File: keyring-t

package info (click to toggle)
kstart 4.3-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, forky, sid, trixie
  • size: 1,884 kB
  • sloc: ansic: 5,937; sh: 4,785; perl: 2,130; makefile: 142
file content (62 lines) | stat: -rwxr-xr-x 2,207 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
#!/usr/bin/perl -w
#
# Tests for k5start support of keyrings.
#
# Written by Russ Allbery <eagle@eyrie.org>
# Copyright 2021 Russ Allbery <eagle@eyrie.org>
# Copyright 2011, 2014
#     The Board of Trustees of the Leland Stanford Junior University
#
# SPDX-License-Identifier: MIT

use Test::More;

# The full path to the newly-built k5start client.
our $K5START = "$ENV{C_TAP_BUILD}/../commands/k5start";

# The path to our data directory, which contains the keytab to use to test.
our $DATA = "$ENV{C_TAP_BUILD}/data";

# Load our test utility programs.
require "$ENV{C_TAP_SOURCE}/libtest.pl";

# Decide whether we have the configuration to run the tests.
my $principal;
if (not -f "$DATA/test.keytab" or not -f "$DATA/test.principal") {
    plan skip_all => 'no keytab configuration';
} else {
    $principal = contents ("$DATA/test.principal");
    $ENV{KRB5CCNAME} = 'KEYRING:test';
    unless (kinit ("$DATA/test.keytab", $principal) && !-f 'KEYRING:test'
            && klist ()) {
        plan skip_all => 'cannot use keyring caches';
    }
    my ($out, $err, $status) = command ($K5START, '-k', 'KEYRING:test', '-H1');
    if ($status != 0 && $err =~ /unknown ccache type/) {
        plan skip_all => 'Heimdal does not support keyring caches';
    }
    plan tests => 14;
}

# Basic authentication test.
my ($out, $err, $status) = command ($K5START, '-Uf', "$DATA/test.keytab");
is ($status, 0, 'Basic k5start command succeeds');
is ($err, '', ' with no errors');
like ($out, qr/^Kerberos initialization for \Q$principal\E(\@\S+)?\n\z/,
      ' and the right output');
my ($default, $service) = klist ();
like ($default, qr/^\Q$principal\E(\@\S+)?\z/, ' for the right principal');
like ($service, qr%^krbtgt/%, ' and the right service');
system ('kdestroy');

# We should get an error if we try to use a non-FILE keyring with -o, -g, or
# -m.
for my $flag (qw/-o -g -m/) {
    ($out, $err, $status)
        = command ($K5START, $flag, 640, '-Uf', "$DATA/test.keytab");
    is ($status, 1, "k5start $flag with keyring fails");
    is ($err, "k5start: cache type KEYRING not allowed with -o, -g, or -m\n",
        ' with correct error');
    is ($out, '', ' and no output');
}
system ('kdestroy');