2 * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "test_locl.h"
40 proto (int sock, const char *hostname, const char *service)
42 struct sockaddr_storage remote, local;
44 krb5_address remote_addr, local_addr;
47 krb5_auth_context auth_context;
48 krb5_error_code status;
49 krb5_principal client;
52 krb5_creds mcred, cred;
55 addrlen = sizeof(local);
56 if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0
57 || addrlen > sizeof(local))
58 err (1, "getsockname(%s)", hostname);
60 addrlen = sizeof(remote);
61 if (getpeername (sock, (struct sockaddr *)&remote, &addrlen) < 0
62 || addrlen > sizeof(remote))
63 err (1, "getpeername(%s)", hostname);
65 status = krb5_init_context(&context);
67 errx(1, "krb5_init_context failed: %d", status);
69 status = krb5_cc_default (context, &ccache);
71 krb5_err(context, 1, status, "krb5_cc_default");
73 status = krb5_auth_con_init (context, &auth_context);
75 krb5_err(context, 1, status, "krb5_auth_con_init");
77 status = krb5_sockaddr2address (context, (struct sockaddr *)&local, &local_addr);
79 krb5_err(context, 1, status, "krb5_sockaddr2address(local)");
80 status = krb5_sockaddr2address (context, (struct sockaddr *)&remote, &remote_addr);
82 krb5_err(context, 1, status, "krb5_sockaddr2address(remote)");
84 status = krb5_auth_con_setaddrs (context,
89 krb5_err(context, 1, status, "krb5_auth_con_setaddr");
91 krb5_cc_clear_mcred(&mcred);
93 status = krb5_cc_get_principal(context, ccache, &client);
95 krb5_err(context, 1, status, "krb5_cc_get_principal");
96 status = krb5_make_principal(context, &mcred.server,
97 krb5_principal_get_realm(context, client),
99 krb5_principal_get_realm(context, client),
102 krb5_err(context, 1, status, "krb5_make_principal");
103 mcred.client = client;
105 status = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred);
107 krb5_err(context, 1, status, "krb5_cc_retrieve_cred");
112 status = krb5_unparse_name(context, cred.client, &client_name);
114 krb5_err(context, 1, status, "krb5_unparse_name");
115 data.data = client_name;
116 data.length = strlen(client_name) + 1;
117 status = krb5_write_message(context, &sock, &data);
119 krb5_err(context, 1, status, "krb5_write_message");
123 status = krb5_write_message(context, &sock, &cred.ticket);
125 krb5_err(context, 1, status, "krb5_write_message");
127 status = krb5_auth_con_setuserkey(context, auth_context, &cred.session);
129 krb5_err(context, 1, status, "krb5_auth_con_setuserkey");
131 status = krb5_recvauth(context, &auth_context, &sock,
132 VERSION, client, 0, NULL, &ticket);
135 krb5_err(context, 1, status, "krb5_recvauth");
137 if (ticket->ticket.authorization_data) {
138 AuthorizationData *authz;
141 printf("Authorization data:\n");
143 authz = ticket->ticket.authorization_data;
144 for (i = 0; i < authz->len; i++) {
145 printf("\ttype %d, length %lu\n",
146 authz->val[i].ad_type,
147 (unsigned long)authz->val[i].ad_data.length);
154 krb5_data_zero (&packet);
156 status = krb5_mk_safe (context,
162 krb5_err(context, 1, status, "krb5_mk_safe");
164 status = krb5_write_message(context, &sock, &packet);
166 krb5_err(context, 1, status, "krb5_write_message");
168 data.data = "hemligt";
171 krb5_data_free (&packet);
173 status = krb5_mk_priv (context,
179 krb5_err(context, 1, status, "krb5_mk_priv");
181 status = krb5_write_message(context, &sock, &packet);
183 krb5_err(context, 1, status, "krb5_write_message");
188 main(int argc, char **argv)
190 int port = client_setup(&context, &argc, argv);
191 return client_doit (argv[argc], port, service, proto);