upstream/oracle/userland-gate: components/krb5/patches/072-client-keytab-fix.patch@14cbeb78966a (annotated)

6456 d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	1	#
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	2	# Patch to fix the issue where the token expansion for the default client
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	3	# keytab path could fail and cause a core dump. Now the error is returned to
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	4	# krb5_kt_client_default() but in order for acquire_init_cred() to function
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	5	# properly it has to ignore the error returned by krb5_kt_client_default().
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	6	# This in turn means that a NULL value in the client_keytab field of a cred
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	7	# struct must be handled appropriately.
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	8	#
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	9	# I have submitted a pull request to MIT with these changes
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	10	# https://github.com/krb5/krb5/pull/487
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	11	# The final commit was
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	12	# https://github.com/krb5/krb5/commit/bd2c2a02e22c609b3c7e9f92d6634e151d14e478
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	13	#
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	14	# Patch source: in-house
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	15	#
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	16
6599 1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	17	--- a/src/include/k5-trace.h
1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	18	+++ b/src/include/k5-trace.h
1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	19	@@ -180,6 +180,9 @@ void krb5int_trace(krb5_context context, const char *fmt, ...);
6456 d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	20	#define TRACE_GIC_PWD_MASTER(c) \
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	21	TRACE(c, "Retrying AS request with master KDC")
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	22
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	23	+#define TRACE_GSS_CLIENT_KEYTAB_FAIL(c, ret) \
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	24	+ TRACE(c, "Unable to resolve default client keytab: {kerr}", ret)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	25	+
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	26	#define TRACE_ENCTYPE_LIST_UNKNOWN(c, profvar, name) \
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	27	TRACE(c, "Unrecognized enctype name in {str}: {str}", profvar, name)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	28
6599 1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	29	--- a/src/lib/gssapi/krb5/acquire_cred.c
1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	30	+++ b/src/lib/gssapi/krb5/acquire_cred.c
1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	31	@@ -348,6 +348,9 @@ can_get_initial_creds(krb5_context context, krb5_gss_cred_id_rec *cred)
6456 d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	32	if (cred->password != NULL)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	33	return TRUE;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	34
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	35	+ if (cred->client_keytab == NULL)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	36	+ return FALSE;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	37	+
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	38	/* If we don't know the client principal yet, check for any keytab keys. */
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	39	if (cred->name == NULL)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	40	return !krb5_kt_have_content(context, cred->client_keytab);
6599 1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	41	@@ -522,6 +525,10 @@ get_name_from_client_keytab(krb5_context context, krb5_gss_cred_id_rec *cred)
6456 d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	42	krb5_principal princ;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	43
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	44	assert(cred->name == NULL);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	45	+
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	46	+ if (cred->client_keytab == NULL)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	47	+ return KRB5_KT_NOTFOUND;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	48	+
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	49	code = k5_kt_get_principal(context, cred->client_keytab, &princ);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	50	if (code)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	51	return code;
6599 1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	52	@@ -601,9 +608,11 @@ get_initial_cred(krb5_context context, krb5_gss_cred_id_rec *cred)
6456 d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	53	code = krb5_get_init_creds_password(context, &creds, cred->name->princ,
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	54	cred->password, NULL, NULL, 0,
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	55	NULL, opt);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	56	- } else {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	57	+ } else if (cred->client_keytab != NULL) {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	58	code = krb5_get_init_creds_keytab(context, &creds, cred->name->princ,
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	59	cred->client_keytab, 0, NULL, opt);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	60	+ } else {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	61	+ code = KRB5_KT_NOTFOUND;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	62	}
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	63	if (code)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	64	goto cleanup;
6599 1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	65	@@ -680,10 +689,18 @@ acquire_init_cred(krb5_context context,
6456 d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	66	goto error;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	67	}
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	68
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	69	- if (client_keytab != NULL)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	70	+ if (client_keytab != NULL) {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	71	code = krb5_kt_dup(context, client_keytab, &cred->client_keytab);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	72	- else
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	73	+ } else {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	74	code = krb5_kt_client_default(context, &cred->client_keytab);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	75	+ if (code) {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	76	+ /* Treat resolution failure similarly to a client keytab which
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	77	+ * resolves but doesn't exist or has no content. */
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	78	+ TRACE_GSS_CLIENT_KEYTAB_FAIL(context, code);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	79	+ krb5_clear_error_message(context);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	80	+ code = 0;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	81	+ }
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	82	+ }
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	83	if (code)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	84	goto error;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	85
6599 1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	86	--- a/src/lib/gssapi/krb5/iakerb.c
1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	87	+++ b/src/lib/gssapi/krb5/iakerb.c
1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	88	@@ -454,9 +454,11 @@ iakerb_init_creds_ctx(iakerb_ctx_id_t ctx,
6456 d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	89	if (cred->password != NULL) {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	90	code = krb5_init_creds_set_password(ctx->k5c, ctx->icc,
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	91	cred->password);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	92	- } else {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	93	+ } else if (cred->client_keytab != NULL) {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	94	code = krb5_init_creds_set_keytab(ctx->k5c, ctx->icc,
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	95	cred->client_keytab);
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	96	+ } else {
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	97	+ code = KRB5_KT_NOTFOUND;
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	98	}
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	99	if (code != 0)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	100	goto cleanup;
6599 1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	101	--- a/src/tests/gssapi/t_client_keytab.py
1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	102	+++ b/src/tests/gssapi/t_client_keytab.py
1d033832c5e7 24377741 Update Userland krb5 to MIT 1.14.3 Shawn Emery <shawn.emery@oracle.com> parents: 6456 diff changeset	103	@@ -141,4 +141,14 @@ if 'No credentials cache found' not in out:
6456 d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	104	fail('Expected error not seen')
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	105	realm.run([kdestroy, '-A'])
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	106
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	107	+# Test 16: default client keytab cannot be resolved, but valid
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	108	+# credentials exist in ccache.
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	109	+conf = {'libdefaults': {'default_client_keytab_name': '%{'}}
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	110	+bad_cktname = realm.special_env('bad_cktname', False, krb5_conf=conf)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	111	+del bad_cktname['KRB5_CLIENT_KTNAME']
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	112	+realm.kinit(realm.user_princ, password('user'))
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	113	+out = realm.run(['./t_ccselect', phost], env=bad_cktname)
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	114	+if realm.user_princ not in out:
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	115	+ fail('Expected principal not seen for bad client keytab name')
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	116	+
d36228d1492b 24299872 libkrb5.so.3.3: k5_expand_path_tokens_extra causes krb5_kt_resolve to dump core Will Fiveash <will.fiveash@oracle.com> parents: diff changeset	117	success('Client keytab tests')

author	Neng Xue <neng.xue@oracle.com>
	Mon, 26 Sep 2016 15:58:55 -0700
changeset 6978	14cbeb78966a
parent 6599	1d033832c5e7
permissions	-rw-r--r--