krb5 commit: Replace gssrpc tests with a Python script

Greg Hudson ghudson at mit.edu
Mon Feb 17 20:35:17 EST 2020


https://github.com/krb5/krb5/commit/033fa6e14155e7623bec5099e486635e01d3ab03
commit 033fa6e14155e7623bec5099e486635e01d3ab03
Author: Greg Hudson <ghudson at mit.edu>
Date:   Sat Feb 15 20:34:23 2020 -0500

    Replace gssrpc tests with a Python script
    
    Replace the dejagnu RPC test framework with a short Python script to
    do the same tests as fullrun.exp and gsserr.exp.  Modify the server
    test program to facilitate use by k5test.py.
    
    expire.exp, together with a comment in the client test program, was
    designed to test a libdb2 btree bug via the gssrpc server-side
    authentication code.  That code was subsequently changed not to use
    libdb2, before it was merged into the main krb5 tree (in revision 1.23
    of svc_auth_gssapi.c, according to the changelog removed in commit
    2a43d772be1e45faa8e488d436b6e867371563fb).  Remove the comment and do
    not replace that test sequence.

 .gitignore                                   |    3 -
 src/configure.ac                             |    2 -
 src/lib/rpc/unit-test/Makefile.in            |   36 +----
 src/lib/rpc/unit-test/client.c               |   26 ---
 src/lib/rpc/unit-test/config/unix.exp        |  176 -------------------
 src/lib/rpc/unit-test/lib/helpers.exp        |  234 --------------------------
 src/lib/rpc/unit-test/rpc_test.0/expire.exp  |   49 ------
 src/lib/rpc/unit-test/rpc_test.0/fullrun.exp |   91 ----------
 src/lib/rpc/unit-test/rpc_test.0/gsserr.exp  |   30 ----
 src/lib/rpc/unit-test/server.c               |   13 +-
 src/lib/rpc/unit-test/t_rpc.py               |   29 ++++
 11 files changed, 41 insertions(+), 648 deletions(-)

diff --git a/.gitignore b/.gitignore
index ae1c262..a570a80 100644
--- a/.gitignore
+++ b/.gitignore
@@ -400,10 +400,7 @@ local.properties
 
 /src/lib/rpc/types.stamp
 
-/src/lib/rpc/unit-test/*.log
-/src/lib/rpc/unit-test/*.sum
 /src/lib/rpc/unit-test/client
-/src/lib/rpc/unit-test/dbg.log
 /src/lib/rpc/unit-test/server
 
 /src/man/*.sub
diff --git a/src/configure.ac b/src/configure.ac
index 234f428..9e62c4a 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -1098,8 +1098,6 @@ extern void endrpcent();],
 AC_MSG_RESULT($k5_cv_type_endrpcent)
 AC_DEFINE_UNQUOTED(ENDRPCENT_TYPE, $k5_cv_type_endrpcent, [Define as return type of endrpcent])
 K5_GEN_FILE(include/gssrpc/types.h:include/gssrpc/types.hin)
-PASS=tcp
-AC_SUBST(PASS)
 
 # for pkinit
 AC_ARG_ENABLE([pkinit],
diff --git a/src/lib/rpc/unit-test/Makefile.in b/src/lib/rpc/unit-test/Makefile.in
index 0b6e520..309ae2b 100644
--- a/src/lib/rpc/unit-test/Makefile.in
+++ b/src/lib/rpc/unit-test/Makefile.in
@@ -16,10 +16,6 @@ server: server.o rpc_test_svc.o $(GSSRPC_DEPLIBS) $(KRB5_BASE_DEPLIBS)
 
 client.o server.o: rpc_test.h
 
-runenv.exp: Makefile
-	$(RUN_SETUP); for i in $(RUN_VARS); do \
-		eval echo "set env\($$i\) \$$$$i"; done > runenv.exp
-
 # If rpc_test.h and rpc_test_*.c do not work on your system, you can
 # try using rpcgen by uncommenting these lines (be sure to uncomment
 # then in the generated not Makefile.in).
@@ -34,37 +30,9 @@ runenv.exp: Makefile
 # 	rm -f rpc_test.h rpc_test_clnt.c rpc_test_svc.c
 # 
 
-check unit-test: unit-test- at DO_TEST@
-
-unit-test-:
-	@echo "+++"
-	@echo "+++ WARNING: lib/rpc unit tests not run."
-	@echo "+++ Either tcl, runtest, or Perl is unavailable."
-	@echo "+++"
-	@echo 'Skipped rpc tests: runtest or Perl not found' >> $(SKIPTESTS)
-
-unit-test-ok: unit-test-body
-
-PASS=@PASS@
-unit-test-body: runenv.sh runenv.exp
-	$(RM) krb5cc_rpc_test_*
-	$(ENV_SETUP) $(VALGRIND) $(START_SERVERS)
-	RPC_TEST_KEYTAB=/tmp/rpc_test_keytab.$$$$ ; export RPC_TEST_KEYTAB ; \
-	trap "echo Failed, cleaning up... ; rm -f $$RPC_TEST_KEYTAB ; $(ENV_SETUP) $(STOP_SERVERS) ; trap '' 0 ; exit 1" 0 1 2 3 14 15 ; \
-	if $(ENV_SETUP) \
-		$(RUNTEST) SERVER=./server CLIENT=./client \
-		KINIT=$(BUILDTOP)/clients/kinit/kinit \
-		KDESTROY=$(BUILDTOP)/clients/kdestroy/kdestroy \
-		PRIOCNTL_HACK=@PRIOCNTL_HACK@ VALGRIND="$(VALGRIND)" \
-		PASS="$(PASS)" --tool rpc_test $(RUNTESTFLAGS) ; \
-	then \
-		echo Cleaning up... ; \
-		rm -f $$RPC_TEST_KEYTAB krb5cc_rpc_test_* ; \
-		$(ENV_SETUP) $(STOP_SERVERS) ; \
-		trap 0 ; exit 0 ; \
-	else exit 1 ; fi
+check-pytests:
+	$(RUNPYTEST) $(srcdir)/t_rpc.py $(PYTESTFLAGS)
 
 clean:
 	$(RM) server client
-	$(RM) dbg.log rpc_test.log rpc_test.sum runenv.exp
 
diff --git a/src/lib/rpc/unit-test/client.c b/src/lib/rpc/unit-test/client.c
index 5edde49..c9a812b 100644
--- a/src/lib/rpc/unit-test/client.c
+++ b/src/lib/rpc/unit-test/client.c
@@ -231,32 +231,6 @@ main(argc, argv)
      else
 	  gssrpc_xdr_free(xdr_wrapstring, echo_resp);
 
-     /*
-      * Test fix for secure-rpc/586, part 1: btree keys must be
-      * unique.  Create another context from the same credentials; it
-      * should have the same expiration time and will cause the server
-      * to abort if the clients are not differentiated.
-      *
-      * Test fix for secure-rpc/586, part 2: btree keys cannot be
-      * mutated in place.  To test this: a second client, *with a
-      * later expiration time*, must be run.  The second client should
-      * destroy itself *after* the first one; if the key-mutating bug
-      * is not fixed, the second client_data will be in the btree
-      * before the first, but its key will be larger; thus, when the
-      * first client calls AUTH_DESTROY, the server won't find it in
-      * the btree and call abort.
-      *
-      * For unknown reasons, running just a second client didn't
-      * tickle the bug; the btree code seemed to guess which node to
-      * look at first.  Running a total of three clients does ticket
-      * the bug.  Thus, the full test sequence looks like this:
-      *
-      * 	kinit -l 20m user && client server test at ddn 200
-      * 	sleep 1
-      * 	kini -l 30m user && client server test at ddn 300
-      * 	sleep 1
-      * 	kinit -l 40m user && client server test at ddn 400
-      */
      if (! auth_once) {
 	  tmp_auth = clnt->cl_auth;
 	  clnt->cl_auth = auth_gssapi_create_default(clnt, target);
diff --git a/src/lib/rpc/unit-test/config/unix.exp b/src/lib/rpc/unit-test/config/unix.exp
deleted file mode 100644
index 18da62b..0000000
--- a/src/lib/rpc/unit-test/config/unix.exp
+++ /dev/null
@@ -1,176 +0,0 @@
-#
-# $Id$
-#
-
-source runenv.exp
-
-set kill /bin/kill
-set sleep /bin/sleep
-set kinit $KINIT
-set kdestroy $KDESTROY
-
-set hostname [exec hostname]
-
-# Hack around Solaris 9 kernel race condition that causes last output
-# from a pty to get dropped.
-if { $PRIOCNTL_HACK } {
-    catch {exec priocntl -s -c FX -m 30 -p 30 -i pid [getpid]}
-    rename spawn oldspawn
-    proc spawn { args } {
-	upvar 1 spawn_id spawn_id
-	set newargs {}
-	set inflags 1
-	set eatnext 0
-	foreach arg $args {
-	    if { $arg == "-ignore" \
-		     || $arg == "-open" \
-		     || $arg == "-leaveopen" } {
-		lappend newargs $arg
-		set eatnext 1
-		continue
-	    }
-	    if [string match "-*" $arg] {
-		lappend newargs $arg
-		continue
-	    }
-	    if { $eatnext } {
-		set eatnext 0
-		lappend newargs $arg
-		continue
-	    }
-	    if { $inflags } {
-		set inflags 0
-		set newargs [concat $newargs {priocntl -e -c FX -p 0}]
-	    }
-	    lappend newargs $arg
-	}
-	set pid [eval oldspawn $newargs]
-	return $pid
-    }
-}
-
-if { [string length $VALGRIND] } {
-    rename spawn valgrind_aux_spawn
-    proc spawn { args } {
-	global VALGRIND
-	upvar 1 spawn_id spawn_id
-	set newargs {}
-	set inflags 1
-	set eatnext 0
-	foreach arg $args {
-	    if { $arg == "-ignore" \
-		     || $arg == "-open" \
-		     || $arg == "-leaveopen" } {
-		lappend newargs $arg
-		set eatnext 1
-		continue
-	    }
-	    if [string match "-*" $arg] {
-		lappend newargs $arg
-		continue
-	    }
-	    if { $eatnext } {
-		set eatnext 0
-		lappend newargs $arg
-		continue
-	    }
-	    if { $inflags } {
-		set inflags 0
-		# Only run valgrind for local programs, not
-		# system ones.
-#&&![string match "/bin/sh" $arg] sh is used to start kadmind!
-		if [string match "/" [string index $arg 0]]&&![string match "/bin/ls" $arg]&&![regexp {/kshd$} $arg] {
-		    set newargs [concat $newargs $VALGRIND]
-		} elseif [string match "." [string index $arg 0]] {
-		    set newargs [concat $newargs $VALGRIND]
-		}
-	    }
-	    lappend newargs $arg
-	}
-	set pid [eval valgrind_aux_spawn $newargs]
-	return $pid
-    }
-}
-
-# this will initialize the database and keytab
-load_lib "helpers.exp"
-
-proc rpc_test_version {} {
-	global CLIENT
-	global SERVER
-
-	clone_output "$CLIENT version <unknown>"
-	clone_output "$SERVER version <unknown>"
-}
-
-proc rpc_test_load {} {
-	#
-}
-
-# rpc_test_exit -- clean up and exit
-proc rpc_test_exit {} {
-	global server_id
-	global server_pid
-	global server_started
-	global kill
-
- 	if {[catch {
-		expect {
-			-i $server_id
-			eof { 
-				fail "server exited!"
-				verbose $expect_out(buffer) 1
-			}
-			timeout { pass "server survived" }
-		}
-	} tmp]} {
-		fail "server exited! (expect failed)"
-	}
-}
-
-#
-# rpc_test_start -- start the rpc_test server running
-#
-proc rpc_test_start { } {
- 	global SERVER PROT
-	global server_id
-	global server_pid
-	global server_started
-	global server_port
-	global env
-
-	if [info exists server_pid] { rpc_test_exit }
-
-	set env(KRB5_KTNAME) FILE:$env(RPC_TEST_KEYTAB)
-
- 	verbose "% $SERVER" 1
-	set server_pid [spawn $SERVER $PROT]
-	set server_id $spawn_id
-        set server_started 1
-	set server_port -1
-
-	unset env(KRB5_KTNAME)
-
-	set timeout 30
-
-	expect {
-		-re "port: (\[0-9\]*)\r\n" {
-			set server_port $expect_out(1,string)
-		}
-		"running" { }
-		eof { 
-			send_error "server exited!"
-			verbose $expect_out(buffer) 1
-		}
-		timeout { 
-			send_error "server didn't start in $timeout seconds"
-			verbose $expect_out(buffer) 1
-		}
-	}
-
-}
-
-set MULTIPASS {
-    {tcp PROT=-t dummy=[rpc_test_start]}
-    {udp PROT=-u dummy=[rpc_test_start]}
-}
diff --git a/src/lib/rpc/unit-test/lib/helpers.exp b/src/lib/rpc/unit-test/lib/helpers.exp
deleted file mode 100644
index eb2797c..0000000
--- a/src/lib/rpc/unit-test/lib/helpers.exp
+++ /dev/null
@@ -1,234 +0,0 @@
-if {[info commands exp_version] != {}} {
-	set exp_version_4 [regexp {^4} [exp_version]]
-} else {
-	set exp_version_4 [regexp {^4} [expect_version]]
-}
-
-# Backward compatibility until we're using expect 5 everywhere
-if {$exp_version_4} {
-	global wait_error_index wait_errno_index wait_status_index
-	set wait_error_index 0
-	set wait_errno_index 1
-	set wait_status_index 1
-} else {
-	set wait_error_index 2
-	set wait_errno_index 3
-	set wait_status_index 3
-}
-				
-proc set_from_env {varname default_value} {
-    global env
-    upvar $varname v
-
-    if [info exists env($varname)] {
-	set v $env($varname)
-    } else {
-	set v $default_value
-    }
-}
-proc expect_tcl_prompt {} {
-    global kadmin_tcl_spawn_id
-    expect {
-	-i $kadmin_tcl_spawn_id
-	-re "^% $" { }
-	-re . { perror "unexpected output {$expect_out(buffer)} from subprocess, expecting tcl prompt" }
-	timeout { perror "timeout waiting for tcl prompt" }
-	eof { perror "eof from subprocess when expecting tcl prompt" }
-    }
-}
-proc send_tcl_cmd_await_echo {cmd} {
-    global kadmin_tcl_spawn_id
-    send -i $kadmin_tcl_spawn_id "$cmd\n"
-    expect {
-	-i $kadmin_tcl_spawn_id
-	-ex "$cmd\r\n" { }
-	timeout { perror "timeout waiting for tcl subprocess to echo input" }
-	eof { perror "eof waiting for tcl subprocess to echo input" }
-    }
-}
-proc expect_kadm_ok {} {
-    global kadmin_tcl_spawn_id
-    expect {
-	-i $kadmin_tcl_spawn_id
-	-re "^OK KADM5_OK \[^\n\]*\n" {}
-	-re "^ERROR \[^\n\]*\n" { perror "kadmin tcl subprocess reported unexpected error" }
-	-re "^marshall_new_creds: \[^\n\]*\n" { exp_continue }
-	-re "^gssapi_\[^\n\]*\n" { exp_continue }
-	-re "^\r?\n" { exp_continue }
-	eof	{ perror "kadmin tcl subprocess died" }
-	default { perror "didn't get ok back" }
-    }
-}
-proc setup_database {} {
-    global env spawn_id kadmin_tcl_spawn_id TESTDIR CANON_HOST
-
-    # XXXXX
-    set_from_env TOP {/x/x/x/x/x}
-    send_user "TOP=$TOP\n"
-
-    set_from_env TESTDIR $env(TOP)/testing
-    set_from_env CLNTTCL $TESTDIR/util/kadm5_clnt_tcl
-    set_from_env TCLUTIL $TESTDIR/tcl/util.t
-    set env(TCLUTIL) $TCLUTIL
-    set env(PATH) "$TOP/install/admin:$env(PATH)"
-
-    # $VERBOSE ?
-
-    if [info exists spawn_id] { set x $spawn_id }
-    spawn $CLNTTCL
-    set kadmin_tcl_spawn_id $spawn_id
-    if [info exists x] { set spawn_id $x }
-
-    expect_tcl_prompt
-    # tcl 8.4 for some reason screws up autodetection of output EOL
-    # translation.  Work around it for now.
-    send_tcl_cmd_await_echo "if { \[info commands fconfigure\] != \"\" } { fconfigure stdout -translation lf }"
-    expect_tcl_prompt
-    send_tcl_cmd_await_echo "source {$TCLUTIL}"
-    expect_tcl_prompt
-    send_tcl_cmd_await_echo "set h {$CANON_HOST}"
-    expect {
-	-ex "$CANON_HOST\r\n" { }
-	timeout { perror "timeout waiting for subprocess" }
-	eof { perror "eof from subprocess" }
-    }
-    expect_tcl_prompt
-
-    send_tcl_cmd_await_echo {kadm5_init admin admin $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 server_handle}
-    expect_kadm_ok
-    expect "^% "
-    send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal server/$h] {KADM5_PRINCIPAL} admin}
-    expect_kadm_ok
-    expect "^% "
-    send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle server/$h key null}
-    expect_kadm_ok
-    expect "^% "
-    send_tcl_cmd_await_echo {kadm5_create_principal $server_handle [simple_principal notserver/$h] {KADM5_PRINCIPAL} admin}
-    expect_kadm_ok
-    expect "^% "
-    send_tcl_cmd_await_echo {kadm5_randkey_principal $server_handle notserver/$h key null}
-    expect_kadm_ok
-    expect "^% "
-    send_tcl_cmd_await_echo {kadm5_destroy $server_handle}
-    expect_kadm_ok
-    expect "^% "
-    wait -nowait -i $spawn_id
-    close -i $spawn_id
-}
-
-if ![info exists CANON_HOST] {
-    set CANON_HOST $env(QUALNAME)
-    setup_database
-    file delete $env(RPC_TEST_KEYTAB)
-    exec $env(TOP)/cli/kadmin -p admin -w admin ktadd -k $env(RPC_TEST_KEYTAB) server/$CANON_HOST
-}
-
-
-proc kinit {princ pass lifetime} {
-	global kinit
-	global wait_error_index wait_errno_index wait_status_index
-
-	spawn -noecho $kinit -5 -l $lifetime $princ
-	expect {
-		-re "Password for $princ.*: " { send "$pass\n"; expect eof }
-		timeout { perror "Timeout waiting for kinit"; close }
-		eof
-	}
-
-	set ret [wait]
-	if {[lindex $ret $wait_error_index] == -1} {
-	 	perror \
-	    "wait(kinit $princ) returned error [lindex $ret $wait_errno_index]"
-	} else {
-		if {[lindex $ret $wait_status_index] != 0} {
-			perror \
-		    "kinit $princ failed with [lindex $ret $wait_status_index]"
-		}
-	}
-}
-
-proc flush_server {} {
-	global server_id
-	global expect_out
-
-	verbose "flushing server output" 1
-
-	while {1} {
-		set timeout 5
-
-		expect {
-			-i $server_id
-			-re "^.+$" {
-			    verbose "server output: $expect_out(buffer)"
-			}
-			timeout { break }
-		}
-	}
-}
-
-proc start_client {testname ccname user password lifetime count
-		  {target ""}} {
-	global env CLIENT PROT hostname server_port spawn_id verbose
-
-	if {$target == ""} {
-		set target "server@$hostname"
-	}
-
-	set env(KRB5CCNAME) FILE:[pwd]/krb5cc_rpc_test_$ccname
-	kinit $user $password $lifetime
-
-	if {$verbose > 0} {
-		spawn $CLIENT -a 1 -s 1 -m 1 $PROT $hostname $server_port $target $count
-	} else {
-		spawn $CLIENT $PROT $hostname $server_port $target $count
-	}
-
-	verbose "$testname: client $ccname started"
-
-	unset env(KRB5CCNAME)
-}
-
-proc eof_client {testname ccname id status} {
-	verbose "$testname: eof'ing for client $ccname" 1
-
-	expect {
-		-i $id
-		-re "^marshall_new_creds\[^\n\]*\n" { exp_continue }
-		-re "^gssapi_\[^\n\]*\n" { exp_continue }
-		-re "^\r?\n" { exp_continue }
-		eof { verbose $expect_out(buffer) 1 }
-		timeout { 
-			fail "$testname: timeout waiting for client $ccname to exit"
-		}
-	}
-	wait_client $testname $ccname $id $status
-}
-
-
-proc wait_client {testname ccname id status} {
-	global env
-	global kill
-	global kdestroy
-	global wait_error_index wait_errno_index wait_status_index
-
-	verbose "$testname: waiting for client $ccname" 1
-
-	set ret [wait -i $id]
-	if {[lindex $ret $wait_error_index] == -1} {
-		fail \
-       "$testname: wait $ccname returned error [lindex $ret $wait_errno_index]"
-	} else {
-		if {[lindex $ret $wait_status_index] == $status} {
-			pass "$testname: client $ccname"
-		} else {
-			fail "$testname: client $ccname: unexpected return status [lindex $ret $wait_status_index], should be $status."
-		}
-	}
-
-	set env(KRB5CCNAME) FILE:[pwd]/krb5cc_rpc_test_$ccname
- 	if {[catch "exec $kdestroy -5"] != 0} {
- 		perror "$testname: cannot destroy client $ccname ccache"
- 	}
-
-	unset env(KRB5CCNAME)
-}
diff --git a/src/lib/rpc/unit-test/rpc_test.0/expire.exp b/src/lib/rpc/unit-test/rpc_test.0/expire.exp
deleted file mode 100644
index e19cca0..0000000
--- a/src/lib/rpc/unit-test/rpc_test.0/expire.exp
+++ /dev/null
@@ -1,49 +0,0 @@
-set timeout 40
-
-load_lib "helpers.exp"
-
-global server_started
-
-proc expired {} {
-    global spawn_id server_id
-
-    start_client expired expired testuser notathena -1m 100
-    eof_client expired expired $spawn_id 2
-
-    expect {
-	-i $server_id
-	-re "rpc_test server: Authen.*failed:.*credential.*expired" { pass "expired" }
-	timeout { fail "expired: timeout waiting for expired creds error" }
-    }
-
-    flush_server
-}
-
-# This test doesn't work after #6948, because the client won't try to
-# authenticate using an expired TGT.
-#if { $server_started } {expired }
-
-proc overlap {} {
-    global spawn_id
-
-    start_client expire 1 testuser notathena 20m 100
-    set client1_id $spawn_id
-    flush_server
-    
-    start_client expire 2 testuser notathena 40m 300
-    set client2_id $spawn_id
-    flush_server
-    
-    start_client expire 3 testuser notathena 60m 500
-    set client3_id $spawn_id
-    flush_server
-    
-    eof_client expire 1 $client1_id 0
-    eof_client expire 2 $client2_id 0
-    eof_client expire 3 $client3_id 0
-
-    flush_server
-}
-if { $server_started } {overlap} 
-
-
diff --git a/src/lib/rpc/unit-test/rpc_test.0/fullrun.exp b/src/lib/rpc/unit-test/rpc_test.0/fullrun.exp
deleted file mode 100644
index 73083de..0000000
--- a/src/lib/rpc/unit-test/rpc_test.0/fullrun.exp
+++ /dev/null
@@ -1,91 +0,0 @@
-set timeout 120
-
-load_lib "helpers.exp"
-
-global spawn_id
-global server_id
-global server_started
-
-if { !$server_started } {return} 
-
-# Start the client and do a full run
-start_client "full run" fullrun testuser notathena 8h 1026
-set client_id $spawn_id
-
-#
-# test: did we get 11 dots?
-#
-verbose "Starting RPC echo test.  This will take about 50 seconds.\n"
-
-set ver_line "rpc_test server: bad verifier\[^\r\n\]*\[\r\n]+"
-
-set dots 0
-set server_lines 0
-while {1} {
-	expect {
-		-i $server_id
-		-re $ver_line {
-			verbose "Got line from server."
-			incr server_lines
-		}
-		default {
-			exp_continue
-		}
-
-		-i $client_id
-		. { 
-			incr dots
-			verbose "$expect_out(buffer)" 1
-			if ($dots==11) { break }
-		}
-		eof {
-			#
-			# test: was the exit status right?
-			#
-			wait_client "full run" fullrun $client_id 0
-			break
-		}
-
-		timeout { 
-			verbose "Timeout waiting for dot\n" 1
-			fail "full run: timeout waiting for dot"
-			break
-		}
-	}
-}
-if {$dots==11} {
-	pass "fullrun: echo test"
-} else {
-	fail "fullrun: echo test: expected 11 dots, got $dots"
-}
-
-#
-# test: server logged four bad verifiers?
-#
-verbose "full run: checking server output"
-
-# Small timeout, since the server should have already printed everything
-set timeout 5
-
-while {$server_lines < 4} {
-	expect {
-		-i $server_id
-		-re $ver_line {
-			incr server_lines
-		}
-		-re ".+\r\n" {
-			verbose "Unexpected server output: $expect_out(buffer)"
-		}
-		default {
-			break
-		}
-	}
-}
-
-if {$server_lines == 4} {
-	pass "fullrun: bad verifiers"
-} else {
-	fail "fullrun: expected four bad verifiers, got $server_lines"
-}
-
-flush_server
diff --git a/src/lib/rpc/unit-test/rpc_test.0/gsserr.exp b/src/lib/rpc/unit-test/rpc_test.0/gsserr.exp
deleted file mode 100644
index 0059719..0000000
--- a/src/lib/rpc/unit-test/rpc_test.0/gsserr.exp
+++ /dev/null
@@ -1,30 +0,0 @@
-set timeout 30
-
-load_lib "helpers.exp"
-
-global spawn_id
-global server_id
-global server_started
-global hostname
-
-if { !$server_started } {return} 
-
-start_client "gss err" gsserr testuser notathena 8h 1026 notserver@$hostname
-
-eof_client "gss err" gsserr $spawn_id 2
-
-#
-# test: server logged an authentication attempted failed?
-#
-verbose "gss err: checking server output"
-
-expect {
-	-i $server_id
-	-re "rpc_test server: Authent.*failed: .* not found in keytab" {
-	    pass "gss err: server logged auth error"
-	}
-	eof { fail "gss err: server exited" }
-	timeout { fail "gss err: timeout waiting for server output" }
-}
-
-flush_server
diff --git a/src/lib/rpc/unit-test/server.c b/src/lib/rpc/unit-test/server.c
index 13e99bb..c3bbcbf 100644
--- a/src/lib/rpc/unit-test/server.c
+++ b/src/lib/rpc/unit-test/server.c
@@ -37,7 +37,7 @@ static void rpc_test_badverf(gss_name_t client, gss_name_t server,
 			     caddr_t data);
 
 #ifndef SERVICE_NAME
-#define SERVICE_NAME "server"
+#define SERVICE_NAME "host"
 #endif
 
 static void usage()
@@ -120,7 +120,6 @@ main(int argc, char **argv)
 		  prot == IPPROTO_TCP ? "tcp" : "udp");
 	  exit(1);
      }
-     printf("port: %d\n", (int)transp->xp_port);
 
      if (svcauth_gssapi_set_names(names, 0) == FALSE) {
 	  fprintf(stderr, "unable to set gssapi names\n");
@@ -144,6 +143,8 @@ main(int argc, char **argv)
      signal(SIGTERM, handlesig);
 #endif
      printf("running\n");
+     printf("port: %d\n", (int)transp->xp_port);
+     fflush(stdout);
 
      svc_run();
      fprintf(stderr, "svc_run returned");
@@ -177,6 +178,7 @@ static void rpc_test_badverf(gss_name_t client, gss_name_t server,
 	    inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr),
 	    ntohs(rqst->rq_xprt->xp_raddr.sin_port),
 	    (int) server_name.length, (char *) server_name.value);
+     fflush(stdout);
 
      (void) gss_release_buffer(&minor_stat, &client_name);
      (void) gss_release_buffer(&minor_stat, &server_name);
@@ -211,6 +213,7 @@ void rpc_test_badauth(OM_uint32 major, OM_uint32 minor,
      printf("rpc_test server: Authentication attempt failed: %s", a);
      log_badauth_display_status(major, minor);
      printf("\n");
+     fflush(stdout);
 }
 
 void log_miscerr(struct svc_req *rqst, struct rpc_msg *msg,
@@ -220,6 +223,7 @@ void log_miscerr(struct svc_req *rqst, struct rpc_msg *msg,
 
      a = inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr);
      printf("Miscellaneous RPC error: %s, %s\n", a, error);
+     fflush(stdout);
 }
 
 void log_badauth_display_status(OM_uint32 major, OM_uint32 minor)
@@ -243,10 +247,12 @@ void log_badauth_display_status_1(OM_uint32 code, int type, int rec)
 		    log_badauth_display_status_1(gssstat,GSS_C_GSS_CODE,1);
 		    log_badauth_display_status_1(minor_stat,
 						 GSS_C_MECH_CODE, 1);
-	       } else
+	       } else {
 		    printf("GSS-API authentication error %.*s: "
 			   "recursive failure!\n", (int) msg.length,
 			   (char *)msg.value);
+	       }
+	       fflush(stdout);
 	       return;
 	  }
 
@@ -256,4 +262,5 @@ void log_badauth_display_status_1(OM_uint32 code, int type, int rec)
 	  if (!msg_ctx)
 	       break;
      }
+     fflush(stdout);
 }
diff --git a/src/lib/rpc/unit-test/t_rpc.py b/src/lib/rpc/unit-test/t_rpc.py
new file mode 100644
index 0000000..4e565d2
--- /dev/null
+++ b/src/lib/rpc/unit-test/t_rpc.py
@@ -0,0 +1,29 @@
+import re
+
+from k5test import *
+
+realm = K5Realm()
+
+server = realm.start_server(['./server', '-t'], 'running')
+line = server.stdout.readline()
+portstr = re.match(r'^port: (\d+)$', line).group(1)
+
+realm.run(['./client', '-t', hostname, portstr, 'host@' + hostname, '1026'],
+          expected_msg='...........')
+
+for i in range(4):
+    line = server.stdout.readline()
+    if 'rpc_test server: bad verifier from user at KRBTEST.COM at ' not in line:
+        fail('unexpected server message: ' + line)
+    output(line)
+
+realm.addprinc('nokey/' + hostname)
+
+realm.run(['./client', '-t', hostname, portstr, 'nokey@' + hostname, '1026'],
+          expected_code=2)
+
+line = server.stdout.readline()
+if 'rpc_test server: Authentication attempt failed: ' not in line:
+    fail('unexpected server message: ' + line)
+
+success('gssrpc auth_gssapi tests')


More information about the cvs-krb5 mailing list