]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 65812d6)
python:tests/krb5: allow netlogon.py tests to work against a KDC with claims enabled
authorStefan Metzmacher <metze@samba.org>
Fri, 13 Dec 2024 14:44:43 +0000 (15:44 +0100)
committerStefan Metzmacher <metze@samba.org>
Wed, 8 Jan 2025 09:13:30 +0000 (09:13 +0000)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
python/samba/tests/krb5/netlogon.py patch | blob | blame | history

diff --git a/python/samba/tests/krb5/netlogon.py b/python/samba/tests/krb5/netlogon.py
index 108539e55ecd68129523f99f37d439f67274e604..ac377f0b3c6eac169ac5f0b703f3817196239110 100755 (executable)
--- a/python/samba/tests/krb5/netlogon.py
+++ b/python/samba/tests/krb5/netlogon.py
@@ -1722,8 +1722,13 @@ class NetlogonSchannel(KDCBaseTest):
                                        validation_level,
                                        expect_send_encrypted,
                                        expect_recv_encrypted)
-        self.assertEqual(validationEx.results,
-                         netlogon.NETLOGON_TICKET_LOGON_FULL_SIGNATURE_PRESENT)
+        if validationEx.results & netlogon.NETLOGON_TICKET_LOGON_SOURCE_USER_CLAIMS:
+            self.assertEqual(validationEx.results,
+                netlogon.NETLOGON_TICKET_LOGON_SOURCE_USER_CLAIMS |
+                netlogon.NETLOGON_TICKET_LOGON_FULL_SIGNATURE_PRESENT)
+        else:
+            self.assertEqual(validationEx.results,
+                netlogon.NETLOGON_TICKET_LOGON_FULL_SIGNATURE_PRESENT)
         self.assertEqual(validationEx.kerberos_status[0], ntstatus.NT_STATUS_OK)
         self.assertEqual(validationEx.netlogon_status[0], ntstatus.NT_STATUS_OK)
         self.assertIsNone(validationEx.source_of_status.string)
@@ -1739,8 +1744,7 @@ class NetlogonSchannel(KDCBaseTest):
                                               validation_level,
                                               expect_send_encrypted,
                                               expect_recv_encrypted)
-        self.assertEqual(validationWF.results,
-                         netlogon.NETLOGON_TICKET_LOGON_FULL_SIGNATURE_PRESENT)
+        self.assertEqual(validationWF.results, validationEx.results)
         self.assertEqual(validationWF.kerberos_status[0], ntstatus.NT_STATUS_OK)
         self.assertEqual(validationWF.netlogon_status[0], ntstatus.NT_STATUS_OK)
         self.assertIsNone(validationWF.source_of_status.string)
Mirror of https://github.com/samba-team/samba.git