1bbd80c28SJacques Vidrine /* 2c19800e8SDoug Rabson * Copyright (c) 2003-2007 Kungliga Tekniska H�gskolan 3bbd80c28SJacques Vidrine * (Royal Institute of Technology, Stockholm, Sweden). 4bbd80c28SJacques Vidrine * All rights reserved. 5bbd80c28SJacques Vidrine * 6bbd80c28SJacques Vidrine * Redistribution and use in source and binary forms, with or without 7bbd80c28SJacques Vidrine * modification, are permitted provided that the following conditions 8bbd80c28SJacques Vidrine * are met: 9bbd80c28SJacques Vidrine * 10bbd80c28SJacques Vidrine * 1. Redistributions of source code must retain the above copyright 11bbd80c28SJacques Vidrine * notice, this list of conditions and the following disclaimer. 12bbd80c28SJacques Vidrine * 13bbd80c28SJacques Vidrine * 2. Redistributions in binary form must reproduce the above copyright 14bbd80c28SJacques Vidrine * notice, this list of conditions and the following disclaimer in the 15bbd80c28SJacques Vidrine * documentation and/or other materials provided with the distribution. 16bbd80c28SJacques Vidrine * 17bbd80c28SJacques Vidrine * 3. Neither the name of KTH nor the names of its contributors may be 18bbd80c28SJacques Vidrine * used to endorse or promote products derived from this software without 19bbd80c28SJacques Vidrine * specific prior written permission. 20bbd80c28SJacques Vidrine * 21bbd80c28SJacques Vidrine * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY 22bbd80c28SJacques Vidrine * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23bbd80c28SJacques Vidrine * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 24bbd80c28SJacques Vidrine * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE 25bbd80c28SJacques Vidrine * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26bbd80c28SJacques Vidrine * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27bbd80c28SJacques Vidrine * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28bbd80c28SJacques Vidrine * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 29bbd80c28SJacques Vidrine * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 30bbd80c28SJacques Vidrine * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 31c19800e8SDoug Rabson * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32c19800e8SDoug Rabson */ 33bbd80c28SJacques Vidrine 34c19800e8SDoug Rabson #ifdef HAVE_CONFIG_H 35c19800e8SDoug Rabson #include <config.h> 36c19800e8SDoug Rabson #endif 37c19800e8SDoug Rabson 38c19800e8SDoug Rabson #include <stdio.h> 39c19800e8SDoug Rabson #include <stdlib.h> 40c19800e8SDoug Rabson #include <string.h> 41c19800e8SDoug Rabson #include <stdarg.h> 42c19800e8SDoug Rabson #include <gssapi.h> 43bbd80c28SJacques Vidrine #include <err.h> 44c19800e8SDoug Rabson #include <roken.h> 45c19800e8SDoug Rabson #include <getarg.h> 46bbd80c28SJacques Vidrine 47c19800e8SDoug Rabson #include "test_common.h" 48c19800e8SDoug Rabson 49c19800e8SDoug Rabson RCSID("$Id: test_acquire_cred.c 22129 2007-12-04 01:13:13Z lha $"); 50bbd80c28SJacques Vidrine 51bbd80c28SJacques Vidrine static void 52bbd80c28SJacques Vidrine print_time(OM_uint32 time_rec) 53bbd80c28SJacques Vidrine { 54bbd80c28SJacques Vidrine if (time_rec == GSS_C_INDEFINITE) { 55bbd80c28SJacques Vidrine printf("cred never expire\n"); 56bbd80c28SJacques Vidrine } else { 57c19800e8SDoug Rabson time_t t = time_rec + time(NULL); 58bbd80c28SJacques Vidrine printf("expiration time: %s", ctime(&t)); 59bbd80c28SJacques Vidrine } 60bbd80c28SJacques Vidrine } 61bbd80c28SJacques Vidrine 62c19800e8SDoug Rabson #if 0 63c19800e8SDoug Rabson 64c19800e8SDoug Rabson static void 65c19800e8SDoug Rabson test_add(gss_cred_id_t cred_handle) 66bbd80c28SJacques Vidrine { 67bbd80c28SJacques Vidrine OM_uint32 major_status, minor_status; 68c19800e8SDoug Rabson gss_cred_id_t copy_cred; 69bbd80c28SJacques Vidrine OM_uint32 time_rec; 70bbd80c28SJacques Vidrine 71bbd80c28SJacques Vidrine major_status = gss_add_cred (&minor_status, 72bbd80c28SJacques Vidrine cred_handle, 73bbd80c28SJacques Vidrine GSS_C_NO_NAME, 74bbd80c28SJacques Vidrine GSS_KRB5_MECHANISM, 75bbd80c28SJacques Vidrine GSS_C_INITIATE, 76bbd80c28SJacques Vidrine 0, 77bbd80c28SJacques Vidrine 0, 78bbd80c28SJacques Vidrine ©_cred, 79bbd80c28SJacques Vidrine NULL, 80bbd80c28SJacques Vidrine &time_rec, 81bbd80c28SJacques Vidrine NULL); 82bbd80c28SJacques Vidrine 83bbd80c28SJacques Vidrine if (GSS_ERROR(major_status)) 84bbd80c28SJacques Vidrine errx(1, "add_cred failed"); 85bbd80c28SJacques Vidrine 86bbd80c28SJacques Vidrine print_time(time_rec); 87bbd80c28SJacques Vidrine 88bbd80c28SJacques Vidrine major_status = gss_release_cred(&minor_status, 89bbd80c28SJacques Vidrine ©_cred); 90bbd80c28SJacques Vidrine if (GSS_ERROR(major_status)) 91bbd80c28SJacques Vidrine errx(1, "release_cred failed"); 92c19800e8SDoug Rabson } 93c19800e8SDoug Rabson 94c19800e8SDoug Rabson static void 95c19800e8SDoug Rabson copy_cred(void) 96c19800e8SDoug Rabson { 97c19800e8SDoug Rabson OM_uint32 major_status, minor_status; 98c19800e8SDoug Rabson gss_cred_id_t cred_handle; 99c19800e8SDoug Rabson OM_uint32 time_rec; 100c19800e8SDoug Rabson 101c19800e8SDoug Rabson major_status = gss_acquire_cred(&minor_status, 102c19800e8SDoug Rabson GSS_C_NO_NAME, 103c19800e8SDoug Rabson 0, 104c19800e8SDoug Rabson NULL, 105c19800e8SDoug Rabson GSS_C_INITIATE, 106c19800e8SDoug Rabson &cred_handle, 107c19800e8SDoug Rabson NULL, 108c19800e8SDoug Rabson &time_rec); 109c19800e8SDoug Rabson if (GSS_ERROR(major_status)) 110c19800e8SDoug Rabson errx(1, "acquire_cred failed"); 111c19800e8SDoug Rabson 112c19800e8SDoug Rabson print_time(time_rec); 113c19800e8SDoug Rabson 114c19800e8SDoug Rabson test_add(cred_handle); 115c19800e8SDoug Rabson test_add(cred_handle); 116c19800e8SDoug Rabson test_add(cred_handle); 117c19800e8SDoug Rabson 118c19800e8SDoug Rabson major_status = gss_release_cred(&minor_status, 119c19800e8SDoug Rabson &cred_handle); 120c19800e8SDoug Rabson if (GSS_ERROR(major_status)) 121c19800e8SDoug Rabson errx(1, "release_cred failed"); 122c19800e8SDoug Rabson } 123c19800e8SDoug Rabson #endif 124c19800e8SDoug Rabson 125c19800e8SDoug Rabson static void 126c19800e8SDoug Rabson acquire_cred_service(const char *service, 127c19800e8SDoug Rabson gss_OID nametype, 128c19800e8SDoug Rabson int flags) 129c19800e8SDoug Rabson { 130c19800e8SDoug Rabson OM_uint32 major_status, minor_status; 131c19800e8SDoug Rabson gss_cred_id_t cred_handle; 132c19800e8SDoug Rabson OM_uint32 time_rec; 133c19800e8SDoug Rabson gss_buffer_desc name_buffer; 134c19800e8SDoug Rabson gss_name_t name = GSS_C_NO_NAME; 135c19800e8SDoug Rabson 136c19800e8SDoug Rabson if (service) { 137c19800e8SDoug Rabson name_buffer.value = rk_UNCONST(service); 138c19800e8SDoug Rabson name_buffer.length = strlen(service); 139c19800e8SDoug Rabson 140c19800e8SDoug Rabson major_status = gss_import_name(&minor_status, 141c19800e8SDoug Rabson &name_buffer, 142c19800e8SDoug Rabson nametype, 143c19800e8SDoug Rabson &name); 144c19800e8SDoug Rabson if (GSS_ERROR(major_status)) 145c19800e8SDoug Rabson errx(1, "import_name failed"); 146c19800e8SDoug Rabson } 147c19800e8SDoug Rabson 148c19800e8SDoug Rabson major_status = gss_acquire_cred(&minor_status, 149c19800e8SDoug Rabson name, 150c19800e8SDoug Rabson 0, 151c19800e8SDoug Rabson NULL, 152c19800e8SDoug Rabson flags, 153c19800e8SDoug Rabson &cred_handle, 154c19800e8SDoug Rabson NULL, 155c19800e8SDoug Rabson &time_rec); 156c19800e8SDoug Rabson if (GSS_ERROR(major_status)) { 157c19800e8SDoug Rabson warnx("acquire_cred failed: %s", 158c19800e8SDoug Rabson gssapi_err(major_status, minor_status, GSS_C_NO_OID)); 159c19800e8SDoug Rabson } else { 160c19800e8SDoug Rabson print_time(time_rec); 161c19800e8SDoug Rabson gss_release_cred(&minor_status, &cred_handle); 162c19800e8SDoug Rabson } 163c19800e8SDoug Rabson 164c19800e8SDoug Rabson if (name != GSS_C_NO_NAME) 165c19800e8SDoug Rabson gss_release_name(&minor_status, &name); 166c19800e8SDoug Rabson 167c19800e8SDoug Rabson if (GSS_ERROR(major_status)) 168c19800e8SDoug Rabson exit(1); 169c19800e8SDoug Rabson } 170c19800e8SDoug Rabson 171c19800e8SDoug Rabson static int version_flag = 0; 172c19800e8SDoug Rabson static int help_flag = 0; 173c19800e8SDoug Rabson static char *acquire_name; 174c19800e8SDoug Rabson static char *acquire_type; 175c19800e8SDoug Rabson static char *name_type; 176c19800e8SDoug Rabson static char *ccache; 177c19800e8SDoug Rabson 178c19800e8SDoug Rabson static struct getargs args[] = { 179c19800e8SDoug Rabson {"acquire-name", 0, arg_string, &acquire_name, "name", NULL }, 180c19800e8SDoug Rabson {"acquire-type", 0, arg_string, &acquire_type, "type", NULL }, 181c19800e8SDoug Rabson {"ccache", 0, arg_string, &ccache, "name", NULL }, 182c19800e8SDoug Rabson {"name-type", 0, arg_string, &name_type, "type", NULL }, 183c19800e8SDoug Rabson {"version", 0, arg_flag, &version_flag, "print version", NULL }, 184c19800e8SDoug Rabson {"help", 0, arg_flag, &help_flag, NULL, NULL } 185c19800e8SDoug Rabson }; 186c19800e8SDoug Rabson 187c19800e8SDoug Rabson static void 188c19800e8SDoug Rabson usage (int ret) 189c19800e8SDoug Rabson { 190c19800e8SDoug Rabson arg_printusage (args, sizeof(args)/sizeof(*args), NULL, ""); 191c19800e8SDoug Rabson exit (ret); 192c19800e8SDoug Rabson } 193c19800e8SDoug Rabson 194c19800e8SDoug Rabson int 195c19800e8SDoug Rabson main(int argc, char **argv) 196c19800e8SDoug Rabson { 197c19800e8SDoug Rabson int optidx = 0; 198c19800e8SDoug Rabson OM_uint32 flag; 199c19800e8SDoug Rabson gss_OID type; 200c19800e8SDoug Rabson 201c19800e8SDoug Rabson setprogname(argv[0]); 202c19800e8SDoug Rabson if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) 203c19800e8SDoug Rabson usage(1); 204c19800e8SDoug Rabson 205c19800e8SDoug Rabson if (help_flag) 206c19800e8SDoug Rabson usage (0); 207c19800e8SDoug Rabson 208c19800e8SDoug Rabson if(version_flag){ 209c19800e8SDoug Rabson print_version(NULL); 210c19800e8SDoug Rabson exit(0); 211c19800e8SDoug Rabson } 212c19800e8SDoug Rabson 213c19800e8SDoug Rabson argc -= optidx; 214c19800e8SDoug Rabson argv += optidx; 215c19800e8SDoug Rabson 216c19800e8SDoug Rabson if (argc != 0) 217c19800e8SDoug Rabson usage(1); 218c19800e8SDoug Rabson 219c19800e8SDoug Rabson if (acquire_type) { 220c19800e8SDoug Rabson if (strcasecmp(acquire_type, "both") == 0) 221c19800e8SDoug Rabson flag = GSS_C_BOTH; 222c19800e8SDoug Rabson else if (strcasecmp(acquire_type, "accept") == 0) 223c19800e8SDoug Rabson flag = GSS_C_ACCEPT; 224c19800e8SDoug Rabson else if (strcasecmp(acquire_type, "initiate") == 0) 225c19800e8SDoug Rabson flag = GSS_C_INITIATE; 226c19800e8SDoug Rabson else 227c19800e8SDoug Rabson errx(1, "unknown type %s", acquire_type); 228c19800e8SDoug Rabson } else 229c19800e8SDoug Rabson flag = GSS_C_ACCEPT; 230c19800e8SDoug Rabson 231c19800e8SDoug Rabson if (name_type) { 232c19800e8SDoug Rabson if (strcasecmp("hostbased-service", name_type) == 0) 233c19800e8SDoug Rabson type = GSS_C_NT_HOSTBASED_SERVICE; 234c19800e8SDoug Rabson else if (strcasecmp("user-name", name_type) == 0) 235c19800e8SDoug Rabson type = GSS_C_NT_USER_NAME; 236c19800e8SDoug Rabson else 237c19800e8SDoug Rabson errx(1, "unknown name type %s", name_type); 238c19800e8SDoug Rabson } else 239c19800e8SDoug Rabson type = GSS_C_NT_HOSTBASED_SERVICE; 240c19800e8SDoug Rabson 241c19800e8SDoug Rabson if (ccache) { 242c19800e8SDoug Rabson OM_uint32 major_status, minor_status; 243c19800e8SDoug Rabson major_status = gss_krb5_ccache_name(&minor_status, 244c19800e8SDoug Rabson ccache, NULL); 245c19800e8SDoug Rabson if (GSS_ERROR(major_status)) 246c19800e8SDoug Rabson errx(1, "gss_krb5_ccache_name %s", 247c19800e8SDoug Rabson gssapi_err(major_status, minor_status, GSS_C_NO_OID)); 248c19800e8SDoug Rabson } 249c19800e8SDoug Rabson 250c19800e8SDoug Rabson acquire_cred_service(acquire_name, type, flag); 251bbd80c28SJacques Vidrine 252bbd80c28SJacques Vidrine return 0; 253bbd80c28SJacques Vidrine } 254