sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code

CVE-2020-25719 tests/krb5: Add test for user-to-user with no sname

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14873

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton 2021-10-26 21:06:58 +13:00 committed by Jule Anger
parent 7ff05eb8d4
commit 26480ba2aa
3 changed files with 29 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
python/samba/tests/krb5/kdc_tgs_tests.py
View File

@ -1122,6 +1122,14 @@ class KdcTgsTests(KDCBaseTest):
self._user2user(tgt, creds, sname=sname,
expected_error=KDC_ERR_S_PRINCIPAL_UNKNOWN)
def test_user2user_no_sname(self):
creds = self._get_creds()
tgt = self._get_tgt(creds)
self._user2user(tgt, creds, sname=False,
expected_error=(KDC_ERR_GENERIC,
KDC_ERR_S_PRINCIPAL_UNKNOWN))
def test_user2user_service_ticket(self):
creds = self._get_creds()
tgt = self._get_tgt(creds)
@ -2025,16 +2033,24 @@ class KdcTgsTests(KDCBaseTest):
expected_status=None):
srealm = target_creds.get_realm()
if sname is None:
target_name = target_creds.get_username()
if target_name == 'krbtgt':
sname = self.PrincipalName_create(name_type=NT_SRV_INST,
names=[target_name, srealm])
else:
if target_name[-1] == '$':
target_name = target_name[:-1]
sname = self.PrincipalName_create(name_type=NT_PRINCIPAL,
names=['host', target_name])
if sname is False:
sname = None
expected_sname = self.get_krbtgt_sname()
else:
if sname is None:
target_name = target_creds.get_username()
if target_name == 'krbtgt':
sname = self.PrincipalName_create(
name_type=NT_SRV_INST,
names=[target_name, srealm])
else:
if target_name[-1] == '$':
target_name = target_name[:-1]
sname = self.PrincipalName_create(
name_type=NT_PRINCIPAL,
names=['host', target_name])
expected_sname = sname
if additional_ticket is not None:
additional_tickets = [additional_ticket.ticket]
@ -2062,7 +2078,7 @@ class KdcTgsTests(KDCBaseTest):
expected_crealm=tgt.crealm,
expected_cname=expected_cname,
expected_srealm=srealm,
expected_sname=sname,
expected_sname=expected_sname,
ticket_decryption_key=decryption_key,
generate_padata_fn=generate_padata_fn,
check_error_fn=check_error_fn,

1
selftest/knownfail_heimdal_kdc
View File

@ -161,6 +161,7 @@
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_authdata_no_pac
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_matching_sname_host
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_no_pac
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_no_sname
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_non_existent_sname
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_req
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_rodc_allowed_denied

1
selftest/knownfail_mit_kdc
View File

@ -419,6 +419,7 @@ samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_upn_dns_info_ex_user
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_authdata_no_pac
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_no_pac
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_no_sname
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_req
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_rodc_allowed_denied
^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_rodc_denied