Problems creating a Kerberos test (sw_gethostbyname?)

Andrew Bartlett abartlet at samba.org
Wed Feb 22 11:00:18 GMT 2006 

On Wed, 2006-02-15 at 09:25 +1100, Andrew Bartlett wrote:
> I'm having some particular difficulty creating an automated kerberos
> testsuite for Samba4.  The problem is, unlike NTLM, kerberos is very
> tied to names and the DNS system.  In particular, things we want to test
> (in particular DNS-based kdc lookup) are in DNS, and the names of hosts
> we want to contact are DNS names.
> 
> For the large part, I thought we could cludge around the problem:  We
> mostly do netbios lookups for our name->IP mappings.  However, this
> isn't exclusive, sometimes we just do gethostbyname().  Furthermore, the
> Heimdal DNS KDC lookup code does deep calls into the resolver library.
> 
> To test this area properly, I really need to direct all host lookups to
> an 'internal' DNS, pointed at the zone file provision generates.  
> 
> I can't use the name 'localhost', because that name is meaningless in
> kerberos.  I need to use a 'real' name.  Proper testing would use both
> long and short forms of the name.

Looking at the socket_wrapper solution to this issue, I have run into a
problem:  We currently like 'make test' to work on production binaries,
provided we can bind to low ports.

Is this requirement worth the restrictions it imposes?  Currently, it
causes problems in the WINS tests (because the situation is rather
unreal, with 127.0.0.1), and for Kerboros, it means I can't rely on
gethostbyname() being overridden by socket_wrapper().

Raising again the idea of LD_PRELOAD hacks, would it work to have 'make
test' depend *either* on LD_PRELOAD or on Samba having been compiled
with socketwrapper?

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060222/922046de/attachment.bin

More information about the samba-technical mailing list