1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00

tests/krb5: Don't create PAC request manually in as_req_tests

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
This commit is contained in:
Joseph Sutton 2021-09-02 14:37:27 +12:00 committed by Andrew Bartlett
parent c0db1ba54d
commit bc21ba2592

View File

@ -56,7 +56,7 @@ class AsReqKerberosTests(KDCBaseTest):
def _test_as_req_nopreauth(self,
initial_etypes,
initial_padata=None,
pac=None,
initial_kdc_options=None):
client_creds = self.get_client_creds()
client_account = client_creds.get_username()
@ -84,27 +84,19 @@ class AsReqKerberosTests(KDCBaseTest):
else:
expected_error_mode = KDC_ERR_ETYPE_NOSUPP
def _generate_padata_copy(_kdc_exchange_dict,
_callback_dict,
req_body):
return initial_padata, req_body
generate_padata_fn = (_generate_padata_copy
if initial_padata is not None
else None)
kdc_exchange_dict = self.as_exchange_dict(
expected_crealm=expected_crealm,
expected_cname=expected_cname,
expected_srealm=expected_srealm,
expected_sname=expected_sname,
generate_padata_fn=generate_padata_fn,
generate_padata_fn=None,
check_error_fn=self.generic_check_kdc_error,
check_rep_fn=None,
expected_error_mode=expected_error_mode,
client_as_etypes=client_as_etypes,
expected_salt=expected_salt,
kdc_options=str(initial_kdc_options))
kdc_options=str(initial_kdc_options),
pac_request=pac)
self._generic_kdc_exchange(kdc_exchange_dict,
cname=cname,
@ -114,13 +106,8 @@ class AsReqKerberosTests(KDCBaseTest):
def _test_as_req_no_preauth_with_args(self, etype_idx, pac):
name, etypes = self.etype_test_permutation_by_idx(etype_idx)
if pac is None:
padata = None
else:
pa_pac = self.KERB_PA_PAC_REQUEST_create(pac)
padata = [pa_pac]
self._test_as_req_nopreauth(
initial_padata=padata,
pac=pac,
initial_etypes=etypes,
initial_kdc_options=krb5_asn1.KDCOptions('forwardable'))
@ -146,8 +133,6 @@ class AsReqKerberosTests(KDCBaseTest):
till = self.get_KerberosTime(offset=36000)
pa_pac = self.KERB_PA_PAC_REQUEST_create(True)
initial_padata = [pa_pac]
initial_etypes = client_as_etypes
initial_kdc_options = krb5_asn1.KDCOptions('forwardable')
initial_error_mode = KDC_ERR_PREAUTH_REQUIRED
@ -164,8 +149,9 @@ class AsReqKerberosTests(KDCBaseTest):
expected_sname,
expected_salt,
initial_etypes,
initial_padata,
initial_kdc_options)
None,
initial_kdc_options,
pac_request=True)
etype_info2 = kdc_exchange_dict['preauth_etype_info2']
self.assertIsNotNone(etype_info2)
@ -183,7 +169,7 @@ class AsReqKerberosTests(KDCBaseTest):
pa_ts = self.PA_DATA_create(PADATA_ENC_TIMESTAMP, pa_ts)
preauth_padata = [pa_ts, pa_pac]
preauth_padata = [pa_ts]
preauth_etypes = client_as_etypes
preauth_kdc_options = krb5_asn1.KDCOptions('forwardable')
preauth_error_mode = 0 # AS-REP
@ -207,7 +193,8 @@ class AsReqKerberosTests(KDCBaseTest):
preauth_padata,
preauth_kdc_options,
preauth_key=preauth_key,
ticket_decryption_key=krbtgt_decryption_key)
ticket_decryption_key=krbtgt_decryption_key,
pac_request=True)
self.assertIsNotNone(as_rep)
if __name__ == "__main__":