Best Python code snippet using lisa_python
t_gssapi.py
Source:t_gssapi.py
1#!/usr/bin/python2from k5test import *3# Test krb5 negotiation under SPNEGO for all enctype configurations.4for realm in multipass_realms():5 realm.run_as_client(['./t_spnego', realm.host_princ, realm.keytab])6### Test acceptor name behavior.7realm = K5Realm(start_kadmind=False)8# Create some host-based principals and put most of them into the9# keytab. Rename one principal so that the keytab name matches the10# key but not the client name.11realm.run_kadminl('addprinc -randkey service1/abraham')12realm.run_kadminl('addprinc -randkey service1/barack')13realm.run_kadminl('addprinc -randkey service2/calvin')14realm.run_kadminl('addprinc -randkey service2/dwight')15realm.run_kadminl('addprinc -randkey host/-nomatch-')16realm.run_kadminl('xst service1/abraham')17realm.run_kadminl('xst service1/barack')18realm.run_kadminl('xst service2/calvin')19realm.run_kadminl('renprinc -force service1/abraham service1/andrew')20# Test with no acceptor name, including client/keytab principal21# mismatch (non-fatal) and missing keytab entry (fatal).22output = realm.run_as_client(['./t_accname', 'service1/andrew'])23if 'service1/abraham' not in output:24 fail('Expected service1/abraham in t_accname output')25output = realm.run_as_client(['./t_accname', 'service1/barack'])26if 'service1/barack' not in output:27 fail('Expected service1/barack in t_accname output')28output = realm.run_as_client(['./t_accname', 'service2/calvin'])29if 'service2/calvin' not in output:30 fail('Expected service1/barack in t_accname output')31output = realm.run_as_client(['./t_accname', 'service2/dwight'],32 expected_code=1)33if 'Wrong principal in request' not in output:34 fail('Expected error message not seen in t_accname output')35# Test with acceptor name containing service only, including36# client/keytab hostname mismatch (non-fatal) and service name37# mismatch (fatal).38output = realm.run_as_client(['./t_accname', 'service1/andrew', 'service1'])39if 'service1/abraham' not in output:40 fail('Expected service1/abraham in t_accname output')41output = realm.run_as_client(['./t_accname', 'service1/andrew', 'service2'],42 expected_code=1)43if 'Wrong principal in request' not in output:44 fail('Expected error message not seen in t_accname output')45output = realm.run_as_client(['./t_accname', 'service2/calvin', 'service2'])46if 'service2/calvin' not in output:47 fail('Expected service2/calvin in t_accname output')48output = realm.run_as_client(['./t_accname', 'service2/calvin', 'service1'],49 expected_code=1)50if 'Wrong principal in request' not in output:51 fail('Expected error message not seen in t_accname output')52# Test with acceptor name containing service and host. Use the53# client's un-canonicalized hostname as acceptor input to mirror what54# many servers do.55output = realm.run_as_client(['./t_accname', realm.host_princ,56 'host@%s' % socket.gethostname()])57if realm.host_princ not in output:58 fail('Expected %s in t_accname output' % realm.host_princ)59output = realm.run_as_client(['./t_accname', 'host/-nomatch-',60 'host@%s' % socket.gethostname()],61 expected_code=1)62if 'Wrong principal in request' not in output:63 fail('Expected error message not seen in t_accname output')64# Test krb5_gss_import_cred.65realm.run_as_client(['./t_imp_cred', 'service1/barack'])66realm.run_as_client(['./t_imp_cred', 'service1/barack', 'service1/barack'])67realm.run_as_client(['./t_imp_cred', 'service1/andrew', 'service1/abraham'])68output = realm.run_as_client(['./t_imp_cred', 'service2/dwight'],69 expected_code=1)70if 'Wrong principal in request' not in output:71 fail('Expected error message not seen in t_imp_cred output')72realm.stop()73# Re-run the last acceptor name test with ignore_acceptor_hostname set74# and the principal for the mismatching hostname in the keytab.75ignore_conf = { 'all' : { 'libdefaults' : {76 'ignore_acceptor_hostname' : 'true' } } }77realm = K5Realm(krb5_conf=ignore_conf, start_kadmind=False)78realm.run_kadminl('addprinc -randkey host/-nomatch-')79realm.run_kadminl('xst host/-nomatch-')80output = realm.run_as_client(['./t_accname', 'host/-nomatch-',81 'host@%s' % socket.gethostname()])82if 'host/-nomatch-' not in output:83 fail('Expected host/-nomatch- in t_accname output')...
t_keyrollover.py
Source:t_keyrollover.py
...6princ1 = 'host/test1@%s' % (realm.realm,)7princ2 = 'host/test2@%s' % (realm.realm,)8realm.addprinc(princ1)9realm.addprinc(princ2)10realm.run_as_client([kvno, realm.host_princ])11# Change key for TGS, keeping old key.12realm.run_kadminl('cpw -randkey -e aes256-cts:normal -keepold krbtgt/%s@%s' %13 (realm.realm, realm.realm))14# Ensure that kvno still works with an old TGT.15realm.run_as_client([kvno, princ1])16realm.run_kadminl('purgekeys krbtgt/%s@%s' % (realm.realm, realm.realm))17# Make sure an old TGT fails after purging old TGS key.18realm.run_as_client([kvno, princ2], expected_code=1)19output = realm.run_as_client([klist, '-e'])20expected = 'krbtgt/%s@%s\n\tEtype (skey, tkt): des-cbc-crc, des-cbc-crc' % \21 (realm.realm, realm.realm)22if expected not in output:23 fail('keyrollover: expected TGS enctype not found')24# Check that new key actually works.25realm.kinit(realm.user_princ, password('user'))26realm.run_as_client([kvno, realm.host_princ])27output = realm.run_as_client([klist, '-e'])28expected = 'krbtgt/%s@%s\n\tEtype (skey, tkt): ' \29 'aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96' % \30 (realm.realm, realm.realm)31if expected not in output:32 fail('keyrollover: expected TGS enctype not found after change')...
Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.
You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.
Get 100 minutes of automation test minutes FREE!!