[CalendarServer-changes] [4223] PyKerberos/trunk/test.py

source_changes at macosforge.org source_changes at macosforge.org
Mon May 11 07:24:29 PDT 2009 

Revision: 4223
          http://trac.macosforge.org/projects/calendarserver/changeset/4223
Author:   cdaboo at apple.com
Date:     2009-05-11 07:24:27 -0700 (Mon, 11 May 2009)
Log Message:
-----------
Fix some bugs. Add more command line options to help specify particular actions to do.

Modified Paths:
--------------
    PyKerberos/trunk/test.py

Modified: PyKerberos/trunk/test.py
===================================================================
--- PyKerberos/trunk/test.py	2009-05-09 03:05:43 UTC (rev 4222)
+++ PyKerberos/trunk/test.py	2009-05-11 14:24:27 UTC (rev 4223)
@@ -19,6 +19,8 @@
 import getopt
 import sys
 import httplib
+import socket
+import ssl
 
 def main():
     
@@ -29,9 +31,10 @@
     host = "host.example.com"
     realm ="HOST.EXAMPLE.COM"
     port = 8008
-    ssl = False
+    use_ssl = False
+    allowedActions = ("service", "basic", "gssapi", "server",)
     
-    options, args = getopt.getopt(sys.argv[1:], "u:p:s:h:i:r:")
+    options, args = getopt.getopt(sys.argv[1:], "u:p:s:h:i:r:x")
 
     for option, value in options:
         if option == "-u":
@@ -46,24 +49,39 @@
             port = value
         elif option == "-r":
             realm = value
+        elif option == "-x":
+            use_ssl = True
     
+    actions = set()
+    for arg in args:
+        if arg in allowedActions:
+            actions.add(arg)
+        else:
+            print "Action not allowed: %s" % (arg,)
+            sys.exit(1)
+    
     # Get service principal
-    print "\n*** Running Service Principal test"
-    s, h = service.split("@")
-    testServicePrincipal(s, h);
+    if "service" in actions:
+        print "\n*** Running Service Principal test"
+        s, h = service.split("@")
+        testServicePrincipal(s, h);
 
-    # Run tests
-    if (len(user) != 0) and (len(pswd) != 0):
-        print "\n*** Running basic test"
-        testCheckpassword(user, pswd, service, realm)
-    else:
-        print "\n*** Skipping basic test: no user or password specified"
+    # GSS Basic test
+    if "basic" in actions:
+        if (len(user) != 0) and (len(pswd) != 0):
+            print "\n*** Running basic test"
+            testCheckpassword(user, pswd, service, realm)
+        else:
+            print "\n*** Skipping basic test: no user or password specified"
 
-    print "\n*** Running GSSAPI test"
-    testGSSAPI(service)
+    # Full GSSAPI test
+    if "gssapi" in actions:
+        print "\n*** Running GSSAPI test"
+        testGSSAPI(service)
 
-    print "\n*** Running HTTP test"
-    testHTTP(host, port, ssl, service)
+    if "server" in actions:
+        print "\n*** Running HTTP test"
+        testHTTP(host, port, use_ssl, service)
 
     print "\n*** Done\n"
 
@@ -126,11 +144,21 @@
     rs = kerberos.authGSSServerClean(vs);
     print "Status for authGSSServerClean = %s" % statusText(rs);
 
-def testHTTP(host, port, ssl, service):
+def testHTTP(host, port, use_ssl, service):
+
+    class HTTPSConnection_SSLv3(httplib.HTTPSConnection):
+        "This class allows communication via SSL."
+
+        def connect(self):
+            "Connect to a host on a given (SSL) port."
+
+            sock = socket.create_connection((self.host, self.port), self.timeout)
+            self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, ssl_version=ssl.PROTOCOL_SSLv3)
+
     def sendRequest(host, port, ssl, method, uri, headers):
         response = None
-        if ssl:
-            http = httplib.HTTPSConnection(host, port)
+        if use_ssl:
+            http = HTTPSConnection_SSLv3(host, port)
         else:
             http = httplib.HTTPConnection(host, port)
         try:
@@ -143,14 +171,14 @@
 
     # Initial request without auth header
     uri = "/principals/"
-    response = sendRequest(host, port, ssl, "OPTIONS", uri, {})
+    response = sendRequest(host, port, use_ssl, "OPTIONS", uri, {})
     
     if response is None:
         print "Initial HTTP request to server failed"
         return
     
     if response.status != 401:
-        print "Initial HTTP request did not result in a 404 response"
+        print "Initial HTTP request did not result in a 401 response"
         return
     
     hdrs = response.msg.getheaders("www-authenticate")
@@ -183,7 +211,7 @@
     hdrs["Authorization"] = "negotiate %s" % kerberos.authGSSClientResponse(vc)    
 
     # Second request with auth header
-    response = sendRequest(host, port, ssl, "OPTIONS", uri, hdrs)
+    response = sendRequest(host, port, use_ssl, "OPTIONS", uri, hdrs)
     
     if response is None:
         print "Second HTTP request to server failed"
@@ -200,7 +228,7 @@
     for hdr in hdrs:
         hdr = hdr.strip()
         splits = hdr.split(' ', 1)
-        if (len(splits) != 1) or (splits[0].lower() != "negotiate"):
+        if (len(splits) != 2) or (splits[0].lower() != "negotiate"):
             continue
         else:
             break
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090511/1ff9a8a1/attachment.html>

More information about the calendarserver-changes mailing list