diff options
author | Simo Sorce <simo@redhat.com> | 2012-08-22 14:05:42 +0200 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2012-10-25 15:53:31 -0400 |
commit | 3895ae03c33771bf9028e16a8d9ac07af38083f4 (patch) | |
tree | 67a42bfe141e28e71f1aa5f4b95a47bc18db4dee /proxy/tests | |
parent | 3cfba35d2c7cbba0601ef302fbbb90ba08293b89 (diff) | |
download | gss-proxy-3895ae03c33771bf9028e16a8d9ac07af38083f4.tar.gz gss-proxy-3895ae03c33771bf9028e16a8d9ac07af38083f4.tar.xz gss-proxy-3895ae03c33771bf9028e16a8d9ac07af38083f4.zip |
Add context related tests
Diffstat (limited to 'proxy/tests')
-rw-r--r-- | proxy/tests/interposetest.c | 102 |
1 files changed, 98 insertions, 4 deletions
diff --git a/proxy/tests/interposetest.c b/proxy/tests/interposetest.c index 9357e93..16bb06d 100644 --- a/proxy/tests/interposetest.c +++ b/proxy/tests/interposetest.c @@ -116,6 +116,56 @@ static int gp_recv_buffer(int fd, char *buf, uint32_t *len) return 0; } +static int gptest_inq_context(gss_ctx_id_t ctx) +{ + gss_name_t targ_name = GSS_C_NO_NAME; + gss_name_t src_name = GSS_C_NO_NAME; + OM_uint32 lifetime_rec = -1; + OM_uint32 ctx_flags = -1; + gss_OID mech_type = GSS_C_NO_OID; + int locally_initiated = -1; + int open = -1; + gss_buffer_desc sname = {0}; + gss_buffer_desc tname = {0}; + gss_buffer_desc mechstr = {0}; + OM_uint32 time_rec = -1; + OM_uint32 maj, min; + + maj = gss_inquire_context(&min, ctx, &src_name, &targ_name, + &lifetime_rec, &mech_type, &ctx_flags, + &locally_initiated, &open); + if (maj == GSS_S_COMPLETE) { + gss_OID type = GSS_C_NO_OID; + maj = gss_display_name(&min, src_name, &sname, &type); + if (maj != GSS_S_COMPLETE) { + goto done; + } + maj = gss_display_name(&min, targ_name, &tname, &type); + if (maj != GSS_S_COMPLETE) { + goto done; + } + maj = gss_oid_to_str(&min, mech_type, &mechstr); + if (maj != GSS_S_COMPLETE) { + goto done; + } + DEBUG("Context properties: " + "[ s:%s, t:%s, m:%s, l:%d, f:%d, i:%d, o:%d ]\n", + (char *)sname.value, (char *)tname.value, (char *)mechstr.value, + (int)lifetime_rec, (int)ctx_flags, locally_initiated, open); + } + + maj = gss_context_time(&min, ctx, &time_rec); + if (maj == GSS_S_COMPLETE) { + DEBUG("Context validity: %d sec.\n", time_rec); + } + +done: + (void)gss_release_buffer(&min, &sname); + (void)gss_release_buffer(&min, &tname); + (void)gss_release_buffer(&min, &mechstr); + return maj; +} + #define PROXY_LOCAL_ONLY 0 #define PROXY_LOCAL_FIRST 1 #define PROXY_REMOTE_FIRST 2 @@ -201,6 +251,12 @@ void run_client(struct aproc *data) } while (ret_maj == GSS_S_CONTINUE_NEEDED); + ret = gptest_inq_context(ctx); + if (ret) { + DEBUG("Failed to inquire context!\n"); + goto done; + } + /* test encryption */ msg_buf.length = strlen(message) + 1; msg_buf.value = (void *)message; @@ -241,6 +297,20 @@ void run_client(struct aproc *data) } fprintf(stdout, "Client, RECV: [%s]\n", buffer); + ret_maj = gss_delete_sec_context(&ret_min, &ctx, &out_token); + if (ret_maj != GSS_S_COMPLETE) { + DEBUG("Failed to delete context!\n"); + gp_log_failure(GSS_C_NO_OID, ret_maj, ret_min); + goto done; + } + + ret = gp_send_buffer(data->srv_pipe[1], out_token.value, out_token.length); + if (ret) { + goto done; + } + + gss_release_buffer(&ret_min, &out_token); + DEBUG("Success!\n"); done: @@ -275,7 +345,7 @@ void run_server(struct aproc *data) gss_buffer_desc short_desc = GSS_C_EMPTY_BUFFER; gss_buffer_desc long_desc = GSS_C_EMPTY_BUFFER; gss_OID_set mechs = GSS_C_NO_OID_SET; - gss_buffer_desc target_buf; + gss_buffer_desc const_buf; gss_name_t target_name = GSS_C_NO_NAME; gss_name_t canon_name = GSS_C_NO_NAME; gss_buffer_desc out_name_buf = GSS_C_EMPTY_BUFFER; @@ -283,11 +353,11 @@ void run_server(struct aproc *data) const char *message = "This message is authentic!"; int ret = -1; - target_buf.value = (void *)data->target; - target_buf.length = strlen(data->target) + 1; + const_buf.value = (void *)data->target; + const_buf.length = strlen(data->target) + 1; /* import name family functions tests */ - ret_maj = gss_import_name(&ret_min, &target_buf, + ret_maj = gss_import_name(&ret_min, &const_buf, GSS_C_NT_HOSTBASED_SERVICE, &target_name); if (ret_maj) { DEBUG("gssproxy returned an error: %d\n", ret_maj); @@ -421,6 +491,12 @@ void run_server(struct aproc *data) gss_release_buffer(&ret_min, &out_token); + ret = gptest_inq_context(context_handle); + if (ret) { + DEBUG("Failed to inquire context!\n"); + goto done; + } + ret = gp_recv_buffer(data->srv_pipe[0], buffer, &buflen); if (ret) { DEBUG("Failed to get data from client!\n"); @@ -464,6 +540,24 @@ void run_server(struct aproc *data) gss_release_buffer(&ret_min, &out_token); + ret = gp_recv_buffer(data->srv_pipe[0], buffer, &buflen); + if (ret) { + goto done; + } + const_buf.value = buffer; + const_buf.length = buflen; + + ret_maj = gss_process_context_token(&ret_min, context_handle, &const_buf); + if (ret_maj != GSS_S_COMPLETE) { + DEBUG("Failed to process context token.\n"); + gp_log_failure(GSS_C_NO_OID, ret_maj, ret_min); + goto done; + } + /* The follwing will cause the context to leak, but it is unavoidable until + * gss_process_context_token() is fixed to at least NULL the internal + * context in the union context. */ + context_handle = GSS_C_NO_CONTEXT; + DEBUG("Success!\n"); done: |