git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c7c5762) | patch
CVE-2022-37966 python:tests/krb5: test much more etype combinations
authorStefan Metzmacher <metze@samba.org>
Tue, 29 Nov 2022 16:11:01 +0000 (17:11 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 13 Dec 2022 13:07:30 +0000 (13:07 +0000)
commit1dfa91682efd3b12d7d6af75287efb12ebd9e526
tree68e10cc8b3f80ddb0c3b30d83ff53915064d6767tree
parentc7c576208960e336da276e251ad7a526e1b3ed45commit | diff
CVE-2022-37966 python:tests/krb5: test much more etype combinations

This tests work out the difference between
- msDS-SupportedEncryptionTypes value or it's default
- software defined extra flags for DC accounts
- accounts with only an nt hash being stored
- the resulting value in the KRB5_PADATA_SUPPORTED_ETYPES announcement

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13135
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
python/samba/tests/krb5/etype_tests.py diff | blob | history
selftest/knownfail.d/kdc-enctypes [new file with mode: 0644] blob
selftest/knownfail_mit_kdc diff | blob | history
Samba Shared Repository