From 1f181476b4bd27dda9823e99961c4954ad968244 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 26 Aug 2011 16:02:01 +1000 Subject: selftest: Allow a krb5.conf to be generated that covers multiple realms --- selftest/target/Samba.pm | 55 ++++++++++++++++++++++++++++++----------------- selftest/target/Samba3.pm | 4 ++-- selftest/target/Samba4.pm | 2 +- 3 files changed, 38 insertions(+), 23 deletions(-) diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm index 1b1eb53933..d993611eda 100644 --- a/selftest/target/Samba.pm +++ b/selftest/target/Samba.pm @@ -59,14 +59,19 @@ sub bindir_path($$) { return $path; } -sub mk_krb5_conf($) +sub mk_krb5_conf($$) { - my ($ctx) = @_; + my ($ctx, $other_realms_stanza) = @_; unless (open(KRB5CONF, ">$ctx->{krb5_conf}")) { warn("can't open $ctx->{krb5_conf}$?"); return undef; } + + my $our_realms_stanza = mk_realms_stanza($ctx->{realm}, + $ctx->{dnsname}, + $ctx->{domain}, + $ctx->{kdc_ipv4}); print KRB5CONF " #Generated krb5.conf for $ctx->{realm} @@ -79,26 +84,11 @@ sub mk_krb5_conf($) allow_weak_crypto = yes [realms] - $ctx->{realm} = { - kdc = $ctx->{kdc_ipv4}:88 - admin_server = $ctx->{kdc_ipv4}:88 - default_domain = $ctx->{dnsname} - } - $ctx->{dnsname} = { - kdc = $ctx->{kdc_ipv4}:88 - admin_server = $ctx->{kdc_ipv4}:88 - default_domain = $ctx->{dnsname} - } - $ctx->{domain} = { - kdc = $ctx->{kdc_ipv4}:88 - admin_server = $ctx->{kdc_ipv4}:88 - default_domain = $ctx->{dnsname} - } - -[domain_realm] - .$ctx->{dnsname} = $ctx->{realm} + $our_realms_stanza + $other_realms_stanza "; + if (defined($ctx->{tlsdir})) { print KRB5CONF " @@ -115,4 +105,29 @@ sub mk_krb5_conf($) close(KRB5CONF); } +sub mk_realms_stanza($$$$) +{ + my ($realm, $dnsname, $domain, $kdc_ipv4) = @_; + + my $realms_stanza = " + $realm = { + kdc = $kdc_ipv4:88 + admin_server = $kdc_ipv4:88 + default_domain = $dnsname + } + $dnsname = { + kdc = $kdc_ipv4:88 + admin_server = $kdc_ipv4:88 + default_domain = $dnsname + } + $domain = { + kdc = $kdc_ipv4:88 + admin_server = $kdc_ipv4:88 + default_domain = $dnsname + } + +"; + return $realms_stanza; +} + 1; diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index bc8105a62c..d0ca0a17de 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -233,7 +233,7 @@ sub setup_admember($$$$) $ctx->{realm} = $dcvars->{REALM}; $ctx->{dnsname} = lc($dcvars->{REALM}); $ctx->{kdc_ipv4} = $dcvars->{SERVER_IP}; - Samba::mk_krb5_conf($ctx); + Samba::mk_krb5_conf($ctx, ""); $ret->{KRB5_CONFIG} = $ctx->{krb5_conf}; @@ -417,7 +417,7 @@ sub setup_ktest($$$) $ctx->{realm} = "KTEST.SAMBA.EXAMPLE.COM"; $ctx->{dnsname} = lc($ctx->{realm}); $ctx->{kdc_ipv4} = "0.0.0.0"; - Samba::mk_krb5_conf($ctx); + Samba::mk_krb5_conf($ctx, ""); $ret->{KRB5_CONFIG} = $ctx->{krb5_conf}; diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index b47fd725f2..2b1472efef 100644 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -637,7 +637,7 @@ sub provision_raw_step1($$) $ctx->{kdc_ipv4} = $ctx->{ipv4}; } - Samba::mk_krb5_conf($ctx); + Samba::mk_krb5_conf($ctx, ""); open(PWD, ">$ctx->{nsswrap_passwd}"); print PWD " -- cgit