1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

selftest: Add test parsing krb5 PAC claims via ndrdump

Including
* compressed claims
* plain (uncompressed) claims

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 31 02:50:30 UTC 2023 on atb-devel-224
This commit is contained in:
Andrew Bartlett 2023-03-29 15:01:15 +13:00
parent f951c3b35d
commit ea4be00361
5 changed files with 279 additions and 0 deletions

View File

@ -557,3 +557,42 @@ dump OK
except BlackboxProcessError as e:
self.fail(e)
self.assertEqual(actual, expected)
# This is compressed with Microsoft's compression, so we can't do a validate
def test_ndrdump_compressed_claims(self):
expected = open(self.data_path("compressed_claims.txt"), 'rb').read()
try:
actual = self.check_output(
"ndrdump --debug-stdout claims CLAIMS_SET_METADATA_NDR struct --hex-input --input " + \
"01100800cccccccc500200000000000000000200290200000400020004000000282000000000000000000000000000002902000073778788878808880700080007800800060007000700070887770780080088008870070008000808000080000000008070787787770076770867868788000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000007700080080000000870000000000000085070000000000007476800000000000750587000800000066078000000080706677880080008060878708000000008000800000000000800000000000000000000000000000000000000000000000006080080000000070000000000000000000000000000000000000000000000000fd74eaf001add6213aecf4346587eec48c323e3e1a5a32042eecf243669a581e383d2940e80e383c294463b8c0b49024f1def20df819586b086cd2ab98700923386674845663ef57e91718110c1ad4c0ac88912126d2180545e98670ea2aa002052aa54189cc318d26c46b667f18b6876262a9a4985ecdf76e5161033fd457ba020075360c837aaa3aa82749ee8152420999b553c60195be5e5c35c4330557538772972a7d527aeca1fc6b2951ca254ac83960272a930f3194892d4729eff48e48ccfb929329ff501c356c0e8ed18471ec70986c31da86a8090b4022c1db257514fdba4347532146648d4f99f9065e0d9a0d90d80f38389c39cb9ebe6d4e5e681e5a8a5418f591f1dbb7594a3f2aa3220ced1cd18cb49cffcc2ff18eef6caf443663640c5664000012000000")
except BlackboxProcessError as e:
self.fail(e)
self.assertEqual(actual, expected)
def test_ndrdump_uncompressed_claims(self):
expected = open(self.data_path("uncompressed_claims.txt"), 'rb').read()
try:
actual = self.check_output(
"ndrdump --debug-stdout claims CLAIMS_SET_METADATA_NDR struct --hex-input --input " + \
"01100800cccccccc800100000000000000000200580100000400020000000000580100000000000000000000000000005801000001100800cccccccc480100000000000000000200010000000400020000000000000000000000000001000000010000000300000008000200030000000c000200060006000100000010000200140002000300030003000000180002002800020002000200040000002c0002000b000000000000000b000000370032003000660064003300630033005f00390000000000010000000000000001000000000000000b000000000000000b000000370032003000660064003300630033005f00370000000000030000001c000200200002002400020004000000000000000400000066006f006f0000000400000000000000040000006200610072000000040000000000000004000000620061007a0000000b000000000000000b000000370032003000660064003300630033005f003800000000000400000009000a000000000007000100000000000600010000000000000001000000000000000000")
except BlackboxProcessError as e:
self.fail(e)
self.assertEqual(actual, expected)
# We can't run --validate here as currently we can't round-trip
# this data due to uninitialised padding in the sample
def test_ndrdump_claims_CLAIMS_SET_NDR(self):
expected = open(self.data_path("claims_CLAIMS_SET_NDR.txt"), 'rb').read()
try:
actual = self.check_output(
"ndrdump --debug-stdout claims CLAIMS_SET_NDR struct --hex-input " + \
self.data_path("claims_CLAIMS_SET_NDR.dat"))
except BlackboxProcessError as e:
self.fail(e)
self.assertEqual(actual, expected)

View File

@ -0,0 +1,23 @@
[0000] 01 10 08 00 CC CC CC CC 48 01 00 00 00 00 00 00 ........ H.......
[0010] 00 00 02 00 01 00 00 00 04 00 02 00 00 00 00 00 ........ ........
[0020] 00 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 ........ ........
[0030] 03 00 00 00 08 00 02 00 03 00 00 00 0C 00 02 00 ........ ........
[0040] 06 00 06 00 01 00 00 00 10 00 02 00 14 00 02 00 ........ ........
[0050] 03 00 03 00 03 00 00 00 18 00 02 00 28 00 02 00 ........ ....(...
[0060] 02 00 02 00 04 00 00 00 2C 00 02 00 0B 00 00 00 ........ ,.......
[0070] 00 00 00 00 0B 00 00 00 37 00 32 00 30 00 66 00 ........ 7.2.0.f.
[0080] 64 00 33 00 63 00 33 00 5F 00 39 00 00 00 00 00 d.3.c.3. _.9.....
[0090] 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ........ ........
[00A0] 0B 00 00 00 00 00 00 00 0B 00 00 00 37 00 32 00 ........ ....7.2.
[00B0] 30 00 66 00 64 00 33 00 63 00 33 00 5F 00 37 00 0.f.d.3. c.3._.7.
[00C0] 00 00 00 00 03 00 00 00 1C 00 02 00 20 00 02 00 ........ .... ...
[00D0] 24 00 02 00 04 00 00 00 00 00 00 00 04 00 00 00 $....... ........
[00E0] 66 00 6F 00 6F 00 00 00 04 00 00 00 00 00 00 00 f.o.o... ........
[00F0] 04 00 00 00 62 00 61 00 72 00 00 00 04 00 00 00 ....b.a. r.......
[0100] 00 00 00 00 04 00 00 00 62 00 61 00 7A 00 00 00 ........ b.a.z...
[0110] 0B 00 00 00 00 00 00 00 0B 00 00 00 37 00 32 00 ........ ....7.2.
[0120] 30 00 66 00 64 00 33 00 63 00 33 00 5F 00 38 00 0.f.d.3. c.3._.8.
[0130] 00 00 00 00 04 00 00 00 09 00 0A 00 00 00 00 00 ........ ........
[0140] 07 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 ........ ........
[0150] 00 00 01 00 00 00 00 00 ........

View File

@ -0,0 +1,55 @@
pull returned Success
CLAIMS_SET_NDR: struct CLAIMS_SET_NDR
claims: struct CLAIMS_SET_CTR
claims : *
claims: struct CLAIMS_SET
claims_array_count : 0x00000001 (1)
claims_arrays : *
claims_arrays: ARRAY(1)
claims_arrays: struct CLAIMS_ARRAY
claims_source_type : CLAIMS_SOURCE_TYPE_AD (1)
claims_count : 0x00000003 (3)
claim_entries : *
claim_entries: ARRAY(3)
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_9'
type : CLAIM_TYPE_BOOLEAN (6)
values : union CLAIM_ENTRY_VALUES(case 6)
claim_boolean: struct CLAIM_UINT64
value_count : 0x00000001 (1)
values : *
values: ARRAY(1)
values : 0x0000000000000001 (1)
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_7'
type : CLAIM_TYPE_STRING (3)
values : union CLAIM_ENTRY_VALUES(case 3)
claim_string: struct CLAIM_STRING
value_count : 0x00000003 (3)
values : *
values: ARRAY(3)
values : *
values : 'foo'
values : *
values : 'bar'
values : *
values : 'baz'
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_8'
type : CLAIM_TYPE_UINT64 (2)
values : union CLAIM_ENTRY_VALUES(case 2)
claim_uint64: struct CLAIM_UINT64
value_count : 0x00000004 (4)
values : *
values: ARRAY(4)
values : 0x00000000000a0009 (655369)
values : 0x0000000000010007 (65543)
values : 0x0000000000010006 (65542)
values : 0x0000000000010000 (65536)
reserved_type : 0x0000 (0)
reserved_field_size : 0x00000000 (0)
reserved_field : NULL
dump OK

View File

@ -0,0 +1,96 @@
pull returned Success
CLAIMS_SET_METADATA_NDR: struct CLAIMS_SET_METADATA_NDR
claims: struct CLAIMS_SET_METADATA_CTR
metadata : *
metadata: struct CLAIMS_SET_METADATA
claims_set_size : 0x00000229 (553)
claims_set : *
claims_set: struct CLAIMS_SET_NDR
claims: struct CLAIMS_SET_CTR
claims : *
claims: struct CLAIMS_SET
claims_array_count : 0x00000001 (1)
claims_arrays : *
claims_arrays: ARRAY(1)
claims_arrays: struct CLAIMS_ARRAY
claims_source_type : CLAIMS_SOURCE_TYPE_AD (1)
claims_count : 0x00000005 (5)
claim_entries : *
claim_entries: ARRAY(5)
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_4'
type : CLAIM_TYPE_BOOLEAN (6)
values : union CLAIM_ENTRY_VALUES(case 6)
claim_boolean: struct CLAIM_UINT64
value_count : 0x00000001 (1)
values : *
values: ARRAY(1)
values : 0x0000000000000001 (1)
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_0'
type : CLAIM_TYPE_STRING (3)
values : union CLAIM_ENTRY_VALUES(case 3)
claim_string: struct CLAIM_STRING
value_count : 0x00000004 (4)
values : *
values: ARRAY(4)
values : *
values : 'A first value.'
values : *
values : 'A second value.'
values : *
values : 'A third value.'
values : *
values : 'A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed. A very long attribute value to ensure that this claim will be compressed.'
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_1'
type : CLAIM_TYPE_STRING (3)
values : union CLAIM_ENTRY_VALUES(case 3)
claim_string: struct CLAIM_STRING
value_count : 0x00000003 (3)
values : *
values: ARRAY(3)
values : *
values : 'DC=win22,DC=example,DC=com'
values : *
values : 'CN=Users,DC=win22,DC=example,DC=com'
values : *
values : 'CN=Computers,DC=win22,DC=example,DC=com'
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_2'
type : CLAIM_TYPE_UINT64 (2)
values : union CLAIM_ENTRY_VALUES(case 2)
claim_uint64: struct CLAIM_UINT64
value_count : 0x00000004 (4)
values : *
values: ARRAY(4)
values : 0x00000000000a0009 (655369)
values : 0x0000000000010007 (65543)
values : 0x0000000000010006 (65542)
values : 0x0000000000010000 (65536)
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_3'
type : CLAIM_TYPE_UINT64 (2)
values : union CLAIM_ENTRY_VALUES(case 2)
claim_uint64: struct CLAIM_UINT64
value_count : 0x00000004 (4)
values : *
values: ARRAY(4)
values : 0x00000000000a0009 (655369)
values : 0x0000000000010007 (65543)
values : 0x0000000000010006 (65542)
values : 0x0000000000010000 (65536)
reserved_type : 0x0000 (0)
reserved_field_size : 0x00000000 (0)
reserved_field : NULL
compression_format : CLAIMS_COMPRESSION_FORMAT_XPRESS_HUFF (4)
uncompressed_claims_set_size: 0x00002028 (8232)
reserved_type : 0x0000 (0)
reserved_field_size : 0x00000000 (0)
reserved_field : NULL
dump OK

View File

@ -0,0 +1,66 @@
pull returned Success
CLAIMS_SET_METADATA_NDR: struct CLAIMS_SET_METADATA_NDR
claims: struct CLAIMS_SET_METADATA_CTR
metadata : *
metadata: struct CLAIMS_SET_METADATA
claims_set_size : 0x00000158 (344)
claims_set : *
claims_set: struct CLAIMS_SET_NDR
claims: struct CLAIMS_SET_CTR
claims : *
claims: struct CLAIMS_SET
claims_array_count : 0x00000001 (1)
claims_arrays : *
claims_arrays: ARRAY(1)
claims_arrays: struct CLAIMS_ARRAY
claims_source_type : CLAIMS_SOURCE_TYPE_AD (1)
claims_count : 0x00000003 (3)
claim_entries : *
claim_entries: ARRAY(3)
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_9'
type : CLAIM_TYPE_BOOLEAN (6)
values : union CLAIM_ENTRY_VALUES(case 6)
claim_boolean: struct CLAIM_UINT64
value_count : 0x00000001 (1)
values : *
values: ARRAY(1)
values : 0x0000000000000001 (1)
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_7'
type : CLAIM_TYPE_STRING (3)
values : union CLAIM_ENTRY_VALUES(case 3)
claim_string: struct CLAIM_STRING
value_count : 0x00000003 (3)
values : *
values: ARRAY(3)
values : *
values : 'foo'
values : *
values : 'bar'
values : *
values : 'baz'
claim_entries: struct CLAIM_ENTRY
id : *
id : '720fd3c3_8'
type : CLAIM_TYPE_UINT64 (2)
values : union CLAIM_ENTRY_VALUES(case 2)
claim_uint64: struct CLAIM_UINT64
value_count : 0x00000004 (4)
values : *
values: ARRAY(4)
values : 0x00000000000a0009 (655369)
values : 0x0000000000010007 (65543)
values : 0x0000000000010006 (65542)
values : 0x0000000000010000 (65536)
reserved_type : 0x0000 (0)
reserved_field_size : 0x00000000 (0)
reserved_field : NULL
compression_format : CLAIMS_COMPRESSION_FORMAT_NONE (0)
uncompressed_claims_set_size: 0x00000158 (344)
reserved_type : 0x0000 (0)
reserved_field_size : 0x00000000 (0)
reserved_field : NULL
dump OK