krb5_child-test.c revision b186ed8ce10ac711ccde35f6ec5131bcdd59f668
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek/*
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek SSSD
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek Unit tests - exercise the krb5 child
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek Authors:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek Jakub Hrozek <jhrozek@redhat.com>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek Copyright (C) 2012 Red Hat
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek This program is free software; you can redistribute it and/or modify
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek it under the terms of the GNU General Public License as published by
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek the Free Software Foundation; either version 3 of the License, or
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek (at your option) any later version.
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek This program is distributed in the hope that it will be useful,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek but WITHOUT ANY WARRANTY; without even the implied warranty of
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek GNU General Public License for more details.
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek You should have received a copy of the GNU General Public License
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek along with this program. If not, see <http://www.gnu.org/licenses/>.
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek*/
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include <stdio.h>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include <stdlib.h>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include <talloc.h>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include <popt.h>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include <errno.h>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include <unistd.h>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include <limits.h>
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include "util/util.h"
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include "src/tools/tools_util.h"
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek/* Interfaces being tested */
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include "providers/krb5/krb5_auth.h"
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include "providers/krb5/krb5_common.h"
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#include "providers/krb5/krb5_utils.h"
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekextern struct dp_option default_krb5_opts[];
fd8595874aa06c8057740001ec465ba76b4af142Jakub Hrozekextern struct sss_krb5_cc_be file_cc;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozekextern struct sss_krb5_cc_be dir_cc;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic krb5_context krb5_error_ctx;
95cc3f4be93d3cb5bb28bb3787f0aace4edb3124Jakub Hrozek#define KRB5_CHILD_TEST_DEBUG(level, error) KRB5_DEBUG(level, krb5_error_ctx, error)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#define CHECK_KRET(kret, err) do { \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (kret) { \
95cc3f4be93d3cb5bb28bb3787f0aace4edb3124Jakub Hrozek KRB5_CHILD_TEST_DEBUG(SSSDBG_OP_FAILURE, kret); \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return err; \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek } \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek} while(0) \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek#define CHECK_KRET_L(kret, err, label) do { \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (kret) { \
95cc3f4be93d3cb5bb28bb3787f0aace4edb3124Jakub Hrozek KRB5_CHILD_TEST_DEBUG(SSSDBG_OP_FAILURE, kret); \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek goto label; \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek } \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek} while(0) \
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstruct krb5_child_test_ctx {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct tevent_context *ev;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5child_req *kr;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek bool done;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek errno_t child_ret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek uint8_t *buf;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ssize_t len;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5_child_response *res;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek};
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic errno_t
f232789430a080384188d5da89b19d874cf17513Jakub Hrozeksetup_krb5_child_test(TALLOC_CTX *mem_ctx, struct krb5_child_test_ctx **_ctx)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5_child_test_ctx *ctx;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ctx = talloc_zero(mem_ctx, struct krb5_child_test_ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!ctx) return ENOMEM;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ctx->ev = tevent_context_init(ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ctx->ev == NULL) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("Could not init tevent context"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek talloc_free(ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return EFAULT;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek *_ctx = ctx;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return EOK;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekint re_destructor(void *memctx)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5_ctx *ctx = (struct krb5_ctx *) memctx;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ctx->illegal_path_re) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pcre_free(ctx->illegal_path_re);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ctx->illegal_path_re = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return 0;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic struct krb5_ctx *
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekcreate_dummy_krb5_ctx(TALLOC_CTX *mem_ctx, const char *realm)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5_ctx *krb5_ctx;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *errstr;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek int errval;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek int errpos;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek int i;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek errno_t ret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_ctx = talloc_zero(mem_ctx, struct krb5_ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!krb5_ctx) return NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_ctx->illegal_path_re = pcre_compile2(ILLEGAL_PATH_PATTERN, 0,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek &errval, &errstr, &errpos, NULL);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (krb5_ctx->illegal_path_re == NULL) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ("Invalid Regular Expression pattern at position %d. "
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "(Error: %d [%s])\n", errpos, errval, errstr));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek talloc_set_destructor((TALLOC_CTX *) krb5_ctx, re_destructor);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek /* Kerberos options */
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_ctx->opts = talloc_zero_array(krb5_ctx, struct dp_option, KRB5_OPTS);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!krb5_ctx->opts) goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek for (i = 0; i < KRB5_OPTS; i++) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_ctx->opts[i].opt_name = default_krb5_opts[i].opt_name;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_ctx->opts[i].type = default_krb5_opts[i].type;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_ctx->opts[i].def_val = default_krb5_opts[i].def_val;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek switch (krb5_ctx->opts[i].type) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek case DP_OPT_STRING:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = dp_opt_set_string(krb5_ctx->opts, i,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek default_krb5_opts[i].def_val.string);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek break;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek case DP_OPT_BLOB:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = dp_opt_set_blob(krb5_ctx->opts, i,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek default_krb5_opts[i].def_val.blob);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek break;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek case DP_OPT_NUMBER:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = dp_opt_set_int(krb5_ctx->opts, i,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek default_krb5_opts[i].def_val.number);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek break;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek case DP_OPT_BOOL:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = dp_opt_set_bool(krb5_ctx->opts, i,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek default_krb5_opts[i].def_val.boolean);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek break;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ret) goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = dp_opt_set_string(krb5_ctx->opts, KRB5_REALM, realm);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ret) goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return krb5_ctx;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekfail:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek talloc_free(krb5_ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic struct pam_data *
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekcreate_dummy_pam_data(TALLOC_CTX *mem_ctx, const char *user,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *password)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct pam_data *pd;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pd = talloc_zero(mem_ctx, struct pam_data);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!pd) goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pd->cmd = SSS_PAM_AUTHENTICATE;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pd->user = talloc_strdup(pd, user);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!pd->user) goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pd->authtok = discard_const(talloc_strdup(pd, password));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!pd->authtok) goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pd->authtok_size = strlen(password);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pd->authtok_type = SSS_AUTHTOK_TYPE_PASSWORD;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FUNC_DATA, ("Authtok [%s] len [%d]\n",
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pd->authtok, pd->authtok_size));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return pd;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekfail:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek talloc_free(pd);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic struct krb5child_req *
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekcreate_dummy_req(TALLOC_CTX *mem_ctx, const char *user,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *password, const char *realm,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *ccname, const char *ccname_template,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek int timeout)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek enum sss_krb5_cc_type cc_be;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5child_req *kr;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct passwd *pwd;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek bool private;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek errno_t ret;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek const char *tmpl;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek /* The top level child request */
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kr = talloc_zero(mem_ctx, struct krb5child_req);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!kr) return NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pwd = getpwnam(user);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!pwd) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FATAL_FAILURE,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ("Cannot get info on user [%s]\n", user));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kr->uid = pwd->pw_uid;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kr->gid = pwd->pw_gid;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek /* The Kerberos context */
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kr->krb5_ctx = create_dummy_krb5_ctx(kr, realm);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek /* PAM Data structure */
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kr->pd = create_dummy_pam_data(kr, user, password);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = krb5_get_simple_upn(kr, kr->krb5_ctx, kr->pd->user, &kr->upn);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ret != EOK) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("krb5_get_simple_upn failed.\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek /* Override options with what was provided by the user */
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ccname_template) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = dp_opt_set_string(kr->krb5_ctx->opts, KRB5_CCNAME_TMPL,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ccname_template);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ret != EOK) goto fail;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek tmpl = ccname_template;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek } else {
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek tmpl = dp_opt_get_cstring(kr->krb5_ctx->opts, KRB5_CCNAME_TMPL);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (timeout) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek dp_opt_set_int(kr->krb5_ctx->opts, KRB5_AUTH_TIMEOUT, timeout);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!ccname) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kr->ccname = expand_ccname_template(kr, kr,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek dp_opt_get_cstring(kr->krb5_ctx->opts,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek KRB5_CCNAME_TMPL),
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek true, true, &private);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!kr->ccname) goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FUNC_DATA, ("ccname [%s] uid [%llu] gid [%llu]\n",
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kr->ccname, kr->uid, kr->gid));
fd8595874aa06c8057740001ec465ba76b4af142Jakub Hrozek } else {
fd8595874aa06c8057740001ec465ba76b4af142Jakub Hrozek kr->ccname = talloc_strdup(kr, ccname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
fd8595874aa06c8057740001ec465ba76b4af142Jakub Hrozek if (!kr->ccname) goto fail;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek cc_be = sss_krb5_get_type(kr->ccname);
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek switch (cc_be) {
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek case SSS_KRB5_TYPE_FILE:
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek kr->krb5_ctx->cc_be = &file_cc;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek break;
6ca87e797982061576885f944e2ccfaba9573897Stephen Gallagher#ifdef HAVE_KRB5_DIRCACHE
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek case SSS_KRB5_TYPE_DIR:
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek kr->krb5_ctx->cc_be = &dir_cc;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek break;
6ca87e797982061576885f944e2ccfaba9573897Stephen Gallagher#endif /* HAVE_KRB5_DIRCACHE */
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek default:
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek if (tmpl[0] != '/') {
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("Unkown ccname database\n"));
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek ret = EINVAL;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek goto fail;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek }
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek DEBUG(SSSDBG_CONF_SETTINGS, ("The ccname template was "
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek "missing an explicit type, but looks like an absolute "
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek "path specifier. Assuming FILE:\n"));
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek kr->krb5_ctx->cc_be = &file_cc;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek break;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek }
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek DEBUG(SSSDBG_FUNC_DATA, ("ccname [%s] uid [%llu] gid [%llu]\n",
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek kr->ccname, kr->uid, kr->gid));
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek ret = kr->krb5_ctx->cc_be->create(kr->ccname,
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek kr->krb5_ctx->illegal_path_re,
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek kr->uid, kr->gid, private);
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek if (ret != EOK) {
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("create_ccache_dir failed.\n"));
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek goto fail;
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek }
9a3ba9ca00e73adc3fb17ce8afa532076768023bJakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return kr;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekfail:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek talloc_free(kr);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic void
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekchild_done(struct tevent_req *req)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5_child_test_ctx *ctx = tevent_req_callback_data(req,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5_child_test_ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek errno_t ret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = handle_child_recv(req, ctx, &ctx->buf, &ctx->len);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek talloc_free(req);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ctx->done = true;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ctx->child_ret = ret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic void
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekprinttime(krb5_timestamp ts)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_error_code kret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek char timestring[BUFSIZ];
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek char fill = '\0';
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
5dc9860a9f0aa626687281eed62c8af1986c2b99Rambaldi#ifdef HAVE_KRB5_TIMESTAMP_TO_SFSTRING
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kret = krb5_timestamp_to_sfstring(ts, timestring, BUFSIZ, &fill);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (kret) {
95cc3f4be93d3cb5bb28bb3787f0aace4edb3124Jakub Hrozek KRB5_CHILD_TEST_DEBUG(SSSDBG_OP_FAILURE, kret);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("%s", timestring);
5dc9860a9f0aa626687281eed62c8af1986c2b99Rambaldi#else
5dc9860a9f0aa626687281eed62c8af1986c2b99Rambaldi printf("%s", ctime(&ts));
5dc9860a9f0aa626687281eed62c8af1986c2b99Rambaldi#endif /* HAVE_KRB5_TIMESTAMP_TO_SFSTRING */
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic void
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekprint_creds(krb5_context kcontext, krb5_creds *cred, const char *defname)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_error_code kret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek char *name = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek char *sname = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kret = krb5_unparse_name(kcontext, cred->client, &name);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek CHECK_KRET_L(kret, EIO, done);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kret = krb5_unparse_name(kcontext, cred->server, &sname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek CHECK_KRET_L(kret, EIO, done);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!cred->times.starttime) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek cred->times.starttime = cred->times.authtime;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("\t\t%s\n", sname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("\t\tValid from\t"); printtime(cred->times.starttime);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("\n\t\tValid until\t"); printtime(cred->times.endtime);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("\n");
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (strcmp(name, defname)) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("\t\tfor client %s", name);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekdone:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_free_unparsed_name(kcontext, name);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_free_unparsed_name(kcontext, sname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekstatic errno_t
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekprint_ccache(const char *cc)
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_cc_cursor cur;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_ccache cache = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_error_code kret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_context kcontext = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_principal_data *princ = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_creds creds;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek char *defname = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek int i = 1;
b186ed8ce10ac711ccde35f6ec5131bcdd59f668Stephen Gallagher errno_t ret = EIO;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kret = krb5_init_context(&kcontext);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek CHECK_KRET_L(kret, EIO, done);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kret = krb5_cc_resolve(kcontext, cc, &cache);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek CHECK_KRET_L(kret, EIO, done);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kret = krb5_cc_get_principal(kcontext, cache, &princ);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek CHECK_KRET_L(kret, EIO, done);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kret = krb5_unparse_name(kcontext, princ, &defname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek CHECK_KRET_L(kret, EIO, done);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("\nTicket cache: %s:%s\nDefault principal: %s\n\n",
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_cc_get_type(kcontext, cache),
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_cc_get_name(kcontext, cache), defname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek kret = krb5_cc_start_seq_get(kcontext, cache, &cur);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek CHECK_KRET_L(kret, EIO, done);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek while (!(kret = krb5_cc_next_cred(kcontext, cache, &cur, &creds))) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("Ticket #%d:\n", i);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek print_creds(kcontext, &creds, defname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_free_cred_contents(kcontext, &creds);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_cc_end_seq_get(kcontext, cache, &cur);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek CHECK_KRET_L(kret, EIO, done);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = EOK;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekdone:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_cc_close(kcontext, cache);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_free_unparsed_name(kcontext, defname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_free_principal(kcontext, princ);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek krb5_free_context(kcontext);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return ret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekint
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekmain(int argc, const char *argv[])
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek{
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek int opt;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek errno_t ret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct krb5_child_test_ctx *ctx = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct tevent_req *req;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek int pc_debug = 0;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek int pc_timeout = 0;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *pc_user = NULL;;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *pc_passwd = NULL;;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *pc_realm = NULL;;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *pc_ccname = NULL;;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek const char *pc_ccname_tp = NULL;;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek char *password = NULL;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek bool rm_ccache = true;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek poptContext pc;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek struct poptOption long_options[] = {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek POPT_AUTOHELP
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &pc_debug, 0,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "The debug level to run with", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "user", 'u', POPT_ARG_STRING, &pc_user, 0,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "The user to log in as", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "password", 'w', POPT_ARG_STRING, &pc_passwd, 0,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "The authtok to use", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "ask-password", 'W', POPT_ARG_NONE, NULL, 'W',
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "Ask interactively for authtok", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "ccname", 'c', POPT_ARG_STRING, &pc_ccname, 0,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "Force usage of a certain credential cache", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "ccname-template", 't', POPT_ARG_STRING, &pc_ccname_tp, 0,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "Specify the credential cache template", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "realm", 'r', POPT_ARG_STRING, &pc_realm, 0,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "The Kerberos realm to use", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "keep-ccache", 'k', POPT_ARG_NONE, NULL, 'k',
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "Do not delete the ccache when the tool finishes", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek { "timeout", '\0', POPT_ARG_INT, &pc_timeout, 0,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "The timeout for the child, in seconds", NULL },
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek POPT_TABLEEND
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek };
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek debug_prg_name = argv[0];
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pc = poptGetContext(NULL, argc, argv, long_options, 0);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek while ((opt = poptGetNextOpt(pc)) > 0) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek switch(opt) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek case 'W':
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek errno = 0;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek password = getpass("Enter password:");
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!password) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return 1;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek break;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek case 'k':
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek rm_ccache = false;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek break;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek default:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FATAL_FAILURE, ("Unexpected option\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return 1;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek debug_level = debug_convert_old_level(pc_debug);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (opt != -1) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek poptPrintUsage(pc, stderr, 0);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek fprintf(stderr, "%s", poptStrerror(opt));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return 1;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!pc_user) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FATAL_FAILURE, ("Please specify the user\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek poptPrintUsage(pc, stderr, 0);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return 1;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!pc_realm) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FATAL_FAILURE, ("Please specify the realm\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek poptPrintUsage(pc, stderr, 0);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return 1;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!password && !pc_passwd) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FATAL_FAILURE,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ("Password was not provided or asked for\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek poptPrintUsage(pc, stderr, 0);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return 1;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (pc_ccname && pc_ccname_tp) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_MINOR_FAILURE,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ("Both ccname and ccname template specified, "
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek "will prefer ccname\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = setup_krb5_child_test(NULL, &ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ret != EOK) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek poptPrintUsage(pc, stderr, 0);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek fprintf(stderr, "%s", poptStrerror(opt));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return 3;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ctx->kr = create_dummy_req(ctx, pc_user, password ? password : pc_passwd,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek pc_realm, pc_ccname, pc_ccname_tp, pc_timeout);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!ctx->kr) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FATAL_FAILURE, ("Cannot create Kerberos request\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = 4;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek goto done;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek req = handle_child_send(ctx, ctx->ev, ctx->kr);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!req) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FATAL_FAILURE, ("Cannot create child request\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = 4;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek goto done;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek tevent_req_set_callback(req, child_done, ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek while (ctx->done == false) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek tevent_loop_once(ctx->ev);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek printf("Child returned %d\n", ctx->child_ret);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = parse_krb5_child_response(ctx, ctx->buf, ctx->len,
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ctx->kr->pd, 0, &ctx->res);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (ret != EOK) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek DEBUG(SSSDBG_FATAL_FAILURE, ("Could not parse child response\n"));
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = 5;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek goto done;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (!ctx->res->ccname) {
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek fprintf(stderr, "No ccname returned\n");
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = 6;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek goto done;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek print_ccache(ctx->res->ccname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek ret = 0;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozekdone:
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek if (rm_ccache && ctx->res && ctx->res->ccname) {
fd8595874aa06c8057740001ec465ba76b4af142Jakub Hrozek ctx->kr->krb5_ctx->cc_be->remove(ctx->res->ccname);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek }
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek free(password);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek talloc_free(ctx);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek poptFreeContext(pc);
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek return ret;
f232789430a080384188d5da89b19d874cf17513Jakub Hrozek}