diff --git a/kdcproxy/codec.py b/kdcproxy/codec.py index 8942f59..f7e346d 100644 --- a/kdcproxy/codec.py +++ b/kdcproxy/codec.py @@ -19,36 +19,11 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -import os import struct +from kdcproxy import parse_pyasn1 as asn1mod from kdcproxy.exceptions import ParsingError -ASN1MOD = os.environ.get('KDCPROXY_ASN1MOD') - -if ASN1MOD is None: - try: - from asn1crypto.version import __version_info__ as asn1crypto_version - except ImportError: - asn1crypto_version = None - else: - if asn1crypto_version >= (0, 22, 0): - ASN1MOD = 'asn1crypto' - if ASN1MOD is None: - try: - __import__('pyasn1') - except ImportError: - pass - else: - ASN1MOD = 'pyasn1' - -if ASN1MOD == 'asn1crypto': - from kdcproxy import parse_asn1crypto as asn1mod -elif ASN1MOD == 'pyasn1': - from kdcproxy import parse_pyasn1 as asn1mod -else: - raise ValueError("Invalid KDCPROXY_ASN1MOD='{}'".format(ASN1MOD)) - class ProxyRequest(object): TYPE = None diff --git a/kdcproxy/parse_asn1crypto.py b/kdcproxy/parse_asn1crypto.py deleted file mode 100644 index ac840d0..0000000 --- a/kdcproxy/parse_asn1crypto.py +++ /dev/null @@ -1,104 +0,0 @@ -# Copyright (C) 2017, Red Hat, Inc. -# All rights reserved. -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. - -from asn1crypto import core - -from kdcproxy.exceptions import ASN1ParsingError - - -APPLICATION = 1 - - -class KerberosString(core.GeneralString): - """KerberosString ::= GeneralString (IA5String) - - For compatibility, implementations MAY choose to accept GeneralString - values that contain characters other than those permitted by - IA5String... - """ - - -class Realm(KerberosString): - """Realm ::= KerberosString - """ - - -class ProxyMessage(core.Sequence): - pretty_name = 'KDC-PROXY-MESSAGE' - - _fields = [ - ('kerb-message', core.OctetString, { - 'explicit': 0}), - ('target-domain', Realm, { - 'explicit': 1, 'optional': True}), - ('dclocator-hint', core.Integer, { - 'explicit': 2, 'optional': True}), - ] - - -class ASREQ(core.Sequence): - pretty_name = 'AS-REQ' - - explicit = (APPLICATION, 10) - - -class TGSREQ(core.Sequence): - pretty_name = 'TGS-REQ' - - explicit = (APPLICATION, 12) - - -class APREQ(core.Sequence): - pretty_name = 'AP-REQ' - - explicit = (APPLICATION, 14) - - -class KRBPriv(core.Sequence): - pretty_name = 'KRBPRiv' - - explicit = (APPLICATION, 21) - - -def decode_proxymessage(data): - req = ProxyMessage.load(data, strict=True) - message = req['kerb-message'].native - realm = req['target-domain'].native - try: # Python 3.x - realm = str(realm, "utf-8") - except TypeError: # Python 2.x - realm = str(realm) - flags = req['dclocator-hint'].native - return message, realm, flags - - -def encode_proxymessage(data): - rep = ProxyMessage() - rep['kerb-message'] = data - return rep.dump() - - -def try_decode(data, cls): - try: - req = cls.load(data, strict=True) - except ValueError as e: - raise ASN1ParsingError(e) - return req.pretty_name diff --git a/setup.py b/setup.py index 6208c5a..cdb5962 100644 --- a/setup.py +++ b/setup.py @@ -24,7 +24,7 @@ from setuptools import setup install_requires = [ - 'asn1crypto>=0.23', + 'pyasn1', 'dnspython' ] diff --git a/tests.py b/tests.py index c2b1fc0..cd82781 100644 --- a/tests.py +++ b/tests.py @@ -20,7 +20,6 @@ # THE SOFTWARE. import os -import sys import unittest from base64 import b64decode try: @@ -226,21 +225,6 @@ def test_kpasswdreq(self): 'FREEIPA.LOCAL KPASSWD-REQ (603 bytes) (version 0x0001)' ) - def test_asn1mod(self): - modmap = { - 'asn1crypto': ( - 'kdcproxy.parse_asn1crypto', 'kdcproxy.parse_pyasn1'), - 'pyasn1': ( - 'kdcproxy.parse_pyasn1', 'kdcproxy.parse_asn1crypto'), - } - asn1mod = os.environ.get('KDCPROXY_ASN1MOD', None) - if asn1mod is None: - self.fail("Tests require KDCPROXY_ASN1MOD env var.") - self.assertIn(asn1mod, modmap) - mod, opposite = modmap[asn1mod] - self.assertIn(mod, set(sys.modules)) - self.assertNotIn(opposite, set(sys.modules)) - class KDCProxyConfigTests(unittest.TestCase): diff --git a/tox.ini b/tox.ini index cca456b..038d996 100644 --- a/tox.ini +++ b/tox.ini @@ -1,16 +1,11 @@ [tox] minversion = 2.3.1 -envlist = {py36,py37,py38,py39}-{asn1crypto,pyasn1},pep8,py3pep8,doc,coverage-report +envlist = py36,py37,py38,py39,pep8,py3pep8,doc,coverage-report skip_missing_interpreters = true [testenv] deps = .[tests] - pyasn1: pyasn1 - asn1crypto: asn1crypto>=0.23 -setenv = - asn1crypto: KDCPROXY_ASN1MOD=asn1crypto - pyasn1: KDCPROXY_ASN1MOD=pyasn1 commands = {envpython} -m coverage run --parallel \ -m pytest --capture=no --strict {posargs}