let client do unwrap, handle keytab for gss
This commit is contained in:
Love Hornquist Astrand
@@ -38,7 +38,7 @@ RCSID("$Id$");
|
|||||||
static int help_flag;
|
static int help_flag;
|
||||||
static int version_flag;
|
static int version_flag;
|
||||||
static char *port_str;
|
static char *port_str;
|
||||||
static char *keytab_str;
|
char *keytab_str;
|
||||||
krb5_keytab keytab;
|
krb5_keytab keytab;
|
||||||
char *service = SERVICE;
|
char *service = SERVICE;
|
||||||
char *mech = "krb5";
|
char *mech = "krb5";
|
||||||
|
|||||||
@@ -45,6 +45,7 @@ do_trans (int sock, gss_ctx_id_t context_hdl)
|
|||||||
gss_buffer_desc real_input_token, real_output_token;
|
gss_buffer_desc real_input_token, real_output_token;
|
||||||
gss_buffer_t input_token = &real_input_token,
|
gss_buffer_t input_token = &real_input_token,
|
||||||
output_token = &real_output_token;
|
output_token = &real_output_token;
|
||||||
|
int conf_flag;
|
||||||
|
|
||||||
/* get_mic */
|
/* get_mic */
|
||||||
|
|
||||||
@@ -91,6 +92,21 @@ do_trans (int sock, gss_ctx_id_t context_hdl)
|
|||||||
|
|
||||||
write_token (sock, output_token);
|
write_token (sock, output_token);
|
||||||
|
|
||||||
|
read_token (sock, input_token);
|
||||||
|
|
||||||
|
maj_stat = gss_unwrap (&min_stat,
|
||||||
|
context_hdl,
|
||||||
|
input_token,
|
||||||
|
output_token,
|
||||||
|
&conf_flag,
|
||||||
|
NULL);
|
||||||
|
if(GSS_ERROR(maj_stat))
|
||||||
|
gss_err (1, min_stat, "gss_unwrap");
|
||||||
|
|
||||||
|
write_token (sock, output_token);
|
||||||
|
|
||||||
|
gss_release_buffer(&min_stat, output_token);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -128,6 +128,25 @@ process_it(int sock,
|
|||||||
gss_release_buffer (&min_stat, input_token);
|
gss_release_buffer (&min_stat, input_token);
|
||||||
gss_release_buffer (&min_stat, output_token);
|
gss_release_buffer (&min_stat, output_token);
|
||||||
|
|
||||||
|
input_token->value = "hejhej";
|
||||||
|
input_token->length = 6;
|
||||||
|
|
||||||
|
maj_stat = gss_wrap (&min_stat,
|
||||||
|
context_hdl,
|
||||||
|
1,
|
||||||
|
GSS_C_QOP_DEFAULT,
|
||||||
|
input_token,
|
||||||
|
NULL,
|
||||||
|
output_token);
|
||||||
|
|
||||||
|
write_token (sock, output_token);
|
||||||
|
gss_release_buffer (&min_stat, output_token);
|
||||||
|
|
||||||
|
read_token (sock, input_token);
|
||||||
|
|
||||||
|
if (input_token->length != 6 && memcmp(input_token->value, "hejhej", 6) != 0)
|
||||||
|
errx(1, "invalid reply");
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -302,6 +321,9 @@ doit (int port, const char *service)
|
|||||||
int one = 1;
|
int one = 1;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
if (keytab_str)
|
||||||
|
gsskrb5_register_acceptor_identity(keytab_str);
|
||||||
|
|
||||||
sock = socket (AF_INET, SOCK_STREAM, 0);
|
sock = socket (AF_INET, SOCK_STREAM, 0);
|
||||||
if (sock < 0)
|
if (sock < 0)
|
||||||
err (1, "socket");
|
err (1, "socket");
|
||||||
|
|||||||
@@ -80,6 +80,7 @@
|
|||||||
|
|
||||||
extern char *service;
|
extern char *service;
|
||||||
extern char *mech;
|
extern char *mech;
|
||||||
|
extern char *keytab_str;
|
||||||
extern krb5_keytab keytab;
|
extern krb5_keytab keytab;
|
||||||
extern int fork_flag;
|
extern int fork_flag;
|
||||||
int server_setup(krb5_context*, int, char**);
|
int server_setup(krb5_context*, int, char**);
|
||||||
|
|||||||
Reference in New Issue
Block a user