Fc>ddlZddlZejdddejd<ddlmZmZddlZddl m Z ddl m cm cmZddlmZddlmZdd lmZdd lmZdd lmZdd lmZmZmZmZmZm Z m!Z!m"Z"m#Z#m$Z$m%Z%m&Z&m'Z'd Z(d Z)eGddeZ*eGddeZ+GddZ,dZ-dZ.eGdde Z/e0dkrd Z(d Z)ddl1Z1e1j2dSdS)Nz bin/python1PYTHONUNBUFFERED)Enumunique) KDCBaseTest)DONT_USE_KERBEROS)krb5pac)SEC_CHAN_WKSTA) ndr_unpack)DynamicTestCase) AES256_CTS_HMAC_SHA1_96AES128_CTS_HMAC_SHA1_96ARCFOUR_HMAC_MD5KDC_ERR_PREAUTH_REQUIRED KRB_AS_REPKU_AS_REP_ENC_PART KRB_ERRORKU_PA_ENC_TIMESTAMP KU_TICKETPADATA_ENC_TIMESTAMPNT_ENTERPRISE_PRINCIPAL NT_PRINCIPAL NT_SRV_INSTFc8eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) TestOptions @c|j|zSNvalueselfxs L/usr/lib/python3/dist-packages/samba/tests/krb5/as_canonicalization_tests.pyis_setzTestOptions.is_setDzA~N) __name__ __module__ __qualname__ Canonicalize Enterprise UpperRealm UpperUserName NetbiosRealmUPN RemoveDollar AsReqSelfLastr-r/r,rr8sPLJJML CLI Dr/rceZdZdZdZdZdS)CredentialsTyperrc|j|zSr&r'r)s r,r-zCredentialsType.is_setMr.r/N)r0r1r2UserMachiner-r<r/r,r>r>Hs- DGr/r>c&eZdZdZdZdZdZdS)TestDatac||_||_||||_||||_t j|rt}nt}tj ||jg|_ t j|r |j |_n'tj t d|jg|_t j||_dS)N) name_typenameskrbtgt)options user_creds _get_username user_name _get_realmrealmrr4r-rrrPrincipalName_createcnamer:snamerr3 canonicalize)r*rHcredsclient_name_types r,__init__zTestData.__init__Ss ++GU;;__We44  ! ( ( 1 1 ,6  +  5&t~.>@@@  ' ' 0 0 EDJJ$9%h -CEEEDJ'4;;GDDr/c$|}tj|r|}tj|r|}n|}|Sr&) get_realmrr7r- get_domainr5upperlower)r*rHrRrMs r,rLzTestData._get_realmgsu!!  # * *7 3 3 '$$&&E  ! ( ( 1 1 "KKMMEEKKMME r/c|}tj|r|dr |dd}tj|r*|}d||}tj|r| }|S)N$z{0}@{1}) get_usernamerr9r-endswithr4rVformatr6rX)r*rHrRnamerMs r,rJzTestData._get_usernameqs!!##  # * *7 3 3  c8J8J 9D  ! ( ( 1 1 1OO%%E##D%00D  $ + +G 4 4 ::<rArr9r-r:)ctrHs r,skipzCKerberosASCanonicalizationTests.setUpDynamicTestCases..skips__,,,,33G<<-t_,,,)0099-t5r/crd|jz}tD]$}||r |d|jzz }%|S)Nz %sCredentialsz_%s)r`rr-)rrrHr`opts r,build_test_namezNKerberosASCanonicalizationTests.setUpDynamicTestCases..build_test_namesH"RW,D" / /::g&&/USX-.DKr/test)r>rangerr;r(generate_dynamic_test)rnrsrvrrr+r`s r,setUpDynamicTestCasesz5KerberosASCanonicalizationTests.setUpDynamicTestCasess      " ? ?B;+122 ? ?4A;;&r1--))&$2>>>>  ? ? ?r/c|jD|}||t\t |_}|jSr&)rI get_samdbcreate_account USER_NAMEtyper*samdb_s r,user_account_credsz2KerberosASCanonicalizationTests.user_account_credssD ? "NN$$E'+':':5)'L'L $DJJ !1r/c:|j|}||t|jj\t |_}|jt|j t|jS)N) account_type) rmr|r} MACHINE_NAME AccountTypeCOMPUTERrset_secure_channel_typer set_kerberos_staterrs r,machine_account_credsz5KerberosASCanonicalizationTests.machine_account_credss   %NN$$E*.*=*=!-6+>+8+8 'DJJ $a   6 6~ F F F   1 12C D D D!!r/cxtt|_t|_dSr&)rksetUpglobal_asn1_print do_asn1_printglobal_hexdump do_hexdump)r*ros r,rz%KerberosASCanonicalizationTests.setUps'  .(r/c|tjkr|}n4|tjkr|}nt dt ||} ||\}}nf#tj j $rO}ddl }| d |j||Yd}~nd}~wwxYw|~d|dvr$|dd} || ||d} || ||dd} || ||d } || ||d d} || |t,j|jr|}n|}||}|d d}||d |j||d|j|t>|d }| |tCj"}|#|d}tItJj&|}|j'D]}|j(tJj)krht,j*|jr|j+,}n|j-}|.||j/j0dS| ddSdS)NzUnexpected credential typerz#ASN1 Error, Options {0:08b}:{1} {2}kvnoenc-partrOcrealmasciirPsrealmticketetypecipherasn1Speczauthorization-datazPAC_TYPE_LOGON_NAME not found)1r>r@rrAr ExceptionrCas_reqpyasn1error PyAsn1Error tracebackfailr_rH format_exc check_kvno check_cnamedecode check_crealm check_sname check_srealmrr:r-get_krbtgt_credsTicketDecryptionKey_from_credsassertElementEqualrrdecryptr der_decode krb5_asn1 EncTicketPartget_pacr r PAC_DATAbuffersrPAC_TYPE_LOGON_NAMEr3rIr]rK assertEqualinfo account_name)r*r+rrrRdatardas_reperrrOrrPr ticket_creds ticket_keyticket_encpartticket_decpartticket_privatepac_datapac pac_bufferexpecteds r,_test_with_argsz/KerberosASCanonicalizationTests._test_with_argss % % %++--EE ?* * *..00EE899 95!!  KK--MS&&|'        II;BB $$&&          ?Z((:v.d+++LE   UD ) ) )]))'22F   fd + + +7OE   UD ) ) )H%,,W55F   fd + + +$++DL99 7$ #4466 <<\JJJ ]:6N  # #NG$.$4 6 6 6  # #NF$.O 5 5 5'// 0>x0HJJN!__"022-44N||N3G$HIIHW-x88C!k ; ; ?g&AAA"/66t|DD2#'?#?#?#A#A#'>$$Xz/KLLLEEB 9:::::c ?s+BC'AC""C'c2 |j}|j}|j}|j}|d}d}|jr!t tjd}d}tttf} | |||||d|dd| dd } | | } || || ddd t ||| d t"d t ||| d t$d | d t ||| d tj} | D]} | ddkr | d}n||tj}|||d}|\}}|||}||tj}||t8|}||tj}|t>|}d}|jr!t tjd}|g}| |||||d|dd| dd } | | } || || ddd t || d }| |t"d | !d dt |||tDd t ||#tH| dd}|ddkr)||tj%}n(||tj&}| |fS)Ni)offset0rQi) padata kdc_optionsrOrMrP from_time till_time renew_timenonceetypes addressesadditional_ticketspvnozData {0}zmsg-typez error-codezError code {0}, Data {1}ze-datarz padata-typez padata-valuerrrz)'rIrMrOrPget_KerberosTimerQrcr KDCOptionsr rr AS_REQ_createsend_recv_transactionassertIsNotNonerr_rrr METHOD_DATA ETYPE_INFO2PasswordKey_from_etype_info2get_KerberosTimeWithUsecPA_ENC_TS_ENC_create der_encode PA_ENC_TS_ENCEncryptedData_creater EncryptedDataPA_DATA_createrassertNotEqualgetrrr EncTGSRepPart EncASRepPart)r*rrIrMrOrPtillrrrreqrd rep_padatapa etype_info2keypatimepausecpa_tsmsg_typeencrs r,rz&KerberosASCanonicalizationTests.as_req s_    $$E$22   Di2>BBCCK $ #    -8',',',+/+/,0'1(.+/48! : :((-- S!!!  KJ--c$ii88 : : :   OY (9(9#d))(D(D F F F    $ & - -c,.?T K K M M M __ MI$9$;$;%==   B- B&& 0 'oo )"7"9"9&;; // KNKK88::))&&99 0G0I0IJJ))#/BEJJ 0G0I0IJJ##$8%@@   Di2>BBCCK  -8',',',+/+/,0'1(.+/48! : :((-- S!!!  KJ--c$ii88 : : :z?    & - - b))D       :z/@/@T/K/KLLLkk,c*oh.GHH q6T>>__S93J3L3L_MMFF__S93I3K3K_LLFV}r/c^tj|jrt}n3tj|jrt }nt}|d}|||d|j|d}|d d}|j }tj|jr|j }|||d|jdS)N name-typez cname name-type, Options {0:08b} name-stringrrz cname principal, Options {0:08b}) rr3r-rHrr4rrr_rrKrIr])r*rOrexpected_name_typerEnsr`rs r,rz+KerberosASCanonicalizationTests.check_cnames$  # * *4< 8 8 .!-    # * *4< 8 8 .!8  !- +&     . 5 5dl C C E E E = !!u||G$$>  # * *4< 8 8 63355H    . 5 5dl C C E E E E Er/c|j}|||d|jdS)Nzcrealm, Options {0:08b}rIrVrr_rH)r*rrrMs r,rz,KerberosASCanonicalizationTests.check_crealmT))++  64;;DLII K K K K Kr/c|d}|d}|dd}tj|jrt }tj|js+tj|jrt}| ||d |j|j }tj|jr|j }| ||d |jdS| t|d |j| d|d |j|dd}|j}tj|jr+|j }| ||d |jdS) Nrrrrz sname name-type, Options {0:08b}z sname principal, Options {0:08b}rGrzsname realm, Options {0:08b})rrr:r-rHrr3r4rrr_rKrIr]rrMrVrX) r*rPrntrr`rrrMs r,rz+KerberosASCanonicalizationTests.check_snames: ;  = !!u||G$$  ' ' 5 5# E!- +224<@@ =)00>> =&="   "299$,GG I I I~H'..t|<< :?7799   299$,GG I I I I I   299$,GG I I I   299$,GG I I I qELL))EzH'..t|<< ??4466<<>>   .55dlCC E E E E Er/c|j}|||d|jdS)Nzsrealm, Options {0:08b}r)r*rrrMs r,rz,KerberosASCanonicalizationTests.check_srealmrr/cd|d|d|jdS)Nrzkvno, Options {0:08b})rr_rH)r*rrs r,rz*KerberosASCanonicalizationTests.check_kvnosA  t,33DLAA C C C C Cr/)r0r1r2 classmethodrlrzrrrrrrrrrr __classcell__)ros@r,riris!!!![! ??[?4 " " "))))) D;D;D;LuuunEEE2KKK (E(E(ETKKK CCCCCCCr/ri__main__)3sysospathinsertenvironenumrrrsamba.tests.krb5.kdc_base_testrsamba.tests.krb5.rfc4120_pyasn1testskrb5rfc4120_pyasn1rsamba.credentialsr samba.dcerpcr samba.dcerpc.miscr samba.ndrr samba.testsr "samba.tests.krb5.rfc4120_constantsr rrrrrrrrrrrrrrrr>rCrr~rir0unittestmainr<r/r,rs( < !$  666666333333333333////// ,,,,,, ''''''      $   d22222222j  GCGCGCGCGCkGCGCGCT  zNOOOHMOOOOO r/