1 /* 2 * Authentication tests for the pam-krb5 module without a ticket cache. 3 * 4 * This test case includes tests that require Kerberos to be configured and a 5 * username and password available, but which don't write a ticket cache 6 * (which requires additional work to test the cache ownership). This test 7 * does not set AUTHTOK. 8 * 9 * Written by Russ Allbery <eagle@eyrie.org> 10 * Copyright 2020 Russ Allbery <eagle@eyrie.org> 11 * Copyright 2011, 2012 12 * The Board of Trustees of the Leland Stanford Junior University 13 * 14 * SPDX-License-Identifier: BSD-3-clause or GPL-1+ 15 */ 16 17 #include <config.h> 18 #include <portable/system.h> 19 20 #include <tests/fakepam/script.h> 21 #include <tests/tap/kerberos.h> 22 23 24 int 25 main(void) 26 { 27 struct script_config config; 28 struct kerberos_config *krbconf; 29 30 /* Load the Kerberos principal and password from a file. */ 31 krbconf = kerberos_setup(TAP_KRB_NEEDS_PASSWORD); 32 memset(&config, 0, sizeof(config)); 33 config.user = krbconf->userprinc; 34 config.password = krbconf->password; 35 36 /* 37 * Generate a testing krb5.conf file with a nonexistent default realm so 38 * that we can be sure that our principals will stay fully-qualified in 39 * the logs. 40 */ 41 kerberos_generate_conf("bogus.example.com"); 42 43 plan_lazy(); 44 run_script_dir("data/scripts/no-cache", &config); 45 46 return 0; 47 } 48