lib/gssapi/gsstool.c

198090Srdivacky/*
198090Srdivacky * Copyright (c) 2006 Kungliga Tekniska H��gskolan
198090Srdivacky * (Royal Institute of Technology, Stockholm, Sweden).
198090Srdivacky * All rights reserved.
198090Srdivacky *
198090Srdivacky * Portions Copyright (c) 2009 - 2010 Apple Inc. All rights reserved.
198090Srdivacky *
198090Srdivacky * Redistribution and use in source and binary forms, with or without
198090Srdivacky * modification, are permitted provided that the following conditions
198090Srdivacky * are met:
198090Srdivacky *
198090Srdivacky * 1. Redistributions of source code must retain the above copyright
198090Srdivacky *    notice, this list of conditions and the following disclaimer.
198090Srdivacky *
198090Srdivacky * 2. Redistributions in binary form must reproduce the above copyright
198090Srdivacky *    notice, this list of conditions and the following disclaimer in the
198090Srdivacky *    documentation and/or other materials provided with the distribution.
198090Srdivacky *
198090Srdivacky * 3. Neither the name of KTH nor the names of its contributors may be
198090Srdivacky *    used to endorse or promote products derived from this software without
198090Srdivacky *    specific prior written permission.
263508Sdim *
198090Srdivacky * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
198090Srdivacky * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
198090Srdivacky * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
198090Srdivacky * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
249423Sdim * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
249423Sdim * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
249423Sdim * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
218893Sdim * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
198090Srdivacky * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
198090Srdivacky * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
251662Sdim * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
251662Sdim */
218893Sdim
218893Sdim#include <config.h>
204961Srdivacky#include <roken.h>
204961Srdivacky
251662Sdim#include <stdio.h>
263508Sdim#include <gssapi.h>
204961Srdivacky#include <gssapi_krb5.h>
249423Sdim#include <gssapi_spnego.h>
249423Sdim#include <gssapi_ntlm.h>
249423Sdim#include <err.h>
202878Srdivacky#include <getarg.h>
218893Sdim#include <rtbl.h>
198090Srdivacky#include <gss-commands.h>
198090Srdivacky
218893Sdim
218893Sdimstatic int version_flag = 0;
218893Sdimstatic int help_flag	= 0;
224145Sdim
224145Sdimstatic struct getargs args[] = {
198090Srdivacky    {"version",	0,	arg_flag,	&version_flag, "print version", NULL },
263508Sdim    {"help",	0,	arg_flag,	&help_flag,  NULL, NULL }
263508Sdim};
263508Sdim
198090Srdivackystatic void
198090Srdivackyusage (int ret)
208599Srdivacky{
208599Srdivacky    arg_printusage (args, sizeof(args)/sizeof(*args),
208599Srdivacky		    NULL, "service@host");
208599Srdivacky    exit (ret);
208599Srdivacky}
234353Sdim
208599Srdivacky#define COL_OID		"OID"
203954Srdivacky#define COL_NAME	"Name"
202878Srdivacky#define COL_DESC	"Description"
198090Srdivacky#define COL_VALUE	"Value"
226633Sdim#define COL_MECH	"Mech"
226633Sdim#define COL_EXPIRE	"Expire"
198090Srdivacky#define COL_SASL	"SASL"
239462Sdim
208599Srdivackyint
208599Srdivackysupported_mechanisms(void *argptr, int argc, char **argv)
263508Sdim{
198090Srdivacky    OM_uint32 maj_stat, min_stat;
263508Sdim    gss_OID_set mechs;
221345Sdim    rtbl_t ct;
221345Sdim    size_t i;
203954Srdivacky
198090Srdivacky    maj_stat = gss_indicate_mechs(&min_stat, &mechs);
198090Srdivacky    if (maj_stat != GSS_S_COMPLETE)
198090Srdivacky	errx(1, "gss_indicate_mechs failed");
198090Srdivacky
204642Srdivacky    printf("Supported mechanisms:\n");
204642Srdivacky
204642Srdivacky    ct = rtbl_create();
234353Sdim    if (ct == NULL)
234353Sdim	errx(1, "rtbl_create");
239462Sdim
203954Srdivacky    rtbl_set_separator(ct, "  ");
234353Sdim    rtbl_add_column(ct, COL_OID, 0);
249423Sdim    rtbl_add_column(ct, COL_NAME, 0);
218893Sdim    rtbl_add_column(ct, COL_DESC, 0);
218893Sdim    rtbl_add_column(ct, COL_SASL, 0);
218893Sdim
218893Sdim    for (i = 0; i < mechs->count; i++) {
221345Sdim	gss_buffer_desc str, sasl_name, mech_name, mech_desc;
221345Sdim
198090Srdivacky	maj_stat = gss_oid_to_str(&min_stat, &mechs->elements[i], &str);
198090Srdivacky	if (maj_stat != GSS_S_COMPLETE)
249423Sdim	    errx(1, "gss_oid_to_str failed");
249423Sdim
249423Sdim	rtbl_add_column_entryv(ct, COL_OID, "%.*s",
249423Sdim			       (int)str.length, (char *)str.value);
234353Sdim	gss_release_buffer(&min_stat, &str);
234353Sdim
234353Sdim	(void)gss_inquire_saslname_for_mech(&min_stat,
234353Sdim					    &mechs->elements[i],
234353Sdim					    &sasl_name,
198090Srdivacky					    &mech_name,
198090Srdivacky					    &mech_desc);
198090Srdivacky
239462Sdim	rtbl_add_column_entryv(ct, COL_NAME, "%.*s",
198090Srdivacky			       (int)mech_name.length, (char *)mech_name.value);
198090Srdivacky	rtbl_add_column_entryv(ct, COL_DESC, "%.*s",
198090Srdivacky			       (int)mech_desc.length, (char *)mech_desc.value);
	rtbl_add_column_entryv(ct, COL_SASL, "%.*s",
			       (int)sasl_name.length, (char *)sasl_name.value);

	gss_release_buffer(&min_stat, &mech_name);
	gss_release_buffer(&min_stat, &mech_desc);
	gss_release_buffer(&min_stat, &sasl_name);

    }
    gss_release_oid_set(&min_stat, &mechs);

    rtbl_format(ct, stdout);
    rtbl_destroy(ct);

    return 0;
}

static void
print_mech_attr(const char *mechname, gss_const_OID mech, gss_OID_set set)
{
    gss_buffer_desc name, desc;
    OM_uint32 major, minor;
    rtbl_t ct;
    size_t n;

    ct = rtbl_create();
    if (ct == NULL)
	errx(1, "rtbl_create");

    rtbl_set_separator(ct, "  ");
    rtbl_add_column(ct, COL_OID, 0);
    rtbl_add_column(ct, COL_DESC, 0);
    if (mech)
	rtbl_add_column(ct, COL_VALUE, 0);

    for (n = 0; n < set->count; n++) {
	major = gss_display_mech_attr(&minor, &set->elements[n], &name, &desc, NULL);
	if (major)
	    continue;

	rtbl_add_column_entryv(ct, COL_OID, "%.*s",
			       (int)name.length, (char *)name.value);
	rtbl_add_column_entryv(ct, COL_DESC, "%.*s",
			       (int)desc.length, (char *)desc.value);
	if (mech) {
	    gss_buffer_desc value;

	    if (gss_mo_get(mech, &set->elements[n], &value) != 0)
		value.length = 0;

	    if (value.length)
		rtbl_add_column_entryv(ct, COL_VALUE, "%.*s",
				       (int)value.length, (char *)value.value);
	    else
		rtbl_add_column_entryv(ct, COL_VALUE, "<>");
	    gss_release_buffer(&minor, &value);
	}

	gss_release_buffer(&minor, &name);
	gss_release_buffer(&minor, &desc);
    }

    printf("attributes for: %s\n", mechname);
    rtbl_format(ct, stdout);
    rtbl_destroy(ct);
}


int
attrs_for_mech(struct attrs_for_mech_options *opt, int argc, char **argv)
{
    gss_OID_set mech_attr = NULL, known_mech_attrs = NULL;
    gss_OID mech = GSS_C_NO_OID;
    OM_uint32 major, minor;

    if (opt->mech_string) {
	mech = gss_name_to_oid(opt->mech_string);
	if (mech == NULL)
	    errx(1, "mech %s is unknown", opt->mech_string);
    }

    major = gss_inquire_attrs_for_mech(&minor, mech, &mech_attr, &known_mech_attrs);
    if (major)
	errx(1, "gss_inquire_attrs_for_mech");

    if (mech) {
	print_mech_attr(opt->mech_string, mech, mech_attr);
    }

    if (opt->all_flag) {
	print_mech_attr("all mechs", NULL, known_mech_attrs);
    }

    gss_release_oid_set(&minor, &mech_attr);
    gss_release_oid_set(&minor, &known_mech_attrs);

    return 0;
}


/*
 *
 */

int
help(void *opt, int argc, char **argv)
{
    sl_slc_help(commands, argc, argv);
    return 0;
}

int
main(int argc, char **argv)
{
    int optidx = 0;

    setprogname(argv[0]);
    if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
	usage(1);

    if (help_flag)
	usage (0);

    if(version_flag){
	print_version(NULL);
	exit(0);
    }

    argc -= optidx;
    argv += optidx;

    if (argc == 0) {
	help(NULL, argc, argv);
	return 1;
    }

    return sl_command (commands, argc, argv);
}