1from k5test import * 2import struct 3 4# Set the maximum UDP reply size very low, so that all replies go 5# through the RESPONSE_TOO_BIG path. 6kdc_conf = {'kdcdefaults': {'kdc_max_dgram_reply_size': '10'}} 7realm = K5Realm(kdc_conf=kdc_conf, get_creds=False) 8 9msgs = ('Sending initial UDP request', 10 'Received answer', 11 'Request or response is too big for UDP; retrying with TCP', 12 ' to KRBTEST.COM (tcp only)', 13 'Initiating TCP connection', 14 'Sending TCP request', 15 'Terminating TCP connection') 16realm.kinit(realm.user_princ, password('user'), expected_trace=msgs) 17realm.run([kvno, realm.host_princ], expected_trace=msgs) 18 19# Pretend to send an absurdly long request over TCP, and verify that 20# we get back a reply of plausible length to be an encoded 21# KRB_ERR_RESPONSE_TOO_BIG error. 22s = socket.create_connection((hostname, realm.portbase)) 23s.sendall(b'\xFF\xFF\xFF\xFF') 24lenbytes = s.recv(4) 25assert(len(lenbytes) == 4) 26resplen, = struct.unpack('>L', lenbytes) 27if resplen < 10: 28 fail('KDC response too short (KRB_ERR_RESPONSE_TOO_BIG error expected)') 29resp = s.recv(resplen) 30assert(len(resp) == resplen) 31 32success('Large KDC replies') 33