Simplify k5test.py environments

The initial k5test.py design, copied from the dejagnu suite, is to create config files and environments for four expected roles: client, server, master, and slave. This approach exaggerates the complexity of the common case, where the configurations don't need to vary, and limits us to having just one slave for kprop/iprop tests. Instead, create just one configuration by default, and add a special_env() method which sets up a differently configured environment for the few test cases which need one. The run_as_*() methods are collapsed into just run(), which accepts an optional argument for the environment returned by special_env().
author: Greg Hudson <ghudson@mit.edu> 2012-12-16 16:55:29 -0500
committer: Greg Hudson <ghudson@mit.edu> 2012-12-20 11:45:20 -0500
commit: 966547dfeb011800d4b78b8e5d494813bc80559c (patch)
tree: 4226bd168056336c965a4aa77c845093ef723da3 /src/tests/t_sesskeynego.py
parent: 76c27cf7e3161e0f20f8935d82ae0f2feb77b01a (diff)
download: krb5-966547dfeb011800d4b78b8e5d494813bc80559c.tar.gz
krb5-966547dfeb011800d4b78b8e5d494813bc80559c.tar.xz
krb5-966547dfeb011800d4b78b8e5d494813bc80559c.zip
1 files changed, 18 insertions, 26 deletions
diff --git a/src/tests/t_sesskeynego.py b/src/tests/t_sesskeynego.py
index 9239e12544..3a4a81452f 100644
--- a/src/tests/t_sesskeynego.py
+++ b/src/tests/t_sesskeynego.py
@@ -8,8 +8,8 @@ etypes_re = re.compile(r'server@[^\n]+\n\tEtype \(skey, tkt\): '
                        '([^,]+), ([^\s]+)')
 def test_kvno(realm, expected_skey, expected_tkt):
     realm.kinit(realm.user_princ, password('user'))
-    realm.run_as_client([kvno, 'server'])
-    output = realm.run_as_client([klist, '-e'])
+    realm.run([kvno, 'server'])
+    output = realm.run([klist, '-e'])
     m = etypes_re.search(output)
     if not m:
         fail('could not parse etypes from klist -e output')
@@ -19,29 +19,21 @@ def test_kvno(realm, expected_skey, expected_tkt):
     if tkt != expected_tkt:
         fail('got ticket key type %s, expected %s' % (tkt, expected_tkt))
 
-krb5_conf1 = {'all': {'libdefaults': {
-            'default_tgs_enctypes': 'aes128-cts,aes256-cts'}}}
-
-krb5_conf2 = {'all': {'libdefaults': {
-            'default_tgs_enctypes': 'aes256-cts,aes128-cts'}}}
-
-krb5_conf3 = {'all': {'libdefaults': {
-            'allow_weak_crypto': 'true',
-            'default_tkt_enctypes': 'aes128-cts',
-            'default_tgs_enctypes': 'rc4-hmac,aes128-cts,des-cbc-crc'}}}
-
-krb5_conf4 = {'all' :{
-        'libdefaults': {
-            'allow_weak_crypto': 'true',
-            'default_tkt_enctypes': 'aes256-cts',
-            'default_tgs_enctypes': 'des-cbc-crc,rc4-hmac,aes256-cts'
-        },
-        'realms': {'$realm': {
-                'des_crc_session_supported' : 'false'}}}}
+conf1 = {'libdefaults': {'default_tgs_enctypes': 'aes128-cts,aes256-cts'}}
+conf2 = {'libdefaults': {'default_tgs_enctypes': 'aes256-cts,aes128-cts'}}
+conf3 = {'libdefaults': {
+        'allow_weak_crypto': 'true',
+        'default_tkt_enctypes': 'aes128-cts',
+        'default_tgs_enctypes': 'rc4-hmac,aes128-cts,des-cbc-crc'}}
+conf4 = {'libdefaults': {
+        'allow_weak_crypto': 'true',
+        'default_tkt_enctypes': 'aes256-cts',
+        'default_tgs_enctypes': 'des-cbc-crc,rc4-hmac,aes256-cts'},
+         'realms': {'$realm': {'des_crc_session_supported': 'false'}}}
 
 # Test with client request and session_enctypes preferring aes128, but
 # aes256 long-term key.
-realm = K5Realm(krb5_conf=krb5_conf1, create_host=False, get_creds=False)
+realm = K5Realm(krb5_conf=conf1, create_host=False, get_creds=False)
 realm.run_kadminl('addprinc -randkey -e aes256-cts:normal server')
 realm.run_kadminl('setstr server session_enctypes aes128-cts,aes256-cts')
 test_kvno(realm, 'aes128-cts-hmac-sha1-96', 'aes256-cts-hmac-sha1-96')
@@ -50,14 +42,14 @@ realm.stop()
 # Second go, almost same as first, but resulting session key must be aes256
 # because of the difference in default_tgs_enctypes order.  This tests that
 # session_enctypes doesn't change the order in which we negotiate.
-realm = K5Realm(krb5_conf=krb5_conf2, create_host=False, get_creds=False)
+realm = K5Realm(krb5_conf=conf2, create_host=False, get_creds=False)
 realm.run_kadminl('addprinc -randkey -e aes256-cts:normal server')
 realm.run_kadminl('setstr server session_enctypes aes128-cts,aes256-cts')
 test_kvno(realm, 'aes256-cts-hmac-sha1-96', 'aes256-cts-hmac-sha1-96')
 realm.stop()
 
-# Next we use krb5_conf3 and try various things.
-realm = K5Realm(krb5_conf=krb5_conf3, create_host=False, get_creds=False)
+# Next we use conf3 and try various things.
+realm = K5Realm(krb5_conf=conf3, create_host=False, get_creds=False)
 realm.run_kadminl('addprinc -randkey -e aes256-cts:normal server')
 
 # 3a: Negotiate aes128 session key when principal only has aes256 long-term.
@@ -75,7 +67,7 @@ test_kvno(realm, 'des-cbc-crc', 'aes256-cts-hmac-sha1-96')
 realm.stop()
 
 # Last go: test that we can disable the des-cbc-crc assumption
-realm = K5Realm(krb5_conf=krb5_conf4, get_creds=False)
+realm = K5Realm(krb5_conf=conf4, get_creds=False)
 realm.run_kadminl('addprinc -randkey -e aes256-cts:normal server')
 test_kvno(realm, 'aes256-cts-hmac-sha1-96', 'aes256-cts-hmac-sha1-96')
 realm.stop()
author	Greg Hudson <ghudson@mit.edu>	2012-12-16 16:55:29 -0500
committer	Greg Hudson <ghudson@mit.edu>	2012-12-20 11:45:20 -0500
commit	966547dfeb011800d4b78b8e5d494813bc80559c (patch)
tree	4226bd168056336c965a4aa77c845093ef723da3 /src/tests/t_sesskeynego.py
parent	76c27cf7e3161e0f20f8935d82ae0f2feb77b01a (diff)
download	krb5-966547dfeb011800d4b78b8e5d494813bc80559c.tar.gz krb5-966547dfeb011800d4b78b8e5d494813bc80559c.tar.xz krb5-966547dfeb011800d4b78b8e5d494813bc80559c.zip