1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 2 /* 3 * Copyright (C) 2020 by Red Hat, Inc. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * * Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * * Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in 15 * the documentation and/or other materials provided with the 16 * distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 21 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 22 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 23 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 24 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 25 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 27 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 29 * OF THE POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <stdio.h> 33 #include <string.h> 34 #include <assert.h> 35 36 #include "common.h" 37 38 /* 39 * Establish contexts (without and with GSS_C_DCE_STYLE) with the default 40 * initiator name, a specified principal name as target name, initiator 41 * bindings, and acceptor bindings. If any call is unsuccessful, display an 42 * error message. Output "yes" or "no" to indicate whether the contexts were 43 * reported as channel-bound on the acceptor. Exit with status 0 if all 44 * operations are successful, or 1 if not. 45 * 46 * Usage: ./t_bindings [-s] targetname icb acb 47 * 48 * An icb or abc value of "-" will not specify channel bindings. 49 */ 50 51 int 52 main(int argc, char *argv[]) 53 { 54 OM_uint32 minor, flags1, flags2; 55 gss_name_t target_name; 56 gss_ctx_id_t ictx, actx; 57 struct gss_channel_bindings_struct icb_data = {0}, acb_data = {0}; 58 gss_channel_bindings_t icb = GSS_C_NO_CHANNEL_BINDINGS; 59 gss_channel_bindings_t acb = GSS_C_NO_CHANNEL_BINDINGS; 60 gss_OID_desc *mech; 61 62 argv++; 63 argc--; 64 if (*argv != NULL && strcmp(*argv, "-s") == 0) { 65 mech = &mech_spnego; 66 argv++; 67 argc--; 68 } else { 69 mech = &mech_krb5; 70 } 71 72 if (argc != 3) { 73 fprintf(stderr, "Usage: t_bindings [-s] targetname icb acb\n"); 74 return 1; 75 } 76 77 target_name = import_name(argv[0]); 78 79 if (strcmp(argv[1], "-") != 0) { 80 icb_data.application_data.length = strlen(argv[1]); 81 icb_data.application_data.value = argv[1]; 82 icb = &icb_data; 83 } 84 85 if (strcmp(argv[2], "-") != 0) { 86 acb_data.application_data.length = strlen(argv[2]); 87 acb_data.application_data.value = argv[2]; 88 acb = &acb_data; 89 } 90 91 establish_contexts_ex(mech, GSS_C_NO_CREDENTIAL, GSS_C_NO_CREDENTIAL, 92 target_name, 0, &ictx, &actx, icb, acb, &flags1, 93 NULL, NULL, NULL); 94 95 /* Try again with GSS_C_DCE_STYLE */ 96 (void)gss_delete_sec_context(&minor, &ictx, NULL); 97 (void)gss_delete_sec_context(&minor, &actx, NULL); 98 99 establish_contexts_ex(mech, GSS_C_NO_CREDENTIAL, GSS_C_NO_CREDENTIAL, 100 target_name, GSS_C_DCE_STYLE, &ictx, &actx, icb, acb, 101 &flags2, NULL, NULL, NULL); 102 assert((flags1 & GSS_C_CHANNEL_BOUND_FLAG) == 103 (flags2 & GSS_C_CHANNEL_BOUND_FLAG)); 104 printf("%s\n", (flags1 & GSS_C_CHANNEL_BOUND_FLAG) ? "yes" : "no"); 105 106 (void)gss_delete_sec_context(&minor, &ictx, NULL); 107 (void)gss_delete_sec_context(&minor, &actx, NULL); 108 (void)gss_release_name(&minor, &target_name); 109 110 return 0; 111 } 112