1/* $NetBSD$ */ 2 3/* 4 * Copyright (c) 2003-2004 Kungliga Tekniska H��gskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of KTH nor the names of its contributors may be 20 * used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY 24 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE 27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 30 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 31 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 32 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36#include "gsskrb5_locl.h" 37#include <err.h> 38#include <krb5/getarg.h> 39 40static void 41gss_print_errors (int min_stat) 42{ 43 OM_uint32 new_stat; 44 OM_uint32 msg_ctx = 0; 45 gss_buffer_desc status_string; 46 OM_uint32 ret; 47 48 do { 49 ret = gss_display_status (&new_stat, 50 min_stat, 51 GSS_C_MECH_CODE, 52 GSS_C_NO_OID, 53 &msg_ctx, 54 &status_string); 55 fprintf (stderr, "%.*s\n", (int)status_string.length, 56 (char *)status_string.value); 57 gss_release_buffer (&new_stat, &status_string); 58 } while (!GSS_ERROR(ret) && msg_ctx != 0); 59} 60 61static void 62gss_err(int exitval, int status, const char *fmt, ...) 63{ 64 va_list args; 65 66 va_start(args, fmt); 67 vwarnx (fmt, args); 68 gss_print_errors (status); 69 va_end(args); 70 exit (exitval); 71} 72 73static void 74acquire_release_loop(gss_name_t name, int counter, gss_cred_usage_t usage) 75{ 76 OM_uint32 maj_stat, min_stat; 77 gss_cred_id_t cred; 78 int i; 79 80 for (i = 0; i < counter; i++) { 81 maj_stat = gss_acquire_cred(&min_stat, name, 82 GSS_C_INDEFINITE, 83 GSS_C_NO_OID_SET, 84 usage, 85 &cred, 86 NULL, 87 NULL); 88 if (maj_stat != GSS_S_COMPLETE) 89 gss_err(1, min_stat, "aquire %d %d != GSS_S_COMPLETE", 90 i, (int)maj_stat); 91 92 maj_stat = gss_release_cred(&min_stat, &cred); 93 if (maj_stat != GSS_S_COMPLETE) 94 gss_err(1, min_stat, "release %d %d != GSS_S_COMPLETE", 95 i, (int)maj_stat); 96 } 97} 98 99 100static void 101acquire_add_release_add(gss_name_t name, gss_cred_usage_t usage) 102{ 103 OM_uint32 maj_stat, min_stat; 104 gss_cred_id_t cred, cred2, cred3; 105 106 maj_stat = gss_acquire_cred(&min_stat, name, 107 GSS_C_INDEFINITE, 108 GSS_C_NO_OID_SET, 109 usage, 110 &cred, 111 NULL, 112 NULL); 113 if (maj_stat != GSS_S_COMPLETE) 114 gss_err(1, min_stat, "aquire %d != GSS_S_COMPLETE", (int)maj_stat); 115 116 maj_stat = gss_add_cred(&min_stat, 117 cred, 118 GSS_C_NO_NAME, 119 GSS_KRB5_MECHANISM, 120 usage, 121 GSS_C_INDEFINITE, 122 GSS_C_INDEFINITE, 123 &cred2, 124 NULL, 125 NULL, 126 NULL); 127 128 if (maj_stat != GSS_S_COMPLETE) 129 gss_err(1, min_stat, "add_cred %d != GSS_S_COMPLETE", (int)maj_stat); 130 131 maj_stat = gss_release_cred(&min_stat, &cred); 132 if (maj_stat != GSS_S_COMPLETE) 133 gss_err(1, min_stat, "release %d != GSS_S_COMPLETE", (int)maj_stat); 134 135 maj_stat = gss_add_cred(&min_stat, 136 cred2, 137 GSS_C_NO_NAME, 138 GSS_KRB5_MECHANISM, 139 GSS_C_BOTH, 140 GSS_C_INDEFINITE, 141 GSS_C_INDEFINITE, 142 &cred3, 143 NULL, 144 NULL, 145 NULL); 146 147 maj_stat = gss_release_cred(&min_stat, &cred2); 148 if (maj_stat != GSS_S_COMPLETE) 149 gss_err(1, min_stat, "release 2 %d != GSS_S_COMPLETE", (int)maj_stat); 150 151 maj_stat = gss_release_cred(&min_stat, &cred3); 152 if (maj_stat != GSS_S_COMPLETE) 153 gss_err(1, min_stat, "release 2 %d != GSS_S_COMPLETE", (int)maj_stat); 154} 155 156static int version_flag = 0; 157static int help_flag = 0; 158 159static struct getargs args[] = { 160 {"version", 0, arg_flag, &version_flag, "print version", NULL }, 161 {"help", 0, arg_flag, &help_flag, NULL, NULL } 162}; 163 164static void 165usage (int ret) 166{ 167 arg_printusage (args, sizeof(args)/sizeof(*args), 168 NULL, "service@host"); 169 exit (ret); 170} 171 172 173int 174main(int argc, char **argv) 175{ 176 struct gss_buffer_desc_struct name_buffer; 177 OM_uint32 maj_stat, min_stat; 178 gss_name_t name; 179 int optidx = 0; 180 181 setprogname(argv[0]); 182 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) 183 usage(1); 184 185 if (help_flag) 186 usage (0); 187 188 if(version_flag){ 189 print_version(NULL); 190 exit(0); 191 } 192 193 argc -= optidx; 194 argv += optidx; 195 196 if (argc < 1) 197 errx(1, "argc < 1"); 198 199 name_buffer.value = argv[0]; 200 name_buffer.length = strlen(argv[0]); 201 202 maj_stat = gss_import_name(&min_stat, &name_buffer, 203 GSS_C_NT_HOSTBASED_SERVICE, 204 &name); 205 if (maj_stat != GSS_S_COMPLETE) 206 errx(1, "import name error"); 207 208 acquire_release_loop(name, 100, GSS_C_ACCEPT); 209 acquire_release_loop(name, 100, GSS_C_INITIATE); 210 acquire_release_loop(name, 100, GSS_C_BOTH); 211 212 acquire_add_release_add(name, GSS_C_ACCEPT); 213 acquire_add_release_add(name, GSS_C_INITIATE); 214 acquire_add_release_add(name, GSS_C_BOTH); 215 216 gss_release_name(&min_stat, &name); 217 218 return 0; 219} 220