diff options
author | Greg Hudson <ghudson@mit.edu> | 2010-04-30 21:22:48 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2010-04-30 21:22:48 +0000 |
commit | baea9a7a27d781581505f0bb6d0ac4e4f24053aa (patch) | |
tree | af04244ed8b910bed378296d0b263c5f2b3a3ffc /src/tests/asn.1 | |
parent | d20d802b8e44178017fd1a1da55a72194f50da55 (diff) | |
download | krb5-baea9a7a27d781581505f0bb6d0ac4e4f24053aa.tar.gz krb5-baea9a7a27d781581505f0bb6d0ac4e4f24053aa.tar.xz krb5-baea9a7a27d781581505f0bb6d0ac4e4f24053aa.zip |
Add IAKERB mechanism and gss_acquire_cred_with_password
Merge branches/iakerb to trunk. Includes the following:
* New IAKERB mechanism.
* New gss_acquire_cred_with_password mechglue function.
* ASN.1 encoders and decoders for IAKERB structures (with tests).
* New shortcuts in gss-sample client and server.
* Tests to exercise SPNEGO and IAKERB using gss-sample application.
ticket: 6712
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23960 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/tests/asn.1')
-rw-r--r-- | src/tests/asn.1/krb5_decode_leak.c | 22 | ||||
-rw-r--r-- | src/tests/asn.1/krb5_decode_test.c | 16 | ||||
-rw-r--r-- | src/tests/asn.1/krb5_encode_test.c | 22 | ||||
-rw-r--r-- | src/tests/asn.1/ktest.c | 35 | ||||
-rw-r--r-- | src/tests/asn.1/ktest.h | 4 | ||||
-rw-r--r-- | src/tests/asn.1/ktest_equal.c | 23 | ||||
-rw-r--r-- | src/tests/asn.1/ktest_equal.h | 6 | ||||
-rw-r--r-- | src/tests/asn.1/reference_encode.out | 2 | ||||
-rw-r--r-- | src/tests/asn.1/trval_reference.out | 13 |
9 files changed, 143 insertions, 0 deletions
diff --git a/src/tests/asn.1/krb5_decode_leak.c b/src/tests/asn.1/krb5_decode_leak.c index ab46fb946e..ac7f5bfc89 100644 --- a/src/tests/asn.1/krb5_decode_leak.c +++ b/src/tests/asn.1/krb5_decode_leak.c @@ -704,6 +704,28 @@ main(int argc, char **argv) krb5_free_ad_signedpath); ktest_empty_ad_signedpath(&sp); } + /****************************************************************/ + /* encode_krb5_iakerb_header */ + { + krb5_iakerb_header ih, *tmp; + setup(ih, "iakerb_header", + ktest_make_sample_iakerb_header); + leak_test(ih, encode_krb5_iakerb_header, + decode_krb5_iakerb_header, + krb5_free_iakerb_header); + ktest_empty_iakerb_header(&ih); + } + /****************************************************************/ + /* encode_krb5_iakerb_finished */ + { + krb5_iakerb_finished ih, *tmp; + setup(ih, "iakerb_finished", + ktest_make_sample_iakerb_finished); + leak_test(ih, encode_krb5_iakerb_finished, + decode_krb5_iakerb_finished, + krb5_free_iakerb_finished); + ktest_empty_iakerb_finished(&ih); + } krb5_free_context(test_context); return 0; } diff --git a/src/tests/asn.1/krb5_decode_test.c b/src/tests/asn.1/krb5_decode_test.c index 2ef70cfe65..b3480a63d0 100644 --- a/src/tests/asn.1/krb5_decode_test.c +++ b/src/tests/asn.1/krb5_decode_test.c @@ -916,6 +916,22 @@ int main(argc, argv) ktest_empty_ad_signedpath(&ref); } + /****************************************************************/ + /* decode_iakerb_header */ + { + setup(krb5_iakerb_header,"krb5_iakerb_header",ktest_make_sample_iakerb_header); + decode_run("iakerb_header","","30 18 A1 0A 04 08 6B 72 62 35 64 61 74 61 A2 0A 04 08 6B 72 62 35 64 61 74 61",decode_krb5_iakerb_header,ktest_equal_iakerb_header,krb5_free_iakerb_header); + ktest_empty_iakerb_header(&ref); + } + + /****************************************************************/ + /* decode_iakerb_finished */ + { + setup(krb5_iakerb_finished,"krb5_iakerb_finished",ktest_make_sample_iakerb_finished); + decode_run("iakerb_finished","","30 11 A1 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34",decode_krb5_iakerb_finished,ktest_equal_iakerb_finished,krb5_free_iakerb_finished); + ktest_empty_iakerb_finished(&ref); + } + #ifdef ENABLE_LDAP /* ldap sequence_of_keys */ { diff --git a/src/tests/asn.1/krb5_encode_test.c b/src/tests/asn.1/krb5_encode_test.c index 9694746fa7..784d203294 100644 --- a/src/tests/asn.1/krb5_encode_test.c +++ b/src/tests/asn.1/krb5_encode_test.c @@ -740,6 +740,28 @@ main(argc, argv) encode_krb5_ad_signedpath); ktest_empty_ad_signedpath(&sp); } + /****************************************************************/ + /* encode_krb5_iakerb_header */ + { + krb5_iakerb_header ih; + setup(ih,krb5_ad_signedpath,"iakerb_header", + ktest_make_sample_iakerb_header); + encode_run(ih,krb5_iakerb_header, + "iakerb_header","", + encode_krb5_iakerb_header); + ktest_empty_iakerb_header(&ih); + } + /****************************************************************/ + /* encode_krb5_iakerb_finished */ + { + krb5_iakerb_finished ih; + setup(ih,krb5_ad_signedpath,"iakerb_finished", + ktest_make_sample_iakerb_finished); + encode_run(ih,krb5_iakerb_finished, + "iakerb_finished","", + encode_krb5_iakerb_finished); + ktest_empty_iakerb_finished(&ih); + } #ifdef ENABLE_LDAP { ldap_seqof_key_data skd; diff --git a/src/tests/asn.1/ktest.c b/src/tests/asn.1/ktest.c index eefbec9d51..0746d81b8b 100644 --- a/src/tests/asn.1/ktest.c +++ b/src/tests/asn.1/ktest.c @@ -890,6 +890,28 @@ krb5_error_code ktest_make_sample_ad_signedpath(p) return retval; } +krb5_error_code ktest_make_sample_iakerb_header(ih) + krb5_iakerb_header *ih; +{ + krb5_error_code retval; + retval = ktest_make_sample_data(&(ih->target_realm)); + if (retval) return retval; + ih->cookie = k5alloc(sizeof(krb5_data), &retval); + if (retval) return retval; + retval = ktest_make_sample_data(ih->cookie); + if (retval) return retval; + return retval; +} + +krb5_error_code ktest_make_sample_iakerb_finished(ih) + krb5_iakerb_finished *ih; +{ + krb5_error_code retval; + retval = ktest_make_sample_checksum(&ih->checksum); + if (retval) return retval; + return retval; +} + #ifdef ENABLE_LDAP static krb5_error_code ktest_make_sample_key_data(krb5_key_data *p, int i) { @@ -1532,6 +1554,19 @@ void ktest_empty_ad_signedpath(p) ktest_destroy_pa_data_array(&p->method_data); } +void ktest_empty_iakerb_header(p) + krb5_iakerb_header *p; +{ + krb5_free_data_contents(NULL, &p->target_realm); + krb5_free_data(NULL, p->cookie); +} + +void ktest_empty_iakerb_finished(p) + krb5_iakerb_finished *p; +{ + krb5_free_checksum_contents(NULL, &p->checksum); +} + #ifdef ENABLE_LDAP void ktest_empty_ldap_seqof_key_data(ctx, p) krb5_context ctx; diff --git a/src/tests/asn.1/ktest.h b/src/tests/asn.1/ktest.h index 5f9b5ca38e..c4059a7bba 100644 --- a/src/tests/asn.1/ktest.h +++ b/src/tests/asn.1/ktest.h @@ -109,6 +109,8 @@ krb5_error_code ktest_make_sample_pa_s4u_x509_user(krb5_pa_s4u_x509_user *p); krb5_error_code ktest_make_sample_ad_kdcissued(krb5_ad_kdcissued *p); krb5_error_code ktest_make_sample_ad_signedpath_data(krb5_ad_signedpath_data *p); krb5_error_code ktest_make_sample_ad_signedpath(krb5_ad_signedpath *p); +krb5_error_code ktest_make_sample_iakerb_header(krb5_iakerb_header *p); +krb5_error_code ktest_make_sample_iakerb_finished(krb5_iakerb_finished *p); #ifdef ENABLE_LDAP krb5_error_code ktest_make_sample_ldap_seqof_key_data(ldap_seqof_key_data * p); @@ -221,6 +223,8 @@ void ktest_empty_pa_s4u_x509_user(krb5_pa_s4u_x509_user *p); void ktest_empty_ad_kdcissued(krb5_ad_kdcissued *p); void ktest_empty_ad_signedpath_data(krb5_ad_signedpath_data *p); void ktest_empty_ad_signedpath(krb5_ad_signedpath *p); +void ktest_empty_iakerb_header(krb5_iakerb_header *p); +void ktest_empty_iakerb_finished(krb5_iakerb_finished *p); #ifdef ENABLE_LDAP void ktest_empty_ldap_seqof_key_data(krb5_context, ldap_seqof_key_data *p); diff --git a/src/tests/asn.1/ktest_equal.c b/src/tests/asn.1/ktest_equal.c index f84357b94e..0a92804468 100644 --- a/src/tests/asn.1/ktest_equal.c +++ b/src/tests/asn.1/ktest_equal.c @@ -600,6 +600,29 @@ int ktest_equal_ad_signedpath(ref, var) return p; } +int ktest_equal_iakerb_header(ref, var) + krb5_iakerb_header *ref; + krb5_iakerb_header *var; +{ + int p = TRUE; + if (ref == var) return TRUE; + else if (ref == NULL || var == NULL) return FALSE; + p=p&&struct_equal(target_realm,ktest_equal_data); + p=p&&ptr_equal(cookie,ktest_equal_data); + return p; +} + +int ktest_equal_iakerb_finished(ref, var) + krb5_iakerb_finished *ref; + krb5_iakerb_finished *var; +{ + int p = TRUE; + if (ref == var) return TRUE; + else if (ref == NULL || var == NULL) return FALSE; + p=p&&struct_equal(checksum,ktest_equal_checksum); + return p; +} + #ifdef ENABLE_LDAP static int equal_key_data(ref, var) krb5_key_data *ref; diff --git a/src/tests/asn.1/ktest_equal.h b/src/tests/asn.1/ktest_equal.h index 80c38b6393..4b55e23333 100644 --- a/src/tests/asn.1/ktest_equal.h +++ b/src/tests/asn.1/ktest_equal.h @@ -106,6 +106,12 @@ int ktest_equal_ad_signedpath_data int ktest_equal_ad_signedpath (krb5_ad_signedpath *ref, krb5_ad_signedpath *var); +int ktest_equal_iakerb_header + (krb5_iakerb_header *ref, + krb5_iakerb_header *var); +int ktest_equal_iakerb_finished + (krb5_iakerb_finished *ref, + krb5_iakerb_finished *var); int ktest_equal_ldap_sequence_of_keys(ldap_seqof_key_data *ref, ldap_seqof_key_data *var); diff --git a/src/tests/asn.1/reference_encode.out b/src/tests/asn.1/reference_encode.out index c6bcf619cd..92d21b1a9d 100644 --- a/src/tests/asn.1/reference_encode.out +++ b/src/tests/asn.1/reference_encode.out @@ -60,3 +60,5 @@ encode_krb5_pa_s4u_x509_user: 30 68 A0 55 30 53 A0 06 02 04 00 CA 14 9A A1 1A 30 encode_krb5_ad_kdcissued: 30 65 A0 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34 A1 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A2 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A3 24 30 22 30 0F A0 03 02 01 01 A1 08 04 06 66 6F 6F 62 61 72 30 0F A0 03 02 01 01 A1 08 04 06 66 6F 6F 62 61 72 encode_krb5_ad_signedpath_data: 30 81 C7 A0 30 30 2E A0 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A1 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A1 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A A2 32 30 30 30 2E A0 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A1 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A3 26 30 24 30 10 A1 03 02 01 0D A2 09 04 07 70 61 2D 64 61 74 61 30 10 A1 03 02 01 0D A2 09 04 07 70 61 2D 64 61 74 61 A4 24 30 22 30 0F A0 03 02 01 01 A1 08 04 06 66 6F 6F 62 61 72 30 0F A0 03 02 01 01 A1 08 04 06 66 6F 6F 62 61 72 encode_krb5_ad_signedpath: 30 3E A0 03 02 01 01 A1 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34 A3 26 30 24 30 10 A1 03 02 01 0D A2 09 04 07 70 61 2D 64 61 74 61 30 10 A1 03 02 01 0D A2 09 04 07 70 61 2D 64 61 74 61 +encode_krb5_iakerb_header: 30 18 A1 0A 04 08 6B 72 62 35 64 61 74 61 A2 0A 04 08 6B 72 62 35 64 61 74 61 +encode_krb5_iakerb_finished: 30 11 A1 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34 diff --git a/src/tests/asn.1/trval_reference.out b/src/tests/asn.1/trval_reference.out index 38e5b99ada..cc1daf3a23 100644 --- a/src/tests/asn.1/trval_reference.out +++ b/src/tests/asn.1/trval_reference.out @@ -1332,3 +1332,16 @@ encode_krb5_ad_signedpath: . . . [1] [Integer] 13 . . . [2] [Octet String] "pa-data" +encode_krb5_iakerb_header: + +[Sequence/Sequence Of] +. [1] [Octet String] "krb5data" +. [2] [Octet String] "krb5data" + +encode_krb5_iakerb_finished: + +[Sequence/Sequence Of] +. [1] [Sequence/Sequence Of] +. . [0] [Integer] 1 +. . [1] [Octet String] "1234" + |