From 71201ced154fd3d1a87358ebdaf209d24885ed13 Mon Sep 17 00:00:00 2001
From: Ben Kaduk <kaduk@mit.edu>
Date: Fri, 21 Nov 2014 14:00:20 -0500
Subject: [PATCH] Regression tests for keyless principals

Confirm that kadmind does not crash when creating/modifying a principal
to have no keys, and confirm that no keys are present after a
purgekeys -all.
---
 src/tests/t_kdb.py | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/src/tests/t_kdb.py b/src/tests/t_kdb.py
index 937292643c..a0bc096dac 100644
--- a/src/tests/t_kdb.py
+++ b/src/tests/t_kdb.py
@@ -329,6 +329,23 @@ out = realm.run_kadminl('getprinc kvnoprinc')
 if 'Number of keys: 6' not in out:
     fail('After cpw -keepold, wrong number of keys')
 
+# Regression test for #8041 (NULL dereference on keyless principals).
+out = realm.run_kadminl('addprinc -nokey keylessprinc')
+if 'Principal "keylessprinc@KRBTEST.COM" created' not in out:
+    fail('Failed to create keyless principal')
+out = realm.run_kadminl('getprinc keylessprinc')
+if 'Number of keys: 0' not in out:
+    fail('Failed to create a principal with no keys')
+realm.run_kadminl('cpw -randkey -e aes256-cts,aes128-cts keylessprinc')
+realm.run_kadminl('cpw -randkey -keepold -e aes256-cts,aes128-cts keylessprinc')
+out = realm.run_kadminl('getprinc keylessprinc')
+if 'Number of keys: 4' not in out:
+    fail('Failed to add keys to keylessprinc')
+realm.run_kadminl('purgekeys -all keylessprinc')
+out = realm.run_kadminl('getprinc keylessprinc')
+if 'Number of keys: 0' not in out:
+    fail('After purgekeys -all, keys remain')
+
 realm.stop()
 
 # Briefly test dump and load.
-- 
2.47.3