On the iakerb branch, modify t_gss_sample.py to exercise different

mechs, including IAKERB.  Currently does not pass due to unresolved
bugs.

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/iakerb@23941 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/appl/gss-sample/t_gss_sample.py b/src/appl/gss-sample/t_gss_sample.py
index 8a09b2123966c89a5f508a93b3e8976f4b63c4bc..517472a5aece989c34f064288e52b64329ebbab2 100644 (file)
--- a/src/appl/gss-sample/t_gss_sample.py
+++ b/src/appl/gss-sample/t_gss_sample.py
@@ -27,14 +27,57 @@ appdir = os.path.join(buildtop, 'appl', 'gss-sample')
 gss_client = os.path.join(appdir, 'gss-client')
 gss_server = os.path.join(appdir, 'gss-server')
 
-for realm in multipass_realms():
+# Run a gss-server process and a gss-client process, with additional
+# gss-client flags given by options.  Verify that gss-client displayed
+# the expected output for a successful negotiation.
+def server_client_test(realm, options):
     portstr = str(realm.server_port())
     server = realm.start_server([gss_server, '-port', portstr, 'host'],
                                 'starting...')
-    output = realm.run_as_client([gss_client, '-port', portstr,
-                                  hostname, 'host', 'testmsg'])
+    output = realm.run_as_client([gss_client, '-port', portstr] + options +
+                                 [hostname, 'host', 'testmsg'])
     if 'Signature verified.' not in output:
         fail('Expected message not seen in gss-client output')
     stop_daemon(server)
 
+# Make up a filename to hold user's initial credentials.
+def ccache_savefile(realm):
+    return os.path.join(realm.testdir, 'ccache.copy')
+
+# Move user's initial credentials into the save file.
+def ccache_save(realm):
+    os.rename(realm.ccache, ccache_savefile(realm))
+
+# Copy user's initial credentials from the save file into the ccache.
+def ccache_restore(realm):
+    shutil.copyfile(ccache_savefile(realm), realm.ccache)
+
+# Perform a regular (TGS path) test of the server and client.
+def tgs_test(realm, options):
+    ccache_restore(realm)
+    server_client_test(realm, options)
+    realm.klist(realm.user_princ, realm.host_princ)
+
+# Perform a test of the server and client with initial credentials
+# obtained through gss_acquire_cred_with_password().
+def as_test(realm, options):
+    if os.path.exists(realm.ccache):
+        os.remove(realm.ccache)
+    server_client_test(realm, options + ['-user', realm.user_princ,
+                                         '-pass', password('user')])
+    # Currently, gss_acquire_cred_with_password() doesn't cache the
+    # resulting creds if the default ccache doesn't exist.
+    # realm.klist(realm.user_princ, realm.host_princ)
+
+for realm in multipass_realms():
+    ccache_save(realm)
+
+    tgs_test(realm, ['-krb5'])
+    tgs_test(realm, ['-spnego'])
+    tgs_test(realm, ['-iakerb'])
+
+    as_test(realm, ['-krb5'])
+    as_test(realm, ['-spnego'])
+    as_test(realm, ['-iakerb'])
+
 success('GSS sample application')