private static void AssertCacheFile(Krb5TicketCache cache)
{
var ticket = cache.GetCacheItem <KerberosClientCacheEntry>("krbtgt/IPA.IDENTITYINTERVENTION.COM");
Assert.IsNotNull(ticket.KdcResponse.Ticket);
Assert.AreEqual("*****@*****.**", ticket.KdcResponse.Ticket.SName.FullyQualifiedName);
}
public void ParseFile()
{
using (var cache = new Krb5TicketCache(FilePath))
{
Assert.IsNotNull(cache);
AssertCacheFile(cache);
}
}
public void ParseFromBytes()
{
var cacheBytes = ReadDataFile("cache\\krb5cc");
using (var cache = new Krb5TicketCache(cacheBytes))
{
Assert.IsNotNull(cacheBytes);
AssertCacheFile(cache);
}
}
public void CanConcurrentlyReadCacheFile()
{
Parallel.For(0, 1000, _ =>
{
using (var cache = new Krb5TicketCache(FilePath))
{
var item = cache.GetCacheItem("krbtgt/IPA.IDENTITYINTERVENTION.COM");
Assert.IsNotNull(item);
}
});
}
public void ParseFileRoundTrip()
{
var tmp = Path.GetTempFileName();
var cache = new Krb5TicketCache(tmp);
try
{
Assert.IsNotNull(cache);
cache.Add(new TicketCacheEntry
{
Key = "krbtgt/bar.com",
Value = new KerberosClientCacheEntry
{
KdcResponse = new KrbAsRep
{
CName = KrbPrincipalName.FromString("*****@*****.**"),
CRealm = "bar.com",
Ticket = new KrbTicket
{
Realm = "bar.com",
SName = KrbPrincipalName.FromString("krbtgt/bar.com"),
EncryptedPart = new KrbEncryptedData
{
EType = EncryptionType.AES128_CTS_HMAC_SHA1_96,
Cipher = Array.Empty <byte>()
}
}
},
SessionKey = KrbEncryptionKey.Generate(EncryptionType.AES128_CTS_HMAC_SHA1_96),
SName = KrbPrincipalName.FromString("krbtgt/bar.com")
}
});
using (var secondCache = new Krb5TicketCache(tmp))
{
var entry = secondCache.GetCacheItem <KerberosClientCacheEntry>("krbtgt/bar.com");
Assert.IsNotNull(entry.KdcResponse);
Assert.AreEqual("bar.com", entry.KdcResponse.CRealm);
Assert.AreEqual("*****@*****.**", entry.KdcResponse.CName.FullyQualifiedName);
}
}
finally
{
cache.Dispose();
if (File.Exists(tmp))
{
File.Delete(tmp);
}
}
}
private void ListTickets(string cache)
{
TicketCacheBase.TryParseCacheType(cache, out _, out string path);
var ticketCache = new Krb5TicketCache(path);
var tickets = ticketCache.Krb5Cache.Credentials.ToArray();
this.IO.Writer.WriteLine("{0}: {1}", SR.Resource("CommandLine_KList_Count"), tickets.Length);
this.IO.Writer.WriteLine();
for (var i = 0; i < tickets.Length; i++)
{
var ticket = tickets[i];
KrbTicket decodedTicket = TryParseTicket(ticket.Ticket);
var properties = new List <(string, string)>
{
("CommandLine_KList_Client", $"{ticket.Client.FullyQualifiedName} @ {ticket.Client.Realm}"),
("CommandLine_KList_Server", $"{ticket.Server.FullyQualifiedName} @ {ticket.Server.Realm}"),
("CommandLine_KList_TicketEType", $"{decodedTicket?.EncryptedPart?.EType.ToString()}"),
("CommandLine_KList_Flags", ticket.Flags.ToString()),
("CommandLine_KList_Start", ticket.AuthTime.ToLocalTime().ToString(CultureInfo.CurrentCulture)),
("CommandLine_KList_End", ticket.EndTime.ToLocalTime().ToString(CultureInfo.CurrentCulture)),
("CommandLine_KList_RenewTime", ticket.RenewTill.ToLocalTime().ToString(CultureInfo.CurrentCulture))
};
var ticketEntryNumber = string.Format("#{0}>", i);
var max = properties.Max(p => p.Item1.Length);
bool first = true;
foreach (var prop in properties)
{
var key = string.Format("{0}: ", SR.Resource(prop.Item1)).PadLeft(max - 1).PadRight(max);
if (first)
{
key = ticketEntryNumber + key.Substring(ticketEntryNumber.Length);
first = false;
}
this.IO.Writer.Write(key);
this.IO.Writer.WriteLine(prop.Item2);
}
this.IO.Writer.WriteLine();
}
}
public void ParseRoundTrip()
{
using (var cache = new Krb5TicketCache(FilePath))
{
Assert.IsNotNull(cache);
var serialized = cache.Serialize();
var originalBytes = ReadDataFile("cache\\krb5cc");
Assert.IsTrue(originalBytes.SequenceEqual(serialized));
}
}
public void ParseFileRoundTrip()
{
using (var tmp = new TemporaryFile())
using (var cache = new Krb5TicketCache(tmp.File))
{
Assert.IsNotNull(cache);
cache.Add(CreateCacheEntry());
using (var secondCache = new Krb5TicketCache(tmp.File))
{
var entry = secondCache.GetCacheItem <KerberosClientCacheEntry>("krbtgt/bar.com");
Assert.IsNotNull(entry.KdcResponse);
Assert.AreEqual("bar.com", entry.KdcResponse.CRealm);
Assert.AreEqual("*****@*****.**", entry.KdcResponse.CName.FullyQualifiedName);
}
}
}
public void CanConcurrentReadAndWriteCacheFile()
{
using (var tmp = new TemporaryFile())
{
Parallel.For(0, 1000, i =>
{
using (var cache = new Krb5TicketCache(tmp.File))
{
var key = $"krbtgt/IPA-{i}.IDENTITYINTERVENTION.COM";
cache.Add(CreateCacheEntry(key));
var item = cache.GetCacheItem(key);
Assert.IsNotNull(item);
}
});
}
}
public void Version3Roundtrips()
{
var key = $"krbtgt/IPA.IDENTITYINTERVENTION.COM";
using (var tmp = new TemporaryFile())
{
using (var cache = new Krb5TicketCache(tmp.File)
{
Version = 3
})
{
cache.Add(CreateCacheEntry(key));
}
using (var cache = new Krb5TicketCache(tmp.File))
{
Assert.AreEqual(3, cache.Version);
var item = cache.GetCacheItem(key);
Assert.IsNotNull(item);
}
}
}
