[28372] in CVS-changelog-for-Kerberos-V5
krb5 commit: Add test for KDC client logging
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Jun 11 00:30:51 2014
Date: Wed, 11 Jun 2014 00:30:42 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201406110430.s5B4Uggn023456@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/4799121941cfd846f9d3d7a905ac4c84342ff306
commit 4799121941cfd846f9d3d7a905ac4c84342ff306
Author: Greg Hudson <ghudson@mit.edu>
Date: Wed Jun 4 17:07:28 2014 -0400
Add test for KDC client logging
Add a test case which performed a TGS request with an expired ticket
and checks that the client principal is logged.
ticket: 7910
src/tests/Makefile.in | 1 +
src/tests/t_kdc_log.py | 23 +++++++++++++++++++++++
2 files changed, 24 insertions(+), 0 deletions(-)
diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
index 536f5cb..abd431d 100644
--- a/src/tests/Makefile.in
+++ b/src/tests/Makefile.in
@@ -134,6 +134,7 @@ check-pytests:: t_init_creds t_localauth
-i au.log
$(RUNPYTEST) $(srcdir)/t_salt.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_bogus_kdc_req.py $(PYTESTFLAGS)
+ $(RUNPYTEST) $(srcdir)/t_kdc_log.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_proxy.py $(PYTESTFLAGS)
clean::
diff --git a/src/tests/t_kdc_log.py b/src/tests/t_kdc_log.py
new file mode 100644
index 0000000..8ddb769
--- /dev/null
+++ b/src/tests/t_kdc_log.py
@@ -0,0 +1,23 @@
+#!/usr/bin/python
+
+from k5test import *
+
+# Make a TGS request with an expired ticket.
+realm = K5Realm()
+realm.stop()
+realm.start_kdc(['-T', '3600'])
+realm.run([kvno, realm.host_princ], expected_code=1)
+
+kdc_logfile = os.path.join(realm.testdir, 'kdc.log')
+f = open(kdc_logfile, 'r')
+found_skew = False
+for line in f:
+ if 'Clock skew too great' in line:
+ found_skew = True
+ if realm.user_princ not in line:
+ fail('Client principal not logged in expired-ticket TGS request')
+f.close()
+if not found_skew:
+ fail('Did not find KDC log line for expired-ticket TGS request')
+
+success('KDC logging tests')
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
