check-windows:
+# In a few parts of "make check" we run shell scripts which run
+# programs linked against krb5 libraries. On macOS 10.11 and higher,
+# DYLD_LIBRARY_PATH is cleared by the shell unless System Integrity
+# Protection is turned off, so we need to set runtime linker
+# environment variables from within test scripts. A Makefile.in which
+# runs shell script tests should make its check rule depend on
+# runenv.sh and make each script begin with ". ./runenv.sh".
+runenv.sh:
+ $(RUN_SETUP); for i in $(RUN_VARS); do \
+ eval echo "$$i=\\\"\$$$$i\\\""; \
+ echo "export $$i"; done > $@
+
##############################
# dependency generation
#
clean-unix::
$(RM) $(OBJS) $(DEPTARGETS_CLEAN) $(EXTRA_FILES)
- $(RM) et-[ch]-*.et et-[ch]-*.[ch] testlog testtrace
+ $(RM) et-[ch]-*.et et-[ch]-*.[ch] testlog testtrace runenv.sh
-$(RM) -r testdir
clean-windows::
AC_CHECK_PROG(MSGFMT,msgfmt,msgfmt)
if test x"$MSGFMT" != x; then
+ K5_GEN_MAKEFILE(po)
po=po
fi
tests tests/resolve tests/asn.1 tests/create tests/hammer
tests/verify tests/gssapi tests/dejagnu tests/threads tests/shlib
tests/gss-threads tests/misc
- po
)
mydir=kadmin$(S)testing$(S)scripts
BUILDTOP=$(REL)..$(S)..$(S)..
-all: env-setup.sh $(GEN_SCRIPTS)
+all: env-setup.sh runenv.sh $(GEN_SCRIPTS)
# Should only rebuild env_setup.sh here (use CONFIG_FILES=), but the weird krb5
# makefile post-processing is unconditional and would trash the makefile.
SBIN=$TOP/keytab:$TOP/server
DUMMY=${REALM=SECURE-TEST.OV.COM}; export REALM
+. ./runenv.sh
+
if [ ! -d $MODDIR ]; then
echo "+++" 1>&2
echo "+++ Error! $MODDIR does not exist!" 1>&2
DUMMY=${STOP_SERVERS_LOCAL=$STESTDIR/scripts/stop_servers_local}
DUMMY=${KRB5RCACHEDIR=$TESTDIR} ; export KRB5RCACHEDIR
+. ./runenv.sh
+
if [ -d /usr/tmp ]; then
usrtmp=/usr/tmp
else
kdc_args="-R dfl:kdc_rcache.$USER"
-(trap "" 2; cd $TOP/../kdc; ./krb5kdc $kdc_args; touch $kdc_start_file) \
+(trap "" 2; $TOP/../kdc/krb5kdc $kdc_args; touch $kdc_start_file) \
< /dev/null > $usrtmp/kdc-log.$USER 2>&1 &
s=1
rm -f $adm_start_file
-(sleep 1; cd $TOP/server; ./kadmind $ovadm_args; \
+(sleep 1; $TOP/server/kadmind $ovadm_args; \
touch $adm_start_file) < /dev/null > $usrtmp/kadm-log.$USER 2>&1 &
# wait until they start
rtest: $(RT_OBJS) $(KDB5_DEPLIBS) $(KADM_COMM_DEPLIBS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o rtest $(RT_OBJS) $(KDB5_LIBS) $(KADM_COMM_LIBS) $(KRB5_BASE_LIBS)
-check-unix: rtest
+check-unix: rtest runenv.sh
$(RUN_TEST) $(srcdir)/rtscript > test.out
cmp test.out $(srcdir)/rtest.good
$(RM) test.out
#
# should print out contents of rtest.good
#
+. ./runenv.sh
./rtest "" ATHENA.MIT.EDU SUB1W.CS.WASHINGTON.EDU SUB1M.ATHENA.MIT.EDU
./rtest ATHENA.MIT.EDU MIT.EDU SUB1W.CS.WASHINGTON.EDU SUB1M.ATHENA.MIT.EDU
./rtest "MIT.EDU,ATHENA." EDU SUB1W.CS.WASHINGTON.EDU SUB1M.ATHENA.MIT.EDU
static int
setreuseaddr(int sock, int value)
{
- return setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &value, sizeof(value));
+ int st;
+
+ st = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &value, sizeof(value));
+ if (st)
+ return st;
+#ifdef SO_REUSEPORT
+ st = setsockopt(sock, SOL_SOCKET, SO_REUSEPORT, &value, sizeof(value));
+ if (st)
+ return st;
+#endif
+ return 0;
}
#if defined(IPV6_V6ONLY)
$(CC_LINK) -o server-setkey-test setkey-test.o \
$(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS)
+runenv.exp: Makefile
+ $(RUN_SETUP); for i in $(RUN_VARS); do \
+ eval echo "set env\($$i\) \$$$$i"; done > runenv.exp
+
#
# The unit-test targets
#
test-setkey-client: client-setkey-test
$(ENV_SETUP) $(VALGRIND) ./client-setkey-test testkeys admin admin
-unit-test-client-setup:
+unit-test-client-setup: runenv.sh
$(ENV_SETUP) $(VALGRIND) $(START_SERVERS)
unit-test-client-cleanup:
$(ENV_SETUP) $(STOP_SERVERS)
-unit-test-server-setup:
+unit-test-server-setup: runenv.sh
$(ENV_SETUP) $(VALGRIND) $(START_SERVERS_LOCAL)
unit-test-server-cleanup:
$(ENV_SETUP) $(STOP_SERVERS_LOCAL)
unit-test-client-body: site.exp test-noauth test-destroy test-handle-client \
- test-setkey-client
+ test-setkey-client runenv.exp
$(ENV_SETUP) $(RUNTEST) --tool api RPC=1 API=$(CLNTTCL) \
KINIT=$(BUILDTOP)/clients/kinit/kinit \
KDESTROY=$(BUILDTOP)/clients/kdestroy/kdestroy \
$(RM) lock-test lock-test.o
$(RM) server-iter-test iter-test.o
$(RM) server-setkey-test client-setkey-test setkey-test.o
- $(RM) *.log *.plog *.sum *.psum unit-test-log.*
+ $(RM) *.log *.plog *.sum *.psum unit-test-log.* runenv.exp
+source runenv.exp
+
set prompt "% "
set stty_init {-onlcr -opost intr \^C kill \^U}
set kadmin_local $KADMIN_LOCAL
if {[info exists errorInfo]} {
set saveErrorInfo $errorInfo
}
- catch "system $KDESTROY -5 2>/dev/null"
+ catch "exec $KDESTROY -5 2>/dev/null"
if {[info exists saveErrorCode]} {
set errorCode $saveErrorCode
} elseif {[info exists errorCode]} {
t_in_ccache t_cc_config t_copy_context t_princ t_etypes t_vfy_increds \
t_response_items t_sname_match t_valid_times t_get_etype_info
-check-unix: $(TEST_PROGS)
+check-unix: $(TEST_PROGS) runenv.sh
$(RUN_TEST_LOCAL_CONF) ./t_kerb \
parse_name tytso \
parse_name tytso@SHAZAAM \
#include "k5-int.h"
#include "k5-cmocka.h"
-#include <malloc.h>
/* Call k5_parse_host_string() and check the result against the expected code,
* hostname, and port. */
#!/bin/sh
+. ./runenv.sh
+
# Test the chk_trans.c code.
# BUG: Currently only tests expansion, not validation.
#!/bin/sh
+. ./runenv.sh
+
# Test the walk_rtree.c code.
#
client.o server.o: rpc_test.h
+runenv.exp: Makefile
+ $(RUN_SETUP); for i in $(RUN_VARS); do \
+ eval echo "set env\($$i\) \$$$$i"; done > runenv.exp
+
# If rpc_test.h and rpc_test_*.c do not work on your system, you can
# try using rpcgen by uncommenting these lines (be sure to uncomment
# then in the generated not Makefile.in).
unit-test-ok: unit-test-body
PASS=@PASS@
-unit-test-body:
+unit-test-body: runenv.sh runenv.exp
$(RM) krb5cc_rpc_test_*
$(ENV_SETUP) $(VALGRIND) $(START_SERVERS)
RPC_TEST_KEYTAB=/tmp/rpc_test_keytab.$$$$ ; export RPC_TEST_KEYTAB ; \
clean:
$(RM) server client
- $(RM) dbg.log rpc_test.log rpc_test.sum
+ $(RM) dbg.log rpc_test.log rpc_test.sum runenv.exp
# $Id$
#
+source runenv.exp
+
set kill /bin/kill
set sleep /bin/sleep
set kinit $KINIT
t.be.db t.le.db:
$(PERL) -ne 'chomp; print pack("H*", $$_);' $? > $@
-check: dbtest t.be.db t.le.db
+check: dbtest t.be.db t.le.db runenv.sh
$(RUN_SETUP) srcdir=$(srcdir) TMPDIR=$(TMPDIR) $(VALGRIND) $(FCTSH) $(srcdir)/run.test
bttest.o: $(srcdir)/btree.tests/main.c
# @(#)run.test 8.13 (Berkeley) 11/2/95
#
+. ./runenv.sh
+
# db regression tests
main()
{
# success, 0 on failure.
proc start_kerberos_daemons { standalone } {
- global BINSH
global REALMNAME
global KRB5KDC
global KADMIND
envstack_push
setup_kerberos_env kdc
file delete $kadmind_pidfile
- spawn $BINSH -c "exec $KADMIND -r $REALMNAME -W -nofork -P $kadmind_pidfile"
+ spawn $KADMIND -r $REALMNAME -W -nofork -P $kadmind_pidfile
envstack_pop
set kadmind_pid [exp_pid]
set kadmind_spawn_id $spawn_id
# Do the same thing with FAST, with tracing turned on.
realm.run([kadminl, 'modprinc', '-pwexpire', '1 day ago', 'user'])
pwinput = 'abcd\nefgh\nefgh\n'
-tracefile = os.path.join(realm.testdir, 'trace')
-realm.run(['env', 'KRB5_TRACE=' + tracefile, kinit, '-T', realm.ccache,
- realm.user_princ], input=pwinput)
+out, trace = realm.run([kinit, '-T', realm.ccache, realm.user_princ],
+ input=pwinput, return_trace=True)
# Read the trace and check that FAST was used when getting the
# kadmin/changepw ticket.
-f = open(tracefile, 'r')
-trace = f.read()
-f.close()
getting_changepw = fast_used_for_changepw = False
for line in trace.splitlines():
if 'Getting initial credentials for user@' in line:
from k5test import *
+# On macOS with System Integrity Protection enabled, this script hangs
+# in the wait_for_prop() call after starting the first kpropd process,
+# most likely due to signal restrictions preventing the listening
+# child from informing the parent that a full resync was processed.
+if which('csrutil'):
+ out = subprocess.check_output(['csrutil', 'status'],
+ universal_newlines=True)
+ if 'status: enabled' in out:
+ skip_rest('iprop tests', 'System Integrity Protection is enabled')
+
# Read lines from kpropd output until we are synchronized. Error if
# full_expected is true and we didn't see a full propagation or vice
# versa.
# Return true if patype appears to have been received in a hint list
# from a KDC error message, based on the trace file fname.
-def preauth_type_received(fname, patype):
- f = open(fname, 'r')
+def preauth_type_received(trace, patype):
found = False
- for line in f:
+ for line in trace.splitlines():
if 'Processing preauth types:' in line:
ind = line.find('types:')
- patypes = line[ind + 6:].strip().split(', ')
+ patypes = line[ind + 6:].split(', ')
if str(patype) in patypes:
found = True
- f.close()
return found
# Make sure the KDC doesn't offer encrypted timestamp for a principal
# with no keys.
-tracefile = os.path.join(realm.testdir, 'trace')
realm.run([kadminl, 'purgekeys', '-all', 'user'])
realm.run([kadminl, 'modprinc', '+requires_preauth', 'user'])
-realm.run(['env', 'KRB5_TRACE=' + tracefile, kinit, 'user'], expected_code=1)
-if preauth_type_received(tracefile, 2):
+out, trace = realm.run([kinit, 'user'], expected_code=1, return_trace=True)
+if preauth_type_received(trace, 2):
fail('encrypted timestamp')
# Make sure it doesn't offer encrypted challenge either.
realm.run([kadminl, 'addprinc', '-pw', 'fast', 'armor'])
realm.kinit('armor', 'fast')
-os.remove(tracefile)
-realm.run(['env', 'KRB5_TRACE=' + tracefile, kinit, '-T', realm.ccache,
- 'user'], expected_code=1)
-if preauth_type_received(tracefile, 138):
+out, trace = realm.run([kinit, '-T', realm.ccache, 'user'], expected_code=1,
+ return_trace=True)
+if preauth_type_received(trace, 138):
fail('encrypted challenge')
success('Key data tests')
mark('#7483 regression test')
drealm = {'domain_realm': {'d': 'KRBTEST.COM'}}
realm = K5Realm(kdc_conf=drealm, create_host=False)
-tracefile = os.path.join(realm.testdir, 'trace')
-realm.run(['env', 'KRB5_TRACE=' + tracefile, './gcred', 'srv-hst', 'a/x.d@'],
- expected_code=1)
-f = open(tracefile, 'r')
-trace = f.read()
-f.close()
+out, trace = realm.run(['./gcred', 'srv-hst', 'a/x.d@'], expected_code=1,
+ return_trace=True)
if 'back to same realm' in trace:
fail('KDC returned referral to service realm')
realm.stop()
projects / thirdparty / krb5.git / commitdiff
