File: | examples/server.c |
Warning: | line 169, column 3 Value stored to 'rc' is never read |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* server.c --- Sample server with authentication using Shishi. |
2 | * Copyright (C) 2003-2022 Simon Josefsson |
3 | * |
4 | * This file is part of Shishi. |
5 | * |
6 | * Shishi is free software; you can redistribute it and/or modify it |
7 | * under the terms of the GNU General Public License as published by |
8 | * the Free Software Foundation; either version 3 of the License, or |
9 | * (at your option) any later version. |
10 | * |
11 | * Shishi is distributed in the hope that it will be useful, but |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
14 | * General Public License for more details. |
15 | * |
16 | * You should have received a copy of the GNU General Public License |
17 | * along with Shishi; if not, see http://www.gnu.org/licenses or write |
18 | * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth |
19 | * Floor, Boston, MA 02110-1301, USA |
20 | * |
21 | */ |
22 | |
23 | #ifdef HAVE_CONFIG_H1 |
24 | # include <config.h> |
25 | #endif |
26 | |
27 | #include <stdio.h> |
28 | #include <stdlib.h> |
29 | |
30 | #include <shishi.h> |
31 | |
32 | #define SERVICE"sample" "sample" |
33 | |
34 | /* XXX remove this */ |
35 | const char *program_name = "client"; |
36 | |
37 | static int |
38 | doit (Shishi * h, Shishi_ap * ap, int verbose) |
39 | { |
40 | Shishi_asn1 asn1safe; |
41 | Shishi_safe *safe; |
42 | char *userdata; |
43 | size_t userdatalen; |
44 | int res; |
45 | |
46 | printf ("Application exchange start. Press ^D to finish.\n"); |
47 | |
48 | while ((res = shishi_safe_parse (h, stdinstdin, &asn1safe)) == SHISHI_OK) |
49 | { |
50 | if (res != SHISHI_OK) |
51 | { |
52 | fprintf (stderrstderr, "Could not read SAFE:\n%s\n%s\n", |
53 | shishi_strerror (res), shishi_error (h)); |
54 | return 1; |
55 | } |
56 | |
57 | res = shishi_safe (h, &safe); |
58 | if (res != SHISHI_OK) |
59 | { |
60 | fprintf (stderrstderr, "Could not create SAFE:\n%s\n%s\n", |
61 | shishi_strerror (res), shishi_error (h)); |
62 | return 1; |
63 | } |
64 | |
65 | shishi_safe_safe_set (safe, asn1safe); |
66 | |
67 | res = shishi_safe_verify (safe, shishi_ap_key (ap)); |
68 | if (res != SHISHI_OK) |
69 | { |
70 | fprintf (stderrstderr, "Could not verify SAFE:\n%s\n%s\n", |
71 | shishi_strerror (res), shishi_error (h)); |
72 | return 1; |
73 | } |
74 | |
75 | printf ("Verified SAFE successfully...\n"); |
76 | |
77 | res = shishi_safe_user_data (h, asn1safe, &userdata, &userdatalen); |
78 | if (res != SHISHI_OK) |
79 | { |
80 | fprintf (stderrstderr, "Could not extract user data:\n%s\n%s\n", |
81 | shishi_strerror (res), shishi_error (h)); |
82 | return 1; |
83 | } |
84 | userdata[userdatalen] = '\0'; |
85 | printf ("user data: `%s'\n", userdata); |
86 | |
87 | } |
88 | |
89 | if (ferror (stdinstdin)) |
90 | { |
91 | printf ("error reading stdin\n"); |
92 | return 1; |
93 | } |
94 | |
95 | return 0; |
96 | } |
97 | |
98 | static Shishi_ap * |
99 | auth (Shishi * h, int verbose, const char *cname, const char *sname) |
100 | { |
101 | Shishi_key *key; |
102 | Shishi_ap *ap; |
103 | Shishi_asn1 apreq; |
104 | char *buf; |
105 | size_t buflen; |
106 | int rc; |
107 | |
108 | printf ("Client: %s\n", cname); |
109 | printf ("Server: %s\n", sname); |
110 | |
111 | /* Get key for the server. */ |
112 | |
113 | key = shishi_hostkeys_for_server (h, sname); |
114 | if (!key) |
115 | { |
116 | printf ("could not find key: %s\n", shishi_error (h)); |
117 | return NULL((void*)0); |
118 | } |
119 | |
120 | if (verbose) |
121 | shishi_key_print (h, stderrstderr, key); |
122 | |
123 | /* Read Authentication request from client */ |
124 | |
125 | printf ("Waiting for client to authenticate itself...\n"); |
126 | |
127 | rc = shishi_apreq_parse (h, stdinstdin, &apreq); |
128 | if (rc != SHISHI_OK) |
129 | { |
130 | printf ("could not read AP-REQ: %s\n", shishi_strerror (rc)); |
131 | return NULL((void*)0); |
132 | } |
133 | |
134 | /* Create Authentication context */ |
135 | |
136 | rc = shishi_ap (h, &ap); |
137 | if (rc != SHISHI_OK) |
138 | { |
139 | printf ("Could not create AP: %s\n", shishi_strerror (rc)); |
140 | return NULL((void*)0); |
141 | } |
142 | |
143 | /* Store request in context */ |
144 | |
145 | shishi_ap_req_set (ap, apreq); |
146 | |
147 | /* Process authentication request */ |
148 | |
149 | rc = shishi_ap_req_process (ap, key); |
150 | if (rc != SHISHI_OK) |
151 | { |
152 | printf ("Could not process AP-REQ: %s\n", shishi_strerror (rc)); |
153 | return NULL((void*)0); |
154 | } |
155 | |
156 | if (verbose) |
157 | shishi_authenticator_print (h, stderrstderr, shishi_ap_authenticator (ap)); |
158 | |
159 | rc = shishi_authenticator_client (h, shishi_ap_authenticator (ap), |
160 | &buf, &buflen); |
161 | printf ("Client name (from authenticator): %.*s\n", (int) buflen, buf); |
162 | free (buf); |
163 | |
164 | rc = shishi_encticketpart_clientrealm |
165 | (h, shishi_tkt_encticketpart (shishi_ap_tkt (ap)), &buf, &buflen); |
166 | printf ("Client name (from encticketpart): %.*s\n", (int) buflen, buf); |
167 | free (buf); |
168 | |
169 | rc = shishi_ticket_server (h, shishi_tkt_ticket (shishi_ap_tkt (ap)), |
Value stored to 'rc' is never read | |
170 | &buf, &buflen); |
171 | printf ("Server name (from ticket): %.*s\n", (int) buflen, buf); |
172 | free (buf); |
173 | |
174 | /* User is authenticated. */ |
175 | |
176 | printf ("User authenticated.\n"); |
177 | |
178 | /* Authenticate ourself to client, if request */ |
179 | |
180 | if (shishi_apreq_mutual_required_p (h, apreq)) |
181 | { |
182 | Shishi_asn1 aprep; |
183 | |
184 | printf ("Mutual authentication required.\n"); |
185 | |
186 | rc = shishi_ap_rep_asn1 (ap, &aprep); |
187 | if (rc != SHISHI_OK) |
188 | { |
189 | printf ("Error creating AP-REP: %s\n", shishi_strerror (rc)); |
190 | return NULL((void*)0); |
191 | } |
192 | |
193 | if (verbose) |
194 | shishi_encapreppart_print (h, stderrstderr, shishi_ap_encapreppart (ap)); |
195 | |
196 | shishi_aprep_print (h, stdoutstdout, aprep); |
197 | |
198 | /* We are authenticated to client */ |
199 | } |
200 | |
201 | return ap; |
202 | } |
203 | |
204 | int |
205 | main (int argc, char *argv[]) |
206 | { |
207 | Shishi *h; |
208 | Shishi_ap *ap; |
209 | char *sname; |
210 | int rc; |
211 | |
212 | printf ("sample-server (shishi " SHISHI_VERSION"1.0.3.7-c46a" ")\n"); |
213 | |
214 | if (!shishi_check_version (SHISHI_VERSION"1.0.3.7-c46a")) |
215 | { |
216 | printf ("shishi_check_version() failed:\n" |
217 | "Header file incompatible with shared library.\n"); |
218 | return 1; |
219 | } |
220 | |
221 | rc = shishi_init_server (&h); |
222 | if (rc != SHISHI_OK) |
223 | { |
224 | printf ("error initializing shishi: %s\n", shishi_strerror (rc)); |
225 | return 1; |
226 | } |
227 | |
228 | if (argc > 1) |
229 | sname = argv[1]; |
230 | else |
231 | sname = shishi_server_for_local_service (h, SERVICE"sample"); |
232 | |
233 | ap = auth (h, 1, shishi_principal_default (h), sname); |
234 | |
235 | if (ap) |
236 | rc = doit (h, ap, 1); |
237 | else |
238 | rc = 1; |
239 | |
240 | shishi_done (h); |
241 | |
242 | return rc; |
243 | } |