sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Code

tests/krb5: Allow PADATA-ENCRYPTED-CHALLENGE to be missing for skew errors

Browse Source 
A skew error means the client just tried using PADATA-ENC-TIMESTAMP or
PADATA-ENCRYPTED-CHALLENGE, so it might not be necessary to announce
them in that case.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec  7 08:32:42 UTC 2021 on sn-devel-184
This commit is contained in:
Joseph Sutton 2021-12-06 14:54:31 +13:00 committed by Andrew Bartlett
parent 9844a33186
commit 221569a14c
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
python/samba/tests/krb5/raw_testcase.py
View File

@ -48,6 +48,7 @@ from samba.tests.krb5.rfc4120_constants import (
FX_FAST_ARMOR_AP_REQUEST,
KDC_ERR_GENERIC,
KDC_ERR_PREAUTH_FAILED,
KDC_ERR_SKEW,
KDC_ERR_UNKNOWN_CRITICAL_FAST_OPTIONS,
KERB_ERR_TYPE_EXTENDED,
KRB_AP_REQ,
@ -2940,7 +2941,7 @@ class RawKerberosTest(TestCaseInTempDir):
if len(expect_etype_info2) != 0:
expected_patypes += (PADATA_ETYPE_INFO2,)
if error_code != KDC_ERR_PREAUTH_FAILED:
if error_code not in (KDC_ERR_PREAUTH_FAILED, KDC_ERR_SKEW):
if sent_fast:
expected_patypes += (PADATA_ENCRYPTED_CHALLENGE,)
else: