コード例 #1
0
 def test_acquire_keytab(self, conf):
     conf.require(ad_user=True)
     domain = conf.domain()
     creds = ADCreds(domain)
     principal = conf.ad_user_account()
     password = conf.ad_user_password()
     creds.acquire(principal, password)
     os.environ['PATH'] = '/usr/kerberos/sbin:/usr/kerberos/bin:%s' % \
                          os.environ['PATH']
     fullprinc = creds.principal()
     child = pexpect.spawn('kvno %s' % fullprinc)
     child.expect('kvno =')
     kvno = int(child.readline())
     child.expect(pexpect.EOF)
     child = pexpect.spawn('ktutil')
     child.expect('ktutil:')
     child.sendline('addent -password -p %s -k %d -e rc4-hmac' %
                   (fullprinc, kvno))
     child.expect('Password for.*:')
     child.sendline(password)
     child.expect('ktutil:')
     keytab = conf.tempfile(remove=True)
     child.sendline('wkt %s' % keytab)
     child.expect('ktutil:')
     child.sendline('quit')
     child.expect(pexpect.EOF)
     creds.release()
     creds.acquire(principal, keytab=keytab)
     child = pexpect.spawn('klist')
     pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper())
     assert child.expect([pattern]) == 0
コード例 #2
0
 def test_acquire_keytab(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = ADCreds(domain)
     principal = self.ad_user_account()
     password = self.ad_user_password()
     creds.acquire(principal, password)
     os.environ['PATH'] = '/usr/kerberos/sbin:/usr/kerberos/bin:%s' % \
                          os.environ['PATH']
     fullprinc = creds.principal()
     child = pexpect.spawn('kvno %s' % fullprinc)
     child.expect('kvno =')
     kvno = int(child.readline())
     child.expect(pexpect.EOF)
     child = pexpect.spawn('ktutil')
     child.expect('ktutil:')
     child.sendline('addent -password -p %s -k %d -e rc4-hmac' %
                    (fullprinc, kvno))
     child.expect('Password for.*:')
     child.sendline(password)
     child.expect('ktutil:')
     keytab = self.tempfile(remove=True)
     child.sendline('wkt %s' % keytab)
     child.expect('ktutil:')
     child.sendline('quit')
     child.expect(pexpect.EOF)
     creds.release()
     creds.acquire(principal, keytab=keytab)
     child = pexpect.spawn('klist')
     pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper())
     assert child.expect([pattern]) == 0
コード例 #3
0
 def test_cleanup_files(self, conf):
     conf.require(ad_user=True)
     domain = conf.domain()
     principal = conf.ad_user_account()
     password = conf.ad_user_password()
     creds = ADCreds(domain)
     creds.acquire(principal, password)
     ccache = creds._ccache_name()
     config = creds._config_name()
     assert os.access(ccache, os.R_OK)
     assert os.access(config, os.R_OK)
     creds.release()
     assert not os.access(ccache, os.R_OK)
     assert not os.access(config, os.R_OK)
コード例 #4
0
 def test_cleanup_files(self):
     self.require(ad_user=True)
     domain = self.domain()
     principal = self.ad_user_account()
     password = self.ad_user_password()
     creds = ADCreds(domain)
     creds.acquire(principal, password)
     ccache = creds._ccache_name()
     config = creds._config_name()
     assert os.access(ccache, os.R_OK)
     assert os.access(config, os.R_OK)
     creds.release()
     assert not os.access(ccache, os.R_OK)
     assert not os.access(config, os.R_OK)
コード例 #5
0
 def test_cleanup_environment(self, conf):
     conf.require(ad_user=True)
     domain = conf.domain()
     principal = conf.ad_user_account()
     password = conf.ad_user_password()
     ccorig = os.environ.get('KRB5CCNAME')
     cforig = os.environ.get('KRB5_CONFIG')
     creds = ADCreds(domain)
     creds.acquire(principal, password)
     ccache = creds._ccache_name()
     config = creds._config_name()
     assert ccache != ccorig
     assert config != cforig
     creds.release()
     assert os.environ.get('KRB5CCNAME') == ccorig
     assert os.environ.get('KRB5_CONFIG') == cforig
コード例 #6
0
 def test_cleanup_environment(self):
     self.require(ad_user=True)
     domain = self.domain()
     principal = self.ad_user_account()
     password = self.ad_user_password()
     ccorig = os.environ.get('KRB5CCNAME')
     cforig = os.environ.get('KRB5_CONFIG')
     creds = ADCreds(domain)
     creds.acquire(principal, password)
     ccache = creds._ccache_name()
     config = creds._config_name()
     assert ccache != ccorig
     assert config != cforig
     creds.release()
     assert os.environ.get('KRB5CCNAME') == ccorig
     assert os.environ.get('KRB5_CONFIG') == cforig
コード例 #7
0
 def test_release_multi(self, conf):
     conf.require(ad_user=True)
     domain = conf.domain()
     principal = conf.ad_user_account()
     password = conf.ad_user_password()
     ccorig = os.environ.get('KRB5CCNAME')
     cforig = os.environ.get('KRB5_CONFIG')
     creds1 = ADCreds(domain)
     creds1.acquire(principal, password)
     ccache1 = creds1._ccache_name()
     config1 = creds1._config_name()
     creds2 = ADCreds(domain)
     creds2.acquire(principal, password)
     ccache2 = creds2._ccache_name()
     config2 = creds2._config_name()
     creds1.release()
     assert os.environ['KRB5CCNAME'] == ccache2
     assert os.environ['KRB5_CONFIG'] == config2
     creds2.release()
     assert os.environ.get('KRB5CCNAME') == ccorig
     assert os.environ.get('KRB5_CONFIG') == cforig
コード例 #8
0
 def test_release_multi(self):
     self.require(ad_user=True)
     domain = self.domain()
     principal = self.ad_user_account()
     password = self.ad_user_password()
     ccorig = os.environ.get('KRB5CCNAME')
     cforig = os.environ.get('KRB5_CONFIG')
     creds1 = ADCreds(domain)
     creds1.acquire(principal, password)
     ccache1 = creds1._ccache_name()
     config1 = creds1._config_name()
     creds2 = ADCreds(domain)
     creds2.acquire(principal, password)
     ccache2 = creds2._ccache_name()
     config2 = creds2._config_name()
     creds1.release()
     assert os.environ['KRB5CCNAME'] == ccache2
     assert os.environ['KRB5_CONFIG'] == config2
     creds2.release()
     assert os.environ.get('KRB5CCNAME') == ccorig
     assert os.environ.get('KRB5_CONFIG') == cforig