERROR;
- goto finished;
- }
- params->enctype = tmp;
- if ((retcode = Tcl_GetInt(interp, argv[14], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing max_life");
- retcode = TCL_ERROR;
- goto finished;
- }
- params->max_life = tmp;
- if ((retcode = Tcl_GetInt(interp, argv[15], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing max_rlife");
- retcode = TCL_ERROR;
- goto finished;
- }
- params->max_rlife = tmp;
- if ((retcode = Tcl_GetInt(interp, argv[16], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing expiration");
- retcode = TCL_ERROR;
- goto finished;
- }
- params->expiration = tmp;
- if ((retcode = parse_krb5_flags(interp, argv[17], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing flags");
- retcode = TCL_ERROR;
- goto finished;
- }
- params->flags = tmp;
- if ((retcode = Tcl_GetInt(interp, argv[18], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing num_keysalts");
- retcode = TCL_ERROR;
- goto finished;
- }
- params->num_keysalts = tmp;
- if ((retcode = parse_keysalts(interp, argv[19], &params->keysalts,
- params->num_keysalts)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing keysalts");
- retcode = TCL_ERROR;
- goto finished;
- }
-
-finished:
- return retcode;
-}
-
-static int parse_principal_ent(Tcl_Interp *interp, char *list,
- kadm5_principal_ent_t *out_princ)
-{
- kadm5_principal_ent_t princ = 0;
- krb5_error_code krb5_ret;
- int tcl_ret;
- int argc;
- const char **argv;
- int tmp;
- int retcode = TCL_OK;
-
- if ((tcl_ret = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) {
- return tcl_ret;
- }
-
- if (argc != 12 && argc != 20) {
- Tcl_SetResult(interp, "wrong # args in principal structure",
- TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if (! (princ = malloc(sizeof *princ))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
- memset(princ, 0, sizeof(*princ));
-
- if ((krb5_ret = krb5_parse_name(context, argv[0], &princ->principal)) != 0) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing principal");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- /*
- * All of the numerical values parsed here are parsed into an
- * "int" and then assigned into the structure in case the actual
- * width of the field in the Kerberos structure is different from
- * the width of an integer.
- */
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[1], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing princ_expire_time");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->princ_expire_time = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[2], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing last_pwd_change");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->last_pwd_change = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[3], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_expiration");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->pw_expiration = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[4], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing max_life");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->max_life = tmp;
-
- if ((krb5_ret = krb5_parse_name(context, argv[5], &princ->mod_name)) != 0) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing mod_name");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[6], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing mod_date");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->mod_date = tmp;
-
- if ((tcl_ret = parse_krb5_flags(interp, argv[7], &princ->attributes))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing attributes");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[8], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing kvno");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->kvno = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[9], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing mkvno");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->mkvno = tmp;
-
- if ((tcl_ret = parse_str(interp, argv[10], &princ->policy)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing policy");
- retcode = TCL_ERROR;
- goto finished;
- }
- if(princ->policy != NULL) {
- if(!(princ->policy = strdup(princ->policy))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1);
- }
- }
-
- if ((tcl_ret = parse_aux_attributes(interp, argv[11],
- &princ->aux_attributes)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing aux_attributes");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if (argc == 12) goto finished;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[12], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing max_renewable_life");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->max_renewable_life = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[13], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing last_success");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->last_success = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[14], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing last_failed");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->last_failed = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[15], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing fail_auth_count");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->fail_auth_count = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[16], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing n_key_data");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->n_key_data = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[17], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing n_tl_data");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->n_tl_data = tmp;
-
- if ((tcl_ret = parse_key_data(interp, argv[18],
- &princ->key_data,
- princ->n_key_data)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing key_data");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if ((tcl_ret = parse_tl_data(interp, argv[19],
- &princ->tl_data,
- princ->n_tl_data)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing tl_data");
- retcode = TCL_ERROR;
- goto finished;
- }
- princ->n_tl_data = tmp;
-
-finished:
- Tcl_Free((char *) argv);
- *out_princ = princ;
- return retcode;
-}
-
-
-static void free_principal_ent(kadm5_principal_ent_t *princ)
-{
- krb5_free_principal(context, (*princ)->principal);
- krb5_free_principal(context, (*princ)->mod_name);
- free((*princ)->policy);
- free(*princ);
- *princ = 0;
-}
-
-static Tcl_DString *unparse_policy_ent(kadm5_policy_ent_t policy)
-{
- Tcl_DString *str, *tmp_dstring;
- char buf[20];
-
- if (! (str = malloc(sizeof(*str)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_DStringInit(str);
-
- tmp_dstring = unparse_str(policy->policy);
- Tcl_DStringAppendElement(str, tmp_dstring->string);
- Tcl_DStringFree(tmp_dstring);
- free(tmp_dstring);
-
- sprintf(buf, "%ld", policy->pw_min_life);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%ld", policy->pw_max_life);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%ld", policy->pw_min_length);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%ld", policy->pw_min_classes);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%ld", policy->pw_history_num);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%ld", policy->policy_refcnt);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%d", policy->pw_max_fail);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%d", policy->pw_failcnt_interval);
- Tcl_DStringAppendElement(str, buf);
-
- sprintf(buf, "%d", policy->pw_lockout_duration);
- Tcl_DStringAppendElement(str, buf);
-
- return str;
-}
-
-
-
-static int parse_policy_ent(Tcl_Interp *interp, char *list,
- kadm5_policy_ent_t *out_policy)
-{
- kadm5_policy_ent_t policy = 0;
- int tcl_ret;
- int argc;
- const char **argv;
- int tmp;
- int retcode = TCL_OK;
-
- if ((tcl_ret = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) {
- return tcl_ret;
- }
-
- if (argc != 7 && argc != 10) {
- Tcl_SetResult(interp, "wrong # args in policy structure", TCL_STATIC);
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if (! (policy = malloc(sizeof *policy))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- if ((tcl_ret = parse_str(interp, argv[0], &policy->policy)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing policy name");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if(policy->policy != NULL) {
- if (! (policy->policy = strdup(policy->policy))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
- }
-
- /*
- * All of the numerical values parsed here are parsed into an
- * "int" and then assigned into the structure in case the actual
- * width of the field in the Kerberos structure is different from
- * the width of an integer.
- */
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[1], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_min_life");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->pw_min_life = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[2], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_max_life");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->pw_max_life = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[3], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_min_length");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->pw_min_length = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[4], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_min_classes");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->pw_min_classes = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[5], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_history_num");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->pw_history_num = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[6], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing policy_refcnt");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->policy_refcnt = tmp;
-
- if (argc == 7) goto finished;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[7], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_max_fail");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->pw_max_fail = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[8], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_failcnt_interval");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->pw_failcnt_interval = tmp;
-
- if ((tcl_ret = Tcl_GetInt(interp, argv[9], &tmp))
- != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_lockout_duration");
- retcode = TCL_ERROR;
- goto finished;
- }
- policy->pw_lockout_duration = tmp;
-
-finished:
- Tcl_Free((char *) argv);
- *out_policy = policy;
- return retcode;
-}
-
-
-static void free_policy_ent(kadm5_policy_ent_t *policy)
-{
- free((*policy)->policy);
- free(*policy);
- *policy = 0;
-}
-
-static Tcl_DString *unparse_keytype(krb5_enctype enctype)
-{
- Tcl_DString *str;
- char buf[50];
-
- if (! (str = malloc(sizeof(*str)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_DStringInit(str);
-
- switch (enctype) {
- /* XXX is this right? */
- case ENCTYPE_NULL: Tcl_DStringAppend(str, "ENCTYPE_NULL", -1); break;
- default:
- sprintf(buf, "UNKNOWN KEYTYPE (0x%x)", enctype);
- Tcl_DStringAppend(str, buf, -1);
- break;
- }
-
- return str;
-}
-
-
-static Tcl_DString *unparse_keyblocks(krb5_keyblock *keyblocks, int num_keys)
-{
- Tcl_DString *str;
- Tcl_DString *keytype;
- unsigned int i;
- int j;
-
- if (! (str = malloc(sizeof(*str)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
-
- Tcl_DStringInit(str);
-
- for (j = 0; j < num_keys; j++) {
- krb5_keyblock *keyblock = &keyblocks[j];
-
- Tcl_DStringStartSublist(str);
-
- keytype = unparse_keytype(keyblock->enctype);
- Tcl_DStringAppendElement(str, keytype->string);
- Tcl_DStringFree(keytype);
- free(keytype);
- if (keyblock->length == 0) {
- Tcl_DStringAppendElement(str, "0x00");
- }
- else {
- Tcl_DStringAppendElement(str, "0x");
- for (i = 0; i < keyblock->length; i++) {
- char buf[3];
- sprintf(buf, "%02x", (int) keyblock->contents[i]);
- Tcl_DStringAppend(str, buf, -1);
- }
- }
-
- Tcl_DStringEndSublist(str);
- }
-
-
- return str;
-}
-
-enum init_type { INIT_NONE, INIT_PASS, INIT_CREDS };
-
-static int _tcl_kadm5_init_any(enum init_type init_type, ClientData clientData,
- Tcl_Interp *interp, int argc, const char *argv[])
-{
- kadm5_ret_t ret;
- char *client_name, *pass, *service_name;
- int tcl_ret;
- krb5_ui_4 struct_version, api_version;
- const char *handle_var;
- void *server_handle;
- char *handle_name, *params_str;
- const char *whoami = argv[0];
- kadm5_config_params params;
-
- argv++, argc--;
-
- kadm5_init_krb5_context(&context);
-
- if (argc != 7) {
- Tcl_AppendResult(interp, whoami, ": ", arg_error, 0);
- return TCL_ERROR;
- }
-
- if (((tcl_ret = parse_str(interp, argv[0], &client_name)) != TCL_OK) ||
- ((tcl_ret = parse_str(interp, argv[1], &pass)) != TCL_OK) ||
- ((tcl_ret = parse_str(interp, argv[2], &service_name)) != TCL_OK) ||
- ((tcl_ret = parse_str(interp, argv[3], &params_str)) != TCL_OK) ||
- ((tcl_ret = parse_config_params(interp, params_str, &params))
- != TCL_OK) ||
- ((tcl_ret = Tcl_GetInt(interp, argv[4], (int *) &struct_version)) !=
- TCL_OK) ||
- ((tcl_ret = Tcl_GetInt(interp, argv[5], (int *) &api_version)) !=
- TCL_OK)) {
- return tcl_ret;
- }
-
- handle_var = argv[6];
-
- if (! (handle_var && *handle_var)) {
- Tcl_SetResult(interp, "must specify server handle variable name",
- TCL_STATIC);
- return TCL_ERROR;
- }
-
- if (init_type == INIT_CREDS) {
- krb5_ccache cc;
-
- if (pass == NULL) {
- if ((ret = krb5_cc_default(context, &cc))) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
- } else {
- if ((ret = krb5_cc_resolve(context, pass, &cc))) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
- }
-
- ret = kadm5_init_with_creds(context, client_name, cc, service_name,
- &params, struct_version,
- api_version, NULL, &server_handle);
-
- (void) krb5_cc_close(context, cc);
- } else
- ret = kadm5_init(context, client_name, pass, service_name, &params,
- struct_version, api_version, NULL, &server_handle);
-
- /* The string fields of params are aliases into argv[3], but
- * params.keysalts is allocated, so clean it up. */
- free(params.keysalts);
-
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
-
- if ((tcl_ret = put_server_handle(interp, server_handle, &handle_name))
- != TCL_OK) {
- return tcl_ret;
- }
-
- if (! Tcl_SetVar(interp, handle_var, handle_name, TCL_LEAVE_ERR_MSG)) {
- return TCL_ERROR;
- }
-
- set_ok(interp, "KADM5 API initialized.");
- return TCL_OK;
-}
-
-static int tcl_kadm5_init(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- return _tcl_kadm5_init_any(INIT_PASS, clientData, interp, argc, argv);
-}
-
-static int tcl_kadm5_init_with_creds(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- return _tcl_kadm5_init_any(INIT_CREDS, clientData, interp, argc, argv);
-}
-
-static int tcl_kadm5_destroy(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- kadm5_ret_t ret;
- int tcl_ret;
-
- GET_HANDLE(0, 0);
-
- ret = kadm5_destroy(server_handle);
-
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
-
- if ((tcl_ret = remove_server_handle(interp, argv[-1])) != TCL_OK) {
- return tcl_ret;
- }
-
- set_ok(interp, "KADM5 API deinitialized.");
- return TCL_OK;
-}
-
-static int tcl_kadm5_create_principal(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- int tcl_ret;
- kadm5_ret_t ret;
- int retcode = TCL_OK;
- char *princ_string;
- kadm5_principal_ent_t princ = 0;
- krb5_int32 mask;
- char *pw;
-#ifdef OVERRIDE
- int override_qual;
-#endif
-
- GET_HANDLE(3, 0);
-
- if ((tcl_ret = parse_str(interp, argv[0], &princ_string)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing principal");
- return tcl_ret;
- }
-
- if (princ_string &&
- ((tcl_ret = parse_principal_ent(interp, princ_string, &princ))
- != TCL_OK)) {
- return tcl_ret;
- }
-
- if ((tcl_ret = parse_principal_mask(interp, argv[1], &mask)) != TCL_OK) {
- retcode = tcl_ret;
- goto finished;
- }
-
- if ((tcl_ret = parse_str(interp, argv[2], &pw)) != TCL_OK) {
- retcode = tcl_ret;
- goto finished;
- }
-#ifdef OVERRIDE
- if ((tcl_ret = Tcl_GetBoolean(interp, argv[3], &override_qual)) !=
- TCL_OK) {
- retcode = tcl_ret;
- goto finished;
- }
-#endif
-
-#ifdef OVERRIDE
- ret = kadm5_create_principal(server_handle, princ, mask, pw,
- override_qual);
-#else
- ret = kadm5_create_principal(server_handle, princ, mask, pw);
-#endif
-
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- goto finished;
- }
- else {
- set_ok(interp, "Principal created.");
- }
-
-finished:
- if (princ) {
- free_principal_ent(&princ);
- }
- return retcode;
-}
-
-
-
-static int tcl_kadm5_delete_principal(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- krb5_principal princ;
- krb5_error_code krb5_ret;
- kadm5_ret_t ret;
- int tcl_ret;
- char *name;
-
- GET_HANDLE(1, 0);
-
- if((tcl_ret = parse_str(interp, argv[0], &name)) != TCL_OK)
- return tcl_ret;
- if(name != NULL) {
- if ((krb5_ret = krb5_parse_name(context, name, &princ))) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing principal");
- return TCL_ERROR;
- }
- } else princ = NULL;
- ret = kadm5_delete_principal(server_handle, princ);
-
- if(princ != NULL)
- krb5_free_principal(context, princ);
-
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
- else {
- set_ok(interp, "Principal deleted.");
- return TCL_OK;
- }
-}
-
-
-
-static int tcl_kadm5_modify_principal(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- char *princ_string;
- kadm5_principal_ent_t princ = 0;
- int tcl_ret;
- krb5_int32 mask;
- int retcode = TCL_OK;
- kadm5_ret_t ret;
-
- GET_HANDLE(2, 0);
-
- if ((tcl_ret = parse_str(interp, argv[0], &princ_string)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing principal");
- return tcl_ret;
- }
-
- if (princ_string &&
- ((tcl_ret = parse_principal_ent(interp, princ_string, &princ))
- != TCL_OK)) {
- return tcl_ret;
- }
-
- if ((tcl_ret = parse_principal_mask(interp, argv[1], &mask)) != TCL_OK) {
- retcode = TCL_ERROR;
- goto finished;
- }
-
- ret = kadm5_modify_principal(server_handle, princ, mask);
-
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
- else {
- set_ok(interp, "Principal modified.");
- }
-
-finished:
- if (princ) {
- free_principal_ent(&princ);
- }
- return retcode;
-}
-
-
-static int tcl_kadm5_rename_principal(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- krb5_principal source, target;
- krb5_error_code krb5_ret;
- kadm5_ret_t ret;
- int retcode = TCL_OK;
-
- GET_HANDLE(2, 0);
-
- if ((krb5_ret = krb5_parse_name(context, argv[0], &source)) != 0) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing source");
- return TCL_ERROR;
- }
-
- if ((krb5_ret = krb5_parse_name(context, argv[1], &target)) != 0) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing target");
- krb5_free_principal(context, source);
- return TCL_ERROR;
- }
-
- ret = kadm5_rename_principal(server_handle, source, target);
-
- if (ret == KADM5_OK) {
- set_ok(interp, "Principal renamed.");
- }
- else {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
-
- krb5_free_principal(context, source);
- krb5_free_principal(context, target);
- return retcode;
-}
-
-
-
-static int tcl_kadm5_chpass_principal(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- krb5_principal princ;
- char *pw;
-#ifdef OVERRIDE
- int override_qual;
-#endif
- krb5_error_code krb5_ret;
- int retcode = TCL_OK;
- kadm5_ret_t ret;
-
- GET_HANDLE(2, 0);
-
- if ((krb5_ret = krb5_parse_name(context, argv[0], &princ)) != 0) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing principal name");
- return TCL_ERROR;
- }
-
- if (parse_str(interp, argv[1], &pw) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing password");
- retcode = TCL_ERROR;
- goto finished;
- }
-
-#ifdef OVERRIDE
- if (Tcl_GetBoolean(interp, argv[2], &override_qual) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing override_qual");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- ret = kadm5_chpass_principal(server_handle,
- princ, pw, override_qual);
-#else
- ret = kadm5_chpass_principal(server_handle, princ, pw);
-#endif
-
- if (ret == KADM5_OK) {
- set_ok(interp, "Password changed.");
- goto finished;
- }
- else {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
-
-finished:
- krb5_free_principal(context, princ);
- return retcode;
-}
-
-
-
-static int tcl_kadm5_chpass_principal_util(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- krb5_principal princ;
- char *new_pw;
-#ifdef OVERRIDE
- int override_qual;
-#endif
- char *pw_ret, *pw_ret_var;
- char msg_ret[1024], *msg_ret_var;
- krb5_error_code krb5_ret;
- kadm5_ret_t ret;
- int retcode = TCL_OK;
-
- GET_HANDLE(4, 0);
-
- if ((krb5_ret = krb5_parse_name(context, argv[0], &princ)) != 0) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing principal name");
- return TCL_ERROR;
- }
-
- if (parse_str(interp, argv[1], &new_pw) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing new password");
- retcode = TCL_ERROR;
- goto finished;
- }
-#ifdef OVERRIDE
- if (Tcl_GetBoolean(interp, argv[2], &override_qual) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing override_qual");
- retcode = TCL_ERROR;
- goto finished;
- }
-#endif
- if (parse_str(interp, argv[3], &pw_ret_var) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing pw_ret variable name");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- if (parse_str(interp, argv[4], &msg_ret_var) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing msg_ret variable name");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- ret = kadm5_chpass_principal_util(server_handle, princ, new_pw,
-#ifdef OVERRIDE
- override_qual,
-#endif
- pw_ret_var ? &pw_ret : 0,
- msg_ret_var ? msg_ret : 0,
- msg_ret_var ? sizeof(msg_ret) : 0);
-
- if (ret == KADM5_OK) {
- if (pw_ret_var &&
- (! Tcl_SetVar(interp, pw_ret_var, pw_ret,
- TCL_LEAVE_ERR_MSG))) {
- Tcl_AppendElement(interp, "while setting pw_ret variable");
- retcode = TCL_ERROR;
- goto finished;
- }
- if (msg_ret_var &&
- (! Tcl_SetVar(interp, msg_ret_var, msg_ret,
- TCL_LEAVE_ERR_MSG))) {
- Tcl_AppendElement(interp,
- "while setting msg_ret variable");
- retcode = TCL_ERROR;
- goto finished;
- }
- set_ok(interp, "Password changed.");
- }
- else {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
-
-finished:
- krb5_free_principal(context, princ);
- return retcode;
-}
-
-
-
-static int tcl_kadm5_randkey_principal(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- krb5_principal princ;
- krb5_keyblock *keyblocks;
- int num_keys;
- char *keyblock_var, *num_var, buf[50];
- Tcl_DString *keyblock_dstring = 0;
- krb5_error_code krb5_ret;
- kadm5_ret_t ret;
- int retcode = TCL_OK;
-
- GET_HANDLE(3, 0);
-
- if ((krb5_ret = krb5_parse_name(context, argv[0], &princ)) != 0) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing principal name");
- return TCL_ERROR;
- }
-
- if (parse_str(interp, argv[1], &keyblock_var) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing keyblock variable name");
- retcode = TCL_ERROR;
- goto finished;
- }
- if (parse_str(interp, argv[2], &num_var) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing keyblock variable name");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- ret = kadm5_randkey_principal(server_handle,
- princ, keyblock_var ? &keyblocks : 0,
- &num_keys);
-
- if (ret == KADM5_OK) {
- if (keyblock_var) {
- keyblock_dstring = unparse_keyblocks(keyblocks, num_keys);
- if (! Tcl_SetVar(interp, keyblock_var,
- keyblock_dstring->string,
- TCL_LEAVE_ERR_MSG)) {
- Tcl_AppendElement(interp,
- "while setting keyblock variable");
- retcode = TCL_ERROR;
- goto finished;
- }
- }
- if (num_var) {
- sprintf(buf, "%d", num_keys);
- if (! Tcl_SetVar(interp, num_var, buf,
- TCL_LEAVE_ERR_MSG)) {
- Tcl_AppendElement(interp,
- "while setting num_keys variable");
- }
- }
- set_ok(interp, "Key randomized.");
- }
- else {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
-
-finished:
- krb5_free_principal(context, princ);
- if (keyblock_dstring) {
- Tcl_DStringFree(keyblock_dstring);
- free(keyblock_dstring);
- }
- return retcode;
-}
-
-
-
-static int tcl_kadm5_get_principal(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- krb5_principal princ;
- kadm5_principal_ent_rec ent;
- Tcl_DString *ent_dstring = 0;
- char *ent_var;
- char *name;
- krb5_error_code krb5_ret;
- int tcl_ret;
- kadm5_ret_t ret = -1;
- krb5_int32 mask;
- int retcode = TCL_OK;
-
- GET_HANDLE(3, 1);
-
- if((tcl_ret = parse_str(interp, argv[0], &name)) != TCL_OK)
- return tcl_ret;
- if(name != NULL) {
- if ((krb5_ret = krb5_parse_name(context, name, &princ)) != 0) {
- stash_error(interp, krb5_ret);
- Tcl_AppendElement(interp, "while parsing principal name");
- return TCL_ERROR;
- }
- } else princ = NULL;
-
- if ((tcl_ret = parse_str(interp, argv[1], &ent_var)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing entry variable name");
- retcode = TCL_ERROR;
- goto finished;
- }
- if ((tcl_ret = parse_principal_mask(interp, argv[2], &mask)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing principal mask");
- retcode = TCL_ERROR;
- goto finished;
- }
-
- ret = kadm5_get_principal(server_handle, princ, ent_var ? &ent : 0,
- mask);
-
- if (ret == KADM5_OK) {
- if (ent_var) {
- ent_dstring = unparse_principal_ent(&ent, mask);
- if (! Tcl_SetVar(interp, ent_var, ent_dstring->string,
- TCL_LEAVE_ERR_MSG)) {
- Tcl_AppendElement(interp,
- "while setting entry variable");
- retcode = TCL_ERROR;
- goto finished;
- }
- set_ok(interp, "Principal retrieved.");
- }
- }
- else {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
-
-finished:
- if (ent_dstring) {
- Tcl_DStringFree(ent_dstring);
- free(ent_dstring);
- }
- if(princ != NULL)
- krb5_free_principal(context, princ);
- if (ret == KADM5_OK && ent_var &&
- (ret = kadm5_free_principal_ent(server_handle, &ent)) &&
- (retcode == TCL_OK)) {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
- return retcode;
-}
-
-static int tcl_kadm5_create_policy(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- int tcl_ret;
- kadm5_ret_t ret;
- int retcode = TCL_OK;
- char *policy_string;
- kadm5_policy_ent_t policy = 0;
- krb5_int32 mask;
-
- GET_HANDLE(2, 0);
-
- if ((tcl_ret = parse_str(interp, argv[0], &policy_string)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing policy");
- return tcl_ret;
- }
-
- if (policy_string &&
- ((tcl_ret = parse_policy_ent(interp, policy_string, &policy))
- != TCL_OK)) {
- return tcl_ret;
- }
-
- if ((tcl_ret = parse_policy_mask(interp, argv[1], &mask)) != TCL_OK) {
- retcode = tcl_ret;
- goto finished;
- }
-
- ret = kadm5_create_policy(server_handle, policy, mask);
-
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- goto finished;
- }
- else {
- set_ok(interp, "Policy created.");
- }
-
-finished:
- if (policy) {
- free_policy_ent(&policy);
- }
- return retcode;
-}
-
-
-
-static int tcl_kadm5_delete_policy(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- kadm5_ret_t ret;
- char *policy;
-
- GET_HANDLE(1, 0);
-
- if (parse_str(interp, argv[0], &policy) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing policy name");
- return TCL_ERROR;
- }
-
- ret = kadm5_delete_policy(server_handle, policy);
-
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
- else {
- set_ok(interp, "Policy deleted.");
- return TCL_OK;
- }
-}
-
-
-
-static int tcl_kadm5_modify_policy(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- char *policy_string;
- kadm5_policy_ent_t policy = 0;
- int tcl_ret;
- krb5_int32 mask;
- int retcode = TCL_OK;
- kadm5_ret_t ret;
-
- GET_HANDLE(2, 0);
-
- if ((tcl_ret = parse_str(interp, argv[0], &policy_string)) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing policy");
- return tcl_ret;
- }
-
- if (policy_string &&
- ((tcl_ret = parse_policy_ent(interp, policy_string, &policy))
- != TCL_OK)) {
- return tcl_ret;
- }
-
- if ((tcl_ret = parse_policy_mask(interp, argv[1], &mask)) != TCL_OK) {
- retcode = TCL_ERROR;
- goto finished;
- }
-
- ret = kadm5_modify_policy(server_handle, policy, mask);
-
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
- else {
- set_ok(interp, "Policy modified.");
- }
-
-finished:
- if (policy) {
- free_policy_ent(&policy);
- }
- return retcode;
-}
-
-
-static int tcl_kadm5_get_policy(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- kadm5_policy_ent_rec ent;
- Tcl_DString *ent_dstring = 0;
- char *policy;
- char *ent_var;
- kadm5_ret_t ret;
- int retcode = TCL_OK;
-
- GET_HANDLE(2, 1);
-
- if (parse_str(interp, argv[0], &policy) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing policy name");
- return TCL_ERROR;
- }
-
- if (parse_str(interp, argv[1], &ent_var) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing entry variable name");
- return TCL_ERROR;
- }
-
- ret = kadm5_get_policy(server_handle, policy, ent_var ? &ent : 0);
-
- if (ret == KADM5_OK) {
- if (ent_var) {
- ent_dstring = unparse_policy_ent(&ent);
- if (! Tcl_SetVar(interp, ent_var, ent_dstring->string,
- TCL_LEAVE_ERR_MSG)) {
- Tcl_AppendElement(interp,
- "while setting entry variable");
- retcode = TCL_ERROR;
- goto finished;
- }
- set_ok(interp, "Policy retrieved.");
- }
- }
- else {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
-
-finished:
- if (ent_dstring) {
- Tcl_DStringFree(ent_dstring);
- free(ent_dstring);
- }
- if (ent_var && ret == KADM5_OK &&
- (ret = kadm5_free_policy_ent(server_handle, &ent)) &&
- (retcode == TCL_OK)) {
- stash_error(interp, ret);
- retcode = TCL_ERROR;
- }
- return retcode;
-}
-
-
-
-static int tcl_kadm5_free_principal_ent(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- char *ent_name;
- kadm5_principal_ent_t ent;
- kadm5_ret_t ret;
-
- GET_HANDLE(1, 0);
-
- if (parse_str(interp, argv[0], &ent_name) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing entry name");
- return TCL_ERROR;
- }
-
- if ((! ent_name) &&
- (ret = kadm5_free_principal_ent(server_handle, 0))) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
- else {
- Tcl_HashEntry *entry;
-
- if (strncmp(ent_name, "principal", sizeof("principal")-1)) {
- Tcl_AppendResult(interp, "invalid principal handle \"",
- ent_name, "\"", 0);
- return TCL_ERROR;
- }
- if (! struct_table) {
- if (! (struct_table = malloc(sizeof(*struct_table)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
- Tcl_InitHashTable(struct_table, TCL_STRING_KEYS);
- }
-
- if (! (entry = Tcl_FindHashEntry(struct_table, ent_name))) {
- Tcl_AppendResult(interp, "principal handle \"", ent_name,
- "\" not found", 0);
- return TCL_ERROR;
- }
-
- ent = (kadm5_principal_ent_t) Tcl_GetHashValue(entry);
-
- ret = kadm5_free_principal_ent(server_handle, ent);
- if (ret != KADM5_OK) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
- Tcl_DeleteHashEntry(entry);
- }
- set_ok(interp, "Principal freed.");
- return TCL_OK;
-}
-
-
-static int tcl_kadm5_free_policy_ent(ClientData clientData,
- Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- char *ent_name;
- kadm5_policy_ent_t ent;
- kadm5_ret_t ret;
-
- GET_HANDLE(1, 0);
-
- if (parse_str(interp, argv[0], &ent_name) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing entry name");
- return TCL_ERROR;
- }
-
- if ((! ent_name) &&
- (ret = kadm5_free_policy_ent(server_handle, 0))) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
- else {
- Tcl_HashEntry *entry;
-
- if (strncmp(ent_name, "policy", sizeof("policy")-1)) {
- Tcl_AppendResult(interp, "invalid principal handle \"",
- ent_name, "\"", 0);
- return TCL_ERROR;
- }
- if (! struct_table) {
- if (! (struct_table = malloc(sizeof(*struct_table)))) {
- fprintf(stderr, "Out of memory!\n");
- exit(1); /* XXX */
- }
- Tcl_InitHashTable(struct_table, TCL_STRING_KEYS);
- }
-
- if (! (entry = Tcl_FindHashEntry(struct_table, ent_name))) {
- Tcl_AppendResult(interp, "policy handle \"", ent_name,
- "\" not found", 0);
- return TCL_ERROR;
- }
-
- ent = (kadm5_policy_ent_t) Tcl_GetHashValue(entry);
-
- if ((ret = kadm5_free_policy_ent(server_handle, ent)) != KADM5_OK) {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
- Tcl_DeleteHashEntry(entry);
- }
- set_ok(interp, "Policy freed.");
- return TCL_OK;
-}
-
-
-static int tcl_kadm5_get_privs(ClientData clientData, Tcl_Interp *interp,
- int argc, const char *argv[])
-{
- const char *set_ret;
- kadm5_ret_t ret;
- char *priv_var;
- long privs;
-
- GET_HANDLE(1, 0);
-
- if (parse_str(interp, argv[0], &priv_var) != TCL_OK) {
- Tcl_AppendElement(interp, "while parsing privs variable name");
- return TCL_ERROR;
- }
-
- ret = kadm5_get_privs(server_handle, priv_var ? &privs : 0);
-
- if (ret == KADM5_OK) {
- if (priv_var) {
- Tcl_DString *str = unparse_privs(privs);
- set_ret = Tcl_SetVar(interp, priv_var, str->string,
- TCL_LEAVE_ERR_MSG);
- Tcl_DStringFree(str);
- free(str);
- if (! set_ret) {
- Tcl_AppendElement(interp, "while setting priv variable");
- return TCL_ERROR;
- }
- }
- set_ok(interp, "Privileges retrieved.");
- return TCL_OK;
- }
- else {
- stash_error(interp, ret);
- return TCL_ERROR;
- }
-}
-
-
-void Tcl_kadm5_init(Tcl_Interp *interp)
-{
- char buf[20];
-
- Tcl_SetVar(interp, "KADM5_ADMIN_SERVICE",
- KADM5_ADMIN_SERVICE, TCL_GLOBAL_ONLY);
- Tcl_SetVar(interp, "KADM5_CHANGEPW_SERVICE",
- KADM5_CHANGEPW_SERVICE, TCL_GLOBAL_ONLY);
- (void) sprintf(buf, "%d", KADM5_STRUCT_VERSION);
- Tcl_SetVar(interp, "KADM5_STRUCT_VERSION", buf, TCL_GLOBAL_ONLY);
- (void) sprintf(buf, "%d", KADM5_API_VERSION_2);
- Tcl_SetVar(interp, "KADM5_API_VERSION_2", buf, TCL_GLOBAL_ONLY);
- (void) sprintf(buf, "%d", KADM5_API_VERSION_3);
- Tcl_SetVar(interp, "KADM5_API_VERSION_3", buf, TCL_GLOBAL_ONLY);
- (void) sprintf(buf, "%d", KADM5_API_VERSION_4);
- Tcl_SetVar(interp, "KADM5_API_VERSION_4", buf, TCL_GLOBAL_ONLY);
- (void) sprintf(buf, "%d", KADM5_API_VERSION_MASK);
- Tcl_SetVar(interp, "KADM5_API_VERSION_MASK", buf, TCL_GLOBAL_ONLY);
- (void) sprintf(buf, "%d", KADM5_STRUCT_VERSION_MASK);
- Tcl_SetVar(interp, "KADM5_STRUCT_VERSION_MASK", buf,
- TCL_GLOBAL_ONLY);
-
- Tcl_CreateCommand(interp, "kadm5_init", tcl_kadm5_init, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_init_with_creds",
- tcl_kadm5_init_with_creds, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_destroy", tcl_kadm5_destroy, 0,
- 0);
- Tcl_CreateCommand(interp, "kadm5_create_principal",
- tcl_kadm5_create_principal, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_delete_principal",
- tcl_kadm5_delete_principal, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_modify_principal",
- tcl_kadm5_modify_principal, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_rename_principal",
- tcl_kadm5_rename_principal, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_chpass_principal",
- tcl_kadm5_chpass_principal, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_chpass_principal_util",
- tcl_kadm5_chpass_principal_util, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_randkey_principal",
- tcl_kadm5_randkey_principal, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_get_principal",
- tcl_kadm5_get_principal, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_create_policy",
- tcl_kadm5_create_policy, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_delete_policy",
- tcl_kadm5_delete_policy, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_modify_policy",
- tcl_kadm5_modify_policy, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_get_policy",
- tcl_kadm5_get_policy, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_free_principal_ent",
- tcl_kadm5_free_principal_ent, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_free_policy_ent",
- tcl_kadm5_free_policy_ent, 0, 0);
- Tcl_CreateCommand(interp, "kadm5_get_privs",
- tcl_kadm5_get_privs, 0, 0);
-}
diff --git a/src/kadmin/testing/util/tcl_kadm5.h b/src/kadmin/testing/util/tcl_kadm5.h
deleted file mode 100644
index 1f91a11a1..000000000
--- a/src/kadmin/testing/util/tcl_kadm5.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-
-void Tcl_kadm5_init(Tcl_Interp *interp);
diff --git a/src/kadmin/testing/util/tcl_kadm5_syntax b/src/kadmin/testing/util/tcl_kadm5_syntax
deleted file mode 100644
index 5f16e58e0..000000000
--- a/src/kadmin/testing/util/tcl_kadm5_syntax
+++ /dev/null
@@ -1,57 +0,0 @@
-Here's a brief summary of the syntax of the tcl versions of the
-kadm5 functions:
-
-string Can be a string or "null" which will turn into a null pointer
-principal_ent A 12-field list in the order of the principal_ent
- structure: {string number number number number string
- number mask number number string mask}
- It can also be "null", like a string, to indicate that
- a null structure pointer should be used.
-mask Either a number, representing the actual value of the
- mask, or a sequence of symbols in a list. Example:
- {PRINCIPAL ATTRIBUTES} is a valid principal mask.
-boolean "1", "0", "true", "false", etc.
-varname The name of a Tcl variable, or "null" to not assign.
-policy_ent Similar to principal_ent, but with seven fields,
- instead of 12. The first is a string, and the rest
- are numbers.
-
-init
- client_name:string pass:string service_name:string
- realm:string struct_version:int api_version:int
- server_handle_ret:varname
-destroy
- server_handle:string
-create_principal
- server_handle:string principal:principal_ent
- mask:principal_mask password:string
-delete_principal
- server_handle:string name:string
-modify_principal
- server_handle:string principal_principal_ent
- mask:principal_mask
-rename_principal
- server_handle:string source:string target:string
-chpass_principal
- server_handle:string name:string password:string
-chpass_principal_util
- server_handle:string name:string password:string
- pw_ret:varname msg_ret:varname
-randkey_principal
- server_handle:string name:string keyblock_var:varname
-get_principal [-struct]
- server_handle:string name:string princ_var:varname
-create_policy
- server_handle:string policy:policy_ent mask:policy_mask
-delete_policy
- server_handle:string name:string
-modify_policy
- server_handle:string policy:policy_ent mask:policy_mask
-get_policy [-struct]
- server_handle:string name:string policy_var:varname
-free_principal_ent
- server_handle:string handle:string
-free_policy_ent
- server_handle:string handle:string
-get_privs
- server_handle:string privs:priv_var
diff --git a/src/kadmin/testing/util/tcl_krb5_hash.c b/src/kadmin/testing/util/tcl_krb5_hash.c
deleted file mode 100644
index 35c6bb0b3..000000000
--- a/src/kadmin/testing/util/tcl_krb5_hash.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * All of the TCL krb5 functions which return (or place into output
- * variables) structures or pointers to structures that can't be
- * represented as tcl native types, do so by returning a handle for
- * the appropriate structure. The handle is a string of the form
- * "type$id", where "type" is the type of datum represented by the
- * handle and "id" is a unique identifier for it. This handle can
- * then be used later by the caller to refer to the object, and
- * internally to retrieve the actually datum from the appropriate hash
- * table.
- *
- * The functions in this file do four things:
- *
- * 1) Given a pointer to a datum and a string representing the type of
- * datum to which the pointer refers, create a new handle for the
- * datum, store the datum in the hash table using the new handle as
- * its key, and return the new handle.
- *
- * 2) Given a handle, locate and return the appropriate hash table
- * datum.
- *
- * 3) Given a handle, look through a table of types and unparse
- * functions to figure out what function to call to get a string
- * representation of the datum, call it with the appropriate pointer
- * (obtained from the hash table) as an argument, and return the
- * resulting string as the unparsed form of the datum.
- *
- * 4) Given a handle, remove that handle and its associated datum from
- * the hash table (but don't free it -- it's assumed to have already
- * been freed by the caller).
- */
-
-#if HAVE_TCL_H
-#include <tcl.h>
-#elif HAVE_TCL_TCL_H
-#include <tcl/tcl.h>
-#endif
-#include <assert.h>
-
-#define SEP_STR "$"
-
-static char *memory_error = "out of memory";
-
-/*
- * Right now, we're only using one hash table. However, at some point
- * in the future, we might decide to use a separate hash table for
- * every type. Therefore, I'm putting this function in as an
- * abstraction so it's the only thing we'll have to change if we
- * decide to do that.
- *
- * Also, this function allows us to put in just one place the code for
- * checking to make sure that the hash table exists and initializing
- * it if it doesn't.
- */
-
-static TclHashTable *get_hash_table(Tcl_Interp *interp,
- char *type)
-{
- static Tcl_HashTable *hash_table = 0;
-
- if (! hash_table) {
- if (! (hash_table = malloc(sizeof(*hash_table)))) {
- Tcl_SetResult(interp, memory_error, TCL_STATIC);
- return 0;
- }
- Tcl_InitHashTable(hash_table, TCL_STRING_KEYS);
- }
- return hash_table;
-}
-
-#define MAX_ID 999999999
-#define ID_BUF_SIZE 10
-
-static Tcl_HashEntry *get_new_handle(Tcl_Interp *interp,
- char *type)
-{
- static unsigned long int id_counter = 0;
- Tcl_DString *handle;
- char int_buf[ID_BUF_SIZE];
-
- if (! (handle = malloc(sizeof(*handle)))) {
- Tcl_SetResult(interp, memory_error, TCL_STATIC);
- return 0;
- }
- Tcl_DStringInit(handle);
-
- assert(id_counter <= MAX_ID);
-
- sprintf(int_buf, "%d", id_counter++);
-
- Tcl_DStringAppend(handle, type, -1);
- Tcl_DStringAppend(handle, SEP_STR, -1);
- Tcl_DStringAppend(handle, int_buf, -1);
-
- return handle;
-}
-
-
-Tcl_DString *tcl_krb5_create_object(Tcl_Interp *interp,
- char *type,
- ClientData datum)
-{
- Tcl_HashTable *table;
- Tcl_DString *handle;
- Tcl_HashEntry *entry;
- int entry_created = 0;
-
- if (! (table = get_hash_table(interp, type))) {
- return 0;
- }
-
- if (! (handle = get_new_handle(interp, type))) {
- return 0;
- }
-
- if (! (entry = Tcl_CreateHashEntry(table, handle, &entry_created))) {
- Tcl_SetResult(interp, "error creating hash entry", TCL_STATIC);
- Tcl_DStringFree(handle);
- return TCL_ERROR;
- }
-
- assert(entry_created);
-
- Tcl_SetHashValue(entry, datum);
-
- return handle;
-}
-
-ClientData tcl_krb5_get_object(Tcl_Interp *interp,
- char *handle)
-{
- char *myhandle, *id_ptr;
- Tcl_HashTable *table;
- Tcl_HashEntry *entry;
-
- if (! (myhandle = strdup(handle))) {
- Tcl_SetResult(interp, memory_error, TCL_STATIC);
- return 0;
- }
-
- if (! (id_ptr = index(myhandle, *SEP_STR))) {
- free(myhandle);
- Tcl_ResetResult(interp);
- Tcl_AppendResult(interp, "malformatted handle \"", handle,
- "\"", 0);
- return 0;
- }
-
- *id_ptr = '\0';
-
- if (! (table = get_hash_table(interp, myhandle))) {
- free(myhandle);
- return 0;
- }
-
- free(myhandle);
-
- if (! (entry = Tcl_FindHashEntry(table, handle))) {
- Tcl_ResetResult(interp);
- Tcl_AppendResult(interp, "no object corresponding to handle \"",
- handle, "\"", 0);
- return 0;
- }
-
- return(Tcl_GetHashValue(entry));
-}
diff --git a/src/kadmin/testing/util/test.c b/src/kadmin/testing/util/test.c
deleted file mode 100644
index 37e49d680..000000000
--- a/src/kadmin/testing/util/test.c
+++ /dev/null
@@ -1,38 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include "autoconf.h"
-#if HAVE_TCL_H
-#include <tcl.h>
-#elif HAVE_TCL_TCL_H
-#include <tcl/tcl.h>
-#endif
-#include "tcl_kadm5.h"
-
-#define _TCL_MAIN ((TCL_MAJOR_VERSION * 100 + TCL_MINOR_VERSION) >= 704)
-
-#if _TCL_MAIN
-int
-main(argc, argv)
- int argc; /* Number of command-line arguments. */
- char **argv; /* Values of command-line arguments. */
-{
- Tcl_Main(argc, argv, Tcl_AppInit);
- return 0; /* Needed only to prevent compiler warning. */
-}
-#else
-/*
- * The following variable is a special hack that allows applications
- * to be linked using the procedure "main" from the Tcl library. The
- * variable generates a reference to "main", which causes main to
- * be brought in from the library (and all of Tcl with it).
- */
-
-extern int main();
-int *tclDummyMainPtr = (int *) main;
-#endif
-
-int Tcl_AppInit(Tcl_Interp *interp)
-{
- Tcl_kadm5_init(interp);
-
- return(TCL_OK);
-}
diff --git a/src/lib/kadm5/Makefile.in b/src/lib/kadm5/Makefile.in
index f94c0a7da..3ff71c42b 100644
--- a/src/lib/kadm5/Makefile.in
+++ b/src/lib/kadm5/Makefile.in
@@ -1,6 +1,6 @@
mydir=lib$(S)kadm5
BUILDTOP=$(REL)..$(S)..
-SUBDIRS = clnt srv unit-test
+SUBDIRS = clnt srv
##DOSBUILDTOP = ..\..
@@ -98,6 +98,7 @@ generate-files-mac-prerecurse: includes
check-windows:
clean-unix:: clean-libobjs
+ $(RM) t_kadm5clnt t_kadm5srv t_kadm5.o
clean-windows::
diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/unit-test/Makefile.in
deleted file mode 100644
index 68fa097ff..000000000
--- a/src/lib/kadm5/unit-test/Makefile.in
+++ /dev/null
@@ -1,143 +0,0 @@
-mydir=lib$(S)kadm5$(S)unit-test
-BUILDTOP=$(REL)..$(S)..$(S)..
-KDB_DEP_LIB=$(DL_LIB) $(THREAD_LINKOPTS)
-
-SRCS= init-test.c destroy-test.c handle-test.c iter-test.c setkey-test.c \
- randkey-test.c lock-test.c
-
-#
-# The client-side test programs.
-#
-
-init-test: init-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o init-test init-test.o \
- $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
-
-destroy-test: destroy-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o destroy-test destroy-test.o \
- $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
-
-client-handle-test: client-handle-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o client-handle-test client-handle-test.o \
- $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
-
-client-handle-test.o: handle-test.c
- $(CC) $(ALL_CFLAGS) -DCLIENT_TEST -o client-handle-test.o -c $(srcdir)/handle-test.c
-
-client-iter-test: iter-test.o $(KADMLCNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o client-iter-test iter-test.o \
- $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
-
-client-setkey-test: setkey-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o client-setkey-test setkey-test.o \
- $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
-
-#
-# The server-side test programs.
-#
-
-randkey-test: randkey-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o randkey-test randkey-test.o \
- $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
-
-server-handle-test: handle-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o server-handle-test handle-test.o \
- $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
-
-lock-test: lock-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o lock-test lock-test.o \
- $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
-
-server-iter-test: iter-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o server-iter-test iter-test.o \
- $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
-
-server-setkey-test: setkey-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o server-setkey-test setkey-test.o \
- $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
-
-runenv.exp: Makefile
- $(RUN_SETUP); for i in $(RUN_VARS); do \
- eval echo "set env\($$i\) \$$$$i"; done > runenv.exp
-
-#
-# The unit-test targets
-#
-
-check: check-@DO_TEST@
-
-check-:
- @echo "+++"
- @echo "+++ WARNING: lib/kadm5 unit tests not run."
- @echo "+++ Either tcl, runtest, or Perl is unavailable."
- @echo "+++"
-
-check-ok unit-test: unit-test-client unit-test-server
-
-unit-test-client: unit-test-client-setup unit-test-client-body \
- unit-test-client-cleanup
-
-unit-test-server: unit-test-server-setup unit-test-server-body \
- unit-test-server-cleanup
-
-test-randkey: randkey-test
- $(ENV_SETUP) $(VALGRIND) ./randkey-test
-
-test-handle-server: server-handle-test
- $(ENV_SETUP) $(VALGRIND) ./server-handle-test
-
-test-handle-client: client-handle-test
- $(ENV_SETUP) $(VALGRIND) ./client-handle-test
-
-test-noauth: init-test
- $(ENV_SETUP) $(VALGRIND) ./init-test
-
-test-destroy: destroy-test
- $(ENV_SETUP) $(VALGRIND) ./destroy-test
-
-test-setkey-client: client-setkey-test
- $(ENV_SETUP) $(VALGRIND) ./client-setkey-test testkeys admin admin
-
-unit-test-client-setup: runenv.sh
- $(ENV_SETUP) $(VALGRIND) $(START_SERVERS)
-
-unit-test-client-cleanup:
- $(ENV_SETUP) $(STOP_SERVERS)
-
-unit-test-server-setup: runenv.sh
- $(ENV_SETUP) $(VALGRIND) $(START_SERVERS_LOCAL)
-
-unit-test-server-cleanup:
- $(ENV_SETUP) $(STOP_SERVERS_LOCAL)
-
-unit-test-client-body: site.exp test-noauth test-destroy test-handle-client \
- test-setkey-client runenv.exp
- $(ENV_SETUP) $(RUNTEST) --tool api RPC=1 API=$(CLNTTCL) \
- KINIT=$(BUILDTOP)/clients/kinit/kinit \
- KDESTROY=$(BUILDTOP)/clients/kdestroy/kdestroy \
- KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local \
- PRIOCNTL_HACK=@PRIOCNTL_HACK@ VALGRIND="$(VALGRIND)" \
- $(RUNTESTFLAGS)
- -mv api.log capi.log
- -mv api.sum capi.sum
-
-unit-test-server-body: site.exp test-handle-server lock-test
- $(ENV_SETUP) $(RUNTEST) --tool api RPC=0 API=$(SRVTCL) \
- LOCKTEST=./lock-test \
- KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local \
- PRIOCNTL_HACK=@PRIOCNTL_HACK@ VALGRIND="$(VALGRIND)" \
- $(RUNTESTFLAGS)
- -mv api.log sapi.log
- -mv api.sum sapi.sum
-
-clean:
- $(RM) init-test client_init.o init-test.o
- $(RM) destroy-test destroy-test.o
- $(RM) client-handle-test handle-test.o client-handle-test.o
- $(RM) client-iter-test iter-test.o
- $(RM) randkey-test randkey-test.o
- $(RM) server-handle-test handle-test.o
- $(RM) lock-test lock-test.o
- $(RM) server-iter-test iter-test.o
- $(RM) server-setkey-test client-setkey-test setkey-test.o
- $(RM) *.log *.plog *.sum *.psum unit-test-log.* runenv.exp
diff --git a/src/lib/kadm5/unit-test/api.2/crte-policy.exp b/src/lib/kadm5/unit-test/api.2/crte-policy.exp
deleted file mode 100644
index 4902ea59f..000000000
--- a/src/lib/kadm5/unit-test/api.2/crte-policy.exp
+++ /dev/null
@@ -1,927 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-# Description: (1) Fails for mask with undefined bit set.
-# 01/24/94: pshuang: untried.
-test "create-policy 1"
-proc test1 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- 0xF01000
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test1
-
-# Description: (2) Fails if caller connected with CHANGEPW_SERVICE.
-test "create-policy 2"
-proc test2 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy";
- return
- }
-}
-if {$RPC} { test2 }
-
-# Description: (3) Fails for mask without POLICY bit set.
-# 01/24/94: pshuang: untried.
-test "create-policy 3"
-proc test3 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- 0x000000
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3
-
-# Description: (5) Fails for invalid policy name.
-# 01/24/94: pshuang: untried.
-test "create-policy 5"
-proc test5 {} {
- global test
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/"] \
- {KADM5_POLICY}
- } $test] "BAD_POLICY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-# Description: (6) Fails for existing policy name.
-test "create-policy 6"
-proc test6 {} {
- global test
-# set prms_id 777
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_policy $server_handle [simple_policy test-pol] \
- {KADM5_POLICY}
- } "DUP"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test6
-
-# Description: (7) Fails for null policy name.
-# 01/24/94: pshuang: untried.
-test "create-policy 7"
-proc test7 {} {
- global test
-# set prms_id 1977
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_policy $server_handle [simple_policy null] \
- {KADM5_POLICY}
- } "EINVAL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test7
-
-# Description: (8) Fails for empty-string policy name.
-test "create-policy 8"
-proc test8 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_policy $server_handle [simple_policy ""] \
- {KADM5_POLICY}
- } "BAD_POLICY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-# Description: (9) Accepts 0 for pw_min_life.
-test "create-policy 9"
-proc test9 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_MIN_LIFE}
- } $test]]} {
- fail "$test: create failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-# Description: (10) Accepts non-zero for pw_min_life.
-test "create-policy 10"
-proc test10 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 32 0 0 0 0 0 } \
- {KADM5_POLICY KADM5_PW_MIN_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-# Description: (11) Accepts 0 for pw_max_life.
-test "create-policy 11"
-proc test11 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_MAX_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-# Description: (12) Accepts non-zero for pw_max_life.
-test "create-policy 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 32 0 0 0 0 } \
- {KADM5_POLICY KADM5_PW_MAX_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-# Description: (13) Rejects 0 for pw_min_length.
-test "create-policy 13"
-proc test13 {} {
- global test
- global prompt
-
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_MIN_LENGTH}
- } $test] "BAD_LENGTH"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-# Description: (14) Accepts non-zero for pw_min_length.
-test "create-policy 14"
-proc test14 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 8 0 0 0 } \
- {KADM5_POLICY KADM5_PW_MIN_LENGTH}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 3\n"
- expect {
- -re "8\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-# Description: (15) Rejects 0 for pw_min_classes.
-test "create-policy 15"
-proc test15 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-# Description: (16) Accepts 1 for pw_min_classes.
-test "create-policy 16"
-proc test16 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 1 0 0 } \
- {KADM5_POLICY KADM5_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-# Description: (17) Accepts 4 for pw_min_classes.
-test "create-policy 17"
-proc test17 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 5 0 0} \
- {KADM5_POLICY KADM5_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "5\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-# Description: (18) Rejects 5 for pw_min_classes.
-test "create-policy 18"
-proc test18 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 6 0 0} \
- {KADM5_POLICY KADM5_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-# Description: (19) Rejects 0 for pw_history_num.
-test "create-policy 19"
-proc test19 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_HISTORY_NUM}
- } $test] "BAD_HISTORY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-# Description: (20) Accepts 1 for pw_history_num.
-test "create-policy 20"
-proc test20 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 0 1 0} \
- {KADM5_POLICY KADM5_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-# Description: (21) Accepts 10 for pw_history_num.
-test "create-policy 21"
-proc test21 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 0 10 0} \
- {KADM5_POLICY KADM5_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "10\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-# Description: (22) Fails for user with no access bits.
-test "create-policy 22"
-proc test22 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test22
-
-# Description: (23) Fails for user with "get" but not "add".
-test "create-policy 23"
-proc test23 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test23
-
-# Description: (24) Fails for user with "modify" but not "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 24"
-proc test24 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test24
-
-# Description: (25) Fails for user with "delete" but not "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 25"
-proc test25 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test25
-
-# Description: Succeeds for user with "add".
-test "create-policy 26"
-proc test26 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-# Description: Succeeds for user with "get" and "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 27"
-proc test27 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/get-add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test27
-
-# Description: (28) Rejects null policy argument.
-# 01/24/94: pshuang: untried.
-test "create-policy 28"
-proc test28 {} {
- global test
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_policy $server_handle null {KADM5_POLICY}
- } "EINVAL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "create-policy 30"
-proc test30 {} {
- global test
- one_line_fail_test [format {
- kadm5_create_policy null [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "BAD_SERVER_HANDLE"
-}
-test30
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.2/get-policy.exp b/src/lib/kadm5/unit-test/api.2/get-policy.exp
deleted file mode 100644
index 83aef80e8..000000000
--- a/src/lib/kadm5/unit-test/api.2/get-policy.exp
+++ /dev/null
@@ -1,199 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "get-policy 3"
-proc test3 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {kadm5_get_policy $server_handle "" p} "BAD_POLICY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3
-
-test "get-policy 6"
-proc test6 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test6
-
-test "get-policy 7"
-proc test7 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test7
-
-test "get-policy 11"
-proc test11 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/get-pol StupidAdmin $KADM5_ADMIN_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_get_policy $server_handle test-pol p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "get-policy 12"
-proc test12 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/get-pol StupidAdmin \
- $KADM5_CHANGEPW_SERVICE null $KADM5_STRUCT_VERSION \
- $KADM5_API_VERSION_2 server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {kadm5_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "get-policy 15"
-proc test15 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/pol StupidAdmin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {kadm5_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "get-policy 16"
-proc test16 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/pol StupidAdmin $KADM5_CHANGEPW_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {kadm5_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-test "get-policy 17"
-proc test17 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_get_policy $server_handle test-pol p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "get-policy 18"
-proc test18 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test18
-
-test "get-policy 21"
-proc test21 {} {
- global test
-
- one_line_fail_test {kadm5_get_policy null "pol1" p} "BAD_SERVER_HANDLE"
-}
-test21
diff --git a/src/lib/kadm5/unit-test/api.2/mod-policy.exp b/src/lib/kadm5/unit-test/api.2/mod-policy.exp
deleted file mode 100644
index 904edca8a..000000000
--- a/src/lib/kadm5/unit-test/api.2/mod-policy.exp
+++ /dev/null
@@ -1,675 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "modify-policy 2"
-proc test2 {} {
- global test
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2 }
-
-test "modify-policy 8"
-proc test8 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_modify_policy $server_handle [simple_policy ""] \
- {KADM5_PW_MAX_LIFE}
- } "BAD_POLICY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-test "modify-policy 9"
-proc test9 {} {
- global test
- global prompt
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MIN_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "modify-policy 10"
-proc test10 {} {
- global test
- global prompt
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 32 0 0 0 0 0} \
- {KADM5_PW_MIN_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-
-test "modify-policy 11"
-proc test11 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "modify-policy 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 32 0 0 0 0} \
- {KADM5_PW_MAX_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "modify-policy 13"
-proc test13 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MIN_LENGTH}
- } $test] "BAD_LENGTH"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "modify-policy 14"
-proc test14 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 8 0 0 0} \
- {KADM5_PW_MIN_LENGTH}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 3\n"
- expect {
- -re "8\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "modify-policy 15"
-proc test15 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "modify-policy 16"
-proc test16 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0} \
- {KADM5_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-test "modify-policy 17"
-proc test17 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 5 0 0} \
- {KADM5_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "5\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "modify-policy 18"
-proc test18 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 6 0 0} \
- {KADM5_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-test "modify-policy 19"
-proc test19 {} {
- global test
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_HISTORY_NUM}
- } $test] "BAD_HISTORY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-test "modify-policy 20"
-proc test20 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 1 0} \
- {KADM5_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-test "modify-policy 21"
-proc test21 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 10 0} \
- {KADM5_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "10\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-test "modify-policy 22"
-proc test22 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test22
-
-test "modify-policy 23"
-proc test23 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test23
-
-test "modify-policy 26"
-proc test26 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-test "modify-policy 30"
-proc test30 {} {
- global test
-
- one_line_fail_test [format {
- kadm5_modify_policy null [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test] "BAD_SERVER_HANDLE"
-}
-test30
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
deleted file mode 100644
index 740425c69..000000000
--- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
+++ /dev/null
@@ -1,68 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "chpass-principal 200"
-proc test200 {} {
- global test prompt
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal "$test/a"]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- # I'd like to specify a long list of keysalt tuples and make sure
- # that chpass does the right thing, but we can only use those
- # enctypes that krbtgt has a key for: the AES enctypes, according to
- # the prototype kdc.conf.
- if {! [cmd [format {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_chpass_principal $server_handle "%s/a" newpassword
- } $test]]} {
- perror "$test: unexpected failure in chpass_principal"
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" p \
- {KADM5_PRINCIPAL_NORMAL_MASK KADM5_KEY_DATA}
- } $test]]} {
- perror "$test: unexpected failure in get_principal"
- }
- send "lindex \$p 16\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" { set num_keys $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting num_keys"
- return
- }
- eof {
- error_and_restart "$test: eof getting num_keys"
- return
- }
- }
-
- # XXX Perhaps I should actually check the key type returned.
- if {$num_keys == 5} {
- pass "$test"
- } else {
- fail "$test: $num_keys keys, should be 5"
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test200
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal.exp
deleted file mode 100644
index 47a19dc20..000000000
--- a/src/lib/kadm5/unit-test/api.current/chpass-principal.exp
+++ /dev/null
@@ -1,176 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "chpass-principal 180"
-proc test180 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_chpass_principal $server_handle "%s/a" FoobarBax
- } $test]
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test180 }
-
-test "chpass-principal 180.5"
-proc test1805 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_chpass_principal $server_handle "%s/a" FoobarBax
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test1805 }
-
-#
-# admin with changepw service tickets try to change other principals
-# password, fails with AUTH error
-test "chpass-principal 180.625"
-proc test180625 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_chpass_principal $server_handle "%s/a" password
- } $test] "AUTH"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test180625 }
-
-test "chpass-principal 180.75"
-proc test18075 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_chpass_principal $server_handle "%s/a" Foobar
- } $test] "AUTH_CHANGEPW"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test18075 }
-
-test "chpass-principal 182"
-proc test182 {} {
- global test
-
- if { ! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_chpass_principal $server_handle kadmin/history password
- } "PROTECT"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test182
-
-test "chpass-principal 183"
-proc test183 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if { ! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_chpass_principal null "%s/a" password
- } $test] "BAD_SERVER_HANDLE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test183
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/crte-policy.exp b/src/lib/kadm5/unit-test/api.current/crte-policy.exp
deleted file mode 100644
index 7e1eda63f..000000000
--- a/src/lib/kadm5/unit-test/api.current/crte-policy.exp
+++ /dev/null
@@ -1,927 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-# Description: (1) Fails for mask with undefined bit set.
-# 01/24/94: pshuang: untried.
-test "create-policy 1"
-proc test1 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- 0xF01000
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test1
-
-# Description: (2) Fails if caller connected with CHANGEPW_SERVICE.
-test "create-policy 2"
-proc test2 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy";
- return
- }
-}
-if {$RPC} { test2 }
-
-# Description: (3) Fails for mask without POLICY bit set.
-# 01/24/94: pshuang: untried.
-test "create-policy 3"
-proc test3 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete policy \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- 0x000000
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3
-
-# Description: (5) Fails for invalid policy name.
-# 01/24/94: pshuang: untried.
-test "create-policy 5"
-proc test5 {} {
- global test
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/"] \
- {KADM5_POLICY}
- } $test] "BAD_POLICY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-# Description: (6) Fails for existing policy name.
-test "create-policy 6"
-proc test6 {} {
- global test
-# set prms_id 777
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_policy $server_handle [simple_policy test-pol] \
- {KADM5_POLICY}
- } "DUP"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test6
-
-# Description: (7) Fails for null policy name.
-# 01/24/94: pshuang: untried.
-test "create-policy 7"
-proc test7 {} {
- global test
-# set prms_id 1977
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_policy $server_handle [simple_policy null] \
- {KADM5_POLICY}
- } "EINVAL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test7
-
-# Description: (8) Fails for empty-string policy name.
-test "create-policy 8"
-proc test8 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_policy $server_handle [simple_policy ""] \
- {KADM5_POLICY}
- } "BAD_POLICY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-# Description: (9) Accepts 0 for pw_min_life.
-test "create-policy 9"
-proc test9 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_MIN_LIFE}
- } $test]]} {
- fail "$test: create failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-# Description: (10) Accepts non-zero for pw_min_life.
-test "create-policy 10"
-proc test10 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 32 0 0 0 0 0 } \
- {KADM5_POLICY KADM5_PW_MIN_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-# Description: (11) Accepts 0 for pw_max_life.
-test "create-policy 11"
-proc test11 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_MAX_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-# Description: (12) Accepts non-zero for pw_max_life.
-test "create-policy 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 32 0 0 0 0 } \
- {KADM5_POLICY KADM5_PW_MAX_LIFE}
- } $test]]} {
- fail "$test"
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-# Description: (13) Rejects 0 for pw_min_length.
-test "create-policy 13"
-proc test13 {} {
- global test
- global prompt
-
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_MIN_LENGTH}
- } $test] "BAD_LENGTH"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-# Description: (14) Accepts non-zero for pw_min_length.
-test "create-policy 14"
-proc test14 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 8 0 0 0 } \
- {KADM5_POLICY KADM5_PW_MIN_LENGTH}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 3\n"
- expect {
- -re "8\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-# Description: (15) Rejects 0 for pw_min_classes.
-test "create-policy 15"
-proc test15 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-# Description: (16) Accepts 1 for pw_min_classes.
-test "create-policy 16"
-proc test16 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 1 0 0 } \
- {KADM5_POLICY KADM5_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-# Description: (17) Accepts 4 for pw_min_classes.
-test "create-policy 17"
-proc test17 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 5 0 0} \
- {KADM5_POLICY KADM5_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "5\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-# Description: (18) Rejects 5 for pw_min_classes.
-test "create-policy 18"
-proc test18 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 6 0 0} \
- {KADM5_POLICY KADM5_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-# Description: (19) Rejects 0 for pw_history_num.
-test "create-policy 19"
-proc test19 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY KADM5_PW_HISTORY_NUM}
- } $test] "BAD_HISTORY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-# Description: (20) Accepts 1 for pw_history_num.
-test "create-policy 20"
-proc test20 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 0 1 0} \
- {KADM5_POLICY KADM5_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retreuve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-# Description: (21) Accepts 10 for pw_history_num.
-test "create-policy 21"
-proc test21 {} {
- global test
- global prompt
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_policy $server_handle {"%s/a" 0 0 0 0 10 0} \
- {KADM5_POLICY KADM5_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "10\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-# Description: (22) Fails for user with no access bits.
-test "create-policy 22"
-proc test22 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test22
-
-# Description: (23) Fails for user with "get" but not "add".
-test "create-policy 23"
-proc test23 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test23
-
-# Description: (24) Fails for user with "modify" but not "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 24"
-proc test24 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test24
-
-# Description: (25) Fails for user with "delete" but not "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 25"
-proc test25 {} {
- global test
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test25
-
-# Description: Succeeds for user with "add".
-test "create-policy 26"
-proc test26 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-# Description: Succeeds for user with "get" and "add".
-# 01/24/94: pshuang: untried.
-test "create-policy 27"
-proc test27 {} {
- global test
-
- if {! (( ! [policy_exists "$test/a"]) ||
- [delete_policy "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/get-add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_create_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test27
-
-# Description: (28) Rejects null policy argument.
-# 01/24/94: pshuang: untried.
-test "create-policy 28"
-proc test28 {} {
- global test
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_policy $server_handle null {KADM5_POLICY}
- } "EINVAL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "create-policy 30"
-proc test30 {} {
- global test
- one_line_fail_test [format {
- kadm5_create_policy null [simple_policy "%s/a"] \
- {KADM5_POLICY}
- } $test] "BAD_SERVER_HANDLE"
-}
-test30
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/crte-principal.exp b/src/lib/kadm5/unit-test/api.current/crte-principal.exp
deleted file mode 100644
index d6d6809ec..000000000
--- a/src/lib/kadm5/unit-test/api.current/crte-principal.exp
+++ /dev/null
@@ -1,1336 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-#test "create-principal 1"
-#
-#proc test1 {} {
-# global test
-# begin_dump
-# one_line_fail_test [format {
-# kadm5_create_principal $server_handle \
-# [simple_principal "%s/a"] {KADM5_PRINCIPAL} "%s/a"
-# } $test $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test1
-
-# v2 create-principal 3 test, to avoid name conflict
-test "create-principal 1"
-proc test1 {} {
- global test
-# set prms_id 777
-# setup_xfail {*-*-*} $prms_id
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} null
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test1
-
-test "create-principal 2"
-
-proc test2 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_create_principal $server_handle null \
- {KADM5_PRINCIPAL} testpass
- } "EINVAL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test2
-
-test "create-principal 4"
-proc test4 {} {
- global test
-
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} ""
- } $test] "_Q_TOOSHORT"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test4
-
-test "create-principal 5"
-proc test5 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle \
- [simple_principal "%s/a"] {0x100001} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test5
-
-test "create-principal 6"
-proc test6 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_LAST_PWD_CHANGE} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test6
-
-test "create-principal 7"
-proc test7 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_MOD_TIME} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test7
-
-test "create-principal 8"
-proc test8 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_MOD_NAME} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test8
-
-test "create-principal 9"
-proc test9 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_MKVNO} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test9
-
-test "create-principal 10"
-proc test10 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_AUX_ATTRIBUTES} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test10
-
-test "create-principal 11"
-proc test11 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_POLICY_CLR} "%s/a"
- } $test $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test11
-
-test "create-principal 12"
-proc test12 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-
-}
-if {$RPC} { test12 }
-
-test "create-principal 13"
-proc test13 {} {
- global test
- begin_dump
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test13 }
-
-test "create-principal 14"
-proc test14 {} {
- global test
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test14 }
-
-test "create-principal 15"
-proc test15 {} {
- global test
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test15 }
-
-test "create-principal 16"
-proc test16 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-if {$RPC} { test16 }
-
-test "create-principal 17"
-proc test17 {} {
- global test
-
- begin_dump
- if {! (( [principal_exists "$test/a"]) || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test] "DUP"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test17
-
-test "create-principal 18"
-proc test18 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {KADM5_PRINCIPAL KADM5_POLICY} tP
- } $test] "_Q_TOOSHORT"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test18
-
-test "create-principal 19"
-proc test19 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {KADM5_PRINCIPAL KADM5_POLICY} testpassword
- } $test] "_Q_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test19
-
-test "create-principal 20"
-proc test20 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {KADM5_PRINCIPAL KADM5_POLICY} Abyssinia
- } $test] "_Q_DICT"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test20
-
-test "create-principal 21"
-proc test21 {} {
- global test
-
- begin_dump
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_create_principal $server_handle \
- [princ_w_pol "%s/a" non-existant-pol] \
- {KADM5_PRINCIPAL KADM5_POLICY} NotinTheDictionary
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- end_dump_compare "no-diffs"
-}
-test21
-
-test "create-principal 23"
-proc test23 {} {
- global test
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- one_line_succeed_test \
- [format {kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK} $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test23
-
-test "create-principal 24"
-proc test24 {} {
- global test
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/rename admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- one_line_succeed_test \
- [format {kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK} $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test24 }
-
-
-test "create-principal 28"
-proc test28 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
-
- if {! [cmd [format {
- kadm5_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {KADM5_PRINCIPAL KADM5_POLICY} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "create-principal 29"
-proc test29 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL KADM5_PRINC_EXPIRE_TIME} \
- inTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 1\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test29
-
-test "create-principal 30"
-proc test30 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL KADM5_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "create-principal 31"
-proc test31 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol-nopw] \
- {KADM5_PRINCIPAL KADM5_POLICY \
- KADM5_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "create-principal 32"
-proc test32 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle \
- [princ_w_pol "%s/a" test-pol] \
- {KADM5_PRINCIPAL KADM5_POLICY \
- KADM5_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
-
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 0 } {
- fail "$test: pw_expire $pw_expire should be 0"
- return
- } else {
- pass "$test"
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test32
-
-test "create-principal 33"
-proc test33 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle \
- {"%s/a" 0 0 1234 0 null 0 0 0 0 null 0} \
- {KADM5_PRINCIPAL KADM5_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test33
-
-test "create-principal 34"
-proc test34 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle \
- { "%s/a" 0 0 1234 0 null 0 0 0 0 test-pol-nopw 0} \
- {KADM5_PRINCIPAL KADM5_POLICY \
- KADM5_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test34
-
-test "create-principal 35"
-proc test35 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle \
- {"%s/a" 0 0 1234 0 null 0 0 0 0 test-pol 0} \
- {KADM5_PRINCIPAL KADM5_POLICY \
- KADM5_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test35
-
-test "create-principal 36"
-proc test36 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle \
- {"%s/a" 0 0 999999999 0 null 0 0 0 0 test-pol 0} \
- {KADM5_PRINCIPAL KADM5_POLICY \
- KADM5_PW_EXPIRATION} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- if { ! [cmd {kadm5_get_policy $server_handle test-pol policy} ]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
-
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 999999999 } {
- fail "$test: pw_expire is wrong"
- return
- } else {
- pass "$test"
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test36
-
-test "create-principal 37"
-proc test37 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test37
-
-test "create-principal 38"
-proc test38 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [princ_w_pol "%s/a" \
- test-pol-nopw] {KADM5_PRINCIPAL KADM5_POLICY} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test38
-
-test "create-principal 39"
-proc test39 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {KADM5_PRINCIPAL KADM5_POLICY} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if { ! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: cannot not retrieve principal"
- return
- }
- if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { [expr "$mod_date + $pw_max_life - $pw_expire"] > 5 } {
- fail "$test: pw_expire is wrong"
- return
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test39
-
-test "create-principal 40"
-proc test40 {} {
- global test
- global prompt
-
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL KADM5_PW_EXPIRATION} \
- NotinTheDictionary
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- fail "$test: can not retrieve principal"
- return;
- }
- send "lindex \$principal 4\n"
- expect {
- -re "0.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test40
-
-test "create-principal 43"
-proc test43 {} {
- global test
- one_line_fail_test [format {
- kadm5_create_principal null \
- [simple_principal "%s/a"] {KADM5_PRINCIPAL} "%s/a"
- } $test $test] "BAD_SERVER_HANDLE"
-}
-test43
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/destroy.exp b/src/lib/kadm5/unit-test/api.current/destroy.exp
deleted file mode 100644
index a3e2bfc59..000000000
--- a/src/lib/kadm5/unit-test/api.current/destroy.exp
+++ /dev/null
@@ -1,203 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "destroy 1"
-
-proc test1 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_destroy $server_handle}
- end_dump_compare "no-diffs"
-}
-test1
-
-#test "destroy 2"
-#
-#proc test2 {} {
-# global test
-# begin_dump
-# if {! [cmd {
-# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {kadm5_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test \
-# {kadm5_get_principal $server_handle admin principal} \
-# "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test2
-
-#test "destroy 3"
-#proc test3 {} {
-# global test
-#
-# begin_dump
-# if {! (( ! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} {
-# error_and_restart "$test couldn't delete principal \"$test/a\""
-# return
-# }
-# if {! [cmd {
-# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {kadm5_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# kadm5_create_principal $server_handle \
-# [simple_principal "%s/a"] {KADM5_PRINCIPAL} "%s/a"
-# } $test $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test3
-
-#test "destroy 4"
-#proc test4 {} {
-# global test prompt
-#
-# if {! (([principal_exists "$test/a"]) || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! ([cmd {
-# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }] &&
-# [cmd [format {
-# kadm5_get_principal $server_handle "%s/a" principal
-# } $test]])} {
-# error_and_restart "$test: error getting principal"
-# return;
-# }
-# if {! [cmd {kadm5_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# kadm5_modify_principal $server_handle \
-# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {KADM5_KVNO}
-# } $test "77"] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test4
-
-#test "destroy 5"
-#
-#proc test5 {} {
-# global test
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! [cmd {
-# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure on init"
-# return
-# }
-# if {! [cmd {kadm5_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# return
-# }
-# one_line_fail_test [format {
-# kadm5_delete_principal $server_handle "%s/a"
-# } $test] "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test5
-
-#test "destroy 6"
-#
-#proc test6 {} {
-# global test
-# begin_dump
-# one_line_fail_test {kadm5_destroy $server_handle} "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test6
-
-
-#test "destroy 7"
-#
-#proc test7 {} {
-# global test
-# begin_dump
-# if {! [cmd {
-# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }]} {
-# perror "$test: unexpected failure in init"
-# return
-# }
-# if {! [cmd {kadm5_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# }
-# one_line_fail_test {kadm5_destroy $server_handle} "NOT_INIT"
-# end_dump_compare "no-diffs"
-#}
-#test7
-
-test "destroy 8"
-proc test8 {} {
- global test
- begin_dump
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
- one_line_succeed_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
- end_dump_compare "no-diffs"
-}
-test8
-
-test "destroy 9"
-proc test9 {} {
- global test
- one_line_fail_test {kadm5_destroy null} "BAD_SERVER_HANDLE"
-}
-test9
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/dlte-policy.exp b/src/lib/kadm5/unit-test/api.current/dlte-policy.exp
deleted file mode 100644
index ad2863d0f..000000000
--- a/src/lib/kadm5/unit-test/api.current/dlte-policy.exp
+++ /dev/null
@@ -1,208 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "delete-policy 2"
-proc test2 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {kadm5_delete_policy $server_handle ""} "BAD_POL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "delete-policy 5"
-proc test5 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} test5
-
-test "delete-policy 6"
-proc test6 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} test6
-
-test "delete-policy 7"
-proc test7 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_policy $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test7
-
-test "delete-policy 10"
-proc test10 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_delete_policy $server_handle "%s/a"
- } $test]]} {
- fail "$test"
- return
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if { [policy_exists "$test/a"]} {
- fail "$test"
- return
- }
-}
-test10
-
-test "delete-policy 12"
-proc test12 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [princ_w_pol "%s/a" \
- "%s/a"] {KADM5_PRINCIPAL KADM5_POLICY} \
- NotinTheDictionary
- } $test $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_delete_policy $server_handle "%s/a"
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "delete-policy 13"
-proc test13 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- one_line_fail_test [format {
- kadm5_delete_policy null "%s/a"
- } $test] "BAD_SERVER_HANDLE"
-}
-test13
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/dlte-principal.exp b/src/lib/kadm5/unit-test/api.current/dlte-principal.exp
deleted file mode 100644
index 660468534..000000000
--- a/src/lib/kadm5/unit-test/api.current/dlte-principal.exp
+++ /dev/null
@@ -1,253 +0,0 @@
-load_lib lib.t
-
-api_exit
-api_start
-
-#test "delete-principal 1"
-#proc test1 {} {
-# global test
-# one_line_fail_test [format {
-# kadm5_delete_principal $server_handle "%s/a"
-# } $test] "NOT_INIT"
-#}
-#test1
-
-test "delete-principal 2"
-proc test2 {} {
- global test
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {kadm5_delete_principal $server_handle null} "EINVAL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "delete-principal 5"
-proc test5 {} {
- global test
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_principal $server_handle "%s/a"
- } $test] "UNK_PRINC"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-test "delete-principal 6"
-proc test6 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" test-pol])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test6 }
-
-
-test "delete-principal 7"
-proc test7 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test7 }
-
-
-test "delete-principal 8"
-proc test8 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test8 }
-
-test "delete-principal 9"
-proc test9 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test9 }
-
-test "delete-principal 10"
-proc test10 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_delete_principal $server_handle "%s/a"
- } $test] "AUTH_DELETE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test10 }
-
-test "delete-principal 11"
-proc test11 {} {
- global test
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_delete_principal $server_handle "%s/a"
- } $test]]} {
- fail "$test: delete failed"
- return;
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if { [principal_exists "$test/a"] } {
- fail "$test"
- return
- }
-}
-test11
-
-test "delete-principal 13"
-proc test13 {} {
- global test
- one_line_fail_test [format {
- kadm5_delete_principal null "%s/a"
- } $test] "BAD_SERVER_HANDLE"
-}
-test13
-
-return ""
-
-
-
-
-
diff --git a/src/lib/kadm5/unit-test/api.current/get-policy.exp b/src/lib/kadm5/unit-test/api.current/get-policy.exp
deleted file mode 100644
index c15ef0ca2..000000000
--- a/src/lib/kadm5/unit-test/api.current/get-policy.exp
+++ /dev/null
@@ -1,199 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "get-policy 3"
-proc test3 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {kadm5_get_policy $server_handle "" p} "BAD_POLICY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3
-
-test "get-policy 6"
-proc test6 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test6
-
-test "get-policy 7"
-proc test7 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test7
-
-test "get-policy 11"
-proc test11 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/get-pol StupidAdmin $KADM5_ADMIN_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_get_policy $server_handle test-pol p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "get-policy 12"
-proc test12 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/get-pol StupidAdmin \
- $KADM5_CHANGEPW_SERVICE null $KADM5_STRUCT_VERSION \
- $KADM5_API_VERSION_3 server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {kadm5_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "get-policy 15"
-proc test15 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/pol StupidAdmin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {kadm5_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "get-policy 16"
-proc test16 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/pol StupidAdmin $KADM5_CHANGEPW_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {kadm5_get_policy $server_handle test-pol-nopw p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-test "get-policy 17"
-proc test17 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_get_policy $server_handle test-pol p}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "get-policy 18"
-proc test18 {} {
- global test
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \
- "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } test18
-
-test "get-policy 21"
-proc test21 {} {
- global test
-
- one_line_fail_test {kadm5_get_policy null "pol1" p} "BAD_SERVER_HANDLE"
-}
-test21
diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
deleted file mode 100644
index 3ea1ba29b..000000000
--- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
+++ /dev/null
@@ -1,250 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "get-principal 100"
-proc test100 {} {
- global test prompt
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd {
- kadm5_get_principal $server_handle testuser p \
- {KADM5_PRINCIPAL_NORMAL_MASK}
- }]} {
- perror "$test: unexpected failure in get_principal"
- }
- send "lindex \$p 16\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" { set num_keys $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting num_keys"
- return
- }
- eof {
- error_and_restart "$test: eof getting num_keys"
- return
- }
- }
- send "lindex \$p 17\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" { set num_tl $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting num_tl"
- return
- }
- eof {
- error_and_restart "$test: eof getting num_tl"
- return
- }
- }
- send "lindex \$p 18\n"
- expect {
- -re "({.*})\n$prompt" {set key_data $expect_out(1,string) }
- -re "\n$prompt" { set key_data {} }
- timeout {
- error_and_restart "$test: timeout getting key_data"
- return
- }
- eof {
- error_and_restart "$test: eof getting key_data"
- return
- }
- }
- send "lindex \$p 19\n"
- expect {
- -re "({.*})\n$prompt" {set tl_data $expect_out(1,string) }
- -re "\n$prompt" { set tl_data {} }
- timeout {
- error_and_restart "$test: timeout getting tl_data"
- return
- }
- eof {
- error_and_restart "$test: eof getting tl_data"
- return
- }
- }
-
- set failed 0
- if {$num_keys != 0} {
- fail "$test: num_keys $num_keys should be 0"
- set failed 1
- }
- if {$num_tl != 0} {
- fail "$test: num_tl $num_tl should be 0"
- set failed 1
- }
- if {$key_data != {}} {
- fail "$test: key_data $key_data should be {}"
- set failed 1
- }
- if {$tl_data != "{}"} {
- fail "$test: tl_data $tl_data should be empty"
- set failed 1
- }
- if {$failed == 0} {
- pass "$test"
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test100
-
-proc test101_102 {rpc} {
- global test prompt
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd {
- kadm5_get_principal $server_handle testuser p \
- {KADM5_PRINCIPAL_NORMAL_MASK KADM5_KEY_DATA}
- }]} {
- perror "$test: unexpected failure in get_principal"
- }
- send "lindex \$p 16\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" { set num_keys $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting num_keys"
- return
- }
- eof {
- error_and_restart "$test: eof getting num_keys"
- return
- }
- }
- send "lindex \$p 18\n"
- expect {
- -re "({.*})\n$prompt" {set key_data $expect_out(1,string) }
- -re "\n$prompt" { set key_data {} }
- timeout {
- error_and_restart "$test: timeout getting key_data"
- return
- }
- eof {
- error_and_restart "$test: eof getting key_data"
- return
- }
- }
-
- set failed 0
- if {$num_keys != 5} {
- fail "$test: num_keys $num_keys should be 5"
- set failed 1
- }
- for {set i 0} {$i < $num_keys} {incr i} {
- set key "[lindex [lindex $key_data $i] 2]"
- if {($rpc && [string compare $key ""] != 0) ||
- ((! $rpc) && [string compare $key ""] == 0)} {
- fail "$test: key_data $key is wrong"
- set failed 1
-
- }
- }
- if {$failed == 0} { pass "$test" }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test "get-principal 101"
-if {$RPC} {test101_102 $RPC}
-test "get-principal 102"
-if {! $RPC} {test101_102 $RPC}
-
-test "get-principal 103"
-proc test103 {} {
- global test prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
-
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle \
- "{%s/a} 0 0 0 0 {%s/a} 0 0 0 0 null 0 0 0 0 0 0 1 {} {{999 6 foobar}}" \
- {KADM5_TL_DATA}
- } $test $test]]} {
- fail "$test: cannot set TL_DATA"
- return
- }
-
- if {! [cmd [format {
- kadm5_get_principal $server_handle {%s/a} p \
- {KADM5_PRINCIPAL_NORMAL_MASK KADM5_TL_DATA}
- } $test]]} {
- perror "$test: unexpected failure in get_principal"
- }
- send "lindex \$p 17\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" { set num_tl $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting num_tl"
- return
- }
- eof {
- error_and_restart "$test: eof getting num_tl"
- return
- }
- }
- send "lindex \$p 19\n"
- expect {
- -re "({.*})\n$prompt" {set tl_data $expect_out(1,string) }
- -re "\n$prompt" { set tl_data {} }
- timeout {
- error_and_restart "$test: timeout getting tl_data"
- return
- }
- eof {
- error_and_restart "$test: eof getting tl_data"
- return
- }
- }
-
- if {$num_tl == 0} {
- fail "$test: num_tl $num_tl should not be 0"
- } elseif {$tl_data == "{{999 6 foobar}}"} {
- pass "$test"
- } else {
- fail "$test: tl_data $tl_data should be {{999 6 foobar}}"
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test103
-
-return ""
-
-
-
-
diff --git a/src/lib/kadm5/unit-test/api.current/get-principal.exp b/src/lib/kadm5/unit-test/api.current/get-principal.exp
deleted file mode 100644
index a33fdfe8c..000000000
--- a/src/lib/kadm5/unit-test/api.current/get-principal.exp
+++ /dev/null
@@ -1,346 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "get-principal 1"
-proc test1 {} {
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test \
- {kadm5_get_principal $server_handle null p KADM5_PRINCIPAL_NORMAL_MASK} "EINVAL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test1
-
-test "get-principal 2"
-proc test2 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK
- } $test] "UNK_PRINC"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test2
-
-test "get-principal 3"
-proc test3 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK
- } $test] "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test3 }
-
-test "get-principal 4"
-proc test4 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK
- } $test] "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test4 }
-
-test "get-principal 5"
-proc test5 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK
- } $test] "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test5 }
-
-test "get-principal 6"
-proc test6 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK
- } $test] "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test6 }
-
-test "get-principal 7"
-proc test7 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK
- } $test] "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
-
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test7 }
-
-
-test "get-principal 8"
-proc test8 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK
- } $test] "AUTH_GET"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test8 }
-
-
-test "get-principal 9"
-proc test9 {} {
- global test
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {kadm5_get_principal $server_handle admin/none p KADM5_PRINCIPAL_NORMAL_MASK}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "get-principal 10"
-proc test10 {} {
- global test
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test \
- {kadm5_get_principal $server_handle admin/none p KADM5_PRINCIPAL_NORMAL_MASK}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-test "get-principal 11"
-proc test11 {} {
- global test
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_get_principal $server_handle admin/get p KADM5_PRINCIPAL_NORMAL_MASK}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "get-principal 12"
-proc test12 {} {
- global test
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_get_principal $server_handle admin/get p KADM5_PRINCIPAL_NORMAL_MASK}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "get-principal 13"
-proc test13 {} {
- global test
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_get_principal $server_handle admin/add p KADM5_PRINCIPAL_NORMAL_MASK}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "get-principal 14"
-proc test14 {} {
- global test
- if {! [cmd {
- kadm5_init admin/get-mod admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test {kadm5_get_principal $server_handle admin/add p KADM5_PRINCIPAL_NORMAL_MASK}
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "get-principal 15"
-proc test15 {} {
- one_line_fail_test \
- {kadm5_get_principal null "admin" p KADM5_PRINCIPAL_NORMAL_MASK} "BAD_SERVER_HANDLE"
-}
-test15
-
-return ""
-
-
-
-
diff --git a/src/lib/kadm5/unit-test/api.current/init-v2.exp b/src/lib/kadm5/unit-test/api.current/init-v2.exp
deleted file mode 100644
index 47764c212..000000000
--- a/src/lib/kadm5/unit-test/api.current/init-v2.exp
+++ /dev/null
@@ -1,506 +0,0 @@
-load_lib lib.t
-
-api_exit
-api_start
-
-proc get_hostname { } {
- global hostname
-
- if {[info exists hostname]} {
- return 1
- }
-
- catch "exec hostname >myname" exec_output
- if ![string match "" $exec_output] {
- send_log "$exec_output\n"
- verbose $exec_output
- send_error "ERROR: can't get hostname\n"
- return 0
- }
- set file [open myname r]
- if { [ gets $file hostname ] == -1 } {
- send_error "ERROR: no output from hostname\n"
- return 0
- }
- close $file
- catch "exec rm -f myname" exec_output
-
- set hostname [string tolower $hostname]
- verbose "hostname: $hostname"
-
- return 1
-}
-
-
-test "init 101"
-proc test101 {} {
- global test
- global hostname
-
- get_hostname
- tcl_cmd "set hostname $hostname"
-
- # XXX Fix to work with a remote TEST_SERVER. For now, make sure
- # it fails in that case.
- one_line_succeed_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} [list $hostname 1751]] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} [list $hostname 4]] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } "RPC_ERROR"
-}
-if {$RPC} test101
-
-test "init 102"
-proc test102 {} {
- global test
-
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_ADMIN_SERVER} does.not.exist] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } "CANT_RESOLVE"
-}
-if {$RPC} test102
-
-test "init 103"
-proc test103 {} {
- global test
-
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_DBNAME} /does-not-exist] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } "ENOENT"
-}
-#if {! $RPC} test103
-if {! $RPC} {
- send_user "UNTESTED: test103: test needs updating for DAL changes (see MIT RT ticket 3202)\n"
- untested "test103: test needs updating for DAL changes (see MIT RT ticket 3202)"
-}
-
-
-test "init 106"
-proc test106 {} {
- global test prompt
-
- set prompting 0
- send [string trim {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_MKEY_FROM_KBD} 1] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]
- send "\n"
- expect {
- -re "\n\[^\n\]+:\[^\n\]*$" { set prompting 1}
- -re "\nOK .*$prompt$" { fail "$test: premature success" }
- -re "\nERROR .*$prompt$" { fail "$test: premature failure" }
- timeout { fail "$test: timeout" }
- eof { fail "$test: eof" }
- }
- if {$prompting} {
- one_line_succeed_test mrroot
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} test106
-
-test "init 107"
-proc test107 {} {
- global test
-
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_STASH_FILE} /does-not-exist] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } "KDB_CANTREAD_STORED"
-}
-if {! $RPC} test107
-
-test "init 108"
-proc test108 {} {
- global test
-
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_MKEY_NAME} does/not/exist] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } "KRB5_KDB_CANTREAD_STORED"
-}
-if {! $RPC} test108
-
-test "init 109-113"
-proc test109 {} {
- global test prompt
-
- delete_principal "$test/a"
-
- # I'd like to specify flags explicitly and check them, as in the
- # following config_params, but tcl gets mighty confused if I do and
- # I have no idea why.
-# [config_params {KADM5_CONFIG_MAX_LIFE KADM5_CONFIG_MAX_RLIFE KADM5_CONFIG_EXPIRATION KADM5_CONFIG_FLAGS KADM5_CONFIG_ENCTYPES} {10 20 30 KRB5_KDB_DISALLOW_TGT_BASED {}} ]
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_MAX_LIFE KADM5_CONFIG_MAX_RLIFE KADM5_CONFIG_EXPIRATION KADM5_CONFIG_ENCTYPES} {10 20 30 {}} ] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- fail "$test: cannot init with max_life"
- return
- }
- if {! [cmd [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test]]} {
- fail "$test: can not create principal"
- return;
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" p \
- {KADM5_PRINCIPAL_NORMAL_MASK KADM5_KEY_DATA}
- } $test]]} {
- fail "$test: can not get principal"
- return;
- }
- send "puts \$p\n"
- expect {
- -re "$prompt" { }
- timeout {
- error_and_restart "$test: timeout getting prompt"
- return
- }
- eof {
- error_and_restart "$test: eof getting prompt"
- return
- }
- }
- send "lindex \$p 4\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting max_life"
- return
- }
- }
- send "lindex \$p 12\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set max_rlife $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting max_rlife"
- return
- }
- eof {
- error_and_restart "$test: eof getting max_rlife"
- return
- }
- }
- send "lindex \$p 1\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set expiration $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting expiration"
- return
- }
- eof {
- error_and_restart "$test: eof getting expiration"
- return
- }
- }
- send "lindex \$p 7\n"
- expect {
- -re "(\[A-Z_\]*)\n$prompt" {set flags $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting flags"
- return
- }
- eof {
- error_and_restart "$test: eof getting flags"
- return
- }
- }
- # This sorta worries me. Since the test is setting ENCTYPES to
- # nothing, the principal has no keys. That means that nothing is
- # printed for the keys in the correct case; but it feels too
- # likely that nothing will be printed in the case of some problem.
- send "lindex \$p 18\n"
- expect {
- -re "({.*})\n$prompt" {set key_data $expect_out(1,string) }
- -re "\n$prompt" { set key_data {} }
- timeout {
- error_and_restart "$test: timeout getting flags"
- return
- }
- eof {
- error_and_restart "$test: eof getting flags"
- return
- }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
- if {$max_life == 10} {
- pass "$test"
- } else {
- fail "$test: $max_life is not 10"
- }
- if {$max_rlife == 20} {
- pass "$test"
- } else {
- fail "$test: $max_rlife is not 20"
- }
- if {$expiration == 30} {
- pass "$test"
- } else {
- fail "$test: $expiration is not 30"
- }
- if {$flags == ""} {
- pass "$test"
- } else {
- fail "$test: flags $flags are wrong"
- }
- if {$key_data == {}} {
- pass "$test"
- } else {
- fail "$test: key_data $key_data is wrong"
- }
-}
-if {! $RPC} test109
-
-test "init 116"
-proc test116 {} {
- global test
-
- delete_principal "$test/a"
-
- if {! [cmd {kadm5_init admin/get-add admin $KADM5_ADMIN_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- get_add_handle}]} {
- error_and_restart "$test: couldn't init with admin/get-add"
- }
-
- if {! [cmd {kadm5_init admin/mod-delete admin $KADM5_ADMIN_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- mod_delete_handle}]} {
- error_and_restart "$test: couldn't init with admin/get-add"
- }
-
- one_line_succeed_test {
- kadm5_get_principal $get_add_handle testuser p \
- KADM5_PRINCIPAL_NORMAL_MASK
- }
- one_line_succeed_test [format {
- kadm5_create_principal $get_add_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test]
- one_line_fail_test {
- kadm5_modify_principal $get_add_handle [simple_principal testuser] \
- {KADM5_PRINC_EXPIRE_TIME}
- } "AUTH_MODIFY"
- one_line_fail_test {
- kadm5_delete_principal $get_add_handle testuser
- } "AUTH_DELETE"
-
- one_line_fail_test {
- kadm5_get_principal $mod_delete_handle testuser p \
- KADM5_PRINCIPAL_NORMAL_MASK
- } "AUTH_GET"
- one_line_fail_test [format {
- kadm5_create_principal $mod_delete_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} testpass
- } $test] "AUTH_ADD"
- one_line_succeed_test {
- kadm5_modify_principal $mod_delete_handle [simple_principal testuser] \
- {KADM5_PRINC_EXPIRE_TIME}
- }
- one_line_succeed_test [format {
- kadm5_delete_principal $mod_delete_handle "%s/a"
- } $test]
-
- if {! [cmd {kadm5_destroy $get_add_handle}]} {
- error_and_restart "$test: couldn't close get_add_handle"
- }
- if {! [cmd {kadm5_destroy $mod_delete_handle}]} {
- error_and_restart "$test: couldn't close mod_delete_handle"
- }
-}
-if {$RPC} test116
-
-test "init 117"
-proc test117 {} {
- global test env prompt
-
- if {[catch "exec grep max_life $env(KRB5_KDC_PROFILE)"] != 1} {
- warning \
- "$test: max_life in $env(KRB5_KDC_PROFILE), cannot perform test"
- return
- }
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- fail "$test: unexpected failure in init"
- return
- }
-
- if {! [cmd [format {
- kadm5_create_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL} "%s/a"
- } $test $test]]} {
- perror "$test: unexpected failure creating principal"
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_MAX_LIFE
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 4\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting max_life"
- return
- }
- }
-
- if {$max_life == 86400} {
- pass "$test"
- } else {
- fail "$test: max_life $max_life should be 86400"
- }
-
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close server_handle"
- }
-}
-test117
-
-send "puts \$KADM5_ADMIN_SERVICE\n"
-expect {
- -re "(\[a-zA-Z/@\]+)\n$prompt" {
- set KADM5_ADMIN_SERVICE $expect_out(1,string)
- }
- default {
- error_and_restart "$test: timeout/eof getting admin_service"
- return
- }
-}
-
-send "puts \$KADM5_CHANGEPW_SERVICE\n"
-expect {
- -re "(\[a-zA-Z/@\]+)\n$prompt" {
- set KADM5_CHANGEPW_SERVICE $expect_out(1,string)
- }
- default {
- error_and_restart "$test: timeout/eof getting changepw_service"
- return
- }
-}
-
-test "init 150"
-proc test150 {} {
- global test KADM5_ADMIN_SERVICE
-
- kdestroy
- kinit testuser notathena "-S $KADM5_ADMIN_SERVICE"
- one_line_succeed_test {
- kadm5_init_with_creds testuser null $KADM5_ADMIN_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- kdestroy
-}
-if {$RPC} test150
-
-test "init 151"
-proc test151 {} {
- global test KADM5_CHANGEPW_SERVICE
-
- kdestroy
- kinit testuser notathena "-S $KADM5_CHANGEPW_SERVICE"
- one_line_succeed_test {
- kadm5_init_with_creds testuser null $KADM5_CHANGEPW_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- kdestroy
-}
-if {$RPC} test151
-
-test "init 152"
-proc test152 {} {
- global test KADM5_ADMIN_SERVICE
-
- kdestroy
- one_line_fail_test {
- kadm5_init_with_creds testuser null $KADM5_ADMIN_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } "KRB5_FCC_NOFILE"
-}
-if {$RPC} test152
-
-test "init 153"
-proc test153 {} {
- global test KADM5_ADMIN_SERVICE
-
- kinit testuser notathena
- one_line_fail_test {
- kadm5_init_with_creds testuser null $KADM5_ADMIN_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } "KRB5_CC_NOTFOUND"
-}
-if {$RPC} test153
-
-test "init 154"
-proc test154 {} {
- global test env
-
- set orig $env(KRB5_KDC_PROFILE)
- set env(KRB5_KDC_PROFILE) /does-not-exist
- api_exit; api_start
- set env(KRB5_KDC_PROFILE) $orig
-
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } "ENOENT"
-
- api_exit; lib_start_api
-}
-if {0 && ! $RPC} test154
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/init.exp b/src/lib/kadm5/unit-test/api.current/init.exp
deleted file mode 100644
index 8390b9cfa..000000000
--- a/src/lib/kadm5/unit-test/api.current/init.exp
+++ /dev/null
@@ -1,699 +0,0 @@
-load_lib lib.t
-
-# Assumptions:
-#
-# Principal "admin" exists, with "get", "add", "modify" and "delete"
-# access bits and password "admin".
-# The string "not-the-password" isn't the password of any user in the database.
-# Database master password is "mrroot".
-
-api_exit
-api_start
-test "init 1"
-
-one_line_fail_test_nochk \
- {kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_REALM} {""}] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 server_handle}
-
-test "init 2"
-
-one_line_fail_test_nochk \
- {kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_REALM} {@}] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 server_handle}
-
-test "init 2.5"
-
-one_line_fail_test_nochk \
- {kadm5_init admin admin $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_REALM} {BAD.REALM}] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 server_handle}
-
-test "init 3"
-
-proc test3 {} {
- global test
- if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- one_line_fail_test_nochk [format {
- kadm5_init admin admin "%s/a" null $KADM5_STRUCT_VERSION \
- $KADM5_API_VERSION_3 server_handle
- } $test]
-}
-if {$RPC} { test3 }
-
-test "init 4"
-
-proc test4 {} {
- global test
- if {! ((! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
-
- one_line_fail_test_nochk [format {
- kadm5_init admin admin "%s/a" null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } $test]
-}
-if {$RPC} { test4 }
-
-test "init 5"
-
-if {$RPC} {
- one_line_fail_test_nochk {
- kadm5_init admin admin admin null $KADM5_STRUCT_VERSION \
- $KADM5_API_VERSION_3 server_handle
- }
-}
-
-test "init 6"
-
-proc test6 {} {
- global test
-
- send "kadm5_init admin null \$KADM5_ADMIN_SERVICE null \$KADM5_STRUCT_VERSION \$KADM5_API_VERSION_3 server_handle\n"
-
- expect {
- -re "assword\[^\r\n\]*:" { }
- eof {
- fail "$test: eof instead of password prompt"
- api_exit
- api_start
- return
- }
- timeout {
- fail "$test: timeout instead of password prompt"
- return
- }
- }
- one_line_succeed_test "admin"
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if { $RPC } { test6 }
-
-test "init 8"
-
-proc test8 {} {
- global test
- if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- one_line_fail_test_nochk [format {
- kadm5_init "%s/a" admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } $test]
-}
-if {$RPC} { test8 }
-
-test "init 9"
-
-if {$RPC} {
- global test
- one_line_fail_test_nochk {
- kadm5_init admin not-the-password $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
-}
-
-test "init 10"
-
-proc test10 {} {
- global test
-# set prms_id 562
-# setup_xfail {*-*-*} $prms_id
- one_line_fail_test_nochk {
- kadm5_init null admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
-}
-test10
-
-#test "init 11"
-#
-#proc test11 {} {
-# global test
-# set prms_id 563
-# setup_xfail {*-*-*} $prms_id
-# one_line_fail_test_nochk {
-# kadm5_init "" admin $KADM5_ADMIN_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }
-#}
-#test11
-
-test "init 12"
-
-proc test12 {} {
- global test
- one_line_fail_test_nochk [format {
- kadm5_init "%s/a" admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } $test]
-}
-if {$RPC} { test12 }
-
-test "init 13"
-
-proc test13 {} {
- global test
- one_line_fail_test_nochk [format {
- kadm5_init "%s/a@SECURE-TEST.OV.COM" admin \
- $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION \
- $KADM5_API_VERSION_3 server_handle
- } $test]
-}
-if {$RPC} { test13 }
-
-test "init 14"
-
-proc test14 {} {
- global test
- one_line_fail_test_nochk [format {
- kadm5_init "%s/a@BAD.REALM" admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } $test]
-}
-if {$RPC} { test14 }
-
-test "init 15"
-
-if {$RPC} {
- one_line_fail_test_nochk {
- kadm5_init admin@BAD.REALM admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
-}
-
-test "init 16"
-
-proc test16 {} {
- global test
- one_line_succeed_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test16
-
-test "init 17"
-
-proc test17 {} {
- global test
- one_line_succeed_test {
- kadm5_init admin@SECURE-TEST.OV.COM admin \
- $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION \
- $KADM5_API_VERSION_3 server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test17
-
-test "init 18"
-
-proc test18 {} {
- global test
- one_line_succeed_test {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test18
-
-test "init 19"
-
-proc test19 {} {
- global test
- one_line_succeed_test {
- kadm5_init admin@SECURE-TEST.OV.COM admin \
- $KADM5_ADMIN_SERVICE \
- [config_params {KADM5_CONFIG_REALM} {SECURE-TEST.OV.COM}] \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test19
-
-test "init 20"
-
-proc test20 {} {
- global test
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- error_and_restart "$test: couldn't init database"
- return
- }
- one_line_succeed_test \
- {kadm5_get_principal $server_handle admin principal KADM5_PRINCIPAL_NORMAL_MASK}
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test20
-
-#test "init 21"
-#
-#proc test21 {} {
-# global test
-# if {! [cmd {
-# kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }]} {
-# error_and_restart "$test: couldn't init database"
-# return
-# }
-# one_line_fail_test_nochk {
-# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }
-# if {! [cmd {kadm5_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# }
-#}
-#test21
-
-
-# proc test22 {} {
-# global test prompt
-# set prompting 0
-# send [string trim {
-# kadm5_init admin null null null $KADM5_STRUCT_VERSION \
-# $KADM5_API_VERSION_3 server_handle
-# }]
-# send "\n"
-# expect {
-# -re ":$" { set prompting 1}
-# -re "\nOK .*$prompt$" { fail "$test: premature success" }
-# -re "\nERROR .*$prompt$" { fail "$test: premature failure" }
-# timeout { fail "$test: timeout" }
-# eof { fail "$test: eof" }
-# }
-# if {$prompting} {
-# one_line_succeed_test mrroot
-# }
-# if {! [cmd {kadm5_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# }
-# }
-# if {! $RPC} { test22 }
-#
-# test "init 22.5"
-# proc test225 {} {
-# global test prompt
-# set prompting 0
-# send [string trim {
-# kadm5_init admin null null null $KADM5_STRUCT_VERSION \
-# $KADM5_API_VERSION_3 server_handle
-# }]
-# send "\n"
-# expect {
-# -re ":$" { set prompting 1}
-# -re "\nOK .*$prompt$" { fail "$test: premature success" }
-# -re "\nERROR .*$prompt$" { fail "$test: premature failure" }
-# timeout { fail "$test: timeout" }
-# eof { fail "$test: eof" }
-# }
-# if {$prompting} {
-# one_line_succeed_test mrroot
-# }
-# if {! [cmd {kadm5_destroy $server_handle}]} {
-# error_and_restart "$test: couldn't close database"
-# }
-# }
-# if {! $RPC} { test225 }
-
-test "init 23"
-
-proc test23 {} {
- global test
- one_line_succeed_test {
- kadm5_init admin not-the-password $KADM5_ADMIN_SERVICE \
- null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test23 }
-
-test "init 24"
-
-proc test24 {} {
- global test
- one_line_succeed_test {
- kadm5_init admin admin null null $KADM5_STRUCT_VERSION \
- $KADM5_API_VERSION_3 server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test24 }
-
-test "init 25"
-
-proc test25 {} {
- global test
- one_line_succeed_test {
- kadm5_init admin admin foobar null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if {! $RPC} { test25 }
-
-test "init 26"
-
-#proc test26 {} {
-# global test
-#
-# api_exit
-# api_start
-# one_line_fail_test_nochk {
-# kadm5_get_principal $server_handle admin principal
-# }
-#}
-#test26
-
-#test "init 27"
-#
-#proc test27 {} {
-# global test
-#
-# if {! ((! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} {
-# error_and_restart "$test: couldn't delete principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {[cmd [format {
-# kadm5_create_principal $server_handle [simple_principal \
-# "%s/a"] {KADM5_PRINCIPAL} "%s/a"
-# } $test $test]]} {
-# fail "$test: unexpected success in add"
-# return
-# }
-# end_dump_compare "no-diffs"
-#}
-#test27
-
-#test "init 28"
-#
-#proc test28 {} {
-# global test prompt
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {! ([cmd {
-# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
-# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
-# server_handle
-# }] && [cmd [format {
-# kadm5_get_principal $server_handle "%s/a" principal
-# } $test]])} {
-# error_and_restart "$test: error getting principal"
-# return;
-# }
-# send "lindex \$principal 8\n"
-# expect {
-# -re "\n(\[0-9\]+).*$prompt$" {set kvno $expect_out(1,string) }
-# timeout {
-# error_and_restart "$test: timeout getting principal kvno"
-# return
-# }
-# eof {
-# error_and_restart "$test: eof getting principal kvno"
-# return
-# }
-# }
-# api_exit
-# api_start
-# set new_kvno [expr "$kvno + 1"]
-# if {[cmd [format {
-# kadm5_modify_principal $server_handle \
-# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {KADM5_KVNO}
-# } $test $new_kvno]]} {
-# fail "$test: unexpected success in modify"
-# return;
-# }
-# end_dump_compare "no-diffs"
-#}
-#test28
-
-#test "init 29"
-#
-#proc test29 {} {
-# global test
-#
-# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} {
-# error_and_restart "$test: couldn't create principal \"$test/a\""
-# return
-# }
-# begin_dump
-# if {[cmd [format {
-# kadm5_delete_principal $server_handle "%s/a"
-# } $test]]} {
-# fail "$test: unexpected success in delete"
-# return
-# }
-# end_dump_compare "no-diffs"
-#}
-#test29
-
-test "init 30"
-proc test30 {} {
- global test
- if {[cmd {
- kadm5_init admin foobar $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- error_and_restart "$test: unexpected success"
- return
- }
- one_line_succeed_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-if ${RPC} { test30 }
-
-test "init 31"
-proc test31 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $bad_struct_version_mask $KADM5_API_VERSION_3 \
- server_handle
- } "BAD_STRUCT_VERSION"
-}
-test31
-
-test "init 32"
-proc test32 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $no_struct_version_mask $KADM5_API_VERSION_3 \
- server_handle
- } "BAD_STRUCT_VERSION"
-}
-test32
-
-test "init 33"
-proc test33 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $old_struct_version $KADM5_API_VERSION_3 \
- server_handle
- } "OLD_STRUCT_VERSION"
-}
-test33
-
-test "init 34"
-proc test34 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $new_struct_version $KADM5_API_VERSION_3 \
- server_handle
- } "NEW_STRUCT_VERSION"
-}
-test34
-
-test "init 35"
-proc test35 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $bad_api_version_mask \
- server_handle
- } "BAD_API_VERSION"
-}
-test35
-
-test "init 36"
-proc test36 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $no_api_version_mask \
- server_handle
- } "BAD_API_VERSION"
-}
-test36
-
-test "init 37"
-proc test37 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $old_api_version \
- server_handle
- } "OLD_LIB_API_VERSION"
-}
-if { $RPC } test37
-
-test "init 38"
-proc test38 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $old_api_version \
- server_handle
- } "OLD_SERVER_API_VERSION"
-}
-if { ! $RPC } test38
-
-test "init 39"
-proc test39 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $new_api_version \
- server_handle
- } "NEW_LIB_API_VERSION"
-}
-if { $RPC } test39
-
-test "init 40"
-proc test40 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $new_api_version \
- server_handle
- } "NEW_SERVER_API_VERSION"
-}
-if { ! $RPC } test40
-
-test "init 41"
-proc test41 {} {
- global test
- one_line_fail_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_API_VERSION_3 $KADM5_STRUCT_VERSION \
- server_handle
- } "BAD_"
-}
-test41
-
-test "init 42"
-proc test42 {} {
- global test
- one_line_succeed_test {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }
- if {! [cmd {kadm5_destroy $server_handle}]} {
- error_and_restart "$test: couldn't close database"
- }
-}
-test42
-
-
-proc test45_46 {service} {
- global test kadmin_local env
-
- spawn $kadmin_local -q "delprinc -force $service"
- expect {
- -re "Principal .* deleted." {}
- default {
- perror "kadmin.local delprinc failed\n";
- }
- }
- expect eof
- wait
-
- one_line_fail_test [concat {kadm5_init admin admin } \
- $service \
- { null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle}] "SECURE_PRINC_MISSING"
-
- # this leaves the keytab with an incorrect entry
- spawn $kadmin_local -q "ank -randkey $service"
- expect eof
- wait
-
- # restart the api so it gets a new ccache
- api_exit
- api_start
-}
-
-if {$RPC} {
- test "init 45"
-
- test45_46 kadmin/admin
-
- test "init 46"
-
- test45_46 kadmin/changepw
-}
-
-return ""
-
diff --git a/src/lib/kadm5/unit-test/api.current/mod-policy.exp b/src/lib/kadm5/unit-test/api.current/mod-policy.exp
deleted file mode 100644
index 1bf00b524..000000000
--- a/src/lib/kadm5/unit-test/api.current/mod-policy.exp
+++ /dev/null
@@ -1,711 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "modify-policy 2"
-proc test2 {} {
- global test
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2 }
-
-test "modify-policy 8"
-proc test8 {} {
- global test
-# set prms_id 744
-# setup_xfail {*-*-*} $prms_id
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_modify_policy $server_handle [simple_policy ""] \
- {KADM5_PW_MAX_LIFE}
- } "BAD_POLICY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-test "modify-policy 9"
-proc test9 {} {
- global test
- global prompt
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MIN_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "modify-policy 10"
-proc test10 {} {
- global test
- global prompt
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 32 0 0 0 0 0 0 0 0} \
- {KADM5_PW_MIN_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 1\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-
-test "modify-policy 11"
-proc test11 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test11
-
-test "modify-policy 12"
-proc test12 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 32 0 0 0 0 0 0 0} \
- {KADM5_PW_MAX_LIFE}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 2\n"
- expect {
- -re "32\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test12
-
-test "modify-policy 13"
-proc test13 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MIN_LENGTH}
- } $test] "BAD_LENGTH"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "modify-policy 14"
-proc test14 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 8 0 0 0 0 0 0} \
- {KADM5_PW_MIN_LENGTH}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 3\n"
- expect {
- -re "8\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test14
-
-test "modify-policy 15"
-proc test15 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "modify-policy 16"
-proc test16 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0 0 0 0} \
- {KADM5_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test16
-
-test "modify-policy 17"
-proc test17 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a"])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 5 0 0 0 0 0} \
- {KADM5_PW_MIN_CLASSES}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 4\n"
- expect {
- -re "5\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "modify-policy 18"
-proc test18 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 6 0 0 0 0 0} \
- {KADM5_PW_MIN_CLASSES}
- } $test] "BAD_CLASS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test18
-
-test "modify-policy 19"
-proc test19 {} {
- global test
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_HISTORY_NUM}
- } $test] "BAD_HISTORY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test19
-
-test "modify-policy 20"
-proc test20 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 1 0 0 0 0} \
- {KADM5_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "1\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test20
-
-test "modify-policy 21"
-proc test21 {} {
- global test
- global prompt
-
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 10 0 0 0 0} \
- {KADM5_PW_HISTORY_NUM}
- } $test]]} {
- fail $test
- return
- }
- if {! [cmd [format {
- kadm5_get_policy $server_handle "%s/a" policy
- } $test]]} {
- fail "$test: can not retrieve policy"
- return
- }
- send "lindex \$policy 5\n"
- expect {
- -re "10\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21
-
-test "modify-policy 22"
-proc test22 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test22
-
-test "modify-policy 23"
-proc test23 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} test23
-
-test "modify-policy 26"
-proc test26 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_modify_policy $server_handle [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-test "modify-policy 30"
-proc test30 {} {
- global test
-
- one_line_fail_test [format {
- kadm5_modify_policy null [simple_policy "%s/a"] \
- {KADM5_PW_MAX_LIFE}
- } $test] "BAD_SERVER_HANDLE"
-}
-test30
-
-test "modify-policy 31"
-proc test31 {} {
- global test
- if {! (( [policy_exists "$test/a"]) ||
- [create_policy "$test/a" ])} {
- error_and_restart "$test: couldn't create policy \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 0 0 2 0 0} \
- {KADM5_PW_MAX_FAILURE}
- } $test]
- one_line_succeed_test [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0 0 90 0} \
- {KADM5_PW_FAILURE_COUNT_INTERVAL}
- } $test]
- one_line_succeed_test [format {
- kadm5_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0 0 0 180} \
- {KADM5_PW_LOCKOUT_DURATION}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp
deleted file mode 100644
index 4abbeb52d..000000000
--- a/src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp
+++ /dev/null
@@ -1,115 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "modify-principal 100-105"
-proc test100_104 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
-
- set origtest "$test"
-
- test "modify-principal 100"
- one_line_succeed_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_MAX_RLIFE}
- } $origtest]
-
- test "modify-principal 101"
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_LAST_SUCCESS}
- } $origtest] "BAD_MASK"
-
- test "modify-principal 102"
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_LAST_FAILED}
- } $origtest] "BAD_MASK"
-
-# This is now permitted to reset lockout count
-# test "modify-principal 103"
-# one_line_fail_test [format {
-# kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
-# {KADM5_FAIL_AUTH_COUNT}
-# } $origtest] "BAD_MASK"
-
- test "modify-principal 103.5"
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_KEY_DATA}
- } $origtest] "BAD_MASK"
-
- test "modify-principal 105"
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle \
- "{%s/a} 0 0 0 0 {%s/a} 0 0 0 0 null 0 0 0 0 0 0 1 {} {{1 1 x}}" \
- {KADM5_TL_DATA}
- } $origtest $origtest] "BAD_TL_TYPE"
-
- test "modify-principal 100,104"
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle \
- "{%s/a} 0 0 0 0 {%s/a} 0 0 0 0 null 0 88 0 0 0 0 1 {} {{990 6 foobar}}" \
- {KADM5_MAX_RLIFE KADM5_TL_DATA}
- } $origtest $origtest]]} {
- fail "$test: cannot set MAX_RLIFE or TL_DATA"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal {KADM5_PRINCIPAL_NORMAL_MASK KADM5_TL_DATA}
- } $origtest]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 12\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set rlife $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting rlife"
- return
- }
- eof {
- error_and_restart "$test: eof getting rlife"
- return
- }
- }
- send "lindex \$principal 19\n"
- expect {
- -re "\(\{.*\}\)\n$prompt$" {set tl $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting tl_data"
- return
- }
- eof {
- error_and_restart "$test: eof getting tl_data"
- return
- }
- }
- if {($rlife == 88) && ($tl == "{{990 6 foobar}}")} {
- pass "$test"
- } else {
- fail "$test: $rlife should be 88, $tl should be {{990 6 foobar}}"
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test100_104
diff --git a/src/lib/kadm5/unit-test/api.current/mod-principal.exp b/src/lib/kadm5/unit-test/api.current/mod-principal.exp
deleted file mode 100644
index ac9f96845..000000000
--- a/src/lib/kadm5/unit-test/api.current/mod-principal.exp
+++ /dev/null
@@ -1,1606 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-#test "modify-principal 1"
-#proc test1 {} {
-# global test
-# one_line_fail_test [format {
-# kadm5_modify_principal $server_handle [simple_principal \
-# "%s/a"] {KADM5_PW_EXPIRATION}
-# } $test] "NOT_INIT"
-#}
-#test1
-
-test "modify-principal 2"
-proc test2 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MODIFY"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2 }
-
-test "modify-principal 4"
-proc test4 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINCIPAL}
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test4
-
-
-test "modify-principal 5"
-proc test5 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_LAST_PWD_CHANGE}
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test5
-
-test "modify-principal 6"
-proc test6 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_MOD_TIME}
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test6
-
-test "modify-principal 7"
-proc test7 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_MOD_NAME}
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test7
-
-test "modify-principal 8"
-proc test8 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_MKVNO}
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test8
-
-test "modify-principal 9"
-proc test9 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_AUX_ATTRIBUTES}
- } $test] "BAD_MASK"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test9
-
-test "modify-principal 10"
-proc test10 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test] "UNK_PRINC"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test10
-
-test "modify-principal 11"
-proc test11 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test11 }
-
-test "modify-principal 12"
-proc test12 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test12 }
-
-test "modify-principal 13"
-proc test13 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test13 }
-
-test "modify-principal 14"
-proc test14 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test] "AUTH_MOD"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test14 }
-
-test "modify-principal 15"
-proc test15 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test15
-
-test "modify-principal 17"
-proc test17 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \
- no-policy] {KADM5_POLICY}
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test17
-
-test "modify-principal 21.5"
-proc test21.5 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {kadm5_get_policy $server_handle test-pol old_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {KADM5_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$old_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- if { ! [cmd {kadm5_get_policy $server_handle test-pol new_p1}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
-
- send "lindex \$new_p1 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
-
- if {$old_p1_ref != $new_p1_ref} {
- fail "$test: policy reference count changed ($old_p1_ref to $new_p1_ref)"
- return
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test21.5
-
-test "modify-principal 22"
-proc test22 {} {
- global test
- global prompt
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test22
-
-test "modify-principal 23"
-proc test23 {} {
- global test
- global prompt
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" test-pol-nopw])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test23
-
-test "modify-principal 24"
-proc test24 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- error_and_restart "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PW_EXPIRATION}
- } $test]]} {
- fail "$test: could not modify principal"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd [format {
- kadm5_get_policy $server_handle %s policy
- } test-pol]]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 0 } {
- fail "$test: pw_expire $pw_expire should be 0"
- return
- } else {
- pass "$test"
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test24
-
-test "modify-principal 25"
-proc test25 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {KADM5_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test25
-
-test "modify-principal 26"
-proc test26 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol-nopw" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {KADM5_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test26
-
-test "modify-principal 27"
-proc test27 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {KADM5_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test27
-
-test "modify-principal 28"
-proc test28 {} {
- global test
- global prompt
-# set prms_id 1358
-# setup_xfail {*-*-*} $prms_id
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal_pol "$test/a" "test-pol" ])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 999999999 0 0 0 0 0 0 0 0} {KADM5_PW_EXPIRATION}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { $pw_expire != 999999999 } {
- fail "$test: pw_expire $pw_expire should be 999999999"
- return
- }
- pass "$test"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "modify-principal 29"
-proc test29 {} {
- global test
- global prompt
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { ! ([create_principal_pol "$test/a" test-pol])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_POLICY_CLR}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test29
-
-test "modify-principal 30"
-proc test30 {} {
- global test
- global prompt
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal_pol "$test/a" test-pol])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol-nopw] {KADM5_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 3\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "modify-principal 31"
-proc test31 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {KADM5_POLICY}
- } $test]]} {
- fail "modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} {
- error_and_restart "$test: cannot retrieve policy"
- return
- }
- send "lindex \$principal 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_mod_date"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_mod_date"
- return
- }
- }
-
- send "lindex \$principal 3\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_expire"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_expire"
- return
- }
- }
-
- send "lindex \$policy 2\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting pw_max_life"
- return
- }
- eof {
- error_and_restart "$test: eof getting pw_max_life"
- return
- }
- }
- if { [expr "$pw_mod_date + $pw_max_life"] != $pw_expire } {
- fail "$test: pw_expire is wrong"
- return
- }
-
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "modify-principal 32"
-proc test32 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 1234 0 0 0 0 0 0 0 0 0 0} \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 1\n"
- expect {
- -re "1234\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test32
-
-test "modify-principal 33"
-proc test33 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_ALL_TIX 0 0 0 0} \
- {KADM5_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_DISALLOW_ALL_TIX.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test33
-
-test "modify-principal 33.25"
-proc test3325 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_REQUIRES_PWCHANGE 0 0 0 0} \
- {KADM5_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_REQUIRES_PWCHANGE.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test3325
-
-test "modify-principal 33.5"
-proc test335 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_TGT_BASED 0 0 0 0} \
- {KADM5_ATTRIBUTES}
- } $test]]} {
- fail "$test: modified fail"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 7\n"
- expect {
- -re "KRB5_KDB_DISALLOW_TGT_BASED.*$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test335
-
-
-test "modify-principal 34"
-proc test34 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 0 3456 0 0 0 0 0 0 0} {KADM5_MAX_LIFE}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
-
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 4\n"
- expect {
- -re "3456\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test34
-
-test "modify-principal 35"
-proc test35 {} {
- global prompt
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 0 7 0 0 0} {KADM5_KVNO}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 8\n"
- expect {
- -re "7\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test35
-
-test "modify-principal 36"
-proc test36 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal_pol "$test/a" "test-pol"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if { ! [cmd {kadm5_get_policy $server_handle test-pol pol}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \
- test-pol] {KADM5_POLICY}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 10\n"
- expect {
- -re "test-pol\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- send "lindex \$pol 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { ! [cmd {kadm5_get_policy $server_handle test-pol pol2}]} {
- perror "$test: unexpected failure on get policy"
- return
- }
- send "lindex \$pol2 6\n"
- expect {
- -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting principal kvno (second time)"
- return
- }
- eof {
- error_and_restart "$test: eof getting principal kvno (second time)"
- return
- }
- }
- if { $oldref != $newref } {
- fail "$test: policy reference count is wrong"
- return;
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test36
-
-test "modify-principal 37"
-proc test37 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if { !( [create_principal "$test/a"])} {
- error_and_restart "$test: could not create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_POLICY_CLR}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test37
-
-test "modify-principal 38"
-proc test38 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_PRINC_EXPIRE_TIME}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 1\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test38
-
-test "modify-principal 39"
-proc test39 {} {
- global test
- global prompt
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! ([create_principal "$test/a"])} {
- perror "$test: unexpected failure in creating principal"
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
- {KADM5_MAX_LIFE}
- } $test]]} {
- fail "$test: modify failed"
- return
- }
- if {! [cmd [format {
- kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
- } $test]]} {
- error_and_restart "$test: could not retrieve principal"
- return
- }
- send "lindex \$principal 4\n"
- expect {
- -re "0\n$prompt$" { pass "$test" }
- timeout { fail "$test" }
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test39
-
-test "modify-principal 40"
-proc test40 {} {
- global test
- global prompt
-
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test {
- kadm5_modify_principal $server_handle null \
- {KADM5_PRINC_EXPIRE_TIME}
- } "EINVAL"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test40
-
-test "modify-principal 43"
-proc test43 {} {
- global test
- one_line_fail_test [format {
- kadm5_modify_principal null [simple_principal \
- "%s/a"] {KADM5_PW_EXPIRATION}
- } $test] "BAD_SERVER_HANDLE"
-}
-test43
-
-test "modify-principal 44"
-proc test44 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- # setting fail auth count to a non-zero value must fail
- one_line_fail_test [format {
- kadm5_modify_principal $server_handle \
- {"%s/a" 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1234 0 0 {} {}} {KADM5_FAIL_AUTH_COUNT}
- } $test] "BAD_SERVER_PARAMS"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test44
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
deleted file mode 100644
index 2925c1c43..000000000
--- a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
+++ /dev/null
@@ -1,61 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "randkey-principal 100"
-proc test100 {} {
- global test prompt
-
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal "$test/a"]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- # I'd like to specify a long list of keysalt tuples and make sure that
- # randkey does the right thing, but we can only use those enctypes that
- # krbtgt has a key for: 3DES and AES, according to the prototype kdc.conf.
- if {! [cmd [format {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test]]} {
- perror "$test: unexpected failure in randkey_principal"
- }
- send "puts \$num_keys\n"
- expect {
- -re "(\[0-9\]+)\n$prompt" { set num_keys $expect_out(1,string) }
- timeout {
- error_and_restart "$test: timeout getting num_keys"
- return
- }
- eof {
- error_and_restart "$test: eof getting num_keys"
- return
- }
- }
-
- # XXX Perhaps I should actually check the key type returned.
- if {$num_keys == 5} {
- pass "$test"
- } else {
- fail "$test: $num_keys keys, should be 5"
- }
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test100
-
-return ""
diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal.exp
deleted file mode 100644
index 1484901fa..000000000
--- a/src/lib/kadm5/unit-test/api.current/randkey-principal.exp
+++ /dev/null
@@ -1,297 +0,0 @@
-load_lib lib.t
-api_exit
-api_start
-
-test "randkey-principal 1"
-proc test1 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- kadm5_init "%s/a" "%s/a" $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test] "PASS_TOOSOON"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test1 }
-
-test "randkey-principal 3"
-proc test3 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- kadm5_init "%s/a" "%s/a" $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test] "PASS_TOOSOON"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if ${RPC} { test3 }
-
-test "randkey-principal 13"
-proc test13 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- if {! [cmd [format {
- kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \
- once-a-min] KADM5_POLICY
- } $test]]} {
- perror "$test: failed modify"
- return
- }
- one_line_succeed_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test13
-
-test "randkey-principal 15"
-proc test15 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal_pol "$test/a" once-a-min]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test] "AUTH_CHANGEPW"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if { $RPC } { test15 }
-
-test "randkey-principal 28"
-proc test28 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test28
-
-test "randkey-principal 28.25"
-proc test2825 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test] "AUTH"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-if {$RPC} { test2825 }
-
-test "randkey-principal 28.5"
-proc test285 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [cmd {
- kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test285
-
-test "randkey-principal 30"
-proc test30 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't delete principal \"$test/a\""
- return
- }
- if {! [create_principal "$test/a"]} {
- error_and_restart "$test: creating principal"
- return
- }
- if {! [cmd [format {
- kadm5_init "%s/a" "%s/a" $KADM5_CHANGEPW_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test30
-
-test "randkey-principal 31"
-proc test31 {} {
- global test
- if {! (( ! [principal_exists "$test/a"]) ||
- [delete_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if {! [create_principal "$test/a"]} {
- error_and_restart "$test: creating principal"
- return
- }
-
- if {! [cmd [format {
- kadm5_init "%s/a" "%s/a" $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- } $test $test]]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_succeed_test [format {
- kadm5_randkey_principal $server_handle "%s/a" keys num_keys
- } $test]
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-test31
-
-test "randkey-principal 33"
-proc test33 {} {
- global test
- if {! (( [principal_exists "$test/a"]) ||
- [create_principal "$test/a"])} {
- error_and_restart "$test: couldn't create principal \"$test/a\""
- return
- }
- if { ! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- server_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- one_line_fail_test [format {
- kadm5_randkey_principal null "%s/a" keys num_keys
- } $test] "BAD_SERVER_HANDLE"
- if { ! [cmd {kadm5_destroy $server_handle}]} {
- perror "$test: unexpected failure in destroy"
- return
- }
-}
-
-test33
-
-return ""
diff --git a/src/lib/kadm5/unit-test/config/unix.exp b/src/lib/kadm5/unit-test/config/unix.exp
deleted file mode 100644
index d7706ec53..000000000
--- a/src/lib/kadm5/unit-test/config/unix.exp
+++ /dev/null
@@ -1,222 +0,0 @@
-source runenv.exp
-
-set prompt "% "
-set stty_init {-onlcr -opost intr \^C kill \^U}
-set kadmin_local $KADMIN_LOCAL
-
-# Backward compatibility until we're using expect 5 everywhere
-if {[info exists exp_version_4]} {
- global wait_error_index wait_errno_index wait_status_index
- set wait_error_index 0
- set wait_errno_index 1
- set wait_status_index 1
-} else {
- set wait_error_index 2
- set wait_errno_index 3
- set wait_status_index 3
-}
-
-if { [string length $VALGRIND] } {
- rename spawn valgrind_aux_spawn
- proc spawn { args } {
- global VALGRIND
- upvar 1 spawn_id spawn_id
- set newargs {}
- set inflags 1
- set eatnext 0
- foreach arg $args {
- if { $arg == "-ignore" \
- || $arg == "-open" \
- || $arg == "-leaveopen" } {
- lappend newargs $arg
- set eatnext 1
- continue
- }
- if [string match "-*" $arg] {
- lappend newargs $arg
- continue
- }
- if { $eatnext } {
- set eatnext 0
- lappend newargs $arg
- continue
- }
- if { $inflags } {
- set inflags 0
- # Only run valgrind for local programs, not
- # system ones.
-#&&![string match "/bin/sh" $arg] sh is used to start kadmind!
- if [string match "/" [string index $arg 0]]&&![string match "/bin/ls" $arg]&&![regexp {/kshd$} $arg] {
- set newargs [concat $newargs $VALGRIND]
- }
- }
- lappend newargs $arg
- }
- set pid [eval valgrind_aux_spawn $newargs]
- return $pid
- }
-}
-
-# Hack around Solaris 9 kernel race condition that causes last output
-# from a pty to get dropped.
-if { $PRIOCNTL_HACK } {
- catch {exec priocntl -s -c FX -m 30 -p 30 -i pid [getpid]}
- rename spawn oldspawn
- proc spawn { args } {
- upvar 1 spawn_id spawn_id
- set newargs {}
- set inflags 1
- set eatnext 0
- foreach arg $args {
- if { $arg == "-ignore" \
- || $arg == "-open" \
- || $arg == "-leaveopen" } {
- lappend newargs $arg
- set eatnext 1
- continue
- }
- if [string match "-*" $arg] {
- lappend newargs $arg
- continue
- }
- if { $eatnext } {
- set eatnext 0
- lappend newargs $arg
- continue
- }
- if { $inflags } {
- set inflags 0
- set newargs [concat $newargs {priocntl -e -c FX -p 0}]
- }
- lappend newargs $arg
- }
- set pid [eval oldspawn $newargs]
- return $pid
- }
-}
-
-# Variables for keeping track of api process state
-set api_pid "0"
-
-proc api_exit {} {
- global spawn_id
- global api_pid
-
-# puts stdout "Starting api_exit (spawn_id $spawn_id)."
- catch {close} errMsg
- catch {wait} errMsg
-# puts stdout "Finishing api_exit for $api_pid."
- set api_pid "0"
-}
-
-proc api_isrunning {pid} {
- global api_pid
-
-# puts stdout "testing $pid, api_pid is $api_pid"
- if {$pid == $api_pid} {
- return 1;
- } else {
- return 0;
- }
-}
-
-proc api_version {} {
-}
-
-proc api_start {} {
- global API
- global env
- global spawn_id
- global prompt
- global api_pid
-
- set pid [spawn $API]
- expect {
- -re "$prompt$" {}
- eof { perror "EOF starting API" }
- timeout { perror "Timeout starting API" }
- }
- if {! [info exists env(TCLUTIL)]} {
- perror "TCLUTIL environment variable isn't set"
- }
- # tcl 8.4 for some reason screws up autodetection of output
- # EOL translation. Work around it for now.
- send "if { \[info commands fconfigure\] ne \"\" } { fconfigure stdout -translation lf }\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF starting API" }
- timeout { perror "Timeout starting API" }
- }
- send "source $env(TCLUTIL)\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF starting API" }
- timeout { perror "Timeout starting API" }
- }
- send "set current_struct_version \[expr \$KADM5_STRUCT_VERSION &~ \$KADM5_STRUCT_VERSION_MASK\]\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set current_api_version \[expr \$KADM5_API_VERSION_3 &~ \$KADM5_API_VERSION_MASK\]\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set bad_struct_version_mask \[expr 0x65432100 | \$current_struct_version\]\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set bad_api_version_mask \[expr 0x65432100 | \$current_api_version\]\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set no_api_version_mask \$current_api_version\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set no_struct_version_mask \$current_struct_version\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set old_api_version \[expr \$KADM5_API_VERSION_MASK | 0x00\]\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set old_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0x00\]\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set new_api_version \[expr \$KADM5_API_VERSION_MASK | 0xca\]\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
- send "set new_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0xca\]\n"
- expect {
- -re "$prompt$" {}
- eof { perror "EOF setting API variables"}
- timeout { perror "timeout setting API variables"}
- }
-
- set api_pid $pid
-# puts stdout "Finishing api_start (spawn_id $spawn_id, pid $api_pid)."
- return $pid
-}
-api_start
-
diff --git a/src/lib/kadm5/unit-test/deps b/src/lib/kadm5/unit-test/deps
deleted file mode 100644
index cf54f475b..000000000
--- a/src/lib/kadm5/unit-test/deps
+++ /dev/null
@@ -1,86 +0,0 @@
-#
-# Generated makefile dependencies follow.
-#
-$(OUTPRE)init-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
- $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
- $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
- $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
- $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
- $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
- $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
- $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
- $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \
- $(top_srcdir)/include/krb5.h init-test.c
-$(OUTPRE)destroy-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
- $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
- $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
- $(BUILDTOP)/include/kadm5/client_internal.h $(BUILDTOP)/include/kadm5/kadm_err.h \
- $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
- $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
- $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
- $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
- $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
- $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \
- $(top_srcdir)/include/krb5.h destroy-test.c
-$(OUTPRE)handle-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
- $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
- $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
- $(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
- $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
- $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
- $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
- $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
- $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/plugin.h \
- handle-test.c
-$(OUTPRE)iter-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
- $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
- $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
- $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
- $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
- $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
- $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
- $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
- $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \
- $(top_srcdir)/include/krb5.h iter-test.c
-$(OUTPRE)setkey-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
- $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
- $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
- $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
- $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
- $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
- $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
- $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- setkey-test.c
-$(OUTPRE)randkey-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
- $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
- $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
- $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
- $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
- $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
- $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
- $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
- $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \
- $(top_srcdir)/include/krb5.h randkey-test.c
-$(OUTPRE)lock-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
- $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
- $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
- $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
- $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
- $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
- $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
- $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
- $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \
- $(top_srcdir)/include/krb5.h lock-test.c
diff --git a/src/lib/kadm5/unit-test/destroy-test.c b/src/lib/kadm5/unit-test/destroy-test.c
deleted file mode 100644
index 738cfeb86..000000000
--- a/src/lib/kadm5/unit-test/destroy-test.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include <kadm5/admin.h>
-#include <com_err.h>
-#include <stdio.h>
-#include <krb5.h>
-#include <sys/socket.h>
-#include <sys/file.h>
-#include <unistd.h>
-#include <netinet/in.h>
-#include <kadm5/client_internal.h>
-#include <string.h>
-
-#define TEST_NUM 25
-
-int main()
-{
- kadm5_ret_t ret;
- char *cp;
- int x;
- void *server_handle;
- kadm5_server_handle_t handle;
- krb5_context context;
-
- ret = kadm5_init_krb5_context(&context);
- if (ret != 0) {
- com_err("test", ret, "context init");
- exit(2);
- }
- for(x = 0; x < TEST_NUM; x++) {
- ret = kadm5_init(context, "admin", "admin", KADM5_ADMIN_SERVICE, 0,
- KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL,
- &server_handle);
- if(ret != KADM5_OK) {
- com_err("test", ret, "init");
- exit(2);
- }
- handle = (kadm5_server_handle_t) server_handle;
- cp = strdup(strchr(handle->cache_name, ':') + 1);
- kadm5_destroy(server_handle);
- if(access(cp, F_OK) == 0) {
- puts("ticket cache not destroyed");
- exit(2);
- }
- free(cp);
- }
- krb5_free_context(context);
- exit(0);
-}
diff --git a/src/lib/kadm5/unit-test/diff-files/destroy-1 b/src/lib/kadm5/unit-test/diff-files/destroy-1
deleted file mode 100644
index 593d67320..000000000
--- a/src/lib/kadm5/unit-test/diff-files/destroy-1
+++ /dev/null
@@ -1,2 +0,0 @@
-##! nochanges
-
diff --git a/src/lib/kadm5/unit-test/diff-files/no-diffs b/src/lib/kadm5/unit-test/diff-files/no-diffs
deleted file mode 100644
index 593d67320..000000000
--- a/src/lib/kadm5/unit-test/diff-files/no-diffs
+++ /dev/null
@@ -1,2 +0,0 @@
-##! nochanges
-
diff --git a/src/lib/kadm5/unit-test/handle-test.c b/src/lib/kadm5/unit-test/handle-test.c
deleted file mode 100644
index 29bd2c9a1..000000000
--- a/src/lib/kadm5/unit-test/handle-test.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include <kadm5/admin.h>
-#include <com_err.h>
-#include <stdio.h>
-#include <krb5.h>
-#include <sys/socket.h>
-#include <sys/file.h>
-#include <unistd.h>
-#include <netinet/in.h>
-#ifdef CLIENT_TEST
-#include <kadm5/client_internal.h>
-#else
-#include <kadm5/server_internal.h>
-#include <kadm5/admin.h>
-#endif
-
-int main(int argc, char *argv[])
-{
- kadm5_ret_t ret;
- void *server_handle;
- kadm5_server_handle_t handle;
- kadm5_server_handle_rec orig_handle;
- kadm5_policy_ent_rec pol;
- kadm5_principal_ent_t princ;
- kadm5_principal_ent_rec kprinc;
- krb5_keyblock *key;
- krb5_principal tprinc;
- krb5_context context;
-
-
- kadm5_init_krb5_context(&context);
-
- ret = kadm5_init(context, "admin/none", "admin", KADM5_ADMIN_SERVICE, NULL,
- KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL,
- &server_handle);
- if(ret != KADM5_OK) {
- com_err("test", ret, "init");
- exit(2);
- }
- handle = (kadm5_server_handle_t) server_handle;
- orig_handle = *handle;
- handle->magic_number = KADM5_STRUCT_VERSION;
- krb5_parse_name(context, "testuser", &tprinc);
- ret = kadm5_get_principal(server_handle, tprinc, &kprinc,
- KADM5_PRINCIPAL_NORMAL_MASK);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "get-principal",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_get_policy(server_handle, "pol1", &pol);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "get-policy",
- error_message(ret));
- exit(1);
- }
-
- princ = &kprinc;
- ret = kadm5_create_principal(server_handle, princ, KADM5_PRINCIPAL, "pass");
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "create-principal",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_create_policy(server_handle, &pol, KADM5_POLICY);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "create-policy",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_modify_principal(server_handle, princ, KADM5_PW_EXPIRATION);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "modify-principal",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_modify_policy(server_handle, &pol, KADM5_PW_MAX_LIFE);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "modify-policy",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_delete_principal(server_handle, tprinc);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "delete-principal",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_delete_policy(server_handle, "pol1");
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "delete-policy",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_chpass_principal(server_handle, tprinc, "FooBar");
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "chpass",
- error_message(ret));
- exit(1);
- }
- ret = kadm5_randkey_principal(server_handle, tprinc, &key, NULL);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "randkey",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_rename_principal(server_handle, tprinc, tprinc);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "rename",
- error_message(ret));
- exit(1);
- }
-
- ret = kadm5_destroy(server_handle);
- if(ret != KADM5_BAD_SERVER_HANDLE) {
- fprintf(stderr, "%s -- returned -- %s\n", "destroy",
- error_message(ret));
- exit(1);
- }
-
- *handle = orig_handle;
- ret = kadm5_destroy(server_handle);
- if (ret != KADM5_OK) {
- fprintf(stderr, "valid %s -- returned -- %s\n", "destroy",
- error_message(ret));
- exit(1);
- }
-
- krb5_free_principal(context, tprinc);
- krb5_free_context(context);
- exit(0);
-}
diff --git a/src/lib/kadm5/unit-test/init-test.c b/src/lib/kadm5/unit-test/init-test.c
deleted file mode 100644
index 9f06621e8..000000000
--- a/src/lib/kadm5/unit-test/init-test.c
+++ /dev/null
@@ -1,39 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include <kadm5/admin.h>
-#include <com_err.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <krb5.h>
-#include <string.h>
-
-int main()
-{
- kadm5_ret_t ret;
- void *server_handle;
- kadm5_config_params params;
- krb5_context context;
-
- memset(&params, 0, sizeof(params));
- params.mask |= KADM5_CONFIG_NO_AUTH;
- ret = kadm5_init_krb5_context(&context);
- if (ret != 0) {
- com_err("init-test", ret, "while initializing krb5 context");
- exit(1);
- }
- ret = kadm5_init(context, "admin", "admin", NULL, &params,
- KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL,
- &server_handle);
- if (!ret)
- (void)kadm5_destroy(server_handle);
- krb5_free_context(context);
- if (ret == KADM5_RPC_ERROR) {
- exit(0);
- }
- else if (ret != 0) {
- com_err("init-test", ret, "while initializing without auth");
- exit(1);
- } else {
- fprintf(stderr, "Unexpected success while initializing without auth!\n");
- exit(1);
- }
-}
diff --git a/src/lib/kadm5/unit-test/iter-test.c b/src/lib/kadm5/unit-test/iter-test.c
deleted file mode 100644
index cd85ebe4d..000000000
--- a/src/lib/kadm5/unit-test/iter-test.c
+++ /dev/null
@@ -1,51 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include <stdio.h>
-#include <kadm5/admin.h>
-#include <string.h>
-
-int main(int argc, char **argv)
-{
- kadm5_ret_t ret;
- void *server_handle;
- char **names;
- int count, princ, i;
- krb5_context context;
-
- if (argc != 3) {
- fprintf(stderr, "Usage: %s [-princ|-pol] exp\n", argv[0]);
- exit(1);
- }
- princ = (strcmp(argv[1], "-princ") == 0);
-
- ret = kadm5_init_krb5_context(&context);
- if (ret != KADM5_OK) {
- com_err("iter-test", ret, "while initializing context");
- exit(1);
- }
- ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0,
- KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL,
- &server_handle);
- if (ret != KADM5_OK) {
- com_err("iter-test", ret, "while initializing");
- exit(1);
- }
-
- if (princ)
- ret = kadm5_get_principals(server_handle, argv[2], &names, &count);
- else
- ret = kadm5_get_policies(server_handle, argv[2], &names, &count);
-
- if (ret != KADM5_OK) {
- com_err("iter-test", ret, "while retrieving list");
- exit(1);
- }
-
- for (i = 0; i < count; i++)
- printf("%d: %s\n", i, names[i]);
-
- kadm5_free_name_list(server_handle, names, count);
-
- (void) kadm5_destroy(server_handle);
-
- return 0;
-}
diff --git a/src/lib/kadm5/unit-test/lib/lib.t b/src/lib/kadm5/unit-test/lib/lib.t
deleted file mode 100644
index 3444775cf..000000000
--- a/src/lib/kadm5/unit-test/lib/lib.t
+++ /dev/null
@@ -1,306 +0,0 @@
-global timeout
-set timeout 60
-
-set lib_pid 0
-
-#
-# The functions in this library used to be responsible for bazillions
-# of wasted api_starts. Now, they all just use their own library
-# handle so they are not interrupted when the main tests call init or
-# destroy. They have to keep track of when the api exists and
-# restarts, though, since the lib_handle needs to be re-opened in that
-# case.
-#
-proc lib_start_api {} {
- global spawn_id lib_pid test
-
- if {! [api_isrunning $lib_pid]} {
- api_exit
- set lib_pid [api_start]
- if {! [cmd {
- kadm5_init admin admin $KADM5_ADMIN_SERVICE null \
- $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
- lib_handle
- }]} {
- perror "$test: unexpected failure in init"
- return
- }
- verbose "+++ restarted api ($lib_pid) for lib"
- } else {
- verbose "+++ api $lib_pid already running for lib"
- }
-}
-
-proc cmd {command} {
- global prompt
- global spawn_id
- global test
-
- send "[string trim $command]\n"
- expect {
- -re "OK .*$prompt$" { return 1 }
- -re "ERROR .*$prompt$" { return 0 }
- "wrong # args" { perror "$test: wrong number args"; return 0 }
- timeout { fail "$test: timeout"; return 0 }
- eof { fail "$test: eof"; api_exit; lib_start_api; return 0 }
- }
-}
-
-proc tcl_cmd {command} {
- global prompt spawn_id test
-
- send "[string trim $command]\n"
- expect {
- -re "$prompt$" { return 1}
- "wrong # args" { perror "$test: wrong number args"; return 0 }
- timeout { error_and_restart "timeout" }
- eof { api_exit; lib_start_api; return 0 }
- }
-}
-
-proc one_line_succeed_test {command} {
- global prompt
- global spawn_id
- global test
-
- send "[string trim $command]\n"
- expect {
- -re "OK .*$prompt$" { pass "$test"; return 1 }
- -re "ERROR .*$prompt$" {
- fail "$test: $expect_out(buffer)"; return 0
- }
- "wrong # args" { perror "$test: wrong number args"; return 0 }
- timeout { fail "$test: timeout"; return 0 }
- eof { fail "$test: eof"; api_exit; lib_start_api; return 0 }
- }
-}
-
-proc one_line_fail_test {command code} {
- global prompt
- global spawn_id
- global test
-
- send "[string trim $command]\n"
- expect {
- -re "ERROR .*$code.*$prompt$" { pass "$test"; return 1 }
- -re "ERROR .*$prompt$" { fail "$test: bad failure"; return 0 }
- -re "OK .*$prompt$" { fail "$test: bad success"; return 0 }
- "wrong # args" { perror "$test: wrong number args"; return 0 }
- timeout { fail "$test: timeout"; return 0 }
- eof { fail "$test: eof"; api_exit; lib_start_api; return 0 }
- }
-}
-
-proc one_line_fail_test_nochk {command} {
- global prompt
- global spawn_id
- global test
-
- send "[string trim $command]\n"
- expect {
- -re "ERROR .*$prompt$" { pass "$test:"; return 1 }
- -re "OK .*$prompt$" { fail "$test: bad success"; return 0 }
- "wrong # args" { perror "$test: wrong number args"; return 0 }
- timeout { fail "$test: timeout"; return 0 }
- eof { fail "$test: eof"; api_exit; lib_start_api; return 0 }
- }
-}
-
-proc resync {} {
- global prompt spawn_id test
-
- expect {
- -re "$prompt$" {}
- "wrong # args" { perror "$test: wrong number args"; return 0 }
- eof { api_exit; lib_start_api }
- }
-}
-
-proc create_principal {name} {
- lib_start_api
-
- set ret [cmd [format {
- kadm5_create_principal $lib_handle [simple_principal \
- "%s"] {KADM5_PRINCIPAL} "%s"
- } $name $name]]
-
- return $ret
-}
-
-proc create_policy {name} {
- lib_start_api
-
- set ret [cmd [format {
- kadm5_create_policy $lib_handle [simple_policy "%s"] \
- {KADM5_POLICY}
- } $name $name]]
-
- return $ret
-}
-
-proc create_principal_pol {name policy} {
- lib_start_api
-
- set ret [cmd [format {
- kadm5_create_principal $lib_handle [princ_w_pol "%s" \
- "%s"] {KADM5_PRINCIPAL KADM5_POLICY} "%s"
- } $name $policy $name]]
-
- return $ret
-}
-
-proc delete_principal {name} {
- lib_start_api
-
- set ret [cmd [format {
- kadm5_delete_principal $lib_handle "%s"
- } $name]]
-
- return $ret
-}
-
-proc delete_policy {name} {
- lib_start_api
-
- set ret [cmd [format {kadm5_delete_policy $lib_handle "%s"} $name]]
-
- return $ret
-}
-
-proc principal_exists {name} {
-# puts stdout "Starting principal_exists."
-
- lib_start_api
-
- set ret [cmd [format {
- kadm5_get_principal $lib_handle "%s" principal \
- KADM5_PRINCIPAL_NORMAL_MASK
- } $name]]
-
-# puts stdout "Finishing principal_exists."
-
- return $ret
-}
-
-proc policy_exists {name} {
- lib_start_api
-
-# puts stdout "Starting policy_exists."
-
- set ret [cmd [format {
- kadm5_get_policy $lib_handle "%s" policy
- } $name]]
-
-# puts stdout "Finishing policy_exists."
-
- return $ret
-}
-
-proc error_and_restart {error} {
- api_exit
- api_start
- perror $error
-}
-
-proc test {name} {
- global test verbose
-
- set test $name
- if {$verbose >= 1} {
- puts stdout "At $test"
- }
-}
-
-proc begin_dump {} {
- global TOP
- global RPC
-
- if { ! $RPC } {
-# exec $env(SIMPLE_DUMP) > /tmp/dump.before
- }
-}
-
-proc end_dump_compare {name} {
- global file
- global TOP
- global RPC
-
- if { ! $RPC } {
-# set file $TOP/admin/lib/unit-test/diff-files/$name
-# exec $env(SIMPLE_DUMP) > /tmp/dump.after
-# exec $env(COMPARE_DUMP) /tmp/dump.before /tmp/dump.after $file
- }
-}
-
-proc kinit { princ pass {opts ""} } {
- global env;
- global KINIT
-
- eval spawn $KINIT -5 $opts $princ
- expect {
- -re {Password for .*: $}
- {send "$pass\n"}
- timeout {puts "Timeout waiting for prompt" ; close }
- }
-
- # this necessary so close(1) in the child will not sleep waiting for
- # the parent, which is us, to read pending data.
-
- expect {
- "when initializing cache" { perror "kinit failed: $expect_out(buffer)" }
- eof {}
- }
- wait
-}
-
-proc kdestroy {} {
- global KDESTROY
- global errorCode errorInfo
- global env
-
- if {[info exists errorCode]} {
- set saveErrorCode $errorCode
- }
- if {[info exists errorInfo]} {
- set saveErrorInfo $errorInfo
- }
- catch "exec $KDESTROY -5 2>/dev/null"
- if {[info exists saveErrorCode]} {
- set errorCode $saveErrorCode
- } elseif {[info exists errorCode]} {
- unset errorCode
- }
- if {[info exists saveErrorInfo]} {
- set errorInfo $saveErrorInfo
- } elseif {[info exists errorInfo]} {
- unset errorInfo
- }
-}
-
-proc create_principal_with_keysalts {name keysalts} {
- global kadmin_local
-
- spawn $kadmin_local -e "$keysalts"
- expect {
- "kadmin.local:" {}
- default { perror "waiting for kadmin.local prompt"; return 1}
- }
- send "ank -pw \"$name\" \"$name\"\n"
- expect {
- -re "Principal \"$name.*\" created." {}
- "kadmin.local:" {
- perror "expecting principal created message";
- return 1
- }
- default { perror "waiting for principal created message"; return 1 }
- }
- expect {
- "kadmin.local:" {}
- default { perror "waiting for kadmin.local prompt"; return 1 }
- }
- close
- wait
- return 0
-}
-
-
diff --git a/src/lib/kadm5/unit-test/lock-test.c b/src/lib/kadm5/unit-test/lock-test.c
deleted file mode 100644
index 59f9d2609..000000000
--- a/src/lib/kadm5/unit-test/lock-test.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include <stdio.h>
-#include <krb5.h>
-#include <kadm5/admin.h>
-#include <kdb.h>
-#include <string.h>
-
-char *whoami;
-
-static void usage()
-{
- fprintf(stderr,
- "Usage: %s {shared|exclusive|permanent|release|"
- "get name|wait} ...\n", whoami);
- exit(1);
-}
-
-int main(int argc, char **argv)
-{
- krb5_error_code ret;
- osa_policy_ent_t entry;
- krb5_context context;
- kadm5_config_params params;
- krb5_error_code kret;
-
- whoami = argv[0];
-
- kret = kadm5_init_krb5_context(&context);
- if (kret) {
- com_err(whoami, kret, "while initializing krb5");
- exit(1);
- }
-
- params.mask = 0;
- ret = kadm5_get_config_params(context, 1, &params, &params);
- if (ret) {
- com_err(whoami, ret, "while retrieving configuration parameters");
- exit(1);
- }
- if (! (params.mask & KADM5_CONFIG_ADBNAME)) {
- com_err(whoami, KADM5_BAD_SERVER_PARAMS,
- "while retrieving configuration parameters");
- exit(1);
- }
-
- ret = krb5_db_open( context, NULL, KRB5_KDB_OPEN_RW);
- if (ret) {
- com_err(whoami, ret, "while opening database");
- exit(1);
- }
-
- argc--; argv++;
- while (argc) {
- if (strcmp(*argv, "shared") == 0) {
- ret = krb5_db_lock(context, KRB5_DB_LOCKMODE_SHARED);
- if (ret)
- com_err(whoami, ret, "while getting shared lock");
- else
- printf("shared\n");
- } else if (strcmp(*argv, "exclusive") == 0) {
- ret = krb5_db_lock(context, KRB5_DB_LOCKMODE_EXCLUSIVE );
- if (ret)
- com_err(whoami, ret, "while getting exclusive lock");
- else
- printf("exclusive\n");
- } else if (strcmp(*argv, "permanent") == 0) {
- ret = krb5_db_lock(context, KRB5_DB_LOCKMODE_EXCLUSIVE );
- if (ret)
- com_err(whoami, ret, "while getting permanent lock");
- else
- printf("permanent\n");
- } else if (strcmp(*argv, "release") == 0) {
- ret = krb5_db_unlock(context);
- if (ret)
- com_err(whoami, ret, "while releasing lock");
- else
- printf("released\n");
- } else if (strcmp(*argv, "get") == 0) {
- argc--; argv++;
- if (!argc) usage();
- if ((ret = krb5_db_get_policy(context, *argv, &entry))) {
- com_err(whoami, ret, "while getting policy");
- } else {
- printf("retrieved\n");
- krb5_db_free_policy(context, entry);
- }
- } else if (strcmp(*argv, "wait") == 0) {
- getchar();
- } else {
- fprintf(stderr, "%s: Invalid argument \"%s\"\n",
- whoami, *argv);
- usage();
- }
-
- argc--; argv++;
- }
-
- ret = krb5_db_fini(context);
- if (ret) {
- com_err(whoami, ret, "while closing database");
- exit(1);
- }
-
- return 0;
-}
diff --git a/src/lib/kadm5/unit-test/randkey-test.c b/src/lib/kadm5/unit-test/randkey-test.c
deleted file mode 100644
index dbef88ac8..000000000
--- a/src/lib/kadm5/unit-test/randkey-test.c
+++ /dev/null
@@ -1,42 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include <kadm5/admin.h>
-#include <com_err.h>
-#include <stdio.h>
-#include <krb5.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <string.h>
-
-#define TEST_NUM 1000
-
-int main()
-{
- kadm5_ret_t ret;
- krb5_keyblock *keys[TEST_NUM];
- krb5_principal tprinc;
- krb5_keyblock *newkey;
- krb5_context context;
- void *server_handle;
-
- int x, i;
-
- kadm5_init_krb5_context(&context);
-
- krb5_parse_name(context, "testuser", &tprinc);
- ret = kadm5_init(context, "admin", "admin", KADM5_ADMIN_SERVICE, NULL,
- KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL,
- &server_handle);
- if(ret != KADM5_OK) {
- com_err("test", ret, "init");
- exit(2);
- }
- for(x = 0; x < TEST_NUM; x++) {
- kadm5_randkey_principal(server_handle, tprinc, &keys[x], NULL);
- for(i = 0; i < x; i++) {
- if (!memcmp(newkey->contents, keys[i]->contents, newkey->length))
- puts("match found");
- }
- }
- kadm5_destroy(server_handle);
- exit(0);
-}
diff --git a/src/lib/kadm5/unit-test/setkey-test.c b/src/lib/kadm5/unit-test/setkey-test.c
deleted file mode 100644
index 8e7df96e9..000000000
--- a/src/lib/kadm5/unit-test/setkey-test.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include <k5-int.h>
-#include <kadm5/admin.h>
-
-#if HAVE_SRAND48
-#define RAND() lrand48()
-#define SRAND(a) srand48(a)
-#define RAND_TYPE long
-#elif HAVE_SRAND
-#define RAND() rand()
-#define SRAND(a) srand(a)
-#define RAND_TYPE int
-#elif HAVE_SRANDOM
-#define RAND() random()
-#define SRAND(a) srandom(a)
-#define RAND_TYPE long
-#else /* no random */
-need a random number generator
-#endif /* no random */
-
-krb5_keyblock test1[] = {
- {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0},
- {-1},
-};
-krb5_keyblock test2[] = {
- {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0},
- {-1},
-};
-krb5_keyblock test3[] = {
- {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0},
- {-1},
-};
-
-krb5_keyblock *tests[] = {
- test1, test2, test3, NULL
-};
-
-krb5_data tgtname = {
- 0,
- KRB5_TGS_NAME_SIZE,
- KRB5_TGS_NAME
-};
-
-krb5_enctype ktypes[] = { 0, 0 };
-
-extern krb5_kt_ops krb5_ktf_writable_ops;
-
-int
-main(int argc, char **argv)
-{
- krb5_context context;
- krb5_keytab kt;
- krb5_keytab_entry ktent;
- krb5_encrypt_block eblock;
- krb5_creds my_creds;
- krb5_get_init_creds_opt *opt;
- kadm5_principal_ent_rec princ_ent;
- krb5_principal princ, server;
- char pw[16];
- char *whoami, *principal, *authprinc, *authpwd;
- krb5_data pwdata;
- void *handle;
- int ret, test, encnum;
- unsigned int i;
-
- whoami = argv[0];
-
- if (argc < 2 || argc > 4) {
- fprintf(stderr, "Usage: %s principal [authuser] [authpwd]\n", whoami);
- exit(1);
- }
- principal = argv[1];
- authprinc = (argc > 2) ? argv[2] : argv[0];
- authpwd = (argc > 3) ? argv[3] : NULL;
-
- /*
- * Setup. Initialize data structures, open keytab, open connection
- * to kadm5 server.
- */
-
- memset(&context, 0, sizeof(context));
- kadm5_init_krb5_context(&context);
-
- ret = krb5_parse_name(context, principal, &princ);
- if (ret) {
- com_err(whoami, ret, "while parsing principal name %s", principal);
- exit(1);
- }
-
- if((ret = krb5_build_principal_ext(context, &server,
- krb5_princ_realm(kcontext, princ)->length,
- krb5_princ_realm(kcontext, princ)->data,
- tgtname.length, tgtname.data,
- krb5_princ_realm(kcontext, princ)->length,
- krb5_princ_realm(kcontext, princ)->data,
- 0))) {
- com_err(whoami, ret, "while building server name");
- exit(1);
- }
-
- ret = krb5_kt_default(context, &kt);
- if (ret) {
- com_err(whoami, ret, "while opening keytab");
- exit(1);
- }
-
- ret = kadm5_init(context, authprinc, authpwd, KADM5_ADMIN_SERVICE, NULL,
- KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL,
- &handle);
- if (ret) {
- com_err(whoami, ret, "while initializing connection");
- exit(1);
- }
-
- /* these pw's don't need to be secure, just different every time */
- SRAND((RAND_TYPE)time((void *) NULL));
- pwdata.data = pw;
- pwdata.length = sizeof(pw);
-
- /*
- * For each test:
- *
- * For each enctype in the test, construct a random password/key.
- * Assign all keys to principal with kadm5_setkey_principal. Add
- * each key to the keytab, and acquire an initial ticket with the
- * keytab (XXX can I specify the kvno explicitly?). If
- * krb5_get_init_creds_keytab succeeds, then the keys were set
- * successfully.
- */
- for (test = 0; tests[test] != NULL; test++) {
- krb5_keyblock *testp = tests[test];
- kadm5_key_data *extracted;
- int n_extracted, match;
- printf("+ Test %d:\n", test);
-
- for (encnum = 0; testp[encnum].magic != -1; encnum++) {
- for (i = 0; i < sizeof(pw); i++)
- pw[i] = (RAND() % 26) + '0'; /* XXX */
-
- krb5_use_enctype(context, &eblock, testp[encnum].enctype);
- ret = krb5_string_to_key(context, &eblock, &testp[encnum],
- &pwdata, NULL);
- if (ret) {
- com_err(whoami, ret, "while converting string to key");
- exit(1);
- }
- }
-
- /* now, encnum == # of keyblocks in testp */
- ret = kadm5_setkey_principal(handle, princ, testp, encnum);
- if (ret) {
- com_err(whoami, ret, "while setting keys");
- exit(1);
- }
-
- ret = kadm5_get_principal(handle, princ, &princ_ent, KADM5_KVNO);
- if (ret) {
- com_err(whoami, ret, "while retrieving principal");
- exit(1);
- }
-
- ret = kadm5_get_principal_keys(handle, princ, 0, &extracted,
- &n_extracted);
- if (ret) {
- com_err(whoami, ret, "while extracting keys");
- exit(1);
- }
-
- for (encnum = 0; testp[encnum].magic != -1; encnum++) {
- printf("+ enctype %d\n", testp[encnum].enctype);
-
- for (match = 0; match < n_extracted; match++) {
- if (extracted[match].key.enctype == testp[encnum].enctype)
- break;
- }
- if (match >= n_extracted) {
- com_err(whoami, KRB5_WRONG_ETYPE, "while matching enctypes");
- exit(1);
- }
- if (extracted[match].key.length != testp[encnum].length ||
- memcmp(extracted[match].key.contents, testp[encnum].contents,
- testp[encnum].length) != 0) {
- com_err(whoami, KRB5_KDB_NO_MATCHING_KEY, "verifying keys");
- exit(1);
- }
-
- memset(&ktent, 0, sizeof(ktent));
- ktent.principal = princ;
- ktent.key = testp[encnum];
- ktent.vno = princ_ent.kvno;
-
- ret = krb5_kt_add_entry(context, kt, &ktent);
- if (ret) {
- com_err(whoami, ret, "while adding keytab entry");
- exit(1);
- }
-
- memset(&my_creds, 0, sizeof(my_creds));
- my_creds.client = princ;
- my_creds.server = server;
-
- ktypes[0] = testp[encnum].enctype;
- ret = krb5_get_init_creds_opt_alloc(context, &opt);
- if (ret) {
- com_err(whoami, ret, "while allocating gic opts");
- exit(1);
- }
- krb5_get_init_creds_opt_set_etype_list(opt, ktypes, 1);
- ret = krb5_get_init_creds_keytab(context, &my_creds, princ,
- kt, 0, NULL /* in_tkt_service */,
- opt);
- krb5_get_init_creds_opt_free(context, opt);
- if (ret) {
- com_err(whoami, ret, "while acquiring initial ticket");
- exit(1);
- }
- krb5_free_cred_contents(context, &my_creds);
-
- /* since I can't specify enctype explicitly ... */
- ret = krb5_kt_remove_entry(context, kt, &ktent);
- if (ret) {
- com_err(whoami, ret, "while removing keytab entry");
- exit(1);
- }
- }
-
- (void)kadm5_free_kadm5_key_data(context, n_extracted, extracted);
- }
-
- ret = krb5_kt_close(context, kt);
- if (ret) {
- com_err(whoami, ret, "while closing keytab");
- exit(1);
- }
-
- ret = kadm5_destroy(handle);
- if (ret) {
- com_err(whoami, ret, "while closing kadmin connection");
- exit(1);
- }
-
- krb5_free_principal(context, princ);
- krb5_free_principal(context, server);
- krb5_free_context(context);
- return 0;
-}
diff --git a/src/lib/kadm5/unit-test/site.exp b/src/lib/kadm5/unit-test/site.exp
deleted file mode 100644
index 7fe397463..000000000
--- a/src/lib/kadm5/unit-test/site.exp
+++ /dev/null
@@ -1,2 +0,0 @@
-set tool kadm5_srv_tcl
-set prompt "% "
--
2.31.1
Reference in New Issue View Git Blame Copy Permalink