[PATCH] Fix s4 auth test_kerberos with MIT kerberos
Justin Stephenson
jstephen at redhat.com
Fri Nov 9 16:41:35 UTC 2018
Thank you for the review, updated patch attached.
-Justin
On Fri, Nov 9, 2018 at 11:21 AM Alexander Bokovoy <ab at samba.org> wrote:
> On pe, 09 marras 2018, Justin Stephenson via samba-technical wrote:
> > Hello,
> >
> > This patches fixes the test_kerberos failure when building with MIT krb5
> > libraries, please review.
> >
> > My CI gitlab pipeline failed several times yesterday and failed after a
> > retry this morning, but I don't think it is due to this patch.
> >
> > https://gitlab.com/samba-team/devel/samba/pipelines/35906260
> >
> > Thank you,
> >
> > Justin Stephenson
> > Red Hat
>
> > From ddeaad999914e12694e61ec1339cf0ee23b14332 Mon Sep 17 00:00:00 2001
> > From: Justin Stephenson <jstephen at redhat.com>
> > Date: Thu, 8 Nov 2018 10:57:48 -0500
> > Subject: [PATCH] s4-auth-tests: Fix test_kerberos with MIT krb
> >
> > When a keytab of type MEMORY is used, the MIT kerberos
> krb5_kt_add_entry()
> > library function adds a keytab entry to the beginning of the keytab
> table,
> > instead of the end.
> >
> > This adds a MIT kerberos conditional to reverse iterate through
> > the keytable entries to address this.
> >
> > Signed-off-by: Justin Stephenson <jstephen at redhat.com>
> > ---
> > source4/auth/tests/kerberos.c | 15 +++++++++++++++
> > 1 file changed, 15 insertions(+)
> >
> > diff --git a/source4/auth/tests/kerberos.c
> b/source4/auth/tests/kerberos.c
> > index fcc8ac45f7e..3a98f18a915 100644
> > --- a/source4/auth/tests/kerberos.c
> > +++ b/source4/auth/tests/kerberos.c
> > @@ -51,6 +51,7 @@ static void internal_obsolete_keytab_test(int
> num_principals, int num_kvnos,
> >
> > code = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
> > assert_int_equal(code, 0);
> > +#ifdef SAMBA4_USES_HEIMDAL
> > for (i=0; i<num_principals; i++) {
> > expect_princ_name[4] = (char)i+48;
> > for (j=0; j<num_kvnos; j++) {
> > @@ -59,6 +60,16 @@ static void internal_obsolete_keytab_test(int
> num_principals, int num_kvnos,
> > &kt_entry, &cursor);
> > assert_int_equal(code, 0);
> > assert_int_equal(kt_entry.vno, j+1);
> > +#else /* MIT */
> Could you please add here a short comment as well? It would help
> avoiding to run git commands to understand why this part is
> conditionalized.
>
> Otherwise, RB+.
>
> > + for (i=num_principals-1; i>=0; i--) {
> > + expect_princ_name[4] = (char)i+48;
> > + for (j=num_kvnos; j>0; j--) {
> > + char *unparsed_name;
> > + code = krb5_kt_next_entry(krb5_ctx, keytab,
> > + &kt_entry, &cursor);
> > + assert_int_equal(code, 0);
> > + assert_int_equal(kt_entry.vno, j);
> > +#endif
> > krb5_unparse_name(krb5_ctx, kt_entry.principal,
> > &unparsed_name);
> > assert_string_equal(expect_princ_name,
> unparsed_name);
> > @@ -72,7 +83,11 @@ static void internal_obsolete_keytab_test(int
> num_principals, int num_kvnos,
> >
> > code = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
> > assert_int_equal(code, 0);
> > +#ifdef SAMBA4_USES_HEIMDAL
> > for (i=0; i<num_principals; i++) {
> > +#else /* MIT */
> > + for (i=num_principals-1; i>=0; i--) {
> > +#endif
> > char *unparsed_name;
> > expect_princ_name[4] = (char)i+48;
> > code = krb5_kt_next_entry(krb5_ctx, keytab, &kt_entry,
> &cursor);
> > --
> > 2.17.2
> >
>
>
> --
> / Alexander Bokovoy
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test_kerberos_mit_fix.patch
Type: text/x-patch
Size: 2399 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20181109/e134891c/test_kerberos_mit_fix.bin>
More information about the samba-technical
mailing list