Commit Graph

9 Commits

Author SHA1 Message Date
Simon Wilkinson
18db7ede1c tests: Explicitly include DES in superuser test
When the hcrypto/des header was removed from our installed headers, it
wasn't added back in to the superuser test. Add it now, so that the test
can build.

Change-Id: I38023ee94abe801f6f2313b492e4f80855001c41
Reviewed-on: http://gerrit.openafs.org/7243
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
2012-04-18 20:26:45 -07:00
Simon Wilkinson
954aa2338c tests: Move code to add new DES keys to common
Make the code which adds a new (static) DES key to a cell's
configuration generally available, as this will also be useful in
constructing other tests

Change-Id: I5d284016628e9d25a198607ffd6f8f1a63ddf652
Reviewed-on: http://gerrit.openafs.org/4807
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
2011-06-07 07:50:30 -07:00
Simon Wilkinson
799b3373ec tests: Move common code to its own directory
Move code for faking up an OpenAFS configuration directory into its
own "common" directory, as it's going to be of use to more tests than
just those in auth.

Change-Id: I9c80dd66763e222deca98bc7744ff317111c6ed8
Reviewed-on: http://gerrit.openafs.org/4806
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
2011-06-07 07:50:20 -07:00
Andrew Deason
83322372fb tests: Correctly pass string args in superuser-t
We need to give a NULL pointer for string OUT arguments, so XDR knows
to allocate a new string. Also free the string each time so it gets
set back to NULL.

Change-Id: I1eb0c63dc4019b855a2cbecd9e35393f2fbb0fd7
Reviewed-on: http://gerrit.openafs.org/4708
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
2011-05-25 12:47:37 -07:00
Simon Wilkinson
7a0bbff4a6 afsconf: Rework security flags
BuildServerSecurityObjects takes a set of flags, which makes it
hard to use it as a callback function. Rework this so that the
security flags are part of the afsconf directory structure, and
so BuildServerSecurityObjects only takes a rock, and its return
parameters.

Update all of the callers for this new function, and add tests
for it to the test suite.

Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937
Reviewed-on: http://gerrit.openafs.org/4201
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
2011-03-13 07:34:28 -07:00
Simon Wilkinson
1bc528d008 tests/auth: Refactor common code
Pull the common code for creating a configuration directory out of
the keys and superuser tests into a single file. This both cleans up
the existing tests, and makes it easier to add new ones.

Change-Id: I08058117e08da3a3baf750b3b14ef6780f942206
Reviewed-on: http://gerrit.openafs.org/4049
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
2011-02-26 03:56:37 -08:00
Simon Wilkinson
66bd7cf95e tests: Fix auth/superuser-t.c to work on Linux
Fix the superuser tests so that they can be run on Linux. This
requires explicitly including sys/wait.h so we can use waitpid,
and changing some initialisation ordering so that we initialise
the RX library before we try and fake an rxkad token.

Change-Id: I8439ff6211a50c749ea22819e2d836409a64d2ad
Reviewed-on: http://gerrit.openafs.org/3776
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
2011-01-31 09:45:43 -08:00
Simon Wilkinson
83ac1558b6 auth: Add more tests and resulting fixes to userok
Add tests for the functions afsconf_SuperUser() and
afsconf_SuperIdentity(). These had been missing tests because testing
them requires starting a client and a server, so amend the superuser-t
tests so that they can start up a simple server.

Fix a number of problems that the tests expose, with setting (and
freeing) identities in corner cases.

Change-Id: I29f5f9eda7f532c98183d588e488d704f8efad88
Reviewed-on: http://gerrit.openafs.org/3593
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
2010-12-26 10:58:49 -08:00
Simon Wilkinson
0af17e7ecc auth: Allow identities in the UserList
Extend the userok interface provided by the auth library to permit the
addition, deletion and inspection of identities within the UserList.

A number of additional functions are added, as direct replacements for
their Kerberos v4 only counterparts - these are:
 *) afsconf_DeleteIdentity
 *) afsconf_GetNthIdentity
 *) afsconf_AddIdentity
 *) afsconf_SuperIdentity

In addition, a new function is added to allow the status of any given
identity to be queried
 *) afsconf_IsSuperIdentity

New form identities are stored within the same UserList file as
Kerberos v4 identities. We take advantage of the fact that the current
code skips any entry with a leading whitespace. Identities are stored as
a single line, with a leading space, followed by the integer
representation of their type (0 for Kerberos 4, 1 for GSSAPI), followed
by the base64 encoded representation of their exported name, followed by
the display name of the identity. Each field is whitespace separated.

For example:
 1 BAEACwYJKoZIhvcSAQICAAAAEHN4d0BJTkYuRUQuQUMuVUs= sxw@INF.ED.AC.UK
is the representation of the GSSAPI identity "sxw@INF.ED.AC.UK"

An addition to the test suite is also provided which will test all of
the existing, and new super user manipulation functions.

Change-Id: I50648bb1ecc3037a90d623c87a60193be4f122ff
Reviewed-on: http://gerrit.openafs.org/3355
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
2010-11-24 19:16:12 -08:00