remove v8 testenv

v8/test/README.md

@@ -0,0 +1 @@
+Source for integration test dependencies can be found at https://github.com/jcmturner/gokrb5-test

v8/test/testenv/ActiveDirectory.md

@@ -1,38 +0,0 @@
-# Active Directory Test Environment Setup Notes
-
-
-## Claims
-* Needs Windows 2012
-### Enable Claims
-* Administrative Tools > Group Policy Management
-  * Forest > Domains > DOMAIN.COM > Default Domain Policy (right click, Edit)
-  * Compute Configuration > Policies > Administrative Templates > System > KDC
-    * Edit "KDC Support for claims"
-    * Set to "Enabled" with the option "Always provide claims"
-    
-### Configure Claims Values
-* Administrative Tools > Active Directory Administrative Center
-  * Dynamic Access Control > Claim Types > New
-
-| Display name | Attribute | Type |
-| -------------|-----------|------|
-| username | sAMAccountName | string |
-| otherIpPhone | otherIpPhone | multi-valued string |
-| objectClass | objectClass | multi-valued unsigned integer |
-| msDS-SupportedEncryptionTypes | msDS-SupportedEncryptionTypes | Integer |
-
-### Add Attributes to User
-* Edit testuser1 in Active Directory Users and Computers
-* Go to Telephones tab
-* Click the "Other" button next to IP Phone
-* Add these strings:
-  * str1
-  * str2
-  * str3
-  * str4
-
-### Inspect Values
-```
-Get-ADUser -Filter 'Name -like "*test*1*" -properties *
-```
-    

v8/test/testenv/README.md

@@ -1,26 +0,0 @@
-# gokrb5 Integration Test Environment
-
-Below are some instructions for how to run the network services required for the gokrb5 integration tests.
-
-There are two options to run these services.
-1. As docker containers directly on your machine.
-2. As a vagrant VM instances.
-
-## Docker Containers
-The Docker containers can be run with the commands you see in the ```before_install``` section of the 
-[.travis.yml](https://github.com/jcmturner/gokrb5/blob/master/.travis.yml) file.
-You will need to set the environment variable ```TEST_KDC_ADDR``` to "127.0.0.1" when running the integration tests.
-
-## Vagant VM Instance
-The Vagrant VM instance has been configured to work with VirtualBox.
-VirtualBox will need to be configured with a host network. In the Vagrantfile configuration the CIDR range for that 
-network is assumed to be 10.80.0.0/16 and the instance will run on 10.80.88.88. If this does not work for your environment you will need to update the 
-Vagrantfile accordingly and when running the integration tests set the environment variable ```TEST_KDC_ADDR``` 
-to the IP you have allocated for this Vagrant instance.
-
-## Running the Integration Tests
-Ensure you have set the environment variable ```TEST_KDC_ADDR``` accordingly.
-
-To run the integration tests pass ```-tags=adintegration``` as an argument to the go test command. This will run all 
-unit and integration tests (other than the integration tests for Active Directory).
-

v8/test/testenv/docker/dns/Dockerfile

@@ -1,27 +0,0 @@
-FROM debian:latest
-MAINTAINER Jonathan Turner <jt@jtnet.co.uk>
-
-EXPOSE 53
-
-ENTRYPOINT ["/var/named/named.sh"]
-
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update && apt-get install -y bind9 && \
-  mkdir -p /var/named/data && \
-  mkdir -p /var/named/dynamic && \
-  chown -R bind /var/named && \
-  mkdir -p /etc/named && \
-  mkdir -p /var/run/named && chown bind /var/run/named
-
-ENV KRB5_KTNAME /etc/named.keytab
-ADD files/krb5.conf /etc/krb5.conf
-ADD files/krb5.testtab /var/named/data/named.keytab
-RUN chown bind:bind /var/named/data/named.keytab && chmod 644 /var/named/data/named.keytab
-
-ADD files/named.sh /var/named/named.sh
-RUN chmod 744 /var/named/named.sh
-
-ADD files/etc-named.conf /etc/named.conf
-ADD files/gokrb5.conf /etc/named/gokrb5.conf
-ADD files/zone-files/db.10 /var/named/data/
-ADD files/zone-files/db.test.gokrb5 /var/named/data/

v8/test/testenv/docker/dns/files/etc-named.conf

@@ -1,44 +0,0 @@
-options {
-	directory 	"/var/named";
-	dump-file 	"/var/named/data/cache_dump.db";
-    statistics-file "/var/named/data/named_stats.txt";
-    memstatistics-file "/var/named/data/named_mem_stats.txt";
-	allow-query     { localhost; 10.0.0.0/8; 172.17.0.0/16; 172.18.0.0/16; };
-	recursion yes;
-
-	dnssec-enable yes;
-	dnssec-validation yes;
-	dnssec-lookaside auto;
-
-	/* Path to ISC DLV key */
-	bindkeys-file "/etc/bind/bind.keys";
-
-	managed-keys-directory "/var/named/dynamic";
-
-	pid-file "/run/named/named.pid";
-	session-keyfile "/run/named/session.key";
-
-	tkey-gssapi-keytab  "/var/named/data/named.keytab";
-};
-
-logging {
-    channel stderr {
-        stderr;
-        severity debug;
-        print-category yes;
-        print-severity yes;
-        print-time yes;
-    };
-    category default { stderr; };
-    category client { stderr; };
-    category config { stderr; };
-    category general { stderr; };
-    category security { stderr; };
-    category update { stderr; };
-    category update-security { stderr; };
-};
-
-include "/etc/bind/named.conf.local";
-include "/etc/bind/named.conf.default-zones";
-include "/etc/bind/bind.keys";
-include "/etc/named/gokrb5.conf";

v8/test/testenv/docker/dns/files/gokrb5.conf

@@ -1,17 +0,0 @@
-zone "test.gokrb5" {
-	type master;
-	file "/var/named/data/db.test.gokrb5";
-	check-names ignore;
-    update-policy {
-        grant * subdomain test.gokrb5. ANY;
-    };
-};
-
-zone "10.in-addr.arpa" {
-	type master;
-	file "/var/named/data/db.10";
-	check-names ignore;
-    update-policy {
-        grant * subdomain 10.in-addr.arpa. ANY;
-    };
-};

v8/test/testenv/docker/dns/files/krb5.conf

@@ -1,35 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = TEST.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-  default_tkt_enctypes = aes256-cts-hmac-sha1-96
-  default_tgs_enctypes = aes256-cts-hmac-sha1-96
-  default_keytab_name = FILE:/var/named/data/named.keytab
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = 127.0.0.1:88
-  admin_server = 127.0.0.1:749
-  default_domain = test.gokrb5
- }
-
-[domain_realm]
- .test.gokrb5 = TEST.GOKRB5
- test.gokrb5 = TEST.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/docker/dns/files/named.sh

@@ -1,6 +0,0 @@
-#!/bin/bash
-
-sed -i "s/<TEST_KDC_ADDR>/${TEST_KDC_ADDR}/g" /var/named/data/db.test.gokrb5
-sed -i "s/<TEST_HTTP_ADDR>/${TEST_HTTP_ADDR}/g" /var/named/data/db.test.gokrb5
-
-/usr/sbin/named -g -c /etc/named.conf -u bind -4

v8/test/testenv/docker/dns/files/zone-files/db.10

@@ -1,13 +0,0 @@
-;
-; BIND reverse data file for 10.x.x.x
-;
-$TTL	604800
-@	IN	SOA	test.gokrb5. host.test.gokrb5. (
-			2017112701 	; Serial
-			 604800		; Refresh
-			  86400		; Retry
-			2419200		; Expire
-			 604800 )	; Negative Cache TTL
-;
-@	IN	NS	ns.test.gokrb5.
-88.88.80 IN  PTR host.test.gokrb5.

v8/test/testenv/docker/dns/files/zone-files/db.test.gokrb5

@@ -1,33 +0,0 @@
-$ORIGIN test.gokrb5.
-$TTL 86400	; 1 day
-@		        IN SOA ns.test.gokrb5. test.gokrb5. (
-				2017112801 ; serial
-				604800     ; refresh (1 week)
-				86400      ; retry (1 day)
-				2419200    ; expire (4 weeks)
-				86400      ; minimum (1 day)
-				)
-
-		IN	NS	ns
-ns      IN  A   <TEST_KDC_ADDR>
-		IN	A	<TEST_KDC_ADDR>
-$ORIGIN _tcp.test.gokrb5.
-_kerberos		IN	SRV	0 0 88 kdc.test.gokrb5.
-_kerberos		IN	SRV	1 100 88 kdc1a.test.gokrb5.
-_kerberos		IN	SRV	1 50 88 kdc1b.test.gokrb5.
-_kerberos		IN	SRV	2 100 88 kdc2a.test.gokrb5.
-_kerberos		IN	SRV	2 100 88 kdc2b.test.gokrb5.
-$ORIGIN _udp.test.gokrb5.
-_kerberos		IN	SRV	0 0 88 kdc.test.gokrb5.
-_kerberos		IN	SRV	1 100 88 kdc1a.test.gokrb5.
-_kerberos		IN	SRV	1 50 88 kdc1b.test.gokrb5.
-_kerberos		IN	SRV	2 100 88 kdc2a.test.gokrb5.
-_kerberos		IN	SRV	2 100 88 kdc2b.test.gokrb5.
-$ORIGIN test.gokrb5.
-kdc		IN	A	<TEST_KDC_ADDR>
-kdc1a	IN	A	<TEST_KDC_ADDR>
-kdc1b	IN	A	<TEST_KDC_ADDR>
-kdc2a	IN	A	<TEST_KDC_ADDR>
-kdc2b	IN	A	<TEST_KDC_ADDR>
-host    IN  A   <TEST_HTTP_ADDR>
-cname   IN  CNAME host

v8/test/testenv/docker/krb5kdc-latest/Dockerfile

@@ -1,27 +0,0 @@
-FROM centos:latest
-MAINTAINER Jonathan Turner <jt@jtnet.co.uk>
-
-EXPOSE 88
-
-ENTRYPOINT ["/usr/local/sbin/krb5kdc", "-n"]
-
-RUN yum install -y \
-  tcpdump krb5-workstation vim \
-  ncurses telnet ncurses-devel tcl net-tools \
- && yum groupinstall "Development Tools" -y \
- && yum update -y && yum clean all
-
-ENV KRB5_VER 1.16.1
-
-ADD krb5-${KRB5_VER}.tar.gz /tmp
-RUN cd /tmp/krb5-${KRB5_VER}/src && \
-  ./configure && make && make install
-
-ADD krb5.conf /etc/krb5.conf
-ADD kdc.conf /usr/local/var/krb5kdc/kdc.conf
-ADD kadm5.acl /usr/local/var/krb5kdc/kadm5.acl
-ADD krb5kdc-init.sh /opt/krb5/bin/krb5kdc-init.sh
-RUN mkdir -p /opt/krb5/log && \
-  mkdir -p /var/log/kerberos && \
-  /bin/bash /opt/krb5/bin/krb5kdc-init.sh && \
-  ln -sf /dev/stdout /var/log/krb5kdc.log

v8/test/testenv/docker/krb5kdc-latest/README.md

@@ -1,14 +0,0 @@
-# KDC Intergation Test Instance for TEST.GOKRB5
-
-DO NOT USE THIS CONTAINER FOR ANY PRODUCTION USE!!!
-
-To run:
-```bash
-docker run -v /etc/localtime:/etc/localtime:ro -p 98:88 -p 98:88/udp --rm --name gokrb5-kdc-latest jcmturner/gokrb5:kdc-latest &
-```
-
-To build:
-```bash
-docker build -t jcmturner/gokrb5:kdc-latest --force-rm=true --rm=true .
-docker push jcmturner/gokrb5:kdc-latest
-```

v8/test/testenv/docker/krb5kdc-latest/kadm5.acl

@@ -1,4 +0,0 @@
-testuser1@TEST.GOKRB5	*
-*/admin@TEST.GOKRB5	*
-*/*@TEST.GOKRB5		i
-*@TEST.GOKRB5		i

v8/test/testenv/docker/krb5kdc-latest/kdc.conf

@@ -1,15 +0,0 @@
-[kdcdefaults]
- kdc_ports = 88
- kdc_tcp_ports = 88
-
-[realms]
- TEST.GOKRB5 = {
-  master_key_type = aes256-cts-hmac-sha1-96
-  max_life = 12h 0m 0s
-  max_renewable_life = 7d 0h 0m 0s
-  acl_file = /var/kerberos/krb5kdc/kadm5.acl
-  dict_file = /usr/share/dict/words
-  admin_keytab = /opt/krb5/data/kadm5.keytab
-  supported_enctypes = aes128-cts-hmac-sha1-96:normal aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha256-128:normal aes256-cts-hmac-sha384-192:normal des3-cbc-sha1-kd:normal rc4-hmac:normal
-  default_principal_flags = +renewable
- }

v8/test/testenv/docker/krb5kdc-latest/krb5.conf

@@ -1,32 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = TEST.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = 127.0.0.1:88
-  admin_server = 127.0.0.1:749
-  default_domain = test.gokrb5
- }
-
-[domain_realm]
- .test.gokrb5 = TEST.GOKRB5
- test.gokrb5 = TEST.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/docker/krb5kdc-latest/krb5kdc-init.sh

@@ -1,47 +0,0 @@
-#!/bin/bash
-
-REALM=TEST.GOKRB5
-DOMAIN=test.gokrb5
-SERVER_HOST=kdc.test.gokrb5
-ADMIN_USERNAME=adminuser
-HOST_PRINCIPALS="kdc.test.gokrb5 host.test.gokrb5"
-SPNs="HTTP/host.test.gokrb5"
-
-create_entropy() {
-   while true
-   do
-     sleep $(( ( RANDOM % 10 )  + 1 ))
-     echo "Generating Entropy... $RANDOM"
-   done
-}
-
-create_entropy &
-ENTROPY_PID=$!
-
-  echo "Kerberos initialisation required. Creating database for ${REALM} ..."
-  echo "This can take a long time if there is little entropy. A process has been started to create some."
-  MASTER_PASSWORD=$(echo $RANDOM$RANDOM$RANDOM | md5sum | awk '{print $1}')
-  /usr/local/sbin/kdb5_util create -r ${REALM} -s -P ${MASTER_PASSWORD}
-  kill -9 ${ENTROPY_PID}
-  echo "Kerberos database created."
-  /usr/local/sbin/kadmin.local -q "add_principal -randkey ${ADMIN_USERNAME}/admin"
-  echo "Kerberos admin user created: ${ADMIN_USERNAME} To update password: sudo /usr/sbin/kadmin.local -q \"change_password ${ADMIN_USERNAME}/admin\""
-
-  KEYTAB_DIR="/keytabs"
-  mkdir -p $KEYTAB_DIR
-
-  if [ ! -z "${HOST_PRINCIPALS}" ]; then
-    for host in ${HOST_PRINCIPALS}
-    do
-      /usr/local/sbin/kadmin.local -q "add_principal -pw hostpasswordvalue -kvno 1 host/$host"
-      echo "Created host principal host/$host"
-    done
-  fi
-
-  /usr/local/sbin/kadmin.local -q "add_principal -pw spnpasswordvalue -kvno 1 HTTP/host.test.gokrb5"
-
-  /usr/local/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser1"
-  /usr/local/sbin/kadmin.local -q "add_principal +requires_preauth -pw passwordvalue -kvno 1 testuser2"
-  /usr/local/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser3"
-
-  echo "Kerberos initialisation complete"

v8/test/testenv/docker/krb5kdc-older/Dockerfile

@@ -1,25 +0,0 @@
-FROM centos:latest
-MAINTAINER Jonathan Turner <jt@jtnet.co.uk>
-
-EXPOSE 88
-
-ENTRYPOINT ["/usr/local/sbin/krb5kdc", "-n"]
-
-RUN yum install -y \
-  tcpdump krb5-workstation vim \
-  ncurses telnet ncurses-devel tcl net-tools \
- && yum groupinstall "Development Tools" -y \
- && yum update -y && yum clean all
-
-ADD krb5-1.6.3.tar.gz /tmp
-RUN cd /tmp/krb5-1.6.3/src && \
-  ./configure && make && make install
-
-ADD krb5.conf /etc/krb5.conf
-ADD kdc.conf /usr/local/var/krb5kdc/kdc.conf
-ADD kadm5.acl /usr/local/var/krb5kdc/kadm5.acl
-ADD krb5kdc-init.sh /opt/krb5/bin/krb5kdc-init.sh
-RUN mkdir -p /opt/krb5/log && \
-  mkdir -p /var/log/kerberos && \
-  /bin/bash /opt/krb5/bin/krb5kdc-init.sh && \
-  ln -sf /dev/stdout /var/log/krb5kdc.log

v8/test/testenv/docker/krb5kdc-older/README.md

@@ -1,14 +0,0 @@
-# KDC Intergation Test Instance for TEST.GOKRB5
-
-DO NOT USE THIS CONTAINER FOR ANY PRODUCTION USE!!!
-
-To run:
-```bash
-docker run -v /etc/localtime:/etc/localtime:ro -p 78:88 -p 78:88/udp --rm --name gokrb5-kdc-older jcmturner/gokrb5:kdc-older &
-```
-
-To build:
-```bash
-docker build -t jcmturner/gokrb5:kdc-older --force-rm=true --rm=true .
-docker push jcmturner/gokrb5:kdc-older
-```

v8/test/testenv/docker/krb5kdc-older/kadm5.acl

@@ -1,4 +0,0 @@
-testuser1@TEST.GOKRB5	*
-*/admin@TEST.GOKRB5	*
-*/*@TEST.GOKRB5		i
-*@TEST.GOKRB5		i

v8/test/testenv/docker/krb5kdc-older/kdc.conf

@@ -1,15 +0,0 @@
-[kdcdefaults]
- kdc_ports = 88
- kdc_tcp_ports = 88
-
-[realms]
- TEST.GOKRB5 = {
-  master_key_type = aes256-cts-hmac-sha1-96
-  max_life = 12h 0m 0s
-  max_renewable_life = 7d 0h 0m 0s
-  acl_file = /var/kerberos/krb5kdc/kadm5.acl
-  dict_file = /usr/share/dict/words
-  admin_keytab = /opt/krb5/data/kadm5.keytab
-  supported_enctypes = aes128-cts-hmac-sha1-96:normal aes256-cts-hmac-sha1-96:normal des3-cbc-sha1-kd:normal rc4-hmac:normal
-  default_principal_flags = +renewable
- }

v8/test/testenv/docker/krb5kdc-older/krb5.conf

@@ -1,32 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = TEST.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = 127.0.0.1:88
-  admin_server = 127.0.0.1:749
-  default_domain = test.gokrb5
- }
-
-[domain_realm]
- .test.gokrb5 = TEST.GOKRB5
- test.gokrb5 = TEST.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/docker/krb5kdc-older/krb5kdc-init.sh

@@ -1,47 +0,0 @@
-#!/bin/bash
-
-REALM=TEST.GOKRB5
-DOMAIN=test.gokrb5
-SERVER_HOST=kdc.test.gokrb5
-ADMIN_USERNAME=adminuser
-HOST_PRINCIPALS="kdc.test.gokrb5 host.test.gokrb5"
-SPNs="HTTP/host.test.gokrb5"
-
-create_entropy() {
-   while true
-   do
-     sleep $(( ( RANDOM % 10 )  + 1 ))
-     echo "Generating Entropy... $RANDOM"
-   done
-}
-
-create_entropy &
-ENTROPY_PID=$!
-
-  echo "Kerberos initialisation required. Creating database for ${REALM} ..."
-  echo "This can take a long time if there is little entropy. A process has been started to create some."
-  MASTER_PASSWORD=$(echo $RANDOM$RANDOM$RANDOM | md5sum | awk '{print $1}')
-  /usr/local/sbin/kdb5_util create -r ${REALM} -s -P ${MASTER_PASSWORD}
-  kill -9 ${ENTROPY_PID}
-  echo "Kerberos database created."
-  /usr/local/sbin/kadmin.local -q "add_principal -randkey ${ADMIN_USERNAME}/admin"
-  echo "Kerberos admin user created: ${ADMIN_USERNAME} To update password: sudo /usr/sbin/kadmin.local -q \"change_password ${ADMIN_USERNAME}/admin\""
-
-  KEYTAB_DIR="/keytabs"
-  mkdir -p $KEYTAB_DIR
-
-  if [ ! -z "${HOST_PRINCIPALS}" ]; then
-    for host in ${HOST_PRINCIPALS}
-    do
-      /usr/local/sbin/kadmin.local -q "add_principal -pw hostpasswordvalue -kvno 1 host/$host"
-      echo "Created host principal host/$host"
-    done
-  fi
-
-  /usr/local/sbin/kadmin.local -q "add_principal -pw spnpasswordvalue -kvno 1 HTTP/host.test.gokrb5"
-
-  /usr/local/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser1"
-  /usr/local/sbin/kadmin.local -q "add_principal +requires_preauth -pw passwordvalue -kvno 1 testuser2"
-  /usr/local/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser3"
-
-  echo "Kerberos initialisation complete"

v8/test/testenv/docker/krb5kdc-res/Dockerfile

@@ -1,19 +0,0 @@
-FROM centos:latest
-MAINTAINER Jonathan Turner <jt@jtnet.co.uk>
-
-EXPOSE 88
-ENTRYPOINT ["/usr/sbin/krb5kdc", "-n"]
-
-RUN yum install -y \
-  krb5-server \
-  tcpdump krb5-workstation vim \
- && yum update -y && yum clean all
-
-ADD krb5.conf /etc/krb5.conf
-ADD kdc.conf /var/kerberos/krb5kdc/kdc.conf
-ADD kadm5.acl /var/kerberos/krb5kdc/kadm5.acl
-ADD krb5kdc-init.sh /opt/krb5/bin/krb5kdc-init.sh
-RUN mkdir -p /opt/krb5/log && \
-  mkdir -p /var/log/kerberos && \
-  /bin/bash /opt/krb5/bin/krb5kdc-init.sh && \
-  ln -sf /dev/stdout /var/log/krb5kdc.log

v8/test/testenv/docker/krb5kdc-res/README.md

@@ -1,16 +0,0 @@
-# KDC Intergation Test Instance for RESDOM.GOKRB5
-
-DO NOT USE THIS CONTAINER FOR ANY PRODUCTION USE!!!
-
-To run:
-```bash
-docker run -v /etc/localtime:/etc/localtime:ro -p 188:88 -p 188:88/udp --rm --name gokrb5-res jcmturner/gokrb5:kdc-resdom &
-```
-
-To build:
-```bash
-docker build -t jcmturner/gokrb5:kdc-resdom --force-rm=true --rm=true .
-docker push jcmturner/gokrb5:kdc-resdom
-```
-
-

v8/test/testenv/docker/krb5kdc-res/kadm5.acl

@@ -1,4 +0,0 @@
-testuser1@RESDOM.GOKRB5	*
-*/admin@RESDOM.GOKRB5	*
-*/*@RESDOM.GOKRB5		i
-*@RESDOM.GOKRB5		i

v8/test/testenv/docker/krb5kdc-res/kdc.conf

@@ -1,16 +0,0 @@
-[kdcdefaults]
- kdc_ports = 88
- kdc_tcp_ports = 88
-
-[realms]
- RESDOM.GOKRB5 = {
-  master_key_type = aes256-cts-hmac-sha1-96
-  max_life = 12h 0m 0s
-  max_renewable_life = 7d 0h 0m 0s
-  acl_file = /var/kerberos/krb5kdc/kadm5.acl
-  dict_file = /usr/share/dict/words
-  admin_keytab = /opt/krb5/data/kadm5.keytab
-  supported_enctypes = aes128-cts-hmac-sha1-96:normal aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha256-128:normal aes256-cts-hmac-sha384-192:normal des3-cbc-sha1-kd:normal rc4-hmac:normal
-  default_principal_flags = +renewable
- }
-

v8/test/testenv/docker/krb5kdc-res/krb5.conf

@@ -1,39 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = RESDOM.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = 127.0.0.1:88
-  admin_server = 127.0.0.1:749
-  default_domain = test.gokrb5
- }
-  RESDOM.GOKRB5 = {
-   kdc = 127.0.0.1:188
-   admin_server = 127.0.0.1:749
-   default_domain = resdom.gokrb5
-  }
-
-[domain_realm]
- .test.gokrb5 = TEST.GOKRB5
- test.gokrb5 = TEST.GOKRB5
- .resdom.gokrb5 = RESDOM.GOKRB5
- resdom.gokrb5 = RESDOM.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/docker/krb5kdc-res/krb5kdc-init.sh

@@ -1,53 +0,0 @@
-#!/bin/bash
-
-REALM=RESDOM.GOKRB5
-DOMAIN=resdom.gokrb5
-SERVER_HOST=kdc.resdom.gokrb5
-ADMIN_USERNAME=adminuser
-HOST_PRINCIPALS="kdc.resdom.gokrb5 host.resdom.gokrb5"
-SPNs="HTTP/host.resdom.gokrb5"
-
-create_entropy() {
-   while true
-   do
-     sleep $(( ( RANDOM % 10 )  + 1 ))
-     echo "Generating Entropy... $RANDOM"
-   done
-}
-
-create_entropy &
-ENTROPY_PID=$!
-
-
-  echo "Kerberos initialisation required. Creating database for ${REALM} ..."
-  echo "This can take a long time if there is little entropy. A process has been started to create some."
-  MASTER_PASSWORD=$(echo $RANDOM$RANDOM$RANDOM | md5sum | awk '{print $1}')
-  /usr/sbin/kdb5_util create -r ${REALM} -s -P ${MASTER_PASSWORD}
-  kill -9 ${ENTROPY_PID}
-  echo "Kerberos database created."
-  /usr/sbin/kadmin.local -q "add_principal -randkey ${ADMIN_USERNAME}/admin"
-  echo "Kerberos admin user created: ${ADMIN_USERNAME} To update password: sudo /usr/sbin/kadmin.local -q \"change_password ${ADMIN_USERNAME}/admin\""
-
-  KEYTAB_DIR="/keytabs"
-  mkdir -p $KEYTAB_DIR
-
-  if [ ! -z "${HOST_PRINCIPALS}" ]; then
-    for host in ${HOST_PRINCIPALS}
-    do
-      /usr/sbin/kadmin.local -q "add_principal -pw hostpasswordvalue -kvno 1 host/$host"
-      echo "Created host principal host/$host"
-    done
-  fi
-
-  /usr/sbin/kadmin.local -q "add_principal -pw spnpasswordvalue -kvno 1 HTTP/host.resdom.gokrb5"
-
-  /usr/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser1"
-  /usr/sbin/kadmin.local -q "add_principal +requires_preauth -pw passwordvalue -kvno 1 testuser2"
-  /usr/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser3"
-
-  # Set up trust
-  /usr/sbin/kadmin.local -q "add_principal -requires_preauth -pw trustpasswd -kvno 1 krbtgt/TEST.GOKRB5@RESDOM.GOKRB5"
-  /usr/sbin/kadmin.local -q "add_principal -requires_preauth -pw trustpasswd -kvno 1 krbtgt/RESDOM.GOKRB5@TEST.GOKRB5"
-
-
-  echo "Kerberos initialisation complete"

v8/test/testenv/docker/krb5kdc-shorttickets/Dockerfile

@@ -1,22 +0,0 @@
-FROM centos:latest
-MAINTAINER Jonathan Turner <jt@jtnet.co.uk>
-
-EXPOSE 88
-EXPOSE 464
-ENTRYPOINT ["/opt/krb5/bin/start.sh"]
-
-RUN yum install -y \
-  krb5-server \
-  tcpdump krb5-workstation vim \
- && yum update -y && yum clean all
-
-ADD krb5.conf /etc/krb5.conf
-ADD kdc.conf /var/kerberos/krb5kdc/kdc.conf
-ADD kadm5.acl /var/kerberos/krb5kdc/kadm5.acl
-ADD krb5kdc-init.sh /opt/krb5/bin/krb5kdc-init.sh
-ADD start.sh /opt/krb5/bin/start.sh
-RUN mkdir -p /opt/krb5/log && \
-  mkdir -p /var/log/kerberos && \
-  chmod 744 /opt/krb5/bin/start.sh && \
-  /bin/bash /opt/krb5/bin/krb5kdc-init.sh && \
-  ln -sf /dev/stdout /var/log/krb5kdc.log

v8/test/testenv/docker/krb5kdc-shorttickets/README.md

@@ -1,16 +0,0 @@
-# KDC Intergation Test Instance for TEST.GOKRB5
-
-DO NOT USE THIS CONTAINER FOR ANY PRODUCTION USE!!!
-
-To run:
-```bash
-docker run -v /etc/localtime:/etc/localtime:ro -p 58:88 -p 58:88/udp --rm --name gokrb5-kdc-shorttickets jcmturner/gokrb5:kdc-shorttickets &
-```
-
-To build:
-```bash
-docker build -t jcmturner/gokrb5:kdc-shorttickets --force-rm=true --rm=true .
-docker push jcmturner/gokrb5:kdc-shorttickets
-```
-
-

v8/test/testenv/docker/krb5kdc-shorttickets/kadm5.acl

@@ -1,4 +0,0 @@
-testuser1@TEST.GOKRB5	*
-*/admin@TEST.GOKRB5	*
-*/*@TEST.GOKRB5		i
-*@TEST.GOKRB5		i

v8/test/testenv/docker/krb5kdc-shorttickets/kdc.conf

@@ -1,16 +0,0 @@
-[kdcdefaults]
- kdc_ports = 88
- kdc_tcp_ports = 88
-
-[realms]
- TEST.GOKRB5 = {
-  master_key_type = aes256-cts-hmac-sha1-96
-  max_life = 20s
-  max_renewable_life = 55s
-  acl_file = /var/kerberos/krb5kdc/kadm5.acl
-  dict_file = /usr/share/dict/words
-  admin_keytab = /opt/krb5/data/kadm5.keytab
-  supported_enctypes = aes128-cts-hmac-sha1-96:normal aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha256-128:normal aes256-cts-hmac-sha384-192:normal rc4-hmac:normal
-  default_principal_flags = +renewable
- }
-

v8/test/testenv/docker/krb5kdc-shorttickets/krb5.conf

@@ -1,32 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = TEST.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = 127.0.0.1:88
-  admin_server = 127.0.0.1:749
-  default_domain = test.gokrb5
- }
-
-[domain_realm]
- .test.gokrb5 = TEST.GOKRB5
- test.gokrb5 = TEST.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/docker/krb5kdc-shorttickets/krb5kdc-init.sh

@@ -1,52 +0,0 @@
-#!/bin/bash
-
-REALM=TEST.GOKRB5
-DOMAIN=test.gokrb5
-SERVER_HOST=kdc.test.gokrb5
-ADMIN_USERNAME=adminuser
-HOST_PRINCIPALS="kdc.test.gokrb5 host.test.gokrb5"
-SPNs="HTTP/host.test.gokrb5"
-
-create_entropy() {
-   while true
-   do
-     sleep $(( ( RANDOM % 10 )  + 1 ))
-     echo "Generating Entropy... $RANDOM"
-   done
-}
-
-create_entropy &
-ENTROPY_PID=$!
-
-
-  echo "Kerberos initialisation required. Creating database for ${REALM} ..."
-  echo "This can take a long time if there is little entropy. A process has been started to create some."
-  MASTER_PASSWORD=$(echo $RANDOM$RANDOM$RANDOM | md5sum | awk '{print $1}')
-  /usr/sbin/kdb5_util create -r ${REALM} -s -P ${MASTER_PASSWORD}
-  kill -9 ${ENTROPY_PID}
-  echo "Kerberos database created."
-  /usr/sbin/kadmin.local -q "add_principal -randkey ${ADMIN_USERNAME}/admin"
-  echo "Kerberos admin user created: ${ADMIN_USERNAME} To update password: sudo /usr/sbin/kadmin.local -q \"change_password ${ADMIN_USERNAME}/admin\""
-
-  KEYTAB_DIR="/keytabs"
-  mkdir -p $KEYTAB_DIR
-
-  if [ ! -z "${HOST_PRINCIPALS}" ]; then
-    for host in ${HOST_PRINCIPALS}
-    do
-      /usr/sbin/kadmin.local -q "add_principal -pw hostpasswordvalue -kvno 1 host/$host"
-      echo "Created host principal host/$host"
-    done
-  fi
-
-  /usr/sbin/kadmin.local -q "add_principal -pw spnpasswordvalue -kvno 1 HTTP/host.test.gokrb5"
-
-  /usr/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser1"
-  /usr/sbin/kadmin.local -q "add_principal +requires_preauth -pw passwordvalue -kvno 1 testuser2"
-  /usr/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser3"
-
-  # Set up trust
-  /usr/sbin/kadmin.local -q "add_principal -requires_preauth -pw trustpasswd -kvno 1 krbtgt/TEST.GOKRB5@RESDOM.GOKRB5"
-  /usr/sbin/kadmin.local -q "add_principal -requires_preauth -pw trustpasswd -kvno 1 krbtgt/RESDOM.GOKRB5@TEST.GOKRB5"
-
-  echo "Kerberos initialisation complete"

v8/test/testenv/docker/krb5kdc-shorttickets/start.sh

@@ -1,4 +0,0 @@
-#!/bin/bash
-
-/usr/sbin/kadmind &
-/usr/sbin/krb5kdc -n

v8/test/testenv/docker/krb5kdc/Dockerfile

@@ -1,22 +0,0 @@
-FROM centos:latest
-MAINTAINER Jonathan Turner <jt@jtnet.co.uk>
-
-EXPOSE 88
-EXPOSE 464
-ENTRYPOINT ["/opt/krb5/bin/start.sh"]
-
-RUN yum install -y \
-  krb5-server \
-  tcpdump krb5-workstation vim \
- && yum update -y && yum clean all
-
-ADD krb5.conf /etc/krb5.conf
-ADD kdc.conf /var/kerberos/krb5kdc/kdc.conf
-ADD kadm5.acl /var/kerberos/krb5kdc/kadm5.acl
-ADD krb5kdc-init.sh /opt/krb5/bin/krb5kdc-init.sh
-ADD start.sh /opt/krb5/bin/start.sh
-RUN mkdir -p /opt/krb5/log && \
-  mkdir -p /var/log/kerberos && \
-  chmod 744 /opt/krb5/bin/start.sh && \
-  /bin/bash /opt/krb5/bin/krb5kdc-init.sh && \
-  ln -sf /dev/stdout /var/log/krb5kdc.log

v8/test/testenv/docker/krb5kdc/README.md

@@ -1,16 +0,0 @@
-# KDC Intergation Test Instance for TEST.GOKRB5
-
-DO NOT USE THIS CONTAINER FOR ANY PRODUCTION USE!!!
-
-To run:
-```bash
-docker run -v /etc/localtime:/etc/localtime:ro -p 88:88 -p 88:88/udp -p 464:464 -p 464:464/udp --rm --name gokrb5-kdc-centos-default jcmturner/gokrb5:kdc-centos-default &
-```
-
-To build:
-```bash
-docker build -t jcmturner/gokrb5:kdc-centos-default --force-rm=true --rm=true .
-docker push jcmturner/gokrb5:kdc-centos-default
-```
-
-

v8/test/testenv/docker/krb5kdc/kadm5.acl

@@ -1,4 +0,0 @@
-testuser1@TEST.GOKRB5	*
-*/admin@TEST.GOKRB5	*
-*/*@TEST.GOKRB5		i
-*@TEST.GOKRB5		i

v8/test/testenv/docker/krb5kdc/kdc.conf

@@ -1,15 +0,0 @@
-[kdcdefaults]
- kdc_ports = 88
- kdc_tcp_ports = 88
-
-[realms]
- TEST.GOKRB5 = {
-  master_key_type = aes256-cts-hmac-sha1-96
-  max_life = 12h 0m 0s
-  max_renewable_life = 7d 0h 0m 0s
-  acl_file = /var/kerberos/krb5kdc/kadm5.acl
-  dict_file = /usr/share/dict/words
-  admin_keytab = /opt/krb5/data/kadm5.keytab
-  supported_enctypes = aes128-cts-hmac-sha1-96:normal aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha256-128:normal aes256-cts-hmac-sha384-192:normal des3-cbc-sha1-kd:normal rc4-hmac:normal
-  default_principal_flags = +renewable
- }

v8/test/testenv/docker/krb5kdc/krb5.conf

@@ -1,32 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = TEST.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = 127.0.0.1:88
-  admin_server = 127.0.0.1:749
-  default_domain = test.gokrb5
- }
-
-[domain_realm]
- .test.gokrb5 = TEST.GOKRB5
- test.gokrb5 = TEST.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/docker/krb5kdc/krb5kdc-init.sh

@@ -1,54 +0,0 @@
-#!/bin/bash
-
-REALM=TEST.GOKRB5
-DOMAIN=test.gokrb5
-SERVER_HOST=kdc.test.gokrb5
-ADMIN_USERNAME=adminuser
-HOST_PRINCIPALS="kdc.test.gokrb5 host.test.gokrb5"
-SPNs="HTTP/host.test.gokrb5"
-
-create_entropy() {
-   while true
-   do
-     sleep $(( ( RANDOM % 10 )  + 1 ))
-     echo "Generating Entropy... $RANDOM"
-   done
-}
-
-create_entropy &
-ENTROPY_PID=$!
-
-
-  echo "Kerberos initialisation required. Creating database for ${REALM} ..."
-  echo "This can take a long time if there is little entropy. A process has been started to create some."
-  MASTER_PASSWORD=$(echo $RANDOM$RANDOM$RANDOM | md5sum | awk '{print $1}')
-  /usr/sbin/kdb5_util create -r ${REALM} -s -P ${MASTER_PASSWORD}
-  kill -9 ${ENTROPY_PID}
-  echo "Kerberos database created."
-  /usr/sbin/kadmin.local -q "add_principal -randkey ${ADMIN_USERNAME}/admin"
-  echo "Kerberos admin user created: ${ADMIN_USERNAME} To update password: sudo /usr/sbin/kadmin.local -q \"change_password ${ADMIN_USERNAME}/admin\""
-
-  KEYTAB_DIR="/keytabs"
-  mkdir -p $KEYTAB_DIR
-
-  if [ ! -z "${HOST_PRINCIPALS}" ]; then
-    for host in ${HOST_PRINCIPALS}
-    do
-      /usr/sbin/kadmin.local -q "add_principal -pw hostpasswordvalue -kvno 1 host/$host"
-      echo "Created host principal host/$host"
-    done
-  fi
-
-  /usr/sbin/kadmin.local -q "add_principal -pw spnpasswordvalue -kvno 1 HTTP/host.test.gokrb5"
-  /usr/sbin/kadmin.local -q "add_principal -pw dnspasswordvalue -kvno 1 DNS/ns.test.gokrb5"
-
-
-  /usr/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser1"
-  /usr/sbin/kadmin.local -q "add_principal +requires_preauth -pw passwordvalue -kvno 1 testuser2"
-  /usr/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser3"
-
-  # Set up trust
-  /usr/sbin/kadmin.local -q "add_principal -requires_preauth -pw trustpasswd -kvno 1 krbtgt/TEST.GOKRB5@RESDOM.GOKRB5"
-  /usr/sbin/kadmin.local -q "add_principal -requires_preauth -pw trustpasswd -kvno 1 krbtgt/RESDOM.GOKRB5@TEST.GOKRB5"
-
-  echo "Kerberos initialisation complete"

v8/test/testenv/docker/krb5kdc/start.sh

@@ -1,4 +0,0 @@
-#!/bin/bash
-
-/usr/sbin/kadmind &
-/usr/sbin/krb5kdc -n

v8/test/testenv/docker/krbhttp/Dockerfile

@@ -1,32 +0,0 @@
-FROM centos:latest
-MAINTAINER Jonathan Turner <jt@jtnet.co.uk>
-
-EXPOSE 80 443
-ENV LANG C
-ENV KRB5RCACHEDIR=/var/tmp
-ENV KRB5RCACHETYPE=dfl
-ENTRYPOINT ["/usr/sbin/httpd", "-DFOREGROUND"]
-
-RUN yum install -y \
-  httpd \
-  mod_auth_kerb \
-  mod_auth_gssapi \
-  mod_session \
-  mod_ssl \
-  tcpdump krb5-workstation vim \
-  && yum update -y && yum clean all
-
-RUN mkdir /var/www/html/modkerb && mkdir /var/www/html/modgssapi
-ADD httpd-krb5.conf /etc/httpd/conf.d/
-ADD index.html /var/www/html/modkerb/index.html
-ADD index.html /var/www/html/modgssapi/index.html
-ADD krb5.conf /etc/krb5.conf
-ADD http.testtab /etc/httpd/
-ADD host.testtab /etc/krb5.keytab
-#RUN ln -sf /dev/stdout /var/log/httpd/access_log && \
-# ln -sf /dev/stdout /var/log/httpd/ssl_access_log && \
-# ln -sf /dev/stdout /var/log/httpd/ssl_request_log && \
-# ln -sf /dev/stderr /var/log/httpd/error_log && \
-# ln -sf /dev/stderr /var/log/httpd/ssl_error_log
-
-

v8/test/testenv/docker/krbhttp/README.md

@@ -1,16 +0,0 @@
-# HTTPD Intergation Test Instance for TEST.GOKRB5
-
-DO NOT USE THIS CONTAINER FOR ANY PRODUCTION USE!!!
-
-To run:
-```bash
-docker run -v /etc/localtime:/etc/localtime:ro -p 80:80 -p 443:443 --rm --name gokrb5-http jcmturner/gokrb5:http &
-```
-
-To build:
-```bash
-docker build -t jcmturner/gokrb5:http --force-rm=true --rm=true .
-docker push jcmturner/gokrb5:http
-```
-
-

v8/test/testenv/docker/krbhttp/httpd-krb5.conf

@@ -1,26 +0,0 @@
-LimitRequestFieldSize 65536
-ProxyIOBufferSize 65536
-<LocationMatch /modgssapi>
-    AuthType GSSAPI
-    AuthName "GoKrb5 Test SPNEGO"
-    GssapiCredStore keytab:/etc/httpd/http.testtab
-    GssapiUseSessions On
-    Session On
-    SessionCookieName gssapi_session path=/;httponly;
-    Require valid-user
-</LocationMatch>
-<LocationMatch /modkerb>
-        AuthType Kerberos
-        AuthName "TEST"
-        KrbServiceName HTTP
-        KrbMethodNegotiate On
-        KrbMethodK5Passwd On
-        KrbLocalUserMapping On
-        KrbAuthRealms TEST.GOKRB5
-        Krb5KeyTab /etc/httpd/http.testtab
-        #KrbSaveCredentials On
-        require valid-user
-</LocationMatch>
-
-RewriteEngine On
-RewriteRule ^/redirect(.*)$ http://%{SERVER_NAME}/modgssapi/ [R=301,L]

v8/test/testenv/docker/krbhttp/index.html

@@ -1 +0,0 @@
-<html>TEST.GOKRB5</html>

v8/test/testenv/docker/krbhttp/krb5.conf

@@ -1,26 +0,0 @@
-[libdefaults]
-  default_realm = TEST.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = gokrb5-kdc-centos-default:88
-  admin_server = gokrb5-kdc-centos-default:749
-  default_domain = test.gokrb5
- }
-
-[domain_realm]
- .test.gokrb5 = TEST.GOKRB5
- test.gokrb5 = TEST.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/krb5kdc-vagrant/.gitignore

@@ -1,2 +0,0 @@
-.vagrant
-.vagrant/*

v8/test/testenv/krb5kdc-vagrant/Vagrantfile

@@ -1,12 +0,0 @@
-Vagrant.configure("2") do |config|
-  config.vm.provider "virtualbox" do |v|
-    v.memory = 1024
-    v.cpus = 1
-  end
-  config.vm.define "krb5kdc", primary: true do |krb5kdc|
-    krb5kdc.vm.hostname = "kdc.test.gokrb5"
-    krb5kdc.vm.box = "centos/7"
-    krb5kdc.vm.network "private_network", ip: "10.80.88.88", netmask: "255.255.0.0"
-    krb5kdc.vm.provision :shell, path: "bootstrap.sh"
-  end
-end

v8/test/testenv/krb5kdc-vagrant/bootstrap.sh

@@ -1,26 +0,0 @@
-#!/bin/bash
-
-rm /etc/localtime
-ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
-setenforce 0
-sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/sysconfig/selinux
-
-yum update -y && yum clean all
-yum install -y tcpdump krb5-server krb5-workstation httpd mod_auth_kerb mod_ssl ntp vim net-tools
-
-systemctl stop firewalld
-systemctl disable firewalld
-systemctl enable ntpd
-
-cat <<EOF >> /etc/sysctl.conf
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.default.disable_ipv6 = 1
-net.ipv6.conf.lo.disable_ipv6 = 1
-EOF
-
-echo "10.80.88.89 client.test.gokrb5" >> /etc/hosts
-
-
-sh /vagrant/kdc-setup.sh
-
-reboot

v8/test/testenv/krb5kdc-vagrant/kadm5.acl

@@ -1,4 +0,0 @@
-__ADMIN_USER__@__REALM__	*
-*/admin@__REALM__	*
-*/*@__REALM__		i
-*@__REALM__		i

v8/test/testenv/krb5kdc-vagrant/kdc-setup.sh

@@ -1,64 +0,0 @@
-#!/bin/bash
-
-
-REALM=TEST.GOKRB5
-DOMAIN=test.gokrb5
-SERVER_HOST=kdc.test.gokrb5
-ADMIN_USERNAME=adminuser
-HOST_PRINCIPALS="kdc.test.gokrb5 host.test.gokrb5"
-
-cp /vagrant/krb5.conf /etc/krb5.conf
-cp /var/kerberos/krb5kdc/kdc.conf /var/kerberos/krb5kdc/kdc.conf-old
-cp /vagrant/kdc.conf /var/kerberos/krb5kdc/kdc.conf
-cp /vagrant/kadm5.acl /var/kerberos/krb5kdc/kadm5.acl
-
-sed -i "s/__ADMIN_USER__/${ADMIN_USERNAME}/g" /var/kerberos/krb5kdc/kadm5.acl
-sed -i "s/__REALM__/${REALM}/g" /var/kerberos/krb5kdc/kadm5.acl
-sed -i "s/__REALM__/${REALM}/g" /var/kerberos/krb5kdc/kdc.conf
-sed -i "s/__REALM__/${REALM}/g" /etc/krb5.conf
-sed -i "s/__DOMAIN__/${DOMAIN}/g" /etc/krb5.conf
-sed -i "s/__SERVER_HOST__/${SERVER_HOST}/g" /etc/krb5.conf
-
-create_entropy() {
-   while true
-   do
-     sleep $(( ( RANDOM % 10 )  + 1 ))
-     echo "Generating Entropy... $RANDOM"
-   done
-}
-
-create_entropy &
-
-  echo "Kerberos initialisation required. Creating database for ${REALM} ..."
-  echo "This can take a long time if there is little entropy. A process has been started to create some."
-  MASTER_PASSWORD=$(echo $RANDOM$RANDOM$RANDOM | md5sum | awk '{print $1}')
-  /usr/sbin/kdb5_util create -r ${REALM} -s -P ${MASTER_PASSWORD}
-  echo "Kerberos database created."
-  /usr/sbin/kadmin.local -q "add_principal -randkey ${ADMIN_USERNAME}/admin"
-  echo "Kerberos admin user created: ${ADMIN_USERNAME} To update password: sudo /usr/sbin/kadmin.local -q \"change_password ${ADMIN_USERNAME}/admin\""
-
-  KEYTAB_DIR="/keytabs"
-  mkdir -p $KEYTAB_DIR
-
-  if [ ! -z "${HOST_PRINCIPALS}" ]; then
-    for host in ${HOST_PRINCIPALS}
-    do
-      /usr/sbin/kadmin.local -q "add_principal -pw hostpasswordvalue -kvno 1 host/$host"
-      echo "Created host principal host/$host"
-    done
-  fi
-
-  /usr/sbin/kadmin.local -q "add_principal -pw spnpasswordvalue -kvno 1 HTTP/host.test.gokrb5"
-
-  /usr/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser1"
-  /usr/sbin/kadmin.local -q "add_principal +requires_preauth -pw passwordvalue -kvno 1 testuser2"
-  /usr/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser3"
-
-
-  echo "Kerberos initialisation complete"
-
-
-
-systemctl restart krb5kdc
-systemctl start kadmin
-systemctl enable krb5kdc kadmin

v8/test/testenv/krb5kdc-vagrant/kdc.conf

@@ -1,15 +0,0 @@
-[kdcdefaults]
- kdc_ports = 88
- kdc_tcp_ports = 88
-
-[realms]
- __REALM__ = {
-  master_key_type = aes256-cts-hmac-sha1-96
-  max_life = 12h 0m 0s
-  max_renewable_life = 7d 0h 0m 0s
-  acl_file = /var/kerberos/krb5kdc/kadm5.acl
-  dict_file = /usr/share/dict/words
-  admin_keytab = /opt/krb5/data/kadm5.keytab
-  supported_enctypes = aes128-cts-hmac-sha1-96:normal aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha256-128:normal aes256-cts-hmac-sha384-192:normal des3-cbc-sha1-kd:normal rc4-hmac:normal
-  default_principal_flags = +renewable
- }

v8/test/testenv/krb5kdc-vagrant/krb5.conf

@@ -1,32 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = __REALM__
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- __REALM__ = {
-  kdc = __SERVER_HOST__:88
-  admin_server = __SERVER_HOST__:749
-  default_domain = __DOMAIN__
- }
-
-[domain_realm]
- .__DOMAIN__ = __REALM__
- __DOMAIN__ = __REALM__
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/krbclient-vagrant/.gitignore

@@ -1,3 +0,0 @@
-.vagrant
-.vagrant/*
-*console.log

v8/test/testenv/krbclient-vagrant/Vagrantfile

@@ -1,12 +0,0 @@
-Vagrant.configure("2") do |config|
-  config.vm.provider "virtualbox" do |v|
-    v.memory = 1024
-    v.cpus = 1
-  end
-  config.vm.define "krbclient", primary: true do |krbclient|
-    krbclient.vm.hostname = "client.test.gokrb5"
-    krbclient.vm.box = "ubuntu/bionic64"
-    krbclient.vm.network "private_network", ip: "10.80.88.89", netmask: "255.255.0.0"
-    krbclient.vm.provision :shell, path: "bootstrap.sh"
-  end
-end

v8/test/testenv/krbclient-vagrant/bootstrap.sh

@@ -1,13 +0,0 @@
-#!/bin/bash
-
-rm /etc/localtime
-ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
-
-mkdir -p /var/log/kerberos
-cp /vagrant/krb5.conf /etc/krb5.conf
-echo "10.80.88.88 kdc.test.gokrb5" >> /etc/hosts
-echo "10.80.88.90 host.test.gokrb5" >> /etc/hosts
-
-sudo apt-get update && sudo apt-get install -y krb5-user ntp && apt-get upgrade -y
-
-reboot

v8/test/testenv/krbclient-vagrant/krb5.conf

@@ -1,34 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = TEST.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-  default_tkt_enctypes = aes256-cts-hmac-sha1-96
-  default_tgs_enctypes = aes256-cts-hmac-sha1-96
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = 10.80.88.88:88
-  admin_server = 10.80.88.88:749
-  default_domain = test.gokrb5
- }
-
-[domain_realm]
- .test.com = TEST.GOKRB5
- test.com = TEST.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/action_provision

@@ -1 +0,0 @@
-1.5:46717a50-8fab-49de-b847-1e08fbaf42d2

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/action_set_name

@@ -1 +0,0 @@
-1560683787

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/box_meta

@@ -1 +0,0 @@
-{"name":"centos/7","version":"1902.01","provider":"virtualbox","directory":"boxes/centos-VAGRANTSLASH-7/1902.01/virtualbox"}

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/creator_uid

@@ -1 +0,0 @@
-501

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/id

@@ -1 +0,0 @@
-46717a50-8fab-49de-b847-1e08fbaf42d2

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/index_uuid

@@ -1 +0,0 @@
-4c63b92a6aaf484781311a43eaf2d8c6

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/private_key

@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEA1QFEpGEUHbki3OAkxi0eWsv3iHKz7elQNKjRRSq3QqxWUvA4
-xIWeMiA7k0su0mm4l85hL62kEom+zKn4jBOgqPeSKTl6lh8dsbXjUUYU26v8nu5t
-FzQkIaQ0AjHUWlgI5m6anhncZKOhewGSoYkxvY3ktfCIuwFVOXDMmLVAFMqtaCHo
-6tr/42ezw4OwGO9JvAGfFmErynxwBMdf1RCB7dO60X92QXw+WfI1y0UusOIoGBzu
-W++HxM24LxQ9SOeYJsGE3cpmIqTSrnJFD+8g6eOouN7ym6L+z6b9+Cxe38jjyDyP
-J0fYLgbNv+gsKVSl4WgyBvAib67bLoKBIUkEHQIDAQABAoIBAAuaYBTcPO5JkX6a
-ryYkewzTI47JQMfq97WGpK+x3f3ByYoHD/CUnsN4QgaKB+jqXWXXli+0s8VWv5AC
-ikmHIC9UHSAlw2m+FC4EDHf261f0DHTT5Blpe7ZhbXvZHwo01XdH+yA1pG3PBBLh
-SQ2HnbAHtLe8fJZDQlM4s8x1wyHetvwGrL+9R2Z/+k4l//9HCg7z1ZlmpTG8UF1z
-Uh+PrWG9jsstoP8FIq1s/3qn0PB8Gnn0lDY4WdYASTE6xCc81jMTOmzPzyFo1y6x
-RWMqi9hqNPl5voB4bzqaEUnZF+xC709z51hsXVqJgHWaavAlqj+OLFgE8fhqYrT8
-8rjfFMECgYEA/5dW2zXEC12jGi6QzY9M6kwB0UfiEeNwo5znZuJtqSkghPb8bZSj
-G3eK/C5er7ydboTxj82jpPu1cwC7vH2QbawtL/CYn2FoasM3Mpx+Ixd5oPwI+Wfg
-L7PuieAs97SUNFXiYLl9KUCBqrDksSMxJ688E5lYYpPdFLT9Nf9kpJkCgYEA1Vh9
-jXZqDjXJIa0FYBRjURiqblhyS1qs/guJYQFsIxmt3ZlevJ4RFzoyq14iVHsmQGIL
-hMp9yoXSxUmZFc3+kwlSG9fzrklXU3GUjwydqki60We84ITeOSmutX+EgsBMYUGl
-j8krXNQS579/Wrbt05XRMxD/ArysHpPvKAIRSiUCgYBvJQ2VJ81HsAFkOkmnyiAF
-ZuYHbv3lD4WE8I9EE0TiocrNZ2Yf9Nn08MgUn8l3HEtNqywsf50g+oBOMUxyTBwJ
-RS0lQrfr3vz8KEYRkTHc6rFuiwsQAdbgh5s8g6qqUPF9zLcznpXJ4Y5BfskEKqyO
-eEpkr3Na8rfZ8FaIK7ZFSQKBgC9ZWVwZCMaolz/7F3NQcw5fjAu7Y3pn4Hbtdorp
-9ub/XwAMduMjraVbDD3OQY5AWqf1WpsZGbvl4XZZtDkLo9FcQzXcwr9Olav2TENH
-SIKva47oGBo4Qt2q65Rqfa1LImh/WlBEFHSguKVoccpfSP8pg+lyfzZLS2Pp7y0Q
-8GdlAoGBANbyRGCYO3OZ5asZJiCV9DVvbolERIiizVIQbeUqKJGWXFhTLXKRiDwP
-OgPyK7Q0CFiDDanfpTcBLtIf/mUYAEXtbdPnJEif7HXICCAN5yLsmCAdiZVaL+Ir
-W3WUqCKeQUh+KfbwsBC+Daoll0vWMUllQj6Z8NcJ77kY1/eG/fss
------END RSA PRIVATE KEY-----

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/synced_folders

@@ -1 +0,0 @@
-{"rsync":{"/vagrant":{"type":"rsync","guestpath":"/vagrant","hostpath":"/Users/turnerj/gopath/src/github.com/jcmturner/gokrb5/test/testenv/krbhttp-vagrant","disabled":false,"__vagrantfile":true,"owner":"vagrant","group":"vagrant"}}}

v8/test/testenv/krbhttp-vagrant/.vagrant/machines/krbhttp/virtualbox/vagrant_cwd

@@ -1 +0,0 @@
-/Users/turnerj/gopath/src/github.com/jcmturner/gokrb5/test/testenv/krbhttp-vagrant

v8/test/testenv/krbhttp-vagrant/.vagrant/rgloader/loader.rb

@@ -1,9 +0,0 @@
-# This file loads the proper rgloader/loader.rb file that comes packaged
-# with Vagrant so that encoded files can properly run with Vagrant.
-
-if ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"]
-  require File.expand_path(
-    "rgloader/loader", ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"])
-else
-  raise "Encoded files can't be read outside of the Vagrant installer."
-end

v8/test/testenv/krbhttp-vagrant/Vagrantfile

@@ -1,12 +0,0 @@
-Vagrant.configure("2") do |config|
-  config.vm.provider "virtualbox" do |v|
-    v.memory = 1024
-    v.cpus = 1
-  end
-  config.vm.define "krbhttp", primary: true do |krbhttp|
-    krbhttp.vm.hostname = "host.test.gokrb5"
-    krbhttp.vm.box = "centos/7"
-    krbhttp.vm.network "private_network", ip: "10.80.88.90", netmask: "255.255.0.0"
-    krbhttp.vm.provision :shell, path: "bootstrap.sh"
-  end
-end

v8/test/testenv/krbhttp-vagrant/a_update

@@ -1,5 +0,0 @@
-debug
-server 10.80.88.88
-zone test.gokrb5.
-update add host.test.gokrb5. 86400  IN A 1.2.3.4
-send

v8/test/testenv/krbhttp-vagrant/bootstrap.sh

@@ -1,46 +0,0 @@
-#!/bin/bash
-
-rm /etc/localtime
-ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
-setenforce 0
-sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
-
-yum update -y
-yum install -y \
-   httpd \
-   mod_auth_kerb \
-   mod_auth_gssapi \
-   mod_ssl \
-   ntp \
-   bind-utils \
-   krb5-workstation
-
-systemctl stop firewalld
-systemctl disable firewalld
-systemctl enable ntpd
-
-cat <<EOF >> /etc/sysctl.conf
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.default.disable_ipv6 = 1
-net.ipv6.conf.lo.disable_ipv6 = 1
-EOF
-
-echo "10.80.88.88 kdc.test.gokrb5" >> /etc/hosts
-echo "10.80.88.89 client.test.gokrb5" >> /etc/hosts
-echo "10.80.88.90 host.test.gokrb5" >> /etc/hosts
-
-sh /vagrant/krb-setup.sh
-mv /vagrant/httpd-krb5.conf /etc/httpd/conf.d/
-cp /vagrant/host.testtab /etc/krb5.keytab
-chcon system_u:object_r:httpd_config_t:s0 /etc/httpd/conf.d/*
-chcon system_u:object_r:httpd_config_t:s0 /vagrant/http.testtab
-chmod 644 /vagrant/http.testtab
-mkdir /var/www/html/modkerb
-mkdir /var/www/html/modgssapi
-echo "<html>TEST.GOKRB5</html>" > /var/www/html/modkerb/index.html
-echo "<html>TEST.GOKRB5</html>" > /var/www/html/modgssapi/index.html
-
-systemctl restart httpd
-systemctl enable httpd
-
-reboot

v8/test/testenv/krbhttp-vagrant/httpd-krb5.conf

@@ -1,21 +0,0 @@
-LimitRequestFieldSize 65536
-ProxyIOBufferSize 65536
-<LocationMatch /modgssapi>
-    AuthType GSSAPI
-    AuthName "GoKrb5 Test SPNEGO"
-    GssapiCredStore keytab:/vagrant/http.testtab
-    Require valid-user
-</LocationMatch>
-<LocationMatch /modkerb>
-        AuthType Kerberos
-        AuthName "TEST"
-        KrbServiceName HTTP
-        KrbMethodNegotiate On
-        KrbMethodK5Passwd On
-        KrbLocalUserMapping On
-        KrbAuthRealms TEST.GOKRB5
-        Krb5KeyTab /vagrant/http.testtab
-        #KrbSaveCredentials On
-        require valid-user
-</LocationMatch>
-

v8/test/testenv/krbhttp-vagrant/krb-setup.sh

@@ -1,12 +0,0 @@
-#!/bin/bash
-
-
-REALM=TEST.GOKRB5
-DOMAIN=test.gokrb5
-SERVER_HOST=kdc.test.gokrb5
-
-cp /vagrant/krb5.conf /etc/krb5.conf
-
-sed -i "s/__REALM__/${REALM}/g" /etc/krb5.conf
-sed -i "s/__DOMAIN__/${DOMAIN}/g" /etc/krb5.conf
-sed -i "s/__SERVER_HOST__/${SERVER_HOST}/g" /etc/krb5.conf

v8/test/testenv/krbhttp-vagrant/krb5.conf

@@ -1,32 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = __REALM__
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- __REALM__ = {
-  kdc = __SERVER_HOST__:88
-  admin_server = __SERVER_HOST__:749
-  default_domain = __DOMAIN__
- }
-
-[domain_realm]
- .__DOMAIN__ = __REALM__
- __DOMAIN__ = __REALM__
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/latest-krb5kdc-vagrant/.gitignore

@@ -1,2 +0,0 @@
-.vagrant
-.vagrant/*

v8/test/testenv/latest-krb5kdc-vagrant/Vagrantfile

@@ -1,12 +0,0 @@
-Vagrant.configure("2") do |config|
-  config.vm.provider "virtualbox" do |v|
-    v.memory = 1024
-    v.cpus = 1
-  end
-  config.vm.define "krb5kdc", primary: true do |krb5kdc|
-    krb5kdc.vm.hostname = "kdc.test.gokrb5"
-    krb5kdc.vm.box = "centos/7"
-    krb5kdc.vm.network "private_network", ip: "10.80.88.108", netmask: "255.255.0.0"
-    krb5kdc.vm.provision :shell, path: "bootstrap.sh"
-  end
-end

v8/test/testenv/latest-krb5kdc-vagrant/bootstrap.sh

@@ -1,33 +0,0 @@
-#!/bin/bash
-
-rm /etc/localtime
-ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
-setenforce 0
-sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/sysconfig/selinux
-
-yum update -y && yum clean all
-yum install -y tcpdump ntp vim ncurses telnet ncurses-devel tcl net-tools
-yum groupinstall "Development Tools" -y
-
-cd /vagrant
-tar -xvzf krb5-1.15.1.tar.gz && cd krb5-1.15.1/src && \
-./configure && make && make install
-
-ln -s /usr/local/var/krb5kdc /var/kerberos/krb5kdc
-cp /vagrant/krb5kdc.service /etc/systemd/system/
-systemctl enable krb5kdc
-
-systemctl stop firewalld
-systemctl disable firewalld
-systemctl enable ntpd
-
-cat <<EOF >> /etc/sysctl.conf
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.default.disable_ipv6 = 1
-net.ipv6.conf.lo.disable_ipv6 = 1
-EOF
-
-echo "10.80.88.89 client.test.gokrb5" >> /etc/hosts
-
-sh /vagrant/kdc-setup.sh
-

v8/test/testenv/latest-krb5kdc-vagrant/kadm5.acl

@@ -1,4 +0,0 @@
-__ADMIN_USER__@__REALM__	*
-*/admin@__REALM__	*
-*/*@__REALM__		i
-*@__REALM__		i

v8/test/testenv/latest-krb5kdc-vagrant/kdc-setup.sh

@@ -1,60 +0,0 @@
-#!/bin/bash
-
-systemctl start krb5kdc
-
-REALM=TEST.GOKRB5
-DOMAIN=test.gokrb5
-SERVER_HOST=kdc.test.gokrb5
-ADMIN_USERNAME=adminuser
-HOST_PRINCIPALS="kdc.test.gokrb5 host.test.gokrb5"
-
-cp /vagrant/krb5.conf /etc/krb5.conf
-cp /var/kerberos/krb5kdc/kdc.conf /var/kerberos/krb5kdc/kdc.conf-old
-cp /vagrant/kdc.conf /var/kerberos/krb5kdc/kdc.conf
-cp /vagrant/kadm5.acl /var/kerberos/krb5kdc/kadm5.acl
-
-sed -i "s/__ADMIN_USER__/${ADMIN_USERNAME}/g" /var/kerberos/krb5kdc/kadm5.acl
-sed -i "s/__REALM__/${REALM}/g" /var/kerberos/krb5kdc/kadm5.acl
-sed -i "s/__REALM__/${REALM}/g" /var/kerberos/krb5kdc/kdc.conf
-sed -i "s/__REALM__/${REALM}/g" /etc/krb5.conf
-sed -i "s/__DOMAIN__/${DOMAIN}/g" /etc/krb5.conf
-sed -i "s/__SERVER_HOST__/${SERVER_HOST}/g" /etc/krb5.conf
-
-create_entropy() {
-   while true
-   do
-     sleep $(( ( RANDOM % 10 )  + 1 ))
-     echo "Generating Entropy... $RANDOM"
-   done
-}
-
-create_entropy &
-
-  echo "Kerberos initialisation required. Creating database for ${REALM} ..."
-  echo "This can take a long time if there is little entropy. A process has been started to create some."
-  MASTER_PASSWORD=$(echo $RANDOM$RANDOM$RANDOM | md5sum | awk '{print $1}')
-  /usr/local/sbin/kdb5_util create -r ${REALM} -s -P ${MASTER_PASSWORD}
-  echo "Kerberos database created."
-  /usr/local/sbin/kadmin.local -q "add_principal -randkey ${ADMIN_USERNAME}/admin"
-  echo "Kerberos admin user created: ${ADMIN_USERNAME} To update password: sudo /usr/local/sbin/kadmin.local -q \"change_password ${ADMIN_USERNAME}/admin\""
-
-  KEYTAB_DIR="/keytabs"
-  mkdir -p $KEYTAB_DIR
-
-  if [ ! -z "${HOST_PRINCIPALS}" ]; then
-    for host in ${HOST_PRINCIPALS}
-    do
-      /usr/local/sbin/kadmin.local -q "add_principal -pw hostpasswordvalue -kvno 1 host/$host"
-      echo "Created host principal host/$host"
-    done
-  fi
-
-  /usr/local/sbin/kadmin.local -q "add_principal -pw spnpasswordvalue -kvno 1 HTTP/host.test.gokrb5"
-
-  /usr/local/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser1"
-  /usr/local/sbin/kadmin.local -q "add_principal +requires_preauth -pw passwordvalue -kvno 1 testuser2"
-  /usr/local/sbin/kadmin.local -q "add_principal -pw passwordvalue -kvno 1 testuser3"
-
-  echo "Kerberos initialisation complete"
-
-systemctl restart krb5kdc

v8/test/testenv/latest-krb5kdc-vagrant/kdc.conf

@@ -1,15 +0,0 @@
-[kdcdefaults]
- kdc_ports = 88
- kdc_tcp_ports = 88
-
-[realms]
- __REALM__ = {
-  master_key_type = aes256-cts-hmac-sha1-96
-  max_life = 12h 0m 0s
-  max_renewable_life = 7d 0h 0m 0s
-  acl_file = /var/kerberos/krb5kdc/kadm5.acl
-  dict_file = /usr/share/dict/words
-  admin_keytab = /opt/krb5/data/kadm5.keytab
-  supported_enctypes = aes128-cts-hmac-sha1-96:normal aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha256-128:normal aes256-cts-hmac-sha384-192:normal des3-cbc-sha1-kd:normal rc4-hmac:normal
-  default_principal_flags = +renewable
- }

v8/test/testenv/latest-krb5kdc-vagrant/krb5.conf

@@ -1,32 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = __REALM__
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-
-[realms]
- __REALM__ = {
-  kdc = __SERVER_HOST__:88
-  admin_server = __SERVER_HOST__:749
-  default_domain = __DOMAIN__
- }
-
-[domain_realm]
- .__DOMAIN__ = __REALM__
- __DOMAIN__ = __REALM__
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/latest-krb5kdc-vagrant/krb5kdc.service

@@ -1,10 +0,0 @@
-[Unit]
-Description=Kerberos 5 KDC
-After=syslog.target network.target
-
-[Service]
-Type=forking
-ExecStart=/usr/local/sbin/krb5kdc 
-
-[Install]
-WantedBy=multi-user.target

v8/test/testenv/mit-krb5kdc/.gitignore

@@ -1,2 +0,0 @@
-.vagrant
-.vagrant/*

v8/test/testenv/mit-krb5kdc/Vagrantfile

@@ -1,12 +0,0 @@
-Vagrant.configure("2") do |config|
-  config.vm.provider "virtualbox" do |v|
-    v.memory = 1024
-    v.cpus = 1
-  end
-  config.vm.define "mitkrb5kdc", primary: true do |mitkrb5kdc|
-    mitkrb5kdc.vm.hostname = "kdc.test.gokrb5"
-    mitkrb5kdc.vm.box = "centos/7"
-    mitkrb5kdc.vm.network "private_network", ip: "10.80.88.88", netmask: "255.255.0.0"
-    mitkrb5kdc.vm.provision :shell, path: "bootstrap.sh"
-  end
-end

v8/test/testenv/mit-krb5kdc/bootstrap.sh

@@ -1,43 +0,0 @@
-#!/bin/bash
-
-rm /etc/localtime
-ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
-setenforce 0
-sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/sysconfig/selinux
-
-yum update -y && yum clean all
-yum install -y tcpdump ntp docker net-tools krb5-workstation vim
-
-systemctl stop firewalld
-systemctl disable firewalld
-systemctl enable ntpd docker
-systemctl start docker
-systemctl stop docker
-
-#Some storage issue with docker on centos 7.1 hack
-rm -f /etc/sysconfig/docker-storage
-rm -rf /var/lib/docker
-
-cat <<EOF >> /etc/sysctl.conf
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.default.disable_ipv6 = 1
-net.ipv6.conf.lo.disable_ipv6 = 1
-EOF
-
-cp /vagrant/krb5.conf /etc/krb5.conf
-cp /vagrant/*.service /etc/systemd/system/
-systemctl enable krb5kdc krb5kdc-resdom krb5kdc-latest krb5kdc-older krb5kdc-shorttickets httpd dns
-
-
-/usr/bin/docker pull jcmturner/gokrb5:http
-/usr/bin/docker pull jcmturner/gokrb5:kdc-centos-default
-/usr/bin/docker pull jcmturner/gokrb5:kdc-resdom
-/usr/bin/docker pull jcmturner/gokrb5:kdc-older
-/usr/bin/docker pull jcmturner/gokrb5:kdc-latest
-/usr/bin/docker pull jcmturner/gokrb5:kdc-shorttickets
-/usr/bin/docker pull jcmturner/gokrb5:dns
-
-
-reboot
-
-#systemctl start docker krb5kdc krb5kdc-res krb5kdc-latest krb5kdc-older

v8/test/testenv/mit-krb5kdc/dns.service

@@ -1,21 +0,0 @@
-[Unit]
-Description=DNS
-After=docker.service
-After=network.target
-Requires=docker.service
-
-[Service]
-Environment="DOCKER_IMAGE=jcmturner/gokrb5:dns"
-Environment="PORT=53"
-Environment="TEST_KDC_ADDR=10.80.88.88"
-TimeoutStartSec=0
-#Restart=always
-ExecStartPre=-/usr/bin/docker kill %n
-ExecStartPre=-/usr/bin/docker rm %n
-ExecStartPre=-/usr/bin/docker pull ${DOCKER_IMAGE}
-ExecStart=/usr/bin/docker run -h ns.test.gokrb5 -v /etc/localtime:/etc/localtime:ro -e "TEST_KDC_ADDR=${TEST_KDC_ADDR}" -p ${PORT}:${PORT} -p ${PORT}:${PORT}/udp --rm --name ${NAME} ${DOCKER_IMAGE}
-ExecStop=/usr/bin/docker stop --time=60 %n
-ExecStopPost=-/usr/bin/docker rm %n
-
-[Install]
-WantedBy=multi-user.target

v8/test/testenv/mit-krb5kdc/httpd.service

@@ -1,19 +0,0 @@
-[Unit]
-Description=HTTPD
-After=docker.service
-After=network.target
-Requires=docker.service
-
-[Service]
-Environment="DOCKER_IMAGE=jcmturner/gokrb5:http"
-TimeoutStartSec=0
-#Restart=always
-ExecStartPre=-/usr/bin/docker kill %n
-ExecStartPre=-/usr/bin/docker rm %n
-ExecStartPre=-/usr/bin/docker pull ${DOCKER_IMAGE}
-ExecStart=/usr/bin/docker run --add-host host.test.gokrb5:10.80.88.88 -v /etc/localtime:/etc/localtime:ro -p 80:80 -p 443:443 --rm --name gokrb5-http ${DOCKER_IMAGE}
-ExecStop=/usr/bin/docker stop --time=60 %n
-ExecStopPost=-/usr/bin/docker rm %n
-
-[Install]
-WantedBy=multi-user.target

v8/test/testenv/mit-krb5kdc/krb5.conf

@@ -1,48 +0,0 @@
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-
-[libdefaults]
-  default_realm = TEST.GOKRB5
-  dns_lookup_realm = false
-  dns_lookup_kdc = false
-  ticket_lifetime = 24h
-  forwardable = yes
-  default_tkt_enctypes = aes256-cts-hmac-sha1-96
-  default_tgs_enctypes = aes256-cts-hmac-sha1-96
-
-[realms]
- TEST.GOKRB5 = {
-  kdc = 127.0.0.1:88
-  admin_server = 127.0.0.1:749
-  default_domain = test.gokrb5
- }
-  USER.GOKRB5 = {
-  kdc = 10.80.88.48:88
-  admin_server = 10.80.88.48:749
-  default_domain = user.gokrb5
- }
-  RES.GOKRB5 = {
-  kdc = 10.80.88.49:88
-  admin_server = 10.80.88.49:749
-  default_domain = res.gokrb5
- }
-
-[domain_realm]
- .test.gokrb5 = TEST.GOKRB5
- test.gokrb5 = TEST.GOKRB5
-  .user.gokrb5 = USER.GOKRB5
- user.gokrb5 = USER.GOKRB5
-  .res.gokrb5 = RES.GOKRB5
- res.gokrb5 = RES.GOKRB5
-
-[appdefaults]
- pam = {
-   debug = false
-   ticket_lifetime = 36000
-   renew_lifetime = 36000
-   forwardable = true
-   krb4_convert = false
- }

v8/test/testenv/mit-krb5kdc/krb5kdc-latest.service

@@ -1,22 +0,0 @@
-[Unit]
-Description=Kerberos KDC Latest
-After=docker.service
-After=network.target
-Requires=docker.service
-
-[Service]
-Environment="DOCKER_IMAGE=jcmturner/gokrb5:kdc-latest"
-Environment="PORT=98"
-Environment="NAME=gokrb5-kdc-latest"
-TimeoutStartSec=0
-#Restart=always
-ExecStartPre=-/usr/bin/docker kill %n
-ExecStartPre=-/usr/bin/docker rm %n
-ExecStartPre=-/usr/bin/docker pull ${DOCKER_IMAGE}
-ExecStart=/usr/bin/docker run -h kdc.test.gokrb5 -v /etc/localtime:/etc/localtime:ro -p ${PORT}:88 -p ${PORT}:88/udp --rm --name ${NAME} ${DOCKER_IMAGE}
-ExecStartPost=/bin/sh -c "while [ ! -f ${DATA_HOST}/.initialised ]; do sleep 2; done"
-ExecStop=/usr/bin/docker stop --time=60 %n
-ExecStopPost=-/usr/bin/docker rm %n
-
-[Install]
-WantedBy=multi-user.target

v8/test/testenv/mit-krb5kdc/krb5kdc-older.service

@@ -1,22 +0,0 @@
-[Unit]
-Description=Kerberos KDC Older
-After=docker.service
-After=network.target
-Requires=docker.service
-
-[Service]
-Environment="DOCKER_IMAGE=jcmturner/gokrb5:kdc-older"
-Environment="PORT=78"
-Environment="NAME=gokrb5-kdc-older"
-TimeoutStartSec=0
-#Restart=always
-ExecStartPre=-/usr/bin/docker kill %n
-ExecStartPre=-/usr/bin/docker rm %n
-ExecStartPre=-/usr/bin/docker pull ${DOCKER_IMAGE}
-ExecStart=/usr/bin/docker run -h kdc.test.gokrb5 -v /etc/localtime:/etc/localtime:ro -p ${PORT}:88 -p ${PORT}:88/udp --rm --name ${NAME} ${DOCKER_IMAGE}
-ExecStartPost=/bin/sh -c "while [ ! -f ${DATA_HOST}/.initialised ]; do sleep 2; done"
-ExecStop=/usr/bin/docker stop --time=60 %n
-ExecStopPost=-/usr/bin/docker rm %n
-
-[Install]
-WantedBy=multi-user.target