1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 2 /* tests/gssapi/t_inq_cred.c - Test program for gss_inquire_cred behavior */ 3 /* 4 * Copyright 2012 by the Massachusetts Institute of Technology. 5 * All Rights Reserved. 6 * 7 * Export of this software from the United States of America may 8 * require a specific license from the United States Government. 9 * It is the responsibility of any person or organization contemplating 10 * export to obtain such a license before exporting. 11 * 12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 13 * distribute this software and its documentation for any purpose and 14 * without fee is hereby granted, provided that the above copyright 15 * notice appear in all copies and that both that copyright notice and 16 * this permission notice appear in supporting documentation, and that 17 * the name of M.I.T. not be used in advertising or publicity pertaining 18 * to distribution of the software without specific, written prior 19 * permission. Furthermore if you modify this software you must label 20 * your software as modified software and not distribute it in such a 21 * fashion that it might be confused with the original M.I.T. software. 22 * M.I.T. makes no representations about the suitability of 23 * this software for any purpose. It is provided "as is" without express 24 * or implied warranty. 25 */ 26 27 /* 28 * Test program for gss_inquire_cred, intended to be run from a Python test 29 * script. Acquires credentials, inquires them, and prints the resulting name 30 * and lifetime. 31 * 32 * Usage: ./t_inq_cred [-k|-s] [-a|-b|-i] [initiatorname] 33 * 34 * By default no mechanism is specified when acquiring credentials; -k 35 * indicates the krb5 mech and -s indicates SPNEGO. By default or with -i, 36 * initiator credentials are acquired; -a indicates acceptor credentials and -b 37 * indicates credentials of both types. The credential is acquired with no 38 * name by default; a krb5 principal name or host-based name (prefixed with 39 * "gss:") may be supplied as an argument. 40 */ 41 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> 45 46 #include "common.h" 47 48 static void 49 usage(void) 50 { 51 fprintf(stderr, 52 "Usage: t_inq_cred [-k|-s] [-a|-b|-i] [princ|gss:service@host]\n"); 53 exit(1); 54 } 55 56 int 57 main(int argc, char *argv[]) 58 { 59 OM_uint32 minor, major, lifetime; 60 gss_cred_usage_t cred_usage = GSS_C_INITIATE; 61 gss_OID_set mechs = GSS_C_NO_OID_SET; 62 gss_cred_id_t cred = GSS_C_NO_CREDENTIAL; 63 gss_name_t name = GSS_C_NO_NAME; 64 gss_buffer_desc buf; 65 const char *name_arg = NULL; 66 char opt; 67 68 while (argc > 1 && argv[1][0] == '-') { 69 opt = argv[1][1]; 70 argc--, argv++; 71 if (opt == 'a') 72 cred_usage = GSS_C_ACCEPT; 73 else if (opt == 'b') 74 cred_usage = GSS_C_BOTH; 75 else if (opt == 'i') 76 cred_usage = GSS_C_INITIATE; 77 else if (opt == 'k') 78 mechs = &mechset_krb5; 79 else if (opt == 's') 80 mechs = &mechset_spnego; 81 else 82 usage(); 83 } 84 if (argc > 2) 85 usage(); 86 if (argc > 1) 87 name_arg = argv[1]; 88 89 /* Import the name, if given. */ 90 if (name_arg != NULL) 91 name = import_name(name_arg); 92 93 /* Acquire a credential. */ 94 major = gss_acquire_cred(&minor, name, GSS_C_INDEFINITE, mechs, cred_usage, 95 &cred, NULL, NULL); 96 check_gsserr("gss_acquire_cred", major, minor); 97 98 /* Inquire about the credential. */ 99 (void)gss_release_name(&minor, &name); 100 major = gss_inquire_cred(&minor, cred, &name, &lifetime, NULL, NULL); 101 check_gsserr("gss_inquire_cred", major, minor); 102 103 /* Get a display form of the name. */ 104 buf.value = NULL; 105 buf.length = 0; 106 major = gss_display_name(&minor, name, &buf, NULL); 107 check_gsserr("gss_display_name", major, minor); 108 109 printf("name: %.*s\n", (int)buf.length, (char *)buf.value); 110 printf("lifetime: %d\n", (int)lifetime); 111 112 (void)gss_release_cred(&minor, &cred); 113 (void)gss_release_name(&minor, &name); 114 (void)gss_release_buffer(&minor, &buf); 115 return 0; 116 } 117