tests/java/check-kinit.in

   1 #!/bin/sh
   2 #
   3 # Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
   4 # (Royal Institute of Technology, Stockholm, Sweden).
   5 # All rights reserved.
   6 #
   7 # Redistribution and use in source and binary forms, with or without
   8 # modification, are permitted provided that the following conditions
   9 # are met:
  10 #
  11 # 1. Redistributions of source code must retain the above copyright
  12 #    notice, this list of conditions and the following disclaimer.
  13 #
  14 # 2. Redistributions in binary form must reproduce the above copyright
  15 #    notice, this list of conditions and the following disclaimer in the
  16 #    documentation and/or other materials provided with the distribution.
  17 #
  18 # 3. Neither the name of the Institute nor the names of its contributors
  19 #    may be used to endorse or promote products derived from this software
  20 #    without specific prior written permission.
  21 #
  22 # THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  23 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  24 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  25 # ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  26 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  27 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  28 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  29 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  30 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  31 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  32 # SUCH DAMAGE.
  33 #
  34 # $Id$
  35 #
  36
  37 srcdir="@srcdir@"
  38 objdir="@objdir@"
  39 port="@port@"
  40
  41 # Disable test if: no data, no java, or socket wrapper
  42 ../db/have-db || exit 77
  43 sh ${srcdir}/have-java.sh || exit 77
  44 [ X"$SOCKET_WRAPPER_DIR" != X ] && exit 77
  45
  46 R=TEST.H5L.SE
  47 server=host/localhost
  48 keytabfile="${objdir}/server.keytab"
  49 keytab="FILE:${keytabfile}"
  50 cache="FILE:${objdir}/cache.krb5"
  51
  52 kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache ${afs_no_afslog}"
  53 kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R"
  54 kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=127.0.0.1 -P $port"
  55 gssclient="${TESTS_ENVIRONMENT} ../../appl/test/gssapi_client"
  56
  57 KRB5_CONFIG="${objdir}/krb5.conf"
  58 export KRB5_CONFIG
  59
  60 rm -f ${keytabfile} messages.log
  61 rm -f current-db*
  62 rm -f out-*
  63 rm -f mkey.file*
  64
  65 echo "Compile"
  66 javac -d "${objdir}" "${srcdir}/KerberosInit.java" || \
  67     { echo "Failed to compile java program: $?" ; exit 77; }
  68
  69 echo "Compile"
  70 javac -d "${objdir}" "${srcdir}/../../appl/test/jgssapi_server.java" || \
  71     { echo "Failed to compile java program: $?" ; exit 77; }
  72
  73 > messages.log
  74
  75 echo foo > ${objdir}/foopassword
  76
  77 echo Creating database
  78 ${kadmin} \
  79     init \
  80     --realm-max-ticket-life=1day \
  81     --realm-max-renewable-life=1month \
  82     ${R} || exit 1
  83
  84 ${kadmin} add -p foo --use-defaults lha@${R} || exit 1
  85 ${kadmin} modify --attributes=+requires-pre-auth lha@${R} || exit 1
  86 ${kadmin} add -p kaka --use-defaults ${server}@${R} || exit 1
  87 ${kadmin} ext -k ${keytab} ${server}@${R} || exit 1
  88
  89 echo Starting kdc
  90 ${kdc} &
  91 kdcpid=$!
  92
  93 sh ${srcdir}/../kdc/wait-kdc.sh
  94 if [ "$?" != 0 ] ; then
  95     kill ${kdcpid}
  96     exit 1
  97 fi
  98
  99 trap "kill -9 ${kdcpid}; echo signal killing kdc; exit 1;" EXIT
 100
 101 echo "Run init"
 102 java \
 103     -Dsun.security.krb5.debug=true \
 104     -Djava.security.krb5.conf="${objdir}"/krb5.conf \
 105     -Djava.security.auth.login.config="${srcdir}/jaas.conf" \
 106     KerberosInit > output.tmp 2>&1 || { cat output.tmp ; exit 1; }
 107
 108
 109 # Disabled because of:
 110 #
 111 # http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7077646
 112 # http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7077640
 113 #
 114
 115 if false ; then
 116
 117     echo "start server"
 118     java \
 119         -Dsun.security.krb5.debug=true \
 120         -Djava.security.krb5.conf="${objdir}"/krb5.conf \
 121         -Djavax.security.auth.useSubjectCredsOnly=false \
 122         -Djava.security.auth.login.config="${srcdir}/jaas.conf" \
 123         jgssapi_server > output.tmp 2>&1 &
 124     javapid=$!
 125     sleep 5
 126
 127     trap "kill -9 ${kdcpid} ${javapid}; echo signal killing kdc java; exit 1;" EXIT
 128
 129     echo "Getting client initial tickets"; > messages.log
 130     ${kinit} --password-file=${objdir}/foopassword lha@$R || \
 131         { echo "kinit failed" ; exit 1; }
 132
 133     env KRB5CCNAME=${cache} \
 134         ${gssclient} --port=4717 --service=host localhost || exit 1
 135
 136     sleep 5
 137
 138     kill ${javapid}
 139
 140     grep 'Exception in thread' output.tmp && exit 1
 141 fi
 142
 143 echo "Done"
 144
 145 echo "killing kdc (${kdcpid} ${javapid})"
 146 kill $kdcpid $javapid || exit 1
 147
 148 trap "" EXIT
 149
 150 exit 0