def test_gssapi_missing(self): gssapi = sys.modules.pop('gssapi', None) GSSAPI = sasl._get_gssapi_mechanism() with pytest.raises(NotImplementedError): GSSAPI() if gssapi is not None: sys.modules['gssapi'] = gssapi
def test_gssapi_no_rdns(self): with self.fake_gssapi() as gssapi: connection = Mock() connection.transport.host = 'broker.example.org' GSSAPI = sasl._get_gssapi_mechanism() mech = GSSAPI() mech.start(connection) gssapi.Name.assert_called_with(b'*****@*****.**', gssapi.NameType.hostbased_service)
def test_gssapi_rdns(self, gethostbyaddr): with self.fake_gssapi() as gssapi: connection = Mock() connection.transport.sock.getpeername.return_value = ('192.0.2.0', 5672) connection.transport.sock.family = socket.AF_INET gethostbyaddr.return_value = ('broker.example.org', (), ()) GSSAPI = sasl._get_gssapi_mechanism() mech = GSSAPI(rdns=True) mech.start(connection) connection.transport.sock.getpeername.assert_called() gethostbyaddr.assert_called_with('192.0.2.0') gssapi.Name.assert_called_with(b'*****@*****.**', gssapi.NameType.hostbased_service)
def test_gssapi_rdns(self): with self.fake_gssapi() as gssapi, patch('socket.gethostbyaddr') as gethostbyaddr: connection = Mock() connection.transport.sock.getpeername.return_value = ('192.0.2.0', 5672) connection.transport.sock.family = socket.AF_INET gethostbyaddr.return_value = ('broker.example.org', (), ()) GSSAPI = sasl._get_gssapi_mechanism() mech = GSSAPI(rdns=True) mech.start(connection) connection.transport.sock.getpeername.assert_called() gethostbyaddr.assert_called_with('192.0.2.0') gssapi.Name.assert_called_with(b'*****@*****.**', gssapi.NameType.hostbased_service)
def test_gssapi_step_without_client_name(self): with self.fake_gssapi() as gssapi: context = Mock() context.step.return_value = b'secrets' name = Mock() gssapi.SecurityContext.return_value = context gssapi.Name.return_value = name connection = Mock() connection.transport.host = 'broker.example.org' GSSAPI = sasl._get_gssapi_mechanism() mech = GSSAPI() response = mech.start(connection) gssapi.SecurityContext.assert_called_with(name=name, creds=None) context.step.assert_called_with(None) assert response == b'secrets'
def test_gssapi_step_with_client_name(self): with self.fake_gssapi() as gssapi: context = Mock() context.step.return_value = b'secrets' client_name, service_name, credentials = Mock(), Mock(), Mock() gssapi.SecurityContext.return_value = context gssapi.Credentials.return_value = credentials gssapi.Name.side_effect = [client_name, service_name] connection = Mock() connection.transport.host = 'broker.example.org' GSSAPI = sasl._get_gssapi_mechanism() mech = GSSAPI(client_name='amqp-client/client.example.org') response = mech.start(connection) gssapi.Name.assert_has_calls([ call(b'amqp-client/client.example.org'), call(b'*****@*****.**', gssapi.NameType.hostbased_service)]) gssapi.Credentials.assert_called_with(name=client_name) gssapi.SecurityContext.assert_called_with(name=service_name, creds=credentials) context.step.assert_called_with(None) assert response == b'secrets'