rpms/krb5
6
0
Fork 0
Code Issues Pull Requests Releases Activity
da5db561e5
krb5/Replace-gssrpc-tests-with-a-Python-script.patch
DistroBaker da5db561e5 Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/krb5.git#b783a5421cf5820f19f2e3aeb999ad24de39747e
2020-11-24 18:42:16 +00:00

862 lines
24 KiB
Diff
Raw Blame History

From 1de586b414104a447a50ffb6f81c2f57ed3d3a34 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Sat, 15 Feb 2020 20:34:23 -0500
Subject: [PATCH] Replace gssrpc tests with a Python script
Replace the dejagnu RPC test framework with a short Python script to
do the same tests as fullrun.exp and gsserr.exp. Modify the server
test program to facilitate use by k5test.py.
expire.exp, together with a comment in the client test program, was
designed to test a libdb2 btree bug via the gssrpc server-side
authentication code. That code was subsequently changed not to use
libdb2, before it was merged into the main krb5 tree (in revision 1.23
of svc_auth_gssapi.c, according to the changelog removed in commit
2a43d772be1e45faa8e488d436b6e867371563fb). Remove the comment and do
not replace that test sequence.
[rharwood@redhat.com: .gitignore]
---
src/configure.ac | 2 -
src/lib/rpc/unit-test/Makefile.in | 36 +--
src/lib/rpc/unit-test/client.c | 26 ---
src/lib/rpc/unit-test/config/unix.exp | 176 --------------
src/lib/rpc/unit-test/lib/helpers.exp | 234 -------------------
src/lib/rpc/unit-test/rpc_test.0/expire.exp | 49 ----
src/lib/rpc/unit-test/rpc_test.0/fullrun.exp | 91 --------
src/lib/rpc/unit-test/rpc_test.0/gsserr.exp | 30 ---
src/lib/rpc/unit-test/server.c | 13 +-
src/lib/rpc/unit-test/t_rpc.py | 29 +++
10 files changed, 41 insertions(+), 645 deletions(-)
delete mode 100644 src/lib/rpc/unit-test/config/unix.exp
delete mode 100644 src/lib/rpc/unit-test/lib/helpers.exp
delete mode 100644 src/lib/rpc/unit-test/rpc_test.0/expire.exp
delete mode 100644 src/lib/rpc/unit-test/rpc_test.0/fullrun.exp
delete mode 100644 src/lib/rpc/unit-test/rpc_test.0/gsserr.exp
create mode 100644 src/lib/rpc/unit-test/t_rpc.py
diff --git a/src/configure.ac b/src/configure.ac
index 29be532cb..aafc462f9 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -1102,8 +1102,6 @@ extern void endrpcent();],
AC_MSG_RESULT($k5_cv_type_endrpcent)
AC_DEFINE_UNQUOTED(ENDRPCENT_TYPE, $k5_cv_type_endrpcent, [Define as return type of endrpcent])
K5_GEN_FILE(include/gssrpc/types.h:include/gssrpc/types.hin)
-PASS=tcp
-AC_SUBST(PASS)
# for pkinit
AC_ARG_ENABLE([pkinit],
diff --git a/src/lib/rpc/unit-test/Makefile.in b/src/lib/rpc/unit-test/Makefile.in
index 0b6e5203d..309ae2b21 100644
--- a/src/lib/rpc/unit-test/Makefile.in
+++ b/src/lib/rpc/unit-test/Makefile.in
@@ -16,10 +16,6 @@ server: server.o rpc_test_svc.o $(GSSRPC_DEPLIBS) $(KRB5_BASE_DEPLIBS)
client.o server.o: rpc_test.h
-runenv.exp: Makefile
- $(RUN_SETUP); for i in $(RUN_VARS); do \
- eval echo "set env\($$i\) \$$$$i"; done > runenv.exp
-
# If rpc_test.h and rpc_test_*.c do not work on your system, you can
# try using rpcgen by uncommenting these lines (be sure to uncomment
# then in the generated not Makefile.in).
@@ -34,37 +30,9 @@ runenv.exp: Makefile
# rm -f rpc_test.h rpc_test_clnt.c rpc_test_svc.c
#
-check unit-test: unit-test-@DO_TEST@
-
-unit-test-:
- @echo "+++"
- @echo "+++ WARNING: lib/rpc unit tests not run."
- @echo "+++ Either tcl, runtest, or Perl is unavailable."
- @echo "+++"
- @echo 'Skipped rpc tests: runtest or Perl not found' >> $(SKIPTESTS)
-
-unit-test-ok: unit-test-body
-
-PASS=@PASS@
-unit-test-body: runenv.sh runenv.exp
- $(RM) krb5cc_rpc_test_*
- $(ENV_SETUP) $(VALGRIND) $(START_SERVERS)
- RPC_TEST_KEYTAB=/tmp/rpc_test_keytab.$$$$ ; export RPC_TEST_KEYTAB ; \
- trap "echo Failed, cleaning up... ; rm -f $$RPC_TEST_KEYTAB ; $(ENV_SETUP) $(STOP_SERVERS) ; trap '' 0 ; exit 1" 0 1 2 3 14 15 ; \
- if $(ENV_SETUP) \
- $(RUNTEST) SERVER=./server CLIENT=./client \
- KINIT=$(BUILDTOP)/clients/kinit/kinit \
- KDESTROY=$(BUILDTOP)/clients/kdestroy/kdestroy \
- PRIOCNTL_HACK=@PRIOCNTL_HACK@ VALGRIND="$(VALGRIND)" \
- PASS="$(PASS)" --tool rpc_test $(RUNTESTFLAGS) ; \
- then \
- echo Cleaning up... ; \
- rm -f $$RPC_TEST_KEYTAB krb5cc_rpc_test_* ; \
- $(ENV_SETUP) $(STOP_SERVERS) ; \
- trap 0 ; exit 0 ; \
- else exit 1 ; fi
+check-pytests:
+ $(RUNPYTEST) $(srcdir)/t_rpc.py $(PYTESTFLAGS)
clean:
$(RM) server client
- $(RM) dbg.log rpc_test.log rpc_test.sum runenv.exp
diff --git a/src/lib/rpc/unit-test/client.c b/src/lib/rpc/unit-test/client.c
index 5edde49df..c9a812bc5 100644
--- a/src/lib/rpc/unit-test/client.c
+++ b/src/lib/rpc/unit-test/client.c
@@ -231,32 +231,6 @@ main(argc, argv)
else
gssrpc_xdr_free(xdr_wrapstring, echo_resp);
- /*
- * Test fix for secure-rpc/586, part 1: btree keys must be
- * unique. Create another context from the same credentials; it
- * should have the same expiration time and will cause the server
- * to abort if the clients are not differentiated.
- *
- * Test fix for secure-rpc/586, part 2: btree keys cannot be
- * mutated in place. To test this: a second client, *with a
- * later expiration time*, must be run. The second client should
- * destroy itself *after* the first one; if the key-mutating bug
- * is not fixed, the second client_data will be in the btree
- * before the first, but its key will be larger; thus, when the
- * first client calls AUTH_DESTROY, the server won't find it in
- * the btree and call abort.
- *
- * For unknown reasons, running just a second client didn't
- * tickle the bug; the btree code seemed to guess which node to
- * look at first. Running a total of three clients does ticket
- * the bug. Thus, the full test sequence looks like this:
- *
- * kinit -l 20m user && client server test@ddn 200
- * sleep 1
- * kini -l 30m user && client server test@ddn 300
- * sleep 1
- * kinit -l 40m user && client server test@ddn 400
- */
if (! auth_once) {
tmp_auth = clnt->cl_auth;
clnt->cl_auth = auth_gssapi_create_default(clnt, target);
diff --git a/src/lib/rpc/unit-test/config/unix.exp b/src/lib/rpc/unit-test/config/unix.exp
deleted file mode 100644
index 18da62be4..000000000
--- a/src/lib/rpc/unit-test/config/unix.exp
+++ /dev/null
@@ -1,176 +0,0 @@
-#
-# $Id$
-#
-
-source runenv.exp
-
-set kill /bin/kill
-set sleep /bin/sleep
-set kinit $KINIT
-set kdestroy $KDESTROY
-
-set hostname [exec hostname]
-
-# Hack around Solaris 9 kernel race condition that causes last output
-# from a pty to get dropped.
-if { $PRIOCNTL_HACK } {
- catch {exec priocntl -s -c FX -m 30 -p 30 -i pid [getpid]}
- rename spawn oldspawn
- proc spawn { args } {
- upvar 1 spawn_id spawn_id
- set newargs {}
- set inflags 1
- set eatnext 0
- foreach arg $args {
- if { $arg == "-ignore" \
- || $arg == "-open" \
- || $arg == "-leaveopen" } {
- lappend newargs $arg
- set eatnext 1
- continue
- }
- if [string match "-*" $arg] {
- lappend newargs $arg
- continue
- }
- if { $eatnext } {
- set eatnext 0
- lappend newargs $arg
- continue
- }
- if { $inflags } {
- set inflags 0
- set newargs [concat $newargs {priocntl -e -c FX -p 0}]
- }
- lappend newargs $arg
- }
- set pid [eval oldspawn $newargs]
- return $pid
- }
-}
-
-if { [string length $VALGRIND] } {
- rename spawn valgrind_aux_spawn
- proc spawn { args } {
- global VALGRIND
- upvar 1 spawn_id spawn_id
- set newargs {}
- set inflags 1
- set eatnext 0
- foreach arg $args {
- if { $arg == "-ignore" \
- || $arg == "-open" \
- || $arg == "-leaveopen" } {
- lappend newargs $arg
- set eatnext 1
- continue
- }
- if [string match "-*" $arg] {
- lappend newargs $arg
- continue
- }
- if { $eatnext } {
- set eatnext 0
- lappend newargs $arg
- continue
- }
- if { $inflags } {
- set inflags 0
- # Only run valgrind for local programs, not
- # system ones.
-#&&![string match "/bin/sh" $arg] sh is used to start kadmind!
- if [string match "/" [string index $arg 0]]&&![string match "/bin/ls" $arg]&&![regexp {/kshd$} $arg] {
- set newargs [concat $newargs $VALGRIND]
- } elseif [string match "." [string index $arg 0]] {
- set newargs [concat $newargs $VALGRIND]
- }
- }
- lappend newargs $arg
- }
- set pid [eval valgrind_aux_spawn $newargs]
- return $pid
- }
-}
-
-# this will initialize the database and keytab
-load_lib "helpers.exp"
-
-proc rpc_test_version {} {
- global CLIENT
- global SERVER
-
- clone_output "$CLIENT version <unknown>"
- clone_output "$SERVER version <unknown>"
-}
-
-proc rpc_test_load {} {
- #
-}
-
-# rpc_test_exit -- clean up and exit
-proc rpc_test_exit {} {
- global server_id
- global server_pid
- global server_started
- global kill
-
- if {[catch {
- expect {
- -i $server_id
- eof {
- fail "server exited!"
- verbose $expect_out(buffer) 1
- }
- timeout { pass "server survived" }
- }
- } tmp]} {
- fail "server exited! (expect failed)"
- }
-}
-
-#
-# rpc_test_start -- start the rpc_test server running
-#
-proc rpc_test_start { } {
- global SERVER PROT
- global server_id
- global server_pid
- global server_started
- global server_port
- global env
-
- if [info exists server_pid] { rpc_test_exit }
-
- set env(KRB5_KTNAME) FILE:$env(RPC_TEST_KEYTAB)
-
- verbose "% $SERVER" 1
- set server_pid [spawn $SERVER $PROT]
- set server_id $spawn_id
- set server_started 1
- set server_port -1
-
- unset env(KRB5_KTNAME)
-
- set timeout 30
-
- expect {
- -re "port: (\[0-9\]*)\r\n" {
- set server_port $expect_out(1,string)
- }
- "running" { }
- eof {
- send_error "server exited!"
- verbose $expect_out(buffer) 1
- }
- timeout {
- send_error "server didn't start in $timeout seconds"
- verbose $expect_out(buffer) 1
- }
- }
-
-}
-
-set MULTIPASS {
- {tcp PROT=-t dummy=[rpc_test_start]}
- {udp PROT=-u dummy=[rpc_test_start]}
-}
diff --git a/src/lib/rpc/unit-test/lib/helpers.exp b/src/lib/rpc/unit-test/lib/helpers.exp
deleted file mode 100644
index eb2797c53..000000000
--- a/src/lib/rpc/unit-test/lib/helpers.exp
+++ /dev/null
@@ -1,234 +0,0 @@
-if {[info commands exp_version] != {}} {
- set exp_version_4 [regexp {^4} [exp_version]]
-} else {
- set exp_version_4 [regexp {^4} [expect_version]]
-}
-
-# Backward compatibility until we're using expect 5 everywhere
-if {$exp_version_4} {
- global wait_error_index wait_errno_index wait_status_index
- set wait_error_index 0
- set wait_errno_index 1
- set wait_status_index 1
-} else {
- set wait_error_index 2
- set wait_errno_index 3
- set wait_status_index 3
-}
-
-proc set_from_env {varname default_value} {
- global env
- upvar $varname v
-
- if [info exists env($varname)] {
- set v $env($varname)
- } else {
- set v $default_value
- }
-}
-proc expect_tcl_prompt {} {
- global kadmin_tcl_spawn_id
- expect {
- -i $kadmin_tcl_spawn_id
- -re "^% $" { }
- -re . { perror "unexpected output {$expect_out(buffer)} from subprocess, expecting tcl prompt" }
- timeout { perror "timeout waiting for tcl prompt" }
- eof { perror "eof from subprocess when expecting tcl prompt" }
- }
-}
-proc send_tcl_cmd_await_echo {cmd} {
- global kadmin_tcl_spawn_id
- send -i $kadmin_tcl_spawn_id "$cmd\n"
- expect {
- -i $kadmin_tcl_spawn_id
- -ex "$cmd\r\n" { }
- timeout { perror "timeout waiting for tcl subprocess to echo input" }
- eof { perror "eof waiting for tcl subprocess to echo input" }
- }
-}
-proc expect_kadm_ok {} {
- global kadmin_tcl_spawn_id
- expect {
- -i $kadmin_tcl_spawn_id
- -re "^OK KADM5_OK \[^\n\]*\n" {}
- -re "^ERROR \[^\n\]*\n" { perror "kadmin tcl subprocess reported unexpected error" }
- -re "^marshall_new_creds: \[^\n\]*\n" { exp_continue }
- -re "^gssapi_\[^\n\]*\n" { exp_continue }
- -re "^\r?\n" { exp_continue }
- eof { perror "kadmin tcl subprocess died" }
- default { perror "didn't get ok back" }
- }
-}
-proc setup_database {} {
- global env spawn_id kadmin_tcl_spawn_id TESTDIR CANON_HOST
-
- # XXXXX
- set_from_env TOP {/x/x/x/x/x}
- send_user "TOP=$TOP\n"
-
- set_from_env TESTDIR $env(TOP)/testing
- set_from_env CLNTTCL $TESTDIR/util/kadm5_clnt_tcl
- set_from_env TCLUTIL $TESTDIR/tcl/util.t
- set env(TCLUTIL) $TCLUTIL
- set env(PATH) "$TOP/install/admin:$env(PATH)"
-
- # $VERBOSE ?
-
- if [info exists spawn_id] { set x $spawn_id }
- spawn $CLNTTCL
- set kadmin_tcl_spawn_id $spawn_id
- if [info exists x] { set spawn_id $x }
-
- expect_tcl_prompt
- # tcl 8.4 for some reason screws up autodetection of output EOL
- # translation. Work around it for now.
- send_tcl_cmd_await_echo "if { \[info commands fconfigure\] != \"\" } { fconfigure stdout -translation lf }"
- expect_tcl_prompt
- send_tcl_cmd_await_echo "source {$TCLUTIL}"
- expect_tcl_prompt
- send_tcl_cmd_await_echo "set h {$CANON_HOST}"
- expect {
- -ex "$CANON_HOST\r\n" { }
- timeout { perror "timeout waiting for subprocess" }
- eof { perror "eof from subprocess" }
- }
- expect_tcl_prompt
-
- send_tcl_cmd_await_echo {kadm5_init admin admin $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 server_handle}
- expect_kadm_ok
- expect "^% "
- send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal server/$h] {KADM5_PRINCIPAL} admin}
- expect_kadm_ok
- expect "^% "
- send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle server/$h key null}
- expect_kadm_ok
- expect "^% "
- send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal notserver/$h] {KADM5_PRINCIPAL} admin}
- expect_kadm_ok
- expect "^% "
- send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle notserver/$h key null}
- expect_kadm_ok
- expect "^% "
- send_tcl_cmd_await_echo {kadm5_destroy $server_handle}
- expect_kadm_ok
- expect "^% "
- wait -nowait -i $spawn_id
- close -i $spawn_id
-}
-
-if ![info exists CANON_HOST] {
- set CANON_HOST $env(QUALNAME)
- setup_database
- file delete $env(RPC_TEST_KEYTAB)
- exec $env(TOP)/cli/kadmin -p admin -w admin ktadd -k $env(RPC_TEST_KEYTAB) server/$CANON_HOST
-}
-
-
-proc kinit {princ pass lifetime} {
- global kinit
- global wait_error_index wait_errno_index wait_status_index
-
- spawn -noecho $kinit -5 -l $lifetime $princ
- expect {
- -re "Password for $princ.*: " { send "$pass\n"; expect eof }
- timeout { perror "Timeout waiting for kinit"; close }
- eof
- }
-
- set ret [wait]
- if {[lindex $ret $wait_error_index] == -1} {
- perror \
- "wait(kinit $princ) returned error [lindex $ret $wait_errno_index]"
- } else {
- if {[lindex $ret $wait_status_index] != 0} {
- perror \
- "kinit $princ failed with [lindex $ret $wait_status_index]"
- }
- }
-}
-
-proc flush_server {} {
- global server_id
- global expect_out
-
- verbose "flushing server output" 1
-
- while {1} {
- set timeout 5
-
- expect {
- -i $server_id
- -re "^.+$" {
- verbose "server output: $expect_out(buffer)"
- }
- timeout { break }
- }
- }
-}
-
-proc start_client {testname ccname user password lifetime count
- {target ""}} {
- global env CLIENT PROT hostname server_port spawn_id verbose
-
- if {$target == ""} {
- set target "server@$hostname"
- }
-
- set env(KRB5CCNAME) FILE:[pwd]/krb5cc_rpc_test_$ccname
- kinit $user $password $lifetime
-
- if {$verbose > 0} {
- spawn $CLIENT -a 1 -s 1 -m 1 $PROT $hostname $server_port $target $count
- } else {
- spawn $CLIENT $PROT $hostname $server_port $target $count
- }
-
- verbose "$testname: client $ccname started"
-
- unset env(KRB5CCNAME)
-}
-
-proc eof_client {testname ccname id status} {
- verbose "$testname: eof'ing for client $ccname" 1
-
- expect {
- -i $id
- -re "^marshall_new_creds\[^\n\]*\n" { exp_continue }
- -re "^gssapi_\[^\n\]*\n" { exp_continue }
- -re "^\r?\n" { exp_continue }
- eof { verbose $expect_out(buffer) 1 }
- timeout {
- fail "$testname: timeout waiting for client $ccname to exit"
- }
- }
- wait_client $testname $ccname $id $status
-}
-
-
-proc wait_client {testname ccname id status} {
- global env
- global kill
- global kdestroy
- global wait_error_index wait_errno_index wait_status_index
-
- verbose "$testname: waiting for client $ccname" 1
-
- set ret [wait -i $id]
- if {[lindex $ret $wait_error_index] == -1} {
- fail \
- "$testname: wait $ccname returned error [lindex $ret $wait_errno_index]"
- } else {
- if {[lindex $ret $wait_status_index] == $status} {
- pass "$testname: client $ccname"
- } else {
- fail "$testname: client $ccname: unexpected return status [lindex $ret $wait_status_index], should be $status."
- }
- }
-
- set env(KRB5CCNAME) FILE:[pwd]/krb5cc_rpc_test_$ccname
- if {[catch "exec $kdestroy -5"] != 0} {
- perror "$testname: cannot destroy client $ccname ccache"
- }
-
- unset env(KRB5CCNAME)
-}
diff --git a/src/lib/rpc/unit-test/rpc_test.0/expire.exp b/src/lib/rpc/unit-test/rpc_test.0/expire.exp
deleted file mode 100644
index e19cca0ef..000000000
--- a/src/lib/rpc/unit-test/rpc_test.0/expire.exp
+++ /dev/null
@@ -1,49 +0,0 @@
-set timeout 40
-
-load_lib "helpers.exp"
-
-global server_started
-
-proc expired {} {
- global spawn_id server_id
-
- start_client expired expired testuser notathena -1m 100
- eof_client expired expired $spawn_id 2
-
- expect {
- -i $server_id
- -re "rpc_test server: Authen.*failed:.*credential.*expired" { pass "expired" }
- timeout { fail "expired: timeout waiting for expired creds error" }
- }
-
- flush_server
-}
-
-# This test doesn't work after #6948, because the client won't try to
-# authenticate using an expired TGT.
-#if { $server_started } {expired }
-
-proc overlap {} {
- global spawn_id
-
- start_client expire 1 testuser notathena 20m 100
- set client1_id $spawn_id
- flush_server
-
- start_client expire 2 testuser notathena 40m 300
- set client2_id $spawn_id
- flush_server
-
- start_client expire 3 testuser notathena 60m 500
- set client3_id $spawn_id
- flush_server
-
- eof_client expire 1 $client1_id 0
- eof_client expire 2 $client2_id 0
- eof_client expire 3 $client3_id 0
-
- flush_server
-}
-if { $server_started } {overlap}
-
-
diff --git a/src/lib/rpc/unit-test/rpc_test.0/fullrun.exp b/src/lib/rpc/unit-test/rpc_test.0/fullrun.exp
deleted file mode 100644
index 73083de1f..000000000
--- a/src/lib/rpc/unit-test/rpc_test.0/fullrun.exp
+++ /dev/null
@@ -1,91 +0,0 @@
-set timeout 120
-
-load_lib "helpers.exp"
-
-global spawn_id
-global server_id
-global server_started
-
-if { !$server_started } {return}
-
-# Start the client and do a full run
-start_client "full run" fullrun testuser notathena 8h 1026
-set client_id $spawn_id
-
-#
-# test: did we get 11 dots?
-#
-verbose "Starting RPC echo test. This will take about 50 seconds.\n"
-
-set ver_line "rpc_test server: bad verifier\[^\r\n\]*\[\r\n]+"
-
-set dots 0
-set server_lines 0
-while {1} {
- expect {
- -i $server_id
- -re $ver_line {
- verbose "Got line from server."
- incr server_lines
- }
- default {
- exp_continue
- }
-
- -i $client_id
- . {
- incr dots
- verbose "$expect_out(buffer)" 1
- if ($dots==11) { break }
- }
- eof {
- #
- # test: was the exit status right?
- #
- wait_client "full run" fullrun $client_id 0
- break
- }
-
- timeout {
- verbose "Timeout waiting for dot\n" 1
- fail "full run: timeout waiting for dot"
- break
- }
- }
-}
-if {$dots==11} {
- pass "fullrun: echo test"
-} else {
- fail "fullrun: echo test: expected 11 dots, got $dots"
-}
-
-#
-# test: server logged four bad verifiers?
-#
-verbose "full run: checking server output"
-
-# Small timeout, since the server should have already printed everything
-set timeout 5
-
-while {$server_lines < 4} {
- expect {
- -i $server_id
- -re $ver_line {
- incr server_lines
- }
- -re ".+\r\n" {
- verbose "Unexpected server output: $expect_out(buffer)"
- }
- default {
- break
- }
- }
-}
-
-if {$server_lines == 4} {
- pass "fullrun: bad verifiers"
-} else {
- fail "fullrun: expected four bad verifiers, got $server_lines"
-}
-
-flush_server
diff --git a/src/lib/rpc/unit-test/rpc_test.0/gsserr.exp b/src/lib/rpc/unit-test/rpc_test.0/gsserr.exp
deleted file mode 100644
index 005971989..000000000
--- a/src/lib/rpc/unit-test/rpc_test.0/gsserr.exp
+++ /dev/null
@@ -1,30 +0,0 @@
-set timeout 30
-
-load_lib "helpers.exp"
-
-global spawn_id
-global server_id
-global server_started
-global hostname
-
-if { !$server_started } {return}
-
-start_client "gss err" gsserr testuser notathena 8h 1026 notserver@$hostname
-
-eof_client "gss err" gsserr $spawn_id 2
-
-#
-# test: server logged an authentication attempted failed?
-#
-verbose "gss err: checking server output"
-
-expect {
- -i $server_id
- -re "rpc_test server: Authent.*failed: .* not found in keytab" {
- pass "gss err: server logged auth error"
- }
- eof { fail "gss err: server exited" }
- timeout { fail "gss err: timeout waiting for server output" }
-}
-
-flush_server
diff --git a/src/lib/rpc/unit-test/server.c b/src/lib/rpc/unit-test/server.c
index 13e99bb06..c3bbcbf8c 100644
--- a/src/lib/rpc/unit-test/server.c
+++ b/src/lib/rpc/unit-test/server.c
@@ -37,7 +37,7 @@ static void rpc_test_badverf(gss_name_t client, gss_name_t server,
caddr_t data);
#ifndef SERVICE_NAME
-#define SERVICE_NAME "server"
+#define SERVICE_NAME "host"
#endif
static void usage()
@@ -120,7 +120,6 @@ main(int argc, char **argv)
prot == IPPROTO_TCP ? "tcp" : "udp");
exit(1);
}
- printf("port: %d\n", (int)transp->xp_port);
if (svcauth_gssapi_set_names(names, 0) == FALSE) {
fprintf(stderr, "unable to set gssapi names\n");
@@ -144,6 +143,8 @@ main(int argc, char **argv)
signal(SIGTERM, handlesig);
#endif
printf("running\n");
+ printf("port: %d\n", (int)transp->xp_port);
+ fflush(stdout);
svc_run();
fprintf(stderr, "svc_run returned");
@@ -177,6 +178,7 @@ static void rpc_test_badverf(gss_name_t client, gss_name_t server,
inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr),
ntohs(rqst->rq_xprt->xp_raddr.sin_port),
(int) server_name.length, (char *) server_name.value);
+ fflush(stdout);
(void) gss_release_buffer(&minor_stat, &client_name);
(void) gss_release_buffer(&minor_stat, &server_name);
@@ -211,6 +213,7 @@ void rpc_test_badauth(OM_uint32 major, OM_uint32 minor,
printf("rpc_test server: Authentication attempt failed: %s", a);
log_badauth_display_status(major, minor);
printf("\n");
+ fflush(stdout);
}
void log_miscerr(struct svc_req *rqst, struct rpc_msg *msg,
@@ -220,6 +223,7 @@ void log_miscerr(struct svc_req *rqst, struct rpc_msg *msg,
a = inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr);
printf("Miscellaneous RPC error: %s, %s\n", a, error);
+ fflush(stdout);
}
void log_badauth_display_status(OM_uint32 major, OM_uint32 minor)
@@ -243,10 +247,12 @@ void log_badauth_display_status_1(OM_uint32 code, int type, int rec)
log_badauth_display_status_1(gssstat,GSS_C_GSS_CODE,1);
log_badauth_display_status_1(minor_stat,
GSS_C_MECH_CODE, 1);
- } else
+ } else {
printf("GSS-API authentication error %.*s: "
"recursive failure!\n", (int) msg.length,
(char *)msg.value);
+ }
+ fflush(stdout);
return;
}
@@ -256,4 +262,5 @@ void log_badauth_display_status_1(OM_uint32 code, int type, int rec)
if (!msg_ctx)
break;
}
+ fflush(stdout);
}
diff --git a/src/lib/rpc/unit-test/t_rpc.py b/src/lib/rpc/unit-test/t_rpc.py
new file mode 100644
index 000000000..4e565d25c
--- /dev/null
+++ b/src/lib/rpc/unit-test/t_rpc.py
@@ -0,0 +1,29 @@
+import re
+
+from k5test import *
+
+realm = K5Realm()
+
+server = realm.start_server(['./server', '-t'], 'running')
+line = server.stdout.readline()
+portstr = re.match(r'^port: (\d+)$', line).group(1)
+
+realm.run(['./client', '-t', hostname, portstr, 'host@' + hostname, '1026'],
+ expected_msg='...........')
+
+for i in range(4):
+ line = server.stdout.readline()
+ if 'rpc_test server: bad verifier from user@KRBTEST.COM at ' not in line:
+ fail('unexpected server message: ' + line)
+ output(line)
+
+realm.addprinc('nokey/' + hostname)
+
+realm.run(['./client', '-t', hostname, portstr, 'nokey@' + hostname, '1026'],
+ expected_code=2)
+
+line = server.stdout.readline()
+if 'rpc_test server: Authentication attempt failed: ' not in line:
+ fail('unexpected server message: ' + line)
+
+success('gssrpc auth_gssapi tests')
Reference in New Issue View Git Blame Copy Permalink