diff options
author | Greg Hudson <ghudson@mit.edu> | 2019-06-19 00:57:30 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2019-12-09 17:02:52 -0500 |
commit | af11dd8b8755ed31f3d24d48ae50a637678ca36c (patch) | |
tree | 4ec248f427479d410c7e27b0d4543f6005f57a7d | |
parent | a0a13c7d8e601cc950422a8dcc898a812122946b (diff) | |
download | krb5-af11dd8b8755ed31f3d24d48ae50a637678ca36c.zip krb5-af11dd8b8755ed31f3d24d48ae50a637678ca36c.tar.gz krb5-af11dd8b8755ed31f3d24d48ae50a637678ca36c.tar.bz2 |
Convert OTP and kdcproxy tests to Python 3
Commit e23d24beacb73581bbf4351250f3955e6fd44361 did not convert
t_otp.py or paste-kdcproxy.py. Convert t_otp.py to Python3. Rewrite
paste-kdcproxy.py using wsgiref from the standard Python library to
avoid the Paste dependency.
(cherry picked from commit 56be947ac4469d9d79b2e451311278f5bcdb2063)
ticket: 8818
version_fixed: 1.17.1
-rwxr-xr-x | src/tests/t_otp.py | 24 | ||||
-rwxr-xr-x | src/tests/t_proxy.py | 6 | ||||
-rwxr-xr-x | src/util/paste-kdcproxy.py | 17 | ||||
-rwxr-xr-x | src/util/wsgiref-kdcproxy.py | 19 |
4 files changed, 33 insertions, 33 deletions
diff --git a/src/tests/t_otp.py b/src/tests/t_otp.py index 0160fcd..7406541 100755 --- a/src/tests/t_otp.py +++ b/src/tests/t_otp.py @@ -30,7 +30,7 @@ from k5test import * from queue import Empty -from io import StringIO +import io import struct try: @@ -52,7 +52,7 @@ ATTRIBUTE NAS-Identifier 32 string class RadiusDaemon(Process): MAX_PACKET_SIZE = 4096 - DICTIONARY = dictionary.Dictionary(StringIO.StringIO(radius_attributes)) + DICTIONARY = dictionary.Dictionary(io.StringIO(radius_attributes)) def listen(self, addr): raise NotImplementedError() @@ -62,13 +62,15 @@ class RadiusDaemon(Process): def run(self): addr = self._args[0] - secr = self._args[1] + secrfile = self._args[1] pswd = self._args[2] outq = self._args[3] - if secr: - with open(secr) as file: + if secrfile: + with open(secrfile, 'rb') as file: secr = file.read().strip() + else: + secr = b'' data = self.listen(addr) outq.put("started") @@ -81,7 +83,7 @@ class RadiusDaemon(Process): passwd = [] for key in pkt.keys(): if key == 'User-Password': - passwd = map(pkt.PwDecrypt, pkt[key]) + passwd = list(map(pkt.PwDecrypt, pkt[key])) elif key == 'User-Name': usernm = pkt[key] @@ -126,7 +128,7 @@ class UnixRadiusDaemon(RadiusDaemon): sock.close() os.remove(addr) - buf = "" + buf = b'' remain = RadiusDaemon.MAX_PACKET_SIZE while True: buf += conn.recv(remain) @@ -226,13 +228,13 @@ realm.run(['./adata', realm.krbtgt_princ], # https://github.com/wichert/pyrad/pull/18 try: auth = packet.Packet.CreateAuthenticator() - packet.Packet(authenticator=auth, secret="").ReplyPacket() + packet.Packet(authenticator=auth, secret=b'').ReplyPacket() except AssertionError: skip_rest('OTP UNIX domain socket tests', 'pyrad assertion bug detected') ## Test Unix fail / custom username mark('Unix socket fail / custom username') -daemon = UnixRadiusDaemon(args=(socket_file, '', 'accept', queue)) +daemon = UnixRadiusDaemon(args=(socket_file, None, 'accept', queue)) daemon.start() queue.get() realm.run([kadminl, 'setstr', realm.user_princ, 'otp', @@ -242,7 +244,7 @@ verify(daemon, queue, False, 'custom', 'reject') ## Test Unix success / standard username mark('Unix socket success / standard username') -daemon = UnixRadiusDaemon(args=(socket_file, '', 'accept', queue)) +daemon = UnixRadiusDaemon(args=(socket_file, None, 'accept', queue)) daemon.start() queue.get() realm.run([kadminl, 'setstr', realm.user_princ, 'otp', otpconfig('unix')]) @@ -254,7 +256,7 @@ verify(daemon, queue, True, realm.user_princ, 'accept') ## accepting. With the bug, the KDC incorrectly rejects the request ## and then performs invalid memory accesses, most likely crashing. daemon1 = UDPRadiusDaemon(args=(server_addr, secret_file, 'accept1', queue)) -daemon2 = UnixRadiusDaemon(args=(socket_file, '', 'accept2', queue)) +daemon2 = UnixRadiusDaemon(args=(socket_file, None, 'accept2', queue)) daemon1.start() queue.get() daemon2.start() diff --git a/src/tests/t_proxy.py b/src/tests/t_proxy.py index ef855dd..3069eaa 100755 --- a/src/tests/t_proxy.py +++ b/src/tests/t_proxy.py @@ -4,10 +4,6 @@ from k5test import * if runenv.tls_impl == 'no': skip_rest('HTTP proxy tests', 'TLS build support not enabled') try: - from paste import httpserver -except: - skip_rest('HTTP proxy tests', 'Python paste module not found') -try: import kdcproxy except: skip_rest('HTTP proxy tests', 'Python kdcproxy module not found') @@ -54,7 +50,7 @@ kpasswd_input = (password('user') + '\n' + password('user') + '\n' + def start_proxy(realm, keycertpem): proxy_conf_path = os.path.join(realm.testdir, 'kdcproxy.conf') - proxy_exec_path = os.path.join(srctop, 'util', 'paste-kdcproxy.py') + proxy_exec_path = os.path.join(srctop, 'util', 'wsgiref-kdcproxy.py') conf = open(proxy_conf_path, 'w') conf.write('[%s]\n' % realm.realm) conf.write('kerberos = kerberos://localhost:%d\n' % realm.portbase) diff --git a/src/util/paste-kdcproxy.py b/src/util/paste-kdcproxy.py deleted file mode 100755 index 30467fd..0000000 --- a/src/util/paste-kdcproxy.py +++ /dev/null @@ -1,17 +0,0 @@ -import kdcproxy -from paste import httpserver -import os -import sys - -if len(sys.argv) > 1: - port = sys.argv[1] -else: - port = 8443 -if len(sys.argv) > 2: - pem = sys.argv[2] -else: - pem = '*' -server = httpserver.serve(kdcproxy.Application(), port=port, ssl_pem=pem, - start_loop=False) -os.write(sys.stdout.fileno(), 'proxy server ready\n') -server.serve_forever() diff --git a/src/util/wsgiref-kdcproxy.py b/src/util/wsgiref-kdcproxy.py new file mode 100755 index 0000000..5875969 --- /dev/null +++ b/src/util/wsgiref-kdcproxy.py @@ -0,0 +1,19 @@ +import kdcproxy +import os +import ssl +import sys +from wsgiref.simple_server import make_server + +if len(sys.argv) > 1: + port = int(sys.argv[1]) +else: + port = 8443 +if len(sys.argv) > 2: + pem = sys.argv[2] +else: + pem = '*' + +server = make_server('localhost', port, kdcproxy.Application()) +server.socket = ssl.wrap_socket(server.socket, certfile=pem, server_side=True) +os.write(sys.stdout.fileno(), b'proxy server ready\n') +server.serve_forever() |