diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-10-26 14:29:54 +1300 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2022-12-14 00:48:48 +0100 |
commit | 92763515d9f0bb8ed56c721d752db1fb7a268407 (patch) | |
tree | 076796bb7fd12b5cc7c306e0b52f687479b1aa3d | |
parent | b4be18abf9b9f7ee3361a8a2841f8e700440ce42 (diff) | |
download | samba-92763515d9f0bb8ed56c721d752db1fb7a268407.tar.gz |
CVE-2022-37966 tests/krb5: Add 'etypes' parameter to _tgs_req()
This lets us select the encryption types we claim to support in the
request body.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(similar to commit e0a91dddc4a6c70d7425c2c6836dcf2dd6d9a2de)
[jsutton@samba.org Adapted to 4.17 version of function taking different
parameters]
-rwxr-xr-x | python/samba/tests/krb5/kdc_tgs_tests.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/python/samba/tests/krb5/kdc_tgs_tests.py b/python/samba/tests/krb5/kdc_tgs_tests.py index 91d0bb575b0..4e26a011669 100755 --- a/python/samba/tests/krb5/kdc_tgs_tests.py +++ b/python/samba/tests/krb5/kdc_tgs_tests.py @@ -69,6 +69,7 @@ class KdcTgsBaseTests(KDCBaseTest): srealm=None, use_fast=False, expect_claims=True, + etypes=None, expect_pac=True, expect_pac_attrs=None, expect_pac_attrs_pac_request=None, @@ -134,7 +135,8 @@ class KdcTgsBaseTests(KDCBaseTest): pac_options = None - etypes = (AES256_CTS_HMAC_SHA1_96, ARCFOUR_HMAC_MD5) + if etypes is None: + etypes = (AES256_CTS_HMAC_SHA1_96, ARCFOUR_HMAC_MD5) if expected_error: check_error_fn = self.generic_check_kdc_error |