[PATCH] Add KDC test to check cipher selection

Andreas Schneider asn at samba.org
Wed Jul 6 12:47:25 UTC 2016

On Wednesday, 6 July 2016 22:54:03 CEST Andrew Bartlett wrote:
> I really appreciate your patience for this quite horrid test
> infrastructure.  I'm proud of what it tests, but the means to the end
> is also quite a contortion.

The tests are fine but you did a lot of copy&paste instead of moving code into 
functions :)

I've implemented the KDC test functions already with MIT:


It revealed an old behavior from MIT in the BREAKPW test:


the clock skew test only works if kdc_timesync is disabled on the client side 
with MIT Kerberos. A feature implemented by Stef Walter.

I find the send and receive hook in Heimdal horrible. We put a bit more 
thought into the API in MIT Kerberos and it is much nicer to use and more 
flexible in what kind of tests you can write.


	-- andreas

Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org

More information about the samba-technical mailing list