예제 #1
0
def client_worker(in_q, out_q):
    default_accept_cred = Credential(usage=C_ACCEPT)
    ctx = InitContext(default_accept_cred.name)
    token = None
    while not ctx.established:
        out_q.put(ctx.step(token))
        token = in_q.get()
예제 #2
0
 def test_unseq_raises(self):
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       req_flags=(C_SEQUENCE_FLAG, ))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!UNSEQTEST')
     msg1 = ctx.wrap(b'msg_from_client1')
     msg2 = ctx.wrap(b'msg_from_client2')
     msg3 = ctx.wrap(b'msg_from_client3')
     self._writeline(base64.b64encode(msg1))
     self._writeline(base64.b64encode(msg3))
     self._writeline(base64.b64encode(msg2))
     in1 = self.sockfile.readline()
     in2 = self.sockfile.readline()
     in3 = self.sockfile.readline()
     msg1 = ctx.unwrap(base64.b64decode(in1))
     self.assertEqual(msg1, b'msg_from_server1')
     try:
         ctx.unwrap(base64.b64decode(in2))
     except GSSCException as exc:
         self.assertEqual(S_GAP_TOKEN, (S_GAP_TOKEN & exc.maj_status))
     else:
         self.fail("Detecting a gap token must raise GSSCException")
     try:
         ctx.unwrap(base64.b64decode(in3))
     except GSSCException as exc:
         self.assertEqual(S_UNSEQ_TOKEN, (S_UNSEQ_TOKEN & exc.maj_status))
     else:
         self.fail("Detecting an unseq token must raise GSSCException")
예제 #3
0
 def test_replay(self):
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       req_flags=(C_REPLAY_FLAG, ))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!REPLAYTEST')
     msg1 = ctx.wrap(b'msg_from_client1')
     msg2 = ctx.wrap(b'msg_from_client2')
     self._writeline(base64.b64encode(msg1))
     self._writeline(base64.b64encode(msg2))
     self._writeline(base64.b64encode(msg1))
     in1 = self.sockfile.readline()
     in2 = self.sockfile.readline()
     in3 = self.sockfile.readline()
     msg1, supp1 = ctx.unwrap(base64.b64decode(in1), supplementary=True)
     msg2, supp2 = ctx.unwrap(base64.b64decode(in2), supplementary=True)
     msg3, supp3 = ctx.unwrap(base64.b64decode(in3), supplementary=True)
     self.assertEqual(msg1, b'msg_from_server1')
     self.assertEqual(msg2, b'msg_from_server2')
     self.assertEqual(msg3, b'msg_from_server1')
     self.assertIn(S_DUPLICATE_TOKEN, supp3)
     try:
         ctx.unwrap(base64.b64decode(in3))
     except GSSCException as exc:
         self.assertEqual(S_DUPLICATE_TOKEN,
                          (S_DUPLICATE_TOKEN & exc.maj_status))
     else:
         self.fail("Detecting a dupe token must raise GSSCException")
     try:
         ctx.unwrap(base64.b64decode(in2))
     except GSSCException as exc:
         self.assertEqual(S_DUPLICATE_TOKEN,
                          (S_DUPLICATE_TOKEN & exc.maj_status))
     else:
         self.fail("Detecting a dupe token must raise GSSCException")
예제 #4
0
 def test_get_wrap_size_limit(self):
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       req_flags=(C_CONF_FLAG, ))
     self._handshake(self.sockfile, ctx)
     assert ctx.confidentiality_negotiated
     wrap_size_limit = ctx.get_wrap_size_limit(512)
     self.assertLessEqual(wrap_size_limit, 512)
     msg = b'*' * wrap_size_limit
     self.assertLessEqual(len(ctx.wrap(msg)), 512)
     self._writeline(b'!NOOP')
예제 #5
0
 def test_wrapping(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE),
         req_flags=(C_CONF_FLAG,)
     )
     self._handshake(self.sockfile, ctx)
     assert ctx.confidentiality_negotiated
     self._writeline(b'!WRAPTEST')
     self._writeline(base64.b64encode(ctx.wrap(b'msg_from_client')))
     self.assertEqual(self.sockfile.readline().strip(), b'!OK')
     self.assertEqual(ctx.unwrap(base64.b64decode(self.sockfile.readline())), b'msg_from_server')
예제 #6
0
 def test_wrapping(self):
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       req_flags=(C_CONF_FLAG, ))
     self._handshake(self.sockfile, ctx)
     assert ctx.confidentiality_negotiated
     self._writeline(b'!WRAPTEST')
     self._writeline(base64.b64encode(ctx.wrap(b'msg_from_client')))
     self.assertEqual(self.sockfile.readline().strip(), b'!OK')
     self.assertEqual(
         ctx.unwrap(base64.b64decode(self.sockfile.readline())),
         b'msg_from_server')
예제 #7
0
 def test_get_wrap_size_limit(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE),
         req_flags=(C_CONF_FLAG,)
     )
     self._handshake(self.sockfile, ctx)
     assert ctx.confidentiality_negotiated
     wrap_size_limit = ctx.get_wrap_size_limit(512)
     self.assertLessEqual(wrap_size_limit, 512)
     msg = b'*' * wrap_size_limit
     self.assertLessEqual(len(ctx.wrap(msg)), 512)
     self._writeline(b'!NOOP')
예제 #8
0
 def test_mic(self):
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       req_flags=(C_INTEG_FLAG, ))
     self._handshake(self.sockfile, ctx)
     assert ctx.integrity_negotiated
     self._writeline(b'!MICTEST')
     self._writeline(b'msg_from_client')
     self._writeline(base64.b64encode(ctx.get_mic(b'msg_from_client')))
     self.assertEqual(self.sockfile.readline().strip(), b'!OK')
     self.assertEqual(self.sockfile.readline().strip(), b'msg_from_server')
     ctx.verify_mic(b'msg_from_server',
                    base64.b64decode(self.sockfile.readline()))
예제 #9
0
 def test_mic(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE),
         req_flags=(C_INTEG_FLAG,)
     )
     self._handshake(self.sockfile, ctx)
     assert ctx.integrity_negotiated
     self._writeline(b'!MICTEST')
     self._writeline(b'msg_from_client')
     self._writeline(base64.b64encode(ctx.get_mic(b'msg_from_client')))
     self.assertEqual(self.sockfile.readline().strip(), b'!OK')
     self.assertEqual(self.sockfile.readline().strip(), b'msg_from_server')
     ctx.verify_mic(b'msg_from_server', base64.b64decode(self.sockfile.readline()))
예제 #10
0
 def test_unseq_raises(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE),
         req_flags=(C_SEQUENCE_FLAG,)
     )
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!UNSEQTEST')
     msg1 = ctx.wrap(b'msg_from_client1')
     msg2 = ctx.wrap(b'msg_from_client2')
     msg3 = ctx.wrap(b'msg_from_client3')
     self._writeline(base64.b64encode(msg1))
     self._writeline(base64.b64encode(msg3))
     self._writeline(base64.b64encode(msg2))
     in1 = self.sockfile.readline()
     in2 = self.sockfile.readline()
     in3 = self.sockfile.readline()
     msg1 = ctx.unwrap(base64.b64decode(in1))
     self.assertEqual(msg1, b'msg_from_server1')
     try:
         ctx.unwrap(base64.b64decode(in2))
     except GSSCException as exc:
         self.assertEqual(S_GAP_TOKEN, (S_GAP_TOKEN & exc.maj_status))
     else:
         self.fail("Detecting a gap token must raise GSSCException")
     try:
         ctx.unwrap(base64.b64decode(in3))
     except GSSCException as exc:
         self.assertEqual(S_UNSEQ_TOKEN, (S_UNSEQ_TOKEN & exc.maj_status))
     else:
         self.fail("Detecting an unseq token must raise GSSCException")
예제 #11
0
 def test_replay(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE),
         req_flags=(C_REPLAY_FLAG,)
     )
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!REPLAYTEST')
     msg1 = ctx.wrap(b'msg_from_client1')
     msg2 = ctx.wrap(b'msg_from_client2')
     self._writeline(base64.b64encode(msg1))
     self._writeline(base64.b64encode(msg2))
     self._writeline(base64.b64encode(msg1))
     in1 = self.sockfile.readline()
     in2 = self.sockfile.readline()
     in3 = self.sockfile.readline()
     msg1, supp1 = ctx.unwrap(base64.b64decode(in1), supplementary=True)
     msg2, supp2 = ctx.unwrap(base64.b64decode(in2), supplementary=True)
     msg3, supp3 = ctx.unwrap(base64.b64decode(in3), supplementary=True)
     self.assertEqual(msg1, b'msg_from_server1')
     self.assertEqual(msg2, b'msg_from_server2')
     self.assertEqual(msg3, b'msg_from_server1')
     self.assertIn(S_DUPLICATE_TOKEN, supp3)
     try:
         ctx.unwrap(base64.b64decode(in3))
     except GSSCException as exc:
         self.assertEqual(S_DUPLICATE_TOKEN, (S_DUPLICATE_TOKEN & exc.maj_status))
     else:
         self.fail("Detecting a dupe token must raise GSSCException")
     try:
         ctx.unwrap(base64.b64decode(in2))
     except GSSCException as exc:
         self.assertEqual(S_DUPLICATE_TOKEN, (S_DUPLICATE_TOKEN & exc.maj_status))
     else:
         self.fail("Detecting a dupe token must raise GSSCException")
예제 #12
0
 def test_basic_handshake(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!MYNAME')
     self.assertEqual(self.sockfile.readline().strip(),
                      b'*****@*****.**')
예제 #13
0
 def test_lifetime(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!LIFETIME')
     self.assertLess(
         abs(int(self.sockfile.readline().strip()) - ctx.lifetime), 10)
예제 #14
0
 def test_mech_type(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!MECHTYPE')
     self.assertEqual(self.sockfile.readline().strip().decode('utf-8'),
                      str(ctx.mech_type))
예제 #15
0
 def test_gap(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE),
         req_flags=(C_REPLAY_FLAG, C_SEQUENCE_FLAG)
     )
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!GAPTEST')
     msg1 = ctx.wrap(b'msg_from_client1')
     msg2 = ctx.wrap(b'msg_from_client2')
     msg3 = ctx.wrap(b'msg_from_client3')
     self._writeline(base64.b64encode(msg1))
     self._writeline(base64.b64encode(msg3))
     msg1, supp1 = ctx.unwrap(base64.b64decode(self.sockfile.readline()), supplementary=True)
     msg2, supp2 = ctx.unwrap(base64.b64decode(self.sockfile.readline()), supplementary=True)
     self.assertEqual(msg1, b'msg_from_server1')
     self.assertEqual(msg2, b'msg_from_server3')
     self.assertIn(S_GAP_TOKEN, supp2)
예제 #16
0
 def test_store_deleg_cred(self):
     cred = Credential(usage=C_INITIATE)
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       cred,
                       req_flags=(C_DELEG_FLAG, ))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!DELEGSTORE')
     self.assertEqual(self.sockfile.readline().strip(), b'!OK')
예제 #17
0
 def tearDownClass(cls):
     cls.logger.info("*** client starting shutdown ***")
     sock, sockfile = cls._connect()
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE))
     cls._handshake(sockfile, ctx)
     cls.logger.info("*** client sending SHUTDOWN command ***")
     sockfile.write(b'!SHUTDOWN\n')
     sockfile.close()
     sock.close()
예제 #18
0
 def test_cred_with_password(self):
     cred = Credential(Name('*****@*****.**'),
                       usage=C_INITIATE,
                       password=b'userpassword')
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE),
         cred)
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!MYNAME')
     self.assertEqual(self.sockfile.readline().strip(),
                      b'*****@*****.**')
예제 #19
0
 def test_deleg_cred(self):
     cred = Credential(usage=C_INITIATE)
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       cred,
                       req_flags=(C_DELEG_FLAG, ))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!DELEGTEST')
     self.assertEqual(self.sockfile.readline().strip(), b'!OK')
     self.assertEqual(self.sockfile.readline().strip(),
                      b'*****@*****.**')
     self.assertLess(
         abs(int(self.sockfile.readline().strip()) - cred.lifetime), 10)
예제 #20
0
 def test_unseq(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE),
         req_flags=(C_SEQUENCE_FLAG,)
     )
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!UNSEQTEST')
     msg1 = ctx.wrap(b'msg_from_client1')
     msg2 = ctx.wrap(b'msg_from_client2')
     msg3 = ctx.wrap(b'msg_from_client3')
     self._writeline(base64.b64encode(msg1))
     self._writeline(base64.b64encode(msg3))
     self._writeline(base64.b64encode(msg2))
     in1 = self.sockfile.readline()
     in2 = self.sockfile.readline()
     in3 = self.sockfile.readline()
     msg1, supp1 = ctx.unwrap(base64.b64decode(in1), supplementary=True)
     msg2, supp2 = ctx.unwrap(base64.b64decode(in2), supplementary=True)
     msg3, supp3 = ctx.unwrap(base64.b64decode(in3), supplementary=True)
     self.assertEqual(msg1, b'msg_from_server1')
     self.assertEqual(msg2, b'msg_from_server3')
     self.assertEqual(msg3, b'msg_from_server2')
     self.assertIn(S_UNSEQ_TOKEN, supp3)
예제 #21
0
 def test_gap(self):
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       req_flags=(C_REPLAY_FLAG, C_SEQUENCE_FLAG))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!GAPTEST')
     msg1 = ctx.wrap(b'msg_from_client1')
     msg2 = ctx.wrap(b'msg_from_client2')
     msg3 = ctx.wrap(b'msg_from_client3')
     self._writeline(base64.b64encode(msg1))
     self._writeline(base64.b64encode(msg3))
     msg1, supp1 = ctx.unwrap(base64.b64decode(self.sockfile.readline()),
                              supplementary=True)
     msg2, supp2 = ctx.unwrap(base64.b64decode(self.sockfile.readline()),
                              supplementary=True)
     self.assertEqual(msg1, b'msg_from_server1')
     self.assertEqual(msg2, b'msg_from_server3')
     self.assertIn(S_GAP_TOKEN, supp2)
예제 #22
0
 def test_unseq(self):
     ctx = InitContext(Name("*****@*****.**",
                            C_NT_HOSTBASED_SERVICE),
                       req_flags=(C_SEQUENCE_FLAG, ))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!UNSEQTEST')
     msg1 = ctx.wrap(b'msg_from_client1')
     msg2 = ctx.wrap(b'msg_from_client2')
     msg3 = ctx.wrap(b'msg_from_client3')
     self._writeline(base64.b64encode(msg1))
     self._writeline(base64.b64encode(msg3))
     self._writeline(base64.b64encode(msg2))
     in1 = self.sockfile.readline()
     in2 = self.sockfile.readline()
     in3 = self.sockfile.readline()
     msg1, supp1 = ctx.unwrap(base64.b64decode(in1), supplementary=True)
     msg2, supp2 = ctx.unwrap(base64.b64decode(in2), supplementary=True)
     msg3, supp3 = ctx.unwrap(base64.b64decode(in3), supplementary=True)
     self.assertEqual(msg1, b'msg_from_server1')
     self.assertEqual(msg2, b'msg_from_server3')
     self.assertEqual(msg3, b'msg_from_server2')
     self.assertIn(S_UNSEQ_TOKEN, supp3)
예제 #23
0
 def test_no_deleg_cred(self):
     ctx = InitContext(
         Name("*****@*****.**", C_NT_HOSTBASED_SERVICE))
     self._handshake(self.sockfile, ctx)
     self._writeline(b'!DELEGTEST')
     self.assertEqual(self.sockfile.readline().strip(), b'!NOCRED')