1
# Password-changing Kerberos test.
2
# This is a DejaGnu test script.
4
# We are about to start up a couple of daemon processes. We do all
5
# the rest of the tests inside a proc, so that we can easily kill the
6
# processes when the procedure ends.
8
proc kinit_expecting_pwchange { name pass newpass } {
13
# Use kinit to get a ticket.
15
# For now always get forwardable tickets. Later when we need to make
16
# tests that distiguish between forwardable tickets and otherwise
17
# we should but another option to this proc. --proven
19
spawn $KINIT -5 -f $name@$REALMNAME
21
"Password for $name@$REALMNAME:" {
22
verbose "kinit started"
35
"Enter new password: " { }
37
fail "kinit (new password prompt)"
41
fail "kinit (new password prompt)"
49
fail "kinit (new password prompt2)"
53
fail "kinit (new password prompt2)"
59
if ![check_exit_status kinit] {
76
global supported_enctypes
81
# Start up the kerberos and kadmind daemons.
82
if ![start_kerberos_daemons 0] {
86
# Use kadmin to add a key.
87
if ![add_kerberos_key pwchanger 0] {
91
setup_kerberos_env kdc
92
spawn $KADMIN_LOCAL -q "modprinc +needchange pwchanger"
96
fail "kadmin.local modprinc +needchange"
99
pass "kadmin.local modprinc +needchange"
102
set k_stat [wait -i $spawn_id]
103
verbose "wait -i $spawn_id returned $k_stat (kadmin modprinc +needchange)"
104
catch "close -i $spawn_id"
106
setup_kerberos_env client
107
if ![kinit_expecting_pwchange pwchanger pwchanger$KEY floople] {
110
pass "kinit (password change)"
111
if ![kinit pwchanger floople 0] {
114
pass "kinit (new password)"
116
# Destroy the ticket.
118
if ![check_exit_status "kdestroy"] {
125
# Set up the Kerberos files and environment.
126
if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} {
130
# Initialize the Kerberos database. The argument tells
131
# setup_kerberos_db that it is being called from here.
132
if ![setup_kerberos_db 0] {
136
set status [catch doit msg]
138
stop_kerberos_daemons
140
if { $status != 0 } {
141
send_error "ERROR: error in pwchange.exp\n"