Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/tests/gssapi/t_ciflags.c
34907 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/* tests/gssapi/t_ciflags.c - GSS_KRB5_CRED_NO_CI_FLAGS_X tests */

3
/*

4
 * Copyright (C) 2015 by the Massachusetts Institute of Technology.

5
 * All rights reserved.

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 *

11
 * * Redistributions of source code must retain the above copyright

12
 *   notice, this list of conditions and the following disclaimer.

13
 *

14
 * * Redistributions in binary form must reproduce the above copyright

15
 *   notice, this list of conditions and the following disclaimer in

16
 *   the documentation and/or other materials provided with the

17
 *   distribution.

18
 *

19
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

20
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

21
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

22
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

23
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,

24
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

25
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

26
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

28
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

29
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

30
 * OF THE POSSIBILITY OF SUCH DAMAGE.

31
 */

32


33
#include <stdio.h>

34
#include <stdlib.h>

35
#include <assert.h>

36


37
#include "common.h"

38


39
static void

40
flagtest(gss_OID mech, gss_cred_id_t icred, gss_name_t tname,

41
         OM_uint32 inflags, OM_uint32 expflags)

42
{

43
    gss_ctx_id_t ictx, actx;

44
    OM_uint32 major, minor, flags;

45


46
    establish_contexts(mech, icred, GSS_C_NO_CREDENTIAL, tname, inflags, &ictx,

47
                       &actx, NULL, NULL, NULL);

48


49
    major = gss_inquire_context(&minor, actx, NULL, NULL, NULL, NULL, &flags,

50
                                NULL, NULL);

51
    check_gsserr("gss_inquire_context", major, minor);

52
    assert(flags == expflags);

53


54
    (void)gss_delete_sec_context(&minor, &ictx, NULL);

55
    (void)gss_delete_sec_context(&minor, &actx, NULL);

56
}

57


58
int

59
main(int argc, char *argv[])

60
{

61
    OM_uint32 minor, major;

62
    gss_cred_id_t icred;

63
    gss_name_t tname;

64
    gss_buffer_desc empty_buffer = GSS_C_EMPTY_BUFFER;

65


66
    if (argc != 2) {

67
        fprintf(stderr, "Usage: %s targetname\n", argv[0]);

68
        return 1;

69
    }

70
    tname = import_name(argv[1]);

71


72
    /* With no flags, the initiator asserts conf, integ, trans */

73
    flagtest(&mech_krb5, GSS_C_NO_CREDENTIAL, tname, 0,

74
             GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG);

75
    flagtest(&mech_spnego, GSS_C_NO_CREDENTIAL, tname, 0,

76
             GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG);

77


78
    /* The initiator also asserts most flags specified by the caller. */

79
    flagtest(&mech_krb5, GSS_C_NO_CREDENTIAL, tname, GSS_C_SEQUENCE_FLAG,

80
             GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG |

81
             GSS_C_SEQUENCE_FLAG);

82
    flagtest(&mech_spnego, GSS_C_NO_CREDENTIAL, tname, GSS_C_SEQUENCE_FLAG,

83
             GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG |

84
             GSS_C_SEQUENCE_FLAG);

85


86
    /* Get a normal initiator cred and re-test with no flags. */

87
    major = gss_acquire_cred(&minor, GSS_C_NO_NAME, GSS_C_INDEFINITE,

88
                             GSS_C_NO_OID_SET, GSS_C_INITIATE, &icred, NULL,

89
                             NULL);

90
    check_gsserr("gss_acquire_cred", major, minor);

91
    flagtest(&mech_krb5, icred, tname, 0,

92
             GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG);

93
    flagtest(&mech_spnego, icred, tname, 0,

94
             GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG);

95


96
    /* Suppress confidentiality and integrity flags on the initiator cred and

97
     * check that they are suppressed, but can still be asserted explicitly. */

98
    major = gss_set_cred_option(&minor, &icred,

99
                                (gss_OID)GSS_KRB5_CRED_NO_CI_FLAGS_X,

100
                                &empty_buffer);

101
    check_gsserr("gss_set_cred_option", major, minor);

102
    flagtest(&mech_krb5, icred, tname, 0, GSS_C_TRANS_FLAG);

103
    flagtest(&mech_krb5, icred, tname, GSS_C_CONF_FLAG,

104
             GSS_C_CONF_FLAG | GSS_C_TRANS_FLAG);

105
    flagtest(&mech_krb5, icred, tname, GSS_C_INTEG_FLAG,

106
             GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG);

107
    flagtest(&mech_krb5, icred, tname, GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG,

108
             GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG);

109
    flagtest(&mech_spnego, icred, tname, 0, GSS_C_TRANS_FLAG);

110
    flagtest(&mech_spnego, icred, tname, GSS_C_INTEG_FLAG,

111
             GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG);

112
    flagtest(&mech_spnego, icred, tname, GSS_C_CONF_FLAG,

113
             GSS_C_CONF_FLAG | GSS_C_TRANS_FLAG);

114
    flagtest(&mech_spnego, icred, tname, GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG,

115
             GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_TRANS_FLAG);

116


117
    (void)gss_release_name(&minor, &tname);

118
    (void)gss_release_cred(&minor, &icred);

119
    return 0;

120
}

121


122