xref: /freebsd/crypto/krb5/src/tests/t_tabdump.py (revision b670c9bafc0e31c7609969bf374b2e80bdc00211) 
1from k5test import *
2
3import csv
4from io import StringIO
5
6def tab_csv(s):
7    io = StringIO(s)
8    return list(csv.DictReader(io, dialect=csv.excel_tab))
9
10
11def getrows(dumptype):
12    out = realm.run([kdb5_util, 'tabdump', dumptype])
13    return tab_csv(out)
14
15
16def checkkeys(rows, dumptype, names):
17    if sorted(rows[0].keys()) != sorted(names):
18        fail('tabdump %s field names' % dumptype)
19
20
21realm = K5Realm(start_kdc=False, get_creds=False)
22
23
24rows = getrows('keyinfo')
25checkkeys(rows, 'keyinfo',
26          ["name", "keyindex", "kvno", "enctype", "salttype", "salt"])
27
28userrows = [x for x in rows if x['name'].startswith('user@')]
29userrows.sort(key=lambda x: x['keyindex'])
30
31if (userrows[0]['enctype'] != 'aes256-cts-hmac-sha1-96' or
32    userrows[1]['enctype'] != 'aes128-cts-hmac-sha1-96'):
33    fail('tabdump keyinfo enctypes')
34
35success('tabdump keyinfo')
36
37
38rows = getrows('keydata')
39checkkeys(rows, 'keydata',
40          ["name", "keyindex", "kvno", "enctype", "key", "salttype", "salt"])
41
42
43rows = getrows('princ_flags')
44checkkeys(rows, 'princ_flags', ["name", "flag", "value"])
45
46
47rows = getrows('princ_lockout')
48checkkeys(rows, 'princ_lockout', ["name", "last_success", "last_failed",
49                                  "fail_count"])
50
51
52realm.run([kadminl, 'addpol', '-history', '3', 'testpol'])
53realm.run([kadminl, 'modprinc', '-policy', 'testpol', 'user'])
54
55rows = getrows('princ_meta')
56checkkeys(rows, 'princ_meta', ["name", "modby", "modtime", "lastpwd",
57                               "policy", "mkvno", "hist_kvno"])
58
59userrows = [x for x in rows if x['name'].startswith('user@')]
60
61if userrows[0]['policy'] != 'testpol':
62    fail('tabdump princ_meta policy name')
63
64
65realm.run([kadminl, 'set_string', 'user', 'foo', 'bar'])
66
67rows = getrows('princ_stringattrs')
68checkkeys(rows, 'princ_stringattrs', ["name", "key", "value"])
69
70userrows = [x for x in rows if x['name'].startswith('user@')]
71if (len(userrows) != 1 or userrows[0]['key'] != 'foo' or
72    userrows[0]['value'] != 'bar'):
73    fail('tabdump princ_stringattrs key/value')
74
75
76rows = getrows('princ_tktpolicy')
77checkkeys(rows, 'princ_tktpolicy', ["name", "expiration", "pw_expiration",
78                                    "max_life", "max_renew_life"])
79
80success('tabdump')
81