Coverage for /private/tmp/im/impacket/impacket/krb5/types.py : 52%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
# Copyright (c) 2013, Marc Horowitz # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # # Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # # Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
data, substrate = decoder.decode(data, asn1Spec=asn1Spec) if substrate != b'': raise KerberosException("asn1 encoding invalid")
# A principal can be represented as:
"""The principal's value can be supplied as: * a single string * a sequence containing a sequence of component strings and a realm string * a sequence whose first n-1 elemeents are component strings and whose last component is the realm
If the value contains no realm, then default_realm will be used."""
value = value.encode('utf-8') value = value.decode('utf-8')
self.type = value.type self.components = value.components[:] self.realm = value.realm raise KerberosException("invalid principal syntax")
self.realm = unquote_component(m.group(3)) else:
unquote_component(qc) for qc in re.findall(r'(?:[^\\/]|\\.)+', m.group(1))] elif len(value) == 2: self.components = value[0] self.realm = value[-1] if isinstance(self.components, str): self.components = [self.components] elif len(value) >= 2: self.components = value[0:-1] self.realm = value[-1] else: raise KerberosException("invalid principal value")
if isinstance (other, str): other = Principal (other)
return (self.type == constants.PrincipalNameType.NT_UNKNOWN.value or other.type == constants.PrincipalNameType.NT_UNKNOWN.value or self.type == other.type) and all (map (lambda a, b: a == b, self.components, other.components)) and \ self.realm == other.realm
def quote_component(comp): return re.sub(r'([\\/@])', r'\\\1', comp)
ret = "/".join([quote_component(c) for c in self.components]) if self.realm is not None: ret += "@" + self.realm
return ret
return "Principal((" + repr(self.components) + ", " + \ repr(self.realm) + "), t=" + str(self.type) + ")"
name.getComponentByName('name-type')).value str(c) for c in name.getComponentByName('name-string')]
).getComponentByName('name-string')
self.type = None self.data = None
family = self.family
if family is not None: return str((family, self.address)) else: return str((self.type, self.value))
def family(self): if self.type == constants.AddressType.IPv4.value: return socket.AF_INET elif self.type == constants.AddressType.IPv4.value: return socket.AF_INET6 else: return None
def address(self): if self.type == constants.AddressType.IPv4.value: return socket.inet_pton(self.family, self.data) elif self.type == constants.AddressType.IPv4.value: return socket.inet_pton(self.family, self.data) else: return None
# ipv4-mapped ipv6 addresses must be encoded as ipv4. pass
self.kvno = False else:
# This is the kerberos version, not the service principal key # version number.
self.service_principal.components_to_asn1)
return "<Ticket for %s vno %s>" % (str(self.service_principal), str(self.encrypted_part.kvno))
def to_asn1(dt): # A KerberosTime is really just a string, so we can return a # string here, and the asn1 library will convert it correctly.
def from_asn1(data): data = str(data) year = int(data[0:4]) month = int(data[4:6]) day = int(data[6:8]) hour = int(data[8:10]) minute = int(data[10:12]) second = int(data[12:14]) if data[14] != 'Z': raise KerberosException("timezone in KerberosTime is not Z") return datetime.datetime(year, month, day, hour, minute, second)
# TODO marc: turn this into a real test print(Principal("marc")) print(Principal(("marc", None))) print(Principal((("marc",), None))) print(Principal("marc@ATHENA.MIT.EDU")) print(Principal("marc", default_realm="ATHENA.MIT.EDU")) print(Principal("marc@ATHENA.MIT.EDU", default_realm="EXAMPLE.COM")) print(Principal(("marc", "ATHENA.MIT.EDU"))) print(Principal((("marc"), "ATHENA.MIT.EDU"))) print(Principal("marc/root")) print(Principal(("marc", "root", "ATHENA.MIT.EDU"))) print(Principal((("marc", "root"), "ATHENA.MIT.EDU"))) print(Principal("marc\\/root")) |