Revert "CVE-2020-25719 s4/torture: Expect additional PAC buffers"

author Joseph Sutton <josephsutton@catalyst.net.nz>

Thu, 25 Nov 2021 00:24:57 +0000 (13:24 +1300)

committer Jule Anger <janger@samba.org>

Sun, 24 Jul 2022 09:42:01 +0000 (11:42 +0200)
author Joseph Sutton <josephsutton@catalyst.net.nz>
Thu, 25 Nov 2021 00:24:57 +0000 (13:24 +1300)
committer Jule Anger <janger@samba.org>
Sun, 24 Jul 2022 09:42:01 +0000 (11:42 +0200)
diff --git a/selftest/knownfail_heimdal_kdc b/selftest/knownfail_heimdal_kdc

index 2de898e73c2d7ae7ea5f070efd8d82af812dd0f5..65e4fee95109c5e592e25598161e30fd9178f55f 100644 (file)
--- a/selftest/knownfail_heimdal_kdc
+++ b/selftest/knownfail_heimdal_kdc
@@ -297,3 +297,42 @@
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_requester_sid_rodc_renew
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_requester_sid_rodc_validate
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_validate_rodc_revealed
+#
+# PAC tests
+#
+^samba4.blackbox.pkinit_pac.STEP1 remote.pac verification.ad_dc:local
+^samba4.blackbox.pkinit_pac.STEP1 remote.pac verification.ad_dc_ntvfs:local
+^samba4.blackbox.pkinit_pac.netr-bdc-aes.verify-sig-aes.ad_dc:local
+^samba4.blackbox.pkinit_pac.netr-bdc-aes.verify-sig-aes.ad_dc_ntvfs:local
+^samba4.blackbox.pkinit_pac.netr-mem-aes.s4u2proxy-aes.ad_dc:local
+^samba4.blackbox.pkinit_pac.netr-mem-aes.s4u2proxy-aes.ad_dc_ntvfs:local
+^samba4.blackbox.pkinit_pac.netr-mem-aes.verify-sig-aes.ad_dc:local
+^samba4.blackbox.pkinit_pac.netr-mem-aes.verify-sig-aes.ad_dc_ntvfs:local
+^samba4.blackbox.pkinit_pac.netr-mem-arcfour.s4u2proxy-arcfour.ad_dc:local
+^samba4.blackbox.pkinit_pac.netr-mem-arcfour.s4u2proxy-arcfour.ad_dc_ntvfs:local
+^samba4.blackbox.pkinit_pac.netr-mem-arcfour.verify-sig-arcfour.ad_dc:local
+^samba4.blackbox.pkinit_pac.netr-mem-arcfour.verify-sig-arcfour.ad_dc_ntvfs:local
+^samba4.rpc.pac on ncacn_np.netr-bdc-aes.verify-sig-aes.fl2000dc
+^samba4.rpc.pac on ncacn_np.netr-bdc-aes.verify-sig-aes.fl2003dc
+^samba4.rpc.pac on ncacn_np.netr-bdc-aes.verify-sig-aes.fl2008dc
+^samba4.rpc.pac on ncacn_np.netr-bdc-aes.verify-sig-aes.fl2008r2dc
+^samba4.rpc.pac on ncacn_np.netr-bdc-arcfour.verify-sig-arcfour.fl2000dc
+^samba4.rpc.pac on ncacn_np.netr-bdc-arcfour.verify-sig-arcfour.fl2003dc
+^samba4.rpc.pac on ncacn_np.netr-bdc-arcfour.verify-sig-arcfour.fl2008dc
+^samba4.rpc.pac on ncacn_np.netr-bdc-arcfour.verify-sig-arcfour.fl2008r2dc
+^samba4.rpc.pac on ncacn_np.netr-mem-aes.s4u2proxy-aes.fl2000dc
+^samba4.rpc.pac on ncacn_np.netr-mem-aes.s4u2proxy-aes.fl2003dc
+^samba4.rpc.pac on ncacn_np.netr-mem-aes.s4u2proxy-aes.fl2008dc
+^samba4.rpc.pac on ncacn_np.netr-mem-aes.s4u2proxy-aes.fl2008r2dc
+^samba4.rpc.pac on ncacn_np.netr-mem-aes.verify-sig-aes.fl2000dc
+^samba4.rpc.pac on ncacn_np.netr-mem-aes.verify-sig-aes.fl2003dc
+^samba4.rpc.pac on ncacn_np.netr-mem-aes.verify-sig-aes.fl2008dc
+^samba4.rpc.pac on ncacn_np.netr-mem-aes.verify-sig-aes.fl2008r2dc
+^samba4.rpc.pac on ncacn_np.netr-mem-arcfour.s4u2proxy-arcfour.fl2000dc
+^samba4.rpc.pac on ncacn_np.netr-mem-arcfour.s4u2proxy-arcfour.fl2003dc
+^samba4.rpc.pac on ncacn_np.netr-mem-arcfour.s4u2proxy-arcfour.fl2008dc
+^samba4.rpc.pac on ncacn_np.netr-mem-arcfour.s4u2proxy-arcfour.fl2008r2dc
+^samba4.rpc.pac on ncacn_np.netr-mem-arcfour.verify-sig-arcfour.fl2000dc
+^samba4.rpc.pac on ncacn_np.netr-mem-arcfour.verify-sig-arcfour.fl2003dc
+^samba4.rpc.pac on ncacn_np.netr-mem-arcfour.verify-sig-arcfour.fl2008dc
+^samba4.rpc.pac on ncacn_np.netr-mem-arcfour.verify-sig-arcfour.fl2008r2dc
diff --git a/source4/torture/rpc/remote_pac.c b/source4/torture/rpc/remote_pac.c

index c94decef5ce508149a0f948b4a75690b1ed54b94..14c23f674f1e8129226d76b5a7d9ec7fe7294eeb 100644 (file)
--- a/source4/torture/rpc/remote_pac.c
+++ b/source4/torture/rpc/remote_pac.c
@@ -266,7 +266,7 @@ static bool test_PACVerify(struct torture_context *tctx,
                                        (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA);
         torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), "ndr_pull_struct_blob of PAC_DATA structure failed");
  
-       num_pac_buffers = 7;
+       num_pac_buffers = 5;
         if (expect_pac_upn_dns_info) {
                 num_pac_buffers += 1;
         }
@@ -323,18 +323,6 @@ static bool test_PACVerify(struct torture_context *tctx,
                        pac_buf->info != NULL,
                        "PAC_TYPE_TICKET_CHECKSUM info");
  
-       pac_buf = get_pac_buffer(&pac_data_struct, PAC_TYPE_ATTRIBUTES_INFO);
-       torture_assert_not_null(tctx, pac_buf, "PAC_TYPE_ATTRIBUTES_INFO");
-       torture_assert(tctx,
-                      pac_buf->info != NULL,
-                      "PAC_TYPE_ATTRIBUTES_INFO info");
-
-       pac_buf = get_pac_buffer(&pac_data_struct, PAC_TYPE_REQUESTER_SID);
-       torture_assert_not_null(tctx, pac_buf, "PAC_TYPE_REQUESTER_SID");
-       torture_assert(tctx,
-                      pac_buf->info != NULL,
-                      "PAC_TYPE_REQUESTER_SID info");
-
         ok = netlogon_validate_pac(tctx, p, server_creds, secure_channel_type, test_machine_name,
                                    negotiate_flags, pac_data, session_info);
  
@@ -1094,7 +1082,7 @@ static bool test_S4U2Proxy(struct torture_context *tctx,
                                        (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA);
         torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), "ndr_pull_struct_blob of PAC_DATA structure failed");
  
-       num_pac_buffers = 9;
+       num_pac_buffers = 7;
  
         torture_assert_int_equal(tctx, pac_data_struct.version, 0, "version");
         torture_assert_int_equal(tctx, pac_data_struct.num_buffers, num_pac_buffers, "num_buffers");
@@ -1134,14 +1122,6 @@ static bool test_S4U2Proxy(struct torture_context *tctx,
                                  talloc_asprintf(tctx, "%s@%s", self_princ, cli_credentials_get_realm(credentials)),
                                  "wrong transited_services[0]");
  
-       pac_buf = get_pac_buffer(&pac_data_struct, PAC_TYPE_ATTRIBUTES_INFO);
-       torture_assert_not_null(tctx, pac_buf, "PAC_TYPE_ATTRIBUTES_INFO");
-       torture_assert_not_null(tctx, pac_buf->info, "PAC_TYPE_ATTRIBUTES_INFO info");
-
-       pac_buf = get_pac_buffer(&pac_data_struct, PAC_TYPE_REQUESTER_SID);
-       torture_assert_not_null(tctx, pac_buf, "PAC_TYPE_REQUESTER_SID");
-       torture_assert_not_null(tctx, pac_buf->info, "PAC_TYPE_REQUESTER_SID info");
-
         return netlogon_validate_pac(tctx, p, server_creds, secure_channel_type, test_machine_name,
                                      negotiate_flags, pac_data, session_info);
  }
author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Thu, 25 Nov 2021 00:24:57 +0000 (13:24 +1300)
committer	Jule Anger <janger@samba.org>
	Sun, 24 Jul 2022 09:42:01 +0000 (11:42 +0200)
selftest/knownfail_heimdal_kdc		patch \| blob \| blame \| history
source4/torture/rpc/remote_pac.c		patch \| blob \| blame \| history