Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/tests/gssapi/t_credstore.c
34890 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/*

3
 * Copyright 2011 Red Hat, Inc.

4
 *

5
 * Permission is hereby granted, free of charge, to any person

6
 * obtaining a copy of this software and associated documentation files

7
 * (the "Software"), to deal in the Software without restriction,

8
 * including without limitation the rights to use, copy, modify, merge,

9
 * publish, distribute, sublicense, and/or sell copies of the Software,

10
 * and to permit persons to whom the Software is furnished to do so,

11
 * subject to the following conditions:

12
 *

13
 * The above copyright notice and this permission notice shall be

14
 * included in all copies or substantial portions of the Software.

15
 *

16
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,

17
 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

18
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND

19
 * NONINFRINGEMENT.  IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS

20
 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN

21
 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN

22
 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

23
 * SOFTWARE.

24
 */

25


26
#include <stdio.h>

27
#include <stdlib.h>

28
#include <string.h>

29


30
#include "common.h"

31


32
static void

33
usage(void)

34
{

35
    fprintf(stderr,

36
            "Usage: t_credstore [-sabi] principal [{key value} ...]\n");

37
    exit(1);

38
}

39


40
int

41
main(int argc, char *argv[])

42
{

43
    OM_uint32 minor, major;

44
    gss_key_value_set_desc store;

45
    gss_name_t name = GSS_C_NO_NAME;

46
    gss_cred_usage_t cred_usage = GSS_C_BOTH;

47
    gss_OID_set mechs = GSS_C_NO_OID_SET;

48
    gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;

49
    gss_ctx_id_t ictx = GSS_C_NO_CONTEXT, actx = GSS_C_NO_CONTEXT;

50
    gss_buffer_desc itok, atok;

51
    krb5_boolean store_creds = FALSE, replay = FALSE;

52
    char opt;

53


54
    /* Parse options. */

55
    for (argv++; *argv != NULL && **argv == '-'; argv++) {

56
        opt = (*argv)[1];

57
        if (opt == 's')

58
            store_creds = TRUE;

59
        else if (opt == 'r')

60
            replay = TRUE;

61
        else if (opt == 'a')

62
            cred_usage = GSS_C_ACCEPT;

63
        else if (opt == 'b')

64
            cred_usage = GSS_C_BOTH;

65
        else if (opt == 'i')

66
            cred_usage = GSS_C_INITIATE;

67
        else

68
            usage();

69
    }

70


71
    /* Get the principal name. */

72
    if (*argv == NULL)

73
        usage();

74
    if (**argv != '\0')

75
        name = import_name(*argv);

76
    argv++;

77


78
    /* Put any remaining arguments into the store. */

79
    store.elements = calloc(argc, sizeof(struct gss_key_value_element_struct));

80
    if (!store.elements)

81
        errout("OOM");

82
    store.count = 0;

83
    while (*argv != NULL) {

84
        if (*(argv + 1) == NULL)

85
            usage();

86
        store.elements[store.count].key = *argv;

87
        store.elements[store.count].value = *(argv + 1);

88
        store.count++;

89
        argv += 2;

90
    }

91


92
    if (store_creds) {

93
        /* Acquire default creds and try to store them in the cred store. */

94
        major = gss_acquire_cred(&minor, GSS_C_NO_NAME, 0, GSS_C_NO_OID_SET,

95
                                 GSS_C_INITIATE, &cred, NULL, NULL);

96
        check_gsserr("gss_acquire_cred", major, minor);

97


98
        major = gss_store_cred_into(&minor, cred, GSS_C_INITIATE,

99
                                    GSS_C_NO_OID, 1, 0, &store, NULL, NULL);

100
        check_gsserr("gss_store_cred_into", major, minor);

101


102
        gss_release_cred(&minor, &cred);

103
    }

104


105
    /* Try to acquire creds from store. */

106
    major = gss_acquire_cred_from(&minor, name, 0, mechs, cred_usage,

107
                                  &store, &cred, NULL, NULL);

108
    check_gsserr("gss_acquire_cred_from", major, minor);

109


110
    if (replay) {

111
        /* Induce a replay using cred as the acceptor cred, to test the replay

112
         * cache indicated by the store. */

113
        major = gss_init_sec_context(&minor, GSS_C_NO_CREDENTIAL, &ictx, name,

114
                                     &mech_krb5, 0, GSS_C_INDEFINITE,

115
                                     GSS_C_NO_CHANNEL_BINDINGS,

116
                                     GSS_C_NO_BUFFER, NULL, &itok, NULL, NULL);

117
        check_gsserr("gss_init_sec_context", major, minor);

118
        (void)gss_delete_sec_context(&minor, &ictx, NULL);

119


120
        major = gss_accept_sec_context(&minor, &actx, cred, &itok,

121
                                       GSS_C_NO_CHANNEL_BINDINGS, NULL, NULL,

122
                                       &atok, NULL, NULL, NULL);

123
        check_gsserr("gss_accept_sec_context(1)", major, minor);

124
        (void)gss_release_buffer(&minor, &atok);

125
        (void)gss_delete_sec_context(&minor, &actx, NULL);

126


127
        major = gss_accept_sec_context(&minor, &actx, cred, &itok,

128
                                       GSS_C_NO_CHANNEL_BINDINGS, NULL, NULL,

129
                                       &atok, NULL, NULL, NULL);

130
        check_gsserr("gss_accept_sec_context(2)", major, minor);

131
        (void)gss_release_buffer(&minor, &itok);

132
        (void)gss_release_buffer(&minor, &atok);

133
        (void)gss_delete_sec_context(&minor, &actx, NULL);

134
    }

135


136
    gss_release_name(&minor, &name);

137
    gss_release_cred(&minor, &cred);

138
    free(store.elements);

139
    return 0;

140
}

141


142