<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[1247] CalendarServer/trunk/twistedcaldav</title>
</head>
<body>

<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.macosforge.org/projects/calendarserver/changeset/1247">1247</a></dd>
<dt>Author</dt> <dd>cdaboo@apple.com</dd>
<dt>Date</dt> <dd>2007-02-22 20:18:05 -0800 (Thu, 22 Feb 2007)</dd>
</dl>

<h3>Log Message</h3>
<pre>Fix error with failure to properly generate error strings. Also add some tests.</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#CalendarServertrunktwistedcaldavauthkerbpy">CalendarServer/trunk/twistedcaldav/authkerb.py</a></li>
</ul>

<h3>Added Paths</h3>
<ul>
<li><a href="#CalendarServertrunktwistedcaldavtesttest_kerberospy">CalendarServer/trunk/twistedcaldav/test/test_kerberos.py</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="CalendarServertrunktwistedcaldavauthkerbpy"></a>
<div class="modfile"><h4>Modified: CalendarServer/trunk/twistedcaldav/authkerb.py (1246 => 1247)</h4>
<pre class="diff"><span>
<span class="info">--- CalendarServer/trunk/twistedcaldav/authkerb.py        2007-02-23 04:12:49 UTC (rev 1246)
+++ CalendarServer/trunk/twistedcaldav/authkerb.py        2007-02-23 04:18:05 UTC (rev 1247)
</span><span class="lines">@@ -113,7 +113,7 @@
</span><span class="cx">                 kerberos.checkPassword(creds.username, creds.password, creds.service, creds.default_realm)
</span><span class="cx">             except kerberos.BasicAuthError, ex:
</span><span class="cx">                 logging.err(&quot;%s&quot; % (ex[0],), system=&quot;BasicKerberosCredentialsChecker&quot;)
</span><del>-                raise error.UnauthorizedLogin(&quot;Bad credentials for: %s (%s)&quot; % (pcreds.authnURI, ex[0],))
</del><ins>+                raise error.UnauthorizedLogin(&quot;Bad credentials for: %s (%s: %s)&quot; % (pcreds.authnURI, ex[0], ex[1],))
</ins><span class="cx">             else:
</span><span class="cx">                 return succeed((pcreds.authnURI, pcreds.authzURI,))
</span><span class="cx">         
</span><span class="lines">@@ -156,14 +156,14 @@
</span><span class="cx">         try:
</span><span class="cx">             result, context = kerberos.authGSSServerInit(self.service);
</span><span class="cx">         except kerberos.GSSError, ex:
</span><del>-            logging.err(&quot;authGSSServerInit: %s&quot; % (ex[0][0], ex[1][0],), system=&quot;NegotiateCredentialFactory&quot;)
</del><ins>+            logging.err(&quot;authGSSServerInit: %s(%s)&quot; % (ex[0][0], ex[1][0],), system=&quot;NegotiateCredentialFactory&quot;)
</ins><span class="cx">             raise error.LoginFailed('Authentication System Failure: %s(%s)' % (ex[0][0], ex[1][0],))
</span><span class="cx"> 
</span><span class="cx">         # Do the GSSAPI step and get response and username
</span><span class="cx">         try:
</span><span class="cx">             kerberos.authGSSServerStep(context, base64data);
</span><span class="cx">         except kerberos.GSSError, ex:
</span><del>-            logging.err(&quot;authGSSServerStep: %s&quot; % (ex[0][0], ex[1][0],), system=&quot;NegotiateCredentialFactory&quot;)
</del><ins>+            logging.err(&quot;authGSSServerStep: %s(%s)&quot; % (ex[0][0], ex[1][0],), system=&quot;NegotiateCredentialFactory&quot;)
</ins><span class="cx">             kerberos.authGSSServerClean(context)
</span><span class="cx">             raise error.UnauthorizedLogin('Bad credentials: %s(%s)' % (ex[0][0], ex[1][0],))
</span><span class="cx">         except kerberos.KrbError, ex:
</span></span></pre></div>
<a id="CalendarServertrunktwistedcaldavtesttest_kerberospy"></a>
<div class="addfile"><h4>Added: CalendarServer/trunk/twistedcaldav/test/test_kerberos.py (0 => 1247)</h4>
<pre class="diff"><span>
<span class="info">--- CalendarServer/trunk/twistedcaldav/test/test_kerberos.py                                (rev 0)
+++ CalendarServer/trunk/twistedcaldav/test/test_kerberos.py        2007-02-23 04:18:05 UTC (rev 1247)
</span><span class="lines">@@ -0,0 +1,63 @@
</span><ins>+##
+# Copyright (c) 2005-2007 Apple Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# DRI: Cyrus Daboo, cdaboo@apple.com
+##
+from twisted.cred.error import LoginFailed
+
+from twisted.cred.error import UnauthorizedLogin
+from twisted.web2.test.test_server import SimpleRequest
+
+from twistedcaldav import authkerb
+import twistedcaldav.test.util
+
+&quot;&quot;&quot;
+We can't test kerberos for real without actually having a working Kerberos infrastructure
+which we are not guaranteed to have for the test.
+&quot;&quot;&quot;
+
+class KerberosTests(twistedcaldav.test.util.TestCase):
+
+    def test_BasicKerberosCredentials(self):
+        authkerb.BasicKerberosCredentials(&quot;test&quot;, &quot;test&quot;, &quot;http/example.com@EXAMPLE.COM&quot;, &quot;EXAMPLE.COM&quot;)
+
+    def test_BasicKerberosCredentialFactory(self):
+        factory = authkerb.BasicKerberosCredentialFactory(&quot;http/example.com@EXAMPLE.COM&quot;, &quot;EXAMPLE.COM&quot;)
+
+        challenge = factory.getChallenge(&quot;peer&quot;)
+        expected_challenge = {'realm': &quot;EXAMPLE.COM&quot;}
+        self.assertTrue(challenge == expected_challenge,
+                        msg=&quot;BasicKerberosCredentialFactory challenge %s != %s&quot; % (challenge, expected_challenge))
+
+    def test_NegotiateCredentials(self):
+        authkerb.NegotiateCredentials(&quot;test&quot;)
+
+    def test_NegotiateCredentialFactory(self):
+        factory = authkerb.NegotiateCredentialFactory(&quot;http/example.com@EXAMPLE.COM&quot;, &quot;EXAMPLE.COM&quot;)
+
+        challenge = factory.getChallenge(&quot;peer&quot;)
+        expected_challenge = {}
+        self.assertTrue(challenge == expected_challenge,
+                        msg=&quot;NegotiateCredentialFactory challenge %s != %s&quot; % (challenge, expected_challenge))
+
+        request = SimpleRequest(self.site, &quot;GET&quot;, &quot;/&quot;)
+        try:
+            factory.decode(&quot;Bogus Data&quot;.encode(&quot;base64&quot;), request)
+        except (UnauthorizedLogin, LoginFailed):
+            pass
+        except Exception, ex:
+            self.fail(msg=&quot;NegotiateCredentialFactory decode failed with exception: %s&quot; % (ex,))
+        else:
+            self.fail(msg=&quot;NegotiateCredentialFactory decode did not fail&quot;)
</ins></span></pre>
</div>
</div>

</body>
</html>