summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/lib/krb5/test_cc.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/heimdal/lib/krb5/test_cc.c')
-rw-r--r--crypto/heimdal/lib/krb5/test_cc.c476
1 files changed, 461 insertions, 15 deletions
diff --git a/crypto/heimdal/lib/krb5/test_cc.c b/crypto/heimdal/lib/krb5/test_cc.c
index 15181f4..075cfe2 100644
--- a/crypto/heimdal/lib/krb5/test_cc.c
+++ b/crypto/heimdal/lib/krb5/test_cc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003 Kungliga Tekniska Högskolan
+ * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,25 +31,21 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
#include "krb5_locl.h"
+#include <getarg.h>
#include <err.h>
-RCSID("$Id: test_cc.c,v 1.1 2003/03/10 00:26:40 lha Exp $");
+RCSID("$Id: test_cc.c 22115 2007-12-03 21:21:42Z lha $");
-#define TEST_CC_NAME "/tmp/foo"
+static int debug_flag = 0;
+static int version_flag = 0;
+static int help_flag = 0;
-int
-main(int argc, char **argv)
+static void
+test_default_name(krb5_context context)
{
- krb5_context context;
krb5_error_code ret;
+ const char *p, *test_cc_name = "/tmp/krb5-cc-test-foo";
char *p1, *p2, *p3;
- const char *p;
-
- setprogname(argv[0]);
-
- ret = krb5_init_context(&context);
- if (ret)
- errx (1, "krb5_init_context failed: %d", ret);
p = krb5_cc_default_name(context);
if (p == NULL)
@@ -68,7 +64,7 @@ main(int argc, char **argv)
if (strcmp(p1, p2) != 0)
krb5_errx (context, 1, "krb5_cc_default_name no longer same");
- ret = krb5_cc_set_default_name(context, TEST_CC_NAME);
+ ret = krb5_cc_set_default_name(context, test_cc_name);
if (p == NULL)
krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed");
@@ -77,9 +73,459 @@ main(int argc, char **argv)
krb5_errx (context, 1, "krb5_cc_default_name 2 failed");
p3 = estrdup(p);
- if (strcmp(p3, TEST_CC_NAME) != 0)
+ if (strcmp(p3, test_cc_name) != 0)
krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed");
+ free(p1);
+ free(p2);
+ free(p3);
+}
+
+/*
+ * Check that a closed cc still keeps it data and that it's no longer
+ * there when it's destroyed.
+ */
+
+static void
+test_mcache(krb5_context context)
+{
+ krb5_error_code ret;
+ krb5_ccache id, id2;
+ const char *nc, *tc;
+ char *c;
+ krb5_principal p, p2;
+
+ ret = krb5_parse_name(context, "lha@SU.SE", &p);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_parse_name");
+
+ ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_gen_new");
+
+ ret = krb5_cc_initialize(context, id, p);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_initialize");
+
+ nc = krb5_cc_get_name(context, id);
+ if (nc == NULL)
+ krb5_errx(context, 1, "krb5_cc_get_name");
+
+ tc = krb5_cc_get_type(context, id);
+ if (tc == NULL)
+ krb5_errx(context, 1, "krb5_cc_get_name");
+
+ asprintf(&c, "%s:%s", tc, nc);
+
+ krb5_cc_close(context, id);
+
+ ret = krb5_cc_resolve(context, c, &id2);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_resolve");
+
+ ret = krb5_cc_get_principal(context, id2, &p2);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_get_principal");
+
+ if (krb5_principal_compare(context, p, p2) == FALSE)
+ krb5_errx(context, 1, "p != p2");
+
+ krb5_cc_destroy(context, id2);
+ krb5_free_principal(context, p);
+ krb5_free_principal(context, p2);
+
+ ret = krb5_cc_resolve(context, c, &id2);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_resolve");
+
+ ret = krb5_cc_get_principal(context, id2, &p2);
+ if (ret == 0)
+ krb5_errx(context, 1, "krb5_cc_get_principal");
+
+ krb5_cc_destroy(context, id2);
+ free(c);
+}
+
+/*
+ * Test that init works on a destroyed cc.
+ */
+
+static void
+test_init_vs_destroy(krb5_context context, const krb5_cc_ops *ops)
+{
+ krb5_error_code ret;
+ krb5_ccache id, id2;
+ krb5_principal p, p2;
+ char *n;
+
+ ret = krb5_parse_name(context, "lha@SU.SE", &p);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_parse_name");
+
+ ret = krb5_cc_gen_new(context, ops, &id);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_gen_new");
+
+ asprintf(&n, "%s:%s",
+ krb5_cc_get_type(context, id),
+ krb5_cc_get_name(context, id));
+
+ ret = krb5_cc_resolve(context, n, &id2);
+ free(n);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_resolve");
+
+ krb5_cc_destroy(context, id);
+
+ ret = krb5_cc_initialize(context, id2, p);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_initialize");
+
+ ret = krb5_cc_get_principal(context, id2, &p2);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_get_principal");
+
+ krb5_cc_destroy(context, id2);
+ krb5_free_principal(context, p);
+ krb5_free_principal(context, p2);
+}
+
+static void
+test_fcache_remove(krb5_context context)
+{
+ krb5_error_code ret;
+ krb5_ccache id;
+ krb5_principal p;
+ krb5_creds cred;
+
+ ret = krb5_parse_name(context, "lha@SU.SE", &p);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_parse_name");
+
+ ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &id);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_gen_new");
+
+ ret = krb5_cc_initialize(context, id, p);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_initialize");
+
+ /* */
+ memset(&cred, 0, sizeof(cred));
+ ret = krb5_parse_name(context, "krbtgt/SU.SE@SU.SE", &cred.server);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_parse_name");
+ ret = krb5_parse_name(context, "lha@SU.SE", &cred.client);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_parse_name");
+
+ ret = krb5_cc_store_cred(context, id, &cred);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_store_cred");
+
+ ret = krb5_cc_remove_cred(context, id, 0, &cred);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_remove_cred");
+
+ ret = krb5_cc_destroy(context, id);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_destroy");
+
+ krb5_free_principal(context, p);
+ krb5_free_principal(context, cred.server);
+ krb5_free_principal(context, cred.client);
+}
+
+static void
+test_mcc_default(void)
+{
+ krb5_context context;
+ krb5_error_code ret;
+ krb5_ccache id, id2;
+ int i;
+
+ for (i = 0; i < 10; i++) {
+
+ ret = krb5_init_context(&context);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_init_context");
+
+ ret = krb5_cc_set_default_name(context, "MEMORY:foo");
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_set_default_name");
+
+ ret = krb5_cc_default(context, &id);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_default");
+
+ ret = krb5_cc_default(context, &id2);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_default");
+
+ ret = krb5_cc_close(context, id);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_close");
+
+ ret = krb5_cc_close(context, id2);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_close");
+
+ krb5_free_context(context);
+ }
+}
+
+struct {
+ char *str;
+ int fail;
+ char *res;
+} cc_names[] = {
+ { "foo", 0, "foo" },
+ { "%{uid}", 0 },
+ { "foo%{null}", 0, "foo" },
+ { "foo%{null}bar", 0, "foobar" },
+ { "%{", 1 },
+ { "%{foo %{", 1 },
+ { "%{{", 1 },
+};
+
+static void
+test_def_cc_name(krb5_context context)
+{
+ krb5_error_code ret;
+ char *str;
+ int i;
+
+ for (i = 0; i < sizeof(cc_names)/sizeof(cc_names[0]); i++) {
+ ret = _krb5_expand_default_cc_name(context, cc_names[i].str, &str);
+ if (ret) {
+ if (cc_names[i].fail == 0)
+ krb5_errx(context, 1, "test %d \"%s\" failed",
+ i, cc_names[i].str);
+ } else {
+ if (cc_names[i].fail)
+ krb5_errx(context, 1, "test %d \"%s\" was successful",
+ i, cc_names[i].str);
+ if (cc_names[i].res && strcmp(cc_names[i].res, str) != 0)
+ krb5_errx(context, 1, "test %d %s != %s",
+ i, cc_names[i].res, str);
+ if (debug_flag)
+ printf("%s => %s\n", cc_names[i].str, str);
+ free(str);
+ }
+ }
+}
+
+static void
+test_cache_find(krb5_context context, const char *type, const char *principal,
+ int find)
+{
+ krb5_principal client;
+ krb5_error_code ret;
+ krb5_ccache id = NULL;
+
+ ret = krb5_parse_name(context, principal, &client);
+ if (ret)
+ krb5_err(context, 1, ret, "parse_name for %s failed", principal);
+
+ ret = krb5_cc_cache_match(context, client, type, &id);
+ if (ret && find)
+ krb5_err(context, 1, ret, "cc_cache_match for %s failed", principal);
+ if (ret == 0 && !find)
+ krb5_err(context, 1, ret, "cc_cache_match for %s found", principal);
+
+ if (id)
+ krb5_cc_close(context, id);
+ krb5_free_principal(context, client);
+}
+
+
+static void
+test_cache_iter(krb5_context context, const char *type, int destroy)
+{
+ krb5_cc_cache_cursor cursor;
+ krb5_error_code ret;
+ krb5_ccache id;
+
+ ret = krb5_cc_cache_get_first (context, type, &cursor);
+ if (ret == KRB5_CC_NOSUPP)
+ return;
+ else if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_cache_get_first(%s)", type);
+
+
+ while ((ret = krb5_cc_cache_next (context, cursor, &id)) == 0) {
+ krb5_principal principal;
+ char *name;
+
+ if (debug_flag)
+ printf("name: %s\n", krb5_cc_get_name(context, id));
+ ret = krb5_cc_get_principal(context, id, &principal);
+ if (ret == 0) {
+ ret = krb5_unparse_name(context, principal, &name);
+ if (ret == 0) {
+ if (debug_flag)
+ printf("\tprincipal: %s\n", name);
+ free(name);
+ }
+ krb5_free_principal(context, principal);
+ }
+ if (destroy)
+ krb5_cc_destroy(context, id);
+ else
+ krb5_cc_close(context, id);
+ }
+
+ krb5_cc_cache_end_seq_get(context, cursor);
+}
+
+static void
+test_copy(krb5_context context, const char *fromtype, const char *totype)
+{
+ const krb5_cc_ops *from, *to;
+ krb5_ccache fromid, toid;
+ krb5_error_code ret;
+ krb5_principal p, p2;
+
+ from = krb5_cc_get_prefix_ops(context, fromtype);
+ if (from == NULL)
+ krb5_errx(context, 1, "%s isn't a type", fromtype);
+
+ to = krb5_cc_get_prefix_ops(context, totype);
+ if (to == NULL)
+ krb5_errx(context, 1, "%s isn't a type", totype);
+
+ ret = krb5_parse_name(context, "lha@SU.SE", &p);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_parse_name");
+
+ ret = krb5_cc_gen_new(context, from, &fromid);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_gen_new");
+
+ ret = krb5_cc_initialize(context, fromid, p);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_initialize");
+
+ ret = krb5_cc_gen_new(context, to, &toid);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_gen_new");
+
+ ret = krb5_cc_copy_cache(context, fromid, toid);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_copy_cache");
+
+ ret = krb5_cc_get_principal(context, toid, &p2);
+ if (ret)
+ krb5_err(context, 1, ret, "krb5_cc_get_principal");
+
+ if (krb5_principal_compare(context, p, p2) == FALSE)
+ krb5_errx(context, 1, "p != p2");
+
+ krb5_free_principal(context, p);
+ krb5_free_principal(context, p2);
+
+ krb5_cc_destroy(context, fromid);
+ krb5_cc_destroy(context, toid);
+}
+
+static void
+test_prefix_ops(krb5_context context, const char *name, const krb5_cc_ops *ops)
+{
+ const krb5_cc_ops *o;
+
+ o = krb5_cc_get_prefix_ops(context, name);
+ if (o == NULL)
+ krb5_errx(context, 1, "found no match for prefix '%s'", name);
+ if (strcmp(o->prefix, ops->prefix) != 0)
+ krb5_errx(context, 1, "ops for prefix '%s' is not "
+ "the expected %s != %s", name, o->prefix, ops->prefix);
+}
+
+
+static struct getargs args[] = {
+ {"debug", 'd', arg_flag, &debug_flag,
+ "turn on debuggin", NULL },
+ {"version", 0, arg_flag, &version_flag,
+ "print version", NULL },
+ {"help", 0, arg_flag, &help_flag,
+ NULL, NULL }
+};
+
+static void
+usage (int ret)
+{
+ arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "hostname ...");
+ exit (ret);
+}
+
+int
+main(int argc, char **argv)
+{
+ krb5_context context;
+ krb5_error_code ret;
+ int optidx = 0;
+ krb5_ccache id1, id2;
+
+ setprogname(argv[0]);
+
+ if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
+ usage(1);
+
+ if (help_flag)
+ usage (0);
+
+ if(version_flag){
+ print_version(NULL);
+ exit(0);
+ }
+
+ argc -= optidx;
+ argv += optidx;
+
+ ret = krb5_init_context(&context);
+ if (ret)
+ errx (1, "krb5_init_context failed: %d", ret);
+
+ test_fcache_remove(context);
+ test_default_name(context);
+ test_mcache(context);
+ test_init_vs_destroy(context, &krb5_mcc_ops);
+ test_init_vs_destroy(context, &krb5_fcc_ops);
+ test_mcc_default();
+ test_def_cc_name(context);
+ test_cache_iter(context, "MEMORY", 0);
+ {
+ krb5_principal p;
+ krb5_cc_new_unique(context, "MEMORY", "bar", &id1);
+ krb5_cc_new_unique(context, "MEMORY", "baz", &id2);
+ krb5_parse_name(context, "lha@SU.SE", &p);
+ krb5_cc_initialize(context, id1, p);
+ krb5_free_principal(context, p);
+ }
+
+ test_cache_find(context, "MEMORY", "lha@SU.SE", 1);
+ test_cache_find(context, "MEMORY", "hulabundulahotentot@SU.SE", 0);
+
+ test_cache_iter(context, "MEMORY", 0);
+ test_cache_iter(context, "MEMORY", 1);
+ test_cache_iter(context, "MEMORY", 0);
+ test_cache_iter(context, "FILE", 0);
+ test_cache_iter(context, "API", 0);
+
+ test_copy(context, "FILE", "FILE");
+ test_copy(context, "MEMORY", "MEMORY");
+ test_copy(context, "FILE", "MEMORY");
+ test_copy(context, "MEMORY", "FILE");
+
+ test_prefix_ops(context, "FILE:/tmp/foo", &krb5_fcc_ops);
+ test_prefix_ops(context, "FILE", &krb5_fcc_ops);
+ test_prefix_ops(context, "MEMORY", &krb5_mcc_ops);
+ test_prefix_ops(context, "MEMORY:foo", &krb5_mcc_ops);
+ test_prefix_ops(context, "/tmp/kaka", &krb5_fcc_ops);
+
+ krb5_cc_destroy(context, id1);
+ krb5_cc_destroy(context, id2);
+
krb5_free_context(context);
return 0;
OpenPOWER on IntegriCloud