Path: blob/main/crypto/krb5/src/tests/icinterleave.c
34869 views
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */1/* tests/icinterleave.c - interleaved init_creds_step test harness */2/*3* Copyright (C) 2017 by the Massachusetts Institute of Technology.4* All rights reserved.5*6* Redistribution and use in source and binary forms, with or without7* modification, are permitted provided that the following conditions8* are met:9*10* * Redistributions of source code must retain the above copyright11* notice, this list of conditions and the following disclaimer.12*13* * Redistributions in binary form must reproduce the above copyright14* notice, this list of conditions and the following disclaimer in15* the documentation and/or other materials provided with the16* distribution.17*18* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS19* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT20* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS21* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE22* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,23* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES24* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR25* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)26* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,27* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)28* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED29* OF THE POSSIBILITY OF SUCH DAMAGE.30*/3132/*33* This test harness performs multiple initial creds operations using34* krb5_init_creds_step(), interleaving the operations to test the scoping of35* the preauth state. All principals must have the same password (or not36* require a password).37*/3839#include "k5-int.h"4041static krb5_context ctx;4243static void44check(krb5_error_code code)45{46const char *errmsg;4748if (code) {49errmsg = krb5_get_error_message(ctx, code);50fprintf(stderr, "%s\n", errmsg);51krb5_free_error_message(ctx, errmsg);52exit(1);53}54}5556int57main(int argc, char **argv)58{59const char *password;60char **princstrs;61krb5_principal client;62krb5_init_creds_context *iccs;63krb5_data req, *reps, realm;64krb5_boolean any_left;65int i, nclients, primary;66unsigned int flags;6768if (argc < 3) {69fprintf(stderr, "Usage: icinterleave password princ1 princ2 ...\n");70exit(1);71}72password = argv[1];73princstrs = argv + 2;74nclients = argc - 2;7576check(krb5_init_context(&ctx));7778/* Create an initial creds context for each client principal. */79iccs = calloc(nclients, sizeof(*iccs));80assert(iccs != NULL);81for (i = 0; i < nclients; i++) {82check(krb5_parse_name(ctx, princstrs[i], &client));83check(krb5_init_creds_init(ctx, client, NULL, NULL, 0, NULL,84&iccs[i]));85check(krb5_init_creds_set_password(ctx, iccs[i], password));86krb5_free_principal(ctx, client);87}8889reps = calloc(nclients, sizeof(*reps));90assert(reps != NULL);9192any_left = TRUE;93while (any_left) {94any_left = FALSE;95for (i = 0; i < nclients; i++) {96if (iccs[i] == NULL)97continue;98any_left = TRUE;99100printf("step %d\n", i + 1);101102req = empty_data();103realm = empty_data();104check(krb5_init_creds_step(ctx, iccs[i], &reps[i], &req, &realm,105&flags));106if (!(flags & KRB5_INIT_CREDS_STEP_FLAG_CONTINUE)) {107printf("finish %d\n", i + 1);108krb5_init_creds_free(ctx, iccs[i]);109iccs[i] = NULL;110continue;111}112113primary = 0;114krb5_free_data_contents(ctx, &reps[i]);115check(krb5_sendto_kdc(ctx, &req, &realm, &reps[i], &primary, 0));116krb5_free_data_contents(ctx, &req);117krb5_free_data_contents(ctx, &realm);118}119}120121for (i = 0; i < nclients; i++)122krb5_free_data_contents(ctx, &reps[i]);123free(reps);124free(iccs);125krb5_free_context(ctx);126return 0;127}128129130