tests/krb5: Deduplicate AS-REQ tests

salt_tests was running the tests defined in the base class as well as
its own tests.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit f0b222e3ecf72c8562bc97bedd9f3a92980b60d5)

python/samba/tests/krb5/as_req_tests.py

@@ -38,87 +38,8 @@ from samba.tests.krb5.rfc4120_constants import (
 global_asn1_print = False
 global_hexdump = False
 
-@DynamicTestCase
-class AsReqKerberosTests(KDCBaseTest):
-
-    @classmethod
-    def setUpDynamicTestCases(cls):
-        for (name, idx) in cls.etype_test_permutation_name_idx():
-            for pac in [None, True, False]:
-                tname = "%s_pac_%s" % (name, pac)
-                targs = (idx, pac)
-                cls.generate_dynamic_test("test_as_req_no_preauth", tname, *targs)
-
-    def setUp(self):
-        super(AsReqKerberosTests, self).setUp()
-        self.do_asn1_print = global_asn1_print
-        self.do_hexdump = global_hexdump
-
-    def _test_as_req_nopreauth(self,
-                               initial_etypes,
-                               pac=None,
-                               initial_kdc_options=None):
-        client_creds = self.get_client_creds()
-        client_account = client_creds.get_username()
-        client_as_etypes = self.get_default_enctypes()
-        krbtgt_creds = self.get_krbtgt_creds(require_keys=False)
-        krbtgt_account = krbtgt_creds.get_username()
-        realm = krbtgt_creds.get_realm()
-
-        cname = self.PrincipalName_create(name_type=NT_PRINCIPAL,
-                                          names=[client_account])
-        sname = self.PrincipalName_create(name_type=NT_SRV_INST,
-                                          names=[krbtgt_account, realm])
-
-        expected_crealm = realm
-        expected_cname = cname
-        expected_srealm = realm
-        expected_sname = sname
-        expected_salt = client_creds.get_salt()
-
-        if any(etype in client_as_etypes and etype in initial_etypes
-               for etype in (kcrypto.Enctype.AES256,
-                             kcrypto.Enctype.AES128,
-                             kcrypto.Enctype.RC4)):
-            expected_error_mode = KDC_ERR_PREAUTH_REQUIRED
-        else:
-            expected_error_mode = KDC_ERR_ETYPE_NOSUPP
-
-        kdc_exchange_dict = self.as_exchange_dict(
-            expected_crealm=expected_crealm,
-            expected_cname=expected_cname,
-            expected_srealm=expected_srealm,
-            expected_sname=expected_sname,
-            generate_padata_fn=None,
-            check_error_fn=self.generic_check_kdc_error,
-            check_rep_fn=None,
-            expected_error_mode=expected_error_mode,
-            client_as_etypes=client_as_etypes,
-            expected_salt=expected_salt,
-            kdc_options=str(initial_kdc_options),
-            pac_request=pac)
-
-        self._generic_kdc_exchange(kdc_exchange_dict,
-                                   cname=cname,
-                                   realm=realm,
-                                   sname=sname,
-                                   etypes=initial_etypes)
-
-    def _test_as_req_no_preauth_with_args(self, etype_idx, pac):
-        name, etypes = self.etype_test_permutation_by_idx(etype_idx)
-        self._test_as_req_nopreauth(
-                     pac=pac,
-                     initial_etypes=etypes,
-                     initial_kdc_options=krb5_asn1.KDCOptions('forwardable'))
-
-    def test_as_req_enc_timestamp(self):
-        client_creds = self.get_client_creds()
-        self._run_as_req_enc_timestamp(client_creds)
-
-    def test_as_req_enc_timestamp_mac(self):
-        client_creds = self.get_mach_creds()
-        self._run_as_req_enc_timestamp(client_creds)
 
+class AsReqBaseTest(KDCBaseTest):
     def _run_as_req_enc_timestamp(self, client_creds):
         client_account = client_creds.get_username()
         client_as_etypes = self.get_default_enctypes()
@@ -207,6 +128,88 @@ class AsReqKerberosTests(KDCBaseTest):
         return etype_info2
 
 
+@DynamicTestCase
+class AsReqKerberosTests(AsReqBaseTest):
+
+    @classmethod
+    def setUpDynamicTestCases(cls):
+        for (name, idx) in cls.etype_test_permutation_name_idx():
+            for pac in [None, True, False]:
+                tname = "%s_pac_%s" % (name, pac)
+                targs = (idx, pac)
+                cls.generate_dynamic_test("test_as_req_no_preauth", tname, *targs)
+
+    def setUp(self):
+        super(AsReqKerberosTests, self).setUp()
+        self.do_asn1_print = global_asn1_print
+        self.do_hexdump = global_hexdump
+
+    def _test_as_req_nopreauth(self,
+                               initial_etypes,
+                               pac=None,
+                               initial_kdc_options=None):
+        client_creds = self.get_client_creds()
+        client_account = client_creds.get_username()
+        client_as_etypes = self.get_default_enctypes()
+        krbtgt_creds = self.get_krbtgt_creds(require_keys=False)
+        krbtgt_account = krbtgt_creds.get_username()
+        realm = krbtgt_creds.get_realm()
+
+        cname = self.PrincipalName_create(name_type=NT_PRINCIPAL,
+                                          names=[client_account])
+        sname = self.PrincipalName_create(name_type=NT_SRV_INST,
+                                          names=[krbtgt_account, realm])
+
+        expected_crealm = realm
+        expected_cname = cname
+        expected_srealm = realm
+        expected_sname = sname
+        expected_salt = client_creds.get_salt()
+
+        if any(etype in client_as_etypes and etype in initial_etypes
+               for etype in (kcrypto.Enctype.AES256,
+                             kcrypto.Enctype.AES128,
+                             kcrypto.Enctype.RC4)):
+            expected_error_mode = KDC_ERR_PREAUTH_REQUIRED
+        else:
+            expected_error_mode = KDC_ERR_ETYPE_NOSUPP
+
+        kdc_exchange_dict = self.as_exchange_dict(
+            expected_crealm=expected_crealm,
+            expected_cname=expected_cname,
+            expected_srealm=expected_srealm,
+            expected_sname=expected_sname,
+            generate_padata_fn=None,
+            check_error_fn=self.generic_check_kdc_error,
+            check_rep_fn=None,
+            expected_error_mode=expected_error_mode,
+            client_as_etypes=client_as_etypes,
+            expected_salt=expected_salt,
+            kdc_options=str(initial_kdc_options),
+            pac_request=pac)
+
+        self._generic_kdc_exchange(kdc_exchange_dict,
+                                   cname=cname,
+                                   realm=realm,
+                                   sname=sname,
+                                   etypes=initial_etypes)
+
+    def _test_as_req_no_preauth_with_args(self, etype_idx, pac):
+        name, etypes = self.etype_test_permutation_by_idx(etype_idx)
+        self._test_as_req_nopreauth(
+                     pac=pac,
+                     initial_etypes=etypes,
+                     initial_kdc_options=krb5_asn1.KDCOptions('forwardable'))
+
+    def test_as_req_enc_timestamp(self):
+        client_creds = self.get_client_creds()
+        self._run_as_req_enc_timestamp(client_creds)
+
+    def test_as_req_enc_timestamp_mac(self):
+        client_creds = self.get_mach_creds()
+        self._run_as_req_enc_timestamp(client_creds)
+
+
 if __name__ == "__main__":
     global_asn1_print = False
     global_hexdump = False

python/samba/tests/krb5/salt_tests.py

@@ -21,7 +21,7 @@ import os
 
 import ldb
 
-from samba.tests.krb5.as_req_tests import AsReqKerberosTests
+from samba.tests.krb5.as_req_tests import AsReqBaseTest
 import samba.tests.krb5.kcrypto as kcrypto
 
 sys.path.insert(0, "bin/python")
@@ -31,7 +31,7 @@ global_asn1_print = False
 global_hexdump = False
 
 
-class SaltTests(AsReqKerberosTests):
+class SaltTests(AsReqBaseTest):
 
     def setUp(self):
         super().setUp()