1 # Password-changing Kerberos test.
2 # This is a DejaGnu test script.
4 # We are about to start up a couple of daemon processes. We do all
5 # the rest of the tests inside a proc, so that we can easily kill the
6 # processes when the procedure ends.
9 global tmppwd hostname REALMNAME
10 file delete $tmppwd/slave-stash $tmppwd/slave-acl
11 file copy -force $tmppwd/stash:foo $tmppwd/slave-stash
12 file copy -force $tmppwd/acl $tmppwd/slave-acl
13 if ![file exists $tmppwd/kpropdacl] {
14 set aclfile [open $tmppwd/kpropd-acl w]
15 puts $aclfile "host/$hostname@$REALMNAME"
18 file copy -force $tmppwd/adb.lock $tmppwd/slave-adb.lock
19 foreach suffix { {} .kadm5 .kadm5.lock .ok } {
20 file copy -force $tmppwd/kdc-db$suffix $tmppwd/slave-db$suffix
24 proc scan_kpropd_output {} {
25 global kpropd_spawn_id kpropd_pid
27 # See if kpropd logged anything.
31 # I think kpropd is supposed to run a loop in standalone
32 # mode, but exiting seems to be normal behavior.
33 # fail "kprop (server exited)"
34 wait -i $kpropd_spawn_id
35 unset kpropd_spawn_id kpropd_pid
38 -re "Connection from \[a-zA-Z.-\]*" { exp_continue }
39 -re "krb5_recvauth" { exp_continue }
40 -re "authenticated client" { exp_continue }
41 -re "calling kdb5_util to load database\r\n" { exp_continue }
42 -re "Child PID is \[0-9\]*\r\n" { exp_continue }
43 -re "Rejected connection" {
44 fail "kprop (rejected)"
52 global KADMIN_LOCAL KTUTIL KDB5_UTIL KPROPLOG KPROP kpropd_spawn_id
53 global hostname tmppwd spawn_id timeout
54 global KRBIV supported_enctypes portbase mode ulog des3_krbtgt
56 # Delete any db, ulog files
59 # Initialize the Kerberos database. The argument tells
60 # setup_kerberos_db that it is being called from here.
61 if ![setup_kerberos_db 0] {
65 if ![start_kerberos_daemons 0] {
68 if ![add_random_key host/$hostname 0] {
69 fail "kprop (host key)"
72 if ![setup_srvtab 0] {
77 # Get kprop server up and running.
79 setup_kerberos_env slave
83 # Use kadmin to add a key.
84 if ![add_kerberos_key wakawaka 0] {
88 # Dump master database.
90 setup_kerberos_env kdc
91 spawn $KDB5_UTIL dump $tmppwd/slave_datatrans
93 if ![check_exit_status "kprop (kdb5_util dump)"] { return }
95 # Just in case kpropd is a little slow in starting up...
99 spawn $KPROP -f $tmppwd/slave_datatrans -P [expr 10 + $portbase] -s $tmppwd/srvtab $hostname
101 set kprop_exit [check_exit_status "kprop (exit status)"]
102 # log output for debugging
104 if !$kprop_exit { return }
106 # Examine new database.
107 setup_kerberos_env slave
108 spawn $KADMIN_LOCAL -r $REALMNAME -q listprincs
114 fail "kprop (updated slave data)"
118 fail "kprop (examining new db)"
126 catch "unset kpropd_pid"
127 catch "unset kpropd_spawn_id"
129 # Set up the Kerberos files and environment.
130 if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} {
134 set status [catch doit msg]
136 stop_kerberos_daemons
138 # if kpropd is running, kill it
139 if [info exists kpropd_pid] {
141 exec kill $kpropd_pid
142 expect -i $kpropd_spawn_id eof
143 wait -i $kpropd_spawn_id
144 unset kpropd_pid kpropd_spawn_id
150 if { $status != 0 } {
151 send_error "ERROR: error in kprop.exp\n"