1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
#!/usr/bin/perl -w
# Copyright (c) 2002 Andrew J. Korty
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
# $Id: 34-cpw.t,v 1.11 2008/01/30 13:07:11 ajk Exp $
# Tests for changing passwords
use strict;
use Test;
BEGIN { plan test => 8 }
use Authen::Krb5;
use Authen::Krb5::Admin qw(:constants);
Authen::Krb5::init_context;
Authen::Krb5::init_ets;
my $handle =
Authen::Krb5::Admin->init_with_creds($ENV{PERL_KADM5_PRINCIPAL},
Authen::Krb5::cc_resolve($ENV{PERL_KADM5_TEST_CACHE}));
ok $handle or warn Authen::Krb5::Admin::error;
my $p = Authen::Krb5::parse_name($ENV{PERL_KADM5_TEST_NAME});
ok $p;
my $s = Authen::Krb5::parse_name('krbtgt/' . $p->realm);
ok $p;
my $pw = join '', map { chr rand(255) + 1 } 1..256;
ok $handle->chpass_principal($p, $pw), 1, Authen::Krb5::Admin::error;
my $ap = $handle->get_principal($p);
ok $ap;
# Authen::Krb5 1.7 get_in_tkt_with_password segfaults with MIT 1.6.3
my $mit_version = `krb5-config --version 2>/dev/null` || '';
if ($Authen::Krb5::VERSION eq '1.7'
&& $mit_version =~ /release 1\.6\./) {
foreach (1..3) {
skip 'MIT / Authen::Krb5 incompatibility';
}
}
else {
$ap->attributes($ap->attributes & ~KRB5_KDB_DISALLOW_ALL_TIX);
ok $handle->modify_principal($ap), 1, Authen::Krb5::Admin::error;
ok Authen::Krb5::get_in_tkt_with_password($p, $s, $pw, undef)
or warn Authen::Krb5::error;
$ap->attributes($ap->attributes & KRB5_KDB_DISALLOW_ALL_TIX);
ok $handle->modify_principal($ap), 1, Authen::Krb5::Admin::error;
}
|
