1 /* 2 * Copyright (c) 2005 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of KTH nor the names of its contributors may be 18 * used to endorse or promote products derived from this software without 19 * specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY 22 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE 25 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 29 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 30 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 31 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ 32 33 #include "krb5_locl.h" 34 #include <err.h> 35 36 RCSID("$Id: test_keytab.c 18809 2006-10-22 07:11:43Z lha $"); 37 38 /* 39 * Test that removal entry from of empty keytab doesn't corrupts 40 * memory. 41 */ 42 43 static void 44 test_empty_keytab(krb5_context context, const char *keytab) 45 { 46 krb5_error_code ret; 47 krb5_keytab id; 48 krb5_keytab_entry entry; 49 50 ret = krb5_kt_resolve(context, keytab, &id); 51 if (ret) 52 krb5_err(context, 1, ret, "krb5_kt_resolve"); 53 54 memset(&entry, 0, sizeof(entry)); 55 56 krb5_kt_remove_entry(context, id, &entry); 57 58 ret = krb5_kt_close(context, id); 59 if (ret) 60 krb5_err(context, 1, ret, "krb5_kt_close"); 61 } 62 63 /* 64 * Test that memory keytab are refcounted. 65 */ 66 67 static void 68 test_memory_keytab(krb5_context context, const char *keytab, const char *keytab2) 69 { 70 krb5_error_code ret; 71 krb5_keytab id, id2, id3; 72 krb5_keytab_entry entry, entry2, entry3; 73 74 ret = krb5_kt_resolve(context, keytab, &id); 75 if (ret) 76 krb5_err(context, 1, ret, "krb5_kt_resolve"); 77 78 memset(&entry, 0, sizeof(entry)); 79 ret = krb5_parse_name(context, "lha@SU.SE", &entry.principal); 80 if (ret) 81 krb5_err(context, 1, ret, "krb5_parse_name"); 82 entry.vno = 1; 83 ret = krb5_generate_random_keyblock(context, 84 ETYPE_AES256_CTS_HMAC_SHA1_96, 85 &entry.keyblock); 86 if (ret) 87 krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); 88 89 krb5_kt_add_entry(context, id, &entry); 90 91 ret = krb5_kt_resolve(context, keytab, &id2); 92 if (ret) 93 krb5_err(context, 1, ret, "krb5_kt_resolve"); 94 95 ret = krb5_kt_get_entry(context, id, 96 entry.principal, 97 0, 98 ETYPE_AES256_CTS_HMAC_SHA1_96, 99 &entry2); 100 if (ret) 101 krb5_err(context, 1, ret, "krb5_kt_get_entry"); 102 krb5_kt_free_entry(context, &entry2); 103 104 ret = krb5_kt_close(context, id); 105 if (ret) 106 krb5_err(context, 1, ret, "krb5_kt_close"); 107 108 ret = krb5_kt_get_entry(context, id2, 109 entry.principal, 110 0, 111 ETYPE_AES256_CTS_HMAC_SHA1_96, 112 &entry2); 113 if (ret) 114 krb5_err(context, 1, ret, "krb5_kt_get_entry"); 115 krb5_kt_free_entry(context, &entry2); 116 117 ret = krb5_kt_close(context, id2); 118 if (ret) 119 krb5_err(context, 1, ret, "krb5_kt_close"); 120 121 122 ret = krb5_kt_resolve(context, keytab2, &id3); 123 if (ret) 124 krb5_err(context, 1, ret, "krb5_kt_resolve"); 125 126 memset(&entry3, 0, sizeof(entry3)); 127 ret = krb5_parse_name(context, "lha3@SU.SE", &entry3.principal); 128 if (ret) 129 krb5_err(context, 1, ret, "krb5_parse_name"); 130 entry3.vno = 1; 131 ret = krb5_generate_random_keyblock(context, 132 ETYPE_AES256_CTS_HMAC_SHA1_96, 133 &entry3.keyblock); 134 if (ret) 135 krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); 136 137 krb5_kt_add_entry(context, id3, &entry3); 138 139 140 ret = krb5_kt_resolve(context, keytab, &id); 141 if (ret) 142 krb5_err(context, 1, ret, "krb5_kt_resolve"); 143 144 ret = krb5_kt_get_entry(context, id, 145 entry.principal, 146 0, 147 ETYPE_AES256_CTS_HMAC_SHA1_96, 148 &entry2); 149 if (ret == 0) 150 krb5_errx(context, 1, "krb5_kt_get_entry when if should fail"); 151 152 krb5_kt_remove_entry(context, id, &entry); 153 154 ret = krb5_kt_close(context, id); 155 if (ret) 156 krb5_err(context, 1, ret, "krb5_kt_close"); 157 158 krb5_kt_free_entry(context, &entry); 159 160 krb5_kt_remove_entry(context, id3, &entry3); 161 162 ret = krb5_kt_close(context, id3); 163 if (ret) 164 krb5_err(context, 1, ret, "krb5_kt_close"); 165 166 krb5_free_principal(context, entry3.principal); 167 krb5_free_keyblock_contents(context, &entry3.keyblock); 168 } 169 170 int 171 main(int argc, char **argv) 172 { 173 krb5_context context; 174 krb5_error_code ret; 175 176 setprogname(argv[0]); 177 178 ret = krb5_init_context(&context); 179 if (ret) 180 errx (1, "krb5_init_context failed: %d", ret); 181 182 test_empty_keytab(context, "MEMORY:foo"); 183 test_empty_keytab(context, "FILE:foo"); 184 test_empty_keytab(context, "KRB4:foo"); 185 186 test_memory_keytab(context, "MEMORY:foo", "MEMORY:foo2"); 187 188 krb5_free_context(context); 189 190 return 0; 191 } 192