Tidy up GSSAPI test programs

Factor out some common functions used by multiple test programs. Use a common argument format for importing names (p:princname, h:hostbasedname, or u:username) and adjust the Python tests to match it. Use more consistent conventions in test programs and fix some coding style issues. Normalize how the test programs are built.
krb5 · Sep 13, 2012 · d81d68e · d81d68e
1 parent d9af383
commit d81d68e
Show file tree

Hide file tree

Showing 22 changed files with 940 additions and 2,186 deletions.
diff --git a/.gitignore b/.gitignore
@@ -262,10 +262,13 @@ testlog
 /src/tests/gssapi/ccrefresh
 /src/tests/gssapi/t_accname
 /src/tests/gssapi/t_ccselect
+/src/tests/gssapi/t_credstore
 /src/tests/gssapi/t_export_cred
+/src/tests/gssapi/t_export_name
 /src/tests/gssapi/t_gssexts
 /src/tests/gssapi/t_imp_cred
 /src/tests/gssapi/t_imp_name
+/src/tests/gssapi/t_inq_cred
 /src/tests/gssapi/t_namingexts
 /src/tests/gssapi/t_s4u
 /src/tests/gssapi/t_s4u2proxy_krb5

diff --git a/src/tests/gssapi/Makefile.in b/src/tests/gssapi/Makefile.in
@@ -4,61 +4,68 @@ DEFINES = -DUSE_AUTOCONF_H
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
 
-SRCS=	$(srcdir)/t_accname.c $(srcdir)/t_ccselect.c $(srcdir)/t_imp_cred.c \
-	$(srcdir)/t_imp_name.c $(srcdir)/t_s4u.c $(srcdir)/t_s4u2proxy_krb5.c \
-	$(srcdir)/t_namingexts.c $(srcdir)/t_gssexts.c $(srcdir)/t_saslname.c \
-	$(srcdir)/t_credstore.c $(srcdir)/t_export_name.c
+SRCS=	$(srcdir)/t_accname.c $(srcdir)/t_ccselect.c $(srcdir)/t_credstore.c \
+	$(srcdir)/t_export_cred.c $(srcdir)/t_export_name.c \
+	$(srcdir)/t_gssexts.c $(srcdir)/t_imp_cred.c $(srcdir)/t_imp_name.c \
+	$(srcdir)/t_inq_cred.c $(srcdir)/t_namingexts.c $(srcdir)/t_s4u.c \
+	$(srcdir)/t_s4u2proxy_krb5.c $(srcdir)/t_saslname.c \
+	$(srcdir)/t_spnego.c
 
-OBJS=	t_accname.o t_ccselect.o t_imp_cred.o t_imp_name.o t_s4u.o \
-	t_s4u2proxy_krb5.o t_namingexts.o t_gssexts.o t_spnego.o t_saslname.o \
-	t_credstore.o t_export_name.o t_export_cred.o
+OBJS=	ccinit.o ccrefresh.o common.o t_accname.o t_ccselect.o t_credstore.o \
+	t_export_cred.o t_export_name.o t_gssexts.o t_imp_cred.o t_imp_name.o \
+	t_inq_cred.o t_namingexts.o t_s4u.o t_s4u2proxy_krb5.o t_saslname.o \
+	t_spnego.o
 
-all:: t_accname t_ccselect t_imp_cred t_imp_name t_s4u t_s4u2proxy_krb5 \
-	t_namingexts t_gssexts t_spnego t_saslname t_credstore t_export_name \
-	t_export_cred
+COMMON_DEPS= common.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+COMMON_LIBS= common.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
 
-check-pytests:: t_accname t_ccselect t_imp_cred t_inq_cred t_spnego \
-	t_s4u2proxy_krb5 t_s4u t_export_name t_export_cred ccinit ccrefresh
+all:: ccinit ccrefresh t_accname t_ccselect t_credstore t_export_cred \
+	t_export_name t_gssexts t_imp_cred t_imp_name t_inq_cred t_namingexts \
+	t_s4u t_s4u2proxy_krb5 t_saslname t_spnego
+
+check-pytests:: ccinit ccrefresh t_accname t_ccselect t_credstore \
+	t_export_cred t_export_name t_imp_cred t_inq_cred t_s4u \
+	t_s4u2proxy_krb5 t_spnego
 	$(RUNPYTEST) $(srcdir)/t_gssapi.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_ccselect.py $(PYTESTFLAGS)
-	$(RUNPYTEST) $(srcdir)/t_s4u.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_client_keytab.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_export_cred.py $(PYTESTFLAGS)
+	$(RUNPYTEST) $(srcdir)/t_s4u.py $(PYTESTFLAGS)
 
 ccinit: ccinit.o $(KRB5_BASE_DEPLIBS)
 	$(CC_LINK) -o ccinit ccinit.o $(KRB5_BASE_LIBS)
 ccrefresh: ccrefresh.o $(KRB5_BASE_DEPLIBS)
 	$(CC_LINK) -o ccrefresh ccrefresh.o $(KRB5_BASE_LIBS)
-t_accname: t_accname.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_accname t_accname.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_ccselect: t_ccselect.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_ccselect t_ccselect.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_imp_cred: t_imp_cred.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_imp_cred t_imp_cred.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_imp_name: t_imp_name.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_imp_name t_imp_name.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_inq_cred: t_inq_cred.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_inq_cred t_inq_cred.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_s4u: t_s4u.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_s4u t_s4u.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_s4u2proxy_krb5: t_s4u2proxy_krb5.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o $@ t_s4u2proxy_krb5.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_namingexts: t_namingexts.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_namingexts t_namingexts.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_gssexts: t_gssexts.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_gssexts t_gssexts.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_spnego: t_spnego.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_spnego t_spnego.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_saslname: t_saslname.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_saslname t_saslname.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_credstore: t_credstore.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o t_credstore t_credstore.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_export_name: t_export_name.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o $@ t_export_name.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
-t_export_cred: t_export_cred.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o $@ t_export_cred.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
+t_accname: t_accname.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_accname.o $(COMMON_LIBS)
+t_ccselect: t_ccselect.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_ccselect.o $(COMMON_LIBS)
+t_credstore: t_credstore.o $(COMMON_DEPLIBS)
+	$(CC_LINK) -o $@ t_credstore.o $(COMMON_LIBS)
+t_export_cred: t_export_cred.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_export_cred.o $(COMMON_LIBS)
+t_export_name: t_export_name.o $(COMMON_DEPLIBS)
+	$(CC_LINK) -o $@ t_export_name.o $(COMMON_LIBS)
+t_gssexts: t_gssexts.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_gssexts.o $(COMMON_LIBS)
+t_imp_cred: t_imp_cred.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_imp_cred.o $(COMMON_LIBS)
+t_imp_name: t_imp_name.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_imp_name.o $(COMMON_LIBS)
+t_inq_cred: t_inq_cred.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_inq_cred.o $(COMMON_LIBS)
+t_namingexts: t_namingexts.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_namingexts.o $(COMMON_LIBS)
+t_s4u: t_s4u.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_s4u.o $(COMMON_LIBS)
+t_s4u2proxy_krb5: t_s4u2proxy_krb5.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_s4u2proxy_krb5.o $(COMMON_LIBS)
+t_saslname: t_saslname.o $(COMMON_DEPLIBS)
+	$(CC_LINK) -o $@ t_saslname.o $(COMMON_LIBS)
+t_spnego: t_spnego.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_spnego.o $(COMMON_LIBS)
 
 clean::
-	$(RM) t_accname t_ccselect t_imp_cred t_imp_name t_inq_cred t_s4u \
-		t_s4u2proxy_krb5 t_namingexts t_gssexts t_spnego \
-		t_saslname t_credstore t_export_name t_export_cred
+	$(RM) ccinit ccrefresh t_accname t_ccselect t_credstore t_export_cred \
+	$(RM) t_export_name t_gssexts t_imp_cred t_imp_name t_inq_cred
+	$(RM) t_namingexts t_s4u t_s4u2proxy_krb5 t_saslname t_spnego
diff --git a/src/tests/gssapi/common.c b/src/tests/gssapi/common.c
@@ -0,0 +1,211 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/gssapi/common.c - Common utility functions for GSSAPI test programs */
+/*
+ * Copyright (C) 2012 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "common.h"
+
+gss_OID_desc mech_krb5 = { 9, "\052\206\110\206\367\022\001\002\002" };
+gss_OID_desc mech_spnego = { 6, "\053\006\001\005\005\002" };
+gss_OID_desc mech_iakerb = { 6, "\053\006\001\005\002\005" };
+gss_OID_set_desc mechset_krb5 = { 1, &mech_krb5 };
+gss_OID_set_desc mechset_spnego = { 1, &mech_spnego };
+gss_OID_set_desc mechset_iakerb = { 1, &mech_iakerb };
+
+static void
+display_status(const char *msg, OM_uint32 code, int type)
+{
+    OM_uint32 maj_stat, min_stat, msg_ctx = 0;
+    gss_buffer_desc buf;
+
+    do {
+        maj_stat = gss_display_status(&min_stat, code, type, GSS_C_NULL_OID,
+                                      &msg_ctx, &buf);
+        fprintf(stderr, "%s: %.*s\n", msg, (int)buf.length, (char *)buf.value);
+        (void)gss_release_buffer(&min_stat, &buf);
+    } while (msg_ctx != 0);
+}
+
+void
+check_gsserr(const char *msg, OM_uint32 major, OM_uint32 minor)
+{
+    if (GSS_ERROR(major)) {
+        display_status(msg, major, GSS_C_GSS_CODE);
+        display_status(msg, minor, GSS_C_MECH_CODE);
+        exit(1);
+    }
+}
+
+void
+check_k5err(krb5_context context, const char *msg, krb5_error_code code)
+{
+    const char *errmsg;
+
+    if (code) {
+        errmsg = krb5_get_error_message(context, code);
+        printf("%s: %s\n", msg, errmsg);
+        krb5_free_error_message(context, errmsg);
+        exit(1);
+    }
+}
+
+void
+errout(const char *msg)
+{
+    fprintf(stderr, "%s\n", msg);
+    exit(1);
+}
+
+gss_name_t
+import_name(const char *str)
+{
+    OM_uint32 major, minor;
+    gss_name_t name;
+    gss_buffer_desc buf;
+    gss_OID nametype = NULL;
+
+    if (*str == 'u')
+        nametype = GSS_C_NT_USER_NAME;
+    else if (*str == 'p')
+        nametype = (gss_OID)GSS_KRB5_NT_PRINCIPAL_NAME;
+    else if (*str == 'h')
+        nametype = GSS_C_NT_HOSTBASED_SERVICE;
+    if (nametype == NULL || str[1] != ':')
+        errout("names must begin with u: or p: or h:");
+    buf.value = (char *)str + 2;
+    buf.length = strlen(str) - 2;
+    major = gss_import_name(&minor, &buf, nametype, &name);
+    check_gsserr("gss_import_name", major, minor);
+    return name;
+}
+
+void
+display_canon_name(const char *tag, gss_name_t name, gss_OID mech)
+{
+    gss_name_t canon;
+    OM_uint32 major, minor;
+    gss_buffer_desc buf;
+
+    major = gss_canonicalize_name(&minor, name, mech, &canon);
+    check_gsserr("gss_canonicalize_name", major, minor);
+
+    major = gss_display_name(&minor, canon, &buf, NULL);
+    check_gsserr("gss_display_name", major, minor);
+
+    printf("%s:\t%.*s\n", tag, (int)buf.length, (char *)buf.value);
+
+    (void)gss_release_name(&minor, &canon);
+    (void)gss_release_buffer(&minor, &buf);
+}
+
+void
+display_oid(const char *tag, gss_OID oid)
+{
+    OM_uint32 major, minor;
+    gss_buffer_desc buf;
+
+    major = gss_oid_to_str(&minor, oid, &buf);
+    check_gsserr("gss_oid_to_str", major, minor);
+    printf("%s:\t%.*s\n", tag, (int)buf.length, (char *)buf.value);
+    (void)gss_release_buffer(&minor, &buf);
+}
+
+static void
+dump_attribute(gss_name_t name, gss_buffer_t attribute, int noisy)
+{
+    OM_uint32 major, minor;
+    gss_buffer_desc value;
+    gss_buffer_desc display_value;
+    int authenticated = 0;
+    int complete = 0;
+    int more = -1;
+    unsigned int i;
+
+    while (more != 0) {
+        value.value = NULL;
+        display_value.value = NULL;
+
+        major = gss_get_name_attribute(&minor, name, attribute, &authenticated,
+                                       &complete, &value, &display_value,
+                                       &more);
+        check_gsserr("gss_get_name_attribute", major, minor);
+
+        printf("Attribute %.*s %s %s\n\n%.*s\n",
+               (int)attribute->length, (char *)attribute->value,
+               authenticated ? "Authenticated" : "",
+               complete ? "Complete" : "",
+               (int)display_value.length, (char *)display_value.value);
+
+        if (noisy) {
+            for (i = 0; i < value.length; i++) {
+                if ((i % 32) == 0)
+                    printf("\n");
+                printf("%02x", ((char *)value.value)[i] & 0xFF);
+            }
+            printf("\n\n");
+        }
+
+        (void)gss_release_buffer(&minor, &value);
+        (void)gss_release_buffer(&minor, &display_value);
+    }
+}
+
+void
+enumerate_attributes(gss_name_t name, int noisy)
+{
+    OM_uint32 major, minor;
+    int is_mechname;
+    gss_OID mech = GSS_C_NO_OID;
+    gss_buffer_set_t attrs = GSS_C_NO_BUFFER_SET;
+    size_t i;
+
+    major = gss_inquire_name(&minor, name, &is_mechname, &mech, &attrs);
+    check_gsserr("gss_inquire_name", major, minor);
+
+    if (attrs != GSS_C_NO_BUFFER_SET) {
+        for (i = 0; i < attrs->count; i++)
+            dump_attribute(name, &attrs->elements[i], noisy);
+    }
+
+    (void)gss_release_buffer_set(&minor, &attrs);
+}
+
+void
+print_hex(FILE *fp, gss_buffer_t buf)
+{
+    size_t i;
+    const unsigned char *bytes = buf->value;
+
+    for (i = 0; i < buf->length; i++)
+        printf("%02X", bytes[i]);
+    printf("\n");
+}