Lines 53-58
Link Here
|
53 |
R5=SOME-REALM5.FR |
53 |
R5=SOME-REALM5.FR |
54 |
R6=SOME-REALM6.US |
54 |
R6=SOME-REALM6.US |
55 |
R7=SOME-REALM7.UK |
55 |
R7=SOME-REALM7.UK |
|
|
56 |
R8=SOME-REALM8.UK |
56 |
|
57 |
|
57 |
H1=H1.$R |
58 |
H1=H1.$R |
58 |
H2=H2.$R |
59 |
H2=H2.$R |
Lines 152-157
Link Here
|
152 |
init \ |
153 |
init \ |
153 |
--realm-max-ticket-life=1day \ |
154 |
--realm-max-ticket-life=1day \ |
154 |
--realm-max-renewable-life=1month \ |
155 |
--realm-max-renewable-life=1month \ |
|
|
156 |
${R8} || exit 1 |
157 |
|
158 |
${kadmin} \ |
159 |
init \ |
160 |
--realm-max-ticket-life=1day \ |
161 |
--realm-max-renewable-life=1month \ |
155 |
${H1} || exit 1 |
162 |
${H1} || exit 1 |
156 |
|
163 |
|
157 |
${kadmin} \ |
164 |
${kadmin} \ |
Lines 191-196
Link Here
|
191 |
${kadmin5} add -p foo --use-defaults foo@${R5} || exit 1 |
198 |
${kadmin5} add -p foo --use-defaults foo@${R5} || exit 1 |
192 |
${kadmin} add -p foo --use-defaults foo@${R6} || exit 1 |
199 |
${kadmin} add -p foo --use-defaults foo@${R6} || exit 1 |
193 |
${kadmin} add -p foo --use-defaults foo@${R7} || exit 1 |
200 |
${kadmin} add -p foo --use-defaults foo@${R7} || exit 1 |
|
|
201 |
${kadmin} add -p foo --use-defaults foo@${R8} || exit 1 |
194 |
${kadmin} add -p foo --use-defaults foo@${H1} || exit 1 |
202 |
${kadmin} add -p foo --use-defaults foo@${H1} || exit 1 |
195 |
${kadmin} add -p foo --use-defaults foo/host.${h1}@${H1} || exit 1 |
203 |
${kadmin} add -p foo --use-defaults foo/host.${h1}@${H1} || exit 1 |
196 |
${kadmin} add -p foo --use-defaults foo@${H2} || exit 1 |
204 |
${kadmin} add -p foo --use-defaults foo@${H2} || exit 1 |
Lines 249-254
Link Here
|
249 |
${kadmin} add -p cross1 --use-defaults krbtgt/${R7}@${R6} || exit 1 |
257 |
${kadmin} add -p cross1 --use-defaults krbtgt/${R7}@${R6} || exit 1 |
250 |
${kadmin} add -p cross2 --use-defaults krbtgt/${R6}@${R7} || exit 1 |
258 |
${kadmin} add -p cross2 --use-defaults krbtgt/${R6}@${R7} || exit 1 |
251 |
|
259 |
|
|
|
260 |
${kadmin} add -p cross1 --use-defaults krbtgt/${R8}@${R6} || exit 1 |
261 |
${kadmin} add -p cross2 --use-defaults krbtgt/${R6}@${R8} || exit 1 |
262 |
|
252 |
${kadmin} add -p cross1 --use-defaults krbtgt/${H1}@${R} || exit 1 |
263 |
${kadmin} add -p cross1 --use-defaults krbtgt/${H1}@${R} || exit 1 |
253 |
${kadmin} add -p cross2 --use-defaults krbtgt/${R}@${H1} || exit 1 |
264 |
${kadmin} add -p cross2 --use-defaults krbtgt/${R}@${H1} || exit 1 |
254 |
|
265 |
|
Lines 284-289
Link Here
|
284 |
${kadmin5} check ${R5} || exit 1 |
295 |
${kadmin5} check ${R5} || exit 1 |
285 |
${kadmin} check ${R6} || exit 1 |
296 |
${kadmin} check ${R6} || exit 1 |
286 |
${kadmin} check ${R7} || exit 1 |
297 |
${kadmin} check ${R7} || exit 1 |
|
|
298 |
${kadmin} check ${R8} || exit 1 |
287 |
${kadmin} check ${H1} || exit 1 |
299 |
${kadmin} check ${H1} || exit 1 |
288 |
${kadmin} check ${H2} || exit 1 |
300 |
${kadmin} check ${H2} || exit 1 |
289 |
${kadmin} check ${H3} || exit 1 |
301 |
${kadmin} check ${H3} || exit 1 |
Lines 388-393
Link Here
|
388 |
${kgetcred} foo@${R6} || { ec=1 ; eval "${testfailed}"; } |
400 |
${kgetcred} foo@${R6} || { ec=1 ; eval "${testfailed}"; } |
389 |
echo "Getting x-realm tickets with capaths for $R -> $R7" |
401 |
echo "Getting x-realm tickets with capaths for $R -> $R7" |
390 |
${kgetcred} foo@${R7} || { ec=1 ; eval "${testfailed}"; } |
402 |
${kgetcred} foo@${R7} || { ec=1 ; eval "${testfailed}"; } |
|
|
403 |
echo "Should not get x-realm tickets with capaths for $R -> $R8" |
404 |
${kgetcred} foo@${R8} && { ec=1 ; eval "${testfailed}"; } |
391 |
${kdestroy} |
405 |
${kdestroy} |
392 |
|
406 |
|
393 |
echo "Testing capaths logic (reverse order)" |
407 |
echo "Testing capaths logic (reverse order)" |
Lines 418-427
Link Here
|
418 |
|
432 |
|
419 |
echo "Getting x-realm tickets with hierarchical referrals for $H3 -> $H1" |
433 |
echo "Getting x-realm tickets with hierarchical referrals for $H3 -> $H1" |
420 |
${kgetcred} --hostbased --canonicalize foo host.${h1} || { ec=1 ; eval "${testfailed}"; } |
434 |
${kgetcred} --hostbased --canonicalize foo host.${h1} || { ec=1 ; eval "${testfailed}"; } |
|
|
435 |
fgrep "cross-realm ${H3} -> ${H1} via [${H2}, ${R}]" messages.log > /dev/null || { ec=1 ; eval "${testfailed}"; } |
421 |
echo "Getting x-realm tickets with hierarchical referrals for $H3 -> $R" |
436 |
echo "Getting x-realm tickets with hierarchical referrals for $H3 -> $R" |
422 |
${kgetcred} --hostbased --canonicalize foo host.${r} || { ec=1 ; eval "${testfailed}"; } |
437 |
${kgetcred} --hostbased --canonicalize foo host.${r} || { ec=1 ; eval "${testfailed}"; } |
|
|
438 |
fgrep "cross-realm ${H3} -> ${R} via [${H2}]" messages.log > /dev/null || { ec=1 ; eval "${testfailed}"; } |
423 |
echo "Getting x-realm tickets with hierarchical referrals for $H3 -> $H2" |
439 |
echo "Getting x-realm tickets with hierarchical referrals for $H3 -> $H2" |
424 |
${kgetcred} --hostbased --canonicalize foo host.${h2} || { ec=1 ; eval "${testfailed}"; } |
440 |
${kgetcred} --hostbased --canonicalize foo host.${h2} || { ec=1 ; eval "${testfailed}"; } |
|
|
441 |
fgrep "cross-realm ${H3} -> ${H2}" messages.log > /dev/null || { ec=1 ; eval "${testfailed}"; } |
425 |
${kdestroy} |
442 |
${kdestroy} |
426 |
|
443 |
|
427 |
echo "Testing multi-hop [capaths] referral logic" |
444 |
echo "Testing multi-hop [capaths] referral logic" |