Print this page
first pass


  87 #define FREE(x, n) free(x)
  88 #endif /* _KERNEL */
  89 
  90 static gss_OID gss_str2oid(char *);
  91 static char * gss_oid2str(gss_OID);
  92 static void instructs();
  93 static void usage();
  94 static int parse_input_line(char *, int *, char ***);
  95 extern uid_t getuid();
  96 
  97 static void _gss_init_sec_context(int, char **);
  98 static void _gss_acquire_cred(int, char **);
  99 static void _gss_add_cred(int, char **);
 100 static void _gss_sign(int, char **);
 101 static void _gss_release_cred(int, char **);
 102 static void _gss_accept_sec_context(int, char **);
 103 static void _gss_process_context_token(int, char **);
 104 static void _gss_delete_sec_context(int, char **);
 105 static void _gss_context_time(int, char **);
 106 static void _gss_verify(int, char **);
 107 /* EXPORT DELETE START */
 108 static void _gss_seal(int, char **);
 109 static void _gss_unseal(int, char **);
 110 /* EXPORT DELETE END */
 111 static void _gss_display_status(int, char **);
 112 static void _gss_indicate_mechs(int, char **);
 113 static void _gss_inquire_cred(int, char **);
 114 static void _gssd_expname_to_unix_cred(int, char **);
 115 static void _gssd_name_to_unix_cred(int, char **);
 116 static void _gssd_get_group_info(int, char **);
 117 
 118 static int do_gssdtest(char *buf);
 119 
 120 
 121 #ifndef _KERNEL
 122 static int read_line(char *buf, int size)
 123 {
 124         int len;
 125 
 126         /* read the next line. If cntl-d, return with zero char count */
 127         printf(gettext("\n> "));
 128 
 129         if (fgets(buf, size, stdin) == NULL)
 130                 return (0);


 203         argv++;
 204 
 205         if (strcmp(cmd, "gss_loop") == 0 ||
 206             strcmp(cmd, "loop") == 0) {
 207 
 208                 if (argc < 1) {
 209                         usage();
 210                         FREE(argv_array, (argc+2) * sizeof (char *));
 211                         return (0);
 212                 }
 213                 for (i = 0; i < LOOP_COUNTER; i++) {
 214                         printf(gettext("Loop Count is %d \n"), i);
 215                         /*
 216                          * if (i > 53)
 217                          *      printf ("Loop counter is greater than 55\n");
 218                          */
 219                         _gss_acquire_cred(argc, argv);
 220                         _gss_init_sec_context(argc, argv);
 221                         _gss_accept_sec_context(0, argv);
 222                         _gss_init_sec_context(argc, argv);
 223 /* EXPORT DELETE START */
 224                         seal_argc = 2;
 225                         _gss_seal(seal_argc, seal_ini_array);
 226                         seal_argc = 1;
 227                         _gss_unseal(seal_argc, unseal_acc_array);
 228                         seal_argc = 2;
 229                         _gss_seal(seal_argc, seal_acc_array);
 230                         seal_argc = 1;
 231                         _gss_unseal(seal_argc, unseal_ini_array);
 232 /* EXPORT DELETE END */
 233                         seal_argc = 2;
 234                         _gss_sign(seal_argc, seal_ini_array);
 235                         seal_argc = 1;
 236                         _gss_verify(seal_argc, unseal_acc_array);
 237                         seal_argc = 2;
 238                         _gss_sign(seal_argc, seal_acc_array);
 239                         seal_argc = 1;
 240                         _gss_verify(seal_argc, unseal_ini_array);
 241                         _gss_delete_sec_context(argc, delet_acc_array);
 242                         _gss_delete_sec_context(argc, delet_ini_array);
 243                 }
 244         }
 245         if (strcmp(cmd, "gss_all") == 0 ||
 246             strcmp(cmd, "all") == 0) {
 247                 _gss_acquire_cred(argc, argv);
 248                 _gss_init_sec_context(argc, argv);
 249                 _gss_accept_sec_context(0, argv);
 250                 _gss_init_sec_context(argc, argv);
 251 /* EXPORT DELETE START */
 252                 seal_argc = 2;
 253                 _gss_seal(seal_argc, seal_acc_array);
 254                 seal_argc = 1;
 255                 _gss_unseal(seal_argc, unseal_ini_array);
 256                 seal_argc = 2;
 257                 _gss_seal(seal_argc, seal_ini_array);
 258                 seal_argc = 1;
 259                 _gss_unseal(seal_argc, unseal_acc_array);
 260 /* EXPORT DELETE END */
 261                 seal_argc = 2;
 262                 _gss_sign(seal_argc, seal_ini_array);
 263                 seal_argc = 1;
 264                 _gss_verify(seal_argc, unseal_acc_array);
 265                 seal_argc = 2;
 266                 _gss_sign(seal_argc, seal_acc_array);
 267                 seal_argc = 1;
 268                 _gss_verify(seal_argc, unseal_ini_array);
 269 
 270         }
 271         if (strcmp(cmd, "gss_acquire_cred") == 0 ||
 272             strcmp(cmd, "acquire") == 0) {
 273                 _gss_acquire_cred(argc, argv);
 274                 if (argc == 1)
 275                         _gss_add_cred(argc, argv);
 276         }
 277 
 278         else if (strcmp(cmd, "gss_release_cred") == 0 ||
 279                 strcmp(cmd, "release") == 0)
 280                 _gss_release_cred(argc, argv);


 282                 strcmp(cmd, "init") == 0)
 283                 _gss_init_sec_context(argc, argv);
 284         else if (strcmp(cmd, "gss_accept_sec_context") == 0 ||
 285                 strcmp(cmd, "accept") == 0)
 286                 _gss_accept_sec_context(argc, argv);
 287         else if (strcmp(cmd, "gss_process_context_token") == 0 ||
 288                 strcmp(cmd, "process") == 0)
 289                 _gss_process_context_token(argc, argv);
 290         else if (strcmp(cmd, "gss_delete_sec_context") == 0 ||
 291                 strcmp(cmd, "delete") == 0)
 292                 _gss_delete_sec_context(argc, argv);
 293         else if (strcmp(cmd, "gss_context_time") == 0 ||
 294                 strcmp(cmd, "time") == 0)
 295                 _gss_context_time(argc, argv);
 296         else if (strcmp(cmd, "gss_sign") == 0 ||
 297                 strcmp(cmd, "sign") == 0)
 298                 _gss_sign(argc, argv);
 299         else if (strcmp(cmd, "gss_verify") == 0 ||
 300                 strcmp(cmd, "verify") == 0)
 301                 _gss_verify(argc, argv);
 302 /* EXPORT DELETE START */
 303         else if (strcmp(cmd, "gss_seal") == 0 ||
 304                 strcmp(cmd, "seal") == 0)
 305                 _gss_seal(argc, argv);
 306         else if (strcmp(cmd, "gss_unseal") == 0 ||
 307                 strcmp(cmd, "unseal") == 0)
 308                 _gss_unseal(argc, argv);
 309 /* EXPORT DELETE END */
 310         else if (strcmp(cmd, "gss_display_status") == 0||
 311                 strcmp(cmd, "status") == 0)
 312                 _gss_display_status(argc, argv);
 313         else if (strcmp(cmd, "gss_indicate_mechs") == 0 ||
 314                 strcmp(cmd, "indicate") == 0)
 315                 _gss_indicate_mechs(argc, argv);
 316         else if (strcmp(cmd, "gss_inquire_cred") == 0 ||
 317                 strcmp(cmd, "inquire") == 0)
 318                 _gss_inquire_cred(argc, argv);
 319         else if (strcmp(cmd, "expname2unixcred") == 0 ||
 320                 strcmp(cmd, "gsscred_expname_to_unix_cred") == 0)
 321                 _gssd_expname_to_unix_cred(argc, argv);
 322         else if (strcmp(cmd, "name2unixcred") == 0 ||
 323                 strcmp(cmd, "gsscred_name_to_unix_cred") == 0)
 324                 _gssd_name_to_unix_cred(argc, argv);
 325         else if (strcmp(cmd, "grpinfo") == 0 ||
 326                 strcmp(cmd, "gss_get_group_info") == 0)
 327                 _gssd_get_group_info(argc, argv);
 328         else if (strcmp(cmd, "exit") == 0) {
 329                 printf(gettext("\n"));


1503         } else {
1504 
1505                 /* print out the verified message */
1506 
1507                 printf(gettext(
1508                         "verified message = \"%s\"\n\n"), message_buffer.value);
1509 
1510                 /* print out the quality of protection returned */
1511 
1512                 printf(gettext("quality of protection = %d \n\n"), qop_state);
1513 
1514                 /* free the message buffer and message token and return */
1515 
1516                 gss_release_buffer(&minor_status, &message_buffer);
1517                 gss_release_buffer(&minor_status, &msg_token);
1518 
1519                 return;
1520         }
1521 }
1522 
1523 /* EXPORT DELETE START */
1524 static void
1525 _gss_seal(argc, argv)
1526 int argc;
1527 char **argv;
1528 {
1529         OM_UINT32 status;
1530 
1531         OM_uint32 minor_status;
1532         gss_ctx_id_t context_handle;
1533         int conf_req_flag;
1534         int qop_req;
1535         gss_buffer_desc input_message_buffer;
1536         int conf_state;
1537         uid_t uid;
1538 
1539         uid = (uid_t) getuid();
1540 
1541         /*
1542          * specify the default confidentiality requested (both integrity
1543          * and confidentiality) and quality of protection


1671 
1672         if (status == GSS_S_COMPLETE) {
1673                 printf(gettext("\nunseal succeeded\n\n"));
1674                 printf(gettext("unsealed message = \"%s\"\n\n"),
1675                         output_message_buffer.value);
1676                 if (conf_state)
1677                         printf(gettext("confidentiality and integrity used\n"));
1678                 else
1679                         printf(gettext("only integrity used\n"));
1680                 printf(gettext("quality of protection = %d\n\n"), qop_state);
1681                 gss_release_buffer(&minor_status, &output_message_buffer);
1682         } else {
1683                 printf(gettext("server ret err (octal) %o (%s)\n"),
1684                         status, gettext("gss_unseal error"));
1685         }
1686 
1687         /* free the message buffer and return */
1688 
1689         gss_release_buffer(&minor_status, &message_buffer);
1690 }
1691 /* EXPORT DELETE END */
1692 
1693 static void
1694 _gss_display_status(argc, argv)
1695 int argc;
1696 char **argv;
1697 {
1698         OM_UINT32 status;
1699         OM_uint32 minor_status;
1700         int status_type;
1701         int status_value;
1702         gss_OID mech_type = (gss_OID) 0;
1703         int message_context;
1704         gss_buffer_desc status_string;
1705         uid_t uid;
1706 
1707         uid = (uid_t) getuid();
1708 
1709         /* initialize message context to zero */
1710 
1711         message_context = 0;




  87 #define FREE(x, n) free(x)
  88 #endif /* _KERNEL */
  89 
  90 static gss_OID gss_str2oid(char *);
  91 static char * gss_oid2str(gss_OID);
  92 static void instructs();
  93 static void usage();
  94 static int parse_input_line(char *, int *, char ***);
  95 extern uid_t getuid();
  96 
  97 static void _gss_init_sec_context(int, char **);
  98 static void _gss_acquire_cred(int, char **);
  99 static void _gss_add_cred(int, char **);
 100 static void _gss_sign(int, char **);
 101 static void _gss_release_cred(int, char **);
 102 static void _gss_accept_sec_context(int, char **);
 103 static void _gss_process_context_token(int, char **);
 104 static void _gss_delete_sec_context(int, char **);
 105 static void _gss_context_time(int, char **);
 106 static void _gss_verify(int, char **);

 107 static void _gss_seal(int, char **);
 108 static void _gss_unseal(int, char **);

 109 static void _gss_display_status(int, char **);
 110 static void _gss_indicate_mechs(int, char **);
 111 static void _gss_inquire_cred(int, char **);
 112 static void _gssd_expname_to_unix_cred(int, char **);
 113 static void _gssd_name_to_unix_cred(int, char **);
 114 static void _gssd_get_group_info(int, char **);
 115 
 116 static int do_gssdtest(char *buf);
 117 
 118 
 119 #ifndef _KERNEL
 120 static int read_line(char *buf, int size)
 121 {
 122         int len;
 123 
 124         /* read the next line. If cntl-d, return with zero char count */
 125         printf(gettext("\n> "));
 126 
 127         if (fgets(buf, size, stdin) == NULL)
 128                 return (0);


 201         argv++;
 202 
 203         if (strcmp(cmd, "gss_loop") == 0 ||
 204             strcmp(cmd, "loop") == 0) {
 205 
 206                 if (argc < 1) {
 207                         usage();
 208                         FREE(argv_array, (argc+2) * sizeof (char *));
 209                         return (0);
 210                 }
 211                 for (i = 0; i < LOOP_COUNTER; i++) {
 212                         printf(gettext("Loop Count is %d \n"), i);
 213                         /*
 214                          * if (i > 53)
 215                          *      printf ("Loop counter is greater than 55\n");
 216                          */
 217                         _gss_acquire_cred(argc, argv);
 218                         _gss_init_sec_context(argc, argv);
 219                         _gss_accept_sec_context(0, argv);
 220                         _gss_init_sec_context(argc, argv);
 221 
 222                         seal_argc = 2;
 223                         _gss_seal(seal_argc, seal_ini_array);
 224                         seal_argc = 1;
 225                         _gss_unseal(seal_argc, unseal_acc_array);
 226                         seal_argc = 2;
 227                         _gss_seal(seal_argc, seal_acc_array);
 228                         seal_argc = 1;
 229                         _gss_unseal(seal_argc, unseal_ini_array);

 230                         seal_argc = 2;
 231                         _gss_sign(seal_argc, seal_ini_array);
 232                         seal_argc = 1;
 233                         _gss_verify(seal_argc, unseal_acc_array);
 234                         seal_argc = 2;
 235                         _gss_sign(seal_argc, seal_acc_array);
 236                         seal_argc = 1;
 237                         _gss_verify(seal_argc, unseal_ini_array);
 238                         _gss_delete_sec_context(argc, delet_acc_array);
 239                         _gss_delete_sec_context(argc, delet_ini_array);
 240                 }
 241         }
 242         if (strcmp(cmd, "gss_all") == 0 ||
 243             strcmp(cmd, "all") == 0) {
 244                 _gss_acquire_cred(argc, argv);
 245                 _gss_init_sec_context(argc, argv);
 246                 _gss_accept_sec_context(0, argv);
 247                 _gss_init_sec_context(argc, argv);
 248 
 249                 seal_argc = 2;
 250                 _gss_seal(seal_argc, seal_acc_array);
 251                 seal_argc = 1;
 252                 _gss_unseal(seal_argc, unseal_ini_array);
 253                 seal_argc = 2;
 254                 _gss_seal(seal_argc, seal_ini_array);
 255                 seal_argc = 1;
 256                 _gss_unseal(seal_argc, unseal_acc_array);

 257                 seal_argc = 2;
 258                 _gss_sign(seal_argc, seal_ini_array);
 259                 seal_argc = 1;
 260                 _gss_verify(seal_argc, unseal_acc_array);
 261                 seal_argc = 2;
 262                 _gss_sign(seal_argc, seal_acc_array);
 263                 seal_argc = 1;
 264                 _gss_verify(seal_argc, unseal_ini_array);
 265 
 266         }
 267         if (strcmp(cmd, "gss_acquire_cred") == 0 ||
 268             strcmp(cmd, "acquire") == 0) {
 269                 _gss_acquire_cred(argc, argv);
 270                 if (argc == 1)
 271                         _gss_add_cred(argc, argv);
 272         }
 273 
 274         else if (strcmp(cmd, "gss_release_cred") == 0 ||
 275                 strcmp(cmd, "release") == 0)
 276                 _gss_release_cred(argc, argv);


 278                 strcmp(cmd, "init") == 0)
 279                 _gss_init_sec_context(argc, argv);
 280         else if (strcmp(cmd, "gss_accept_sec_context") == 0 ||
 281                 strcmp(cmd, "accept") == 0)
 282                 _gss_accept_sec_context(argc, argv);
 283         else if (strcmp(cmd, "gss_process_context_token") == 0 ||
 284                 strcmp(cmd, "process") == 0)
 285                 _gss_process_context_token(argc, argv);
 286         else if (strcmp(cmd, "gss_delete_sec_context") == 0 ||
 287                 strcmp(cmd, "delete") == 0)
 288                 _gss_delete_sec_context(argc, argv);
 289         else if (strcmp(cmd, "gss_context_time") == 0 ||
 290                 strcmp(cmd, "time") == 0)
 291                 _gss_context_time(argc, argv);
 292         else if (strcmp(cmd, "gss_sign") == 0 ||
 293                 strcmp(cmd, "sign") == 0)
 294                 _gss_sign(argc, argv);
 295         else if (strcmp(cmd, "gss_verify") == 0 ||
 296                 strcmp(cmd, "verify") == 0)
 297                 _gss_verify(argc, argv);

 298         else if (strcmp(cmd, "gss_seal") == 0 ||
 299                 strcmp(cmd, "seal") == 0)
 300                 _gss_seal(argc, argv);
 301         else if (strcmp(cmd, "gss_unseal") == 0 ||
 302                 strcmp(cmd, "unseal") == 0)
 303                 _gss_unseal(argc, argv);

 304         else if (strcmp(cmd, "gss_display_status") == 0||
 305                 strcmp(cmd, "status") == 0)
 306                 _gss_display_status(argc, argv);
 307         else if (strcmp(cmd, "gss_indicate_mechs") == 0 ||
 308                 strcmp(cmd, "indicate") == 0)
 309                 _gss_indicate_mechs(argc, argv);
 310         else if (strcmp(cmd, "gss_inquire_cred") == 0 ||
 311                 strcmp(cmd, "inquire") == 0)
 312                 _gss_inquire_cred(argc, argv);
 313         else if (strcmp(cmd, "expname2unixcred") == 0 ||
 314                 strcmp(cmd, "gsscred_expname_to_unix_cred") == 0)
 315                 _gssd_expname_to_unix_cred(argc, argv);
 316         else if (strcmp(cmd, "name2unixcred") == 0 ||
 317                 strcmp(cmd, "gsscred_name_to_unix_cred") == 0)
 318                 _gssd_name_to_unix_cred(argc, argv);
 319         else if (strcmp(cmd, "grpinfo") == 0 ||
 320                 strcmp(cmd, "gss_get_group_info") == 0)
 321                 _gssd_get_group_info(argc, argv);
 322         else if (strcmp(cmd, "exit") == 0) {
 323                 printf(gettext("\n"));


1497         } else {
1498 
1499                 /* print out the verified message */
1500 
1501                 printf(gettext(
1502                         "verified message = \"%s\"\n\n"), message_buffer.value);
1503 
1504                 /* print out the quality of protection returned */
1505 
1506                 printf(gettext("quality of protection = %d \n\n"), qop_state);
1507 
1508                 /* free the message buffer and message token and return */
1509 
1510                 gss_release_buffer(&minor_status, &message_buffer);
1511                 gss_release_buffer(&minor_status, &msg_token);
1512 
1513                 return;
1514         }
1515 }
1516 

1517 static void
1518 _gss_seal(argc, argv)
1519 int argc;
1520 char **argv;
1521 {
1522         OM_UINT32 status;
1523 
1524         OM_uint32 minor_status;
1525         gss_ctx_id_t context_handle;
1526         int conf_req_flag;
1527         int qop_req;
1528         gss_buffer_desc input_message_buffer;
1529         int conf_state;
1530         uid_t uid;
1531 
1532         uid = (uid_t) getuid();
1533 
1534         /*
1535          * specify the default confidentiality requested (both integrity
1536          * and confidentiality) and quality of protection


1664 
1665         if (status == GSS_S_COMPLETE) {
1666                 printf(gettext("\nunseal succeeded\n\n"));
1667                 printf(gettext("unsealed message = \"%s\"\n\n"),
1668                         output_message_buffer.value);
1669                 if (conf_state)
1670                         printf(gettext("confidentiality and integrity used\n"));
1671                 else
1672                         printf(gettext("only integrity used\n"));
1673                 printf(gettext("quality of protection = %d\n\n"), qop_state);
1674                 gss_release_buffer(&minor_status, &output_message_buffer);
1675         } else {
1676                 printf(gettext("server ret err (octal) %o (%s)\n"),
1677                         status, gettext("gss_unseal error"));
1678         }
1679 
1680         /* free the message buffer and return */
1681 
1682         gss_release_buffer(&minor_status, &message_buffer);
1683 }

1684 
1685 static void
1686 _gss_display_status(argc, argv)
1687 int argc;
1688 char **argv;
1689 {
1690         OM_UINT32 status;
1691         OM_uint32 minor_status;
1692         int status_type;
1693         int status_value;
1694         gss_OID mech_type = (gss_OID) 0;
1695         int message_context;
1696         gss_buffer_desc status_string;
1697         uid_t uid;
1698 
1699         uid = (uid_t) getuid();
1700 
1701         /* initialize message context to zero */
1702 
1703         message_context = 0;