1from k5test import * 2 3conf = {'plugins': {'audit': { 4 'module': 'test:$plugins/audit/test/k5audit_test.so'}}} 5 6realm = K5Realm(krb5_conf=conf, get_creds=False) 7realm.addprinc('target') 8realm.run([kadminl, 'modprinc', '+ok_to_auth_as_delegate', realm.host_princ]) 9 10# Make normal AS and TGS requests so they will be audited. 11realm.kinit(realm.host_princ, flags=['-k', '-f']) 12realm.run([kvno, 'target']) 13 14# Make S4U2Self and S4U2Proxy requests so they will be audited. The 15# S4U2Proxy request is expected to fail. 16realm.run([kvno, '-k', realm.keytab, '-U', 'user', '-P', 'target'], 17 expected_code=1, expected_msg='KDC can\'t fulfill requested option') 18 19# Make a U2U request so it will be audited. 20uuserver = os.path.join(buildtop, 'appl', 'user_user', 'uuserver') 21uuclient = os.path.join(buildtop, 'appl', 'user_user', 'uuclient') 22port_arg = str(realm.server_port()) 23realm.start_server([uuserver, port_arg], 'Server started') 24realm.run([uuclient, hostname, 'testing message', port_arg], 25 expected_msg='Hello') 26 27success('Audit tests') 28