LCOV - code coverage report
Current view: top level - tests - gssapi.c (source / functions) Hit Total Coverage
Test: GNU SASL Lines: 7 87 8.0 %
Date: 2024-01-02 22:40:18 Functions: 1 2 50.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /* gssapi.c --- Test the GSSAPI mechanism.
       2             :  * Copyright (C) 2002-2024 Simon Josefsson
       3             :  *
       4             :  * This file is part of GNU SASL.
       5             :  *
       6             :  * This program is free software: you can redistribute it and/or modify
       7             :  * it under the terms of the GNU General Public License as published by
       8             :  * the Free Software Foundation, either version 3 of the License, or
       9             :  * (at your option) any later version.
      10             :  *
      11             :  * This program is distributed in the hope that it will be useful,
      12             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      13             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      14             :  * GNU General Public License for more details.
      15             :  *
      16             :  * You should have received a copy of the GNU General Public License
      17             :  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
      18             :  *
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : 
      23             : #include <stdio.h>
      24             : #include <stdarg.h>
      25             : #include <stdlib.h>
      26             : #include <string.h>
      27             : #include <stdbool.h>
      28             : 
      29             : #include "utils.h"
      30             : 
      31             : #define SERVICE "host"
      32             : #define HOST "latte.josefsson.org"
      33             : #define GSSAPI_USER "jas"
      34             : 
      35             : static const char *USERNAME[] = {
      36             :   "foo", "BABABA", "jas", "hepp", "@", NULL
      37             : };
      38             : 
      39             : size_t i;
      40             : 
      41             : static int
      42           0 : callback (Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop)
      43             : {
      44           0 :   int rc = GSASL_NO_CALLBACK;
      45             : 
      46             :   (void) ctx;
      47             : 
      48           0 :   switch (prop)
      49             :     {
      50           0 :     case GSASL_AUTHID:
      51           0 :       fail ("AUTHID should never be invoked by GSS-API mechanism!\n");
      52           0 :       break;
      53             : 
      54           0 :     case GSASL_AUTHZID:
      55           0 :       rc = gsasl_property_set (sctx, GSASL_AUTHZID, USERNAME[i]);
      56           0 :       break;
      57             : 
      58           0 :     case GSASL_SERVICE:
      59           0 :       rc = gsasl_property_set (sctx, prop, SERVICE);
      60           0 :       break;
      61             : 
      62           0 :     case GSASL_HOSTNAME:
      63           0 :       rc = gsasl_property_set (sctx, prop, HOST);
      64           0 :       break;
      65             : 
      66           0 :     case GSASL_VALIDATE_GSSAPI:
      67             :       {
      68             :         const char *client_name =
      69           0 :           gsasl_property_fast (sctx, GSASL_GSSAPI_DISPLAY_NAME);
      70           0 :         const char *authzid = gsasl_property_fast (sctx, GSASL_AUTHZID);
      71             : 
      72           0 :         printf ("GSSAPI user: %s\n", client_name);
      73           0 :         printf ("Authorization ID: %s\n", authzid);
      74             : 
      75           0 :         if (strcmp (client_name, GSSAPI_USER) == 0 &&
      76           0 :             ((USERNAME[i] == NULL && authzid == NULL)
      77           0 :              || (USERNAME[i] != NULL && strcmp (authzid, USERNAME[i]) == 0)))
      78           0 :           rc = GSASL_OK;
      79             :         else
      80           0 :           rc = GSASL_AUTHENTICATION_ERROR;
      81             :       }
      82           0 :       break;
      83             : 
      84           0 :     default:
      85           0 :       fail ("Unknown callback property %u\n", prop);
      86           0 :       break;
      87             :     }
      88             : 
      89           0 :   return rc;
      90             : }
      91             : 
      92             : void
      93           1 : doit (void)
      94             : {
      95           1 :   Gsasl *ctx = NULL;
      96           1 :   Gsasl_session *server = NULL, *client = NULL;
      97           1 :   char *s1 = NULL, *s2 = NULL;
      98             :   int rc, res1, res2;
      99             : 
     100           1 :   if (getenv ("GNUGSS") == NULL || strcmp (getenv ("GNUGSS"), "yes") != 0)
     101             :     {
     102           1 :       fail ("Not using GNU GSS, skipping self-test.\n");
     103           1 :       exit (77);
     104             :     }
     105             : 
     106           0 :   rc = gsasl_init (&ctx);
     107           0 :   if (rc != GSASL_OK)
     108             :     {
     109           0 :       fail ("gsasl_init() failed (%d):\n%s\n", rc, gsasl_strerror (rc));
     110           0 :       return;
     111             :     }
     112             : 
     113           0 :   if (!gsasl_client_support_p (ctx, "GSSAPI")
     114           0 :       || !gsasl_server_support_p (ctx, "GSSAPI"))
     115             :     {
     116           0 :       gsasl_done (ctx);
     117           0 :       fail ("No support for GSSAPI.\n");
     118           0 :       exit (77);
     119             :     }
     120             : 
     121           0 :   gsasl_callback_set (ctx, callback);
     122             : 
     123           0 :   for (i = 0; i < 6; i++)
     124             :     {
     125           0 :       bool server_first = (i % 2) == 0;
     126             : 
     127           0 :       rc = gsasl_server_start (ctx, "GSSAPI", &server);
     128           0 :       if (rc != GSASL_OK)
     129             :         {
     130           0 :           fail ("gsasl_server_start() failed (%d):\n%s\n",
     131             :                 rc, gsasl_strerror (rc));
     132           0 :           return;
     133             :         }
     134           0 :       rc = gsasl_client_start (ctx, "GSSAPI", &client);
     135           0 :       if (rc != GSASL_OK)
     136             :         {
     137           0 :           fail ("gsasl_client_start() failed (%d):\n%s\n",
     138             :                 rc, gsasl_strerror (rc));
     139           0 :           return;
     140             :         }
     141             : 
     142             :       do
     143             :         {
     144           0 :           res1 = gsasl_step64 (server_first ? server : client, s1, &s2);
     145           0 :           if (s1)
     146             :             {
     147           0 :               gsasl_free (s1);
     148           0 :               s1 = NULL;
     149             :             }
     150           0 :           if (res1 != GSASL_OK && res1 != GSASL_NEEDS_MORE)
     151             :             {
     152           0 :               fail ("gsasl_step64 (1) failed (%d):\n%s\n", res1,
     153             :                     gsasl_strerror (res1));
     154           0 :               return;
     155             :             }
     156             : 
     157           0 :           if (debug)
     158           0 :             printf ("%c: %s [%c]\n", server_first ? 'S' : 'C',
     159             :                     s2, res1 == GSASL_OK ? 'O' : 'N');
     160             : 
     161           0 :           if (res1 == GSASL_OK && strcmp (s2, "") == 0)
     162             :             {
     163           0 :               gsasl_free (s2);
     164           0 :               break;
     165             :             }
     166             : 
     167           0 :           res2 = gsasl_step64 (server_first ? client : server, s2, &s1);
     168           0 :           gsasl_free (s2);
     169           0 :           if (res2 != GSASL_OK && res2 != GSASL_NEEDS_MORE)
     170             :             {
     171           0 :               fail ("gsasl_step64 (2) failed (%d):\n%s\n", res2,
     172             :                     gsasl_strerror (res2));
     173             :               /* likely gss without krb5 */
     174           0 :               if (res2 == GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR)
     175           0 :                 exit (77);
     176           0 :               return;
     177             :             }
     178             : 
     179           0 :           if (debug)
     180           0 :             printf ("%c: %s [%c]\n", server_first ? 'C' : 'S',
     181             :                     s1, res2 == GSASL_OK ? 'O' : 'N');
     182             :         }
     183           0 :       while (res1 != GSASL_OK || res2 != GSASL_OK);
     184             : 
     185           0 :       if (s1)
     186             :         {
     187           0 :           gsasl_free (s1);
     188           0 :           s1 = NULL;
     189             :         }
     190             : 
     191           0 :       if (debug)
     192           0 :         printf ("\n");
     193             : 
     194           0 :       gsasl_finish (client);
     195           0 :       gsasl_finish (server);
     196             :     }
     197             : 
     198           0 :   gsasl_done (ctx);
     199             : }

Generated by: LCOV version 1.16