Implement test forr ad-fx-armor

Implement a test program to replace the TGT in the ccache with a
ticket with the ad-fx-armor authorization data.  This can be used to
confirm that a KDC honors this authorization data.

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/fast@22164 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/krb/Makefile.in b/src/lib/krb5/krb/Makefile.in
index aafc5ebae6f3a3af6b6fbddf60a81383a11ed7be..890c3119762469bf231f874abbbfe282a49cca3f 100644 (file)
--- a/src/lib/krb5/krb/Makefile.in
+++ b/src/lib/krb5/krb/Makefile.in
@@ -271,6 +271,7 @@ SRCS=       $(srcdir)/addr_comp.c   \
        $(srcdir)/srv_dec_tkt.c \
        $(srcdir)/srv_rcache.c  \
        $(srcdir)/str_conv.c    \
+       $(srcdir)/t_ad_fx_armor.c \
        $(srcdir)/tgtname.c     \
        $(srcdir)/unparse.c     \
        $(srcdir)/valid_times.c \
@@ -311,6 +312,9 @@ T_DELTAT_OBJS= t_deltat.o deltat.o
 
 t_walk_rtree: $(T_WALK_RTREE_OBJS) $(KRB5_BASE_DEPLIBS)
        $(CC_LINK) -o t_walk_rtree $(T_WALK_RTREE_OBJS) $(KRB5_BASE_LIBS)
+t_ad_fx_armor: t_ad_fx_armor.o
+       $(CC_LINK) -o $@ $< $(KRB5_BASE_LIBS)
+
 t_authdata: t_authdata.o copy_auth.o
        $(CC_LINK) -o $@ $< copy_auth.o $(KRB5_BASE_LIBS)
 

diff --git a/src/lib/krb5/krb/t_ad_fx_armor.c b/src/lib/krb5/krb/t_ad_fx_armor.c
new file mode 100644 (file)
index 0000000..74d7e5f
--- /dev/null
+++ b/src/lib/krb5/krb/t_ad_fx_armor.c
@@ -0,0 +1,36 @@
+#include <memory.h>
+#include <stdio.h>
+#include <krb5/krb5.h>
+
+#define test(x) do {retval = (x); \
+  if(retval != 0) {                                            \
+  const char *errmsg = krb5_get_error_message(context, retval);        \
+  fprintf(stderr, "Error message: %s\n", errmsg); \
+  abort(); } \
+  } while(0);
+
+krb5_authdata ad_fx_armor = {0, KRB5_AUTHDATA_FX_ARMOR, 1, ""};
+krb5_authdata *array[] = {&ad_fx_armor, NULL};
+
+
+int main( int argc, char **argv)
+{
+    krb5_context context;
+    krb5_ccache ccache = NULL;
+    krb5_creds creds, *out_creds = NULL;
+    krb5_error_code retval = 0;
+    test(krb5_init_context(&context));
+    memset(&creds, 0, sizeof(creds));
+    creds.authdata = array;
+    test(krb5_cc_default(context, &ccache));
+    test(krb5_cc_get_principal(context, ccache, &creds.client));
+    test(krb5_parse_name(context, argv[1], &creds.server));
+    test(krb5_get_credentials(context, 0, ccache, &creds, &out_creds));
+    test(krb5_cc_destroy(context, ccache));
+    test(krb5_cc_default(context, &ccache));
+    test(krb5_cc_initialize(context, ccache, out_creds->client));
+    test(krb5_cc_store_cred(context, ccache, out_creds));
+    test(krb5_cc_close(context,ccache));
+    return 0;
+                
+}