Avoid keyctl purge in keyring ccache tests

keyctl purge was added in keyutils 1.5 (released in March 2011). Use keyctl unlink to clean up keys instead, as it is more universal. ticket: 7810 target_version: 1.12.1 tags: pullup
krb5 · Dec 21, 2013 · 94da458 · 94da458
1 parent ae027dd
commit 94da458
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 22 deletions.
diff --git a/src/lib/krb5/ccache/t_cccol.py b/src/lib/krb5/ccache/t_cccol.py
@@ -11,30 +11,33 @@
 # Run the collection test program against each collection-enabled type.
 realm.run(['./t_cccol', 'DIR:' + os.path.join(realm.testdir, 'cc')])
 if test_keyring:
+    def cleanup_keyring(anchor, name):
+        out = realm.run(['keyctl', 'list', anchor])
+        if ('keyring: ' + name + '\n') in out:
+            keyid = realm.run(['keyctl', 'search', anchor, 'keyring', name])
+            realm.run(['keyctl', 'unlink', keyid.strip(), anchor])
+
     # Use the test directory as the collection name to avoid colliding
     # with other build trees.
     cname = realm.testdir
+    col_ringname = '_krb_' + cname
 
     # Remove any keys left behind by previous failed test runs.
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
-    realm.run(['keyctl', 'purge', 'keyring', cname])
-    out = realm.run(['keyctl', 'list', '@u'])
-    if ('keyring: _krb_' + cname + '\n') in out:
-        id = realm.run(['keyctl', 'search', '@u', 'keyring', '_krb_' + cname])
-        realm.run(['keyctl', 'unlink', id.strip(), '@u'])
+    cleanup_keyring('@s', cname)
+    cleanup_keyring('@s', col_ringname)
+    cleanup_keyring('@u', col_ringname)
 
     # Run test program over each subtype, cleaning up as we go.  Don't
     # test the persistent subtype, since it supports only one
     # collection and might be in actual use.
     realm.run(['./t_cccol', 'KEYRING:' + cname])
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     realm.run(['./t_cccol', 'KEYRING:legacy:' + cname])
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     realm.run(['./t_cccol', 'KEYRING:session:' + cname])
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     realm.run(['./t_cccol', 'KEYRING:user:' + cname])
-    id = realm.run(['keyctl', 'search', '@u', 'keyring', '_krb_' + cname])
-    realm.run(['keyctl', 'unlink', id.strip(), '@u'])
+    cleanup_keyring('@u', col_ringname)
     realm.run(['./t_cccol', 'KEYRING:process:abcd'])
     realm.run(['./t_cccol', 'KEYRING:thread:abcd'])
 
@@ -57,8 +60,7 @@
 realm.kinit('bob', password('bob'), flags=['-c', dbob])
 
 if test_keyring:
-    cname = realm.testdir
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     krccname = 'KEYRING:session:' + cname
     kruser = '%s:tkt1' % krccname
     kralice = '%s:tkt2' % krccname
@@ -105,7 +107,7 @@ def cursor_test(testname, args, expected):
 realm.run(['./t_cccursor', mfoo, 'CONTENT'], expected_code=1)
 if test_keyring:
     realm.run(['./t_cccursor', krccname, 'CONTENT'])
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
 
 # Make sure FILE doesn't yield a nonexistent default cache.
 realm.run([kdestroy])

diff --git a/src/tests/t_ccache.py b/src/tests/t_ccache.py
@@ -85,13 +85,20 @@ def collection_test(realm, ccname):
 
 collection_test(realm, 'DIR:' + os.path.join(realm.testdir, 'cc'))
 if test_keyring:
+    def cleanup_keyring(anchor, name):
+        out = realm.run(['keyctl', 'list', anchor])
+        if ('keyring: ' + name + '\n') in out:
+            keyid = realm.run(['keyctl', 'search', anchor, 'keyring', name])
+            realm.run(['keyctl', 'unlink', keyid.strip(), anchor])
+
     # Use realm.testdir as the collection name to avoid conflicts with
     # other build trees.
     cname = realm.testdir
+    col_ringname = '_krb_' + cname
 
-    realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     collection_test(realm, 'KEYRING:session:' + cname)
-    realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
 
     # Test legacy keyring cache linkage.
     realm.env['KRB5CCNAME'] = 'KEYRING:' + cname
@@ -108,21 +115,18 @@ def collection_test(realm, ccname):
     # Remove the collection keyring.  When the collection is
     # reinitialized, the legacy cache should reappear inside it
     # automatically as the primary cache.
-    out = realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname])
-    if 'purged 1 keys' not in out:
-        fail('Could not purge collection keyring')
+    cleanup_keyring('@s', col_ringname)
     out = realm.run([klist])
     if realm.user_princ not in out:
-        fail('Cannot see legacy cache after purging collection')
+        fail('Cannot see legacy cache after removing collection')
     coll_id = realm.run([keyctl, 'search', '@s', 'keyring', '_krb_' + cname])
     out = realm.run([keyctl, 'list', coll_id.strip()])
     if (id.strip() + ':') not in out:
         fail('Legacy cache did not reappear in collection after klist')
     # Destroy the cache and check that it is unlinked from the session keyring.
     realm.run([kdestroy])
     realm.run([keyctl, 'search', '@s', 'keyring', cname], expected_code=1)
-    # Clean up the collection key.
-    realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
 
 # Test parameter expansion in default_ccache_name
 realm.stop()