2 * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "test_locl.h"
40 proto (int sock
, const char *hostname
, const char *service
)
42 struct sockaddr_storage remote
, local
;
44 krb5_address remote_addr
, local_addr
;
47 krb5_auth_context auth_context
;
48 krb5_error_code status
;
49 krb5_principal client
;
52 krb5_creds mcred
, cred
;
55 addrlen
= sizeof(local
);
56 if (getsockname (sock
, (struct sockaddr
*)&local
, &addrlen
) < 0
57 || addrlen
> sizeof(local
))
58 err (1, "getsockname(%s)", hostname
);
60 addrlen
= sizeof(remote
);
61 if (getpeername (sock
, (struct sockaddr
*)&remote
, &addrlen
) < 0
62 || addrlen
> sizeof(remote
))
63 err (1, "getpeername(%s)", hostname
);
65 status
= krb5_init_context(&context
);
67 errx(1, "krb5_init_context failed: %d", status
);
69 status
= krb5_cc_default (context
, &ccache
);
71 krb5_err(context
, 1, status
, "krb5_cc_default");
73 status
= krb5_auth_con_init (context
, &auth_context
);
75 krb5_err(context
, 1, status
, "krb5_auth_con_init");
77 status
= krb5_sockaddr2address (context
, (struct sockaddr
*)&local
, &local_addr
);
79 krb5_err(context
, 1, status
, "krb5_sockaddr2address(local)");
80 status
= krb5_sockaddr2address (context
, (struct sockaddr
*)&remote
, &remote_addr
);
82 krb5_err(context
, 1, status
, "krb5_sockaddr2address(remote)");
84 status
= krb5_auth_con_setaddrs (context
,
89 krb5_err(context
, 1, status
, "krb5_auth_con_setaddr");
91 krb5_cc_clear_mcred(&mcred
);
93 status
= krb5_cc_get_principal(context
, ccache
, &client
);
95 krb5_err(context
, 1, status
, "krb5_cc_get_principal");
96 status
= krb5_make_principal(context
, &mcred
.server
,
97 krb5_principal_get_realm(context
, client
),
99 krb5_principal_get_realm(context
, client
),
102 krb5_err(context
, 1, status
, "krb5_make_principal");
103 mcred
.client
= client
;
105 status
= krb5_cc_retrieve_cred(context
, ccache
, 0, &mcred
, &cred
);
107 krb5_err(context
, 1, status
, "krb5_cc_retrieve_cred");
112 status
= krb5_unparse_name(context
, cred
.client
, &client_name
);
114 krb5_err(context
, 1, status
, "krb5_unparse_name");
115 data
.data
= client_name
;
116 data
.length
= strlen(client_name
) + 1;
117 status
= krb5_write_message(context
, &sock
, &data
);
119 krb5_err(context
, 1, status
, "krb5_write_message");
123 status
= krb5_write_message(context
, &sock
, &cred
.ticket
);
125 krb5_err(context
, 1, status
, "krb5_write_message");
127 status
= krb5_auth_con_setuserkey(context
, auth_context
, &cred
.session
);
129 krb5_err(context
, 1, status
, "krb5_auth_con_setuserkey");
131 status
= krb5_recvauth(context
, &auth_context
, &sock
,
132 VERSION
, client
, 0, NULL
, &ticket
);
135 krb5_err(context
, 1, status
, "krb5_recvauth");
137 if (ticket
->ticket
.authorization_data
) {
138 AuthorizationData
*authz
;
141 printf("Authorization data:\n");
143 authz
= ticket
->ticket
.authorization_data
;
144 for (i
= 0; i
< authz
->len
; i
++) {
145 printf("\ttype %d, length %lu\n",
146 authz
->val
[i
].ad_type
,
147 (unsigned long)authz
->val
[i
].ad_data
.length
);
154 krb5_data_zero (&packet
);
156 status
= krb5_mk_safe (context
,
162 krb5_err(context
, 1, status
, "krb5_mk_safe");
164 status
= krb5_write_message(context
, &sock
, &packet
);
166 krb5_err(context
, 1, status
, "krb5_write_message");
168 data
.data
= "hemligt";
171 krb5_data_free (&packet
);
173 status
= krb5_mk_priv (context
,
179 krb5_err(context
, 1, status
, "krb5_mk_priv");
181 status
= krb5_write_message(context
, &sock
, &packet
);
183 krb5_err(context
, 1, status
, "krb5_write_message");
188 main(int argc
, char **argv
)
190 int port
= client_setup(&context
, &argc
, argv
);
191 return client_doit (argv
[argc
], port
, service
, proto
);