On 08/10/2012 09:07 AM, Pat Riehecky wrote:
On 08/08/2012 02:29 AM, Raphaël Pinson wrote:
It still won't passe augparse:
$ augparse -I lenses/ lenses/krb5.aug
Syntax error in lens definition
lenses/krb5.aug:57.0-.152:Failed to compile all_permitted_enctypes
lenses/build.aug:59.43-.57:
lenses/krb5.aug:57.0-.152:Failed to compile all_permitted_enctypes
exception: ambiguous iteration
Iterated regexp: /([
\t,]*)(([a-zA-Z0-9-]{3,8}[a-zA-Z0-9]{3,5}[a-zA-Z0-9-]*))/
'AAAAAAAAAAAA' can be split into
'AAAAAA|=|AAAAAA'
and
'AAAAAAAAAAAA|=|'
Iterated lens: lenses/build.aug:59.45-.54:
That is because valsep is an optional separator. Make it mandatory
(change * into +), and this will be resolved. There'll be other
errors to fix, by the look of it, though.
Derp, I was type checking the wrong lense. No wonder I couldn't
replicate.
Thanks for tolerating my errors. I'll work on getting this fixed for
real.
Pat
I've got this typechecked for real this time and would love some feedback.
Its amazing when you check the code you changed rather than the known
good reference, suddenly your errors show up!
Pat
--- lenses/krb5.aug.orig 2012-08-07 13:01:20.000000000 -0500
+++ lenses/krb5.aug 2012-08-13 10:24:21.584557595 -0500
@@ -8,6 +8,7 @@ let eol = Inifile.eol
let dels = Util.del_str
let indent = del /[ \t]*/ ""
+let comma_or_space_sep = del /[ \t,]{1,}/ " "
let eq = del /[ \t]*=[ \t]*/ " = "
let eq_openbr = del /[ \t]*=[ \t\n]*\{([ \t]*\n)*/ " = {"
let closebr = del /[ \t]*\}/ "}"
@@ -37,13 +38,25 @@ let record (t:string) (e:lens) =
let title = Inifile.indented_title t in
Inifile.record title e
+let v4_name_convert (subsec:lens) = [ indent . key "v4_name_convert" .
+ eq_openbr . subsec* . closebr . eol ]
+
+(*
+ For the enctypes this appears to be a list of the valid entries:
+ c4-hmac arcfour-hmac aes128-cts rc4-hmac
+ arcfour-hmac-md5 des3-cbc-sha1 des-cbc-md5 des-cbc-crc
+*)
+let enctype_re = /[a-zA-Z0-9]{3,8}-[a-zA-Z0-9]{3,5}[a-zA-Z0-9-]*/
+let enctypes = /(permitted_enctypes|default_tgs_enctypes|default_tkt_enctypes)/
+
let libdefaults =
- let option = entry (name_re - "v4_name_convert") eq comment in
+ let option = entry (name_re - "v4_name_convert" - enctypes) eq comment in
+ let enctype_list = [ indent . key enctypes . eq
+ . Build.opt_list ([label "enctype" . store enctype_re]) comma_or_space_sep
+ . (comment|eol)] in
let subsec = [ indent . key /host|plain/ . eq_openbr .
(entry name_re eq comment)* . closebr . eol ] in
- let v4_name_convert = [ indent . key "v4_name_convert" . eq_openbr .
- subsec* . closebr . eol ] in
- record "libdefaults" (option|v4_name_convert)
+ record "libdefaults" (option|enctype_list|(v4_name_convert subsec))
let login =
let keys = /krb[45]_get_tickets|krb4_convert|krb_run_aklog/
@@ -61,13 +74,16 @@ let appdefaults =
let realms =
let simple_option = /kdc|admin_server|database_module|default_domain/
|/v4_realm|auth_to_local(_names)?|master_kdc|kpasswd_server/
- |/admin_server/ in
+ |/admin_server|ticket_lifetime/ in
let subsec_option = /v4_instance_convert/ in
let option = entry simple_option eq comment in
let subsec = [ indent . key subsec_option . eq_openbr .
(entry name_re eq comment)* . closebr . eol ] in
+ let v4subsec = [ indent . key /host|plain/ . eq_openbr .
+ (entry name_re eq comment)* . closebr . eol ] in
let realm = [ indent . label "realm" . store realm_re .
- eq_openbr . (option|subsec)* . closebr . eol ] in
+ eq_openbr . (option|subsec|(v4_name_convert v4subsec))* .
+ closebr . eol ] in
record "realms" (realm|comment)
let domain_realm =
--- lenses/tests/test_krb5.aug.orig 2012-08-07 13:01:20.000000000 -0500
+++ lenses/tests/test_krb5.aug 2012-08-13 10:26:02.758574747 -0500
@@ -1,6 +1,6 @@
module Test_krb5 =
- (* Krb5.conf from Fermi labs *)
+ (* Krb5.conf from Fermilab *)
let fermi_str = "###
### This krb5.conf template is intended for use with Fermi
### Kerberos v1_2 and later. Earlier versions may choke on the
@@ -13,8 +13,9 @@ module Test_krb5 =
ticket_lifetime = 1560m
default_realm = FNAL.GOV
ccache_type = 4
- default_tgs_enCtypes = des-cbc-crc
+ default_tgs_enctypes = des-cbc-crc
default_tkt_enctypes = des-cbc-crc
+ permitted_enctypes = des-cbc-crc des3-cbc-sha1
default_lifetime = 7d
renew_lifetime = 7d
autologin = true
@@ -22,6 +23,11 @@ module Test_krb5 =
forwardable = true
renewable = true
encrypt = true
+ v4_name_convert = {
+ host = {
+ rcmd = host
+ }
+ }
[realms]
FNAL.GOV = {
@@ -80,6 +86,11 @@ module Test_krb5 =
default_domain = cern.ch
kpasswd_server = afskrb5m.cern.ch
admin_server = afskrb5m.cern.ch
+ v4_name_convert = {
+ host = {
+ rcmd = host
+ }
+ }
}
[instancemapping]
@@ -271,8 +282,16 @@ test Krb5.lns get fermi_str =
{ "ticket_lifetime" = "1560m" }
{ "default_realm" = "FNAL.GOV" }
{ "ccache_type" = "4" }
- { "default_tgs_enCtypes" = "des-cbc-crc" }
- { "default_tkt_enctypes" = "des-cbc-crc" }
+ { "default_tgs_enctypes"
+ { "enctype" = "des-cbc-crc" }
+ }
+ { "default_tkt_enctypes"
+ { "enctype" = "des-cbc-crc" }
+ }
+ { "permitted_enctypes"
+ { "enctype" = "des-cbc-crc" }
+ { "enctype" = "des3-cbc-sha1" }
+ }
{ "default_lifetime" = "7d" }
{ "renew_lifetime" = "7d" }
{ "autologin" = "true" }
@@ -280,6 +299,11 @@ test Krb5.lns get fermi_str =
{ "forwardable" = "true" }
{ "renewable" = "true" }
{ "encrypt" = "true" }
+ { "v4_name_convert"
+ { "host"
+ { "rcmd" = "host" }
+ }
+ }
{ } }
{ "realms"
{ "realm" = "FNAL.GOV"
@@ -330,7 +354,13 @@ test Krb5.lns get fermi_str =
{ "kdc" = "afsdb1.cern.ch" }
{ "default_domain" = "cern.ch" }
{ "kpasswd_server" = "afskrb5m.cern.ch" }
- { "admin_server" = "afskrb5m.cern.ch" } }
+ { "admin_server" = "afskrb5m.cern.ch" }
+ { "v4_name_convert"
+ { "host"
+ { "rcmd" = "host" }
+ }
+ }
+ }
{ } }
{ "instancemapping"
{ "afs"
_______________________________________________
augeas-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/augeas-devel
