1e0895134Schristos#!/bin/sh 2e0895134Schristos# 3e0895134Schristos# Copyright (c) 2006 - 2011 Kungliga Tekniska Högskolan 4e0895134Schristos# (Royal Institute of Technology, Stockholm, Sweden). 5e0895134Schristos# All rights reserved. 6e0895134Schristos# 7e0895134Schristos# Redistribution and use in source and binary forms, with or without 8e0895134Schristos# modification, are permitted provided that the following conditions 9e0895134Schristos# are met: 10e0895134Schristos# 11e0895134Schristos# 1. Redistributions of source code must retain the above copyright 12e0895134Schristos# notice, this list of conditions and the following disclaimer. 13e0895134Schristos# 14e0895134Schristos# 2. Redistributions in binary form must reproduce the above copyright 15e0895134Schristos# notice, this list of conditions and the following disclaimer in the 16e0895134Schristos# documentation and/or other materials provided with the distribution. 17e0895134Schristos# 18e0895134Schristos# 3. Neither the name of the Institute nor the names of its contributors 19e0895134Schristos# may be used to endorse or promote products derived from this software 20e0895134Schristos# without specific prior written permission. 21e0895134Schristos# 22e0895134Schristos# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23e0895134Schristos# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24e0895134Schristos# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25e0895134Schristos# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26e0895134Schristos# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27e0895134Schristos# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28e0895134Schristos# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29e0895134Schristos# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30e0895134Schristos# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31e0895134Schristos# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32e0895134Schristos# SUCH DAMAGE. 33e0895134Schristos 34e0895134Schristostop_builddir="@top_builddir@" 35e0895134Schristosenv_setup="@env_setup@" 36e0895134Schristosobjdir="@objdir@" 37e0895134Schristos 38e0895134Schristos. ${env_setup} 39e0895134Schristos 40e0895134SchristosKRB5_CONFIG="${1-${objdir}/krb5.conf}" 41e0895134Schristosexport KRB5_CONFIG 42e0895134Schristos 43e0895134Schristostestfailed="echo test failed; cat messages.log; exit 1" 44e0895134Schristos 45*de695f5eSchristos# If there is no useful db support compiled in, disable test 46e0895134Schristos${have_db} || exit 77 47e0895134Schristos 48e0895134SchristosR=TEST.H5L.SE 49e0895134Schristos 50e0895134Schristosport=@port@ 51e0895134Schristos 52e0895134Schristoskadmin="${kadmin} -l -r $R" 53e0895134Schristoskdc="${kdc} --addresses=localhost -P $port" 54e0895134Schristos 55e0895134Schristosserver=host/datan.test.h5l.se 56e0895134Schristoscache="FILE:${objdir}/cache.krb5" 57e0895134Schristosacache="FILE:${objdir}/acache.krb5" 58e0895134Schristos 59e0895134Schristoskinit="${kinit} -c $cache ${afs_no_afslog}" 60e0895134Schristosakinit="${kinit} -c $acache ${afs_no_afslog}" 61e0895134Schristosklist="${klist} -c $cache" 62e0895134Schristosaklist="${klist} -c $acache" 63e0895134Schristoskgetcred="${kgetcred} -c $cache" 64e0895134Schristoskdestroy="${kdestroy} -c $cache ${afs_no_unlog}" 65e0895134Schristos 66e0895134Schristosrm -f ${keytabfile} 67e0895134Schristosrm -f current-db* 68e0895134Schristosrm -f out-* 69e0895134Schristosrm -f mkey.file* 70e0895134Schristos 71e0895134Schristos> messages.log 72e0895134Schristos 73e0895134Schristosecho Creating database 74e0895134Schristos${kadmin} \ 75e0895134Schristos init \ 76e0895134Schristos --realm-max-ticket-life=1day \ 77e0895134Schristos --realm-max-renewable-life=1month \ 78e0895134Schristos ${R} || exit 1 79e0895134Schristos 80e0895134Schristos${kadmin} add -p foo --use-defaults foo@${R} || exit 1 81e0895134Schristos${kadmin} add -p foo --use-defaults ${server}@${R} || exit 1 82e0895134Schristos 83e0895134Schristosecho "Doing database check" 84e0895134Schristos${kadmin} check ${R} || exit 1 85e0895134Schristos 86e0895134Schristosecho foo > ${objdir}/foopassword 87e0895134Schristosecho bar > ${objdir}/barpassword 88e0895134Schristos 89e0895134Schristosecho Starting kdc ; > messages.log 90e0895134Schristosenv MallocStackLogging=1 MallocStackLoggingNoCompact=1 MallocErrorAbort=1 MallocLogFile=${objdir}/malloc-log \ 91e0895134Schristos${kdc} --detach --testing || { echo "kdc failed to start"; exit 1; } 92e0895134Schristoskdcpid=`getpid kdc` 93e0895134Schristos 94e0895134Schristostrap "kill -9 ${kdcpid}; echo signal killing kdc; cat messages.log; exit 1;" EXIT 95e0895134Schristos 96e0895134Schristosec=0 97e0895134Schristos 98e0895134Schristos# 99e0895134Schristos# Check armor ticket 100e0895134Schristos# 101e0895134Schristos 102e0895134Schristosecho "Getting client initial tickets"; > messages.log 103e0895134Schristos${kinit} --password-file=${objdir}/foopassword foo@$R || \ 104e0895134Schristos { ec=1 ; eval "${testfailed}"; } 105e0895134Schristosecho "Checking for FAST avail" 106e0895134Schristos${klist} --hidden | grep fast_avail > /dev/null || { exit 1; } 107e0895134Schristosecho "Getting tickets"; > messages.log 108e0895134Schristos${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } 109e0895134Schristosecho "Listing tickets"; > messages.log 110e0895134Schristos${klist} > /dev/null || { ec=1 ; eval "${testfailed}"; } 111e0895134Schristos${kdestroy} 112e0895134Schristos 113e0895134Schristosecho "Acquire host ticket to be used as an ARMOR ticket"; > messages.log 114e0895134Schristos${akinit} --password-file=${objdir}/foopassword ${server}@${R} >/dev/null|| { exit 1; } 115e0895134Schristosecho "Checking for FAST avail (in the FAST armor cache)"; > messages.log 116e0895134Schristos${aklist} --hidden | grep fast_avail > /dev/null || { exit 1; } 117e0895134Schristos 118e0895134Schristos# 119e0895134Schristos# Client tests 120e0895134Schristos# 121e0895134Schristos 122e0895134Schristosecho "Getting client initial tickets with FAST armor ticket"; > messages.log 123e0895134Schristos${kinit} --fast-armor-cache=${acache} \ 124e0895134Schristos --password-file=${objdir}/foopassword foo@$R || \ 125e0895134Schristos { ec=1 ; eval "${testfailed}"; } 126e0895134Schristos 127e0895134Schristosecho "Getting client initial tickets with FAST armor ticket [failure]"; > messages.log 128e0895134Schristos${kinit} --fast-armor-cache=${acache} \ 129e0895134Schristos --password-file=${objdir}/barpassword foo@$R 2>/dev/null && \ 130e0895134Schristos { ec=1 ; eval "${testfailed}"; } 131e0895134Schristos 132e0895134Schristosecho "Checking for FAST avail (in the FAST acquired cache)"; > messages.log 133e0895134Schristos${klist} --hidden | grep fast_avail > /dev/null || { exit 1; } 134e0895134Schristos 135e0895134Schristosecho "Getting service ticket" 136e0895134Schristos${kgetcred} ${server}@${R} || { exit 1; } 137e0895134Schristos${kdestroy} 138e0895134Schristos 139e0895134Schristos# 140e0895134Schristos# Use MIT client tools 141e0895134Schristos# 142e0895134Schristos 143e0895134Schristosmit=/usr/local/mitkerberos/bin 144e0895134Schristos 145e0895134Schristosif [ -f ${mit}/kinit ] ; then 146e0895134Schristos echo "Running MIT FAST tests" 147e0895134Schristos 148e0895134Schristos kinitpty=${objdir}/foopassword.rkpty 149e0895134Schristoscat > ${kinitpty} <<EOF 150e0895134Schristosexpect Password 151e0895134Schristospassword foo\n 152e0895134SchristosEOF 153e0895134Schristos 154e0895134Schristos echo "Acquire host ticket"; > messages.log 155e0895134Schristos ${rkpty} ${kinitpty} ${mit}/kinit -c ${acache} ${server}@${R} >/dev/null|| { exit 1; } 156e0895134Schristos (${aklist} | grep ${server} > /dev/null ) || { exit 1; } 157e0895134Schristos 158e0895134Schristos echo "Checking for FAST avail"; > messages.log 159e0895134Schristos ${aklist} --hidden | grep fast_avail > /dev/null || { exit 1; } 160e0895134Schristos 161e0895134Schristos echo "Using plain to get a initial ticket"; > messages.log 162e0895134Schristos ${rkpty} ${kinitpty} ${mit}/kinit -c ${cache} foo@${R} >/dev/null|| { exit 1; } 163e0895134Schristos (${klist} | grep foo > /dev/null ) || { exit 1; } 164e0895134Schristos 165e0895134Schristos echo "Using FAST to get a initial ticket"; > messages.log 166e0895134Schristos ${rkpty} ${kinitpty} ${mit}/kinit -c ${cache} -T ${acache} foo@${R} >/dev/null || { exit 1; } 167e0895134Schristos (${klist} | grep foo > /dev/null ) || { exit 1; } 168e0895134Schristos 169e0895134Schristos echo "Checking for FAST avail"; > messages.log 170e0895134Schristos ${klist} --hidden | grep fast_avail > /dev/null || { exit 1; } 171e0895134Schristos 172e0895134Schristos echo "Getting service ticket"; > messages.log 173e0895134Schristos ${mit}/kvno -c ${cache} ${server}@${R} || { exit 1; } 174e0895134Schristos 175e0895134Schristosfi 176e0895134Schristos 177e0895134Schristos 178e0895134Schristosecho "killing kdc (${kdcpid})" 179e0895134Schristossh ${leaks_kill} kdc $kdcpid || exit 1 180e0895134Schristos 181e0895134Schristostrap "" EXIT 182e0895134Schristos 183e0895134Schristosexit $ec 184