test_chgdpass: added test for kerberos retry

this tests that we correctly retry with a new ccache entry when a
server changes its password while we have a valid ticket

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

diff --git a/testprogs/blackbox/test_chgdcpass.sh b/testprogs/blackbox/test_chgdcpass.sh
index 37f9049eafe5afb4fa38ac9f6a424cc935b81f2d..ba3d851f4e18a2da2f934f1dfa06fea1ecfcad58 100755 (executable)
--- a/testprogs/blackbox/test_chgdcpass.sh
+++ b/testprogs/blackbox/test_chgdcpass.sh
@@ -59,6 +59,11 @@ testit "change dc password" $samba4srcdir/scripting/devel/chgtdcpass -s $PROVDIR
 #This is important because it shows that the old ticket remains valid (as it must) for incoming connections after the DC password is changed
 test_smbclient "Test login with kerberos ccache after password change" 'ls' -k yes || failed=`expr $failed + 1`
 
+testit "change dc password (2nd time)" $samba4srcdir/scripting/devel/chgtdcpass -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
+
+#This is important because it shows that the old ticket remains valid (as it must) for incoming connections after the DC pass
+test_smbclient "Test login with kerberos ccache after 2nd password change" 'ls' -k yes || failed=`expr $failed + 1`
+
 #This confirms that the DC password is valid for a kinit too
 testit "kinit with keytab" $samba4kinit $enctype -t $PROVDIR/private/secrets.keytab --use-keytab $USERNAME   || failed=`expr $failed + 1`
 test_smbclient "Test login with kerberos ccache with fresh kinit" 'ls' -k yes || failed=`expr $failed + 1`