CVE-2020-25719 CVE-2020-25717: selftest: remove "gensec:require_pac" settings

author Stefan Metzmacher <metze@samba.org>

Fri, 22 Oct 2021 14:20:36 +0000 (16:20 +0200)

committer Jule Anger <janger@samba.org>

Tue, 9 Nov 2021 19:45:32 +0000 (19:45 +0000)
author Stefan Metzmacher <metze@samba.org>
Fri, 22 Oct 2021 14:20:36 +0000 (16:20 +0200)
committer Jule Anger <janger@samba.org>
Tue, 9 Nov 2021 19:45:32 +0000 (19:45 +0000)
diff --git a/selftest/knownfail.d/no-pac b/selftest/knownfail.d/no-pac

new file mode 100644 (file)

index 0000000..9723d58
--- /dev/null
+++ b/selftest/knownfail.d/no-pac
@@ -0,0 +1,4 @@
+^samba.tests.krb5.test_ccache.samba.tests.krb5.test_ccache.CcacheTests.test_ccache_no_pac
+^samba.tests.krb5.test_ldap.samba.tests.krb5.test_ldap.LdapTests.test_ldap_no_pac
+^samba.tests.krb5.test_rpc.samba.tests.krb5.test_rpc.RpcTests.test_rpc_no_pac
+^samba.tests.krb5.test_smb.samba.tests.krb5.test_smb.SmbTests.test_smb_no_pac
diff --git a/selftest/selftest.pl b/selftest/selftest.pl

index 9d4462323f5b76ceac8bbee47406d6f603facc24..75763ef3838a84a1b51c26ccfb8fa358f596f5a2 100755 (executable)
--- a/selftest/selftest.pl
+++ b/selftest/selftest.pl
@@ -586,8 +586,6 @@ sub write_clientconf($$$)
         client min protocol = CORE
         log level = $client_loglevel
         torture:basedir = $clientdir
-#We don't want to pass our self-tests if the PAC code is wrong
-       gensec:require_pac = true
  #We don't want to run 'speed' tests for very long
          torture:timelimit = 1
          winbind separator = /
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm

index 4b302aa19de5975d102014e167d60a7145d60df2..aafe183dcedf8e535556dd1f8df381626fb05a3b 100755 (executable)
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -785,8 +785,6 @@ sub provision_raw_step1($$)
         notify:inotify = false
         ldb:nosync = true
         ldap server require strong auth = yes
-#We don't want to pass our self-tests if the PAC code is wrong
-       gensec:require_pac = true
         log file = $ctx->{logdir}/log.\%m
         log level = $ctx->{server_loglevel}
         lanman auth = Yes
author	Stefan Metzmacher <metze@samba.org>
	Fri, 22 Oct 2021 14:20:36 +0000 (16:20 +0200)
committer	Jule Anger <janger@samba.org>
	Tue, 9 Nov 2021 19:45:32 +0000 (19:45 +0000)
selftest/knownfail.d/no-pac	[new file with mode: 0644]	patch \| blob
selftest/selftest.pl		patch \| blob \| blame \| history
selftest/target/Samba4.pm		patch \| blob \| blame \| history