From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 25 Apr 2016 18:05:34 +0000 (-0400)
Subject: Add tests for kadmin interval parsing and output
X-Git-Tag: krb5-1.15-beta1~214
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2e9b70306e3ffef2e49909ae68bfe8dd35a3229a;p=thirdparty%2Fkrb5.git

Add tests for kadmin interval parsing and output

ticket: 8393
---

diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
index d0605133f9..2eb6daa890 100644
--- a/src/tests/Makefile.in
+++ b/src/tests/Makefile.in
@@ -137,6 +137,7 @@ check-pytests:: plugorder rdreq responder s2p s4u2proxy unlockiter
 	$(RUNPYTEST) $(srcdir)/t_skew.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_keytab.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_kadmin_acl.py $(PYTESTFLAGS)
+	$(RUNPYTEST) $(srcdir)/t_kadmin_parsing.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_kdb.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_keydata.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_mkey.py $(PYTESTFLAGS)
diff --git a/src/tests/t_kadmin_parsing.py b/src/tests/t_kadmin_parsing.py
new file mode 100644
index 0000000000..92d72d2b08
--- /dev/null
+++ b/src/tests/t_kadmin_parsing.py
@@ -0,0 +1,89 @@
+#!/usr/bin/python
+from k5test import *
+
+# This file contains tests for kadmin command parsing.  Principal
+# flags (which can also be used in kadm5.acl or krb5.conf) are tested
+# in t_princflags.py.
+
+# kadmin recognizes time intervals using either the
+# krb5_string_to_deltat() formats or the relative getdate.y formats.
+# (Absolute getdate.y formats also work with the current time
+# subtracted; this isn't very useful and we won't test it here.)
+intervals = (
+    # krb5_string_to_deltat() formats.  Whitespace ( \t\n) is allowed
+    # before or between most elements or at the end, but not after
+    # 's'.  Negative or oversized numbers are allowed in most places,
+    # but not after the first number in an HH:MM:SS form.
+    ('28s', '0 days 00:00:28'),
+    ('7m ', '0 days 00:07:00'),
+    ('6m 9s', '0 days 00:06:09'),
+    ('2h', '0 days 02:00:00'),
+    ('2h-5s', '0 days 01:59:55'),
+    ('2h3m', '0 days 02:03:00'),
+    ('2h3m5s', '0 days 02:03:05'),
+    ('5d ', '5 days 00:00:00'),
+    ('5d-48s', '4 days 23:59:12'),
+    ('5d18m', '5 days 00:18:00'),
+    ('5d -6m56s', '4 days 23:54:56'),
+    ('5d4h', '5 days 04:00:00'),
+    ('5d4h 1s', '5 days 04:00:01'),
+    ('5d4h3m', '5 days 04:03:00'),
+    (' \t 15d \n 4h  3m  2s', '15 days 04:03:02'),
+    ('10-8:45:0', '10 days 08:45:00'),
+    ('1000:67:99', '41 days 17:08:39'),
+    ('999:11', '41 days 15:11:00'),
+    ('382512', '4 days 10:15:12'),
+
+    # getdate.y relative formats (and "never", which is handled
+    # specially as a zero interval).  Any number of relative forms can
+    # be specified in any order.  Whitespace is ignored before or
+    # after any token.  "month" and "year" are allowed as units but
+    # depend on the current time, so we won't test them.  Plural unit
+    # names are treated identically to singular unit names.  Numbers
+    # before unit names are optional and may be signed; there are also
+    # aliases for some numbers.  "ago" inverts the interval up to the
+    # point where it appears.
+    ('never', '0 days 00:00:00'),
+    ('fortnight', '14 days 00:00:00'),
+    ('3 day ago 4 weeks 8 hours', '25 days 08:00:00'),
+    ('8 second -3 secs 5 minute ago 63 min', '0 days 00:57:55'),
+    ('min mins min mins min', '0 days 00:05:00'),
+    ('tomorrow tomorrow today yesterday now last minute', '0 days 23:59:00'),
+    ('this second next minute first hour third fortnight fourth day '
+     'fifth weeks sixth sec seventh secs eighth second ninth mins tenth '
+     'day eleventh min twelfth sec', '91 days 01:22:34'))
+
+realm = K5Realm(create_host=False, get_creds=False)
+realm.run([kadminl, 'addpol', 'pol'])
+for instr, outstr in intervals:
+    realm.run([kadminl, 'modprinc', '-maxlife', instr, realm.user_princ])
+    out = realm.run([kadminl, 'getprinc', realm.user_princ])
+    if 'Maximum ticket life: ' + outstr + '\n' not in out:
+        fail('princ maxlife: ' + instr)
+
+    realm.run([kadminl, 'modprinc', '-maxrenewlife', instr, realm.user_princ])
+    out = realm.run([kadminl, 'getprinc', realm.user_princ])
+    if 'Maximum renewable life: ' + outstr + '\n' not in out:
+        fail('princ maxrenewlife: ' + instr)
+
+    realm.run([kadminl, 'modpol', '-maxlife', instr, 'pol'])
+    out = realm.run([kadminl, 'getpol', 'pol'])
+    if 'Maximum password life: ' + outstr + '\n' not in out:
+        fail('pol maxlife: ' + instr)
+
+    realm.run([kadminl, 'modpol', '-minlife', instr, 'pol'])
+    out = realm.run([kadminl, 'getpol', 'pol'])
+    if 'Minimum password life: ' + outstr + '\n' not in out:
+        fail('pol maxlife: ' + instr)
+
+    realm.run([kadminl, 'modpol', '-failurecountinterval', instr, 'pol'])
+    out = realm.run([kadminl, 'getpol', 'pol'])
+    if 'Password failure count reset interval: ' + outstr + '\n' not in out:
+        fail('pol maxlife: ' + instr)
+
+    realm.run([kadminl, 'modpol', '-lockoutduration', instr, 'pol'])
+    out = realm.run([kadminl, 'getpol', 'pol'])
+    if 'Password lockout duration: ' + outstr + '\n' not in out:
+        fail('pol maxlife: ' + instr)
+
+success('kadmin command parsing tests')