name_type=NT_SRV_INST, names=[krbtgt_username, krbtgt_realm])
krbtgt_decryption_key = self.TicketDecryptionKey_from_creds(
krbtgt_creds)
+ krbtgt_etypes = krbtgt_creds.tgs_supported_enctypes
target_username = target_creds.get_username()[:-1]
target_realm = target_creds.get_realm()
name_type=NT_SRV_INST, names=[target_service, target_username])
target_decryption_key = self.TicketDecryptionKey_from_creds(
target_creds)
+ target_etypes = target_creds.tgs_supported_enctypes
fast_cookie = None
preauth_etype_info2 = None
expected_anon=expected_anon,
expected_srealm=expected_srealm,
expected_sname=expected_sname,
+ expected_supported_etypes=krbtgt_etypes,
expected_flags=expected_flags,
unexpected_flags=unexpected_flags,
ticket_decryption_key=krbtgt_decryption_key,
expected_anon=expected_anon,
expected_srealm=expected_srealm,
expected_sname=expected_sname,
+ expected_supported_etypes=target_etypes,
expected_flags=expected_flags,
unexpected_flags=unexpected_flags,
ticket_decryption_key=target_decryption_key,
expected_anon=False,
expected_srealm=None,
expected_sname=None,
+ expected_supported_etypes=None,
expected_flags=None,
unexpected_flags=None,
ticket_decryption_key=None,
'expected_anon': expected_anon,
'expected_srealm': expected_srealm,
'expected_sname': expected_sname,
+ 'expected_supported_etypes': expected_supported_etypes,
'expected_flags': expected_flags,
'unexpected_flags': unexpected_flags,
'ticket_decryption_key': ticket_decryption_key,
expected_anon=False,
expected_srealm=None,
expected_sname=None,
+ expected_supported_etypes=None,
expected_flags=None,
unexpected_flags=None,
ticket_decryption_key=None,
'expected_anon': expected_anon,
'expected_srealm': expected_srealm,
'expected_sname': expected_sname,
+ 'expected_supported_etypes': expected_supported_etypes,
'expected_flags': expected_flags,
'unexpected_flags': unexpected_flags,
'ticket_decryption_key': ticket_decryption_key,
if canonicalize:
self.assertIn(PADATA_SUPPORTED_ETYPES, enc_pa_dict)
+ expected_supported_etypes = kdc_exchange_dict[
+ 'expected_supported_etypes']
+ expected_supported_etypes |= (
+ security.KERB_ENCTYPE_DES_CBC_CRC |
+ security.KERB_ENCTYPE_DES_CBC_MD5 |
+ security.KERB_ENCTYPE_RC4_HMAC_MD5)
+
(supported_etypes,) = struct.unpack(
'<L',
enc_pa_dict[PADATA_SUPPORTED_ETYPES])
- self.assertTrue(
- security.KERB_ENCTYPE_FAST_SUPPORTED
- & supported_etypes)
- self.assertTrue(
- security.KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED
- & supported_etypes)
- self.assertTrue(
- security.KERB_ENCTYPE_CLAIMS_SUPPORTED
- & supported_etypes)
+ self.assertEqual(supported_etypes,
+ expected_supported_etypes)
else:
self.assertNotIn(PADATA_SUPPORTED_ETYPES, enc_pa_dict)
kdc_options,
expected_flags=None,
unexpected_flags=None,
+ expected_supported_etypes=None,
preauth_key=None,
ticket_decryption_key=None,
pac_request=None,
expected_cname=expected_cname,
expected_srealm=expected_srealm,
expected_sname=expected_sname,
+ expected_supported_etypes=expected_supported_etypes,
ticket_decryption_key=ticket_decryption_key,
generate_padata_fn=generate_padata_fn,
check_error_fn=check_error_fn,