oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use the krb5_digest api. Return useful errorstring on no-existant command.

Browse Source 
Add client request command.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17902 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-08-23 11:36:19 +00:00
parent 17f00ca951
commit 37129f204b
1 changed files with 134 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

160
kuser/kdigest.c
View File

@@ -39,8 +39,11 @@ RCSID("$Id$");
static int version_flag = 0; static int version_flag = 0;
static int help_flag = 0; static int help_flag = 0;
static char *ccache_string;
static krb5_ccache id;
static struct getargs args[] = { static struct getargs args[] = {
{"ccache", 0, arg_string, &ccache_string, "credential cache", NULL },
{"version", 0, arg_flag, &version_flag, "print version", NULL }, {"version", 0, arg_flag, &version_flag, "print version", NULL },
{"help", 0, arg_flag, &help_flag, NULL, NULL } {"help", 0, arg_flag, &help_flag, NULL, NULL }
}; };
@@ -53,27 +56,52 @@ usage (int ret)
exit (ret); exit (ret);
} }
const static char *secret = "secret"; static krb5_context context;
static char server_nonce[16];
static char server_identifier;
int int
server_init(struct server_init_options *opt, int argc, char ** argv) server_init(struct server_init_options *opt, int argc, char ** argv)
{ {
char *s; krb5_error_code ret;
krb5_digest digest;
if (opt->kerberos_realm_string == NULL)
errx(1, "realm argument missing");
if (strcasecmp(opt->type_string, "CHAP") != 0) if (strcasecmp(opt->type_string, "CHAP") != 0)
errx(1, "type not CHAP"); errx(1, "type not CHAP");
RAND_pseudo_bytes(&server_identifier, sizeof(server_identifier));
RAND_pseudo_bytes(&server_nonce, sizeof(server_nonce)); ret = krb5_digest_alloc(context, &digest);
if (ret)
krb5_err(context, 1, ret, "digest_alloc");
ret = krb5_digest_set_type(context, digest, opt->type_string);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_set_type");
if (opt->cb_type_string && opt->cb_value_string) {
ret = krb5_digest_set_server_cb(context, digest,
opt->cb_type_string,
opt->cb_value_string);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_set_server_cb");
}
ret = krb5_digest_init_request(context,
digest,
opt->kerberos_realm_string,
id);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_init_request");
printf("type=%s\n", opt->type_string); printf("type=%s\n", opt->type_string);
hex_encode(server_nonce, sizeof(server_nonce), &s); printf("server-nonce=%s\n",
printf("server-nonce=%s\n", s); krb5_digest_get_server_nonce(context, digest));
free(s); {
printf("identifier=%02X\n", (server_identifier & 0xff)); const char *s = krb5_digest_get_identifier(context, digest);
printf("opaque=bar\n"); if (s)
printf("identifier=%s\n", s);
}
printf("opaque=%s\n", krb5_digest_get_opaque(context, digest));
return 0; return 0;
} }
@@ -81,6 +109,68 @@ server_init(struct server_init_options *opt, int argc, char ** argv)
int int
server_request(struct server_request_options *opt, int argc, char **argv) server_request(struct server_request_options *opt, int argc, char **argv)
{ {
krb5_error_code ret;
krb5_digest digest;
const char *h;
if (opt->kerberos_realm_string == NULL)
errx(1, "realm argument missing");
if (opt->server_nonce_string == NULL)
errx(1, "server nonce missing");
if (opt->type_string == NULL)
errx(1, "type missing");
if (opt->opaque_string == NULL)
errx(1, "opaque missing");
ret = krb5_digest_alloc(context, &digest);
if (ret)
krb5_err(context, 1, ret, "digest_alloc");
if (strcasecmp(opt->type_string, "CHAP") == 0) {
if (opt->server_identifier_string == NULL)
errx(1, "server identifier missing");
ret = krb5_digest_set_identifier(context, digest,
opt->server_identifier_string);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_set_type");
}
ret = krb5_digest_set_type(context, digest, opt->type_string);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_set_type");
ret = krb5_digest_set_username(context, digest, opt->username_string);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_set_username");
ret = krb5_digest_set_server_nonce(context, digest,
opt->server_nonce_string);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_set_server_nonce");
ret = krb5_digest_set_opaque(context, digest, opt->opaque_string);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_set_opaque");
ret = krb5_digest_request(context, digest,
opt->kerberos_realm_string, id);
if (ret)
krb5_err(context, 1, ret, "krb5_digest_request");
h = krb5_digest_get_responseData(context, digest);
printf("responseData=%s\n", h);
printf("tickets=no\n");
return 0;
}
int
client_request(struct client_request_options *opt, int argc, char **argv)
{
char *server_nonce, server_identifier;
ssize_t size;
MD5_CTX ctx; MD5_CTX ctx;
char md[16], *h; char md[16], *h;
@@ -88,35 +178,34 @@ server_request(struct server_request_options *opt, int argc, char **argv)
errx(1, "server nonce missing"); errx(1, "server nonce missing");
if (opt->server_identifier_string == NULL) if (opt->server_identifier_string == NULL)
errx(1, "server identifier missing"); errx(1, "server identifier missing");
if (opt->password_string == NULL)
errx(1, "password missing");
if (opt->opaque_string == NULL) if (opt->opaque_string == NULL)
errx(1, "opaque missing"); errx(1, "opaque missing");
if (strcmp(opt->opaque_string, "bar") != 0)
errx(1, "opaque wrong string");
if (hex_decode(opt->server_nonce_string, server_nonce, 16) != 16) size = strlen(opt->server_nonce_string);
errx(1, "server nonce wrong length"); server_nonce = malloc(size);
if (server_nonce == NULL)
errx(1, "server_nonce");
size = hex_decode(opt->server_nonce_string, server_nonce, size);
if (size <= 0)
errx(1, "server nonce wrong");
if (hex_decode(opt->server_identifier_string, &server_identifier, 1) != 1) if (hex_decode(opt->server_identifier_string, &server_identifier, 1) != 1)
errx(1, "server identifier wrong length"); errx(1, "server identifier wrong length");
MD5_Init(&ctx); MD5_Init(&ctx);
MD5_Update(&ctx, &server_identifier, 1); MD5_Update(&ctx, &server_identifier, 1);
MD5_Update(&ctx, secret, strlen(secret)); MD5_Update(&ctx, opt->password_string, strlen(opt->password_string));
MD5_Update(&ctx, server_nonce, 16); MD5_Update(&ctx, server_nonce, size);
MD5_Final(md, &ctx); MD5_Final(md, &ctx);
hex_encode(md, 16, &h); hex_encode(md, 16, &h);
printf("responseData=%s\n", h); printf("responseData=%s\n", h);
printf("tickets=no\n");
/*
printf("rsp=bar\n");
printf("cb-type=type\n");
printf("cb-binding=binding\n");
printf("hash-a1=bar\n");
printf("message=message here\n");
*/
return 0; return 0;
} }
@@ -161,9 +250,17 @@ help(void *opt, int argc, char **argv)
int int
main(int argc, char **argv) main(int argc, char **argv)
{ {
krb5_error_code ret;
int optidx = 0; int optidx = 0;
setprogname(argv[0]); setprogname(argv[0]);
ret = krb5_init_context (&context);
if (ret == KRB5_CONFIG_BADFORMAT)
errx (1, "krb5_init_context failed to parse configuration file");
else if (ret)
errx(1, "krb5_init_context failed: %d", ret);
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
usage(1); usage(1);
@@ -183,5 +280,16 @@ main(int argc, char **argv)
return 1; return 1;
} }
return sl_command (commands, argc, argv); if (ccache_string) {
ret = krb5_cc_resolve(context, ccache_string, &id);
if (ret)
krb5_err(context, 1, ret, "krb5_cc_resolve");
}
ret = sl_command (commands, argc, argv);
if (ret == -1) {
help(NULL, argc, argv);
return 1;
}
return ret;
} }