1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/krb5/krb/t_ser.c - Test serialization */
4 * Copyright 1995 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
33 static const char stuff[]="You can't take a pointer to a function and convert \
34 it to a pointer to char; ANSI doesn't say it'll work, and in fact on the HPPA \
35 you can lose some bits of the function pointer, and get a pointer that you \
36 can't safely dereference. This test file used to make this mistake, often.";
39 * Dump an external representation.
42 print_erep(krb5_octet *erep, size_t elen)
48 for (j=0; j<15; j++) {
50 printf("%02x ", erep[i+j]);
55 for (j=0; j<15; j++) {
57 if (isprint(erep[i+j]) && (erep[i+j] != '\n'))
58 printf("%c", erep[i+j]);
71 * Do a serialization test.
73 static krb5_error_code
74 ser_data(int verbose, char *msg, krb5_pointer ctx, krb5_magic dtype)
79 krb5_octet *outrep, *ibuf, *outrep2;
80 size_t outlen, ilen, outlen2;
82 /* Initialize context and initialize all Kerberos serializers */
83 if ((kret = krb5_init_context(&ser_ctx))) {
84 printf("Couldn't initialize krb5 library: %s\n",
88 krb5_ser_context_init(ser_ctx);
89 krb5_ser_auth_context_init(ser_ctx);
90 krb5_ser_ccache_init(ser_ctx);
91 krb5_ser_rcache_init(ser_ctx);
92 krb5_ser_keytab_init(ser_ctx);
94 /* Externalize the data */
95 kret = krb5_externalize_data(ser_ctx, ctx, &outrep, &outlen);
98 printf("%s: externalized in %d bytes\n", msg, (int)outlen);
99 print_erep(outrep, outlen);
102 /* Now attempt to re-constitute it */
105 kret = krb5_internalize_opaque(ser_ctx,
107 (krb5_pointer *) &nctx,
112 printf("%s: %d bytes left over after internalize\n",
114 /* Now attempt to re-externalize it */
115 kret = krb5_externalize_data(ser_ctx, nctx, &outrep2, &outlen2);
117 /* Compare the results. */
118 if ((outlen2 != outlen) ||
119 memcmp(outrep, outrep2, outlen)) {
120 printf("%s: comparison failed\n", msg);
121 print_erep(outrep2, outlen2);
125 printf("%s: compare succeeded\n", msg);
130 printf("%s: second externalize returned %d\n", msg, kret);
135 krb5_free_context((krb5_context) nctx);
137 case KV5M_AUTH_CONTEXT:
138 krb5_auth_con_free(ser_ctx, (krb5_auth_context) nctx);
141 krb5_cc_close(ser_ctx, (krb5_ccache) nctx);
144 krb5_rc_close(ser_ctx, (krb5_rcache) nctx);
147 krb5_kt_close(ser_ctx, (krb5_keytab) nctx);
149 case KV5M_ENCRYPT_BLOCK:
151 krb5_encrypt_block *eblock;
153 eblock = (krb5_encrypt_block *) nctx;
155 krb5_free_keyblock(ser_ctx, eblock->key);
160 krb5_free_principal(ser_ctx, (krb5_principal) nctx);
163 krb5_free_checksum(ser_ctx, (krb5_checksum *) nctx);
166 printf("don't know how to free %d\n", dtype);
171 printf("%s: internalize returned %d\n", msg, kret);
175 printf("%s: externalize_data returned %d\n", msg, kret);
176 krb5_free_context(ser_ctx);
181 * Serialize krb5_context.
183 static krb5_error_code
184 ser_kcontext_test(krb5_context kcontext, int verbose)
186 krb5_error_code kret;
190 snprintf(dbname, sizeof(dbname), "temp_%d", (int) getpid());
191 sprofile = kcontext->profile;
192 kcontext->profile = (profile_t) NULL;
193 if (!(kret = ser_data(verbose, "> Context with no profile",
194 (krb5_pointer) kcontext,
196 kcontext->profile = sprofile;
197 if (!(kret = ser_data(verbose, "> Context with no realm",
198 (krb5_pointer) kcontext,
200 !(kret = krb5_set_default_realm(kcontext, "this.is.a.test"))) {
201 if (!(kret = ser_data(verbose, "> Context with default realm",
202 (krb5_pointer) kcontext,
205 printf("* krb5_context test succeeded\n");
210 printf("* krb5_context test failed\n");
215 * Serialize krb5_auth_context.
217 static krb5_error_code
218 ser_acontext_test(krb5_context kcontext, int verbose)
220 krb5_error_code kret;
221 krb5_auth_context actx;
222 krb5_address local_address;
223 krb5_address remote_address;
224 krb5_octet laddr_bytes[16];
225 krb5_octet raddr_bytes[16];
226 krb5_keyblock ukeyblock;
227 krb5_octet keydata[8];
228 krb5_authenticator aent;
230 krb5_authdata *adatalist[3];
231 krb5_authdata adataent;
233 actx = (krb5_auth_context) NULL;
234 if (!(kret = krb5_auth_con_init(kcontext, &actx)) &&
235 !(kret = ser_data(verbose, "> Vanilla auth context",
237 KV5M_AUTH_CONTEXT))) {
238 memset(&local_address, 0, sizeof(local_address));
239 memset(&remote_address, 0, sizeof(remote_address));
240 memset(laddr_bytes, 0, sizeof(laddr_bytes));
241 memset(raddr_bytes, 0, sizeof(raddr_bytes));
242 local_address.addrtype = ADDRTYPE_INET;
243 local_address.length = sizeof(laddr_bytes);
244 local_address.contents = laddr_bytes;
252 laddr_bytes[7] = 127;
253 remote_address.addrtype = ADDRTYPE_INET;
254 remote_address.length = sizeof(raddr_bytes);
255 remote_address.contents = raddr_bytes;
263 raddr_bytes[7] = 127;
264 if (!(kret = krb5_auth_con_setaddrs(kcontext, actx,
267 !(kret = krb5_auth_con_setports(kcontext, actx,
270 !(kret = ser_data(verbose, "> Auth context with addrs/ports",
272 KV5M_AUTH_CONTEXT))) {
273 memset(&ukeyblock, 0, sizeof(ukeyblock));
274 memset(keydata, 0, sizeof(keydata));
275 ukeyblock.enctype = ENCTYPE_DES_CBC_MD5;
276 ukeyblock.length = sizeof(keydata);
277 ukeyblock.contents = keydata;
286 if (!(kret = krb5_auth_con_setuseruserkey(kcontext, actx,
288 !(kret = ser_data(verbose, "> Auth context with user key",
290 KV5M_AUTH_CONTEXT)) &&
291 !(kret = krb5_auth_con_initivector(kcontext, actx)) &&
292 !(kret = ser_data(verbose, "> Auth context with new vector",
294 KV5M_AUTH_CONTEXT)) &&
295 !(kret = ser_data(verbose, "> Auth context with set vector",
297 KV5M_AUTH_CONTEXT))) {
299 * Finally, add an authenticator.
301 memset(&aent, 0, sizeof(aent));
302 aent.magic = KV5M_AUTHENTICATOR;
303 snprintf(clname, sizeof(clname),
304 "help/me/%d@this.is.a.test", (int) getpid());
305 actx->authentp = &aent;
306 if (!(kret = krb5_parse_name(kcontext, clname,
308 !(kret = ser_data(verbose,
309 "> Auth context with authenticator",
311 KV5M_AUTH_CONTEXT))) {
312 adataent.magic = KV5M_AUTHDATA;
313 adataent.ad_type = 123;
314 adataent.length = 128;
315 adataent.contents = (krb5_octet *) stuff;
316 adatalist[0] = &adataent;
317 adatalist[1] = &adataent;
318 adatalist[2] = (krb5_authdata *) NULL;
319 aent.authorization_data = adatalist;
320 if (!(kret = ser_data(verbose,
321 "> Auth context with full auth",
323 KV5M_AUTH_CONTEXT))) {
325 printf("* krb5_auth_context test succeeded\n");
327 krb5_free_principal(kcontext, aent.client);
329 actx->authentp = (krb5_authenticator *) NULL;
334 krb5_auth_con_free(kcontext, actx);
336 printf("* krb5_auth_context test failed\n");
341 * Serialize krb5_ccache
343 static krb5_error_code
344 ser_ccache_test(krb5_context kcontext, int verbose)
346 krb5_error_code kret;
350 krb5_principal principal;
352 snprintf(ccname, sizeof(ccname), "temp_cc_%d", (int) getpid());
353 snprintf(princname, sizeof(princname),
354 "zowie%d/instance%d@this.is.a.test",
355 (int) getpid(), (int) getpid());
356 if (!(kret = krb5_cc_resolve(kcontext, ccname, &ccache)) &&
357 !(kret = ser_data(verbose, "> Resolved default ccache",
358 (krb5_pointer) ccache, KV5M_CCACHE)) &&
359 !(kret = krb5_parse_name(kcontext, princname, &principal)) &&
360 !(kret = krb5_cc_initialize(kcontext, ccache, principal)) &&
361 !(kret = ser_data(verbose, "> Initialized default ccache",
362 (krb5_pointer) ccache, KV5M_CCACHE)) &&
363 !(kret = krb5_cc_destroy(kcontext, ccache))) {
364 krb5_free_principal(kcontext, principal);
365 snprintf(ccname, sizeof(ccname), "FILE:temp_cc_%d", (int) getpid());
366 snprintf(princname, sizeof(princname), "xxx%d/i%d@this.is.a.test",
367 (int) getpid(), (int) getpid());
368 if (!(kret = krb5_cc_resolve(kcontext, ccname, &ccache)) &&
369 !(kret = ser_data(verbose, "> Resolved FILE ccache",
370 (krb5_pointer) ccache, KV5M_CCACHE)) &&
371 !(kret = krb5_parse_name(kcontext, princname, &principal)) &&
372 !(kret = krb5_cc_initialize(kcontext, ccache, principal)) &&
373 !(kret = ser_data(verbose, "> Initialized FILE ccache",
374 (krb5_pointer) ccache, KV5M_CCACHE)) &&
375 !(kret = krb5_cc_destroy(kcontext, ccache))) {
376 krb5_free_principal(kcontext, principal);
379 printf("* ccache test succeeded\n");
383 printf("* krb5_ccache test failed\n");
388 * Serialize krb5_keytab.
390 static krb5_error_code
391 ser_keytab_test(krb5_context kcontext, int verbose)
393 krb5_error_code kret;
397 snprintf(ccname, sizeof(ccname), "temp_kt_%d", (int) getpid());
398 if (!(kret = krb5_kt_resolve(kcontext, ccname, &keytab)) &&
399 !(kret = ser_data(verbose, "> Resolved default keytab",
400 (krb5_pointer) keytab, KV5M_KEYTAB)) &&
401 !(kret = krb5_kt_close(kcontext, keytab))) {
402 snprintf(ccname, sizeof(ccname), "FILE:temp_kt_%d", (int) getpid());
403 if (!(kret = krb5_kt_resolve(kcontext, ccname, &keytab)) &&
404 !(kret = ser_data(verbose, "> Resolved FILE keytab",
405 (krb5_pointer) keytab, KV5M_KEYTAB)) &&
406 !(kret = krb5_kt_close(kcontext, keytab))) {
407 snprintf(ccname, sizeof(ccname),
408 "WRFILE:temp_kt_%d", (int) getpid());
409 if (!(kret = krb5_kt_resolve(kcontext, ccname, &keytab)) &&
410 !(kret = ser_data(verbose, "> Resolved WRFILE keytab",
411 (krb5_pointer) keytab, KV5M_KEYTAB)) &&
412 !(kret = krb5_kt_close(kcontext, keytab))) {
414 printf("* keytab test succeeded\n");
419 printf("* krb5_keytab test failed\n");
424 * Serialize krb5_rcache.
426 static krb5_error_code
427 ser_rcache_test(krb5_context kcontext, int verbose)
429 krb5_error_code kret;
433 snprintf(rcname, sizeof(rcname), "dfl:temp_rc_%d", (int) getpid());
434 if (!(kret = krb5_rc_resolve_full(kcontext, &rcache, rcname)) &&
435 !(kret = ser_data(verbose, "> Resolved FILE rcache",
436 (krb5_pointer) rcache, KV5M_RCACHE)) &&
437 !(kret = krb5_rc_initialize(kcontext, rcache, 3600*24)) &&
438 !(kret = ser_data(verbose, "> Initialized FILE rcache",
439 (krb5_pointer) rcache, KV5M_RCACHE)) &&
440 !(kret = krb5_rc_destroy(kcontext, rcache))) {
442 printf("* rcache test succeeded\n");
445 printf("* krb5_rcache test failed\n");
450 * Serialize krb5_principal
452 static krb5_error_code
453 ser_princ_test(krb5_context kcontext, int verbose)
455 krb5_error_code kret;
456 krb5_principal princ;
459 snprintf(pname, sizeof(pname),
460 "the/quick/brown/fox/jumped/over/the/lazy/dog/%d@this.is.a.test",
462 if (!(kret = krb5_parse_name(kcontext, pname, &princ))) {
463 if (!(kret = ser_data(verbose, "> Principal",
464 (krb5_pointer) princ, KV5M_PRINCIPAL))) {
466 printf("* principal test succeeded\n");
468 krb5_free_principal(kcontext, princ);
471 printf("* principal test failed\n");
476 * Serialize krb5_checksum.
478 static krb5_error_code
479 ser_cksum_test(krb5_context kcontext, int verbose)
481 krb5_error_code kret;
482 krb5_checksum checksum;
483 krb5_octet ckdata[24];
485 memset(&checksum, 0, sizeof(krb5_checksum));
486 checksum.magic = KV5M_CHECKSUM;
487 if (!(kret = ser_data(verbose, "> NULL checksum",
488 (krb5_pointer) &checksum, KV5M_CHECKSUM))) {
489 checksum.checksum_type = 123;
490 checksum.length = sizeof(ckdata);
491 checksum.contents = ckdata;
492 memcpy(ckdata, &stuff, sizeof(ckdata));
493 if (!(kret = ser_data(verbose, "> checksum with data",
494 (krb5_pointer) &checksum, KV5M_CHECKSUM))) {
496 printf("* checksum test succeeded\n");
500 printf("* checksum test failed\n");
508 main(int argc, char **argv)
510 krb5_error_code kret;
511 krb5_context kcontext;
512 int do_atest, do_ctest, do_ktest, do_rtest, do_xtest;
513 int do_etest, do_ptest, do_stest;
529 while ((option = getopt(argc, argv, "acekprsxvACKPRSX")) != -1) {
581 "%s: usage is %s [-acekprsxvACKPRSX]\n",
587 if ((kret = krb5_init_context(&kcontext))) {
588 com_err(argv[0], kret, "while initializing krb5");
594 kret = ser_kcontext_test(kcontext, verbose);
600 kret = ser_acontext_test(kcontext, verbose);
606 kret = ser_ccache_test(kcontext, verbose);
612 kret = ser_keytab_test(kcontext, verbose);
618 kret = ser_rcache_test(kcontext, verbose);
624 kret = ser_princ_test(kcontext, verbose);
630 kret = ser_cksum_test(kcontext, verbose);
634 krb5_free_context(kcontext);
638 com_err(argv[0], kret, "--- test %cfailed", ch_err);
639 krb5_free_context(kcontext);