1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* tests/gssapi/t_inq_cred.c - Test program for gss_inquire_cred behavior */
3 /*
4 * Copyright 2012 by the Massachusetts Institute of Technology.
5 * All Rights Reserved.
6 *
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
11 *
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
25 */
26
27 /*
28 * Test program for gss_inquire_cred, intended to be run from a Python test
29 * script. Acquires credentials, inquires them, and prints the resulting name
30 * and lifetime.
31 *
32 * Usage: ./t_inq_cred [-k|-s] [-a|-b|-i] [initiatorname]
33 *
34 * By default no mechanism is specified when acquiring credentials; -k
35 * indicates the krb5 mech and -s indicates SPNEGO. By default or with -i,
36 * initiator credentials are acquired; -a indicates acceptor credentials and -b
37 * indicates credentials of both types. The credential is acquired with no
38 * name by default; a krb5 principal name or host-based name (prefixed with
39 * "gss:") may be supplied as an argument.
40 */
41
42 #include <stdio.h>
43 #include <stdlib.h>
44 #include <string.h>
45
46 #include "common.h"
47
48 static void
usage(void)49 usage(void)
50 {
51 fprintf(stderr,
52 "Usage: t_inq_cred [-k|-s] [-a|-b|-i] [princ|gss:service@host]\n");
53 exit(1);
54 }
55
56 int
main(int argc,char * argv[])57 main(int argc, char *argv[])
58 {
59 OM_uint32 minor, major, lifetime;
60 gss_cred_usage_t cred_usage = GSS_C_INITIATE;
61 gss_OID_set mechs = GSS_C_NO_OID_SET;
62 gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
63 gss_name_t name = GSS_C_NO_NAME;
64 gss_buffer_desc buf;
65 const char *name_arg = NULL;
66 char opt;
67
68 while (argc > 1 && argv[1][0] == '-') {
69 opt = argv[1][1];
70 argc--, argv++;
71 if (opt == 'a')
72 cred_usage = GSS_C_ACCEPT;
73 else if (opt == 'b')
74 cred_usage = GSS_C_BOTH;
75 else if (opt == 'i')
76 cred_usage = GSS_C_INITIATE;
77 else if (opt == 'k')
78 mechs = &mechset_krb5;
79 else if (opt == 's')
80 mechs = &mechset_spnego;
81 else
82 usage();
83 }
84 if (argc > 2)
85 usage();
86 if (argc > 1)
87 name_arg = argv[1];
88
89 /* Import the name, if given. */
90 if (name_arg != NULL)
91 name = import_name(name_arg);
92
93 /* Acquire a credential. */
94 major = gss_acquire_cred(&minor, name, GSS_C_INDEFINITE, mechs, cred_usage,
95 &cred, NULL, NULL);
96 check_gsserr("gss_acquire_cred", major, minor);
97
98 /* Inquire about the credential. */
99 (void)gss_release_name(&minor, &name);
100 major = gss_inquire_cred(&minor, cred, &name, &lifetime, NULL, NULL);
101 check_gsserr("gss_inquire_cred", major, minor);
102
103 /* Get a display form of the name. */
104 buf.value = NULL;
105 buf.length = 0;
106 major = gss_display_name(&minor, name, &buf, NULL);
107 check_gsserr("gss_display_name", major, minor);
108
109 printf("name: %.*s\n", (int)buf.length, (char *)buf.value);
110 printf("lifetime: %d\n", (int)lifetime);
111
112 (void)gss_release_cred(&minor, &cred);
113 (void)gss_release_name(&minor, &name);
114 (void)gss_release_buffer(&minor, &buf);
115 return 0;
116 }
117