summaryrefslogtreecommitdiff
path: root/testprogs
diff options
context:
space:
mode:
authorAlexander Bokovoy <ab@samba.org>2012-05-23 17:34:24 +0300
committerAlexander Bokovoy <ab@samba.org>2012-05-23 18:46:12 +0200
commitdcfb34fbb4b7484bdaa70fbe9ae9fd84738ab469 (patch)
tree0bfc075f397402fda5c3f96925afa3a79d49d580 /testprogs
parent2b144531f1a760514f217012e9dab01359b7a0d7 (diff)
downloadsamba-dcfb34fbb4b7484bdaa70fbe9ae9fd84738ab469.tar.gz
blackbox: fix samba4.blackbox.kinit test
This deserves some explanation. With commit 518232d4578d700f5f5ea1609275a6cd1de3a1e7 samba4.blackbox.kinit test set was wrapped with password settings reset before and after the tests with an idea to maintain reliable state for the tests. As result, the resetting of the password settings was done after the test that tried to use smbclient with a Kerberos ticket obtained with machine account credentials. However, the code in credentials_krb5.c, function cli_credentials_get_client_gss_creds(), never worked correctly when credentials were already in ccache. Instead, gensec_gssapi module always re-kinited even if existing credentials were available in the ccache. This had an effect on 'samba4.blackbox.kinit(dc:local).reset password policies(dc:local)' test equal to never having initialized ccache at all, as if 'rm -f $KRB5CCNAME' was run before the test. When the issue of not using already initialized credentials from ccache was fixed with d0aae88f1290e6a7a6d4bfc24aa62795e4892a31 'auth-credentials: Support using pre-fetched ccache when obtaining kerberos credentials' commit, Samba 4 credentials library started to correctly re-used already obtained credentials from ccaches. This caused failure of the test 'samba4.blackbox.kinit(dc:local).reset password policies(dc:local)' because machine account has no permissions to modify password settings. Thus, the correct fix is to reset ccache state before performing the test. Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Wed May 23 18:46:12 CEST 2012 on sn-devel-104
Diffstat (limited to 'testprogs')
-rwxr-xr-xtestprogs/blackbox/test_kinit.sh1
1 files changed, 1 insertions, 0 deletions
diff --git a/testprogs/blackbox/test_kinit.sh b/testprogs/blackbox/test_kinit.sh
index 981987d03f..14f1e62c9e 100755
--- a/testprogs/blackbox/test_kinit.sh
+++ b/testprogs/blackbox/test_kinit.sh
@@ -174,6 +174,7 @@ rm -f $KRB5CCNAME
testit "kinit with machineaccountccache script" $machineaccountccache $CONFIGURATION $KRB5CCNAME || failed=`expr $failed + 1`
test_smbclient "Test machine account login with kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1`
+rm -f $KRB5CCNAME
testit "reset password policies" $VALGRIND $samba_tool domain passwordsettings $PWSETCONFIG set --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
rm -f $PREFIX/tmpccache tmpccfile tmppassfile tmpuserpassfile tmpuserccache tmpkpasswdscript