1
from k5test import *
2
import struct
3

4
# Set the maximum UDP reply size very low, so that all replies go
5
# through the RESPONSE_TOO_BIG path.
6
kdc_conf = {'kdcdefaults': {'kdc_max_dgram_reply_size': '10'}}
7
realm = K5Realm(kdc_conf=kdc_conf, get_creds=False)
8

9
msgs = ('Sending initial UDP request',
10
        'Received answer',
11
        'Request or response is too big for UDP; retrying with TCP',
12
        ' to KRBTEST.COM (tcp only)',
13
        'Initiating TCP connection',
14
        'Sending TCP request',
15
        'Terminating TCP connection')
16
realm.kinit(realm.user_princ, password('user'), expected_trace=msgs)
17
realm.run([kvno, realm.host_princ], expected_trace=msgs)
18

19
# Pretend to send an absurdly long request over TCP, and verify that
20
# we get back a reply of plausible length to be an encoded
21
# KRB_ERR_RESPONSE_TOO_BIG error.
22
s = socket.create_connection((hostname, realm.portbase))
23
s.sendall(b'\xFF\xFF\xFF\xFF')
24
lenbytes = s.recv(4)
25
assert(len(lenbytes) == 4)
26
resplen, = struct.unpack('>L', lenbytes)
27
if resplen < 10:
28
    fail('KDC response too short (KRB_ERR_RESPONSE_TOO_BIG error expected)')
29
resp = s.recv(resplen)
30
assert(len(resp) == resplen)
31

32
success('Large KDC replies')
33

34