1 /* server.c sample kerberos authenticated server
2 * Copyright (C) 2003 Simon Josefsson
4 * This file is part of Shishi.
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
27 #define SERVICE "sample"
30 doit (Shishi
* h
, int verbose
)
35 res
= shishi_encticketpart_get_key
36 (handle
, shishi_tkt_encticketpart (shishi_ap_tkt (ap
)), &tktkey
);
39 fprintf (stderr
, _("Could not extract key:\n%s\n%s\n"),
40 shishi_strerror (res
), shishi_strerror_details (handle
));
44 res
= shishi_safe_parse (handle
, stdin
, &asn1safe
);
47 fprintf (stderr
, _("Could not read SAFE:\n%s\n%s\n"),
48 shishi_strerror (res
), shishi_strerror_details (handle
));
52 res
= shishi_safe (handle
, &safe
);
55 fprintf (stderr
, _("Could not create SAFE:\n%s\n%s\n"),
56 shishi_strerror (res
), shishi_strerror_details (handle
));
60 shishi_safe_safe_set (safe
, asn1safe
);
62 res
= shishi_safe_verify (safe
, tktkey
);
65 fprintf (stderr
, _("Could not verify SAFE:\n%s\n%s\n"),
66 shishi_strerror (res
), shishi_strerror_details (handle
));
70 printf ("Verified SAFE successfully...\n");
72 userdatalen
= sizeof(userdata
);
73 res
= shishi_safe_user_data (handle
, asn1safe
, userdata
, &userdatalen
);
76 fprintf (stderr
, _("Could not extract user data:\n%s\n%s\n"),
77 shishi_strerror (res
), shishi_strerror_details (handle
));
80 userdata
[userdatalen
] = '\0';
81 printf("user data: `%s'\n", userdata
);
84 printf("Application exchange start. Press ^D to finish.\n");
86 while (fgets (line
, sizeof(line
), stdin
))
88 printf("read: %s", line
);
93 printf ("error reading stdin\n");
101 auth (Shishi
* h
, int verbose
, const char *cname
, const char *sname
)
110 printf ("Client: %s\n", cname
);
111 printf ("Server: %s\n", sname
);
113 /* Get key for the server. */
115 key
= shishi_hostkeys_for_server (h
, sname
);
118 printf ("could not find key: %s\n", shishi_strerror_details (h
));
123 shishi_key_print (h
, stderr
, key
);
125 /* Read Authentication request from client */
127 rc
= shishi_apreq_parse (h
, stdin
, &apreq
);
130 printf ("could not read AP-REQ: %s\n", shishi_strerror (rc
));
134 /* Create Authentication context */
136 rc
= shishi_ap (h
, &ap
);
139 printf ("Could not create AP: %s\n", shishi_strerror (rc
));
143 /* Store request in context */
145 shishi_ap_req_set (ap
, apreq
);
147 /* Process authentication request */
149 rc
= shishi_ap_req_process (ap
, key
);
152 printf ("Could not process AP-REQ: %s\n", shishi_strerror (rc
));
157 shishi_authenticator_print (h
, stderr
, shishi_ap_authenticator (ap
));
159 buflen
= sizeof (buf
);
160 rc
= shishi_authenticator_cnamerealm_get (h
, shishi_ap_authenticator (ap
),
163 printf ("Client name (from authenticator): %s\n", buf
);
165 buflen
= sizeof (buf
);
166 rc
= shishi_encticketpart_cnamerealm_get
167 (h
, shishi_tkt_encticketpart (shishi_ap_tkt (ap
)),
170 printf ("Client name (from encticketpart): %s\n", buf
);
172 buflen
= sizeof (buf
);
173 rc
= shishi_ticket_snamerealm_get (h
, shishi_tkt_ticket (shishi_ap_tkt (ap
)),
176 printf ("Server name (from ticket): %s\n", buf
);
178 /* User is authenticated. */
180 printf ("User authenticated.\n");
182 /* Authenticate ourself to client, if request */
184 if (shishi_apreq_mutual_required_p (h
, apreq
))
188 printf ("Mutual authentication required.\n");
190 rc
= shishi_ap_rep_asn1 (ap
, &aprep
);
193 printf ("Error creating AP-REP: %s\n", shishi_strerror (rc
));
198 shishi_encapreppart_print (h
, stderr
, shishi_ap_encapreppart (ap
));
200 shishi_aprep_print (h
, stdout
, aprep
);
202 /* We are authenticated to client */
205 return doit (h
, verbose
);
209 main (int argc
, char *argv
[])
215 printf ("sample-server (shishi " SHISHI_VERSION
")\n");
217 if (!shishi_check_version (SHISHI_VERSION
))
219 printf ("shishi_check_version() failed:\n"
220 "Header file incompatible with shared library.\n");
224 rc
= shishi_init_server (&h
);
227 printf ("error initializing shishi: %s\n", shishi_strerror (rc
));
234 sname
= shishi_server_for_local_service (h
, SERVICE
);
236 auth (h
, 1, shishi_principal_default (h
), sname
);