diff options
author | Tom Yu <tlyu@mit.edu> | 2009-11-30 23:09:36 +0000 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2009-11-30 23:09:36 +0000 |
commit | b6a2bb106c67280824362a64b1b04e62aabf3646 (patch) | |
tree | 768c0ace37786a9613245c98633181a37e145c4d /src/tests/gss-threads | |
parent | bbb952ae5f5b7b8803de125b35dda3395155ddbb (diff) | |
download | krb5-b6a2bb106c67280824362a64b1b04e62aabf3646.tar.gz krb5-b6a2bb106c67280824362a64b1b04e62aabf3646.tar.xz krb5-b6a2bb106c67280824362a64b1b04e62aabf3646.zip |
Mark and reindent tests, with some exclusions
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23394 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/tests/gss-threads')
-rw-r--r-- | src/tests/gss-threads/gss-client.c | 847 | ||||
-rw-r--r-- | src/tests/gss-threads/gss-server.c | 769 |
2 files changed, 809 insertions, 807 deletions
diff --git a/src/tests/gss-threads/gss-client.c b/src/tests/gss-threads/gss-client.c index 0987184001..e66f15442b 100644 --- a/src/tests/gss-threads/gss-client.c +++ b/src/tests/gss-threads/gss-client.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1994 by OpenVision Technologies, Inc. * @@ -72,13 +73,13 @@ static int verbose = 1; static void usage() { - fprintf(stderr, "Usage: gss-client [-port port] [-mech mechanism] [-d]\n"); - fprintf(stderr, " [-seq] [-noreplay] [-nomutual]"); - fprintf(stderr, " [-threads num]"); - fprintf(stderr, "\n"); - fprintf(stderr, " [-f] [-q] [-ccount count] [-mcount count]\n"); - fprintf(stderr, " [-v1] [-na] [-nw] [-nx] [-nm] host service msg\n"); - exit(1); + fprintf(stderr, "Usage: gss-client [-port port] [-mech mechanism] [-d]\n"); + fprintf(stderr, " [-seq] [-noreplay] [-nomutual]"); + fprintf(stderr, " [-threads num]"); + fprintf(stderr, "\n"); + fprintf(stderr, " [-f] [-q] [-ccount count] [-mcount count]\n"); + fprintf(stderr, " [-v1] [-na] [-nw] [-nx] [-nm] host service msg\n"); + exit(1); } /* @@ -88,8 +89,8 @@ static void usage() * * Arguments: * - * host (r) the target host name - * port (r) the target port, in host byte order + * host (r) the target host name + * port (r) the target port, in host byte order * * Returns: 0 on success, or -1 on failure * @@ -104,17 +105,17 @@ static int get_server_info(host, port) char *host; u_short port; { - struct hostent *hp; + struct hostent *hp; - if ((hp = gethostbyname(host)) == NULL) { - fprintf(stderr, "Unknown host: %s\n", host); - return -1; - } + if ((hp = gethostbyname(host)) == NULL) { + fprintf(stderr, "Unknown host: %s\n", host); + return -1; + } - saddr.sin_family = hp->h_addrtype; - memcpy(&saddr.sin_addr, hp->h_addr, sizeof(saddr.sin_addr)); - saddr.sin_port = htons(port); - return 0; + saddr.sin_family = hp->h_addrtype; + memcpy(&saddr.sin_addr, hp->h_addr, sizeof(saddr.sin_addr)); + saddr.sin_port = htons(port); + return 0; } /* @@ -124,8 +125,8 @@ static int get_server_info(host, port) * * Arguments: * - * host (r) the target host name - * port (r) the target port, in host byte order + * host (r) the target host name + * port (r) the target port, in host byte order * * Returns: the established socket file desciptor, or -1 on failure * @@ -139,16 +140,16 @@ static int connect_to_server() { int s; - if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - perror("creating socket"); - return -1; - } - if (connect(s, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) { - perror("connecting to server"); - (void) closesocket(s); - return -1; - } - return s; + if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { + perror("creating socket"); + return -1; + } + if (connect(s, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) { + perror("connecting to server"); + (void) closesocket(s); + return -1; + } + return s; } /* @@ -159,14 +160,14 @@ static int connect_to_server() * * Arguments: * - * s (r) an established TCP connection to the service - * service_name(r) the ASCII service name of the service - * gss_flags (r) GSS-API delegation flag (if any) - * auth_flag (r) whether to actually do authentication + * s (r) an established TCP connection to the service + * service_name(r) the ASCII service name of the service + * gss_flags (r) GSS-API delegation flag (if any) + * auth_flag (r) whether to actually do authentication * v1_format (r) whether the v1 sample protocol should be used - * oid (r) OID of the mechanism to use - * context (w) the established GSS-API context - * ret_flags (w) the returned flags from init_sec_context + * oid (r) OID of the mechanism to use + * context (w) the established GSS-API context + * ret_flags (w) the returned flags from init_sec_context * * Returns: 0 on success, -1 on failure * @@ -183,157 +184,157 @@ static int connect_to_server() * and -1 is returned. */ static int client_establish_context(s, service_name, gss_flags, auth_flag, - v1_format, oid, gss_context, ret_flags) - int s; - char *service_name; - gss_OID oid; - OM_uint32 gss_flags; - int auth_flag; - int v1_format; - gss_ctx_id_t *gss_context; - OM_uint32 *ret_flags; + v1_format, oid, gss_context, ret_flags) + int s; + char *service_name; + gss_OID oid; + OM_uint32 gss_flags; + int auth_flag; + int v1_format; + gss_ctx_id_t *gss_context; + OM_uint32 *ret_flags; { - if (auth_flag) { - gss_buffer_desc send_tok, recv_tok, *token_ptr; - gss_name_t target_name; - OM_uint32 maj_stat, min_stat, init_sec_min_stat; - int token_flags; - - /* - * Import the name into target_name. Use send_tok to save - * local variable space. - */ - send_tok.value = service_name; - send_tok.length = strlen(service_name) ; - maj_stat = gss_import_name(&min_stat, &send_tok, - (gss_OID) gss_nt_service_name, &target_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("parsing name", maj_stat, min_stat); - return -1; - } - - if (!v1_format) { - if (send_token(s, TOKEN_NOOP|TOKEN_CONTEXT_NEXT, empty_token) < 0) { - (void) gss_release_name(&min_stat, &target_name); - return -1; - } - } - - /* - * Perform the context-establishement loop. - * - * On each pass through the loop, token_ptr points to the token - * to send to the server (or GSS_C_NO_BUFFER on the first pass). - * Every generated token is stored in send_tok which is then - * transmitted to the server; every received token is stored in - * recv_tok, which token_ptr is then set to, to be processed by - * the next call to gss_init_sec_context. - * - * GSS-API guarantees that send_tok's length will be non-zero - * if and only if the server is expecting another token from us, - * and that gss_init_sec_context returns GSS_S_CONTINUE_NEEDED if - * and only if the server has another token to send us. - */ - - token_ptr = GSS_C_NO_BUFFER; - *gss_context = GSS_C_NO_CONTEXT; - - do { - maj_stat = - gss_init_sec_context(&init_sec_min_stat, - GSS_C_NO_CREDENTIAL, - gss_context, - target_name, - oid, - gss_flags, - 0, - NULL, /* no channel bindings */ - token_ptr, - NULL, /* ignore mech type */ - &send_tok, - ret_flags, - NULL); /* ignore time_rec */ - - if (token_ptr != GSS_C_NO_BUFFER) - free (recv_tok.value); - - if (send_tok.length != 0) { - if (verbose) - printf("Sending init_sec_context token (size=%d)...", - (int) send_tok.length); - if (send_token(s, v1_format?0:TOKEN_CONTEXT, &send_tok) < 0) { - (void) gss_release_buffer(&min_stat, &send_tok); - (void) gss_release_name(&min_stat, &target_name); - if (*gss_context != GSS_C_NO_CONTEXT) { - gss_delete_sec_context(&min_stat, gss_context, - GSS_C_NO_BUFFER); - *gss_context = GSS_C_NO_CONTEXT; - } - return -1; - } - } - (void) gss_release_buffer(&min_stat, &send_tok); - - if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) { - display_status("initializing context", maj_stat, - init_sec_min_stat); - (void) gss_release_name(&min_stat, &target_name); - if (*gss_context != GSS_C_NO_CONTEXT) - gss_delete_sec_context(&min_stat, gss_context, - GSS_C_NO_BUFFER); - return -1; - } - - if (maj_stat == GSS_S_CONTINUE_NEEDED) { - if (verbose) - printf("continue needed..."); - if (recv_token(s, &token_flags, &recv_tok) < 0) { - (void) gss_release_name(&min_stat, &target_name); - return -1; - } - token_ptr = &recv_tok; - } - if (verbose) - printf("\n"); - } while (maj_stat == GSS_S_CONTINUE_NEEDED); - - (void) gss_release_name(&min_stat, &target_name); - } - else { - if (send_token(s, TOKEN_NOOP, empty_token) < 0) - return -1; - } - - return 0; + if (auth_flag) { + gss_buffer_desc send_tok, recv_tok, *token_ptr; + gss_name_t target_name; + OM_uint32 maj_stat, min_stat, init_sec_min_stat; + int token_flags; + + /* + * Import the name into target_name. Use send_tok to save + * local variable space. + */ + send_tok.value = service_name; + send_tok.length = strlen(service_name) ; + maj_stat = gss_import_name(&min_stat, &send_tok, + (gss_OID) gss_nt_service_name, &target_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("parsing name", maj_stat, min_stat); + return -1; + } + + if (!v1_format) { + if (send_token(s, TOKEN_NOOP|TOKEN_CONTEXT_NEXT, empty_token) < 0) { + (void) gss_release_name(&min_stat, &target_name); + return -1; + } + } + + /* + * Perform the context-establishement loop. + * + * On each pass through the loop, token_ptr points to the token + * to send to the server (or GSS_C_NO_BUFFER on the first pass). + * Every generated token is stored in send_tok which is then + * transmitted to the server; every received token is stored in + * recv_tok, which token_ptr is then set to, to be processed by + * the next call to gss_init_sec_context. + * + * GSS-API guarantees that send_tok's length will be non-zero + * if and only if the server is expecting another token from us, + * and that gss_init_sec_context returns GSS_S_CONTINUE_NEEDED if + * and only if the server has another token to send us. + */ + + token_ptr = GSS_C_NO_BUFFER; + *gss_context = GSS_C_NO_CONTEXT; + + do { + maj_stat = + gss_init_sec_context(&init_sec_min_stat, + GSS_C_NO_CREDENTIAL, + gss_context, + target_name, + oid, + gss_flags, + 0, + NULL, /* no channel bindings */ + token_ptr, + NULL, /* ignore mech type */ + &send_tok, + ret_flags, + NULL); /* ignore time_rec */ + + if (token_ptr != GSS_C_NO_BUFFER) + free (recv_tok.value); + + if (send_tok.length != 0) { + if (verbose) + printf("Sending init_sec_context token (size=%d)...", + (int) send_tok.length); + if (send_token(s, v1_format?0:TOKEN_CONTEXT, &send_tok) < 0) { + (void) gss_release_buffer(&min_stat, &send_tok); + (void) gss_release_name(&min_stat, &target_name); + if (*gss_context != GSS_C_NO_CONTEXT) { + gss_delete_sec_context(&min_stat, gss_context, + GSS_C_NO_BUFFER); + *gss_context = GSS_C_NO_CONTEXT; + } + return -1; + } + } + (void) gss_release_buffer(&min_stat, &send_tok); + + if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) { + display_status("initializing context", maj_stat, + init_sec_min_stat); + (void) gss_release_name(&min_stat, &target_name); + if (*gss_context != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, gss_context, + GSS_C_NO_BUFFER); + return -1; + } + + if (maj_stat == GSS_S_CONTINUE_NEEDED) { + if (verbose) + printf("continue needed..."); + if (recv_token(s, &token_flags, &recv_tok) < 0) { + (void) gss_release_name(&min_stat, &target_name); + return -1; + } + token_ptr = &recv_tok; + } + if (verbose) + printf("\n"); + } while (maj_stat == GSS_S_CONTINUE_NEEDED); + + (void) gss_release_name(&min_stat, &target_name); + } + else { + if (send_token(s, TOKEN_NOOP, empty_token) < 0) + return -1; + } + + return 0; } static void read_file(file_name, in_buf) - char *file_name; - gss_buffer_t in_buf; + char *file_name; + gss_buffer_t in_buf; { int fd, count; struct stat stat_buf; if ((fd = open(file_name, O_RDONLY, 0)) < 0) { - perror("open"); - fprintf(stderr, "Couldn't open file %s\n", file_name); - exit(2); + perror("open"); + fprintf(stderr, "Couldn't open file %s\n", file_name); + exit(2); } if (fstat(fd, &stat_buf) < 0) { - perror("fstat"); - exit(3); + perror("fstat"); + exit(3); } in_buf->length = stat_buf.st_size; if (in_buf->length == 0) { - in_buf->value = NULL; - return; + in_buf->value = NULL; + return; } if ((in_buf->value = malloc(in_buf->length)) == 0) { - fprintf(stderr, "Couldn't allocate %d byte buffer for reading file\n", - (int) in_buf->length); - exit(4); + fprintf(stderr, "Couldn't allocate %d byte buffer for reading file\n", + (int) in_buf->length); + exit(4); } /* this code used to check for incomplete reads, but you can't get @@ -341,12 +342,12 @@ static void read_file(file_name, in_buf) count = read(fd, in_buf->value, in_buf->length); if (count < 0) { - perror("read"); - exit(5); + perror("read"); + exit(5); } if (count < in_buf->length) - fprintf(stderr, "Warning, only read in %d bytes, expected %d\n", - count, (int) in_buf->length); + fprintf(stderr, "Warning, only read in %d bytes, expected %d\n", + count, (int) in_buf->length); } /* @@ -356,17 +357,17 @@ static void read_file(file_name, in_buf) * * Arguments: * - * host (r) the host providing the service - * port (r) the port to connect to on host - * service_name (r) the GSS-API service name to authenticate to - * gss_flags (r) GSS-API delegation flag (if any) - * auth_flag (r) whether to do authentication - * wrap_flag (r) whether to do message wrapping at all - * encrypt_flag (r) whether to do encryption while wrapping - * mic_flag (r) whether to request a MIC from the server - * msg (r) the message to have "signed" - * use_file (r) whether to treat msg as an input file name - * mcount (r) the number of times to send the message + * host (r) the host providing the service + * port (r) the port to connect to on host + * service_name (r) the GSS-API service name to authenticate to + * gss_flags (r) GSS-API delegation flag (if any) + * auth_flag (r) whether to do authentication + * wrap_flag (r) whether to do message wrapping at all + * encrypt_flag (r) whether to do encryption while wrapping + * mic_flag (r) whether to request a MIC from the server + * msg (r) the message to have "signed" + * use_file (r) whether to treat msg as an input file name + * mcount (r) the number of times to send the message * * Returns: 0 on success, -1 on failure * @@ -379,135 +380,135 @@ static void read_file(file_name, in_buf) * verifies it with gss_verify. -1 is returned if any step fails, * otherwise 0 is returned. */ static int call_server(host, port, oid, service_name, gss_flags, auth_flag, - wrap_flag, encrypt_flag, mic_flag, v1_format, msg, use_file, - mcount) - char *host; - u_short port; - gss_OID oid; - char *service_name; - OM_uint32 gss_flags; - int auth_flag, wrap_flag, encrypt_flag, mic_flag; - int v1_format; - char *msg; - int use_file; - int mcount; + wrap_flag, encrypt_flag, mic_flag, v1_format, msg, use_file, + mcount) + char *host; + u_short port; + gss_OID oid; + char *service_name; + OM_uint32 gss_flags; + int auth_flag, wrap_flag, encrypt_flag, mic_flag; + int v1_format; + char *msg; + int use_file; + int mcount; { - gss_ctx_id_t context; - gss_buffer_desc in_buf, out_buf; - int s, state; - OM_uint32 ret_flags; - OM_uint32 maj_stat, min_stat; - gss_name_t src_name, targ_name; - gss_buffer_desc sname, tname; - OM_uint32 lifetime; - gss_OID mechanism, name_type; - int is_local; - OM_uint32 context_flags; - int is_open; - gss_qop_t qop_state; - gss_OID_set mech_names; - gss_buffer_desc oid_name; - size_t i; - int token_flags; - - /* Open connection */ - if ((s = connect_to_server()) < 0) - return -1; - - /* Establish context */ - if (client_establish_context(s, service_name, gss_flags, auth_flag, - v1_format, oid, &context, - &ret_flags) < 0) { - (void) closesocket(s); - return -1; - } - - if (auth_flag && verbose) { - /* display the flags */ - display_ctx_flags(ret_flags); - - /* Get context information */ - maj_stat = gss_inquire_context( &min_stat, context, - &src_name, &targ_name, &lifetime, - &mechanism, &context_flags, - &is_local, - &is_open); - if (maj_stat != GSS_S_COMPLETE) { - display_status("inquiring context", maj_stat, min_stat); - return -1; - } - - maj_stat = gss_display_name(&min_stat, src_name, &sname, - &name_type); - if (maj_stat != GSS_S_COMPLETE) { - display_status("displaying source name", maj_stat, min_stat); - return -1; - } - maj_stat = gss_display_name(&min_stat, targ_name, &tname, - (gss_OID *) NULL); - if (maj_stat != GSS_S_COMPLETE) { - display_status("displaying target name", maj_stat, min_stat); - return -1; - } - printf("\"%.*s\" to \"%.*s\", lifetime %d, flags %x, %s, %s\n", - (int) sname.length, (char *) sname.value, - (int) tname.length, (char *) tname.value, lifetime, - context_flags, - (is_local) ? "locally initiated" : "remotely initiated", - (is_open) ? "open" : "closed"); - - (void) gss_release_name(&min_stat, &src_name); - (void) gss_release_name(&min_stat, &targ_name); - (void) gss_release_buffer(&min_stat, &sname); - (void) gss_release_buffer(&min_stat, &tname); - - maj_stat = gss_oid_to_str(&min_stat, - name_type, - &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - printf("Name type of source name is %.*s.\n", - (int) oid_name.length, (char *) oid_name.value); - (void) gss_release_buffer(&min_stat, &oid_name); - - /* Now get the names supported by the mechanism */ - maj_stat = gss_inquire_names_for_mech(&min_stat, - mechanism, - &mech_names); - if (maj_stat != GSS_S_COMPLETE) { - display_status("inquiring mech names", maj_stat, min_stat); - return -1; - } - - maj_stat = gss_oid_to_str(&min_stat, - mechanism, - &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - printf("Mechanism %.*s supports %d names\n", - (int) oid_name.length, (char *) oid_name.value, - (int) mech_names->count); - (void) gss_release_buffer(&min_stat, &oid_name); - - for (i=0; i<mech_names->count; i++) { - maj_stat = gss_oid_to_str(&min_stat, - &mech_names->elements[i], - &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - printf(" %d: %.*s\n", (int) i, - (int) oid_name.length, (char *) oid_name.value); - - (void) gss_release_buffer(&min_stat, &oid_name); - } - (void) gss_release_oid_set(&min_stat, &mech_names); - } + gss_ctx_id_t context; + gss_buffer_desc in_buf, out_buf; + int s, state; + OM_uint32 ret_flags; + OM_uint32 maj_stat, min_stat; + gss_name_t src_name, targ_name; + gss_buffer_desc sname, tname; + OM_uint32 lifetime; + gss_OID mechanism, name_type; + int is_local; + OM_uint32 context_flags; + int is_open; + gss_qop_t qop_state; + gss_OID_set mech_names; + gss_buffer_desc oid_name; + size_t i; + int token_flags; + + /* Open connection */ + if ((s = connect_to_server()) < 0) + return -1; + + /* Establish context */ + if (client_establish_context(s, service_name, gss_flags, auth_flag, + v1_format, oid, &context, + &ret_flags) < 0) { + (void) closesocket(s); + return -1; + } + + if (auth_flag && verbose) { + /* display the flags */ + display_ctx_flags(ret_flags); + + /* Get context information */ + maj_stat = gss_inquire_context( &min_stat, context, + &src_name, &targ_name, &lifetime, + &mechanism, &context_flags, + &is_local, + &is_open); + if (maj_stat != GSS_S_COMPLETE) { + display_status("inquiring context", maj_stat, min_stat); + return -1; + } + + maj_stat = gss_display_name(&min_stat, src_name, &sname, + &name_type); + if (maj_stat != GSS_S_COMPLETE) { + display_status("displaying source name", maj_stat, min_stat); + return -1; + } + maj_stat = gss_display_name(&min_stat, targ_name, &tname, + (gss_OID *) NULL); + if (maj_stat != GSS_S_COMPLETE) { + display_status("displaying target name", maj_stat, min_stat); + return -1; + } + printf("\"%.*s\" to \"%.*s\", lifetime %d, flags %x, %s, %s\n", + (int) sname.length, (char *) sname.value, + (int) tname.length, (char *) tname.value, lifetime, + context_flags, + (is_local) ? "locally initiated" : "remotely initiated", + (is_open) ? "open" : "closed"); + + (void) gss_release_name(&min_stat, &src_name); + (void) gss_release_name(&min_stat, &targ_name); + (void) gss_release_buffer(&min_stat, &sname); + (void) gss_release_buffer(&min_stat, &tname); + + maj_stat = gss_oid_to_str(&min_stat, + name_type, + &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + printf("Name type of source name is %.*s.\n", + (int) oid_name.length, (char *) oid_name.value); + (void) gss_release_buffer(&min_stat, &oid_name); + + /* Now get the names supported by the mechanism */ + maj_stat = gss_inquire_names_for_mech(&min_stat, + mechanism, + &mech_names); + if (maj_stat != GSS_S_COMPLETE) { + display_status("inquiring mech names", maj_stat, min_stat); + return -1; + } + + maj_stat = gss_oid_to_str(&min_stat, + mechanism, + &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + printf("Mechanism %.*s supports %d names\n", + (int) oid_name.length, (char *) oid_name.value, + (int) mech_names->count); + (void) gss_release_buffer(&min_stat, &oid_name); + + for (i=0; i<mech_names->count; i++) { + maj_stat = gss_oid_to_str(&min_stat, + &mech_names->elements[i], + &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + printf(" %d: %.*s\n", (int) i, + (int) oid_name.length, (char *) oid_name.value); + + (void) gss_release_buffer(&min_stat, &oid_name); + } + (void) gss_release_oid_set(&min_stat, &mech_names); + } if (use_file) { read_file(msg, &in_buf); @@ -520,7 +521,7 @@ static int call_server(host, port, oid, service_name, gss_flags, auth_flag, for (i = 0; i < mcount; i++) { if (wrap_flag) { maj_stat = gss_wrap(&min_stat, context, encrypt_flag, GSS_C_QOP_DEFAULT, - &in_buf, &state, &out_buf); + &in_buf, &state, &out_buf); if (maj_stat != GSS_S_COMPLETE) { display_status("wrapping message", maj_stat, min_stat); (void) closesocket(s); @@ -536,10 +537,10 @@ static int call_server(host, port, oid, service_name, gss_flags, auth_flag, /* Send to server */ if (send_token(s, (v1_format?0 - :(TOKEN_DATA | - (wrap_flag ? TOKEN_WRAPPED : 0) | - (encrypt_flag ? TOKEN_ENCRYPTED : 0) | - (mic_flag ? TOKEN_SEND_MIC : 0))), &out_buf) < 0) { + :(TOKEN_DATA | + (wrap_flag ? TOKEN_WRAPPED : 0) | + (encrypt_flag ? TOKEN_ENCRYPTED : 0) | + (mic_flag ? TOKEN_SEND_MIC : 0))), &out_buf) < 0) { (void) closesocket(s); (void) gss_delete_sec_context(&min_stat, &context, GSS_C_NO_BUFFER); return -1; @@ -557,7 +558,7 @@ static int call_server(host, port, oid, service_name, gss_flags, auth_flag, if (mic_flag) { /* Verify signature block */ maj_stat = gss_verify_mic(&min_stat, context, &in_buf, - &out_buf, &qop_state); + &out_buf, &qop_state); if (maj_stat != GSS_S_COMPLETE) { display_status("verifying signature", maj_stat, min_stat); (void) closesocket(s); @@ -602,29 +603,29 @@ static int call_server(host, port, oid, service_name, gss_flags, auth_flag, static void parse_oid(char *mechanism, gss_OID *oid) { - char *mechstr = 0, *cp; + char *mechstr = 0, *cp; gss_buffer_desc tok; OM_uint32 maj_stat, min_stat; if (isdigit((int) mechanism[0])) { - if (asprintf(&mechstr, "{ %s }", mechanism) < 0) { - fprintf(stderr, "Couldn't allocate mechanism scratch!\n"); - return; - } - for (cp = mechstr; *cp; cp++) - if (*cp == '.') - *cp = ' '; - tok.value = mechstr; + if (asprintf(&mechstr, "{ %s }", mechanism) < 0) { + fprintf(stderr, "Couldn't allocate mechanism scratch!\n"); + return; + } + for (cp = mechstr; *cp; cp++) + if (*cp == '.') + *cp = ' '; + tok.value = mechstr; } else - tok.value = mechanism; + tok.value = mechanism; tok.length = strlen(tok.value); maj_stat = gss_str_to_oid(&min_stat, &tok, oid); if (maj_stat != GSS_S_COMPLETE) { - display_status("str_to_oid", maj_stat, min_stat); - return; + display_status("str_to_oid", maj_stat, min_stat); + return; } if (mechstr) - free(mechstr); + free(mechstr); } static int max_threads = 1; @@ -696,16 +697,16 @@ WaitAndIncrementThreadCounter(void) int err; err = pthread_mutex_lock(&counter_mutex); if (err) { - perror("pthread_mutex_lock"); - return 0; + perror("pthread_mutex_lock"); + return 0; } if (counter == max_threads) { - err = pthread_cond_wait(&counter_cond, &counter_mutex); - if (err) { - pthread_mutex_unlock(&counter_mutex); - perror("pthread_cond_wait"); - return 0; - } + err = pthread_cond_wait(&counter_cond, &counter_mutex); + if (err) { + pthread_mutex_unlock(&counter_mutex); + perror("pthread_cond_wait"); + return 0; + } } counter++; pthread_mutex_unlock(&counter_mutex); @@ -718,11 +719,11 @@ DecrementAndSignalThreadCounter(void) sleep(1); err = pthread_mutex_lock(&counter_mutex); if (err) { - perror("pthread_mutex_lock"); - return; + perror("pthread_mutex_lock"); + return; } if (counter == max_threads) - pthread_cond_broadcast(&counter_cond); + pthread_cond_broadcast(&counter_cond); counter--; pthread_mutex_unlock(&counter_mutex); } @@ -753,72 +754,72 @@ static void worker_bee(void * unused) } int main(argc, argv) - int argc; - char **argv; + int argc; + char **argv; { - int i; - - display_file = stdout; - auth_flag = wrap_flag = encrypt_flag = mic_flag = 1; - v1_format = 0; - - /* Parse arguments. */ - argc--; argv++; - while (argc) { - if (strcmp(*argv, "-port") == 0) { - argc--; argv++; - if (!argc) usage(); - port = atoi(*argv); - } else if (strcmp(*argv, "-mech") == 0) { - argc--; argv++; - if (!argc) usage(); - mechanism = *argv; - } + int i; + + display_file = stdout; + auth_flag = wrap_flag = encrypt_flag = mic_flag = 1; + v1_format = 0; + + /* Parse arguments. */ + argc--; argv++; + while (argc) { + if (strcmp(*argv, "-port") == 0) { + argc--; argv++; + if (!argc) usage(); + port = atoi(*argv); + } else if (strcmp(*argv, "-mech") == 0) { + argc--; argv++; + if (!argc) usage(); + mechanism = *argv; + } #if defined(_WIN32) || 1 - else if (strcmp(*argv, "-threads") == 0) { - argc--; argv++; - if (!argc) usage(); - max_threads = atoi(*argv); - } + else if (strcmp(*argv, "-threads") == 0) { + argc--; argv++; + if (!argc) usage(); + max_threads = atoi(*argv); + } #endif - else if (strcmp(*argv, "-d") == 0) { - gss_flags |= GSS_C_DELEG_FLAG; - } else if (strcmp(*argv, "-seq") == 0) { - gss_flags |= GSS_C_SEQUENCE_FLAG; - } else if (strcmp(*argv, "-noreplay") == 0) { - gss_flags &= ~GSS_C_REPLAY_FLAG; - } else if (strcmp(*argv, "-nomutual") == 0) { - gss_flags &= ~GSS_C_MUTUAL_FLAG; - } else if (strcmp(*argv, "-f") == 0) { - use_file = 1; - } else if (strcmp(*argv, "-q") == 0) { - verbose = 0; - } else if (strcmp(*argv, "-ccount") == 0) { - argc--; argv++; - if (!argc) usage(); - ccount = atoi(*argv); - if (ccount <= 0) usage(); - } else if (strcmp(*argv, "-mcount") == 0) { - argc--; argv++; - if (!argc) usage(); - mcount = atoi(*argv); - if (mcount < 0) usage(); - } else if (strcmp(*argv, "-na") == 0) { - auth_flag = wrap_flag = encrypt_flag = mic_flag = 0; - } else if (strcmp(*argv, "-nw") == 0) { - wrap_flag = 0; - } else if (strcmp(*argv, "-nx") == 0) { - encrypt_flag = 0; - } else if (strcmp(*argv, "-nm") == 0) { - mic_flag = 0; - } else if (strcmp(*argv, "-v1") == 0) { - v1_format = 1; - } else - break; - argc--; argv++; - } - if (argc != 3) - usage(); + else if (strcmp(*argv, "-d") == 0) { + gss_flags |= GSS_C_DELEG_FLAG; + } else if (strcmp(*argv, "-seq") == 0) { + gss_flags |= GSS_C_SEQUENCE_FLAG; + } else if (strcmp(*argv, "-noreplay") == 0) { + gss_flags &= ~GSS_C_REPLAY_FLAG; + } else if (strcmp(*argv, "-nomutual") == 0) { + gss_flags &= ~GSS_C_MUTUAL_FLAG; + } else if (strcmp(*argv, "-f") == 0) { + use_file = 1; + } else if (strcmp(*argv, "-q") == 0) { + verbose = 0; + } else if (strcmp(*argv, "-ccount") == 0) { + argc--; argv++; + if (!argc) usage(); + ccount = atoi(*argv); + if (ccount <= 0) usage(); + } else if (strcmp(*argv, "-mcount") == 0) { + argc--; argv++; + if (!argc) usage(); + mcount = atoi(*argv); + if (mcount < 0) usage(); + } else if (strcmp(*argv, "-na") == 0) { + auth_flag = wrap_flag = encrypt_flag = mic_flag = 0; + } else if (strcmp(*argv, "-nw") == 0) { + wrap_flag = 0; + } else if (strcmp(*argv, "-nx") == 0) { + encrypt_flag = 0; + } else if (strcmp(*argv, "-nm") == 0) { + mic_flag = 0; + } else if (strcmp(*argv, "-v1") == 0) { + v1_format = 1; + } else + break; + argc--; argv++; + } + if (argc != 3) + usage(); #ifdef _WIN32 if (max_threads < 1) { @@ -830,16 +831,16 @@ int main(argc, argv) SetEnvironmentVariable("KERBEROSLOGIN_NEVER_PROMPT","1"); #endif - server_host = *argv++; - service_name = *argv++; - msg = *argv++; + server_host = *argv++; + service_name = *argv++; + msg = *argv++; - if (mechanism) - parse_oid(mechanism, &oid); + if (mechanism) + parse_oid(mechanism, &oid); - if (get_server_info(server_host, port) < 0) { - exit(1); - } + if (get_server_info(server_host, port) < 0) { + exit(1); + } if ( max_threads == 1 ) { for (i = 0; i < ccount; i++) { @@ -854,14 +855,14 @@ int main(argc, argv) exit(7); } #else - int err; - pthread_t thr; - err = pthread_create(&thr, 0, (void *(*)(void *))worker_bee, malloc(12)); - if (err) { - perror("pthread_create"); - exit(7); - } - (void) pthread_detach(thr); + int err; + pthread_t thr; + err = pthread_create(&thr, 0, (void *(*)(void *))worker_bee, malloc(12)); + if (err) { + perror("pthread_create"); + exit(7); + } + (void) pthread_detach(thr); #endif } else { exit(8); @@ -876,7 +877,7 @@ int main(argc, argv) CleanupHandles(); #else if (max_threads > 1) - sleep(10); + sleep(10); #endif return 0; diff --git a/src/tests/gss-threads/gss-server.c b/src/tests/gss-threads/gss-server.c index a751bf209d..532ee86a62 100644 --- a/src/tests/gss-threads/gss-server.c +++ b/src/tests/gss-threads/gss-server.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1994 by OpenVision Technologies, Inc. * @@ -74,13 +75,13 @@ static void usage() { - fprintf(stderr, "Usage: gss-server [-port port] [-verbose] [-once]"); + fprintf(stderr, "Usage: gss-server [-port port] [-verbose] [-once]"); #ifdef _WIN32 - fprintf(stderr, " [-threads num]"); + fprintf(stderr, " [-threads num]"); #endif - fprintf(stderr, "\n"); - fprintf(stderr, " [-inetd] [-export] [-logfile file] service_name\n"); - exit(1); + fprintf(stderr, "\n"); + fprintf(stderr, " [-inetd] [-export] [-logfile file] service_name\n"); + exit(1); } FILE *logfile; @@ -94,8 +95,8 @@ int verbose = 0; * * Arguments: * - * service_name (r) the ASCII service name - * server_creds (w) the GSS-API service credentials + * service_name (r) the ASCII service name + * server_creds (w) the GSS-API service credentials * * Returns: 0 on success, -1 on failure * @@ -107,33 +108,33 @@ int verbose = 0; * 0 is returned. */ static int server_acquire_creds(service_name, server_creds) - char *service_name; - gss_cred_id_t *server_creds; + char *service_name; + gss_cred_id_t *server_creds; { - gss_buffer_desc name_buf; - gss_name_t server_name; - OM_uint32 maj_stat, min_stat; - - name_buf.value = service_name; - name_buf.length = strlen(name_buf.value) + 1; - maj_stat = gss_import_name(&min_stat, &name_buf, - (gss_OID) gss_nt_service_name, &server_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("importing name", maj_stat, min_stat); - return -1; - } - - maj_stat = gss_acquire_cred(&min_stat, server_name, 0, - GSS_C_NULL_OID_SET, GSS_C_ACCEPT, - server_creds, NULL, NULL); - if (maj_stat != GSS_S_COMPLETE) { - display_status("acquiring credentials", maj_stat, min_stat); - return -1; - } - - (void) gss_release_name(&min_stat, &server_name); - - return 0; + gss_buffer_desc name_buf; + gss_name_t server_name; + OM_uint32 maj_stat, min_stat; + + name_buf.value = service_name; + name_buf.length = strlen(name_buf.value) + 1; + maj_stat = gss_import_name(&min_stat, &name_buf, + (gss_OID) gss_nt_service_name, &server_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("importing name", maj_stat, min_stat); + return -1; + } + + maj_stat = gss_acquire_cred(&min_stat, server_name, 0, + GSS_C_NULL_OID_SET, GSS_C_ACCEPT, + server_creds, NULL, NULL); + if (maj_stat != GSS_S_COMPLETE) { + display_status("acquiring credentials", maj_stat, min_stat); + return -1; + } + + (void) gss_release_name(&min_stat, &server_name); + + return 0; } /* @@ -145,10 +146,10 @@ static int server_acquire_creds(service_name, server_creds) * * Arguments: * - * s (r) an established TCP connection to the client - * service_creds (r) server credentials, from gss_acquire_cred - * context (w) the established GSS-API context - * client_name (w) the client's ASCII name + * s (r) an established TCP connection to the client + * service_creds (r) server credentials, from gss_acquire_cred + * context (w) the established GSS-API context + * client_name (w) the client's ASCII name * * Returns: 0 on success, -1 on failure * @@ -160,131 +161,131 @@ static int server_acquire_creds(service_name, server_creds) * message is displayed and -1 is returned. */ static int server_establish_context(s, server_creds, context, client_name, - ret_flags) - int s; - gss_cred_id_t server_creds; - gss_ctx_id_t *context; - gss_buffer_t client_name; - OM_uint32 *ret_flags; + ret_flags) + int s; + gss_cred_id_t server_creds; + gss_ctx_id_t *context; + gss_buffer_t client_name; + OM_uint32 *ret_flags; { - gss_buffer_desc send_tok, recv_tok; - gss_name_t client; - gss_OID doid; - OM_uint32 maj_stat, min_stat, acc_sec_min_stat; - gss_buffer_desc oid_name; - int token_flags; - - if (recv_token(s, &token_flags, &recv_tok) < 0) - return -1; - - if (recv_tok.value) { - free (recv_tok.value); - recv_tok.value = NULL; - } - - if (! (token_flags & TOKEN_NOOP)) { - if (logfile) - fprintf(logfile, "Expected NOOP token, got %d token instead\n", - token_flags); - return -1; - } - - *context = GSS_C_NO_CONTEXT; - - if (token_flags & TOKEN_CONTEXT_NEXT) { - do { - if (recv_token(s, &token_flags, &recv_tok) < 0) - return -1; - - if (verbose && logfile) { - fprintf(logfile, "Received token (size=%d): \n", (int) recv_tok.length); - print_token(&recv_tok); - } - - maj_stat = - gss_accept_sec_context(&acc_sec_min_stat, - context, - server_creds, - &recv_tok, - GSS_C_NO_CHANNEL_BINDINGS, - &client, - &doid, - &send_tok, - ret_flags, - NULL, /* ignore time_rec */ - NULL); /* ignore del_cred_handle */ - - if(recv_tok.value) { - free(recv_tok.value); - recv_tok.value = NULL; - } - - if (send_tok.length != 0) { - if (verbose && logfile) { - fprintf(logfile, - "Sending accept_sec_context token (size=%d):\n", - (int) send_tok.length); - print_token(&send_tok); - } - if (send_token(s, TOKEN_CONTEXT, &send_tok) < 0) { - if (logfile) - fprintf(logfile, "failure sending token\n"); - return -1; - } - - (void) gss_release_buffer(&min_stat, &send_tok); - } - if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) { - display_status("accepting context", maj_stat, - acc_sec_min_stat); - if (*context != GSS_C_NO_CONTEXT) - gss_delete_sec_context(&min_stat, context, - GSS_C_NO_BUFFER); - return -1; - } - - if (verbose && logfile) { - if (maj_stat == GSS_S_CONTINUE_NEEDED) - fprintf(logfile, "continue needed...\n"); - else - fprintf(logfile, "\n"); - fflush(logfile); - } - } while (maj_stat == GSS_S_CONTINUE_NEEDED); - - /* display the flags */ - display_ctx_flags(*ret_flags); - - if (verbose && logfile) { - maj_stat = gss_oid_to_str(&min_stat, doid, &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - fprintf(logfile, "Accepted connection using mechanism OID %.*s.\n", - (int) oid_name.length, (char *) oid_name.value); - (void) gss_release_buffer(&min_stat, &oid_name); - } - - maj_stat = gss_display_name(&min_stat, client, client_name, &doid); - if (maj_stat != GSS_S_COMPLETE) { - display_status("displaying name", maj_stat, min_stat); - return -1; - } - maj_stat = gss_release_name(&min_stat, &client); - if (maj_stat != GSS_S_COMPLETE) { - display_status("releasing name", maj_stat, min_stat); - return -1; - } - } - else { - client_name->length = *ret_flags = 0; - - if (logfile) - fprintf(logfile, "Accepted unauthenticated connection.\n"); - } - - return 0; + gss_buffer_desc send_tok, recv_tok; + gss_name_t client; + gss_OID doid; + OM_uint32 maj_stat, min_stat, acc_sec_min_stat; + gss_buffer_desc oid_name; + int token_flags; + + if (recv_token(s, &token_flags, &recv_tok) < 0) + return -1; + + if (recv_tok.value) { + free (recv_tok.value); + recv_tok.value = NULL; + } + + if (! (token_flags & TOKEN_NOOP)) { + if (logfile) + fprintf(logfile, "Expected NOOP token, got %d token instead\n", + token_flags); + return -1; + } + + *context = GSS_C_NO_CONTEXT; + + if (token_flags & TOKEN_CONTEXT_NEXT) { + do { + if (recv_token(s, &token_flags, &recv_tok) < 0) + return -1; + + if (verbose && logfile) { + fprintf(logfile, "Received token (size=%d): \n", (int) recv_tok.length); + print_token(&recv_tok); + } + + maj_stat = + gss_accept_sec_context(&acc_sec_min_stat, + context, + server_creds, + &recv_tok, + GSS_C_NO_CHANNEL_BINDINGS, + &client, + &doid, + &send_tok, + ret_flags, + NULL, /* ignore time_rec */ + NULL); /* ignore del_cred_handle */ + + if(recv_tok.value) { + free(recv_tok.value); + recv_tok.value = NULL; + } + + if (send_tok.length != 0) { + if (verbose && logfile) { + fprintf(logfile, + "Sending accept_sec_context token (size=%d):\n", + (int) send_tok.length); + print_token(&send_tok); + } + if (send_token(s, TOKEN_CONTEXT, &send_tok) < 0) { + if (logfile) + fprintf(logfile, "failure sending token\n"); + return -1; + } + + (void) gss_release_buffer(&min_stat, &send_tok); + } + if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) { + display_status("accepting context", maj_stat, + acc_sec_min_stat); + if (*context != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, context, + GSS_C_NO_BUFFER); + return -1; + } + + if (verbose && logfile) { + if (maj_stat == GSS_S_CONTINUE_NEEDED) + fprintf(logfile, "continue needed...\n"); + else + fprintf(logfile, "\n"); + fflush(logfile); + } + } while (maj_stat == GSS_S_CONTINUE_NEEDED); + + /* display the flags */ + display_ctx_flags(*ret_flags); + + if (verbose && logfile) { + maj_stat = gss_oid_to_str(&min_stat, doid, &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + fprintf(logfile, "Accepted connection using mechanism OID %.*s.\n", + (int) oid_name.length, (char *) oid_name.value); + (void) gss_release_buffer(&min_stat, &oid_name); + } + + maj_stat = gss_display_name(&min_stat, client, client_name, &doid); + if (maj_stat != GSS_S_COMPLETE) { + display_status("displaying name", maj_stat, min_stat); + return -1; + } + maj_stat = gss_release_name(&min_stat, &client); + if (maj_stat != GSS_S_COMPLETE) { + display_status("releasing name", maj_stat, min_stat); + return -1; + } + } + else { + client_name->length = *ret_flags = 0; + + if (logfile) + fprintf(logfile, "Accepted unauthenticated connection.\n"); + } + + return 0; } /* @@ -294,7 +295,7 @@ static int server_establish_context(s, server_creds, context, client_name, * * Arguments: * - * port (r) the port number on which to listen + * port (r) the port number on which to listen * * Returns: the listening socket file descriptor, or -1 on failure * @@ -304,88 +305,88 @@ static int server_establish_context(s, server_creds, context, client_name, * On error, an error message is displayed and -1 is returned. */ static int create_socket(port) - u_short port; + u_short port; { - struct sockaddr_in saddr; - int s; - int on = 1; - - saddr.sin_family = AF_INET; - saddr.sin_port = htons(port); - saddr.sin_addr.s_addr = INADDR_ANY; - - if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - perror("creating socket"); - return -1; - } - /* Let the socket be reused right away */ - (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on)); - if (bind(s, (struct sockaddr *) &saddr, sizeof(saddr)) < 0) { - perror("binding socket"); - (void) close(s); - return -1; - } - if (listen(s, 5) < 0) { - perror("listening on socket"); - (void) close(s); - return -1; - } - return s; + struct sockaddr_in saddr; + int s; + int on = 1; + + saddr.sin_family = AF_INET; + saddr.sin_port = htons(port); + saddr.sin_addr.s_addr = INADDR_ANY; + + if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { + perror("creating socket"); + return -1; + } + /* Let the socket be reused right away */ + (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on)); + if (bind(s, (struct sockaddr *) &saddr, sizeof(saddr)) < 0) { + perror("binding socket"); + (void) close(s); + return -1; + } + if (listen(s, 5) < 0) { + perror("listening on socket"); + (void) close(s); + return -1; + } + return s; } static float timeval_subtract(tv1, tv2) - struct timeval *tv1, *tv2; + struct timeval *tv1, *tv2; { - return ((tv1->tv_sec - tv2->tv_sec) + - ((float) (tv1->tv_usec - tv2->tv_usec)) / 1000000); + return ((tv1->tv_sec - tv2->tv_sec) + + ((float) (tv1->tv_usec - tv2->tv_usec)) / 1000000); } /* * Yes, yes, this isn't the best place for doing this test. * DO NOT REMOVE THIS UNTIL A BETTER TEST HAS BEEN WRITTEN, THOUGH. - * -TYT + * -TYT */ static int test_import_export_context(context) - gss_ctx_id_t *context; + gss_ctx_id_t *context; { - OM_uint32 min_stat, maj_stat; - gss_buffer_desc context_token, copied_token; - struct timeval tm1, tm2; - - /* - * Attempt to save and then restore the context. - */ - gettimeofday(&tm1, (struct timezone *)0); - maj_stat = gss_export_sec_context(&min_stat, context, &context_token); - if (maj_stat != GSS_S_COMPLETE) { - display_status("exporting context", maj_stat, min_stat); - return 1; - } - gettimeofday(&tm2, (struct timezone *)0); - if (verbose && logfile) - fprintf(logfile, "Exported context: %d bytes, %7.4f seconds\n", - (int) context_token.length, - timeval_subtract(&tm2, &tm1)); - copied_token.length = context_token.length; - copied_token.value = malloc(context_token.length); - if (copied_token.value == 0) { - if (logfile) - fprintf(logfile, "Couldn't allocate memory to copy context token.\n"); - return 1; - } - memcpy(copied_token.value, context_token.value, copied_token.length); - maj_stat = gss_import_sec_context(&min_stat, &copied_token, context); - if (maj_stat != GSS_S_COMPLETE) { - display_status("importing context", maj_stat, min_stat); - return 1; - } - free(copied_token.value); - gettimeofday(&tm1, (struct timezone *)0); - if (verbose && logfile) - fprintf(logfile, "Importing context: %7.4f seconds\n", - timeval_subtract(&tm1, &tm2)); - (void) gss_release_buffer(&min_stat, &context_token); - return 0; + OM_uint32 min_stat, maj_stat; + gss_buffer_desc context_token, copied_token; + struct timeval tm1, tm2; + + /* + * Attempt to save and then restore the context. + */ + gettimeofday(&tm1, (struct timezone *)0); + maj_stat = gss_export_sec_context(&min_stat, context, &context_token); + if (maj_stat != GSS_S_COMPLETE) { + display_status("exporting context", maj_stat, min_stat); + return 1; + } + gettimeofday(&tm2, (struct timezone *)0); + if (verbose && logfile) + fprintf(logfile, "Exported context: %d bytes, %7.4f seconds\n", + (int) context_token.length, + timeval_subtract(&tm2, &tm1)); + copied_token.length = context_token.length; + copied_token.value = malloc(context_token.length); + if (copied_token.value == 0) { + if (logfile) + fprintf(logfile, "Couldn't allocate memory to copy context token.\n"); + return 1; + } + memcpy(copied_token.value, context_token.value, copied_token.length); + maj_stat = gss_import_sec_context(&min_stat, &copied_token, context); + if (maj_stat != GSS_S_COMPLETE) { + display_status("importing context", maj_stat, min_stat); + return 1; + } + free(copied_token.value); + gettimeofday(&tm1, (struct timezone *)0); + if (verbose && logfile) + fprintf(logfile, "Importing context: %7.4f seconds\n", + timeval_subtract(&tm1, &tm2)); + (void) gss_release_buffer(&min_stat, &context_token); + return 0; } /* @@ -395,11 +396,11 @@ static int test_import_export_context(context) * * Arguments: * - * s (r) a TCP socket on which a connection has been - * accept()ed - * service_name (r) the ASCII name of the GSS-API service to - * establish a context as - * export (r) whether to test context exporting + * s (r) a TCP socket on which a connection has been + * accept()ed + * service_name (r) the ASCII name of the GSS-API service to + * establish a context as + * export (r) whether to test context exporting * * Returns: -1 on error * @@ -415,20 +416,20 @@ static int test_import_export_context(context) * If any error occurs, -1 is returned. */ static int sign_server(s, server_creds, export) - int s; - gss_cred_id_t server_creds; - int export; + int s; + gss_cred_id_t server_creds; + int export; { gss_buffer_desc client_name, xmit_buf, msg_buf; gss_ctx_id_t context; OM_uint32 maj_stat, min_stat; int i, conf_state, ret_flags; - char *cp; + char *cp; int token_flags; /* Establish a context with the client */ if (server_establish_context(s, server_creds, &context, - &client_name, &ret_flags) < 0) + &client_name, &ret_flags) < 0) return(-1); if (context == GSS_C_NO_CONTEXT) { @@ -436,7 +437,7 @@ static int sign_server(s, server_creds, export) } else { printf("Accepted connection: \"%.*s\"\n", - (int) client_name.length, (char *) client_name.value); + (int) client_name.length, (char *) client_name.value); (void) gss_release_buffer(&min_stat, &client_name); if (export) { @@ -467,10 +468,10 @@ static int sign_server(s, server_creds, export) } if ((context == GSS_C_NO_CONTEXT) && - ( token_flags & (TOKEN_WRAPPED|TOKEN_ENCRYPTED|TOKEN_SEND_MIC))) { + ( token_flags & (TOKEN_WRAPPED|TOKEN_ENCRYPTED|TOKEN_SEND_MIC))) { if (logfile) fprintf(logfile, - "Unauthenticated client requested authenticated services!\n"); + "Unauthenticated client requested authenticated services!\n"); if(xmit_buf.value) { free (xmit_buf.value); xmit_buf.value = 0; @@ -480,7 +481,7 @@ static int sign_server(s, server_creds, export) if (token_flags & TOKEN_WRAPPED) { maj_stat = gss_unwrap(&min_stat, context, &xmit_buf, &msg_buf, - &conf_state, (gss_qop_t *) NULL); + &conf_state, (gss_qop_t *) NULL); if (maj_stat != GSS_S_COMPLETE) { display_status("unsealing message", maj_stat, min_stat); if(xmit_buf.value) { @@ -505,19 +506,19 @@ static int sign_server(s, server_creds, export) fprintf(logfile, "Received message: "); cp = msg_buf.value; if ((isprint((int) cp[0]) || isspace((int) cp[0])) && - (isprint((int) cp[1]) || isspace((int) cp[1]))) { + (isprint((int) cp[1]) || isspace((int) cp[1]))) { fprintf(logfile, "\"%.*s\"\n", (int) msg_buf.length, - (char *) msg_buf.value); - } else { - fprintf(logfile, "\n"); - print_token(&msg_buf); - } + (char *) msg_buf.value); + } else { + fprintf(logfile, "\n"); + print_token(&msg_buf); + } } if (token_flags & TOKEN_SEND_MIC) { /* Produce a signature block for the message */ maj_stat = gss_get_mic(&min_stat, context, GSS_C_QOP_DEFAULT, - &msg_buf, &xmit_buf); + &msg_buf, &xmit_buf); if (maj_stat != GSS_S_COMPLETE) { display_status("signing message", maj_stat, min_stat); return(-1); @@ -631,16 +632,16 @@ WaitAndIncrementThreadCounter(void) int err; err = pthread_mutex_lock(&counter_mutex); if (err) { - perror("pthread_mutex_lock"); - return 0; + perror("pthread_mutex_lock"); + return 0; } if (counter == max_threads) { - err = pthread_cond_wait(&counter_cond, &counter_mutex); - if (err) { - pthread_mutex_unlock(&counter_mutex); - perror("pthread_cond_wait"); - return 0; - } + err = pthread_cond_wait(&counter_cond, &counter_mutex); + if (err) { + pthread_mutex_unlock(&counter_mutex); + perror("pthread_cond_wait"); + return 0; + } } counter++; pthread_mutex_unlock(&counter_mutex); @@ -652,11 +653,11 @@ DecrementAndSignalThreadCounter(void) int err; err = pthread_mutex_lock(&counter_mutex); if (err) { - perror("pthread_mutex_lock"); - return; + perror("pthread_mutex_lock"); + return; } if (counter == max_threads) - pthread_cond_broadcast(&counter_cond); + pthread_cond_broadcast(&counter_cond); counter--; pthread_mutex_unlock(&counter_mutex); } @@ -689,69 +690,69 @@ worker_bee(void * param) int main(argc, argv) - int argc; - char **argv; + int argc; + char **argv; { - char *service_name; - gss_cred_id_t server_creds; - OM_uint32 min_stat; - u_short port = 4444; - int once = 0; - int do_inetd = 0; - int export = 0; - - signal(SIGPIPE, SIG_IGN); - logfile = stdout; - display_file = stdout; - argc--; argv++; - while (argc) { - if (strcmp(*argv, "-port") == 0) { - argc--; argv++; - if (!argc) usage(); - port = atoi(*argv); - } + char *service_name; + gss_cred_id_t server_creds; + OM_uint32 min_stat; + u_short port = 4444; + int once = 0; + int do_inetd = 0; + int export = 0; + + signal(SIGPIPE, SIG_IGN); + logfile = stdout; + display_file = stdout; + argc--; argv++; + while (argc) { + if (strcmp(*argv, "-port") == 0) { + argc--; argv++; + if (!argc) usage(); + port = atoi(*argv); + } #if defined _WIN32 || 1 - else if (strcmp(*argv, "-threads") == 0) { - argc--; argv++; - if (!argc) usage(); - max_threads = atoi(*argv); - } + else if (strcmp(*argv, "-threads") == 0) { + argc--; argv++; + if (!argc) usage(); + max_threads = atoi(*argv); + } #endif - else if (strcmp(*argv, "-verbose") == 0) { - verbose = 1; - } else if (strcmp(*argv, "-once") == 0) { - once = 1; - } else if (strcmp(*argv, "-inetd") == 0) { - do_inetd = 1; - } else if (strcmp(*argv, "-export") == 0) { - export = 1; - } else if (strcmp(*argv, "-logfile") == 0) { - argc--; argv++; - if (!argc) usage(); - /* Gross hack, but it makes it unnecessary to add an - extra argument to disable logging, and makes the code - more efficient because it doesn't actually write data - to /dev/null. */ - if (! strcmp(*argv, "/dev/null")) { - logfile = display_file = NULL; - } - else { - logfile = fopen(*argv, "a"); - display_file = logfile; - if (!logfile) { - perror(*argv); - exit(1); - } - } - } else - break; - argc--; argv++; - } - if (argc != 1) - usage(); - - if ((*argv)[0] == '-') - usage(); + else if (strcmp(*argv, "-verbose") == 0) { + verbose = 1; + } else if (strcmp(*argv, "-once") == 0) { + once = 1; + } else if (strcmp(*argv, "-inetd") == 0) { + do_inetd = 1; + } else if (strcmp(*argv, "-export") == 0) { + export = 1; + } else if (strcmp(*argv, "-logfile") == 0) { + argc--; argv++; + if (!argc) usage(); + /* Gross hack, but it makes it unnecessary to add an + extra argument to disable logging, and makes the code + more efficient because it doesn't actually write data + to /dev/null. */ + if (! strcmp(*argv, "/dev/null")) { + logfile = display_file = NULL; + } + else { + logfile = fopen(*argv, "a"); + display_file = logfile; + if (!logfile) { + perror(*argv); + exit(1); + } + } + } else + break; + argc--; argv++; + } + if (argc != 1) + usage(); + + if ((*argv)[0] == '-') + usage(); #ifdef _WIN32 if (max_threads < 1) { @@ -765,88 +766,88 @@ main(argc, argv) InitHandles(); #endif - service_name = *argv; + service_name = *argv; - if (server_acquire_creds(service_name, &server_creds) < 0) - return -1; + if (server_acquire_creds(service_name, &server_creds) < 0) + return -1; - if (do_inetd) { - close(1); - close(2); + if (do_inetd) { + close(1); + close(2); - sign_server(0, server_creds, export); - close(0); - } else { - int stmp; + sign_server(0, server_creds, export); + close(0); + } else { + int stmp; - if ((stmp = create_socket(port)) >= 0) { - if (listen(stmp, max_threads == 1 ? 0 : max_threads) < 0) - perror("listening on socket"); + if ((stmp = create_socket(port)) >= 0) { + if (listen(stmp, max_threads == 1 ? 0 : max_threads) < 0) + perror("listening on socket"); - do { - struct _work_plan * work = malloc(sizeof(struct _work_plan)); + do { + struct _work_plan * work = malloc(sizeof(struct _work_plan)); - if ( work == NULL ) { - fprintf(stderr, "fatal error: out of memory"); - break; - } + if ( work == NULL ) { + fprintf(stderr, "fatal error: out of memory"); + break; + } - /* Accept a TCP connection */ - if ((work->s = accept(stmp, NULL, 0)) < 0) { - perror("accepting connection"); - continue; - } + /* Accept a TCP connection */ + if ((work->s = accept(stmp, NULL, 0)) < 0) { + perror("accepting connection"); + continue; + } - work->server_creds = server_creds; - work->export = export; + work->server_creds = server_creds; + work->export = export; - if (max_threads == 1) { - worker_bee((void *)work); - } + if (max_threads == 1) { + worker_bee((void *)work); + } #if defined _WIN32 || 1 - else { - if ( WaitAndIncrementThreadCounter() ) { + else { + if ( WaitAndIncrementThreadCounter() ) { #ifdef _WIN32 - uintptr_t handle = _beginthread(worker_bee, 0, (void *)work); - if (handle == (uintptr_t)-1) { - closesocket(work->s); - free(work); - } + uintptr_t handle = _beginthread(worker_bee, 0, (void *)work); + if (handle == (uintptr_t)-1) { + closesocket(work->s); + free(work); + } #else - int err; - pthread_t thr; - err = pthread_create(&thr, 0, (void *(*)(void *))worker_bee, - (void *) work); - if (err) { - perror("pthread_create"); - closesocket(work->s); - free(work); - } - (void) pthread_detach(thr); + int err; + pthread_t thr; + err = pthread_create(&thr, 0, (void *(*)(void *))worker_bee, + (void *) work); + if (err) { + perror("pthread_create"); + closesocket(work->s); + free(work); + } + (void) pthread_detach(thr); #endif - } else { - fprintf(stderr, "fatal error incrementing thread counter"); - closesocket(work->s); - free(work); - break; - } - } + } else { + fprintf(stderr, "fatal error incrementing thread counter"); + closesocket(work->s); + free(work); + break; + } + } #endif - } while (!once); + } while (!once); - closesocket(stmp); - } - } + closesocket(stmp); + } + } - (void) gss_release_cred(&min_stat, &server_creds); + (void) gss_release_cred(&min_stat, &server_creds); #ifdef _WIN32 CleanupHandles(); #else if (max_threads > 1) - while (1) - sleep (999999); + while (1) + sleep (999999); #endif - return 0; + return 0; } |