# Kerberos rlogin test.
# This is a DejaGnu test script.
# This script tests Kerberos rlogin.
# Written by Ian Lance Taylor, Cygnus Support, <ian@cygnus.com>.

# Find the programs we need.  We use the binaries from the build tree
# if they exist.  If they do not, then they must be in PATH.  We
# expect $objdir to be .../kerberos/src.

if ![info exists KRLOGIN] {
    set KRLOGIN [findfile $objdir/../../appl/bsd/rlogin]
}

if ![info exists KRLOGIND] {
    set KRLOGIND [findfile $objdir/../../appl/bsd/klogind]
}

if ![info exists LOGINKRB5] {
    set LOGINKRB5 [findfile $objdir/../../appl/bsd/login.krb5]
}

# Start up a root shell.
if ![setup_root_shell rlogin] {
    return
}

# Make sure .k5login is reasonable.
if ![check_k5login rlogin] {
    stop_root_shell
    return
}

# Set up the kerberos database.
if {![get_hostname] \
    || ![setup_kerberos_files] \
    || ![setup_kerberos_env] \
    || ![setup_kerberos_db 0]} {
    stop_root_shell
    return
}

# A procedure to start up the rlogin daemon.

proc start_rlogin_daemon { option } {
    global REALMNAME
    global KRLOGIND
    global LOGINKRB5
    global ROOT_PROMPT
    global tmppwd
    global hostname
    global rlogin_spawn_id
    global krlogind_pid
    global portbase

    # The -p argument tells it to accept a single connection, so we
    # don't need to use inetd.  The 3543 is the port to listen at.
    # Note that tmppwd here is a shell variable, which is set in
    # setup_root_shell, not a TCL variable.  The sh -c is to workaround
    # the broken controlling tty handling in hpux, and shouldn't hurt
    # anything else.
    send -i $rlogin_spawn_id "sh -c \"$KRLOGIND -k -c -D [expr 8 + $portbase] -S \$tmppwd/srvtab -M $REALMNAME -L $LOGINKRB5 $option\" &\r"
    expect {
	-i $rlogin_spawn_id 
	-re "$ROOT_PROMPT" { }
	timeout {
	    send_error "ERROR: timeout from rlogin $hostname -l root\n"
	    return
	}
	eof {
	    send_error "ERROR: eof from rlogin $hostname -l root\n"
	    return
	}
    }
    send -i $rlogin_spawn_id "echo \$!\r"
    expect {
	-i $rlogin_spawn_id
	-re "\[0-9\]+" {
	    set krlogind_pid $expect_out(0,string)
	    verbose "krlogind process ID is $krlogind_pid"
	}
	timeout {
	    send_error "ERROR: timeout from rlogin $hostname -l root\n"
	    return
	}
	eof {
	    send_error "ERROR: eof from rlogin $hostname -l root\n"
	    return
	}
    }
    expect {
	-i $rlogin_spawn_id
	-re "$ROOT_PROMPT" { }
	timeout {
	    send_error "ERROR: timeout from rlogin $hostname -l root\n"
	    return
	}
	eof {
	    send_error "ERROR: eof from rlogin $hostname -l root\n"
	    return
	}
    }

    # Give the rlogin daemon a few seconds to get set up.
    sleep 2
}

# A procedure to stop the rlogin daemon.

proc stop_rlogin_daemon { } {
    global krlogind_pid

    if [info exists krlogind_pid] {
	catch "exec kill $krlogind_pid"
	unset krlogind_pid
    }
}

# Wrap the tests in a procedure, so that we can kill the daemons if
# we get some sort of error.

proc rlogin_test { } {
    global REALMNAME
    global KRLOGIN
    global BINSH
    global SHELL_PROMPT
    global KEY
    global hostname
    global hostname
    global env
    global portbase

    # Start up the kerberos and kadmind daemons and get a srvtab and a
    # ticket file.
    if {![start_kerberos_daemons 0] \
        || ![add_kerberos_key host/$hostname 0] \
        || ![setup_srvtab 0] \
	|| ![add_kerberos_key $env(USER) 0] \
	|| ![kinit $env(USER) $env(USER)$KEY 0]} {
	return
    }

    # Start up the rlogin daemon.
    start_rlogin_daemon -k

    # Make an rlogin connection.
    spawn $KRLOGIN $hostname -k $REALMNAME -D [expr 8 + $portbase]

    expect_after {
	timeout {
	    fail "$testname (timeout)"
	    catch "expect_after"
	    return
	}
	"onnection closed." {
	    fail "$testname (connection closed)"
	    catch "expect_after"
	    return
	}
	eof {
	    fail "$testname (eof)"
	    catch "expect_after"
	    return
	}
    }

    set testname "rlogin"
    expect {
	-re "$SHELL_PROMPT" {
	    pass $testname
	}
    }

    # Switch to /bin/sh to try to avoid confusion from the shell
    # prompt.
    set testname "shell"
    send "$BINSH\r"
    expect -re "$SHELL_PROMPT"

    set testname "date"
    send "date\r"
    expect "date"
    expect {
	-re "\[A-Za-z0-9 :\]+\[\r\n\]+" {
	    if [check_date $expect_out(0,string)] {
		pass "date"
	    } else {
		fail "date"
	    }
	}
    }
    expect -re "$SHELL_PROMPT"

    set testname "exit"
    send "exit\r"
    expect -re "$SHELL_PROMPT"
    send "exit\r"
    expect {
	"onnection closed." {
	    pass $testname
	}
    }
    # This last expect seems useless, but without it the rlogin process
    # sometimes hangs on HP-UX, in a tcsetattr call with TCSADRAIN.
    expect {
        "\r" { }
    }

    expect_after

    if [check_exit_status "exit status"] {
	pass "exit status"
    }

    # The rlogin daemon should have stopped, but we have no easy way
    # of checking whether it actually did.  Kill it just in case.
    stop_rlogin_daemon

    # Try an encrypted connection.
    start_rlogin_daemon -e
    spawn $KRLOGIN $hostname -x -k $REALMNAME -D [expr 8 + $portbase]

    expect_after {
	timeout {
	    fail "$testname (timeout)"
	    catch "expect_after"
	    return
	}
	"onnection closed" {
	    fail "$testname (connection closed)"
	    catch "expect_after"
	    return
	}
	eof {
	    fail "$testname (eof)"
	    catch "expect_after"
	    return
	}
    }

    set testname "encrypted rlogin"
    expect -re "encrypting .* transmissions"
    expect {
	-re "$SHELL_PROMPT" {
	    pass $testname
	}
    }

    # Switch to /bin/sh to try to avoid confusion from the shell
    # prompt.
    set testname "shell"
    send "$BINSH\r"
    expect -re "$SHELL_PROMPT"

    # Make sure the encryption is not destroying the text.
    set testname "echo"
    send "echo hello\r"
    expect "echo hello"
    expect "hello"
    expect {
	-re "$SHELL_PROMPT" {
	    pass $testname
	}
    }

    # Send some characters which might cause an interrupt, and then
    # make sure we can still talk to the shell.
    set testname "interrupt characters"
    send "\003\177\034\r"
    expect -re "$SHELL_PROMPT"
    send "echo hello\r"
    expect "echo hello"
    expect "hello"
    expect {
	-re "$SHELL_PROMPT" {
	    pass $testname
	}
    }

    set testname "~."
    send "~."
    expect {
	"Closed connection.\r" {
	    pass $testname
	}
	"onnection closed" {
	    pass $testname
	}
    }

    expect_after

    if [check_exit_status "exit status"] {
	pass "exit status"
    }

    # The rlogin daemon should have stopped, but we have no easy way
    # of checking whether it actually did.  Kill it just in case.
    stop_rlogin_daemon
}

# Run the test.  Logging in sometimes takes a while, so increase the
# timeout.
set oldtimeout $timeout
set timeout 60
set status [catch rlogin_test msg]
set timeout $oldtimeout

# Shut down the kerberos daemons, the rlogin daemon, and the root
# process.
stop_kerberos_daemons

stop_rlogin_daemon

stop_root_shell

if { $status != 0 } {
    send_error "ERROR: error in rlogin.exp\n"
    send_error "$msg\n"
    exit 1
}