Currently, we inhibit various -Wdeprecated-declarations warnings via
"#pragma GCC diagnostic warning". Some older compilers (like gcc 4.1 on
RHEL5) don't understand the pragma, but still need the warning inhibited
in order to build with --enable-checking. So just inhibit this warning
via command-line CFLAGS instead of using #pragma directives.
One source file, tests/auth/superuser-t.c, was inhibiting the
-Wdeprecated-declaractions warning unnecessarily (it has not been needed
since commit 5815a04cf1 (tests: Move token faking code to its own
file)). Just remove the warning inhibition there, instead.
Change-Id: I52b1aeeac8699f9a4820626e9f1349f8cd380585
Reviewed-on: https://gerrit.openafs.org/15777
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Each C-TAP test is statically linked with libafstest_common as well as
any libaries under test. However, not all tests have these libraries
listed as dependencies in their respective make rules. Thus when
development changes are made to the c-tap harness, the OpenAFS common
code (tests/common/*), or the libraries under test, these tests may not
be rebuilt. This results in unexpected test output and confusion.
Add the libafstest_common library (and other OpenAFS libraries as
needed) as dependencies for all the test targets that require them.
[mmeffie: remove MODULE_LIBS from auth/Makefile.in]
Change-Id: If14d27237cc6d18a424c88b0594e8c6cde1888e4
Reviewed-on: https://gerrit.openafs.org/15725
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Commit cbc5c4b51f 'tests: Modernize writekeyfile.c' introduced
writeoldkey-t and specified CLEANUP for its afs_XXXXX temporary work
directory. However, Perl will not perform CLEANUP if the script is
still in that directory at exit. Therefore writeoldkey-t leaves behind
an afs_XXXXX temp directory for each run.
Modify writeoldkey-t to cd back into 'tests' before exit, so that
CLEANUP will work as intended.
[mmeffie: save the cwd before cd to the temp dir]
Change-Id: Ida723f9bfca05cc96acf189156d13c8607d210f4
Reviewed-on: https://gerrit.openafs.org/15724
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
If we're reporting an error, we should be printing to stderr. If we're
printing informational data, we should be using diag() to try to avoid
interfering with the TAP data. Change all printf() calls into one of
those two options.
Change-Id: I2e0d577e0c32efa539ed486190dbaca23bd0487f
Reviewed-on: https://gerrit.openafs.org/14866
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
A couple of places in our test code aren't handling errors from fork()
or waitpid() properly. We don't expect to ever hit errors for these,
but sysbail() in this case, so they don't fail silently.
Change-Id: I1c548f93f4d4ac4344032d7847470b04319386f2
Reviewed-on: https://gerrit.openafs.org/14865
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Change afstest_BuildTestConfig to add the local keys into the
generated config dir, unless the info->skipkeys is set. This just
makes afstest_BuildTestConfig a little easier to use for the common
case of generating a fully-usable config dir with usable keys (only
some callers want to skip generating keys in order to test
key-populating functionality).
Change-Id: I1ce9d062ea30c391a93562fc90bc18997de75383
Reviewed-on: https://gerrit.openafs.org/14835
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Create a perl module for some generic common code for our tests
written in perl: afstest.pm. With this commit, the module just
contains a couple of functions to calculate paths in our src and obj
trees (src_path(), obj_path()), analogous to afstest_src_path and
afstest_obj_path in our C helper library, libafstest_common.la.
Convert all existing perl test code that uses C_TAP_SOURCE/C_TAP_BUILD
to use these new functions.
Change-Id: I5e4d45e3d2d59449bbfc426476cb29b710c73bc1
Reviewed-on: https://gerrit.openafs.org/14800
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
Since commit a62de618 (Build util tests properly with make check),
running 'make check' in tests/ also runs 'make check' in each of the
tests subdirectories, which builds the tests in that dir. (And the
same goes for 'make test' and 'make tests'.)
This does ensure that the tests are built before we run them, but it's
a bit strange to build the tests under 'make check', a target that
usually runs tests.
We do this in the top-level tests dir to make sure that the tests are
built, but this purpose is served by the existing 'make all' target.
So to reduce some duplication of logic, and reduce the number of
targets the subdirs need to implement, just have 'make check' depend
on 'make all', so we know the tests are built when we go to run them.
Change-Id: I2fcbe88daeeae94cd7ef7a4a8326c4b56fadee5a
Reviewed-on: https://gerrit.openafs.org/14636
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Currently, afstest_BuildTestConfig calls afstest_mkdtemp (our thin
wrapper around mkdtemp) to create its temporary config dir. We may
want to make new tests, though, that create a temp dir for other
purposes. To make that easier, move a little more code into
afstest_mkdtemp, so the caller doesn't need to construct the template.
To allow callers to clean up such temporary dirs, change
afstest_UnlinkTestConfig into a more general function,
afstest_rmdtemp. Allow this new function to remove all files in a dir,
not just files one-level-deep. To avoid needing to write our own
traversal and removal logic, just run 'rm -rf' via a new function,
afstest_systemlp().
Move these temp dir-related functions from config.c into files.c,
since they are no longer specific to config dirs.
Change-Id: I16750a2f30e98c9ca2e14dfb7d3fc9bc5d456e8d
Reviewed-on: https://gerrit.openafs.org/14632
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Currently, several of our tests contain logic to locate files (via
srcdir or objdir), based on the C_TAP_SOURCE/BUILD environment
variables. This logic is duplicated in several places, so consolidate
the code into a couple of new functions: afstest_src_path and
afstest_obj_path. Update all callers to use these new functions.
Change-Id: I67a5e5d7f8fd7a1edb55a45e52d877ac41f9a2ea
Reviewed-on: https://gerrit.openafs.org/14319
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Add a thin wrapper around asprintf, called afstest_asprintf (and
afstest_vasprintf), which does its own error checking. This just helps
makes tests a little less cluttered when needing to construct strings.
Adapt all asprintf callers in 'tests' to use the wrapper.
Change-Id: I6c4ae5b72af827e2c4c66ecfc57f152855b1d401
Reviewed-on: https://gerrit.openafs.org/14620
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Currently, a few tests use the code in tests/common/ by linking
individual object files in there in addition to the test code (e.g.
linking ../common/config.o along with superuser-t.o).
This convention makes it very obnoxious to move code around in
tests/common/, since any users need to update their link lines. It
also makes it difficult for code in tests/common/ to make use of
functions in other tests/common/ files.
To fix this, just build all of the objects in tests/common/ into a
convenience library, called libafstest_common, and link the relevant
tests against that. Link a few requisite libraries (roken, rfc3961) in
libafstest_common, so each individual test doesn't need to link
against them.
Also link the TAP library itself in libafstest_common, so tests don't
have to explicitly link against it separately. To do this, convert it
into a libtool library, libafstest_tap.la.
Change-Id: I9c031c164efee20201336edcbfaff429e1d231b7
Reviewed-on: https://gerrit.openafs.org/14318
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Currently 'make check' always runs all tests. We can run individual
tests manually, but doing so is a bit cumbersome to do under the same
environment as 'make check', since doing so means running something
like this:
$ MAKECHECK=1 $(abs_top_srcdir)/tests/libwrap @TOP_OBJDIR@/lib \
./runtests opr/fmt util/ktime
To make it easier to run single tests introduce a way of calling 'make
check' like this:
$ make check TESTS='opr/fmt util/ktime'
Which will run the same commands as 'make check', but will run
runtests with only the specified tests, instead of running the default
list.
Some makefiles currently use a "TESTS" or "tests" variable to list
their test binaries; rename them all to "BINS" to avoid conflicting
with this new use for "TESTS" and to make our makefiles a little more
consistent.
Change-Id: I427f83be0d4571794644a97123bcd1f32427bd05
Reviewed-on: https://gerrit.openafs.org/14317
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Each server process can log a couple of different warnings about the
server keys found on disk:
- If afsconf_GetLatestKey() returns success (indicating a single-DES
key is present), we call LogDesWarning().
- If afsconf_CountKeys() returns 0 (indicating there are no keys at
all on disk), we log a warning that all authenticated access will
fail.
Currently, the code to do these checks and log the relevant warning is
duplicated across the startup code for nearly every server process. To
avoid this duplication, and to make sure the checks aren't
accidentally skipped for anyone, move these checks to
afsconf_BuildServerSecurityObjects, which every server process calls.
We must add an additional parameter to
afsconf_BuildServerSecurityObjects to handle the different logging
mechanism these servers use, but afsconf_BuildServerSecurityObjects is
declared in a public header (cellconfig.h), and is exported in a
public library (libafsauthent). So to avoid changing a public symbol,
introduce a new variant of the function, called
afsconf_BuildServerSecurityObjects_int. Declare this in a new internal
header, authcon.h.
We don't have easily-usable logging functions for upserver and butc,
so just don't log the warnings for those. For ubik servers, don't
update ubik_SetServerSecurityProcs to use the new function; the
initial call to afsconf_BuildServerSecurityObjects_int in the server's
startup code will cover logging the warning on startup.
Change-Id: I5d5fceefdaf907f96db9f1c0d21ceb6957299a59
Reviewed-on: https://gerrit.openafs.org/10831
Tested-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
The SOURCE and BUILD environment variables have been changed to
C_TAP_SOURCE and C_TAP_BUILD in the new version of c-tap-harness. The
runtests command syntax has changed as well.
Convert all of the old SOURCE and BUILD environment variables to the new
C_TAP_SOURCE and C_TAP_BUILD names.
Add the required -l command line option to specify the test list.
Add the new runtests -v option to run the tests in verbose mode to make
it easier to see which tests failed.
Change-Id: I209a6dc13d6cd1507519234fce1564fc4641e70b
Reviewed-on: https://gerrit.openafs.org/14295
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
tests/auth/writekeyfile.c contains some code used to generate
tests/auth/KeyFile, which is used to test code interpreting the
old-style KeyFile format. This code currently has a few problems:
- We don't check the results of afstest_mkdtemp, which could allow
symlink attacks from other users on the system.
- We duplicate some logic from afstest_BuildTestConfig, in order to
build a temporary config dir.
- writekeyfile isn't built or run by default (it only exists to
generate KeyFile, so it's almost never run), so eventual bitrot is
quite likely, and the existing code already generates warnings.
To avoid this, change writekeyfile.c to use the existing
afstest_BuildTestConfig to generate a local config dir. To ensure we
avoid bitrot, build writekeyfile by default, and create a test to run
it, to make sure it can generate a KeyFile as expected.
Note that the KeyFile.short we test against is different than the
KeyFile currently in the tree. The existing KeyFile was generated from
an older OpenAFS release, which always generated 100-byte KeyFiles,
even if we only have a few keys. The current codebase only writes out
as much key data as needed, so the generated KeyFiles are shorter (but
still understandable by older OpenAFS releases).
Keep the old 100-byte KeyFile around, since that's what older OpenAFS
would generate, and create a new KeyFile.short to test against, to
make sure our code for generating KeyFiles doesn't change any further.
Change-Id: Ibe9246c6dd808ed2b2225dd7be2b27bbdee072fd
Reviewed-on: https://gerrit.openafs.org/14246
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Commit "Build tests by default" 68f406436c
changes the build so tests are always built.
On Solaris 10 the build fails because nanosleep is in librt, which we do
not link against.
Replace nanosleep with usleep. This avoids introducing extra configure
tests just for Solaris 10.
Note that with Solaris 11 nanosleep was moved from librt to libc, the
standard C library.
Change-Id: I6639f32bb8c8ace438e0092a866f06561dad54f1
Reviewed-on: https://gerrit.openafs.org/14244
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Commit "Build tests by default" 68f406436c
changes the build so tests are always built.
On Solaris 10 Update 10 and earlier the build fails because the mkdtemp
function is not available.
Introduce a wrapper 'afstest_mkdtemp' that uses mkdtemp if available,
otherwise uses mktemp/mkdir.
Change-Id: I0118f838ed9a89927e2ddac4cad822574601558a
Reviewed-on: https://gerrit.openafs.org/14243
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
The auth/superuser-t test runs an Rx server and client in two child
processes. If the client process tries to contact the server before
the server has started listening on its port, some tests involving
RPCs can fail (notably test 39, "Can run a simple RPC").
Normally if we try to contact a server that's not there, Rx will try
resending its packets a few times, but on Linux with AFS_RXERRQ_ENV,
if the port isn't open at all, we can get an ICMP_PORT_UNREACH error,
which causes the relevant Rx call to die immediately with
RX_CALL_DEAD.
This means that if the auth/superuser-t client is only just a bit
faster than the server starting up, tests can fail, since the server's
port is not open yet.
To avoid this, we can wait until the server's port is open before
starting the client process. To do this, have the server process send
a SIGUSR1 to the parent after rx_Init() is called, and have the parent
process wait for the SIGUSR1 (waiting for a max of 5 seconds before
failing). This should guarantee that the server's port will be open by
the time the client starts running.
Note that before commit 086d1858 (LINUX: Include linux/time.h for
linux/errqueue.h), AFS_RXERRQ_ENV was mistakenly disabled on Linux
3.17+, so this issue was probably not possible on recent Linux before
that commit.
Change-Id: I0032a640b83c24f72c03e7bea100df5bc3d9ed4c
Reviewed-on: https://gerrit.openafs.org/14109
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Currently, in tests/volser/vos-t.c we call afs_com_err as
"authname-t", which is clearly a mistake during some code refactoring
(introduced in commit 2ce3fdc5, "tests: Abstract out code to produce a
Ubik client").
We could just change this to "vos-t", but instead of specifying
constant strings everywhere, change this to figure out what the
current command is called, and just use that. Put this code into a new
function, afstest_GetProgname, and convert existing tests to use that
instead of hard-coding the program name given to afs_com_err.
Change-Id: I3ed02c89f93798568783c7d717e8fb2e39dcce14
Reviewed-on: https://gerrit.openafs.org/13991
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Fix a few miscellaneous issues with building and running our tests in
objdir builds:
- Our C tests use -I$(srcdir)/../.. in the CFLAGS, so we can #include
<tests/tap/basic.h>. However, basic.h actually gets copied from
src/external/c-tap-harness/tests/tap/ to tests/tap/ during the
build, and so basic.h is available in the objdir, not srcdir. For
objdir builds, this causes building the tests to fail with failing
to find basic.h. Fix this to use TOP_OBJDIR as the include path
instead.
- Our 'make check' in tests/ tries to run ./libwrap; but our cwd will
be in the objdir for objdir builds, and libwrap is a script in our
srcdir. Fix this to run libwrap from the srcdir path.
- In tests/opr/softsig-t, it tries to find the 'softsig-helper' binary
in the same dir as 'softsig-t'. However, softsig-t is just a script
in the srcdir, but softsig-helper is a binary built in the objdir.
Fix this to use the BUILD env var provided by the tests wrapper, by
default.
Change-Id: Iff642613bfc88d0d7e348660dc62f59e6fa8af75
Reviewed-on: https://gerrit.openafs.org/13939
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
In afsconf_BuildServerSecurityObjects, create a server security object
for rxgk. Currently, this will only accept printed rxgk tokens, not
tokens negotiated via GSSNegotiate. Future commits will add
functionality to handle user-negotiated tokens, fileserver-specific
creds, etc.
Change-Id: Ie2bbef0d591641e80bb85240316c4ee5f9f8ff05
Reviewed-on: https://gerrit.openafs.org/12941
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Resolves this warning:
keys-t.c: In function ‘copy’:
keys-t.c:63:6: warning: ignoring return value of ‘write’, declared with attribute warn_unused_result [-Wunused-result]
write(out, block, len);
^
Change-Id: If2427f2658b428091ffba3d11643ad95f193a67d
Reviewed-on: http://gerrit.openafs.org/11957
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
In the case of a host where gethostbyname is unable to resolve
the hostname, afstest_BuildTestConfig() may return NULL which
can cause several tests to crash.
Add a common function to look out for this condition and use it where
appropriate. When it occurs, the current module is skipped and
the user gets an error message that indicates the configuration
problem.
Change-Id: I7216876eb2424368f415e5759e2b95009ad055b2
Reviewed-on: http://gerrit.openafs.org/9120
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Use liboafs_auth.la directly, rather than using libafsauthent, to
build the auth tests
Change-Id: Idf0e7a32626802b6113d21833ded09d9e20e3659
Reviewed-on: http://gerrit.openafs.org/9023
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Call the configuration directory cleanup function before exiting
so there are no files left behind, even in case of error.
Add KeyFileExt to the list of files that are removed.
Change-Id: Ie795bef0d44609b36950970244c02a6c6da1a843
Reviewed-on: http://gerrit.openafs.org/8142
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Create a pthreaded version of libafsutil, named liboafs_util.la,
and use this library in all of the pthreaded binaries that we build,
replacing both inclusion of libafsutil.a, and direct compliation of
pthreaded versions of the util source files.
libafsutil.a is provided for legacy LWP applications, and the
convenience library libafsutil_pic.a remains until we address the way
in which the user space cache manager is built and linked.
Change-Id: Ibdc3d6e2fe56ca6f5b882cf03991d1a2e32c62b2
Reviewed-on: http://gerrit.openafs.org/8056
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Add a missing line continuation backslash, and use the correct
location for libafs_opr.la
Change-Id: I52e44d36d9e1a9a0b3cd81c463f952072d4cbb48
Reviewed-on: http://gerrit.openafs.org/8045
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Convert opr so that it uses libtool. For backwards compatibility we
still build libopr.a, but we do so as a static convenience library.
As libopr.a may, in the future, be converted to an LWP library, change
all of the pthreaded binaries so that they link against the libtool
library liboafs_opr.la
Change-Id: Icee04ff4745334f06ffba16df5bb07fc9dcc0b54
Reviewed-on: http://gerrit.openafs.org/8034
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Lots of our tests want to start a test RPC server, and then run
commands against it. Start to abstract out the code to do this
by pulling the code to start a test RPC server into its own
function in the common test directory.
Change-Id: Ie7fa1fa1984113f3722def17a9fd4b98993bd6ff
Reviewed-on: http://gerrit.openafs.org/7584
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Instead of bundling our own copies of Russ's C TAP Harness, start using
source pulled from his git repository using the src/external import
mechanism. Note that we are not currently building the floating
point (is_double) portion of the harness.
In the process of doing so, we also upgrade our test harness to the latest
upstream version, 1.11. This is somewhat problematic, as there have been
some significant code changes since the version bundled with OpenAFS.
Work around these by
*) Referencing the basic.h header as <tests/tap/basic.h>, rather than
just <tap/basic.h>, to match the new upstream layout
*) Changing the include path so that the tests/ directory can be
found within it.
Change-Id: I63efbb30248165e5729005b0a791e7eb7afb051d
Reviewed-on: http://gerrit.openafs.org/7374
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Russ Allbery <rra@stanford.edu>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Move the token faking code out of superuser-t.c into its own file in
tests/common, so it can be used by other tests.
Change-Id: I7b420250ef974b4b80a8dde692d2666657bb82ca
Reviewed-on: http://gerrit.openafs.org/7259
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
When the hcrypto/des header was removed from our installed headers, it
wasn't added back in to the superuser test. Add it now, so that the test
can build.
Change-Id: I38023ee94abe801f6f2313b492e4f80855001c41
Reviewed-on: http://gerrit.openafs.org/7243
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Add krb.conf and krb.excl support to the auth cell configuration
library. Provide a function to determine if the user is local to the
cell. Provide a function to set the local realms during application
initialization. These changes are intended to replace the functions
afs_krb_get_lrealm and afs_is_foreign_ticket_name.
Change-Id: Iba57e9ffc2c958f3a4565a9352ce172189276ce9
Reviewed-on: http://gerrit.openafs.org/5744
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Instead of the current event stack, which uses a sorted linked
list, use a red/black tree to maintain the timer stack. This
dramatically improves event insertion times, at the expense of
some additional implementation complexity.
This change also adds reference counting to the rxevent
structure. We've always had a race between an event being
fired, and that event being simultaneously cancelled by
the user thread. Reference counting avoids that race resulting
in the structure appearing twice in the free list.
Change-Id: Icbef6e04e01f3eef5b888bc3cb77b7a3d1be26ae
Reviewed-on: http://gerrit.openafs.org/5841
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Make the code which adds a new (static) DES key to a cell's
configuration generally available, as this will also be useful in
constructing other tests
Change-Id: I5d284016628e9d25a198607ffd6f8f1a63ddf652
Reviewed-on: http://gerrit.openafs.org/4807
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Move code for faking up an OpenAFS configuration directory into its
own "common" directory, as it's going to be of use to more tests than
just those in auth.
Change-Id: I9c80dd66763e222deca98bc7744ff317111c6ed8
Reviewed-on: http://gerrit.openafs.org/4806
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
We need to give a NULL pointer for string OUT arguments, so XDR knows
to allocate a new string. Also free the string each time so it gets
set back to NULL.
Change-Id: I1eb0c63dc4019b855a2cbecd9e35393f2fbb0fd7
Reviewed-on: http://gerrit.openafs.org/4708
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
A reference to the rxgk library crept into auth Makefile ahead of
time. Remove it so that tests can continue to work in trees without
rxgk.
Change-Id: Ic1392aebf657d458a55f2dcf685d0616f0573622
Reviewed-on: http://gerrit.openafs.org/4446
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Rework the afsconf_UpToDate check so that it uses the modifcation of
the CellServDB, and not the KeyFile to determine whether the
configuration information has been changed under us or not. afsconf
defines the CellServDB as being the single sentinel for a config
directory being changed, and our tools are careful to always touch
the CellServDB when updating anything else there.
Also, rework the _afsconf_Check() code so that it uses afsconf_UpToDate,
rather than including this logic twice.
Change-Id: I8ef5f67afbb5982bb25e12407ea5dc5dc1512840
Reviewed-on: http://gerrit.openafs.org/4203
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
The auth/keys test tries to find a file that's distributed as part
of the test suite. However, it currently only looks in the CWD to
find it. Modify the test so that if it's run from the test harness,
it will use the harnesses SOURCE environment variable to locate the
KeyFile
Change-Id: I93e16a01eae79b38ab01c81a57d2a47c28479b27
Reviewed-on: http://gerrit.openafs.org/4213
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Fix the authcon test so that it avoids pthread errors by
initialising rx before calling into any of the rxkad routines.
Change-Id: I175203fd91660e27a8b468e6f1c6189f32b22259
Reviewed-on: http://gerrit.openafs.org/4212
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
BuildServerSecurityObjects takes a set of flags, which makes it
hard to use it as a callback function. Rework this so that the
security flags are part of the afsconf directory structure, and
so BuildServerSecurityObjects only takes a rock, and its return
parameters.
Update all of the callers for this new function, and add tests
for it to the test suite.
Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937
Reviewed-on: http://gerrit.openafs.org/4201
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Add support for a GetAllKeys function that can be used to list all
of the keys in a configuration directory.
Change-Id: I0711fde6afc2941a5f03f2e26ea89ae73750c1a9
Reviewed-on: http://gerrit.openafs.org/4103
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
The new key handling code was creating empty keyfiles that were 0
bytes in length. The correct format for an empty keyfile is a file
containing a single 0 word (the number of keys in the file). Update
the code to write this form of empty KeyFile.
Change-Id: I93bf23f6044a70a74f52b94c4656cbd4bc4fc35b
Reviewed-on: http://gerrit.openafs.org/4051
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Existing callers in the code use
afsconf_GetLatestKey(dir, NULL, NULL) to check for the existence of
a key file. We need to permit NULL values for the return pointers
to this function.
Also update the tests to check for this behaviour.
Change-Id: I94e74138ddeed8d167c1e6f12e297411c638e1b9
Reviewed-on: http://gerrit.openafs.org/4050
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Pull the common code for creating a configuration directory out of
the keys and superuser tests into a single file. This both cleans up
the existing tests, and makes it easier to add new ones.
Change-Id: I08058117e08da3a3baf750b3b14ef6780f942206
Reviewed-on: http://gerrit.openafs.org/4049
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
Extend the KeyFile API so that we can support arbitrary numbers of
different key types, each with their own key version numbers and
sub types. Completely rewrite the KeyFile implementation with this
in mind, but implement all of the "old" API in terms of the new one.
Given that the existing KeyFile is modified by third party programs,
we retain that as the storage location for all afsconf_rxkad keys.
Only keys with a type of 1, or above are stored in the new extended
keyfile.
Change-Id: I903a1de938544541a1bfecedb2a039ba24bdfdbc
Reviewed-on: http://gerrit.openafs.org/3772
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Fix the superuser tests so that they can be run on Linux. This
requires explicitly including sys/wait.h so we can use waitpid,
and changing some initialisation ordering so that we initialise
the RX library before we try and fake an rxkad token.
Change-Id: I8439ff6211a50c749ea22819e2d836409a64d2ad
Reviewed-on: http://gerrit.openafs.org/3776
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
