10 #include "system/kerberos.h"
11 #include "auth/kerberos/kerberos.h"
12 #include "auth/credentials/credentials.h"
13 #include "auth/credentials/credentials_proto.h"
14 #include "auth/credentials/credentials_krb5.h"
15 #include "auth/kerberos/kerberos_credentials.h"
16 #include "auth/kerberos/kerberos_util.h"
18 static void internal_obsolete_keytab_test(int num_principals, int num_kvnos,
19 krb5_kvno kvno, const char *kt_name)
21 krb5_context krb5_ctx;
23 krb5_keytab_entry kt_entry;
24 krb5_kt_cursor cursor;
28 char princ_name[6] = "user0";
29 char expect_princ_name[23] = "user0@samba.example.com";
31 const char *error_str;
33 TALLOC_CTX *tmp_ctx = talloc_new(NULL);
34 krb5_principal *principals = talloc_zero_array(tmp_ctx,
37 krb5_init_context(&krb5_ctx);
38 krb5_kt_resolve(krb5_ctx, kt_name, &keytab);
39 ZERO_STRUCT(kt_entry);
41 for(i=0; i<num_principals; i++) {
42 princ_name[4] = (char)i+48;
43 smb_krb5_make_principal(krb5_ctx, &(principals[i]),
44 "samba.example.com", princ_name, NULL);
45 kt_entry.principal = principals[i];
46 for (j=0; j<num_kvnos; j++) {
48 krb5_kt_add_entry(krb5_ctx, keytab, &kt_entry);
52 code = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
53 assert_int_equal(code, 0);
54 for (i=0; i<num_principals; i++) {
55 expect_princ_name[4] = (char)i+48;
56 for (j=0; j<num_kvnos; j++) {
58 code = krb5_kt_next_entry(krb5_ctx, keytab,
60 assert_int_equal(code, 0);
61 assert_int_equal(kt_entry.vno, j+1);
62 krb5_unparse_name(krb5_ctx, kt_entry.principal,
64 assert_string_equal(expect_princ_name, unparsed_name);
68 smb_krb5_remove_obsolete_keytab_entries(tmp_ctx, krb5_ctx, keytab,
69 num_principals, principals,
70 kvno, &found_previous,
73 code = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
74 assert_int_equal(code, 0);
75 for (i=0; i<num_principals; i++) {
77 expect_princ_name[4] = (char)i+48;
78 code = krb5_kt_next_entry(krb5_ctx, keytab, &kt_entry, &cursor);
79 assert_int_equal(code, 0);
80 assert_int_equal(kt_entry.vno, kvno-1);
81 krb5_unparse_name(krb5_ctx, kt_entry.principal, &unparsed_name);
82 assert_string_equal(expect_princ_name, unparsed_name);
84 code = krb5_kt_next_entry(krb5_ctx, keytab, &kt_entry, &cursor);
85 assert_int_not_equal(code, 0);
88 static void test_krb5_remove_obsolete_keytab_entries_many(void **state)
90 internal_obsolete_keytab_test(5, 4, (krb5_kvno)5, "MEMORY:LOL2");
93 static void test_krb5_remove_obsolete_keytab_entries_one(void **state)
95 internal_obsolete_keytab_test(1, 2, (krb5_kvno)3, "MEMORY:LOL");
98 int main(int argc, const char **argv)
100 const struct CMUnitTest tests[] = {
101 cmocka_unit_test(test_krb5_remove_obsolete_keytab_entries_one),
102 cmocka_unit_test(test_krb5_remove_obsolete_keytab_entries_many),
105 cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
106 return cmocka_run_group_tests(tests, NULL, NULL);