xref: /freebsd/crypto/krb5/src/tests/t_kadmin_parsing.py (revision 7f2fe78b9dd5f51c821d771b63d2e096f6fd49e9) 
1from k5test import *
2
3# This file contains tests for kadmin command parsing.  Principal
4# flags (which can also be used in kadm5.acl or krb5.conf) are tested
5# in t_princflags.py.
6
7# kadmin recognizes time intervals using either the
8# krb5_string_to_deltat() formats or the relative getdate.y formats.
9# (Absolute getdate.y formats also work with the current time
10# subtracted; this isn't very useful and we won't test it here.)
11intervals = (
12    # krb5_string_to_deltat() formats.  Whitespace ( \t\n) is allowed
13    # before or between most elements or at the end, but not after
14    # 's'.  Negative or oversized numbers are allowed in most places,
15    # but not after the first number in an HH:MM:SS form.
16    ('28s', '0 days 00:00:28'),
17    ('7m ', '0 days 00:07:00'),
18    ('6m 9s', '0 days 00:06:09'),
19    ('2h', '0 days 02:00:00'),
20    ('2h-5s', '0 days 01:59:55'),
21    ('2h3m', '0 days 02:03:00'),
22    ('2h3m5s', '0 days 02:03:05'),
23    ('5d ', '5 days 00:00:00'),
24    ('5d-48s', '4 days 23:59:12'),
25    ('5d18m', '5 days 00:18:00'),
26    ('5d -6m56s', '4 days 23:54:56'),
27    ('5d4h', '5 days 04:00:00'),
28    ('5d4h 1s', '5 days 04:00:01'),
29    ('5d4h3m', '5 days 04:03:00'),
30    (' \t 15d \n 4h  3m  2s', '15 days 04:03:02'),
31    ('10-8:45:0', '10 days 08:45:00'),
32    ('1000:67:99', '41 days 17:08:39'),
33    ('999:11', '41 days 15:11:00'),
34    ('382512', '4 days 10:15:12'),
35
36    # getdate.y relative formats (and "never", which is handled
37    # specially as a zero interval).  Any number of relative forms can
38    # be specified in any order.  Whitespace is ignored before or
39    # after any token.  "month" and "year" are allowed as units but
40    # depend on the current time, so we won't test them.  Plural unit
41    # names are treated identically to singular unit names.  Numbers
42    # before unit names are optional and may be signed; there are also
43    # aliases for some numbers.  "ago" inverts the interval up to the
44    # point where it appears.
45    ('never', '0 days 00:00:00'),
46    ('fortnight', '14 days 00:00:00'),
47    ('3 day ago 4 weeks 8 hours', '25 days 08:00:00'),
48    ('8 second -3 secs 5 minute ago 63 min', '0 days 00:57:55'),
49    ('min mins min mins min', '0 days 00:05:00'),
50    ('tomorrow tomorrow today yesterday now last minute', '0 days 23:59:00'),
51    ('this second next minute first hour third fortnight fourth day '
52     'fifth weeks sixth sec seventh secs eighth second ninth mins tenth '
53     'day eleventh min twelfth sec', '91 days 01:22:34'))
54
55realm = K5Realm(create_host=False, get_creds=False)
56realm.run([kadminl, 'addpol', 'pol'])
57for instr, outstr in intervals:
58    realm.run([kadminl, 'modprinc', '-maxlife', instr, realm.user_princ])
59    msg = 'Maximum ticket life: ' + outstr + '\n'
60    realm.run([kadminl, 'getprinc', realm.user_princ], expected_msg=msg)
61
62    realm.run([kadminl, 'modprinc', '-maxrenewlife', instr, realm.user_princ])
63    msg = 'Maximum renewable life: ' + outstr + '\n'
64    realm.run([kadminl, 'getprinc', realm.user_princ], expected_msg=msg)
65
66    realm.run([kadminl, 'modpol', '-maxlife', instr, 'pol'])
67    msg = 'Maximum password life: ' + outstr + '\n'
68    realm.run([kadminl, 'getpol', 'pol'], expected_msg=msg)
69
70    realm.run([kadminl, 'modpol', '-minlife', instr, 'pol'])
71    msg = 'Minimum password life: ' + outstr + '\n'
72    realm.run([kadminl, 'getpol', 'pol'], expected_msg=msg)
73
74    realm.run([kadminl, 'modpol', '-failurecountinterval', instr, 'pol'])
75    msg = 'Password failure count reset interval: ' + outstr + '\n'
76    realm.run([kadminl, 'getpol', 'pol'], expected_msg=msg)
77
78    realm.run([kadminl, 'modpol', '-lockoutduration', instr, 'pol'])
79    msg = 'Password lockout duration: ' + outstr + '\n'
80    realm.run([kadminl, 'getpol', 'pol'], expected_msg=msg)
81
82success('kadmin command parsing tests')
83