test_cred.c revision 256281 
1178172Simp/*
2178172Simp * Copyright (c) 2003-2004 Kungliga Tekniska H��gskolan
3178172Simp * (Royal Institute of Technology, Stockholm, Sweden).
4178172Simp * All rights reserved.
5178172Simp *
6178172Simp * Redistribution and use in source and binary forms, with or without
7178172Simp * modification, are permitted provided that the following conditions
8178172Simp * are met:
9178172Simp *
10178172Simp * 1. Redistributions of source code must retain the above copyright
11178172Simp *    notice, this list of conditions and the following disclaimer.
12178172Simp *
13178172Simp * 2. Redistributions in binary form must reproduce the above copyright
14178172Simp *    notice, this list of conditions and the following disclaimer in the
15178172Simp *    documentation and/or other materials provided with the distribution.
16178172Simp *
17178172Simp * 3. Neither the name of KTH nor the names of its contributors may be
18178172Simp *    used to endorse or promote products derived from this software without
19178172Simp *    specific prior written permission.
20178172Simp *
21178172Simp * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22178172Simp * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23178172Simp * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24178172Simp * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25178172Simp * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26178172Simp * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27178172Simp * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28178172Simp * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29178172Simp * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30178172Simp * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31178172Simp * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32178172Simp */
33178172Simp
34178172Simp#ifdef HAVE_CONFIG_H
35178172Simp#include <config.h>
36178172Simp#endif
37178172Simp
38178172Simp#include <roken.h>
39178172Simp#include <stdio.h>
40178172Simp#include <stdlib.h>
41178172Simp#include <string.h>
42178172Simp#include <stdarg.h>
43178172Simp#include <gssapi.h>
44178172Simp#include <gssapi_krb5.h>
45178172Simp#include <gssapi_spnego.h>
46178172Simp#include <err.h>
47178172Simp#include <getarg.h>
48178172Simp
49178172Simpstatic void
50178172Simpgss_print_errors (int min_stat)
51178172Simp{
52178172Simp    OM_uint32 new_stat;
53178172Simp    OM_uint32 msg_ctx = 0;
54178172Simp    gss_buffer_desc status_string;
55178172Simp    OM_uint32 ret;
56178172Simp
57178172Simp    do {
58178172Simp	ret = gss_display_status (&new_stat,
59178172Simp				  min_stat,
60178172Simp				  GSS_C_MECH_CODE,
61178172Simp				  GSS_C_NO_OID,
62178172Simp				  &msg_ctx,
63178172Simp				  &status_string);
64178172Simp	if (!GSS_ERROR(ret)) {
65178172Simp	    fprintf (stderr, "%.*s\n", (int)status_string.length,
66178172Simp					(char *)status_string.value);
67178172Simp	    gss_release_buffer (&new_stat, &status_string);
68178172Simp	}
69178172Simp    } while (!GSS_ERROR(ret) && msg_ctx != 0);
70178172Simp}
71178172Simp
72178172Simpstatic void
73178172Simpgss_err(int exitval, int status, const char *fmt, ...)
74178172Simp{
75178172Simp    va_list args;
76178172Simp
77206717Sjmallett    va_start(args, fmt);
78206717Sjmallett    vwarnx (fmt, args);
79206717Sjmallett    gss_print_errors (status);
80206717Sjmallett    va_end(args);
81206717Sjmallett    exit (exitval);
82206717Sjmallett}
83206717Sjmallett
84178172Simpstatic void
85178172Simpacquire_release_loop(gss_name_t name, int counter, gss_cred_usage_t usage)
86178172Simp{
87206717Sjmallett    OM_uint32 maj_stat, min_stat;
88178172Simp    gss_cred_id_t cred;
89178172Simp    int i;
90178172Simp
91178172Simp    for (i = 0; i < counter; i++) {
92178172Simp	maj_stat = gss_acquire_cred(&min_stat, name,
93178172Simp				    GSS_C_INDEFINITE,
94178172Simp				    GSS_C_NO_OID_SET,
95178172Simp				    usage,
96178172Simp				    &cred,
97206717Sjmallett				    NULL,
98178172Simp				    NULL);
99178172Simp	if (maj_stat != GSS_S_COMPLETE)
100178172Simp	    gss_err(1, min_stat, "aquire %d %d != GSS_S_COMPLETE",
101178172Simp		    i, (int)maj_stat);
102178172Simp
103178172Simp	maj_stat = gss_release_cred(&min_stat, &cred);
104178172Simp	if (maj_stat != GSS_S_COMPLETE)
105178172Simp	    gss_err(1, min_stat, "release %d %d != GSS_S_COMPLETE",
106178172Simp		    i, (int)maj_stat);
107178172Simp    }
108178172Simp}
109178172Simp
110178172Simp
111202031Simpstatic void
112202031Simpacquire_add_release_add(gss_name_t name, gss_cred_usage_t usage)
113202031Simp{
114205360Sneel    OM_uint32 maj_stat, min_stat;
115202031Simp    gss_cred_id_t cred, cred2, cred3;
116202031Simp
117202031Simp    maj_stat = gss_acquire_cred(&min_stat, name,
118202031Simp				GSS_C_INDEFINITE,
119206717Sjmallett				GSS_C_NO_OID_SET,
120202031Simp				usage,
121178172Simp				&cred,
122178172Simp				NULL,
123178172Simp				NULL);
124178172Simp    if (maj_stat != GSS_S_COMPLETE)
125178172Simp	gss_err(1, min_stat, "aquire %d != GSS_S_COMPLETE", (int)maj_stat);
126178172Simp
127178172Simp    maj_stat = gss_add_cred(&min_stat,
128			    cred,
129			    GSS_C_NO_NAME,
130			    GSS_KRB5_MECHANISM,
131			    usage,
132			    GSS_C_INDEFINITE,
133			    GSS_C_INDEFINITE,
134			    &cred2,
135			    NULL,
136			    NULL,
137			    NULL);
138
139    if (maj_stat != GSS_S_COMPLETE)
140	gss_err(1, min_stat, "add_cred %d != GSS_S_COMPLETE", (int)maj_stat);
141
142    maj_stat = gss_release_cred(&min_stat, &cred);
143    if (maj_stat != GSS_S_COMPLETE)
144	gss_err(1, min_stat, "release %d != GSS_S_COMPLETE", (int)maj_stat);
145
146    maj_stat = gss_add_cred(&min_stat,
147			    cred2,
148			    GSS_C_NO_NAME,
149			    GSS_KRB5_MECHANISM,
150			    GSS_C_BOTH,
151			    GSS_C_INDEFINITE,
152			    GSS_C_INDEFINITE,
153			    &cred3,
154			    NULL,
155			    NULL,
156			    NULL);
157
158    maj_stat = gss_release_cred(&min_stat, &cred2);
159    if (maj_stat != GSS_S_COMPLETE)
160	gss_err(1, min_stat, "release 2 %d != GSS_S_COMPLETE", (int)maj_stat);
161
162    maj_stat = gss_release_cred(&min_stat, &cred3);
163    if (maj_stat != GSS_S_COMPLETE)
164	gss_err(1, min_stat, "release 2 %d != GSS_S_COMPLETE", (int)maj_stat);
165}
166
167static int version_flag = 0;
168static int help_flag	= 0;
169
170static struct getargs args[] = {
171    {"version",	0,	arg_flag,	&version_flag, "print version", NULL },
172    {"help",	0,	arg_flag,	&help_flag,  NULL, NULL }
173};
174
175static void
176usage (int ret)
177{
178    arg_printusage (args, sizeof(args)/sizeof(*args),
179		    NULL, "service@host");
180    exit (ret);
181}
182
183
184int
185main(int argc, char **argv)
186{
187    struct gss_buffer_desc_struct name_buffer;
188    OM_uint32 maj_stat, min_stat;
189    gss_name_t name;
190    int optidx = 0;
191
192    setprogname(argv[0]);
193    if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
194	usage(1);
195
196    if (help_flag)
197	usage (0);
198
199    if(version_flag){
200	print_version(NULL);
201	exit(0);
202    }
203
204    argc -= optidx;
205    argv += optidx;
206
207    if (argc < 1)
208	errx(1, "argc < 1");
209
210    name_buffer.value = argv[0];
211    name_buffer.length = strlen(argv[0]);
212
213    maj_stat = gss_import_name(&min_stat, &name_buffer,
214			       GSS_C_NT_HOSTBASED_SERVICE,
215			       &name);
216    if (maj_stat != GSS_S_COMPLETE)
217	errx(1, "import name error");
218
219    acquire_release_loop(name, 100, GSS_C_ACCEPT);
220    acquire_release_loop(name, 100, GSS_C_INITIATE);
221    acquire_release_loop(name, 100, GSS_C_BOTH);
222
223    acquire_add_release_add(name, GSS_C_ACCEPT);
224    acquire_add_release_add(name, GSS_C_INITIATE);
225    acquire_add_release_add(name, GSS_C_BOTH);
226
227    gss_release_name(&min_stat, &name);
228
229    return 0;
230}
231