krb5 commit [krb5-1.13]: Fix LDAP tests when sasl.h not found

Tom Yu tlyu at mit.edu
Tue Dec 16 14:25:56 EST 2014 

https://github.com/krb5/krb5/commit/1defbee489c261546eedafe92302bf41ba04003c
commit 1defbee489c261546eedafe92302bf41ba04003c
Author: Greg Hudson <ghudson at mit.edu>
Date:   Mon Dec 8 15:30:25 2014 -0500

    Fix LDAP tests when sasl.h not found
    
    Do not try to run the SASL EXTERNAL auth test if we could not define a
    useful interact function.  With current libraries the interact
    function is asked for an authorization name, and the bind fails if it
    gets an unsuccessful result or if no interaction function is defined.
    
    (cherry picked from commit 8466003864b294cdb9e5547c2f8e574d2c156b13)
    
    ticket: 8049
    version_fixed: 1.13.1
    status: resolved

 src/tests/t_kdb.py |   19 +++++++++----------
 1 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/src/tests/t_kdb.py b/src/tests/t_kdb.py
index b310ccf..83271c5 100644
--- a/src/tests/t_kdb.py
+++ b/src/tests/t_kdb.py
@@ -324,9 +324,16 @@ out = kldaputil(['list'])
 if out:
     fail('Unexpected kdb5_ldap_util list output after destroy')
 
+if not core_schema:
+    success('Warning: skipping some LDAP tests because core schema not found')
+    sys.exit(0)
+
+if runenv.have_sasl != 'yes':
+    success('Warning: skipping some LDAP tests because SASL support not built')
+    sys.exit(0)
+
 # Test SASL EXTERNAL auth.  Remove the DNs and service password file
-# from the DB module config.  EXTERNAL auth can work even if we didn't
-# build with the SASL header file, because no interaction is required.
+# from the DB module config.
 os.remove(ldap_pwfile)
 dbmod = conf['dbmodules']['ldap']
 dbmod['ldap_kdc_sasl_mech'] = dbmod['ldap_kadmind_sasl_mech'] = 'EXTERNAL'
@@ -340,14 +347,6 @@ realm.kinit(realm.user_princ, password('user'))
 realm.stop()
 realm.run([kdb5_ldap_util, 'destroy', '-f'])
 
-if not core_schema:
-    success('Warning: skipping some LDAP tests because core schema not found')
-    sys.exit(0)
-
-if runenv.have_sasl != 'yes':
-    success('Warning: skipping some LDAP tests because SASL support not built')
-    sys.exit(0)
-
 # Test SASL DIGEST-MD5 auth.  We need to set a clear-text password for
 # the admin DN, so create a person entry (requires the core schema).
 # Restore the service password file in the config and set authcids.

More information about the cvs-krb5 mailing list