add specific test for include

config/krb5conf_test.go

@@ -45,6 +45,79 @@ const (
 # .example.com = EXAMPLE.COM
 # example.com = EXAMPLE.COM
 `
+	krb5ConfIHead = `
+[logging]
+ default = FILE:/var/log/kerberos/krb5libs.log
+ kdc = FILE:/var/log/kerberos/krb5kdc.log
+ admin_server = FILE:/var/log/kerberos/kadmind.log
+
+`
+	krb5Include = `
+[libdefaults]
+ default_realm = TEST.GOKRB5 ; comment to be ignored
+ dns_lookup_realm = false
+
+ dns_lookup_kdc = false
+ #dns_lookup_kdc = true
+ ;dns_lookup_kdc = true
+#dns_lookup_kdc = true
+;dns_lookup_kdc = true
+ ticket_lifetime = 10h ;comment to be ignored
+ forwardable = yes #comment to be ignored
+ default_keytab_name = FILE:/etc/krb5.keytab
+
+ default_client_keytab_name = FILE:/home/gokrb5/client.keytab
+ default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 # comment to be ignored
+
+`
+	krb5ConfI = `
+[realms]
+ TEST.GOKRB5 = {
+  kdc = 10.80.88.88:88 #comment to be ignored
+  kdc = assume.port.num ;comment to be ignored
+  kdc = some.other.port:1234 # comment to be ignored
+
+  kdc = 10.80.88.88*
+  kdc = 10.1.2.3.4:88
+
+  admin_server = 10.80.88.88:749 ; comment to be ignored
+  default_domain = test.gokrb5
+ }
+ EXAMPLE.COM = {
+        kdc = kerberos.example.com
+        kdc = kerberos-1.example.com
+        admin_server = kerberos.example.com
+        auth_to_local = RULE:[1:$1@$0](.*@EXAMPLE.COM)s/.*//
+ }
+ lowercase.org = {
+  kdc = kerberos.lowercase.org
+  admin_server = kerberos.lowercase.org
+ }
+
+
+[domain_realm]
+ .test.gokrb5 = TEST.GOKRB5 #comment to be ignored
+
+ test.gokrb5 = TEST.GOKRB5 ;comment to be ignored
+ 
+  .example.com = EXAMPLE.COM # comment to be ignored
+ hostname1.example.com = EXAMPLE.COM ; comment to be ignored
+ hostname2.example.com = TEST.GOKRB5
+ .testlowercase.org = lowercase.org
+
+
+[appdefaults]
+ pam = {
+   debug = false
+
+   ticket_lifetime = 36000
+
+   renew_lifetime = 36000
+   forwardable = true
+   krb4_convert = false
+ }
+`
+
 	krb5Conf = `
 [logging]
  default = FILE:/var/log/kerberos/krb5libs.log
@@ -343,7 +416,7 @@ const (
 `
 )
 
-func TestLoadinc(t *testing.T) {
+func TestLoadincludedir(t *testing.T) {
 	t.Parallel()
 	cf, _ := ioutil.TempFile(os.TempDir(), "TEST-gokrb5-krb5inc.conf")
 	defer os.Remove(cf.Name())
@@ -391,6 +464,44 @@ func TestLoadinc(t *testing.T) {
 
 }
 
+func TestLoadinclude(t *testing.T) {
+	t.Parallel()
+	cf, _ := ioutil.TempFile(os.TempDir(), "TEST-gokrb5-krb5inc.conf")
+	defer os.Remove(cf.Name())
+	incf, _ := ioutil.TempFile(os.TempDir(), "TEST-gokrb5-krb5include")
+	defer os.Remove(incf.Name())
+	incf.WriteString(krb5Include)
+	krb5ContentsI := krb5ConfIHead + fmt.Sprintf("include %s\n", incf.Name()) + krb5ConfI
+	cf.WriteString(krb5ContentsI)
+
+	c, err := Load(cf.Name())
+	if err != nil {
+		t.Fatalf("Error loading config: %v", err)
+	}
+
+	assert.Equal(t, "TEST.GOKRB5", c.LibDefaults.DefaultRealm, "[libdefaults] default_realm not as expected")
+	assert.Equal(t, false, c.LibDefaults.DNSLookupRealm, "[libdefaults] dns_lookup_realm not as expected")
+	assert.Equal(t, false, c.LibDefaults.DNSLookupKDC, "[libdefaults] dns_lookup_kdc not as expected")
+	assert.Equal(t, time.Duration(10)*time.Hour, c.LibDefaults.TicketLifetime, "[libdefaults] Ticket lifetime not as expected")
+	assert.Equal(t, true, c.LibDefaults.Forwardable, "[libdefaults] forwardable not as expected")
+	assert.Equal(t, "FILE:/etc/krb5.keytab", c.LibDefaults.DefaultKeytabName, "[libdefaults] default_keytab_name not as expected")
+	assert.Equal(t, "FILE:/home/gokrb5/client.keytab", c.LibDefaults.DefaultClientKeytabName, "[libdefaults] default_client_keytab_name not as expected")
+	assert.Equal(t, []string{"aes256-cts-hmac-sha1-96", "aes128-cts-hmac-sha1-96"}, c.LibDefaults.DefaultTktEnctypes, "[libdefaults] default_tkt_enctypes not as expected")
+
+	assert.Equal(t, 3, len(c.Realms), "Number of realms not as expected")
+	assert.Equal(t, "TEST.GOKRB5", c.Realms[0].Realm, "[realm] realm name not as expectd")
+	assert.Equal(t, []string{"10.80.88.88:749"}, c.Realms[0].AdminServer, "[realm] Admin_server not as expectd")
+	assert.Equal(t, []string{"10.80.88.88:464"}, c.Realms[0].KPasswdServer, "[realm] Kpasswd_server not as expectd")
+	assert.Equal(t, "test.gokrb5", c.Realms[0].DefaultDomain, "[realm] Default_domain not as expectd")
+	assert.Equal(t, []string{"10.80.88.88:88", "assume.port.num:88", "some.other.port:1234", "10.80.88.88:88"}, c.Realms[0].KDC, "[realm] Kdc not as expectd")
+	assert.Equal(t, []string{"kerberos.example.com:88", "kerberos-1.example.com:88"}, c.Realms[1].KDC, "[realm] Kdc not as expectd")
+	assert.Equal(t, []string{"kerberos.example.com"}, c.Realms[1].AdminServer, "[realm] Admin_server not as expectd")
+
+	assert.Equal(t, "TEST.GOKRB5", c.DomainRealm[".test.gokrb5"], "Domain to realm mapping not as expected")
+	assert.Equal(t, "TEST.GOKRB5", c.DomainRealm["test.gokrb5"], "Domain to realm mapping not as expected")
+
+}
+
 func TestLoad(t *testing.T) {
 	t.Parallel()
 	cf, _ := ioutil.TempFile(os.TempDir(), "TEST-gokrb5-krb5.conf")