Update test suite for new length restriction, new username check

Make the dictionary word we use to test longer now that we require
at least eight character passwords.  Also update the whitespace
tests.  Add tests for rejecting the username with digits appended.

diff --git a/tests/data/wordlist b/tests/data/wordlist
index f9f57a530ebc6aa65d424943a6e8f41ffd932fa0..55ad2d6930d8cc55614390b568b1fc254bca8114 100644 (file)
--- a/tests/data/wordlist
+++ b/tests/data/wordlist
@@ -1,4 +1,4 @@
-bitter
+bitterbane
 one
 pass
 password

diff --git a/tests/heimdal/external-t b/tests/heimdal/external-t
index d9c9bf7e7633708432ed3e1e2429ded4ced100a4..e54c10e340b8d482d6005cc85798d77eec668ad9 100755 (executable)
--- a/tests/heimdal/external-t
+++ b/tests/heimdal/external-t
@@ -3,7 +3,8 @@
 # Test suite for basic Heimdal external strength checking functionality.
 #
 # Written by Russ Allbery <rra@stanford.edu>
-# Copyright 2009 Board of Trustees, Leland Stanford Jr. University
+# Copyright 2009, 2012
+#     The Board of Trustees of the Leland Stanford Junior University
 #
 # See LICENSE for licensing terms.
 
@@ -55,7 +56,7 @@ if [ -z "$krb5conf" ] ; then
 fi
 
 # Okay, we should be good to run the test suite.
-plan 42
+plan 48
 
 # We don't have a password_dictionary setting, so we should fail with an
 # initialization error.
@@ -73,31 +74,35 @@ cat <<EOF >> ./krb5.conf
 EOF
 
 # Check the basic functionality.
-ok_password "good password" 'test@EXAMPLE.ORG' 'known good password' 0 \
+ok_password 'good password' 'test@EXAMPLE.ORG' 'known good password' 0 \
     'APPROVED' ''
-ok_password "password in dictionary" 'test@EXAMPLE.ORG' 'password' 0 '' \
+ok_password 'password in dictionary' 'test@EXAMPLE.ORG' 'password' 0 '' \
     'it is based on a dictionary word'
-ok_password "password in dictionary" 'test@EXAMPLE.ORG' 'bitter' 0 '' \
+ok_password 'password in dictionary' 'test@EXAMPLE.ORG' 'bitterbane' 0 '' \
     'it is based on a dictionary word'
-ok_password "password in dictionary" 'test@EXAMPLE.ORG' 'rettib' 0 '' \
+ok_password 'password in dictionary' 'test@EXAMPLE.ORG' 'enabrettib' 0 '' \
     'it is based on a (reversed) dictionary word'
-ok_password "password too short" 'test@EXAMPLE.ORG' 'food' 0 '' \
-    "it is too short"
-ok_password "password way too short" 'test@EXAMPLE.ORG' 'foo' 0 '' \
+ok_password 'password seven characters' 'test@EXAMPLE.ORG' 'dfareas' 0 '' \
+    'it is too short'
+ok_password 'password too short' 'test@EXAMPLE.ORG' 'food' 0 '' \
+    'it is too short'
+ok_password 'password way too short' 'test@EXAMPLE.ORG' 'foo' 0 '' \
     "it's WAY too short"
-ok_password "password empty" 'test@EXAMPLE.ORG' '' 0 '' \
+ok_password 'password empty' 'test@EXAMPLE.ORG' '' 0 '' \
     "it's WAY too short"
-ok_password "password all whitespace" 'test@EXAMPLE.ORG' '         ' 0 '' \
+ok_password 'password all whitespace' 'test@EXAMPLE.ORG' '           ' 0 '' \
     'it does not contain enough DIFFERENT characters'
-ok_password "password too simplistic" 'test@EXAMPLE.ORG' 'abcdefghi' 0 '' \
+ok_password 'password too simplistic' 'test@EXAMPLE.ORG' 'abcdefghi' 0 '' \
     'it is too simplistic/systematic'
-ok_password "not enough characters" 'test@EXAMPLE.ORG' '22413411' 0 '' \
+ok_password 'not enough characters' 'test@EXAMPLE.ORG' '22413411' 0 '' \
     'it does not contain enough DIFFERENT characters'
-ok_password "password based on principal" 'someuser@EXAMPLE.ORG' 'someuser' \
+ok_password 'password based on principal' 'someuser@EXAMPLE.ORG' 'someuser' \
     0 '' 'Password based on username'
-ok_password "password based on principal" 'someuser@EXAMPLE.ORG' 'resuemos' \
+ok_password 'password based on principal' 'someuser@EXAMPLE.ORG' 'resuemos' \
     0 '' 'Password based on username'
-ok_password "password is principal" 'test@EXAMPLE.ORG' 'test@EXAMPLE.ORG' \
+ok_password 'password is username with digits' 'someuser@EXAMPLE.ORG' \
+    'someuser123' 0 '' 'Password based on username'
+ok_password 'password is principal' 'test@EXAMPLE.ORG' 'test@EXAMPLE.ORG' \
     0 '' 'Password based on username'
 
 # Clean up.

diff --git a/tests/mit/plugin-t b/tests/mit/plugin-t
index 8c8f0c22b192a4dfcf2856a0de16620af1b48f19..b1223a3c1819d9197b8e2723abbc2f9ee058ee62 100755 (executable)
--- a/tests/mit/plugin-t
+++ b/tests/mit/plugin-t
@@ -74,9 +74,9 @@ EOF
 ok_password "good password" 'test@EXAMPLE.ORG' 'known good password' 0 ''
 ok_password "password in dictionary" 'test@EXAMPLE.ORG' 'password' 1 \
     'it is based on a dictionary word'
-ok_password "password in dictionary" 'test@EXAMPLE.ORG' 'bitter' 1 \
+ok_password "password in dictionary" 'test@EXAMPLE.ORG' 'bitterbane' 1 \
     'it is based on a dictionary word'
-ok_password "password in dictionary" 'test@EXAMPLE.ORG' 'rettib' 1 \
+ok_password "password in dictionary" 'test@EXAMPLE.ORG' 'enabrettib' 1 \
     'it is based on a (reversed) dictionary word'
 ok_password "password too short" 'test@EXAMPLE.ORG' 'food' 1 \
     "it is too short"
@@ -84,7 +84,7 @@ ok_password "password way too short" 'test@EXAMPLE.ORG' 'foo' 1 \
     "it's WAY too short"
 ok_password "password empty" 'test@EXAMPLE.ORG' '' 1 \
     "it's WAY too short"
-ok_password "password all whitespace" 'test@EXAMPLE.ORG' '         ' 1 \
+ok_password "password all whitespace" 'test@EXAMPLE.ORG' '           ' 1 \
     'it does not contain enough DIFFERENT characters'
 ok_password "password too simplistic" 'test@EXAMPLE.ORG' 'abcdefghi' 1 \
     'it is too simplistic/systematic'