diff options
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2021-12-10 13:17:53 +1300 |
|---|---|---|
| committer | Joseph Sutton <jsutton@samba.org> | 2022-01-19 20:50:35 +0000 |
| commit | 9eead4853e26c1f589c4ef69469c199ff6670060 (patch) | |
| tree | 2cc124b8963d5fc7cabd17d559de828af2debfe6 | |
| parent | b59687a762fec30f9954282f3b587f24903d710d (diff) | |
| download | samba-9eead4853e26c1f589c4ef69469c199ff6670060.tar.gz | |
s4:torture: Fix Orpheus' Lyre tests
The enc-pa-rep request protection allows these tests to now pass as
expected.
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
| -rw-r--r-- | source4/torture/krb5/kdc-heimdal.c | 25 |
1 files changed, 6 insertions, 19 deletions
diff --git a/source4/torture/krb5/kdc-heimdal.c b/source4/torture/krb5/kdc-heimdal.c index dbc4960de19..b1bbac94ccf 100644 --- a/source4/torture/krb5/kdc-heimdal.c +++ b/source4/torture/krb5/kdc-heimdal.c @@ -748,7 +748,6 @@ static bool torture_krb5_as_req_creds(struct torture_context *tctx, const char *expected_principal_string; krb5_get_init_creds_opt *krb_options = NULL; const char *realm; - const char *krb5_service = torture_setting_string(tctx, "krb5-service", "host"); const char *krb5_hostname = torture_setting_string(tctx, "krb5-hostname", ""); @@ -909,6 +908,12 @@ static bool torture_krb5_as_req_creds(struct torture_context *tctx, { char *got_principal_string; char *assertion_message; + + if (krb5_hostname[0] != '\0') { + torture_assert_int_equal(tctx, k5ret, KRB5KRB_AP_ERR_BAD_INTEGRITY, "krb5_get_init_creds_password should have failed"); + return true; + } + torture_assert_int_equal(tctx, k5ret, 0, "krb5_get_init_creds_password failed"); torture_assert_int_equal(tctx, @@ -933,24 +938,6 @@ static bool torture_krb5_as_req_creds(struct torture_context *tctx, principal), assertion_message); - if (krb5_hostname[0] == '\0') { - break; - } - - torture_assert_str_equal(tctx, - my_creds.server->name.name_string.val[0], - krb5_service, - "Mismatch in name[0] between AS_REP and expected response"); - torture_assert_str_equal(tctx, - my_creds.server->name.name_string.val[1], - krb5_hostname, - "Mismatch in name[1] between AS_REP and expected response"); - - torture_assert_str_equal(tctx, - my_creds.server->realm, - realm, - "Mismatch in server realm in AS_REP, expected krbtgt/REALM@REALM"); - break; } } |