Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/tests/t_alias.py
34889 views
1
from k5test import *

2


3
realm = K5Realm(create_host=False)

4


5
mark('getprinc')

6
realm.addprinc('canon')

7
realm.run([kadminl, 'alias', 'alias', '[email protected]'])

8
realm.run([kadminl, 'getprinc', 'alias'],

9
          expected_msg='Principal: [email protected]')

10


11
mark('delprinc')

12
realm.run([kadminl, 'delprinc', 'alias'])

13
realm.run([kadminl, 'getprinc', 'alias'], expected_code=1,

14
          expected_msg='does not exist')

15
realm.run([kadminl, 'getprinc', 'canon'], expected_msg=': [email protected]')

16


17
mark('no specified realm')

18
realm.run([kadminl, 'alias', 'alias', 'canon'])

19
realm.run([kadminl, 'getprinc', 'alias'], expected_msg=': [email protected]')

20


21
mark('cross-realm')

22
realm.run([kadminl, 'alias', 'x', '[email protected]'], expected_code=1,

23
          expected_msg='Alias target must be within the same realm')

24


25
mark('alias as service principal')

26
realm.extract_keytab('alias', realm.keytab)

27
realm.run([kvno, 'alias'])

28
realm.klist('[email protected]', '[email protected]')

29


30
mark('alias as client principal')

31
realm.kinit('alias', flags=['-k'])

32
realm.klist('[email protected]')

33
realm.kinit('alias', flags=['-k', '-C'])

34
realm.klist('[email protected]')

35


36
mark('chain')

37
realm.run([kadminl, 'alias', 'a1', 'canon'])

38
realm.run([kadminl, 'alias', 'a2', 'a1'])

39
realm.run([kadminl, 'alias', 'a3', 'a2'])

40
realm.run([kadminl, 'alias', 'a4', 'a3'])

41
realm.run([kadminl, 'alias', 'a5', 'a4'])

42
realm.run([kadminl, 'alias', 'a6', 'a5'])

43
realm.run([kadminl, 'alias', 'a7', 'a6'])

44
realm.run([kadminl, 'alias', 'a8', 'a7'])

45
realm.run([kadminl, 'alias', 'a9', 'a8'])

46
realm.run([kadminl, 'alias', 'a10', 'a9'])

47
realm.run([kadminl, 'alias', 'a11', 'a10'])

48
realm.run([kvno, 'a1'])

49
realm.run([kvno, 'a2'])

50
realm.run([kvno, 'a3'])

51
realm.run([kvno, 'a4'])

52
realm.run([kvno, 'a5'])

53
realm.run([kvno, 'a6'])

54
realm.run([kvno, 'a7'])

55
realm.run([kvno, 'a8'])

56
realm.run([kvno, 'a9'])

57
realm.run([kvno, 'a10'])

58
realm.run([kvno, 'a11'], expected_code=1,

59
          expected_msg='Server [email protected] not found in Kerberos database')

60


61
mark('circular chain')

62
realm.run([kadminl, 'alias', 'selfalias', 'selfalias'])

63
realm.run([kvno, 'selfalias'], expected_code=1,

64
          expected_msg='Server [email protected] not found')

65


66
mark('blocking creations')

67
realm.run([kadminl, 'addprinc', '-nokey', 'alias'], expected_code=1,

68
          expected_msg='already exists')

69
realm.run([kadminl, 'alias', 'alias', 'canon'], expected_code=1,

70
          expected_msg='already exists')

71
realm.run([kadminl, 'renprinc', 'user', 'alias'], expected_code=1,

72
          expected_msg='already exists')

73


74
# Non-resolving aliases being overwritable is emergent behavior;

75
# change the tests if the behavior changes.

76
mark('not blocking creations')

77
realm.run([kadminl, 'alias', 'xa1', 'x'])

78
realm.run([kadminl, 'alias', 'xa2', 'x'])

79
realm.run([kadminl, 'alias', 'xa3', 'x'])

80
realm.addprinc('xa1')

81
realm.run([kadminl, 'getprinc', 'xa1'], expected_msg=': [email protected]')

82
realm.run([kadminl, 'alias', 'xa2', 'canon'])

83
realm.run([kadminl, 'getprinc', 'xa2'], expected_msg=': [email protected]')

84
realm.run([kadminl, 'renprinc', 'xa1', 'xa3'])

85
realm.run([kadminl, 'getprinc', 'xa3'], expected_msg=': [email protected]')

86


87
mark('renprinc')

88
realm.run([kadminl, 'renprinc', 'alias', 'nalias'], expected_code=1,

89
          expected_msg='Operation unsupported on alias principal name')

90


91
mark('modprinc')

92
realm.run([kadminl, 'modprinc', '+preauth', 'alias'])

93
realm.run([kadminl, 'getprinc', 'canon'], expected_msg='REQUIRES_PRE_AUTH')

94


95
mark('cpw')

96
realm.run([kadminl, 'cpw', '-pw', 'pw', 'alias'])

97
realm.run([kadminl, 'getprinc', 'canon'], expected_msg='vno 2,')

98
realm.run([kadminl, 'cpw', '-e', 'aes256-cts', '-pw', 'pw', 'alias'])

99
realm.run([kadminl, 'getprinc', 'canon'], expected_msg='vno 3,')

100
realm.run([kadminl, 'cpw', '-randkey', 'alias'])

101
realm.run([kadminl, 'getprinc', 'canon'], expected_msg='vno 4,')

102
realm.run([kadminl, 'cpw', '-e', 'aes256-cts', '-randkey', 'alias'])

103
realm.run([kadminl, 'getprinc', 'canon'], expected_msg='vno 5,')

104


105
mark('listprincs')

106
realm.run([kadminl, 'listprincs'], expected_msg='[email protected]')

107


108
mark('purgekeys')

109
realm.run([kadminl, 'purgekeys', '-all', 'alias'])

110
realm.run([kadminl, 'getprinc', 'canon'], expected_msg='Number of keys: 0')

111


112
mark('setstr')

113
realm.run([kadminl, 'setstr', 'alias', 'key', 'value'])

114
realm.run([kadminl, 'getstrs', 'canon'], expected_msg='key: value')

115


116
mark('getstrs')

117
realm.run([kadminl, 'getstrs', 'alias'], expected_msg='key: value')

118


119
mark('delstr')

120
realm.run([kadminl, 'delstr', 'alias', 'key'])

121
realm.run([kadminl, 'getstrs', 'canon'],

122
          expected_msg='(No string attributes.)')

123


124
success('alias tests')

125


126