Revision - 784c38f - Update k5_sendto() comment – ENEA Mirror of the Software Heritage archive

Revision 784c38f50e70a739400cdd3f2620bac2e2788e6c authored by Greg Hudson on 01 August 2024, 06:41:15 UTC, committed by Greg Hudson on 05 August 2024, 21:11:01 UTC

Update k5_sendto() comment

Edit the block comment above k5_sendto() to take into account commits
802318cda963456b3ed7856c836e89da891483be (which added request_timeout)
and 6436a3808061da787a43c6810f5f0370cdfb6e36 (which made the open TCP
connection wait indefinite).

1 parent 2063e72

Files
Changes

Permalinks

t_get_etype_info.py

from k5test import *

conf = {'libdefaults': {'allow_weak_crypto': 'true'}}
realm = K5Realm(create_host=False, krb5_conf=conf)

realm.run([kadminl, 'ank', '-pw', 'pw', '+preauth', 'puser'])
realm.run([kadminl, 'ank', '-nokey', 'nokey'])
realm.run([kadminl, 'ank', '-nokey', '+preauth', 'pnokey'])
realm.run([kadminl, 'ank', '-e', 'aes256-cts:special', '-pw', 'pw', 'exp'])
realm.run([kadminl, 'ank', '-e', 'aes256-cts:special', '-pw', 'pw', '+preauth',
           'pexp'])

# Extract the explicit salt values from the database.
out = realm.run([kdb5_util, 'tabdump', 'keyinfo'])
salt_dict = {f[0]: f[5] for f in [l.split('\t') for l in out.splitlines()]}
exp_salt = bytes.fromhex(salt_dict['exp@KRBTEST.COM']).decode('ascii')
pexp_salt = bytes.fromhex(salt_dict['pexp@KRBTEST.COM']).decode('ascii')

# Test an error reply (other than PREAUTH_REQUIRED).
out = realm.run(['./t_get_etype_info', 'notfound'], expected_code=1,
                expected_msg='Client not found in Kerberos database')

# Test with default salt and no specific options, with and without
# preauth.  (Our KDC always sends an explicit salt, so unfortunately
# we aren't really testing client handling of the default salt.)
realm.run(['./t_get_etype_info', 'user'],
          expected_msg='etype: aes256-cts\nsalt: KRBTEST.COMuser\n')
realm.run(['./t_get_etype_info', 'puser'],
          expected_msg='etype: aes256-cts\nsalt: KRBTEST.COMpuser\n')

# Test with a specified request enctype.
msg = 'etype: aes128-cts\nsalt: KRBTEST.COMuser\n'
realm.run(['./t_get_etype_info', '-e', 'aes128-cts', 'user'],
          expected_msg='etype: aes128-cts\nsalt: KRBTEST.COMuser\n')
realm.run(['./t_get_etype_info', '-e', 'aes128-cts', 'puser'],
          expected_msg='etype: aes128-cts\nsalt: KRBTEST.COMpuser\n')

# Test with FAST.
msg = 'etype: aes256-cts\nsalt: KRBTEST.COMuser\n'
realm.run(['./t_get_etype_info', '-T', realm.ccache, 'user'],
          expected_msg='etype: aes256-cts\nsalt: KRBTEST.COMuser\n')
realm.run(['./t_get_etype_info', '-T', realm.ccache, 'puser'],
          expected_msg='etype: aes256-cts\nsalt: KRBTEST.COMpuser\n')

# Test with no available etype-info.
realm.run(['./t_get_etype_info', 'nokey'], expected_code=1,
          expected_msg='KDC has no support for encryption type')
realm.run(['./t_get_etype_info', 'pnokey'], expected_msg='no etype-info')

# Test with explicit salt.
realm.run(['./t_get_etype_info', 'exp'],
          expected_msg='etype: aes256-cts\nsalt: ' + exp_salt + '\n')
realm.run(['./t_get_etype_info', 'pexp'],
          expected_msg='etype: aes256-cts\nsalt: ' + pexp_salt + '\n')

success('krb5_get_etype_info() tests')

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...