From: Tom Yu <tlyu@mit.edu>
Date: Fri, 17 Jan 2014 21:52:40 +0000 (-0500)
Subject: Test bogus KDC-REQs
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=78f4a7c7c4d2ee5954ebcb0c3b2a3789f4b1c23a;p=thirdparty%2Fkrb5.git

Test bogus KDC-REQs

Send encodings that are invalid KDC-REQs, but pass krb5_is_as_req()
and krb5_is_tgs_req(), to make sure that the KDC recovers correctly
from failures in decode_krb5_as_req() and decode_krb5_tgs_req().  Also
send an encoding that isn't a valid KDC-REQ.

(back ported from commit dae7693f8bf970d89d4c697f3d66a7d458281b93)

ticket: 7846 (new)
version_fixed: 1.10.8
status: resolved
---

diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
index 793f312c8a..864b9fdfa4 100644
--- a/src/tests/Makefile.in
+++ b/src/tests/Makefile.in
@@ -78,6 +78,7 @@ check-pytests:: hist
 #	$(RUNPYTEST) $(srcdir)/kdc_realm/kdcref.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_cve-2012-1014.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_cve-2012-1015.py $(PYTESTFLAGS)
+	$(RUNPYTEST) $(srcdir)/t_bogus_kdc_req.py $(PYTESTFLAGS)
 
 clean::
 	$(RM) kdc.conf
diff --git a/src/tests/t_bogus_kdc_req.py b/src/tests/t_bogus_kdc_req.py
new file mode 100644
index 0000000000..b6208ca685
--- /dev/null
+++ b/src/tests/t_bogus_kdc_req.py
@@ -0,0 +1,44 @@
+#!/usr/bin/python
+
+import base64
+import socket
+from k5test import *
+
+realm = K5Realm()
+
+# Send encodings that are invalid KDC-REQs, but pass krb5_is_as_req()
+# and krb5_is_tgs_req(), to make sure that the KDC recovers correctly
+# from failures in decode_krb5_as_req() and decode_krb5_tgs_req().
+
+s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+a = (hostname, realm.portbase)
+
+
+# Bogus AS-REQ
+
+x1 = base64.b16decode('6AFF')
+s.sendto(x1, a)
+
+# Make sure kinit still works.
+
+realm.kinit(realm.user_princ, password('user'))
+
+# Bogus TGS-REQ
+
+x2 = base64.b16decode('6CFF')
+s.sendto(x2, a)
+
+# Make sure kinit still works.
+
+realm.kinit(realm.user_princ, password('user'))
+
+# Not a KDC-REQ, even a little bit
+
+x3 = base64.b16decode('FFFF')
+s.sendto(x3, a)
+
+# Make sure kinit still works.
+
+realm.kinit(realm.user_princ, password('user'))
+
+success('Bogus KDC-REQ test')