Fix krenew cache canonicalization

Canonicalize to the full name similar to the change to k5start.  Add
a test for krenew handling of keyring caches.

diff --git a/krenew.c b/krenew.c
index e5695484c1438a3d316e32aa2662846902789879..921bc45a536ce58f78239ab61890cb7aca8eedea 100644 (file)
--- a/krenew.c
+++ b/krenew.c
@@ -308,9 +308,11 @@ main(int argc, char *argv[])
         config.cache = copy_cache(ctx, &ccache);
         config.clean_cache = true;
     }
-    if (config.cache == NULL)
-        config.cache = xstrdup(krb5_cc_get_name(ctx, ccache));
-    else {
+    if (config.cache == NULL) {
+        code = krb5_cc_get_full_name(ctx, ccache, (char **) &config.cache);
+        if (code != 0)
+            die_krb5(ctx, code, "error getting ticket cache name");
+    } else {
         if (setenv("KRB5CCNAME", config.cache, 1) != 0)
             die("cannot set KRB5CCNAME environment variable");
     }

diff --git a/tests/TESTS b/tests/TESTS
index 2e1347e4f56b7ab02e5d029e23ce1e17d50d82d2..91e3cbafc57ea719d1856177af180b533d62a62d 100644 (file)
--- a/tests/TESTS
+++ b/tests/TESTS
@@ -5,6 +5,7 @@ k5start/basic
 k5start/daemon
 k5start/errors
 k5start/flags
+k5start/keyring
 k5start/perms
 k5start/sigchld
 kafs/basic
@@ -13,6 +14,7 @@ krenew/afs
 krenew/basic
 krenew/daemon
 krenew/errors
+krenew/keyring
 portable/asprintf
 portable/daemon
 portable/mkstemp

diff --git a/tests/krenew/keyring-t b/tests/krenew/keyring-t
new file mode 100755 (executable)
index 0000000..4d8bf93
--- /dev/null
+++ b/tests/krenew/keyring-t
@@ -0,0 +1,49 @@
+#!/usr/bin/perl -w
+#
+# Tests for krenew support of keyrings.
+#
+# Written by Russ Allbery <rra@stanford.edu>
+# Copyright 2011
+#     The Board of Trustees of the Leland Stanford Junior University
+#
+# See LICENSE for licensing terms.
+
+use Test::More;
+
+# The full path to the newly-built k5start client.
+our $KRENEW = "$ENV{BUILD}/../krenew";
+
+# The path to our data directory, which contains the keytab to use to test.
+our $DATA = "$ENV{BUILD}/data";
+
+# Load our test utility programs.
+require "$ENV{SOURCE}/libtest.pl";
+
+# Decide whether we have the configuration to run the tests.
+my $principal;
+if (not -f "$DATA/test.keytab" or not -f "$DATA/test.principal") {
+    plan skip_all => 'no keytab configuration';
+    exit 0;
+} else {
+    $principal = contents ("$DATA/test.principal");
+    $ENV{KRB5CCNAME} = 'KEYRING:test';
+    unless (kinit ("$DATA/test.keytab", $principal, '-r', '2h', '-l', '10m')) {
+        plan skip_all => 'cannot get renewable tickets in keyring';
+        exit 0;
+    }
+    unless (!-f 'KEYRING:test') {
+        plan skip_all => 'cannot use keyring caches';
+        exit 0;
+    }
+    plan tests => 5;
+}
+
+# Basic renewal test.
+my ($out, $err, $status) = command ($KRENEW, '-v');
+is ($status, 0, 'Basic krenew command succeeds');
+is ($err, '', ' with no errors');
+like ($out, qr/^krenew: renewing credentials for \Q$principal\E(\@\S+)?\n\z/,
+      ' and the right output');
+my ($default, $service) = klist ();
+like ($default, qr/^\Q$principal\E(\@\S+)?\z/, ' for the right principal');
+like ($service, qr%^krbtgt/%, ' and the right service');