load_lib lib.t
api_exit
api_start
#test "modify-principal 1"
#proc test1 {} {
# global test
# one_line_fail_test [format {
# ovsec_kadm_modify_principal $server_handle [simple_principal \
# "%s/a"] {OVSEC_KADM_PW_EXPIRATION}
# } $test] "NOT_INIT"
#}
#test1
test "modify-principal 2"
proc test2 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test] "AUTH_MODIFY"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
if {$RPC} { test2 }
test "modify-principal 4"
proc test4 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINCIPAL}
} $test] "BAD_MASK"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test4
test "modify-principal 5"
proc test5 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_LAST_PWD_CHANGE}
} $test] "BAD_MASK"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test5
test "modify-principal 6"
proc test6 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_MOD_TIME}
} $test] "BAD_MASK"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test6
test "modify-principal 7"
proc test7 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_MOD_NAME}
} $test] "BAD_MASK"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test7
test "modify-principal 8"
proc test8 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_MKVNO}
} $test] "BAD_MASK"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test8
test "modify-principal 9"
proc test9 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_AUX_ATTRIBUTES}
} $test] "BAD_MASK"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test9
test "modify-principal 10"
proc test10 {} {
global test
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test] "UNK_PRINC"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test10
test "modify-principal 11"
proc test11 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test] "AUTH_MOD"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
if { $RPC } { test11 }
test "modify-principal 12"
proc test12 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test] "AUTH_MOD"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
if { $RPC } { test12 }
test "modify-principal 13"
proc test13 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test] "AUTH_MOD"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
if { $RPC } { test13 }
test "modify-principal 14"
proc test14 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test] "AUTH_MOD"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
if { $RPC } { test14 }
test "modify-principal 15"
proc test15 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_succeed_test [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test]
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test15
test "modify-principal 17"
proc test17 {} {
global test
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test [format {
ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
no-policy] {OVSEC_KADM_POLICY}
} $test] "UNK_POLICY"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test17
test "modify-principal 18"
proc test18 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if { !( [create_principal "$test/a"])} {
error_and_restart "$test: could not create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
perror "$test: unexpected failure on get policy"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
test-pol] {OVSEC_KADM_POLICY}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 10\n"
expect {
-re "test-pol\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
send "lindex \$p1 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
perror "$test: unexpected failure on get policy"
return
}
send "lindex \$p2 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { [expr "$oldref + 1"] != $newref } {
fail "$test: policy reference count is wrong"
return;
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test18
test "modify-principal 19"
proc test19 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if { !( [create_principal "$test/a"])} {
error_and_restart "$test: could not create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
perror "$test: unexpected failure on get policy"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
test-pol] {OVSEC_KADM_POLICY}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 10\n"
expect {
-re "test-pol\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
send "lindex \$p1 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
perror "$test: unexpected failure on get policy"
return
}
send "lindex \$p2 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { [expr "$oldref + 1"] != $newref } {
fail "$test: policy reference count is wrong"
return;
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test19
test "modify-principal 20"
proc test20 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if { !( [create_principal_pol "$test/a" "test-pol"])} {
error_and_restart "$test: could not create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} {
perror "$test: unexpected failure on get policy"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_POLICY_CLR}
} $test]]} {
perror "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 10\n"
expect {
-re "test-pol\n$prompt$" { fail "$test" }
timeout { pass "$test" }
}
send "lindex \$p1 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} {
perror "$test: unexpected failure on get policy"
return
}
send "lindex \$p2 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { [expr "$oldref - 1"] != $newref } {
fail "$test: policy reference count is wrong"
return;
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test20
test "modify-principal 21"
proc test21 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if { !( [create_principal_pol "$test/a" "test-pol"])} {
error_and_restart "$test: could not create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} {
perror "$test: unexpected failure on get policy"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw old_p2}]} {
perror "$test: unexpected failure on get policy"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
test-pol-nopw] {OVSEC_KADM_POLICY}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$old_p1 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
send "lindex \$old_p2 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set old_p2_ref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} {
perror "$test: unexpected failure on get policy"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw new_p2}]} {
perror "$test: unexpected failure on get policy"
return
}
send "lindex \$new_p1 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
send "lindex \$new_p2 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set new_p2_ref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { [expr "$old_p1_ref - 1"] != $new_p1_ref } {
fail "$test: policy reference count is wrong"
return;
}
if { [expr "$old_p2_ref + 1"] != $new_p2_ref } {
fail "$test: policy reference count is wrong"
return;
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test21
test "modify-principal 21.5"
proc test21.5 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if { !( [create_principal_pol "$test/a" "test-pol"])} {
error_and_restart "$test: could not create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} {
perror "$test: unexpected failure on get policy"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
test-pol] {OVSEC_KADM_POLICY}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$old_p1 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} {
perror "$test: unexpected failure on get policy"
return
}
send "lindex \$new_p1 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if {$old_p1_ref != $new_p1_ref} {
fail "$test: policy reference count changed ($old_p1_ref to $new_p1_ref)"
return
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test21.5
test "modify-principal 22"
proc test22 {} {
global test
global prompt
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PW_EXPIRATION}
} $test]]} {
fail "$test: modifiy failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 3\n"
expect {
-re "0\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test22
test "modify-principal 23"
proc test23 {} {
global test
global prompt
if {! (( [principal_exists "$test/a"]) ||
[create_principal_pol "$test/a" test-pol-nopw])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PW_EXPIRATION}
} $test]]} {
fail "$test: modifiy failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 3\n"
expect {
-re "0\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test23
test "modify-principal 24"
proc test24 {} {
global test
global prompt
if {! (( [principal_exists "$test/a"]) ||
[create_principal_pol "$test/a" "test-pol" ])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
error_and_restart "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PW_EXPIRATION}
} $test]]} {
fail "$test: could not modify principal"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
if { ! [cmd [format {
ovsec_kadm_get_policy $server_handle %s policy
} test-pol]]} {
error_and_restart "$test: cannot retrieve policy"
return
}
send "lindex \$principal 2\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting mod_date"
return
}
eof {
error_and_restart "$test: eof getting pw_mod_date"
return
}
}
send "lindex \$principal 3\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting pw_expire"
return
}
eof {
error_and_restart "$test: eof getting pw_expire"
return
}
}
send "lindex \$policy 2\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting pw_max_life"
return
}
eof {
error_and_restart "$test: eof getting pw_max_life"
return
}
}
if { $pw_expire != 0 } {
fail "$test: pw_expire $pw_expire should be 0"
return
} else {
pass "$test"
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test24
test "modify-principal 25"
proc test25 {} {
global test
global prompt
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 3\n"
expect {
-re "1234\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test25
test "modify-principal 26"
proc test26 {} {
global test
global prompt
if {! (( [principal_exists "$test/a"]) ||
[create_principal_pol "$test/a" "test-pol-nopw" ])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 3\n"
expect {
-re "1234\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test26
test "modify-principal 27"
proc test27 {} {
global test
global prompt
if {! (( [principal_exists "$test/a"]) ||
[create_principal_pol "$test/a" "test-pol" ])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 3\n"
expect {
-re "1234\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test27
test "modify-principal 28"
proc test28 {} {
global test
global prompt
# set prms_id 1358
# setup_xfail {*-*-*} $prms_id
if {! (( [principal_exists "$test/a"]) ||
[create_principal_pol "$test/a" "test-pol" ])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 999999999 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
error_and_restart "$test: cannot retrieve policy"
return
}
send "lindex \$principal 2\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting pw_mod_date"
return
}
eof {
error_and_restart "$test: eof getting pw_mod_date"
return
}
}
send "lindex \$principal 3\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting pw_expire"
return
}
eof {
error_and_restart "$test: eof getting pw_expire"
return
}
}
send "lindex \$policy 2\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting pw_max_life"
return
}
eof {
error_and_restart "$test: eof getting pw_max_life"
return
}
}
if { $pw_expire != 999999999 } {
fail "$test: pw_expire $pw_expire should be 999999999"
return
}
pass "$test"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test28
test "modify-principal 29"
proc test29 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if { ! ([create_principal_pol "$test/a" test-pol])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_POLICY_CLR}
} $test]]} {
fail "$test: modifiy failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 3\n"
expect {
-re "0\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test29
test "modify-principal 30"
proc test30 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal_pol "$test/a" test-pol])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
test-pol-nopw] {OVSEC_KADM_POLICY}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 3\n"
expect {
-re "0\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test30
test "modify-principal 31"
proc test31 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
test-pol] {OVSEC_KADM_POLICY}
} $test]]} {
fail "modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} {
error_and_restart "$test: cannot retrieve policy"
return
}
send "lindex \$principal 2\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting pw_mod_date"
return
}
eof {
error_and_restart "$test: eof getting pw_mod_date"
return
}
}
send "lindex \$principal 3\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting pw_expire"
return
}
eof {
error_and_restart "$test: eof getting pw_expire"
return
}
}
send "lindex \$policy 2\n"
expect {
-re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting pw_max_life"
return
}
eof {
error_and_restart "$test: eof getting pw_max_life"
return
}
}
if { [expr "$pw_mod_date + $pw_max_life"] != $pw_expire } {
fail "$test: pw_expire is wrong"
return
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test31
test "modify-principal 32"
proc test32 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 1234 0 0 0 0 0 0 0 0 0 0} \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 1\n"
expect {
-re "1234\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test32
test "modify-principal 33"
proc test33 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_ALL_TIX 0 0 0 0} \
{OVSEC_KADM_ATTRIBUTES}
} $test]]} {
fail "$test: modified fail"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 7\n"
expect {
-re "KRB5_KDB_DISALLOW_ALL_TIX.*$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test33
test "modify-principal 33.25"
proc test3325 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 0 0 0 0 KRB5_KDB_REQUIRES_PWCHANGE 0 0 0 0} \
{OVSEC_KADM_ATTRIBUTES}
} $test]]} {
fail "$test: modified fail"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 7\n"
expect {
-re "KRB5_KDB_REQUIRES_PWCHANGE.*$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test3325
test "modify-principal 33.5"
proc test335 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_TGT_BASED 0 0 0 0} \
{OVSEC_KADM_ATTRIBUTES}
} $test]]} {
fail "$test: modified fail"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 7\n"
expect {
-re "KRB5_KDB_DISALLOW_TGT_BASED.*$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test335
test "modify-principal 34"
proc test34 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 0 3456 0 0 0 0 0 0 0} {OVSEC_KADM_MAX_LIFE}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 4\n"
expect {
-re "3456\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test34
test "modify-principal 35"
proc test35 {} {
global prompt
global test
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd [format {
ovsec_kadm_modify_principal $server_handle \
{"%s/a" 0 0 0 0 0 0 0 7 0 0 0} {OVSEC_KADM_KVNO}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 8\n"
expect {
-re "7\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test35
test "modify-principal 36"
proc test36 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if { !( [create_principal_pol "$test/a" "test-pol"])} {
error_and_restart "$test: could not create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol}]} {
perror "$test: unexpected failure on get policy"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \
test-pol] {OVSEC_KADM_POLICY}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 10\n"
expect {
-re "test-pol\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
send "lindex \$pol 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol2}]} {
perror "$test: unexpected failure on get policy"
return
}
send "lindex \$pol2 6\n"
expect {
-re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) }
timeout {
error_and_restart "$test: timeout getting principal kvno (second time)"
return
}
eof {
error_and_restart "$test: eof getting principal kvno (second time)"
return
}
}
if { $oldref != $newref } {
fail "$test: policy reference count is wrong"
return;
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test36
test "modify-principal 37"
proc test37 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if { !( [create_principal "$test/a"])} {
error_and_restart "$test: could not create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_POLICY_CLR}
} $test]]} {
fail "$test: modify failed"
return
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test37
test "modify-principal 38"
proc test38 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 1\n"
expect {
-re "0\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test38
test "modify-principal 39"
proc test39 {} {
global test
global prompt
if {! (( ! [principal_exists "$test/a"]) ||
[delete_principal "$test/a"])} {
error_and_restart "$test: couldn't delete principal \"$test/a\""
return
}
if {! ([create_principal "$test/a"])} {
perror "$test: unexpected failure in creating principal"
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
if {! [cmd [format {
ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \
{OVSEC_KADM_MAX_LIFE}
} $test]]} {
fail "$test: modify failed"
return
}
if {! [cmd [format {
ovsec_kadm_get_principal $server_handle "%s/a" principal
} $test]]} {
error_and_restart "$test: could not retrieve principal"
return
}
send "lindex \$principal 4\n"
expect {
-re "0\n$prompt$" { pass "$test" }
timeout { fail "$test" }
}
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test39
test "modify-principal 40"
proc test40 {} {
global test
global prompt
if {! (( [principal_exists "$test/a"]) ||
[create_principal "$test/a"])} {
error_and_restart "$test: couldn't create principal \"$test/a\""
return
}
if {! [cmd {
ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \
$OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \
server_handle
}]} {
perror "$test: unexpected failure in init"
return
}
one_line_fail_test {
ovsec_kadm_modify_principal $server_handle null \
{OVSEC_KADM_PRINC_EXPIRE_TIME}
} "EINVAL"
if { ! [cmd {ovsec_kadm_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
return
}
}
test40
test "modify-principal 43"
proc test43 {} {
global test
one_line_fail_test [format {
ovsec_kadm_modify_principal null [simple_principal \
"%s/a"] {OVSEC_KADM_PW_EXPIRATION}
} $test] "BAD_SERVER_HANDLE"
}
test43
return ""