4 static int version_flag
;
5 static const char *app_string
= "kdc";
7 struct getargs args
[] = {
8 { "help", 'h', arg_flag
, &help_flag
,
9 "Print usage message", NULL
},
10 { "version", 'v', arg_flag
, &version_flag
,
11 "Print version", NULL
},
12 { "app", 'a', arg_string
, &app_string
,
13 "App to test (kdc or bx509); default: kdc", "APPNAME" },
15 size_t num_args
= sizeof(args
) / sizeof(args
[0]);
20 arg_printusage(args
, num_args
, NULL
, "PATH-TO-DER-CSR PRINCIPAL");
22 "\n\tExercise CSR authorization plugins for a given CSR for a\n"
23 "\tgiven principal.\n"
24 "\n\tExample: %s PKCS10:/tmp/csr.der foo@TEST.H5L.SE\n",
30 static const char *sysplugin_dirs
[] = {
34 "$ORIGIN/../lib/plugin/kdc",
43 load_plugins(krb5_context context
)
45 const char * const *dirs
= sysplugin_dirs
;
49 cfdirs
= krb5_config_get_strings(context
, NULL
, "kdc", "plugin_dir", NULL
);
51 dirs
= (const char * const *)cfdirs
;
54 _krb5_load_plugins(context
, "kdc", (const char **)dirs
);
57 krb5_config_free_strings(cfdirs
);
62 main(int argc
, char **argv
)
64 krb5_log_facility
*logf
;
68 krb5_principal princ
= NULL
;
69 const char *argv0
= argv
[0];
73 if (getarg(args
, num_args
, argc
, argv
, &optidx
))
78 print_version(argv
[0]);
88 if ((errno
= krb5_init_context(&context
)))
89 err(1, "Could not initialize krb5_context");
90 if ((ret
= krb5_initlog(context
, argv0
, &logf
)) ||
91 (ret
= krb5_addlog_dest(context
, logf
, "0-5/STDERR")))
92 krb5_err(context
, 1, ret
, "Could not set up logging to stderr");
93 load_plugins(context
);
94 if ((ret
= hx509_request_parse(context
->hx509ctx
, argv
[0], &csr
)))
95 krb5_err(context
, 1, ret
, "Could not parse PKCS#10 CSR from %s", argv
[0]);
96 if ((ret
= krb5_parse_name(context
, argv
[1], &princ
)))
97 krb5_err(context
, 1, ret
, "Could not parse principal %s", argv
[1]);
98 if ((ret
= kdc_authorize_csr(context
, app_string
, csr
, princ
)))
99 krb5_err(context
, 1, ret
, "Authorization failed");
100 printf("Authorized!\n");
101 krb5_free_principal(context
, princ
);
102 _krb5_unload_plugins(context
, "kdc");
103 krb5_free_context(context
);
104 hx509_request_free(&csr
);