Fix LDAP tests when sasl.h not found

Do not try to run the SASL EXTERNAL auth test if we could not define a
useful interact function.  With current libraries the interact
function is asked for an authorization name, and the bind fails if it
gets an unsuccessful result or if no interaction function is defined.

(cherry picked from commit 8466003864b294cdb9e5547c2f8e574d2c156b13)

ticket: 8049
version_fixed: 1.13.1
status: resolved

diff --git a/src/tests/t_kdb.py b/src/tests/t_kdb.py
index b310ccfff4cf86392d45676344422cbecb297f62..83271c5567534a36d8dc076a58fad76af8ba55d0 100644 (file)
--- a/src/tests/t_kdb.py
+++ b/src/tests/t_kdb.py
@@ -324,9 +324,16 @@ out = kldaputil(['list'])
 if out:
     fail('Unexpected kdb5_ldap_util list output after destroy')
 
+if not core_schema:
+    success('Warning: skipping some LDAP tests because core schema not found')
+    sys.exit(0)
+
+if runenv.have_sasl != 'yes':
+    success('Warning: skipping some LDAP tests because SASL support not built')
+    sys.exit(0)
+
 # Test SASL EXTERNAL auth.  Remove the DNs and service password file
-# from the DB module config.  EXTERNAL auth can work even if we didn't
-# build with the SASL header file, because no interaction is required.
+# from the DB module config.
 os.remove(ldap_pwfile)
 dbmod = conf['dbmodules']['ldap']
 dbmod['ldap_kdc_sasl_mech'] = dbmod['ldap_kadmind_sasl_mech'] = 'EXTERNAL'
@@ -340,14 +347,6 @@ realm.kinit(realm.user_princ, password('user'))
 realm.stop()
 realm.run([kdb5_ldap_util, 'destroy', '-f'])
 
-if not core_schema:
-    success('Warning: skipping some LDAP tests because core schema not found')
-    sys.exit(0)
-
-if runenv.have_sasl != 'yes':
-    success('Warning: skipping some LDAP tests because SASL support not built')
-    sys.exit(0)
-
 # Test SASL DIGEST-MD5 auth.  We need to set a clear-text password for
 # the admin DN, so create a person entry (requires the core schema).
 # Restore the service password file in the config and set authcids.