test_cred.c revision 256281
1178172Simp/* 2178172Simp * Copyright (c) 2003-2004 Kungliga Tekniska H��gskolan 3178172Simp * (Royal Institute of Technology, Stockholm, Sweden). 4178172Simp * All rights reserved. 5178172Simp * 6178172Simp * Redistribution and use in source and binary forms, with or without 7178172Simp * modification, are permitted provided that the following conditions 8178172Simp * are met: 9178172Simp * 10178172Simp * 1. Redistributions of source code must retain the above copyright 11178172Simp * notice, this list of conditions and the following disclaimer. 12178172Simp * 13178172Simp * 2. Redistributions in binary form must reproduce the above copyright 14178172Simp * notice, this list of conditions and the following disclaimer in the 15178172Simp * documentation and/or other materials provided with the distribution. 16178172Simp * 17178172Simp * 3. Neither the name of KTH nor the names of its contributors may be 18178172Simp * used to endorse or promote products derived from this software without 19178172Simp * specific prior written permission. 20178172Simp * 21178172Simp * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY 22178172Simp * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23178172Simp * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 24178172Simp * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE 25178172Simp * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26178172Simp * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27178172Simp * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28178172Simp * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 29178172Simp * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 30178172Simp * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 31178172Simp * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32178172Simp */ 33178172Simp 34178172Simp#ifdef HAVE_CONFIG_H 35178172Simp#include <config.h> 36178172Simp#endif 37178172Simp 38178172Simp#include <roken.h> 39178172Simp#include <stdio.h> 40178172Simp#include <stdlib.h> 41178172Simp#include <string.h> 42178172Simp#include <stdarg.h> 43178172Simp#include <gssapi.h> 44178172Simp#include <gssapi_krb5.h> 45178172Simp#include <gssapi_spnego.h> 46178172Simp#include <err.h> 47178172Simp#include <getarg.h> 48178172Simp 49178172Simpstatic void 50178172Simpgss_print_errors (int min_stat) 51178172Simp{ 52178172Simp OM_uint32 new_stat; 53178172Simp OM_uint32 msg_ctx = 0; 54178172Simp gss_buffer_desc status_string; 55178172Simp OM_uint32 ret; 56178172Simp 57178172Simp do { 58178172Simp ret = gss_display_status (&new_stat, 59178172Simp min_stat, 60178172Simp GSS_C_MECH_CODE, 61178172Simp GSS_C_NO_OID, 62178172Simp &msg_ctx, 63178172Simp &status_string); 64178172Simp if (!GSS_ERROR(ret)) { 65178172Simp fprintf (stderr, "%.*s\n", (int)status_string.length, 66178172Simp (char *)status_string.value); 67178172Simp gss_release_buffer (&new_stat, &status_string); 68178172Simp } 69178172Simp } while (!GSS_ERROR(ret) && msg_ctx != 0); 70178172Simp} 71178172Simp 72178172Simpstatic void 73178172Simpgss_err(int exitval, int status, const char *fmt, ...) 74178172Simp{ 75178172Simp va_list args; 76178172Simp 77206717Sjmallett va_start(args, fmt); 78206717Sjmallett vwarnx (fmt, args); 79206717Sjmallett gss_print_errors (status); 80206717Sjmallett va_end(args); 81206717Sjmallett exit (exitval); 82206717Sjmallett} 83206717Sjmallett 84178172Simpstatic void 85178172Simpacquire_release_loop(gss_name_t name, int counter, gss_cred_usage_t usage) 86178172Simp{ 87206717Sjmallett OM_uint32 maj_stat, min_stat; 88178172Simp gss_cred_id_t cred; 89178172Simp int i; 90178172Simp 91178172Simp for (i = 0; i < counter; i++) { 92178172Simp maj_stat = gss_acquire_cred(&min_stat, name, 93178172Simp GSS_C_INDEFINITE, 94178172Simp GSS_C_NO_OID_SET, 95178172Simp usage, 96178172Simp &cred, 97206717Sjmallett NULL, 98178172Simp NULL); 99178172Simp if (maj_stat != GSS_S_COMPLETE) 100178172Simp gss_err(1, min_stat, "aquire %d %d != GSS_S_COMPLETE", 101178172Simp i, (int)maj_stat); 102178172Simp 103178172Simp maj_stat = gss_release_cred(&min_stat, &cred); 104178172Simp if (maj_stat != GSS_S_COMPLETE) 105178172Simp gss_err(1, min_stat, "release %d %d != GSS_S_COMPLETE", 106178172Simp i, (int)maj_stat); 107178172Simp } 108178172Simp} 109178172Simp 110178172Simp 111202031Simpstatic void 112202031Simpacquire_add_release_add(gss_name_t name, gss_cred_usage_t usage) 113202031Simp{ 114205360Sneel OM_uint32 maj_stat, min_stat; 115202031Simp gss_cred_id_t cred, cred2, cred3; 116202031Simp 117202031Simp maj_stat = gss_acquire_cred(&min_stat, name, 118202031Simp GSS_C_INDEFINITE, 119206717Sjmallett GSS_C_NO_OID_SET, 120202031Simp usage, 121178172Simp &cred, 122178172Simp NULL, 123178172Simp NULL); 124178172Simp if (maj_stat != GSS_S_COMPLETE) 125178172Simp gss_err(1, min_stat, "aquire %d != GSS_S_COMPLETE", (int)maj_stat); 126178172Simp 127178172Simp maj_stat = gss_add_cred(&min_stat, 128 cred, 129 GSS_C_NO_NAME, 130 GSS_KRB5_MECHANISM, 131 usage, 132 GSS_C_INDEFINITE, 133 GSS_C_INDEFINITE, 134 &cred2, 135 NULL, 136 NULL, 137 NULL); 138 139 if (maj_stat != GSS_S_COMPLETE) 140 gss_err(1, min_stat, "add_cred %d != GSS_S_COMPLETE", (int)maj_stat); 141 142 maj_stat = gss_release_cred(&min_stat, &cred); 143 if (maj_stat != GSS_S_COMPLETE) 144 gss_err(1, min_stat, "release %d != GSS_S_COMPLETE", (int)maj_stat); 145 146 maj_stat = gss_add_cred(&min_stat, 147 cred2, 148 GSS_C_NO_NAME, 149 GSS_KRB5_MECHANISM, 150 GSS_C_BOTH, 151 GSS_C_INDEFINITE, 152 GSS_C_INDEFINITE, 153 &cred3, 154 NULL, 155 NULL, 156 NULL); 157 158 maj_stat = gss_release_cred(&min_stat, &cred2); 159 if (maj_stat != GSS_S_COMPLETE) 160 gss_err(1, min_stat, "release 2 %d != GSS_S_COMPLETE", (int)maj_stat); 161 162 maj_stat = gss_release_cred(&min_stat, &cred3); 163 if (maj_stat != GSS_S_COMPLETE) 164 gss_err(1, min_stat, "release 2 %d != GSS_S_COMPLETE", (int)maj_stat); 165} 166 167static int version_flag = 0; 168static int help_flag = 0; 169 170static struct getargs args[] = { 171 {"version", 0, arg_flag, &version_flag, "print version", NULL }, 172 {"help", 0, arg_flag, &help_flag, NULL, NULL } 173}; 174 175static void 176usage (int ret) 177{ 178 arg_printusage (args, sizeof(args)/sizeof(*args), 179 NULL, "service@host"); 180 exit (ret); 181} 182 183 184int 185main(int argc, char **argv) 186{ 187 struct gss_buffer_desc_struct name_buffer; 188 OM_uint32 maj_stat, min_stat; 189 gss_name_t name; 190 int optidx = 0; 191 192 setprogname(argv[0]); 193 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) 194 usage(1); 195 196 if (help_flag) 197 usage (0); 198 199 if(version_flag){ 200 print_version(NULL); 201 exit(0); 202 } 203 204 argc -= optidx; 205 argv += optidx; 206 207 if (argc < 1) 208 errx(1, "argc < 1"); 209 210 name_buffer.value = argv[0]; 211 name_buffer.length = strlen(argv[0]); 212 213 maj_stat = gss_import_name(&min_stat, &name_buffer, 214 GSS_C_NT_HOSTBASED_SERVICE, 215 &name); 216 if (maj_stat != GSS_S_COMPLETE) 217 errx(1, "import name error"); 218 219 acquire_release_loop(name, 100, GSS_C_ACCEPT); 220 acquire_release_loop(name, 100, GSS_C_INITIATE); 221 acquire_release_loop(name, 100, GSS_C_BOTH); 222 223 acquire_add_release_add(name, GSS_C_ACCEPT); 224 acquire_add_release_add(name, GSS_C_INITIATE); 225 acquire_add_release_add(name, GSS_C_BOTH); 226 227 gss_release_name(&min_stat, &name); 228 229 return 0; 230} 231