diff options
Diffstat (limited to 'crypto/krb5/src/tests/gssapi/t_add_cred.c')
| -rw-r--r-- | crypto/krb5/src/tests/gssapi/t_add_cred.c | 137 |
1 files changed, 0 insertions, 137 deletions
diff --git a/crypto/krb5/src/tests/gssapi/t_add_cred.c b/crypto/krb5/src/tests/gssapi/t_add_cred.c deleted file mode 100644 index 7ab52d64496d..000000000000 --- a/crypto/krb5/src/tests/gssapi/t_add_cred.c +++ /dev/null @@ -1,137 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* tests/gssapi/t_add_cred.c - gss_add_cred() tests */ -/* - * Copyright (C) 2018 by the Massachusetts Institute of Technology. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * This program tests the mechglue behavior of gss_add_cred(). It relies on a - * krb5 keytab and credentials being present so that initiator and acceptor - * credentials can be acquired, but does not use them to initiate or accept any - * requests. - */ - -#include <stdio.h> -#include <assert.h> - -#include "common.h" - -int -main(void) -{ - OM_uint32 minor, major; - gss_cred_id_t cred1, cred2; - gss_cred_usage_t usage; - gss_name_t name; - - /* Check that we get the expected error if we pass neither an input nor an - * output cred handle. */ - major = gss_add_cred(&minor, GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME, - &mech_krb5, GSS_C_INITIATE, GSS_C_INDEFINITE, - GSS_C_INDEFINITE, NULL, NULL, NULL, NULL); - assert(major == (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED)); - - /* Regression test for #8737: make sure that desired_name is honored when - * creating a credential by passing in a non-matching name. */ - name = import_name("p:does/not/match@WRONG_REALM"); - major = gss_add_cred(&minor, GSS_C_NO_CREDENTIAL, name, &mech_krb5, - GSS_C_INITIATE, GSS_C_INDEFINITE, GSS_C_INDEFINITE, - &cred1, NULL, NULL, NULL); - assert(major == GSS_S_NO_CRED); - gss_release_name(&minor, &name); - - /* Create cred1 with a krb5 initiator cred by passing an output handle but - * no input handle. */ - major = gss_add_cred(&minor, GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME, - &mech_krb5, GSS_C_INITIATE, GSS_C_INDEFINITE, - GSS_C_INDEFINITE, &cred1, NULL, NULL, NULL); - assert(major == GSS_S_COMPLETE); - - /* Verify that cred1 has the expected mechanism creds. */ - major = gss_inquire_cred_by_mech(&minor, cred1, &mech_krb5, NULL, NULL, - NULL, &usage); - assert(major == GSS_S_COMPLETE && usage == GSS_C_INITIATE); - major = gss_inquire_cred_by_mech(&minor, cred1, &mech_iakerb, NULL, NULL, - NULL, &usage); - assert(major == GSS_S_NO_CRED); - - /* Check that we get the expected error if we try to add another krb5 mech - * cred to cred1. */ - major = gss_add_cred(&minor, cred1, GSS_C_NO_NAME, &mech_krb5, - GSS_C_INITIATE, GSS_C_INDEFINITE, GSS_C_INDEFINITE, - NULL, NULL, NULL, NULL); - assert(major == GSS_S_DUPLICATE_ELEMENT); - - /* Add an IAKERB acceptor mech cred to cred1. */ - major = gss_add_cred(&minor, cred1, GSS_C_NO_NAME, &mech_iakerb, - GSS_C_ACCEPT, GSS_C_INDEFINITE, GSS_C_INDEFINITE, - NULL, NULL, NULL, NULL); - assert(major == GSS_S_COMPLETE); - - /* Verify cred1 mechanism creds. */ - major = gss_inquire_cred_by_mech(&minor, cred1, &mech_krb5, NULL, NULL, - NULL, &usage); - assert(major == GSS_S_COMPLETE && usage == GSS_C_INITIATE); - major = gss_inquire_cred_by_mech(&minor, cred1, &mech_iakerb, NULL, NULL, - NULL, &usage); - assert(major == GSS_S_COMPLETE && usage == GSS_C_ACCEPT); - - /* Start over with another new cred. */ - gss_release_cred(&minor, &cred1); - major = gss_add_cred(&minor, GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME, - &mech_krb5, GSS_C_ACCEPT, GSS_C_INDEFINITE, - GSS_C_INDEFINITE, &cred1, NULL, NULL, NULL); - assert(major == GSS_S_COMPLETE); - - /* Create an expanded cred by passing both an output handle and an input - * handle. */ - major = gss_add_cred(&minor, cred1, GSS_C_NO_NAME, &mech_iakerb, - GSS_C_INITIATE, GSS_C_INDEFINITE, GSS_C_INDEFINITE, - &cred2, NULL, NULL, NULL); - assert(major == GSS_S_COMPLETE); - - /* Verify mechanism creds in cred1 and cred2. */ - major = gss_inquire_cred_by_mech(&minor, cred1, &mech_krb5, NULL, NULL, - NULL, &usage); - assert(major == GSS_S_COMPLETE && usage == GSS_C_ACCEPT); - major = gss_inquire_cred_by_mech(&minor, cred1, &mech_iakerb, NULL, NULL, - NULL, &usage); - assert(major == GSS_S_NO_CRED); - major = gss_inquire_cred_by_mech(&minor, cred2, &mech_krb5, NULL, NULL, - NULL, &usage); - assert(major == GSS_S_COMPLETE && usage == GSS_C_ACCEPT); - major = gss_inquire_cred_by_mech(&minor, cred2, &mech_iakerb, NULL, NULL, - NULL, &usage); - assert(major == GSS_S_COMPLETE && usage == GSS_C_INITIATE); - - gss_release_cred(&minor, &cred1); - gss_release_cred(&minor, &cred2); - - return 0; -} |