diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2021-08-27 13:00:37 +1200 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2021-09-08 12:32:11 +0000 |
commit | 83ba64c9106ff5bd53848c46a3f493045db868d4 (patch) | |
tree | 1202c41c73efdaf8207fb7de4d886fb5546b5fff /python | |
parent | 13cb266426646bdbb786aba734a95f25e1bfff2f (diff) | |
download | samba-83ba64c9106ff5bd53848c46a3f493045db868d4.tar.gz |
tests/krb5: Check PADATA-PW-SALT element in e-data
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14770
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14817
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1e4d757394a0bbda587d5ff91801f88539b712b1)
Diffstat (limited to 'python')
-rw-r--r-- | python/samba/tests/krb5/raw_testcase.py | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/python/samba/tests/krb5/raw_testcase.py b/python/samba/tests/krb5/raw_testcase.py index ba6d07ce465..4e7891ae89a 100644 --- a/python/samba/tests/krb5/raw_testcase.py +++ b/python/samba/tests/krb5/raw_testcase.py @@ -2328,6 +2328,7 @@ class RawKerberosTest(TestCaseInTempDir): fast_error = None fx_fast = None pac_options = None + pw_salt = None for pa in rep_padata: patype = self.getElementValue(pa, 'padata-type') pavalue = self.getElementValue(pa, 'padata-value') @@ -2380,6 +2381,11 @@ class RawKerberosTest(TestCaseInTempDir): pac_options = pavalue self.assertIsNotNone(pac_options) continue + if patype == PADATA_PW_SALT: + self.assertIsNone(pw_salt) + pw_salt = pavalue + self.assertIsNotNone(pw_salt) + continue if fast_cookie is not None: kdc_exchange_dict['fast_cookie'] = fast_cookie @@ -2395,6 +2401,14 @@ class RawKerberosTest(TestCaseInTempDir): if pac_options is not None: self.check_pac_options_claims_support(pac_options) + if pw_salt is not None: + self.assertEqual(12, len(pw_salt)) + + status = int.from_bytes(pw_salt[:4], 'little') + flags = int.from_bytes(pw_salt[8:], 'little') + + self.assertEqual(3, flags) + if enc_challenge is not None: if not sent_enc_challenge: self.assertEqual(len(enc_challenge), 0) |