-
Notifications
You must be signed in to change notification settings - Fork 283
/
Copy pathkrb5crypt.pm
76 lines (64 loc) · 1.66 KB
/
krb5crypt.pm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# Copyright 2019 SUSE LLC
# SPDX-License-Identifier: GPL-2.0-or-later
#
# Summary: Public variables and functions for krb5 cryptographic testing
# Maintainer: QE Security <[email protected]>
package krb5crypt;
use base Exporter;
use Exporter;
use strict;
use warnings;
use testapi;
use utils;
use base 'consoletest';
our @EXPORT = qw(
$dom_kdc
$ip_kdc
$dom_server
$ip_server
$dom_client
$ip_client
$dom
$pass_db
$adm
$pass_a
$tst
$pass_t
$nfs_expdir
$nfs_mntdir
$nfs_fname
krb5_init
);
our $dom_kdc = 'kdc.example.com';
our $ip_kdc = '10.0.2.31';
our $dom_server = 'server.example.com';
our $ip_server = '10.0.2.32';
our $dom_client = 'client.example.com';
our $ip_client = '10.0.2.33';
our $dom = 'EXAMPLE.COM';
our $pass_db = 'DB_phrase'; # Database password
our $adm = 'joe/admin';
our $pass_a = 'Admin_pass'; # Admin user password
our $tst = 'tester';
our $pass_t = 'Tester_pass'; # Test user password
# NFSv4 authentication with krb5 testing
our $nfs_expdir = '/tmp/nfsdir';
our $nfs_mntdir = '/tmp/mntdir';
our $nfs_fname = 'foo';
# Common codes for krb5 server and client setup
sub krb5_init {
script_run("kinit -p $adm |& tee /dev/$serialdev", 0);
wait_serial(qr/Password.*\Q$adm\E/) || die "Matching output failed";
enter_cmd "$pass_a";
script_output "echo \$?", sub { m/^0$/ };
validate_script_output "klist", sub {
m/
Ticket\scache.*\/root\/kcache.*
Default\sprincipal.*\Q$adm\E\@\Q$dom\E.*
krbtgt\/\Q$dom\E\@\Q$dom\E.*
renew\suntil.*/sxx
};
validate_script_output "kadmin -p $adm -q listprincs -w $pass_a", sub {
m/\Q$adm\E\@\Q$dom\E/;
};
}