diff options
| author | Isaac Boukris <iboukris@gmail.com> | 2018-11-09 00:20:06 +0200 |
|---|---|---|
| committer | Joseph Sutton <jsutton@samba.org> | 2022-01-19 20:50:35 +0000 |
| commit | 7679d596c5f1c57e8c6316b64097dc36530ac70e (patch) | |
| tree | 7dbb1482cbae54a2db88e30d18cc65382af3211f | |
| parent | 0b9c8b9e12965b0ca2b38f673726c3e08733aeeb (diff) | |
| download | samba-7679d596c5f1c57e8c6316b64097dc36530ac70e.tar.gz | |
s4:torture: return ETYPE_INFO2 on PREAUTH_FAILED
This is an alternative to 978bc8681e74ffa17f96fd5d4355094c4a26691c
which got overriten by the upgrade merge.
One difference however, is that we don't return ENC_TIMESTAMP like
in PREAUTH_REQUIRED but only ETYPE_INFO2 same as Windows.
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
| -rw-r--r-- | source4/torture/krb5/kdc-heimdal.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/source4/torture/krb5/kdc-heimdal.c b/source4/torture/krb5/kdc-heimdal.c index 5a9a6713dde..dbc4960de19 100644 --- a/source4/torture/krb5/kdc-heimdal.c +++ b/source4/torture/krb5/kdc-heimdal.c @@ -161,7 +161,8 @@ static bool torture_check_krb5_error(struct torture_krb5_context *test_context, METHOD_DATA m; size_t len; int i; - bool found = false; + bool found_enc_ts = false; + bool found_etype_info2 = false; torture_assert(test_context->tctx, error.e_data != NULL, "No e-data returned"); @@ -174,27 +175,24 @@ static bool torture_check_krb5_error(struct torture_krb5_context *test_context, rc, 0, "Got invalid method data"); - /* - * NOTE: - * - * Windows (eg Server 1709) only returns a - * KRB5_PADATA_ETYPE_INFO2 in this situation. - * This test should be fixed but care needs to - * be taken not to reintroduce - * https://bugzilla.samba.org/show_bug.cgi?id=11539 - */ torture_assert(test_context->tctx, m.len > 0, "No PA_DATA given"); for (i = 0; i < m.len; i++) { if (m.val[i].padata_type == KRB5_PADATA_ENC_TIMESTAMP) { - found = true; - break; + found_enc_ts = true; + } + else if (m.val[i].padata_type == KRB5_PADATA_ETYPE_INFO2) { + found_etype_info2 = true; } } torture_assert(test_context->tctx, - found, - "Encrypted timestamp not found"); + found_etype_info2, + "PADATA_ETYPE_INFO2 not found"); + if (expected_error != KRB5KDC_ERR_PREAUTH_FAILED) + torture_assert(test_context->tctx, + found_enc_ts, + "Encrypted timestamp not found"); } free_KRB_ERROR(&error); |