summaryrefslogtreecommitdiff
path: root/python
diff options
context:
space:
mode:
authorJoseph Sutton <josephsutton@catalyst.net.nz>2022-05-24 19:20:28 +1200
committerJule Anger <janger@samba.org>2022-07-27 10:52:36 +0000
commit18bd6dafb576a58440d5c4ba6fff86dfe510bd98 (patch)
tree6a56131079c26d8078c7b186c1b3efe80f3c87fa /python
parent888d58f43344afd6c199cd62be5e56f0f6174720 (diff)
downloadsamba-18bd6dafb576a58440d5c4ba6fff86dfe510bd98.tar.gz
samba-18bd6dafb576a58440d5c4ba6fff86dfe510bd98.tar.bz2
samba-18bd6dafb576a58440d5c4ba6fff86dfe510bd98.zip
CVE-2022-2031 tests/krb5: Add methods to send and receive generic messages
This allows us to send and receive kpasswd messages, while avoiding the existing logic for encoding and decoding other Kerberos message types. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'python')
-rw-r--r--python/samba/tests/krb5/raw_testcase.py44
1 files changed, 27 insertions, 17 deletions
diff --git a/python/samba/tests/krb5/raw_testcase.py b/python/samba/tests/krb5/raw_testcase.py
index 3374beecd1e..b16b78ebf56 100644
--- a/python/samba/tests/krb5/raw_testcase.py
+++ b/python/samba/tests/krb5/raw_testcase.py
@@ -955,24 +955,28 @@ class RawKerberosTest(TestCaseInTempDir):
return blob
def send_pdu(self, req, asn1_print=None, hexdump=None):
+ k5_pdu = self.der_encode(
+ req, native_decode=False, asn1_print=asn1_print, hexdump=False)
+ self.send_msg(k5_pdu, hexdump=hexdump)
+
+ def send_msg(self, msg, hexdump=None):
+ header = struct.pack('>I', len(msg))
+ req_pdu = header
+ req_pdu += msg
+ self.hex_dump("send_msg", header, hexdump=hexdump)
+ self.hex_dump("send_msg", msg, hexdump=hexdump)
+
try:
- k5_pdu = self.der_encode(
- req, native_decode=False, asn1_print=asn1_print, hexdump=False)
- header = struct.pack('>I', len(k5_pdu))
- req_pdu = header
- req_pdu += k5_pdu
- self.hex_dump("send_pdu", header, hexdump=hexdump)
- self.hex_dump("send_pdu", k5_pdu, hexdump=hexdump)
while True:
sent = self.s.send(req_pdu, 0)
if sent == len(req_pdu):
- break
+ return
req_pdu = req_pdu[sent:]
except socket.error as e:
- self._disconnect("send_pdu: %s" % e)
+ self._disconnect("send_msg: %s" % e)
raise
except IOError as e:
- self._disconnect("send_pdu: %s" % e)
+ self._disconnect("send_msg: %s" % e)
raise
def recv_raw(self, num_recv=0xffff, hexdump=None, timeout=None):
@@ -998,16 +1002,14 @@ class RawKerberosTest(TestCaseInTempDir):
return rep_pdu
def recv_pdu_raw(self, asn1_print=None, hexdump=None, timeout=None):
- rep_pdu = None
- rep = None
raw_pdu = self.recv_raw(
num_recv=4, hexdump=hexdump, timeout=timeout)
if raw_pdu is None:
- return (None, None)
+ return None
header = struct.unpack(">I", raw_pdu[0:4])
k5_len = header[0]
if k5_len == 0:
- return (None, "")
+ return ""
missing = k5_len
rep_pdu = b''
while missing > 0:
@@ -1016,6 +1018,14 @@ class RawKerberosTest(TestCaseInTempDir):
self.assertGreaterEqual(len(raw_pdu), 1)
rep_pdu += raw_pdu
missing = k5_len - len(rep_pdu)
+ return rep_pdu
+
+ def recv_reply(self, asn1_print=None, hexdump=None, timeout=None):
+ rep_pdu = self.recv_pdu_raw(asn1_print=asn1_print,
+ hexdump=hexdump,
+ timeout=timeout)
+ if not rep_pdu:
+ return None, rep_pdu
k5_raw = self.der_decode(
rep_pdu,
asn1Spec=None,
@@ -1037,9 +1047,9 @@ class RawKerberosTest(TestCaseInTempDir):
return (rep, rep_pdu)
def recv_pdu(self, asn1_print=None, hexdump=None, timeout=None):
- (rep, rep_pdu) = self.recv_pdu_raw(asn1_print=asn1_print,
- hexdump=hexdump,
- timeout=timeout)
+ (rep, rep_pdu) = self.recv_reply(asn1_print=asn1_print,
+ hexdump=hexdump,
+ timeout=timeout)
return rep
def assertIsConnected(self):
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-11 07:19:42 +0000