1from k5test import * 2 3if not which('systemd-socket-activate'): 4 skip_rest('socket activation tests', 'systemd-socket-activate not found') 5 6# Configure listeners for two UNIX domain sockets and two ports. 7kdc_conf = {'realms': {'$realm': { 8 'kdc_listen': '$testdir/sock1 $testdir/sock2', 9 'kdc_tcp_listen': '$port7 $port8'}}} 10realm = K5Realm(kdc_conf=kdc_conf, start_kdc=False) 11 12# Create socket activation fds for just one of the UNIX domain sockets 13# and one of the ports. 14realm.start_server(['./t_sockact', os.path.join(realm.testdir, 'sock1'), 15 str(realm.portbase + 8), '--', krb5kdc, '-n'], 16 'starting...') 17 18mark('UNIX socket 1') 19cconf1 = {'realms': {'$realm': {'kdc': '$testdir/sock1'}}} 20env1 = realm.special_env('sock1', False, krb5_conf=cconf1) 21realm.kinit(realm.user_princ, password('user'), env=env1) 22 23mark('port8') 24cconf2 = {'realms': {'$realm': {'kdc': '$hostname:$port8'}}} 25env2 = realm.special_env('sock1', False, krb5_conf=cconf2) 26realm.kinit(realm.user_princ, password('user'), env=env2) 27 28# Test that configured listener addresses are ignored if they don't 29# match caller-provided sockets. 30 31mark('UNIX socket 2') 32cconf3 = {'realms': {'$realm': {'kdc': '$testdir/sock2'}}} 33env3 = realm.special_env('sock2', False, krb5_conf=cconf3) 34realm.kinit(realm.user_princ, password('user'), env=env3, expected_code=1, 35 expected_msg='Cannot contact any KDC') 36 37mark('port7') 38cconf4 = {'realms': {'$realm': {'kdc': '$hostname:$port7'}}} 39env4 = realm.special_env('sock1', False, krb5_conf=cconf4) 40realm.kinit(realm.user_princ, password('user'), env=env3, expected_code=1, 41 expected_msg='Cannot contact any KDC') 42 43success('systemd socket activation tests') 44