def test_acquire_keytab(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = ADCreds(domain) principal = conf.ad_user_account() password = conf.ad_user_password() creds.acquire(principal, password) os.environ['PATH'] = '/usr/kerberos/sbin:/usr/kerberos/bin:%s' % \ os.environ['PATH'] fullprinc = creds.principal() child = pexpect.spawn('kvno %s' % fullprinc) child.expect('kvno =') kvno = int(child.readline()) child.expect(pexpect.EOF) child = pexpect.spawn('ktutil') child.expect('ktutil:') child.sendline('addent -password -p %s -k %d -e rc4-hmac' % (fullprinc, kvno)) child.expect('Password for.*:') child.sendline(password) child.expect('ktutil:') keytab = conf.tempfile(remove=True) child.sendline('wkt %s' % keytab) child.expect('ktutil:') child.sendline('quit') child.expect(pexpect.EOF) creds.release() creds.acquire(principal, keytab=keytab) child = pexpect.spawn('klist') pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper()) assert child.expect([pattern]) == 0
def test_acquire_keytab(self): self.require(ad_user=True) domain = self.domain() creds = ADCreds(domain) principal = self.ad_user_account() password = self.ad_user_password() creds.acquire(principal, password) os.environ['PATH'] = '/usr/kerberos/sbin:/usr/kerberos/bin:%s' % \ os.environ['PATH'] fullprinc = creds.principal() child = pexpect.spawn('kvno %s' % fullprinc) child.expect('kvno =') kvno = int(child.readline()) child.expect(pexpect.EOF) child = pexpect.spawn('ktutil') child.expect('ktutil:') child.sendline('addent -password -p %s -k %d -e rc4-hmac' % (fullprinc, kvno)) child.expect('Password for.*:') child.sendline(password) child.expect('ktutil:') keytab = self.tempfile(remove=True) child.sendline('wkt %s' % keytab) child.expect('ktutil:') child.sendline('quit') child.expect(pexpect.EOF) creds.release() creds.acquire(principal, keytab=keytab) child = pexpect.spawn('klist') pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper()) assert child.expect([pattern]) == 0
def test_load(self, conf): conf.require(ad_user=True) domain = conf.domain().upper() principal = '%s@%s' % (conf.ad_user_account(), domain) conf.acquire_credentials(principal, conf.ad_user_password()) creds = ADCreds(domain) creds.load() assert creds.principal().lower() == principal.lower() ccache, princ, creds = conf.list_credentials() assert princ.lower() == principal.lower() assert len(creds) > 0 assert creds[0] == 'krbtgt/%s@%s' % (domain, domain)
def test_acquire_password(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = ADCreds(domain) principal = conf.ad_user_account() password = conf.ad_user_password() creds.acquire(principal, password) principal = '%s@%s' % (principal, domain) assert creds.principal().lower() == principal.lower() child = pexpect.spawn('klist') pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper()) assert child.expect([pattern]) == 0
def test_load(self): self.require(ad_user=True) domain = self.domain().upper() principal = '%s@%s' % (self.ad_user_account(), domain) self.acquire_credentials(principal, self.ad_user_password()) creds = ADCreds(domain) creds.load() assert creds.principal().lower() == principal.lower() ccache, princ, creds = self.list_credentials() assert princ.lower() == principal.lower() assert len(creds) > 0 assert creds[0] == 'krbtgt/%s@%s' % (domain, domain)
def test_acquire_password(self): self.require(ad_user=True) domain = self.domain() creds = ADCreds(domain) principal = self.ad_user_account() password = self.ad_user_password() creds.acquire(principal, password) principal = '%s@%s' % (principal, domain) assert creds.principal().lower() == principal.lower() child = pexpect.spawn('klist') pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper()) assert child.expect([pattern]) == 0