Test the minclasses policy field in LDAP

author Sarah Day <sarahday@mit.edu>

Fri, 19 Aug 2016 20:06:48 +0000 (16:06 -0400)

committer Greg Hudson <ghudson@mit.edu>

Mon, 22 Aug 2016 15:48:36 +0000 (11:48 -0400)
author Sarah Day <sarahday@mit.edu>
Fri, 19 Aug 2016 20:06:48 +0000 (16:06 -0400)
committer Greg Hudson <ghudson@mit.edu>
Mon, 22 Aug 2016 15:48:36 +0000 (11:48 -0400)
diff --git a/src/tests/t_kdb.py b/src/tests/t_kdb.py

index 46a051c9840c79d555980386c4359ac9620a3e60..5c17257dd4765a81161fb8e71ec93027c3e6f1a9 100755 (executable)
--- a/src/tests/t_kdb.py
+++ b/src/tests/t_kdb.py
@@ -384,6 +384,15 @@ def test_pwhist(nhist):
  for n in (1, 2, 3, 4, 5):
      test_pwhist(n)
  
+# Regression test for #8193: test password character class requirements.
+princ = 'charclassprinc'
+pol = 'charclasspol'
+realm.run([kadminl, 'addpol', '-minclasses', '3', pol])
+realm.run([kadminl, 'addprinc', '-policy', pol, '-nokey', princ])
+realm.run([kadminl, 'cpw', '-pw', 'abcdef', princ], expected_code=1)
+realm.run([kadminl, 'cpw', '-pw', 'Abcdef', princ], expected_code=1)
+realm.run([kadminl, 'cpw', '-pw', 'Abcdef1', princ])
+
  # Test principal renaming and make sure last modified is changed
  def get_princ(princ):
      out = realm.run([kadminl, 'getprinc', princ])
author	Sarah Day <sarahday@mit.edu>
	Fri, 19 Aug 2016 20:06:48 +0000 (16:06 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 22 Aug 2016 15:48:36 +0000 (11:48 -0400)