diff options
| author | Isaac Boukris <iboukris@gmail.com> | 2019-08-12 11:13:07 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2020-07-01 10:58:47 -0400 |
| commit | f2e28f13156785851819fc74cae52100e0521690 (patch) | |
| tree | acc393c390f5d28e009f43cc1165569eff0d0e65 /src/tests/gssapi/t_s4u.py | |
| parent | e362c356eafb49a9d90a4f20c6668682d4f50222 (diff) | |
| download | krb5-f2e28f13156785851819fc74cae52100e0521690.zip krb5-f2e28f13156785851819fc74cae52100e0521690.tar.gz krb5-f2e28f13156785851819fc74cae52100e0521690.tar.bz2 | |
Add GSS_KRB5_NT_X509_CERT name type
If this name type is used for the desired_name parameter of
gss_acquire_cred_impersonate_name(), identify the S4U2Self user by
certificate. Co-authored with Purand Chand <pchand@vmware.com>.
[ghudson@mit.edu: added documentation; updated to use a boolean at the
GSS layer rather than a new krb5 name type; rewrote commit message]
ticket: 8923 (new)
Diffstat (limited to 'src/tests/gssapi/t_s4u.py')
| -rwxr-xr-x | src/tests/gssapi/t_s4u.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/tests/gssapi/t_s4u.py b/src/tests/gssapi/t_s4u.py index 8077d8c..67eba44 100755 --- a/src/tests/gssapi/t_s4u.py +++ b/src/tests/gssapi/t_s4u.py @@ -277,6 +277,16 @@ msgs = ('Getting initial credentials for enterprise\\@abc@SREALM', r1.run([kvno, '-U', 'enterprise@abc', '-F', cert_path, r1.user_princ], expected_trace=msgs) +shutil.copyfile(savefile, r1.ccache) + +mark('S4U2Self using X509 certificate (GSSAPI)') + +r1.run(['./t_s4u', 'c:other', '-', r1.keytab]) +r1.run(['./t_s4u', 'c:user@UREALM', '-', r1.keytab]) + +r1.run(['./t_s4u', '--spnego', 'c:other', '-', r1.keytab]) +r1.run(['./t_s4u', '--spnego', 'c:user@UREALM', '-', r1.keytab]) + r1.stop() r2.stop() |