Branch data Line data Source code
1 : : /* basic.c --- Basic GSS self tests.
2 : : * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2009, 2010 Simon Josefsson
3 : : *
4 : : * This file is part of the Generic Security Service (GSS).
5 : : *
6 : : * GSS is free software; you can redistribute it and/or modify it
7 : : * under the terms of the GNU General Public License as published by
8 : : * the Free Software Foundation; either version 3 of the License, or
9 : : * (at your option) any later version.
10 : : *
11 : : * GSS is distributed in the hope that it will be useful, but WITHOUT
12 : : * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 : : * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
14 : : * License for more details.
15 : : *
16 : : * You should have received a copy of the GNU General Public License
17 : : * along with GSS; if not, see http://www.gnu.org/licenses or write to
18 : : * the Free Software Foundation, Inc., 51 Franklin Street, Fifth
19 : : * Floor, Boston, MA 02110-1301, USA.
20 : : *
21 : : */
22 : :
23 : : #include "config.h"
24 : :
25 : : #include <stdio.h>
26 : : #include <stdlib.h>
27 : : #include <stdarg.h>
28 : : #include <ctype.h>
29 : : #include <string.h>
30 : :
31 : : /* Get GSS prototypes. */
32 : : #include <gss.h>
33 : :
34 : : #include "utils.c"
35 : :
36 : : int
37 : 1 : main (int argc, char *argv[])
38 : : {
39 : : gss_uint32 maj_stat, min_stat, msgctx;
40 : : gss_buffer_desc bufdesc, bufdesc2;
41 : : gss_name_t service;
42 : : gss_OID_set oids;
43 : : int n;
44 : :
45 : : do
46 [ + - ][ - + ]: 1 : if (strcmp (argv[argc - 1], "-v") == 0 ||
47 : 1 : strcmp (argv[argc - 1], "--verbose") == 0)
48 : 0 : debug = 1;
49 [ + - ][ - + ]: 1 : else if (strcmp (argv[argc - 1], "-b") == 0 ||
50 : 1 : strcmp (argv[argc - 1], "--break-on-error") == 0)
51 : 0 : break_on_error = 1;
52 [ + - ][ + - ]: 1 : else if (strcmp (argv[argc - 1], "-h") == 0 ||
[ - + ]
53 : 1 : strcmp (argv[argc - 1], "-?") == 0 ||
54 : 1 : strcmp (argv[argc - 1], "--help") == 0)
55 : : {
56 : 0 : printf ("Usage: %s [-vbh?] [--verbose] [--break-on-error] [--help]\n",
57 : : argv[0]);
58 : 0 : return 1;
59 : : }
60 [ - + ]: 1 : while (argc-- > 1);
61 : :
62 : : /* OID set tests */
63 : 1 : oids = GSS_C_NO_OID_SET;
64 : 1 : maj_stat = gss_create_empty_oid_set (&min_stat, &oids);
65 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
66 : 1 : success ("gss_create_empty_oid_set() OK\n");
67 : : else
68 : 0 : fail ("gss_create_empty_oid_set() failed (%d,%d)\n", maj_stat, min_stat);
69 : :
70 : : /* Test empty set */
71 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_C_NT_USER_NAME,
72 : : oids, &n);
73 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
74 : 1 : success ("gss_test_oid_set_member() OK\n");
75 : : else
76 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
77 : :
78 [ - + ]: 1 : if (debug)
79 : 0 : printf (" OID present in empty set => %d\n", n);
80 : :
81 [ + - ]: 1 : if (!n)
82 : 1 : success ("gss_test_oid_set_member() OK\n");
83 : : else
84 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
85 : :
86 : : /* Add an OID */
87 : 1 : maj_stat = gss_add_oid_set_member (&min_stat, GSS_C_NT_USER_NAME, &oids);
88 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
89 : 1 : success ("gss_add_oid_set_member() OK\n");
90 : : else
91 : 0 : fail ("gss_add_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
92 : :
93 : : /* Test set for added OID */
94 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_C_NT_USER_NAME,
95 : : oids, &n);
96 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
97 : 1 : success ("gss_test_oid_set_member() OK\n");
98 : : else
99 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
100 : :
101 [ - + ]: 1 : if (debug)
102 : 0 : printf (" OID present in set with the OID added to it => %d\n", n);
103 : :
104 [ + - ]: 1 : if (n)
105 : 1 : success ("gss_test_oid_set_member() OK\n");
106 : : else
107 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
108 : :
109 : : /* Test set for another OID */
110 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_C_NT_ANONYMOUS,
111 : : oids, &n);
112 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
113 : 1 : success ("gss_test_oid_set_member() OK\n");
114 : : else
115 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
116 : :
117 [ - + ]: 1 : if (debug)
118 : 0 : printf (" Another OID present in set without the OID => %d\n", n);
119 : :
120 [ + - ]: 1 : if (!n)
121 : 1 : success ("gss_test_oid_set_member() OK\n");
122 : : else
123 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
124 : :
125 : : /* Add another OID */
126 : 1 : maj_stat = gss_add_oid_set_member (&min_stat, GSS_C_NT_ANONYMOUS, &oids);
127 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
128 : 1 : success ("gss_add_oid_set_member() OK\n");
129 : : else
130 : 0 : fail ("gss_add_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
131 : :
132 : : /* Test set for added OID */
133 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_C_NT_ANONYMOUS,
134 : : oids, &n);
135 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
136 : 1 : success ("gss_test_oid_set_member() OK\n");
137 : : else
138 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
139 : :
140 [ - + ]: 1 : if (debug)
141 : 0 : printf (" Another OID present in set with it added => %d\n", n);
142 : :
143 [ + - ]: 1 : if (n)
144 : 1 : success ("gss_test_oid_set_member() OK\n");
145 : : else
146 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
147 : :
148 : : /* Test set for first OID */
149 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_C_NT_USER_NAME,
150 : : oids, &n);
151 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
152 : 1 : success ("gss_test_oid_set_member() OK\n");
153 : : else
154 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
155 : :
156 [ - + ]: 1 : if (debug)
157 : 0 : printf (" First OID present in set => %d\n", n);
158 : :
159 [ + - ]: 1 : if (n)
160 : 1 : success ("gss_test_oid_set_member() OK\n");
161 : : else
162 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
163 : :
164 : 1 : maj_stat = gss_release_oid_set (&min_stat, &oids);
165 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
166 : 1 : success ("gss_release_oid_set() OK\n");
167 : : else
168 : 0 : fail ("gss_release_oid_set() failed (%d,%d)\n", maj_stat, min_stat);
169 : :
170 : : /* Check mechs */
171 : 1 : oids = GSS_C_NO_OID_SET;
172 : 1 : maj_stat = gss_indicate_mechs (&min_stat, &oids);
173 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
174 : 1 : success ("gss_indicate_mechs() OK\n");
175 : : else
176 : 0 : fail ("gss_indicate_mechs() failed (%d,%d)\n", maj_stat, min_stat);
177 : :
178 : : #ifdef USE_KERBEROS5
179 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_KRB5, oids, &n);
180 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
181 : 1 : success ("gss_test_oid_set_member() OK\n");
182 : : else
183 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
184 : :
185 [ - + ]: 1 : if (debug)
186 : 0 : printf (" kerberos5 supported => %d\n", n);
187 : :
188 [ + - ]: 1 : if (n)
189 : 1 : success ("gss_test_oid_set_member() OK\n");
190 : : else
191 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
192 : : #endif
193 : :
194 : 1 : maj_stat = gss_release_oid_set (&min_stat, &oids);
195 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
196 : 1 : success ("gss_release_oid_set() OK\n");
197 : : else
198 : 0 : fail ("gss_release_oid_set() failed (%d,%d)\n", maj_stat, min_stat);
199 : :
200 : : #ifdef USE_KERBEROS5
201 : 1 : maj_stat = gss_inquire_names_for_mech (&min_stat, GSS_KRB5, &oids);
202 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
203 : 1 : success ("gss_inquire_names_for_mech() OK\n");
204 : : else
205 : 0 : fail ("gss_inquire_names_for_mech() failed (%d,%d)\n", maj_stat,
206 : : min_stat);
207 : :
208 : : /* Check if KRB5 supports PRINCIPAL_NAME name type */
209 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_KRB5_NT_PRINCIPAL_NAME,
210 : : oids, &n);
211 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
212 : 1 : success ("gss_test_oid_set_member() OK\n");
213 : : else
214 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
215 : :
216 [ - + ]: 1 : if (debug)
217 : 0 : printf (" kerberos5 supports PRINCIPAL_NAME name type => %d\n", n);
218 : :
219 [ + - ]: 1 : if (n)
220 : 1 : success ("gss_test_oid_set_member() OK\n");
221 : : else
222 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
223 : :
224 : : /* Check if KRB5 supports HOSTBASED NAME name type */
225 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_C_NT_HOSTBASED_SERVICE,
226 : : oids, &n);
227 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
228 : 1 : success ("gss_test_oid_set_member() OK\n");
229 : : else
230 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
231 : :
232 [ - + ]: 1 : if (debug)
233 : 0 : printf (" kerberos5 supports HOSTBASED_SERVICE name type => %d\n", n);
234 : :
235 [ + - ]: 1 : if (n)
236 : 1 : success ("gss_test_oid_set_member() OK\n");
237 : : else
238 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
239 : :
240 : : /* Check if KRB5 supports ANONYMOUS name type */
241 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_C_NT_ANONYMOUS,
242 : : oids, &n);
243 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
244 : 1 : success ("gss_test_oid_set_member() OK\n");
245 : : else
246 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
247 : :
248 [ - + ]: 1 : if (debug)
249 : 0 : printf (" kerberos5 supports ANONYMOUS name type => %d\n", n);
250 : :
251 [ + - ]: 1 : if (!n)
252 : 1 : success ("gss_test_oid_set_member() OK\n");
253 : : else
254 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
255 : :
256 : 1 : maj_stat = gss_release_oid_set (&min_stat, &oids);
257 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
258 : 1 : success ("gss_release_oid_set() OK\n");
259 : : else
260 : 0 : fail ("gss_release_oid_set() failed (%d,%d)\n", maj_stat, min_stat);
261 : : #endif
262 : :
263 : : /* Check name */
264 : 1 : service = NULL;
265 : 1 : bufdesc.value = (char *) "imap@server.example.org@FOO";
266 : 1 : bufdesc.length = strlen (bufdesc.value);
267 : :
268 : 1 : maj_stat = gss_import_name (&min_stat, &bufdesc, GSS_C_NT_HOSTBASED_SERVICE,
269 : : &service);
270 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
271 : 1 : success ("gss_import_name() OK\n");
272 : : else
273 : 0 : fail ("gss_import_name() failed (%d,%d)\n", maj_stat, min_stat);
274 : :
275 : 1 : maj_stat = gss_display_name (&min_stat, service, &bufdesc2, NULL);
276 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
277 : 1 : success ("gss_display_name() OK\n");
278 : : else
279 : 0 : fail ("gss_display_name() failed (%d,%d)\n", maj_stat, min_stat);
280 : :
281 [ - + ]: 1 : if (debug)
282 : 0 : printf (" display_name() => %d: %.*s\n", bufdesc2.length,
283 : : bufdesc2.length, (char *) bufdesc2.value);
284 : :
285 : 1 : maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
286 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
287 : 1 : success ("gss_release_buffer() OK\n");
288 : : else
289 : 0 : fail ("gss_release_buffer() failed (%d,%d)\n", maj_stat, min_stat);
290 : :
291 : : #ifdef USE_KERBEROS5
292 : : /* NB: "service" resused from previous test */
293 : 1 : maj_stat = gss_inquire_mechs_for_name (&min_stat, service, &oids);
294 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
295 : 1 : success ("gss_inquire_mechs_for_name() OK\n");
296 : : else
297 : 0 : fail ("gss_inquire_mechs_for_name() failed (%d,%d)\n", maj_stat,
298 : : min_stat);
299 : :
300 : : /* Check GSS_C_NT_HOSTBASED_SERVICE name type is supported by KRB5 */
301 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_KRB5, oids, &n);
302 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
303 : 1 : success ("gss_test_oid_set_member() OK\n");
304 : : else
305 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
306 : :
307 [ - + ]: 1 : if (debug)
308 : 0 : printf (" HOSTBASED_SERVICE supported by kerberos5 => %d\n", n);
309 : :
310 [ + - ]: 1 : if (n)
311 : 1 : success ("gss_test_oid_set_member() OK\n");
312 : : else
313 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
314 : :
315 : : /* Dummy OID check */
316 : 1 : maj_stat = gss_test_oid_set_member (&min_stat, GSS_C_NT_ANONYMOUS,
317 : : oids, &n);
318 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
319 : 1 : success ("gss_test_oid_set_member() OK\n");
320 : : else
321 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
322 : :
323 [ - + ]: 1 : if (debug)
324 : 0 : printf (" Dummy oid supported by kerberos5 => %d\n", n);
325 : :
326 [ + - ]: 1 : if (!n)
327 : 1 : success ("gss_test_oid_set_member() OK\n");
328 : : else
329 : 0 : fail ("gss_test_oid_set_member() failed (%d,%d)\n", maj_stat, min_stat);
330 : :
331 : 1 : maj_stat = gss_release_oid_set (&min_stat, &oids);
332 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
333 : 1 : success ("gss_release_oid_set() OK\n");
334 : : else
335 : 0 : fail ("gss_release_oid_set() failed (%d,%d)\n", maj_stat, min_stat);
336 : : #endif
337 : :
338 : : /* Release service allocated earlier. */
339 : 1 : maj_stat = gss_release_name (&min_stat, &service);
340 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
341 : 1 : success ("gss_release_name() OK\n");
342 : : else
343 : 0 : fail ("gss_release_name() failed (%d,%d)\n", maj_stat, min_stat);
344 : :
345 : : /* Check display_status */
346 : 1 : msgctx = 0;
347 : 1 : maj_stat = gss_display_status (&min_stat, GSS_S_COMPLETE, GSS_C_GSS_CODE,
348 : : GSS_C_NO_OID, &msgctx, &bufdesc);
349 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
350 : 1 : success ("gss_display_status() OK\n");
351 : : else
352 : 0 : fail ("gss_display_status() failed (%d,%d)\n", maj_stat, min_stat);
353 : :
354 [ - + ]: 1 : if (debug)
355 : 0 : printf (" Display status for GSS_S_COMPLETE => %*s\n",
356 : : bufdesc.length, (char *) bufdesc.value);
357 : :
358 : 1 : maj_stat = gss_release_buffer (&min_stat, &bufdesc);
359 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
360 : 1 : success ("gss_release_buffer() OK\n");
361 : : else
362 : 0 : fail ("gss_release_buffer() failed (%d,%d)\n", maj_stat, min_stat);
363 : :
364 : : /* Encapsulate. */
365 : 1 : bufdesc.value = (char *) "context token";
366 : 1 : bufdesc.length = strlen (bufdesc.value);
367 : 1 : maj_stat = gss_encapsulate_token (&bufdesc, GSS_C_NT_USER_NAME, &bufdesc2);
368 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
369 : 1 : success ("gss_encapsulate_token() OK\n");
370 : : else
371 : 0 : fail ("gss_encapsulate_token() failed (%d)\n", maj_stat);
372 : :
373 : 1 : maj_stat = gss_decapsulate_token (&bufdesc2, GSS_C_NT_ANONYMOUS, &bufdesc);
374 [ + - ]: 1 : if (maj_stat == GSS_S_DEFECTIVE_TOKEN)
375 : 1 : success ("gss_decapsulate_token(bad oid) OK\n");
376 : : else
377 : 0 : fail ("gss_decapsulate_token() failed (%d)\n", maj_stat);
378 : :
379 : 1 : n = ((char *)bufdesc2.value)[3];
380 : 1 : ((char *)bufdesc2.value)[3] = 42;
381 : 1 : maj_stat = gss_decapsulate_token (&bufdesc2, GSS_C_NT_USER_NAME, &bufdesc);
382 : 1 : ((char *)bufdesc2.value)[3] = n;
383 [ + - ]: 1 : if (maj_stat == GSS_S_DEFECTIVE_TOKEN)
384 : 1 : success ("gss_decapsulate_token(bad length) OK\n");
385 : : else
386 : 0 : fail ("gss_decapsulate_token() failed (%d)\n", maj_stat);
387 : :
388 : 1 : maj_stat = gss_decapsulate_token (&bufdesc2, GSS_C_NT_USER_NAME, &bufdesc);
389 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
390 : 1 : success ("gss_decapsulate_token() OK\n");
391 : : else
392 : 0 : fail ("gss_decapsulate_token() failed (%d)\n", maj_stat);
393 : :
394 : 1 : maj_stat = gss_release_buffer (&min_stat, &bufdesc);
395 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
396 : 1 : success ("gss_release_buffer() OK\n");
397 : : else
398 : 0 : fail ("gss_release_buffer() failed (%d,%d)\n", maj_stat, min_stat);
399 : :
400 : 1 : maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
401 [ + - ]: 1 : if (maj_stat == GSS_S_COMPLETE)
402 : 1 : success ("gss_release_buffer() OK\n");
403 : : else
404 : 0 : fail ("gss_release_buffer() failed (%d,%d)\n", maj_stat, min_stat);
405 : :
406 [ - + ]: 1 : if (debug)
407 : 0 : printf ("Basic self tests done with %d errors\n", error_count);
408 : :
409 : 1 : return error_count ? 1 : 0;
410 : : }
|
