tests: ticket acquired by AS cannot be used as evidence
This commit is contained in:
Isaac Boukris
committed by
Luke Howard
Luke Howard
parent
d0e6ab43bc
commit
e21e2b8d14
@@ -903,6 +903,14 @@ ${kimpersonate} -s ${ps} -c bar@${R} -t ${aesenctype} || \
|
|||||||
${kgetcred} --out-cache=${o2cache} --delegation-credential-cache=${ocache} ${server}@${R} > /dev/null 2>/dev/null && \
|
${kgetcred} --out-cache=${o2cache} --delegation-credential-cache=${ocache} ${server}@${R} > /dev/null 2>/dev/null && \
|
||||||
{ ec=1 ; eval "${testfailed}"; }
|
{ ec=1 ; eval "${testfailed}"; }
|
||||||
|
|
||||||
|
echo "test constrained delegation evidence (evidence from AS)"; > messages.log
|
||||||
|
# This fails because we don't add PAC ticket-signature in AS-REP (as Windows).
|
||||||
|
${kinit} --cache=${ocache} --password-file=${objdir}/barpassword \
|
||||||
|
--forwardable --server=${ps} bar@${R} || \
|
||||||
|
{ ec=1 ; eval "${testfailed}"; }
|
||||||
|
${kgetcred} --delegation-credential-cache=${ocache} ${server}@${R} && \
|
||||||
|
{ ec=1 ; eval "${testfailed}"; }
|
||||||
|
|
||||||
echo "test constrained delegation impersonation (missing PAC)"; > messages.log
|
echo "test constrained delegation impersonation (missing PAC)"; > messages.log
|
||||||
rm -f ocache.krb5
|
rm -f ocache.krb5
|
||||||
${kimpersonate} -s ${ps} -c bar@${R} -t ${aesenctype} -f forwardable || \
|
${kimpersonate} -s ${ps} -c bar@${R} -t ${aesenctype} -f forwardable || \
|
||||||
|
|||||||
Reference in New Issue
Block a user