On Wednesday 22 February 2006 11:19, Simon Wilkinson wrote: > Graham Barr wrote: > > However, I would also like to see some tests added for recent additions. > > On the GSSAPI SASL mechanism front, I've been thinking about how to > write a test, and I'm not entirely convinced that it would be possible, > without stubbing out all of the GSSAPI calls. To really test the > mechanism requires an Kerberized environment, with a known realm and > access to a keytab.
That's correct, I have the same problem with GSSAPI.pm. Only in a realworld Keberros environment with known principals a real test can work. The GSSAPI distribution ships with exampleskripts the user can modify to match his own environment and then do tests. But writing automatik tests means: Shipping the module with a fullworking Kerberos Server. And Kerbeors means you have the correcr entries in DNS, but a test can't modify the users DNS for it's own needs... And some users built the modules on builtmachines (for later deployment) with not existing Kerberosconfugoration, so the tests will always fail on the builtmachines. > > But > > I will not let that hold up these releases because they are long overdue. > > I've got a security layers patch for Authen::SASL which should be done > by the end of the week, if you could wait till then? Is this patch needed to test your GSSAPI plugin? Or can I do tests now? Thank you, Achim
