'fast_armor': FX_FAST_ARMOR_AP_REQUEST,
'gen_armor_tgt_fn': self.get_mach_tgt,
'sname': None,
- 'expected_sname': expected_sname
+ 'expected_sname': expected_sname,
+ 'strict_edata_checking': False
}
])
'gen_tgt_fn': self.get_user_tgt,
'fast_armor': None,
'sname': None,
- 'expected_sname': expected_sname
+ 'expected_sname': expected_sname,
+ 'strict_edata_checking': False
}
])
'inner_req': {
'sname': None # should be ignored
},
- 'expected_sname': expected_sname
+ 'expected_sname': expected_sname,
+ 'strict_edata_checking': False
}
])
'inner_req': {
'sname': None # should be ignored
},
- 'expected_sname': expected_sname
+ 'expected_sname': expected_sname,
+ 'strict_edata_checking': False
}
])
'use_fast': True,
'gen_tgt_fn': self.get_mach_tgt,
'fast_armor': None,
- 'etypes': ()
+ 'etypes': (),
+ 'strict_edata_checking': False
}
])
'use_fast': True,
'fast_armor': FX_FAST_ARMOR_AP_REQUEST,
'gen_armor_tgt_fn': self.get_mach_tgt,
- 'etypes': ()
+ 'etypes': (),
+ 'strict_edata_checking': False
}
])
fast_ap_options = kdc_dict.pop('fast_ap_options', None)
+ strict_edata_checking = kdc_dict.pop('strict_edata_checking', True)
+
if rep_type == KRB_AS_REP:
kdc_exchange_dict = self.as_exchange_dict(
expected_crealm=expected_crealm,
pac_request=True,
pac_options=pac_options,
fast_ap_options=fast_ap_options,
+ strict_edata_checking=strict_edata_checking,
expect_edata=expect_edata)
else: # KRB_TGS_REP
kdc_exchange_dict = self.tgs_exchange_dict(
pac_request=None,
pac_options=pac_options,
fast_ap_options=fast_ap_options,
+ strict_edata_checking=strict_edata_checking,
expect_edata=expect_edata)
repeat = kdc_dict.pop('repeat', 1)
pac_options=None,
ap_options=None,
fast_ap_options=None,
+ strict_edata_checking=True,
expect_edata=None,
expect_pac=True,
expect_claims=True,
'pac_options': pac_options,
'ap_options': ap_options,
'fast_ap_options': fast_ap_options,
+ 'strict_edata_checking': strict_edata_checking,
'expect_edata': expect_edata,
'expect_pac': expect_pac,
'expect_claims': expect_claims,
pac_options=None,
ap_options=None,
fast_ap_options=None,
+ strict_edata_checking=True,
expect_edata=None,
expect_pac=True,
expect_claims=True,
'pac_options': pac_options,
'ap_options': ap_options,
'fast_ap_options': fast_ap_options,
+ 'strict_edata_checking': strict_edata_checking,
'expect_edata': expect_edata,
'expect_pac': expect_pac,
'expect_claims': expect_claims,
and not inner)
if not expect_edata:
self.assertIsNone(expected_status)
- self.assertElementMissing(rep, 'e-data')
+ if self.strict_checking:
+ self.assertElementMissing(rep, 'e-data')
return rep
edata = self.getElementValue(rep, 'e-data')
if self.strict_checking:
expected_patypes += (PADATA_FX_FAST,)
expected_patypes += (PADATA_FX_COOKIE,)
+ require_strict = {PADATA_FX_COOKIE,
+ PADATA_FX_FAST,
+ PADATA_PAC_OPTIONS,
+ PADATA_PK_AS_REP_19,
+ PADATA_PK_AS_REQ}
+ strict_edata_checking = kdc_exchange_dict['strict_edata_checking']
+ if not strict_edata_checking:
+ require_strict.add(PADATA_ETYPE_INFO2)
+ require_strict.add(PADATA_ENCRYPTED_CHALLENGE)
+
got_patypes = tuple(pa['padata-type'] for pa in rep_padata)
self.assertSequenceElementsEqual(expected_patypes, got_patypes,
- require_strict={PADATA_FX_COOKIE,
- PADATA_FX_FAST,
- PADATA_PAC_OPTIONS,
- PADATA_PK_AS_REP_19,
- PADATA_PK_AS_REQ})
+ require_strict=require_strict)
if not expected_patypes:
return None
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_invalid_tgt.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_invalid_tgt_mach.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_tgs_armor.ad_dc
-^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_unknown_critical_option.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_outer_no_sname.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_tgs_outer_no_sname.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_no_sname.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_tgs_armor_session_key.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_tgs_no_sname.ad_dc
-^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_simple_fast_no_etypes.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_simple_no_sname.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_simple_tgs_no_sname.ad_dc
^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_inner_no_sname.ad_dc
git.samba.org / ddiss / samba-autobuild / .git / commitdiff