Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/tests/icred.c
34869 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/* tests/icred.c - test harness for getting initial creds */

3
/*

4
 * Copyright (C) 2013 by the Massachusetts Institute of Technology.

5
 * All rights reserved.

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 *

11
 * * Redistributions of source code must retain the above copyright

12
 *   notice, this list of conditions and the following disclaimer.

13
 *

14
 * * Redistributions in binary form must reproduce the above copyright

15
 *   notice, this list of conditions and the following disclaimer in

16
 *   the documentation and/or other materials provided with the

17
 *   distribution.

18
 *

19
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

20
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

21
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

22
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

23
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,

24
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

25
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

26
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

28
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

29
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

30
 * OF THE POSSIBILITY OF SUCH DAMAGE.

31
 */

32


33
/* This program exercises the init_creds APIs in ways kinit doesn't. */

34


35
#include "k5-platform.h"

36
#include <krb5.h>

37


38
static krb5_context ctx;

39


40
static void

41
check(krb5_error_code code)

42
{

43
    const char *errmsg;

44


45
    if (code) {

46
        errmsg = krb5_get_error_message(ctx, code);

47
        fprintf(stderr, "%s\n", errmsg);

48
        krb5_free_error_message(ctx, errmsg);

49
        exit(1);

50
    }

51
}

52


53
int

54
main(int argc, char **argv)

55
{

56
    const char *ktname = NULL, *sname = NULL, *princstr, *password;

57
    krb5_principal client;

58
    krb5_init_creds_context icc;

59
    krb5_get_init_creds_opt *opt;

60
    krb5_keytab keytab = NULL;

61
    krb5_creds creds;

62
    krb5_boolean stepwise = FALSE;

63
    krb5_preauthtype ptypes[64];

64
    int c, nptypes = 0;

65
    char *val;

66


67
    check(krb5_init_context(&ctx));

68
    check(krb5_get_init_creds_opt_alloc(ctx, &opt));

69


70
    while ((c = getopt(argc, argv, "k:so:S:X:")) != -1) {

71
        switch (c) {

72
        case 'k':

73
            ktname = optarg;

74
            break;

75
        case 's':

76
            stepwise = TRUE;

77
            break;

78
        case 'o':

79
            assert(nptypes < 64);

80
            ptypes[nptypes++] = atoi(optarg);

81
            break;

82
        case 'S':

83
            sname = optarg;

84
            break;

85
        case 'X':

86
            val = strchr(optarg, '=');

87
            if (val != NULL)

88
                *val++ = '\0';

89
            else

90
                val = "yes";

91
            check(krb5_get_init_creds_opt_set_pa(ctx, opt, optarg, val));

92
            break;

93
        default:

94
            abort();

95
        }

96
    }

97


98
    argc -= optind;

99
    argv += optind;

100
    if (argc != 1 && argc != 2)

101
        abort();

102
    princstr = argv[0];

103
    password = argv[1];

104


105
    if (sname != NULL) {

106
        check(krb5_sname_to_principal(ctx, princstr, sname, KRB5_NT_SRV_HST,

107
                                      &client));

108
    } else {

109
        check(krb5_parse_name(ctx, princstr, &client));

110
    }

111


112
    if (ktname != NULL)

113
        check(krb5_kt_resolve(ctx, ktname, &keytab));

114


115
    if (nptypes > 0)

116
        krb5_get_init_creds_opt_set_preauth_list(opt, ptypes, nptypes);

117


118
    if (stepwise) {

119
        /* Use the stepwise interface. */

120
        check(krb5_init_creds_init(ctx, client, NULL, NULL, 0, NULL, &icc));

121
        if (keytab != NULL)

122
            check(krb5_init_creds_set_keytab(ctx, icc, keytab));

123
        if (password != NULL)

124
            check(krb5_init_creds_set_password(ctx, icc, password));

125
        check(krb5_init_creds_get(ctx, icc));

126
        krb5_init_creds_free(ctx, icc);

127
    } else if (keytab != NULL) {

128
        check(krb5_get_init_creds_keytab(ctx, &creds, client, keytab, 0, NULL,

129
                                         opt));

130
        krb5_free_cred_contents(ctx, &creds);

131
    } else {

132
        /* Use the traditional one-shot interface. */

133
        check(krb5_get_init_creds_password(ctx, &creds, client, password, NULL,

134
                                           NULL, 0, NULL, opt));

135
        krb5_free_cred_contents(ctx, &creds);

136
    }

137


138
    if (keytab != NULL)

139
        krb5_kt_close(ctx, keytab);

140
    krb5_get_init_creds_opt_free(ctx, opt);

141
    krb5_free_principal(ctx, client);

142
    krb5_free_context(ctx);

143
    return 0;

144
}

145


146