87 #define FREE(x, n) free(x)
88 #endif /* _KERNEL */
89
90 static gss_OID gss_str2oid(char *);
91 static char * gss_oid2str(gss_OID);
92 static void instructs();
93 static void usage();
94 static int parse_input_line(char *, int *, char ***);
95 extern uid_t getuid();
96
97 static void _gss_init_sec_context(int, char **);
98 static void _gss_acquire_cred(int, char **);
99 static void _gss_add_cred(int, char **);
100 static void _gss_sign(int, char **);
101 static void _gss_release_cred(int, char **);
102 static void _gss_accept_sec_context(int, char **);
103 static void _gss_process_context_token(int, char **);
104 static void _gss_delete_sec_context(int, char **);
105 static void _gss_context_time(int, char **);
106 static void _gss_verify(int, char **);
107 /* EXPORT DELETE START */
108 static void _gss_seal(int, char **);
109 static void _gss_unseal(int, char **);
110 /* EXPORT DELETE END */
111 static void _gss_display_status(int, char **);
112 static void _gss_indicate_mechs(int, char **);
113 static void _gss_inquire_cred(int, char **);
114 static void _gssd_expname_to_unix_cred(int, char **);
115 static void _gssd_name_to_unix_cred(int, char **);
116 static void _gssd_get_group_info(int, char **);
117
118 static int do_gssdtest(char *buf);
119
120
121 #ifndef _KERNEL
122 static int read_line(char *buf, int size)
123 {
124 int len;
125
126 /* read the next line. If cntl-d, return with zero char count */
127 printf(gettext("\n> "));
128
129 if (fgets(buf, size, stdin) == NULL)
130 return (0);
203 argv++;
204
205 if (strcmp(cmd, "gss_loop") == 0 ||
206 strcmp(cmd, "loop") == 0) {
207
208 if (argc < 1) {
209 usage();
210 FREE(argv_array, (argc+2) * sizeof (char *));
211 return (0);
212 }
213 for (i = 0; i < LOOP_COUNTER; i++) {
214 printf(gettext("Loop Count is %d \n"), i);
215 /*
216 * if (i > 53)
217 * printf ("Loop counter is greater than 55\n");
218 */
219 _gss_acquire_cred(argc, argv);
220 _gss_init_sec_context(argc, argv);
221 _gss_accept_sec_context(0, argv);
222 _gss_init_sec_context(argc, argv);
223 /* EXPORT DELETE START */
224 seal_argc = 2;
225 _gss_seal(seal_argc, seal_ini_array);
226 seal_argc = 1;
227 _gss_unseal(seal_argc, unseal_acc_array);
228 seal_argc = 2;
229 _gss_seal(seal_argc, seal_acc_array);
230 seal_argc = 1;
231 _gss_unseal(seal_argc, unseal_ini_array);
232 /* EXPORT DELETE END */
233 seal_argc = 2;
234 _gss_sign(seal_argc, seal_ini_array);
235 seal_argc = 1;
236 _gss_verify(seal_argc, unseal_acc_array);
237 seal_argc = 2;
238 _gss_sign(seal_argc, seal_acc_array);
239 seal_argc = 1;
240 _gss_verify(seal_argc, unseal_ini_array);
241 _gss_delete_sec_context(argc, delet_acc_array);
242 _gss_delete_sec_context(argc, delet_ini_array);
243 }
244 }
245 if (strcmp(cmd, "gss_all") == 0 ||
246 strcmp(cmd, "all") == 0) {
247 _gss_acquire_cred(argc, argv);
248 _gss_init_sec_context(argc, argv);
249 _gss_accept_sec_context(0, argv);
250 _gss_init_sec_context(argc, argv);
251 /* EXPORT DELETE START */
252 seal_argc = 2;
253 _gss_seal(seal_argc, seal_acc_array);
254 seal_argc = 1;
255 _gss_unseal(seal_argc, unseal_ini_array);
256 seal_argc = 2;
257 _gss_seal(seal_argc, seal_ini_array);
258 seal_argc = 1;
259 _gss_unseal(seal_argc, unseal_acc_array);
260 /* EXPORT DELETE END */
261 seal_argc = 2;
262 _gss_sign(seal_argc, seal_ini_array);
263 seal_argc = 1;
264 _gss_verify(seal_argc, unseal_acc_array);
265 seal_argc = 2;
266 _gss_sign(seal_argc, seal_acc_array);
267 seal_argc = 1;
268 _gss_verify(seal_argc, unseal_ini_array);
269
270 }
271 if (strcmp(cmd, "gss_acquire_cred") == 0 ||
272 strcmp(cmd, "acquire") == 0) {
273 _gss_acquire_cred(argc, argv);
274 if (argc == 1)
275 _gss_add_cred(argc, argv);
276 }
277
278 else if (strcmp(cmd, "gss_release_cred") == 0 ||
279 strcmp(cmd, "release") == 0)
280 _gss_release_cred(argc, argv);
282 strcmp(cmd, "init") == 0)
283 _gss_init_sec_context(argc, argv);
284 else if (strcmp(cmd, "gss_accept_sec_context") == 0 ||
285 strcmp(cmd, "accept") == 0)
286 _gss_accept_sec_context(argc, argv);
287 else if (strcmp(cmd, "gss_process_context_token") == 0 ||
288 strcmp(cmd, "process") == 0)
289 _gss_process_context_token(argc, argv);
290 else if (strcmp(cmd, "gss_delete_sec_context") == 0 ||
291 strcmp(cmd, "delete") == 0)
292 _gss_delete_sec_context(argc, argv);
293 else if (strcmp(cmd, "gss_context_time") == 0 ||
294 strcmp(cmd, "time") == 0)
295 _gss_context_time(argc, argv);
296 else if (strcmp(cmd, "gss_sign") == 0 ||
297 strcmp(cmd, "sign") == 0)
298 _gss_sign(argc, argv);
299 else if (strcmp(cmd, "gss_verify") == 0 ||
300 strcmp(cmd, "verify") == 0)
301 _gss_verify(argc, argv);
302 /* EXPORT DELETE START */
303 else if (strcmp(cmd, "gss_seal") == 0 ||
304 strcmp(cmd, "seal") == 0)
305 _gss_seal(argc, argv);
306 else if (strcmp(cmd, "gss_unseal") == 0 ||
307 strcmp(cmd, "unseal") == 0)
308 _gss_unseal(argc, argv);
309 /* EXPORT DELETE END */
310 else if (strcmp(cmd, "gss_display_status") == 0||
311 strcmp(cmd, "status") == 0)
312 _gss_display_status(argc, argv);
313 else if (strcmp(cmd, "gss_indicate_mechs") == 0 ||
314 strcmp(cmd, "indicate") == 0)
315 _gss_indicate_mechs(argc, argv);
316 else if (strcmp(cmd, "gss_inquire_cred") == 0 ||
317 strcmp(cmd, "inquire") == 0)
318 _gss_inquire_cred(argc, argv);
319 else if (strcmp(cmd, "expname2unixcred") == 0 ||
320 strcmp(cmd, "gsscred_expname_to_unix_cred") == 0)
321 _gssd_expname_to_unix_cred(argc, argv);
322 else if (strcmp(cmd, "name2unixcred") == 0 ||
323 strcmp(cmd, "gsscred_name_to_unix_cred") == 0)
324 _gssd_name_to_unix_cred(argc, argv);
325 else if (strcmp(cmd, "grpinfo") == 0 ||
326 strcmp(cmd, "gss_get_group_info") == 0)
327 _gssd_get_group_info(argc, argv);
328 else if (strcmp(cmd, "exit") == 0) {
329 printf(gettext("\n"));
1503 } else {
1504
1505 /* print out the verified message */
1506
1507 printf(gettext(
1508 "verified message = \"%s\"\n\n"), message_buffer.value);
1509
1510 /* print out the quality of protection returned */
1511
1512 printf(gettext("quality of protection = %d \n\n"), qop_state);
1513
1514 /* free the message buffer and message token and return */
1515
1516 gss_release_buffer(&minor_status, &message_buffer);
1517 gss_release_buffer(&minor_status, &msg_token);
1518
1519 return;
1520 }
1521 }
1522
1523 /* EXPORT DELETE START */
1524 static void
1525 _gss_seal(argc, argv)
1526 int argc;
1527 char **argv;
1528 {
1529 OM_UINT32 status;
1530
1531 OM_uint32 minor_status;
1532 gss_ctx_id_t context_handle;
1533 int conf_req_flag;
1534 int qop_req;
1535 gss_buffer_desc input_message_buffer;
1536 int conf_state;
1537 uid_t uid;
1538
1539 uid = (uid_t) getuid();
1540
1541 /*
1542 * specify the default confidentiality requested (both integrity
1543 * and confidentiality) and quality of protection
1671
1672 if (status == GSS_S_COMPLETE) {
1673 printf(gettext("\nunseal succeeded\n\n"));
1674 printf(gettext("unsealed message = \"%s\"\n\n"),
1675 output_message_buffer.value);
1676 if (conf_state)
1677 printf(gettext("confidentiality and integrity used\n"));
1678 else
1679 printf(gettext("only integrity used\n"));
1680 printf(gettext("quality of protection = %d\n\n"), qop_state);
1681 gss_release_buffer(&minor_status, &output_message_buffer);
1682 } else {
1683 printf(gettext("server ret err (octal) %o (%s)\n"),
1684 status, gettext("gss_unseal error"));
1685 }
1686
1687 /* free the message buffer and return */
1688
1689 gss_release_buffer(&minor_status, &message_buffer);
1690 }
1691 /* EXPORT DELETE END */
1692
1693 static void
1694 _gss_display_status(argc, argv)
1695 int argc;
1696 char **argv;
1697 {
1698 OM_UINT32 status;
1699 OM_uint32 minor_status;
1700 int status_type;
1701 int status_value;
1702 gss_OID mech_type = (gss_OID) 0;
1703 int message_context;
1704 gss_buffer_desc status_string;
1705 uid_t uid;
1706
1707 uid = (uid_t) getuid();
1708
1709 /* initialize message context to zero */
1710
1711 message_context = 0;
|
87 #define FREE(x, n) free(x)
88 #endif /* _KERNEL */
89
90 static gss_OID gss_str2oid(char *);
91 static char * gss_oid2str(gss_OID);
92 static void instructs();
93 static void usage();
94 static int parse_input_line(char *, int *, char ***);
95 extern uid_t getuid();
96
97 static void _gss_init_sec_context(int, char **);
98 static void _gss_acquire_cred(int, char **);
99 static void _gss_add_cred(int, char **);
100 static void _gss_sign(int, char **);
101 static void _gss_release_cred(int, char **);
102 static void _gss_accept_sec_context(int, char **);
103 static void _gss_process_context_token(int, char **);
104 static void _gss_delete_sec_context(int, char **);
105 static void _gss_context_time(int, char **);
106 static void _gss_verify(int, char **);
107 static void _gss_seal(int, char **);
108 static void _gss_unseal(int, char **);
109 static void _gss_display_status(int, char **);
110 static void _gss_indicate_mechs(int, char **);
111 static void _gss_inquire_cred(int, char **);
112 static void _gssd_expname_to_unix_cred(int, char **);
113 static void _gssd_name_to_unix_cred(int, char **);
114 static void _gssd_get_group_info(int, char **);
115
116 static int do_gssdtest(char *buf);
117
118
119 #ifndef _KERNEL
120 static int read_line(char *buf, int size)
121 {
122 int len;
123
124 /* read the next line. If cntl-d, return with zero char count */
125 printf(gettext("\n> "));
126
127 if (fgets(buf, size, stdin) == NULL)
128 return (0);
201 argv++;
202
203 if (strcmp(cmd, "gss_loop") == 0 ||
204 strcmp(cmd, "loop") == 0) {
205
206 if (argc < 1) {
207 usage();
208 FREE(argv_array, (argc+2) * sizeof (char *));
209 return (0);
210 }
211 for (i = 0; i < LOOP_COUNTER; i++) {
212 printf(gettext("Loop Count is %d \n"), i);
213 /*
214 * if (i > 53)
215 * printf ("Loop counter is greater than 55\n");
216 */
217 _gss_acquire_cred(argc, argv);
218 _gss_init_sec_context(argc, argv);
219 _gss_accept_sec_context(0, argv);
220 _gss_init_sec_context(argc, argv);
221
222 seal_argc = 2;
223 _gss_seal(seal_argc, seal_ini_array);
224 seal_argc = 1;
225 _gss_unseal(seal_argc, unseal_acc_array);
226 seal_argc = 2;
227 _gss_seal(seal_argc, seal_acc_array);
228 seal_argc = 1;
229 _gss_unseal(seal_argc, unseal_ini_array);
230 seal_argc = 2;
231 _gss_sign(seal_argc, seal_ini_array);
232 seal_argc = 1;
233 _gss_verify(seal_argc, unseal_acc_array);
234 seal_argc = 2;
235 _gss_sign(seal_argc, seal_acc_array);
236 seal_argc = 1;
237 _gss_verify(seal_argc, unseal_ini_array);
238 _gss_delete_sec_context(argc, delet_acc_array);
239 _gss_delete_sec_context(argc, delet_ini_array);
240 }
241 }
242 if (strcmp(cmd, "gss_all") == 0 ||
243 strcmp(cmd, "all") == 0) {
244 _gss_acquire_cred(argc, argv);
245 _gss_init_sec_context(argc, argv);
246 _gss_accept_sec_context(0, argv);
247 _gss_init_sec_context(argc, argv);
248
249 seal_argc = 2;
250 _gss_seal(seal_argc, seal_acc_array);
251 seal_argc = 1;
252 _gss_unseal(seal_argc, unseal_ini_array);
253 seal_argc = 2;
254 _gss_seal(seal_argc, seal_ini_array);
255 seal_argc = 1;
256 _gss_unseal(seal_argc, unseal_acc_array);
257 seal_argc = 2;
258 _gss_sign(seal_argc, seal_ini_array);
259 seal_argc = 1;
260 _gss_verify(seal_argc, unseal_acc_array);
261 seal_argc = 2;
262 _gss_sign(seal_argc, seal_acc_array);
263 seal_argc = 1;
264 _gss_verify(seal_argc, unseal_ini_array);
265
266 }
267 if (strcmp(cmd, "gss_acquire_cred") == 0 ||
268 strcmp(cmd, "acquire") == 0) {
269 _gss_acquire_cred(argc, argv);
270 if (argc == 1)
271 _gss_add_cred(argc, argv);
272 }
273
274 else if (strcmp(cmd, "gss_release_cred") == 0 ||
275 strcmp(cmd, "release") == 0)
276 _gss_release_cred(argc, argv);
278 strcmp(cmd, "init") == 0)
279 _gss_init_sec_context(argc, argv);
280 else if (strcmp(cmd, "gss_accept_sec_context") == 0 ||
281 strcmp(cmd, "accept") == 0)
282 _gss_accept_sec_context(argc, argv);
283 else if (strcmp(cmd, "gss_process_context_token") == 0 ||
284 strcmp(cmd, "process") == 0)
285 _gss_process_context_token(argc, argv);
286 else if (strcmp(cmd, "gss_delete_sec_context") == 0 ||
287 strcmp(cmd, "delete") == 0)
288 _gss_delete_sec_context(argc, argv);
289 else if (strcmp(cmd, "gss_context_time") == 0 ||
290 strcmp(cmd, "time") == 0)
291 _gss_context_time(argc, argv);
292 else if (strcmp(cmd, "gss_sign") == 0 ||
293 strcmp(cmd, "sign") == 0)
294 _gss_sign(argc, argv);
295 else if (strcmp(cmd, "gss_verify") == 0 ||
296 strcmp(cmd, "verify") == 0)
297 _gss_verify(argc, argv);
298 else if (strcmp(cmd, "gss_seal") == 0 ||
299 strcmp(cmd, "seal") == 0)
300 _gss_seal(argc, argv);
301 else if (strcmp(cmd, "gss_unseal") == 0 ||
302 strcmp(cmd, "unseal") == 0)
303 _gss_unseal(argc, argv);
304 else if (strcmp(cmd, "gss_display_status") == 0||
305 strcmp(cmd, "status") == 0)
306 _gss_display_status(argc, argv);
307 else if (strcmp(cmd, "gss_indicate_mechs") == 0 ||
308 strcmp(cmd, "indicate") == 0)
309 _gss_indicate_mechs(argc, argv);
310 else if (strcmp(cmd, "gss_inquire_cred") == 0 ||
311 strcmp(cmd, "inquire") == 0)
312 _gss_inquire_cred(argc, argv);
313 else if (strcmp(cmd, "expname2unixcred") == 0 ||
314 strcmp(cmd, "gsscred_expname_to_unix_cred") == 0)
315 _gssd_expname_to_unix_cred(argc, argv);
316 else if (strcmp(cmd, "name2unixcred") == 0 ||
317 strcmp(cmd, "gsscred_name_to_unix_cred") == 0)
318 _gssd_name_to_unix_cred(argc, argv);
319 else if (strcmp(cmd, "grpinfo") == 0 ||
320 strcmp(cmd, "gss_get_group_info") == 0)
321 _gssd_get_group_info(argc, argv);
322 else if (strcmp(cmd, "exit") == 0) {
323 printf(gettext("\n"));
1497 } else {
1498
1499 /* print out the verified message */
1500
1501 printf(gettext(
1502 "verified message = \"%s\"\n\n"), message_buffer.value);
1503
1504 /* print out the quality of protection returned */
1505
1506 printf(gettext("quality of protection = %d \n\n"), qop_state);
1507
1508 /* free the message buffer and message token and return */
1509
1510 gss_release_buffer(&minor_status, &message_buffer);
1511 gss_release_buffer(&minor_status, &msg_token);
1512
1513 return;
1514 }
1515 }
1516
1517 static void
1518 _gss_seal(argc, argv)
1519 int argc;
1520 char **argv;
1521 {
1522 OM_UINT32 status;
1523
1524 OM_uint32 minor_status;
1525 gss_ctx_id_t context_handle;
1526 int conf_req_flag;
1527 int qop_req;
1528 gss_buffer_desc input_message_buffer;
1529 int conf_state;
1530 uid_t uid;
1531
1532 uid = (uid_t) getuid();
1533
1534 /*
1535 * specify the default confidentiality requested (both integrity
1536 * and confidentiality) and quality of protection
1664
1665 if (status == GSS_S_COMPLETE) {
1666 printf(gettext("\nunseal succeeded\n\n"));
1667 printf(gettext("unsealed message = \"%s\"\n\n"),
1668 output_message_buffer.value);
1669 if (conf_state)
1670 printf(gettext("confidentiality and integrity used\n"));
1671 else
1672 printf(gettext("only integrity used\n"));
1673 printf(gettext("quality of protection = %d\n\n"), qop_state);
1674 gss_release_buffer(&minor_status, &output_message_buffer);
1675 } else {
1676 printf(gettext("server ret err (octal) %o (%s)\n"),
1677 status, gettext("gss_unseal error"));
1678 }
1679
1680 /* free the message buffer and return */
1681
1682 gss_release_buffer(&minor_status, &message_buffer);
1683 }
1684
1685 static void
1686 _gss_display_status(argc, argv)
1687 int argc;
1688 char **argv;
1689 {
1690 OM_UINT32 status;
1691 OM_uint32 minor_status;
1692 int status_type;
1693 int status_value;
1694 gss_OID mech_type = (gss_OID) 0;
1695 int message_context;
1696 gss_buffer_desc status_string;
1697 uid_t uid;
1698
1699 uid = (uid_t) getuid();
1700
1701 /* initialize message context to zero */
1702
1703 message_context = 0;
|