1 /* 2 * Authentication tests for the pam-krb5 module with an existing AUTHTOK. 3 * 4 * This test case includes tests that require Kerberos to be configured and a 5 * username and password available and that run with AUTHTOK already set, but 6 * which don't write a ticket cache (which requires additional work to test 7 * the cache ownership). 8 * 9 * Written by Russ Allbery <eagle@eyrie.org> 10 * Copyright 2020 Russ Allbery <eagle@eyrie.org> 11 * Copyright 2011-2012 12 * The Board of Trustees of the Leland Stanford Junior University 13 * 14 * SPDX-License-Identifier: BSD-3-clause or GPL-1+ 15 */ 16 17 #include <config.h> 18 #include <portable/system.h> 19 20 #include <tests/fakepam/script.h> 21 #include <tests/tap/kerberos.h> 22 #include <tests/tap/process.h> 23 #include <tests/tap/string.h> 24 25 26 int 27 main(void) 28 { 29 struct script_config config; 30 struct kerberos_config *krbconf; 31 32 /* Load the Kerberos principal and password from a file. */ 33 krbconf = kerberos_setup(TAP_KRB_NEEDS_PASSWORD); 34 memset(&config, 0, sizeof(config)); 35 config.user = krbconf->userprinc; 36 config.password = krbconf->password; 37 config.authtok = krbconf->password; 38 39 /* 40 * Generate a testing krb5.conf file with a nonexistent default realm so 41 * that we can be sure that our principals will stay fully-qualified in 42 * the logs. 43 */ 44 kerberos_generate_conf("bogus.example.com"); 45 46 plan_lazy(); 47 run_script_dir("data/scripts/stacked", &config); 48 49 return 0; 50 } 51