diff options
| author | Hugh Cole-Baker <sigmaris@gmail.com> | 2016-12-10 15:31:22 +0000 |
|---|---|---|
| committer | Tanja Huthmacher <tanja.huthmacher@atos.net> | 2018-09-19 11:10:50 +0200 |
| commit | a20936e18c0336476f8f4976257699a52e9a996e (patch) | |
| tree | 7bda8003fb9dddd47b7cd2e94e937c3999e8fca0 /tests | |
| parent | 92c53775d0143547abba7de9f9d70417bbbef3c8 (diff) | |
Test the new and old Python GSSAPI packages
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_gssapi.py | 49 |
1 files changed, 47 insertions, 2 deletions
diff --git a/tests/test_gssapi.py b/tests/test_gssapi.py index 3e8c39e8..04304c0f 100644 --- a/tests/test_gssapi.py +++ b/tests/test_gssapi.py @@ -52,9 +52,12 @@ class GSSAPITest(unittest.TestCase): """ Test the used methods of python-gssapi or sspi, sspicon from pywin32. """ - _API = "MIT" try: import gssapi + if hasattr(gssapi, '__title__') and gssapi.__title__ == 'python-gssapi': + _API = "PYTHON-GSSAPI-OLD" + else: + _API = "PYTHON-GSSAPI-NEW" except ImportError: import sspicon import sspi @@ -65,7 +68,7 @@ class GSSAPITest(unittest.TestCase): gss_ctxt_status = False mic_msg = b"G'day Mate!" - if _API == "MIT": + if _API == "PYTHON-GSSAPI-OLD": if self.server_mode: gss_flags = ( gssapi.C_PROT_READY_FLAG, @@ -113,6 +116,48 @@ class GSSAPITest(unittest.TestCase): # Check MIC status = gss_srv_ctxt.verify_mic(mic_msg, mic_token) self.assertEquals(0, status) + elif _API == "PYTHON-GSSAPI-NEW": + if server_mode: + gss_flags = (gssapi.RequirementFlag.protection_ready, + gssapi.RequirementFlag.integrity, + gssapi.RequirementFlag.mutual_authentication, + gssapi.RequirementFlag.delegate_to_peer) + else: + gss_flags = (gssapi.RequirementFlag.protection_ready, + gssapi.RequirementFlag.integrity, + gssapi.RequirementFlag.delegate_to_peer) + # Initialize a GSS-API context. + krb5_oid = gssapi.MechType.kerberos + target_name = gssapi.Name("host@" + targ_name, + name_type=gssapi.NameType.hostbased_service) + gss_ctxt = gssapi.SecurityContext(name=target_name, + flags=gss_flags, + mech=krb5_oid, + usage='initiate') + if server_mode: + c_token = gss_ctxt.step(c_token) + gss_ctxt_status = gss_ctxt.complete + self.assertEquals(False, gss_ctxt_status) + # Accept a GSS-API context. + gss_srv_ctxt = gssapi.SecurityContext(usage='accept') + s_token = gss_srv_ctxt.step(c_token) + gss_ctxt_status = gss_srv_ctxt.complete + self.assertNotEquals(None, s_token) + self.assertEquals(True, gss_ctxt_status) + # Establish the client context + c_token = gss_ctxt.step(s_token) + self.assertEquals(None, c_token) + else: + while not gss_ctxt.complete: + c_token = gss_ctxt.step(c_token) + self.assertNotEquals(None, c_token) + # Build MIC + mic_token = gss_ctxt.get_signature(mic_msg) + + if server_mode: + # Check MIC + status = gss_srv_ctxt.verify_signature(mic_msg, mic_token) + self.assertEquals(0, status) else: gss_flags = ( sspicon.ISC_REQ_INTEGRITY |