1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

s4:torture/rpc: without weak crypto we should require AES

We should check that we can actually negotiated the strong AES
crypto instead of just checking that NETLOGON_NEG_ARCFOUR is not
there...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
Stefan Metzmacher 2024-10-10 15:02:16 +02:00 committed by Douglas Bagnall
parent 36310650ee
commit 3dcbc8eea5

View File

@ -169,8 +169,8 @@ static bool test_ServerAuth3Crypto(struct dcerpc_pipe *p,
if (!weak_crypto_allowed) { if (!weak_crypto_allowed) {
torture_assert(tctx, torture_assert(tctx,
(negotiate_flags & NETLOGON_NEG_ARCFOUR) == 0, (negotiate_flags & NETLOGON_NEG_SUPPORTS_AES),
"Server should not announce RC4 support"); "Server negotiate AES support");
} }
/* Prove that requesting a challenge again won't break it */ /* Prove that requesting a challenge again won't break it */