summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoseph Sutton <josephsutton@catalyst.net.nz>2022-10-26 14:29:54 +1300
committerStefan Metzmacher <metze@samba.org>2022-12-14 00:48:48 +0100
commit92763515d9f0bb8ed56c721d752db1fb7a268407 (patch)
tree076796bb7fd12b5cc7c306e0b52f687479b1aa3d
parentb4be18abf9b9f7ee3361a8a2841f8e700440ce42 (diff)
downloadsamba-92763515d9f0bb8ed56c721d752db1fb7a268407.tar.gz
CVE-2022-37966 tests/krb5: Add 'etypes' parameter to _tgs_req()
This lets us select the encryption types we claim to support in the request body. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (similar to commit e0a91dddc4a6c70d7425c2c6836dcf2dd6d9a2de) [jsutton@samba.org Adapted to 4.17 version of function taking different parameters]
Diffstat
-rwxr-xr-xpython/samba/tests/krb5/kdc_tgs_tests.py4
1 files changed, 3 insertions, 1 deletions
diff --git a/python/samba/tests/krb5/kdc_tgs_tests.py b/python/samba/tests/krb5/kdc_tgs_tests.py
index 91d0bb575b0..4e26a011669 100755
--- a/python/samba/tests/krb5/kdc_tgs_tests.py
+++ b/python/samba/tests/krb5/kdc_tgs_tests.py
@@ -69,6 +69,7 @@ class KdcTgsBaseTests(KDCBaseTest):
srealm=None,
use_fast=False,
expect_claims=True,
+ etypes=None,
expect_pac=True,
expect_pac_attrs=None,
expect_pac_attrs_pac_request=None,
@@ -134,7 +135,8 @@ class KdcTgsBaseTests(KDCBaseTest):
pac_options = None
- etypes = (AES256_CTS_HMAC_SHA1_96, ARCFOUR_HMAC_MD5)
+ if etypes is None:
+ etypes = (AES256_CTS_HMAC_SHA1_96, ARCFOUR_HMAC_MD5)
if expected_error:
check_error_fn = self.generic_check_kdc_error
View Lorry Controller Status