def __init__(self): self.ctx = None str_server_name = (TARGET_SERVICE_NAME.encode('utf-8') + b'/' + socket.getfqdn().encode('utf-8')) self.server_name = gb.importName(str_server_name, gb.NameType.principal) self.server_creds = gb.acquireCred(self.server_name)[0]
def test_acquire_creds_impersonate_name(self): target_name = gb.importName(TARGET_SERVICE_NAME) client_ctx_resp = gb.initSecContext(target_name) client_token = client_ctx_resp[3] del client_ctx_resp # free all the things (except the token)! server_name = gb.importName(SERVICE_PRINCIPAL, gb.NameType.principal) server_creds = gb.acquireCred(server_name, cred_usage='both')[0] server_ctx_resp = gb.acceptSecContext(client_token, acceptor_cred=server_creds) imp_resp = gb.acquireCredImpersonateName(server_creds, server_ctx_resp[1]) imp_resp.shouldnt_be_none() imp_creds, actual_mechs, output_ttl = imp_resp imp_creds.shouldnt_be_none() imp_creds.should_be_a(gb.Creds) actual_mechs.shouldnt_be_empty() actual_mechs.should_include(gb.MechType.kerberos) output_ttl.should_be_a(int)
def setUp(self): self.target_name = gb.importName(TARGET_SERVICE_NAME) ctx_resp = gb.initSecContext(self.target_name) self.client_token = ctx_resp[3] self.client_ctx = ctx_resp[0] self.client_ctx.shouldnt_be_none() self.server_name = gb.importName(SERVICE_PRINCIPAL, gb.NameType.principal) self.server_creds = gb.acquireCred(self.server_name)[0] self.server_ctx = None
def setUp(self): self.target_name = gb.importName(TARGET_SERVICE_NAME) ctx_resp = gb.initSecContext(self.target_name) self.client_token = ctx_resp[3] self.client_ctx = ctx_resp[0] self.client_ctx.shouldnt_be_none() str_server_name = (TARGET_SERVICE_NAME + b'/' + socket.getfqdn().encode('utf-8')) self.server_name = gb.importName(str_server_name, gb.NameType.principal) self.server_creds = gb.acquireCred(self.server_name)[0] self.server_ctx = None
def test_inquire_context(self): target_name = gb.importName(TARGET_SERVICE_NAME) ctx_resp = gb.initSecContext(target_name) client_token1 = ctx_resp[3] client_ctx = ctx_resp[0] str_server_name = (TARGET_SERVICE_NAME + b'/' + socket.getfqdn().encode('utf-8')) server_name = gb.importName(str_server_name, gb.NameType.principal) server_creds = gb.acquireCred(server_name)[0] server_resp = gb.acceptSecContext(client_token1, acceptor_cred=server_creds) server_tok = server_resp[3] client_resp2 = gb.initSecContext(target_name, context=client_ctx, input_token=server_tok) ctx = client_resp2[0] inq_resp = gb.inquireContext(ctx) inq_resp.shouldnt_be_none() (src_name, target_name, ttl, mech_type, flags, local_est, is_open) = inq_resp src_name.shouldnt_be_none() src_name.should_be_a(gb.Name) target_name.shouldnt_be_none() target_name.should_be_a(gb.Name) ttl.should_be_an_integer() mech_type.shouldnt_be_none() mech_type.should_be(gb.MechType.kerberos) flags.shouldnt_be_none() flags.should_be_a(list) flags.shouldnt_be_empty() local_est.should_be_a(bool) local_est.should_be_true() is_open.should_be_a(bool) is_open.should_be_true()
def test_acquire_creds(self): name = gb.importName(SERVICE_PRINCIPAL, gb.NameType.principal) cred_resp = gb.acquireCred(name) cred_resp.shouldnt_be_none() (creds, actual_mechs, ttl) = cred_resp creds.shouldnt_be_none() creds.should_be_a(gb.Creds) actual_mechs.shouldnt_be_empty() actual_mechs.should_include(gb.MechType.kerberos) ttl.should_be_an_integer() gb.releaseName(name) gb.releaseCred(creds)
def test_acquire_creds(self): name = gb.importName( (TARGET_SERVICE_NAME + b'/' + socket.getfqdn().encode('utf-8')), gb.NameType.principal) cred_resp = gb.acquireCred(name) cred_resp.shouldnt_be_none() (creds, actual_mechs, ttl) = cred_resp creds.shouldnt_be_none() creds.should_be_a(gb.Creds) actual_mechs.shouldnt_be_empty() actual_mechs.should_include(gb.MechType.kerberos) ttl.should_be_an_integer() gb.releaseName(name) gb.releaseCred(creds)
def setUp(self): self.target_name = gb.importName(TARGET_SERVICE_NAME) ctx_resp = gb.initSecContext(self.target_name) self.client_token1 = ctx_resp[3] self.client_ctx = ctx_resp[0] self.server_name = gb.importName(SERVICE_PRINCIPAL, gb.NameType.principal) self.server_creds = gb.acquireCred(self.server_name)[0] server_resp = gb.acceptSecContext(self.client_token1, acceptor_cred=self.server_creds) self.server_ctx = server_resp[0] self.server_tok = server_resp[3] client_resp2 = gb.initSecContext(self.target_name, context=self.client_ctx, input_token=self.server_tok) self.client_token2 = client_resp2[3] self.client_ctx = client_resp2[0]
def test_acquire_creds(self): name = gb.importName((TARGET_SERVICE_NAME + b'/' + socket.getfqdn().encode('utf-8')), gb.NameType.principal) cred_resp = gb.acquireCred(name) cred_resp.shouldnt_be_none() (creds, actual_mechs, ttl) = cred_resp creds.shouldnt_be_none() creds.should_be_a(gb.Creds) actual_mechs.shouldnt_be_empty() actual_mechs.should_include(gb.MechType.kerberos) ttl.should_be_an_integer() gb.releaseName(name) gb.releaseCred(creds)
def setUp(self): self.target_name = gb.importName(TARGET_SERVICE_NAME) ctx_resp = gb.initSecContext(self.target_name) self.client_token1 = ctx_resp[3] self.client_ctx = ctx_resp[0] str_server_name = (TARGET_SERVICE_NAME + b'/' + socket.getfqdn().encode('utf-8')) self.server_name = gb.importName(str_server_name, gb.NameType.principal) self.server_creds = gb.acquireCred(self.server_name)[0] server_resp = gb.acceptSecContext(self.client_token1, acceptor_cred=self.server_creds) self.server_ctx = server_resp[0] self.server_tok = server_resp[3] client_resp2 = gb.initSecContext(self.target_name, context=self.client_ctx, input_token=self.server_tok) self.client_token2 = client_resp2[3] self.client_ctx = client_resp2[0]
def acquire(cls, *args, **kwargs): """ Acquire credentials for the given name This method acquires credentials for the given name. All parameters behave equivalently to those of :func:`gssapi.base.impl.acquireCred`, except as noted here. :param usage: the cred usage :type usage: 'both', 'initiate', 'accept' :returns: the acquired credentials :rtype: GSSCredentials """ resp = gss.acquireCred(*args, **kwargs) res = cls(resp[0]) res.ttl = resp[2] res.mechs = resp[1] return res
def test_context_time(self): target_name = gb.importName(TARGET_SERVICE_NAME) ctx_resp = gb.initSecContext(target_name) client_token1 = ctx_resp[3] client_ctx = ctx_resp[0] server_name = gb.importName(SERVICE_PRINCIPAL, gb.NameType.principal) server_creds = gb.acquireCred(server_name)[0] server_resp = gb.acceptSecContext(client_token1, acceptor_cred=server_creds) server_tok = server_resp[3] client_resp2 = gb.initSecContext(target_name, context=client_ctx, input_token=server_tok) ctx = client_resp2[0] ttl = gb.contextTime(ctx) ttl.should_be_an_integer() ttl.should_be_greater_than(0)
def test_context_time(self): target_name = gb.importName(TARGET_SERVICE_NAME) ctx_resp = gb.initSecContext(target_name) client_token1 = ctx_resp[3] client_ctx = ctx_resp[0] str_server_name = (TARGET_SERVICE_NAME + b'/' + socket.getfqdn().encode('utf-8')) server_name = gb.importName(str_server_name, gb.NameType.principal) server_creds = gb.acquireCred(server_name)[0] server_resp = gb.acceptSecContext(client_token1, acceptor_cred=server_creds) server_tok = server_resp[3] client_resp2 = gb.initSecContext(target_name, context=client_ctx, input_token=server_tok) ctx = client_resp2[0] ttl = gb.contextTime(ctx) ttl.should_be_an_integer() ttl.should_be_greater_than(0)