2 * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "test_locl.h"
40 proto (int sock
, const char *hostname
, const char *service
)
42 struct sockaddr_in remote
, local
;
44 krb5_address remote_addr
, local_addr
;
47 krb5_auth_context auth_context
;
48 krb5_error_code status
;
49 krb5_principal client
;
52 krb5_creds mcred
, cred
;
55 addrlen
= sizeof(local
);
56 if (getsockname (sock
, (struct sockaddr
*)&local
, &addrlen
) < 0
57 || addrlen
!= sizeof(local
))
58 err (1, "getsockname(%s)", hostname
);
60 addrlen
= sizeof(remote
);
61 if (getpeername (sock
, (struct sockaddr
*)&remote
, &addrlen
) < 0
62 || addrlen
!= sizeof(remote
))
63 err (1, "getpeername(%s)", hostname
);
65 status
= krb5_init_context(&context
);
67 errx(1, "krb5_init_context failed: %d", status
);
69 status
= krb5_cc_default (context
, &ccache
);
71 krb5_err(context
, 1, status
, "krb5_cc_default");
73 status
= krb5_auth_con_init (context
, &auth_context
);
75 krb5_err(context
, 1, status
, "krb5_auth_con_init");
77 local_addr
.addr_type
= AF_INET
;
78 local_addr
.address
.length
= sizeof(local
.sin_addr
);
79 local_addr
.address
.data
= &local
.sin_addr
;
81 remote_addr
.addr_type
= AF_INET
;
82 remote_addr
.address
.length
= sizeof(remote
.sin_addr
);
83 remote_addr
.address
.data
= &remote
.sin_addr
;
85 status
= krb5_auth_con_setaddrs (context
,
90 krb5_err(context
, 1, status
, "krb5_auth_con_setaddr");
92 krb5_cc_clear_mcred(&mcred
);
94 status
= krb5_cc_get_principal(context
, ccache
, &client
);
96 krb5_err(context
, 1, status
, "krb5_cc_get_principal");
97 status
= krb5_make_principal(context
, &mcred
.server
,
98 krb5_principal_get_realm(context
, client
),
100 krb5_principal_get_realm(context
, client
),
103 krb5_err(context
, 1, status
, "krb5_make_principal");
104 mcred
.client
= client
;
106 status
= krb5_cc_retrieve_cred(context
, ccache
, 0, &mcred
, &cred
);
108 krb5_err(context
, 1, status
, "krb5_cc_retrieve_cred");
113 status
= krb5_unparse_name(context
, cred
.client
, &client_name
);
115 krb5_err(context
, 1, status
, "krb5_unparse_name");
116 data
.data
= client_name
;
117 data
.length
= strlen(client_name
) + 1;
118 status
= krb5_write_message(context
, &sock
, &data
);
120 krb5_err(context
, 1, status
, "krb5_write_message");
124 status
= krb5_write_message(context
, &sock
, &cred
.ticket
);
126 krb5_err(context
, 1, status
, "krb5_write_message");
128 status
= krb5_auth_con_setuserkey(context
, auth_context
, &cred
.session
);
130 krb5_err(context
, 1, status
, "krb5_auth_con_setuserkey");
132 status
= krb5_recvauth(context
, &auth_context
, &sock
,
133 VERSION
, client
, 0, NULL
, &ticket
);
136 krb5_err(context
, 1, status
, "krb5_recvauth");
138 if (ticket
->ticket
.authorization_data
) {
139 AuthorizationData
*authz
;
142 printf("Authorization data:\n");
144 authz
= ticket
->ticket
.authorization_data
;
145 for (i
= 0; i
< authz
->len
; i
++) {
146 printf("\ttype %d, length %lu\n",
147 authz
->val
[i
].ad_type
,
148 (unsigned long)authz
->val
[i
].ad_data
.length
);
155 krb5_data_zero (&packet
);
157 status
= krb5_mk_safe (context
,
163 krb5_err(context
, 1, status
, "krb5_mk_safe");
165 status
= krb5_write_message(context
, &sock
, &packet
);
167 krb5_err(context
, 1, status
, "krb5_write_message");
169 data
.data
= "hemligt";
172 krb5_data_free (&packet
);
174 status
= krb5_mk_priv (context
,
180 krb5_err(context
, 1, status
, "krb5_mk_priv");
182 status
= krb5_write_message(context
, &sock
, &packet
);
184 krb5_err(context
, 1, status
, "krb5_write_message");
189 main(int argc
, char **argv
)
191 int port
= client_setup(&context
, &argc
, argv
);
192 return client_doit (argv
[argc
], port
, service
, proto
);