diff --git a/src/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj b/src/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj
index 73a1434d1bd5..6ca859fbade9 100644
--- a/src/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj
+++ b/src/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj
@@ -9,6 +9,7 @@
AnyCPU
{A55A2B9A-830F-4330-A0E7-02A9FB30ABD2}
Library
+ OSX
win/project.json
@@ -82,16 +83,23 @@
-
- PreserveNewest
-
+
+
+
- PreserveNewest
+ Always
- PreserveNewest
+ Always
+
+
+ Always
+
+
+ Always
+
{89F37791-6254-4D60-AB96-ACD3CCA0E771}
diff --git a/src/System.Net.Security/tests/Scripts/kdc.conf.centos b/src/System.Net.Security/tests/Scripts/kdc.conf.centos
new file mode 100644
index 000000000000..b704efa99c35
--- /dev/null
+++ b/src/System.Net.Security/tests/Scripts/kdc.conf.centos
@@ -0,0 +1,11 @@
+[kdcdefaults]
+ kdc_ports = 88
+ kdc_tcp_ports = 88
+
+[realms]
+ TEST.COREFX.NET = {
+ acl_file = /var/kerberos/krb5kdc/kadm5.acl
+ dict_file = /usr/share/dict/words
+ admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
+ supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac-sha1:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal
+ }
diff --git a/src/System.Net.Security/tests/Scripts/kdc.conf.ubuntu b/src/System.Net.Security/tests/Scripts/kdc.conf.ubuntu
new file mode 100644
index 000000000000..635da7ddd1b8
--- /dev/null
+++ b/src/System.Net.Security/tests/Scripts/kdc.conf.ubuntu
@@ -0,0 +1,16 @@
+[kdcdefaults]
+ kdc_ports = 750,88
+
+[realms]
+ TEST.COREFX.NET = {
+ database_name = /var/lib/krb5kdc/principal
+ admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
+ acl_file = /etc/krb5kdc/kadm5.acl
+ key_stash_file = /etc/krb5kdc/stash
+ kdc_ports = 750,88
+ max_life = 10h 0m 0s
+ max_renewable_life = 7d 0h 0m 0s
+ master_key_type = des3-hmac-sha1
+ supported_enctypes = aes256-cts:normal arcfour-hmac:normal des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4 des:norealm des:onlyrealm des:afs3
+ default_principal_flags = +preauth
+ }
diff --git a/src/System.Net.Security/tests/Scripts/setup-kdc.sh b/src/System.Net.Security/tests/Scripts/setup-kdc.sh
index c2ed09eeaa2a..77927a27645d 100755
--- a/src/System.Net.Security/tests/Scripts/setup-kdc.sh
+++ b/src/System.Net.Security/tests/Scripts/setup-kdc.sh
@@ -1,11 +1,12 @@
-#!/bin/bash
+#!/usr/bin/env bash
-OS=`cat /etc/os-release | grep "PRETTY_NAME" | sed 's/PRETTY_NAME=//g' | sed 's/["]//g' | awk '{print $1}'`
+OS=`cat /etc/os-release | grep "^ID=" | sed 's/ID=//g' | sed 's/["]//g' | awk '{print $1}'`
+echo -e "Operating System: ${OS}\n"
realm="TEST.COREFX.NET"
-principal1="HOST/host.test.corefx.net"
-principal2="HTTP"
+principal1="TESTHOST/testfqdn.test.corefx.net"
+principal2="TESTHTTP"
krb_user="krb_user"
password="password"
@@ -15,83 +16,215 @@ kdb5_util="kdb5_util"
add_principal_cmd="add_principal -pw ${password}"
krb_conf="krb5.conf"
-kdc_conf="kdc.conf"
+krb_conf_location="/etc/krb5.conf"
keytabfile="/etc/krb5.keytab"
-# TODO: These locations varies for different distros, Set the values conditianally
-krb_conf_location="/etc/"
-kdc_conf_location="/etc/krb5kdc/"
-database_file="/var/lib/krb5kdc/principal*"
+PROGNAME=$(basename $0)
+usage()
+{
+ echo "This script must be run with super-user privileges."
+ echo "Usage: ${PROGNAME} [-h|--help] [-y|--yes] [-u|--uninstall]";
+}
-kdc_setup()
+# Cleanup config files and uninstall KDC
+clean_up()
{
- #Create/copy krb5.conf in /etc/ and kdc.conf in /etc/krb5kdc/
+ echo "Stopping KDC.."
+ if pgrep krb5kdc 2> /dev/null; then killall krb5kdc ; fi
+
+ echo "Removing config files"
+ if [ -f ${krb_conf_location} ]; then
+ rm -f ${krb_conf_location}
+ fi
+
+ case ${OS} in
+ "ubuntu" | "debian")
+ kdc_conf_location="/etc/krb5kdc/kdc.conf"
+ dpkg -s krb5-kdc >/dev/null 2>&1
+ if [ $? -eq 0 ]; then
+ echo "Uninstalling krb5-kdc"
+ apt-get -y purge krb5-kdc
+ fi
+ ;;
+
+ "centos" | "rhel")
+ kdc_conf_location="/var/kerberos/krb5kdc/kdc.conf"
+ yum list installed krb5-server >/dev/null 2>&1
+ if [ $? -eq 0 ]; then
+ echo "Uninstalling krb5-server"
+ yum -y remove krb5-server
+ fi
+ ;;
+
+ *)
+ echo "This is an unsupported operating system"
+ ;;
+ esac
+
+ if [ -f ${kdc_conf_location} ]; then
+ rm -f ${kdc_conf_location}
+ fi
+
+ echo "Cleanup completed"
+}
+
+error_exit()
+{
+ echo "${1:-"Unknown Error"}"
+ echo "Aborting"
+ clean_up
+ exit 1
+}
+
+# Common function across linux distros to configure KDC post installation
+configure_kdc()
+{
+ echo "Stopping KDC.."
+ if pgrep krb5kdc 2> /dev/null; then killall krb5kdc ; fi
+
+ # Remove database files if exist
+ rm -f ${database_files}
+
+ # Create/copy krb5.conf and kdc.conf
echo "Copying krb5.conf and kdc.conf.."
- sudo /bin/cp ${krb_conf} ${krb_conf_location}
- sudo /bin/cp ${kdc_conf} ${kdc_conf_location}
+ cp ${krb_conf} ${krb_conf_location} || \
+ error_exit "Cannot copy ${krb_conf} to ${krb_conf_location}"
+
+ cp ${kdc_conf} ${kdc_conf_location} || \
+ error_exit "Cannot copy ${kdc_conf} to ${kdc_conf_location}"
echo "Creating KDC database for realm ${realm}.."
- sudo ${kdb5_util} create -r ${realm} -P ${password} -s
+ ${kdb5_util} create -r ${realm} -P ${password} -s || \
+ error_exit "Cannot create KDC database for realm ${realm}"
echo "Adding principal ${principal1}.."
- sudo ${kadmin} -q "${add_principal_cmd} ${principal1}@${realm}"
+ ${kadmin} -q "${add_principal_cmd} ${principal1}@${realm}" || \
+ error_exit "Cannot add ${principal1}"
echo "Adding principal ${principal2}.."
- sudo ${kadmin} -q "${add_principal_cmd} ${principal2}@${realm}"
+ ${kadmin} -q "${add_principal_cmd} ${principal2}@${realm}" || \
+ error_exit "Cannot add ${principal2}"
echo "Adding user ${krb_user}.."
- sudo ${kadmin} -q "${add_principal_cmd} ${krb_user}@${realm}"
+ ${kadmin} -q "${add_principal_cmd} ${krb_user}@${realm}" || \
+ error_exit "Cannot add ${krb_user}"
echo "Exporting keytab for ${principal1}"
- sudo ${kadmin} -q "ktadd ${principal1}@${realm}"
+ ${kadmin} -q "ktadd -norandkey ${principal1}@${realm}" || \
+ error_exit "Cannot export kytab for ${principal1}"
echo "Exporting keytab for ${principal2}"
- sudo ${kadmin} -q "ktadd ${principal2}@${realm}"
+ ${kadmin} -q "ktadd -norandkey ${principal2}@${realm}" || \
+ error_exit "Cannot export kytab for ${principal2}"
echo "Exporting keytab for ${krb_user}"
- sudo ${kadmin} -q "ktadd ${krb_user}@${realm}"
+ ${kadmin} -q "ktadd -norandkey ${krb_user}@${realm}" || \
+ error_exit "Cannot export kytab for ${krb_user}"
+}
+
+# check the invoker of this script
+if [ $EUID -ne 0 ]; then
+ usage
+ exit 1
+fi
+
+# Parse command-line arguments
+TEMP=`getopt -o hyu --long help,yes,uninstall -n 'test.sh' -- "$@"`
+[ $? -eq 0 ] || {
+ usage
+ exit 1
}
+eval set -- "$TEMP"
+uninstall=0
+force=0
+while true; do
+ case $1 in
+ -h|--help) usage; exit 0;;
+ -y|--yes) force=1; shift ;;
+ -u|--uninstall) uninstall=1; shift;;
+ --) shift; break;;
+ *) usage; exit 1;;
+ esac
+done
+
+# Uninstallation
+if [ $uninstall -eq 1 ]; then
+ if [ $force -eq 0 ]; then
+ echo "This will uninstall KDC from your machine and cleanup the related config files."
+ read -p "Do you want to continue? ([Y]es/[N]o)? " choice
+ case $(echo $choice | tr '[A-Z]' '[a-z]') in
+ y|yes) clean_up;;
+ *) echo "Skipping uninstallation";;
+ esac
+ else
+ clean_up
+ fi
+ exit 0
+fi
-echo "Removing existing database"
-sudo rm -rf ${database_file}
+# Installation
+if [ $force -eq 0 ]; then
+ read -p "This will install KDC on your machine and create KDC principals. Do you want to continue? ([Y]es/[N]o)? " choice
+ case $(echo $choice | tr '[A-Z]' '[a-z]') in
+ y|yes) ;;
+ *) echo "Skipping installation"; exit 0;;
+ esac
+fi
case ${OS} in
- "Ubuntu")
+ "ubuntu" | "debian")
+ kdc_conf="kdc.conf.ubuntu"
+ kdc_conf_location="/etc/krb5kdc/kdc.conf"
+ database_files="/var/lib/krb5kdc/principal*"
+
dpkg -s krb5-kdc >/dev/null 2>&1
- if [ $? -ne 0 ]
- then
+ if [ $? -ne 0 ]; then
echo "Installing krb5-kdc.."
- sudo DEBIAN_FRONTEND=noninteractive apt-get -y install krb5-kdc krb5-admin-server
+ export DEBIAN_FRONTEND=noninteractive
+ apt-get -y install krb5-kdc krb5-admin-server
+ if [ $? -ne 0 ]; then
+ echo "Error occurred during installation, aborting"
+ exit 1
+ fi
else
echo "krb5-kdc already installed.."
+ exit 2
fi
- echo "Stopping KDC.."
- if pgrep krb5kdc 2> /dev/null; then killall krb5kdc ; fi
- if pgrep kadmind 2> /dev/null; then killall kadmind ; fi
-
- kdc_setup
+ configure_kdc
echo "Starting KDC.."
- sudo ${krb5kdc}
-
+ ${krb5kdc}
;;
+
+ "centos" | "rhel")
+ kdc_conf="kdc.conf.centos"
+ kdc_conf_location="/var/kerberos/krb5kdc/kdc.conf"
+ database_files="/var/kerberos/krb5kdc/principal*"
- "Debian")
- echo "This is a Debian system"
- ;;
-
- "CentOS")
- echo "This is a CentOS system"
- ;;
-
- "Red Hat")
- echo "This is a RedHat system"
+ yum list installed krb5-server >/dev/null 2>&1
+ if [ $? -ne 0 ]; then
+ echo "Installing krb5-server.."
+ yum -y install krb5-server krb5-libs
+ if [ $? -ne 0 ]; then
+ echo "Error occurred during installation, aborting"
+ exit 1
+ fi
+ else
+ echo "krb5-server already installed.."
+ exit 2
+ fi
+
+ configure_kdc
+
+ echo "Starting KDC.."
+ systemctl start krb5kdc.service
+ systemctl enable krb5kdc.service
;;
-
+
*)
- echo "This is an Unknown system"
+ echo "This is an unsupported operating system"
;;
esac
-
-sudo chmod +r ${keytabfile}
+
+chmod +r ${keytabfile}