CVE-2020-25719 CVE-2020-25717 tests/krb5: Allow create_ccache_with_user() to return...

author Joseph Sutton <josephsutton@catalyst.net.nz>

Thu, 21 Oct 2021 22:37:37 +0000 (11:37 +1300)

committer Jule Anger <janger@samba.org>

Tue, 9 Nov 2021 19:45:32 +0000 (19:45 +0000)
author Joseph Sutton <josephsutton@catalyst.net.nz>
Thu, 21 Oct 2021 22:37:37 +0000 (11:37 +1300)
committer Jule Anger <janger@samba.org>
Tue, 9 Nov 2021 19:45:32 +0000 (19:45 +0000)
diff --git a/python/samba/tests/krb5/kdc_base_test.py b/python/samba/tests/krb5/kdc_base_test.py

index e77a940f4117562f13e8a158630733d41a7f59b2..aed4c427ab088ac9620a4df926acfeab7dda1867 100644 (file)
--- a/python/samba/tests/krb5/kdc_base_test.py
+++ b/python/samba/tests/krb5/kdc_base_test.py
@@ -1672,7 +1672,7 @@ class KDCBaseTest(RawKerberosTest):
          return cachefile
  
      def create_ccache_with_user(self, user_credentials, mach_credentials,
-                                service="host", target_name=None):
+                                service="host", target_name=None, pac=True):
          # Obtain a service ticket authorising the user and place it into a
          # newly created credentials cache file.
  
@@ -1689,6 +1689,9 @@ class KDCBaseTest(RawKerberosTest):
                                           service=service,
                                           target_name=target_name)
  
+        if not pac:
+            ticket = self.modified_ticket(ticket, exclude_pac=True)
+
          # Write the ticket into a credentials cache file that can be ingested
          # by the main credentials code.
          cachefile = self.create_ccache(cname, ticket.ticket,
author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Thu, 21 Oct 2021 22:37:37 +0000 (11:37 +1300)
committer	Jule Anger <janger@samba.org>
	Tue, 9 Nov 2021 19:45:32 +0000 (19:45 +0000)