sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Code

tests/dcerpc/raw_protocol: add tests for max auth_padding, auth_len or auth_offset

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Stefan Metzmacher 2020-11-11 01:19:23 +01:00 committed by Andreas Schneider
parent 7b5c3f9b1f
commit 0da9e4d743
2 changed files with 556 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

537
python/samba/tests/dcerpc/raw_protocol.py
View File

@ -33,6 +33,7 @@ import samba.dcerpc.lsa
import struct import struct
from samba import gensec from samba import gensec
from samba.tests.dcerpc.raw_testcase import RawDCERPCTest from samba.tests.dcerpc.raw_testcase import RawDCERPCTest
from samba.tests import DynamicTestCase
from samba.ntstatus import ( from samba.ntstatus import (
NT_STATUS_SUCCESS NT_STATUS_SUCCESS
) )
@ -41,6 +42,7 @@ global_ndr_print = False
global_hexdump = False global_hexdump = False
@DynamicTestCase
class TestDCERPC_BIND(RawDCERPCTest): class TestDCERPC_BIND(RawDCERPCTest):
def setUp(self): def setUp(self):
@ -48,6 +50,11 @@ class TestDCERPC_BIND(RawDCERPCTest):
self.do_ndr_print = global_ndr_print self.do_ndr_print = global_ndr_print
self.do_hexdump = global_hexdump self.do_hexdump = global_hexdump
@classmethod
def setUpDynamicTestCases(cls):
cls._setup_auth_pad_ignored()
return
def _test_no_auth_request_bind_pfc_flags(self, req_pfc_flags, rep_pfc_flags): def _test_no_auth_request_bind_pfc_flags(self, req_pfc_flags, rep_pfc_flags):
ndr32 = base.transfer_syntax_ndr() ndr32 = base.transfer_syntax_ndr()
@ -5188,6 +5195,536 @@ class TestDCERPC_BIND(RawDCERPCTest):
self.assertIsNone(rep) self.assertIsNone(rep)
self.assertNotConnected() self.assertNotConnected()
def _prepare_pdu_auth_padding(self, req, before=b"", behind=b"", max_xmit_frag=None):
if max_xmit_frag is None:
max_xmit_frag = self.max_xmit_frag
max_pad_length = max_xmit_frag - req.frag_length
total_pad_length = len(before) + len(behind)
self.assertLessEqual(total_pad_length, max_pad_length)
req_pdu_tmp = self.prepare_pdu(req)
auth_length = dcerpc.DCERPC_AUTH_TRAILER_LENGTH + req.auth_length
auth_offset = req.frag_length - auth_length
auth_length = dcerpc.DCERPC_AUTH_TRAILER_LENGTH + req.auth_length + len(behind)
new_len_fields = struct.pack('<HH',
req.frag_length + total_pad_length,
req.auth_length + len(behind))
auth_blob = req_pdu_tmp[auth_offset:]
req_pdu = req_pdu_tmp[0:dcerpc.DCERPC_FRAG_LEN_OFFSET]
req_pdu += new_len_fields
req_pdu += req_pdu_tmp[dcerpc.DCERPC_AUTH_LEN_OFFSET+2:auth_offset]
req_pdu += before
req_pdu += auth_blob
req_pdu += behind
return req_pdu
def _add_auth_padding(self, req,
mid_padding=False,
tail_padding=False,
auth_offset_diff=0,
max_auth_length=0xffff,
max_xmit_frag=None):
if max_xmit_frag is None:
max_xmit_frag = self.max_xmit_frag
auth_length = dcerpc.DCERPC_AUTH_TRAILER_LENGTH + req.auth_length
auth_offset = req.frag_length - auth_length
max_padding = max_xmit_frag - req.frag_length
max_auth_offset = (max_xmit_frag - auth_length) & 0xfffC
before_len = max_auth_offset - auth_offset
if mid_padding and tail_padding:
behind_len = max_padding - before_len
elif mid_padding:
behind_len = 0
elif tail_padding:
before_len = 0
behind_len = max_padding
else:
before_len = 0
behind_len = 0
before_len += auth_offset_diff
self.assertGreaterEqual(before_len, 0)
if max_auth_length > req.auth_length:
max_behind_len = max_auth_length - req.auth_length
else:
max_behind_len = 0
if behind_len > max_behind_len:
behind_len = max_behind_len
req_pdu = self._prepare_pdu_auth_padding(req,
before=b'\xfb' * before_len,
behind=b'\xfa' * behind_len,
max_xmit_frag=max_xmit_frag)
return req_pdu
def _get_pdu_auth_len(self, req_pdu):
al = req_pdu[dcerpc.DCERPC_AUTH_LEN_OFFSET:dcerpc.DCERPC_AUTH_LEN_OFFSET+2]
l = struct.unpack('<H', al)
return l[0]
def _test_auth_pad_raw(self,
auth_type=None,
dcerpc_creds=None,
use_auth3=None,
use_smb=None,
transport_creds=None,
bind_mid_padding=False,
bind_tail_padding=False,
bind_auth_offset_diff=0,
bind_max_auth_length=0xffff,
third_mid_padding=False,
third_tail_padding=False,
third_auth_offset_diff=0,
third_max_auth_length=0xffff):
if dcerpc_creds is None:
dcerpc_creds = self.get_anon_creds()
if transport_creds is None:
transport_creds = self.get_anon_creds()
if use_smb:
self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
secondary_address='\\pipe\\lsass',
transport_creds=transport_creds)
ndr32 = base.transfer_syntax_ndr()
tsf1_list = [ndr32]
ctx1 = dcerpc.ctx_list()
ctx1.context_id = 1
ctx1.num_transfer_syntaxes = len(tsf1_list)
ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
ctx1.transfer_syntaxes = tsf1_list
ctx_list = [ctx1]
bind_nak_reason = None
third_fault_status = None
third_fault_flags = 0
first_req_fault_status = None
first_req_fault_flags = 0
max_auth_length = 0xffff
if auth_type == dcerpc.DCERPC_AUTH_TYPE_KRB5:
expect_3legs = True
elif auth_type == dcerpc.DCERPC_AUTH_TYPE_NTLMSSP:
expect_3legs = True
max_auth_length = 2888
elif auth_type == dcerpc.DCERPC_AUTH_TYPE_SPNEGO:
expect_3legs = False
if third_mid_padding and third_tail_padding:
if not use_auth3:
third_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
else:
first_req_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
elif third_mid_padding:
if use_auth3:
first_req_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
elif third_tail_padding:
if not use_auth3:
third_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
else:
third_fault_status = dcerpc.DCERPC_NCA_S_PROTO_ERROR
third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
else:
expect_3legs = False
g = gensec.Security.start_client(self.settings)
g.set_credentials(dcerpc_creds)
g.want_feature(gensec.FEATURE_DCE_STYLE)
auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
auth_context_id = 2
g.start_mech_by_authtype(auth_type, auth_level)
from_server = b""
(finished, to_server) = g.update(from_server)
self.assertFalse(finished)
auth_info = self.generate_auth(auth_type=auth_type,
auth_level=auth_level,
auth_context_id=auth_context_id,
auth_blob=to_server)
req = self.generate_bind(call_id=1,
ctx_list=ctx_list,
auth_info=auth_info)
req_pdu = self._add_auth_padding(req,
mid_padding=bind_mid_padding,
tail_padding=bind_tail_padding,
auth_offset_diff=bind_auth_offset_diff,
max_auth_length=bind_max_auth_length,
max_xmit_frag=0xffff)
auth_length = self._get_pdu_auth_len(req_pdu)
if bind_auth_offset_diff != 0:
bind_nak_reason = dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED
elif auth_length > max_auth_length:
bind_nak_reason = dcerpc.DCERPC_BIND_NAK_REASON_INVALID_CHECKSUM
self.send_pdu_blob(req_pdu)
rep = self.recv_pdu()
if bind_nak_reason is not None:
self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
auth_length=0)
self.assertEqual(rep.u.reject_reason, bind_nak_reason)
self.assertEqual(rep.u.num_versions, 1)
self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
self.assertPadding(rep.u._pad, 3)
# wait for a disconnect
rep = self.recv_pdu()
self.assertIsNone(rep)
self.assertNotConnected()
return
self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
sda_str = self.secondary_address
sda_len = len(sda_str) + 1
mod_len = (2 + sda_len) % 4
if mod_len != 0:
sda_pad = 4 - mod_len
else:
sda_pad = 0
self.assertEqual(rep.u.secondary_address_size, sda_len)
self.assertEqual(rep.u.secondary_address, sda_str)
self.assertPadding(rep.u._pad1, sda_pad)
self.assertEqual(rep.u.num_results, 1)
self.assertEqual(rep.u.ctx_list[0].result,
dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
self.assertEqual(rep.u.ctx_list[0].reason,
dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
self.assertNotEqual(len(rep.u.auth_info), 0)
a = self.parse_auth(rep.u.auth_info)
from_server = a.credentials
(finished, to_server) = g.update(from_server)
auth_info = self.generate_auth(auth_type=auth_type,
auth_level=auth_level,
auth_context_id=auth_context_id,
auth_blob=to_server)
if expect_3legs:
self.assertTrue(finished)
else:
self.assertFalse(finished)
if not use_auth3:
req = self.generate_alter(call_id=2,
ctx_list=ctx_list,
assoc_group_id=rep.u.assoc_group_id,
auth_info=auth_info)
req_pdu = self._add_auth_padding(req,
mid_padding=third_mid_padding,
tail_padding=third_tail_padding,
auth_offset_diff=third_auth_offset_diff,
max_auth_length=third_max_auth_length,
max_xmit_frag=0xffff)
auth_length = self._get_pdu_auth_len(req_pdu)
if third_auth_offset_diff != 0:
third_fault_status = dcerpc.DCERPC_NCA_S_PROTO_ERROR
third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
if auth_length > max_auth_length:
third_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
self.send_pdu_blob(req_pdu)
rep = self.recv_pdu()
if third_fault_status is not None:
self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
pfc_flags=req.pfc_flags | third_fault_flags,
auth_length=0)
self.assertNotEqual(rep.u.alloc_hint, 0)
self.assertEqual(rep.u.context_id, 0)
self.assertEqual(rep.u.cancel_count, 0)
self.assertEqual(rep.u.flags, 0)
self.assertEqual(rep.u.status, third_fault_status)
self.assertEqual(rep.u.reserved, 0)
self.assertEqual(len(rep.u.error_and_verifier), 0)
# wait for a disconnect
rep = self.recv_pdu()
self.assertIsNone(rep)
self.assertNotConnected()
return
self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
pfc_flags=req.pfc_flags)
self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
self.assertEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
self.assertEqual(rep.u.secondary_address_size, 0)
self.assertEqual(rep.u.secondary_address, "")
self.assertPadding(rep.u._pad1, 2)
self.assertEqual(rep.u.num_results, 1)
self.assertEqual(rep.u.ctx_list[0].result,
dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
self.assertEqual(rep.u.ctx_list[0].reason,
dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
if finished:
self.assertEqual(rep.auth_length, 0)
else:
self.assertNotEqual(rep.auth_length, 0)
self.assertGreater(len(rep.u.auth_info), dcerpc.DCERPC_AUTH_TRAILER_LENGTH)
self.assertEqual(rep.auth_length, len(rep.u.auth_info) - dcerpc.DCERPC_AUTH_TRAILER_LENGTH)
else:
req = self.generate_auth3(call_id=2,
auth_info=auth_info)
req_pdu = self._add_auth_padding(req,
mid_padding=third_mid_padding,
tail_padding=third_tail_padding,
auth_offset_diff=third_auth_offset_diff,
max_auth_length=third_max_auth_length)
auth_length = self._get_pdu_auth_len(req_pdu)
if third_auth_offset_diff != 0:
third_fault_status = dcerpc.DCERPC_NCA_S_PROTO_ERROR
third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
elif not expect_3legs:
pass
elif auth_length > max_auth_length:
first_req_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
self.send_pdu_blob(req_pdu)
if third_fault_status is not None:
rep = self.recv_pdu()
self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
pfc_flags=req.pfc_flags | third_fault_flags,
auth_length=0)
self.assertNotEqual(rep.u.alloc_hint, 0)
self.assertEqual(rep.u.context_id, 0)
self.assertEqual(rep.u.cancel_count, 0)
self.assertEqual(rep.u.flags, 0)
self.assertEqual(rep.u.status, third_fault_status)
self.assertEqual(rep.u.reserved, 0)
self.assertEqual(len(rep.u.error_and_verifier), 0)
# wait for a disconnect
rep = self.recv_pdu()
self.assertIsNone(rep)
self.assertNotConnected()
return
if self.transport_impersonation is None:
rep = self.recv_pdu(timeout=0.01)
self.assertIsNone(rep)
self.assertIsConnected()
# And now try a request without auth_info
req = self.generate_request(call_id=3,
context_id=ctx1.context_id,
opnum=0,
stub=b"")
self.send_pdu(req)
rep = self.recv_pdu()
if first_req_fault_status is not None:
self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
pfc_flags=req.pfc_flags | first_req_fault_flags,
auth_length=0)
self.assertNotEqual(rep.u.alloc_hint, 0)
self.assertEqual(rep.u.context_id, req.u.context_id)
self.assertEqual(rep.u.cancel_count, 0)
self.assertEqual(rep.u.flags, 0)
self.assertEqual(rep.u.status, first_req_fault_status)
self.assertEqual(rep.u.reserved, 0)
self.assertEqual(len(rep.u.error_and_verifier), 0)
if first_req_fault_flags & dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE:
return
# wait for a disconnect
rep = self.recv_pdu()
self.assertIsNone(rep)
self.assertNotConnected()
return
self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
auth_length=0)
self.assertNotEqual(rep.u.alloc_hint, 0)
self.assertEqual(rep.u.context_id, req.u.context_id)
self.assertEqual(rep.u.cancel_count, 0)
self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
# Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
auth_info = self.generate_auth(auth_type=auth_type,
auth_level=auth_level,
auth_context_id=auth_context_id,
auth_blob=b"\x01" + b"\x00" * 15)
req = self.generate_request(call_id=4,
context_id=ctx1.context_id,
opnum=0,
stub=b"",
auth_info=auth_info)
self.send_pdu(req)
rep = self.recv_pdu()
# We don't get an auth_info back
self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
auth_length=0)
self.assertNotEqual(rep.u.alloc_hint, 0)
self.assertEqual(rep.u.context_id, req.u.context_id)
self.assertEqual(rep.u.cancel_count, 0)
self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
self._disconnect("disconnect")
self.assertNotConnected()
def _test_auth_mid_pad_with_args(self,
auth_type,
use_auth3,
use_smb):
return self._test_auth_pad_raw(auth_type=auth_type,
use_auth3=use_auth3,
use_smb=use_smb,
bind_mid_padding=True,
third_mid_padding=True)
def _test_auth_full_pad_with_args(self,
auth_type,
use_auth3,
use_smb):
return self._test_auth_pad_raw(auth_type=auth_type,
use_auth3=use_auth3,
use_smb=use_smb,
bind_mid_padding=True,
third_mid_padding=True,
bind_tail_padding=True,
third_tail_padding=True)
def _test_auth_tail_pad_with_args(self,
auth_type,
use_auth3,
use_smb):
return self._test_auth_pad_raw(auth_type=auth_type,
use_auth3=use_auth3,
use_smb=use_smb,
bind_tail_padding=True,
third_tail_padding=True)
def _test_auth_pad_bind_align2_with_args(self,
auth_type,
use_smb):
return self._test_auth_pad_raw(auth_type=auth_type,
use_smb=use_smb,
bind_auth_offset_diff=2)
def _test_auth_pad_alter_align2_with_args(self,
auth_type,
use_smb):
return self._test_auth_pad_raw(auth_type=auth_type,
use_smb=use_smb,
third_auth_offset_diff=2)
def _test_auth_pad_auth3_align2_with_args(self,
auth_type,
use_smb):
return self._test_auth_pad_raw(auth_type=auth_type,
use_smb=use_smb,
use_auth3=True,
third_auth_offset_diff=2)
def _test_auth_pad_ntlm_2888_with_args(self,
use_auth3,
use_smb):
auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
return self._test_auth_pad_raw(auth_type=auth_type,
use_smb=use_smb,
use_auth3=use_auth3,
bind_tail_padding=True,
bind_max_auth_length=2888,
third_tail_padding=True,
third_max_auth_length=2888)
def _test_auth_pad_ntlm_2889_with_args(self,
use_auth3,
use_smb):
auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
return self._test_auth_pad_raw(auth_type=auth_type,
use_smb=use_smb,
use_auth3=use_auth3,
third_tail_padding=True,
third_max_auth_length=2889)
def _test_auth_pad_ntlm_2889_bind_with_args(self,
use_smb):
auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
return self._test_auth_pad_raw(auth_type=auth_type,
use_smb=use_smb,
bind_tail_padding=True,
bind_max_auth_length=2889)
@classmethod
def _setup_auth_pad_ignored(cls):
auth_types = {
"spnego": dcerpc.DCERPC_AUTH_TYPE_SPNEGO,
"ntlm": dcerpc.DCERPC_AUTH_TYPE_NTLMSSP,
}
third_methods = {
"alter": False,
"auth3": True,
}
transports = {
"tcp": False,
"smb": True,
}
for auth_type in auth_types.keys():
for third_method in third_methods.keys():
for transport in transports.keys():
tname = "%s_%s_%s" % (
auth_type,
third_method,
transport
)
targs = (
auth_types[auth_type],
third_methods[third_method],
transports[transport],
)
cls.generate_dynamic_test("test_auth_mid_pad",
tname, *targs)
cls.generate_dynamic_test("test_auth_full_pad",
tname, *targs)
cls.generate_dynamic_test("test_auth_tail_pad",
tname, *targs)
for auth_type in auth_types.keys():
for transport in transports.keys():
tname = "%s_%s" % (
auth_type,
transport
)
targs = (
auth_types[auth_type],
transports[transport],
)
cls.generate_dynamic_test("test_auth_pad_bind_align2",
tname, *targs)
cls.generate_dynamic_test("test_auth_pad_alter_align2",
tname, *targs)
cls.generate_dynamic_test("test_auth_pad_auth3_align2",
tname, *targs)
for third_method in third_methods.keys():
for transport in transports.keys():
tname = "%s_%s" % (
third_method,
transport
)
targs = (
third_methods[third_method],
transports[transport],
)
cls.generate_dynamic_test("test_auth_pad_ntlm_2888",
tname, *targs)
cls.generate_dynamic_test("test_auth_pad_ntlm_2889",
tname, *targs)
for transport in transports.keys():
tname = "%s" % (
transport
)
targs = (
transports[transport],
)
cls.generate_dynamic_test("test_auth_pad_ntlm_2889_bind",
tname, *targs)
return
def test_spnego_auth_pad_ok_bind_legacy(self): def test_spnego_auth_pad_ok_bind_legacy(self):
ndr32 = base.transfer_syntax_ndr() ndr32 = base.transfer_syntax_ndr()

19
selftest/knownfail.d/dcerpc-auth-pad Normal file
View File

@ -0,0 +1,19 @@
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_full_pad_ntlm_alter
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_full_pad_ntlm_auth3
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_full_pad_spnego_alter
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_full_pad_spnego_auth3
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_mid_pad_ntlm_alter
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_mid_pad_ntlm_auth3
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_mid_pad_spnego_alter
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_mid_pad_spnego_auth3
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_bind_align2_ntlm
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_bind_align2_spnego
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_ntlm
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_spnego
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_ntlm_2889_alter
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_ntlm_2889_auth3
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_ntlm_2889_bind
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_ntlm_alter
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_ntlm_auth3
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_spnego_alter
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_spnego_auth3