diff options
Diffstat (limited to 'third_party/heimdal/tests/can')
-rw-r--r-- | third_party/heimdal/tests/can/Makefile.am | 58 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/NTMakefile | 35 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/apple-10.4.kadm | 4 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/apple-10.4.req | bin | 0 -> 1199 bytes | |||
-rw-r--r-- | third_party/heimdal/tests/can/check-can.in | 66 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/heim-0.8.kadm | 4 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/heim-0.8.req | bin | 0 -> 1177 bytes | |||
-rw-r--r-- | third_party/heimdal/tests/can/krb5.conf.in | 29 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/mit-pkinit-20070607.ca.crt | 23 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/mit-pkinit-20070607.kadm | 3 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/mit-pkinit-20070607.req | bin | 0 -> 2352 bytes | |||
-rw-r--r-- | third_party/heimdal/tests/can/mit-pkinit-20070607.xf | 31 | ||||
-rw-r--r-- | third_party/heimdal/tests/can/test_can.in | 79 |
13 files changed, 332 insertions, 0 deletions
diff --git a/third_party/heimdal/tests/can/Makefile.am b/third_party/heimdal/tests/can/Makefile.am new file mode 100644 index 0000000..8caf293 --- /dev/null +++ b/third_party/heimdal/tests/can/Makefile.am @@ -0,0 +1,58 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +noinst_DATA = krb5.conf mit-pkinit-20070607.cf + +check_SCRIPTS = $(SCRIPT_TESTS) test_can + +SCRIPT_TESTS = check-can +TESTS = $(SCRIPT_TESTS) + +port = 49188 + +do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ + -e 's,[@]port[@],$(port),g' \ + -e 's,[@]objdir[@],$(top_builddir)/tests/can,g' \ + -e 's,[@]EGREP[@],$(EGREP),g' \ + -e 's,[@]env_setup[@],$(top_builddir)/tests/bin/setup-env,g' + +test_can: test_can.in Makefile + $(do_subst) < $(srcdir)/test_can.in > test_can.tmp + chmod +x test_can.tmp + mv test_can.tmp test_can + +check-can: check-can.in Makefile + $(do_subst) < $(srcdir)/check-can.in > check-can.tmp + chmod +x check-can.tmp + mv check-can.tmp check-can + +krb5.conf: krb5.conf.in Makefile + $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp + mv krb5.conf.tmp krb5.conf + +SUFFIXES += .xf .cf + +.xf.cf: + $(do_subst) < $< > $@.tmp + mv $@.tmp $@ + +CLEANFILES= $(TESTS) *.tmp *.cf \ + current-db* \ + krb5.conf \ + messages.log \ + test_can + +EXTRA_DIST = \ + NTMakefile \ + apple-10.4.kadm \ + apple-10.4.req \ + check-can.in \ + heim-0.8.kadm \ + heim-0.8.req \ + krb5.conf.in \ + mit-pkinit-20070607.ca.crt \ + mit-pkinit-20070607.kadm \ + mit-pkinit-20070607.req \ + mit-pkinit-20070607.xf \ + test_can.in diff --git a/third_party/heimdal/tests/can/NTMakefile b/third_party/heimdal/tests/can/NTMakefile new file mode 100644 index 0000000..09efe5e --- /dev/null +++ b/third_party/heimdal/tests/can/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=tests\can + +!include ../../windows/NTMakefile.w32 + diff --git a/third_party/heimdal/tests/can/apple-10.4.kadm b/third_party/heimdal/tests/can/apple-10.4.kadm new file mode 100644 index 0000000..a10904b --- /dev/null +++ b/third_party/heimdal/tests/can/apple-10.4.kadm @@ -0,0 +1,4 @@ +init --realm-max-ticket-life=1day --realm-max-renewable-life=1month TEST.H5L.SE +cpw -p kaka krbtgt/TEST.H5L.SE@TEST.H5L.SE +add -p foo --use-defaults foo@TEST.H5L.SE +add -p foo --use-defaults bar@TEST.H5L.SE diff --git a/third_party/heimdal/tests/can/apple-10.4.req b/third_party/heimdal/tests/can/apple-10.4.req Binary files differnew file mode 100644 index 0000000..7acc80b --- /dev/null +++ b/third_party/heimdal/tests/can/apple-10.4.req diff --git a/third_party/heimdal/tests/can/check-can.in b/third_party/heimdal/tests/can/check-can.in new file mode 100644 index 0000000..50d01b8 --- /dev/null +++ b/third_party/heimdal/tests/can/check-can.in @@ -0,0 +1,66 @@ +#!/bin/sh +# +# Copyright (c) 2007 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $Id$ +# + +srcdir="@srcdir@" +objdir="@objdir@" + +env_setup="@env_setup@" + +. ${env_setup} + +# If there is no useful db support compiled in, disable test +${have_db} || exit 77 + +./test_can TEST.H5L.SE heim-0.8 || exit 1 +./test_can TEST.H5L.SE apple-10.4 || exit 1 + +rsa=yes +pkinit=no +if ${hxtool} info | grep 'rsa: hx509 null RSA' > /dev/null ; then + rsa=no +fi +if ${hxtool} info | grep 'rand: not available' > /dev/null ; then + rsa=no +fi +if ${kinit} --help 2>&1 | grep "CA certificates" > /dev/null; then + pkinit=yes +fi + +if test "$pkinit" = yes -a "$rsa" = yes ; then + ./test_can HEIMDAL.CITI.UMICH.EDU mit-pkinit-20070607 || exit 1 +fi + +exit 0 diff --git a/third_party/heimdal/tests/can/heim-0.8.kadm b/third_party/heimdal/tests/can/heim-0.8.kadm new file mode 100644 index 0000000..a10904b --- /dev/null +++ b/third_party/heimdal/tests/can/heim-0.8.kadm @@ -0,0 +1,4 @@ +init --realm-max-ticket-life=1day --realm-max-renewable-life=1month TEST.H5L.SE +cpw -p kaka krbtgt/TEST.H5L.SE@TEST.H5L.SE +add -p foo --use-defaults foo@TEST.H5L.SE +add -p foo --use-defaults bar@TEST.H5L.SE diff --git a/third_party/heimdal/tests/can/heim-0.8.req b/third_party/heimdal/tests/can/heim-0.8.req Binary files differnew file mode 100644 index 0000000..43b3a68 --- /dev/null +++ b/third_party/heimdal/tests/can/heim-0.8.req diff --git a/third_party/heimdal/tests/can/krb5.conf.in b/third_party/heimdal/tests/can/krb5.conf.in new file mode 100644 index 0000000..275f956 --- /dev/null +++ b/third_party/heimdal/tests/can/krb5.conf.in @@ -0,0 +1,29 @@ +# $Id$ + +[libdefaults] + default_realm = TEST.H5L.SE + no-addresses = TRUE + +[appdefaults] + pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt + +[realms] + TEST.H5L.SE = { + kdc = localhost:@port@ + } + +[kdc] + database = { + dbname = @objdir@/current-db + realm = TEST.H5L.SE + mkey_file = @objdir@/mkey.file + log_file = @objdir@/current.log + } + +[hdb] + db-dir = @objdir@ + +[logging] + kdc = 0-/FILE:@objdir@/messages.log + kdc-replay = 0-/FILE:@objdir@/messages.log + default = 0-/FILE:@objdir@/messages.log diff --git a/third_party/heimdal/tests/can/mit-pkinit-20070607.ca.crt b/third_party/heimdal/tests/can/mit-pkinit-20070607.ca.crt new file mode 100644 index 0000000..5874788 --- /dev/null +++ b/third_party/heimdal/tests/can/mit-pkinit-20070607.ca.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID4zCCAsugAwIBAgICNOswDQYJKoZIhvcNAQEFBQAwczELMAkGA1UEBhMCVVMx +ETAPBgNVBAgTCE1pY2hpZ2FuMRIwEAYDVQQHEwlBbm4gQXJib3IxHzAdBgNVBAoT +FlVuaXZlcnNpdHkgb2YgTWljaGlnYW4xHDAaBgNVBAMTE0NJVEkgUHJvZHVjdGlv +biBLQ0EwHhcNMDYxMDEzMTYxNTIyWhcNMTYxMDEyMTYxNTIyWjBzMQswCQYDVQQG +EwJVUzERMA8GA1UECBMITWljaGlnYW4xEjAQBgNVBAcTCUFubiBBcmJvcjEfMB0G +A1UEChMWVW5pdmVyc2l0eSBvZiBNaWNoaWdhbjEcMBoGA1UEAxMTQ0lUSSBQcm9k +dWN0aW9uIEtDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM85fWVD +rneI9CM9NvpSw1PO571/8RhBiY1p0hMFi9ppD4Xaztswz0nrCEpuAhtXUxF+H6CS +aAXFLiY/SQhj3JGpVw3yPE2CeGtmcMjDDxOW5Raw0XwbK/BdgYFg/AU5FH7RtOV7 +pnhBlk5oJt0VJyJs+NNw4+V2IqODRvX88AR6dDAd8TpbZJEdgoGU+LHaC6cha6WU +p6nmjVx0TLUvIa16NFZGs44bNIIt7cI6zil/dM76881APTbYcB8hGqQJiphqX6ff +HI3uiHclK2rOZufRqhn0NJNWDCrK55PXQX67UmKBLqAsoFSJDPD+cBIUXtVeFLGs +uJYK8F9FaN3r9XsCAwEAAaOBgDB+MA8GA1UdEwQIMAYBAf8CAQAwEQYJYIZIAYb4 +QgEBBAQDAgAHMAsGA1UdDwQEAwIBhjAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBH +ZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFGXMLAou01gvxxcJc+Tvat/T +QHwwMA0GCSqGSIb3DQEBBQUAA4IBAQC99gg/E230FPGmDaP4YecmtSSGOnD+jJ+A +sPcJKaeS3dOGDTngKCzzQZ4nl7LYRSj5DWZTTrlrKfbc6GiUE0n/K/+GBvL/kjOV +qZsyGNfepscVe6mPz43NoNztf/1j+0QQcioHHHtAq/YFPBp1VdYsOsB+IE+g8RVi +EDjsvmR/++s9zX5fGuVvN7RNwLFrxfqcPFZCUG8pkIHbBPRhRV/aOKHGMcThNrtC +9cZ8xaDwhP0fdSUVESGFj+MMQCAp8YZvypJuHTYX7Ng4OMdCOPPg4Kk1ycOGAcYe +o/m7ICx1md6Va9zEfwqmrXVxGaT0I23lI9H9sv+ugvZ3v5iedhO/ +-----END CERTIFICATE----- diff --git a/third_party/heimdal/tests/can/mit-pkinit-20070607.kadm b/third_party/heimdal/tests/can/mit-pkinit-20070607.kadm new file mode 100644 index 0000000..6a23c67 --- /dev/null +++ b/third_party/heimdal/tests/can/mit-pkinit-20070607.kadm @@ -0,0 +1,3 @@ +init --realm-max-ticket-life=1day --realm-max-renewable-life=1month HEIMDAL.CITI.UMICH.EDU +cpw -p kaka krbtgt/HEIMDAL.CITI.UMICH.EDU@HEIMDAL.CITI.UMICH.EDU +add -p foo --use-defaults aglo@HEIMDAL.CITI.UMICH.EDU diff --git a/third_party/heimdal/tests/can/mit-pkinit-20070607.req b/third_party/heimdal/tests/can/mit-pkinit-20070607.req Binary files differnew file mode 100644 index 0000000..652bbcf --- /dev/null +++ b/third_party/heimdal/tests/can/mit-pkinit-20070607.req diff --git a/third_party/heimdal/tests/can/mit-pkinit-20070607.xf b/third_party/heimdal/tests/can/mit-pkinit-20070607.xf new file mode 100644 index 0000000..1c74786 --- /dev/null +++ b/third_party/heimdal/tests/can/mit-pkinit-20070607.xf @@ -0,0 +1,31 @@ +# $Id$ + +[libdefaults] + default_realm = HEIMDAL.CITI.UMICH.EDU + no-addresses = TRUE + +[appdefaults] + pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt + +[realms] + TEST.H5L.SE = { + kdc = localhost:@port@ + } + +[kdc] + enable-pkinit = yes + pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key + pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt,@srcdir@/mit-pkinit-20070607.ca.crt + + database = { + dbname = @objdir@/current-db + realm = HEIMDAL.CITI.UMICH.EDU + mkey_file = @objdir@/mkey.file + } + +[hdb] + db-dir = @objdir@ + +[logging] + kdc = 0-/FILE:@objdir@/messages.log + default = 0-/FILE:@objdir@/messages.log diff --git a/third_party/heimdal/tests/can/test_can.in b/third_party/heimdal/tests/can/test_can.in new file mode 100644 index 0000000..3cda220 --- /dev/null +++ b/third_party/heimdal/tests/can/test_can.in @@ -0,0 +1,79 @@ +#!/bin/sh +# +# Copyright (c) 2007 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $Id$ +# + +srcdir="@srcdir@" +objdir="@objdir@" +EGREP="@EGREP@" + +R=$1 +tst=$2 + +if [ ! -f ${srcdir}/${tst}.req ] ; then + echo "${tst}.req missing" +fi +if [ ! -f ${srcdir}/${tst}.kadm ] ; then + echo "${tst}.kadm missing" +fi + +port=@port@ + +kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" +replay="${TESTS_ENVIRONMENT} ../../kdc/kdc-replay" + +if [ -f ${objdir}/${tst}.cf ]; then + KRB5_CONFIG="${objdir}/${tst}.cf" +else + KRB5_CONFIG="${objdir}/krb5.conf" +fi +export KRB5_CONFIG + +rm -f ${keytabfile} +rm -f current-db* +rm -f out-* +rm -f mkey.file* + +echo "Load database for ${tst}" +while read x ; do + ${kadmin} $x || exit 1 +done < ${srcdir}/${tst}.kadm || exit 1 + +echo "Doing database check" +${kadmin} check ${R} || exit 1 + +> messages.log +${replay} ${srcdir}/${tst}.req || { cat messages.log ; exit 1; } + +exit 0 |