git.ipfire.org Git - thirdparty/samba.git/commit

author	Stefan Metzmacher <metze@samba.org>
	Tue, 29 Nov 2022 16:11:01 +0000 (17:11 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Wed, 14 Dec 2022 10:28:17 +0000 (10:28 +0000)
commit	c8afae7869a8aa53da90bf1748eb8ce2e8d763aa
tree	2fa6d370b3a8de2cd3ac05db54490452ef8a7502	tree
parent	8e6d2953ba1ac44a2395cbcdd202a4f38ee16c98	commit \| diff

CVE-2022-37966 python:tests/krb5: test much more etype combinations

This tests work out the difference between
- msDS-SupportedEncryptionTypes value or it's default
- software defined extra flags for DC accounts
- accounts with only an nt hash being stored
- the resulting value in the KRB5_PADATA_SUPPORTED_ETYPES announcement

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13135
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 1dfa91682efd3b12d7d6af75287efb12ebd9e526)

python/samba/tests/krb5/etype_tests.py		diff \| blob \| blame \| history
selftest/knownfail.d/kdc-enctypes	[new file with mode: 0644]	blob
selftest/knownfail_mit_kdc		diff \| blob \| blame \| history