From: Sam Hartman <hartmans@mit.edu>
Date: Fri, 3 Apr 2009 03:39:53 +0000 (+0000)
Subject: Implement test forr ad-fx-armor
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=54b110b9c3a697351457fdf607ec7d5844e4ba57;p=thirdparty%2Fkrb5.git

Implement test forr ad-fx-armor

Implement a test program to replace the TGT in the ccache with a
ticket with the ad-fx-armor authorization data.  This can be used to
confirm that a KDC honors this authorization data.

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/fast@22164 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/krb5/krb/Makefile.in b/src/lib/krb5/krb/Makefile.in
index aafc5ebae6..890c311976 100644
--- a/src/lib/krb5/krb/Makefile.in
+++ b/src/lib/krb5/krb/Makefile.in
@@ -271,6 +271,7 @@ SRCS=	$(srcdir)/addr_comp.c	\
 	$(srcdir)/srv_dec_tkt.c	\
 	$(srcdir)/srv_rcache.c	\
 	$(srcdir)/str_conv.c	\
+	$(srcdir)/t_ad_fx_armor.c \
 	$(srcdir)/tgtname.c	\
 	$(srcdir)/unparse.c	\
 	$(srcdir)/valid_times.c	\
@@ -311,6 +312,9 @@ T_DELTAT_OBJS= t_deltat.o deltat.o
 
 t_walk_rtree: $(T_WALK_RTREE_OBJS) $(KRB5_BASE_DEPLIBS)
 	$(CC_LINK) -o t_walk_rtree $(T_WALK_RTREE_OBJS) $(KRB5_BASE_LIBS)
+t_ad_fx_armor: t_ad_fx_armor.o
+	$(CC_LINK) -o $@ $< $(KRB5_BASE_LIBS)
+
 t_authdata: t_authdata.o copy_auth.o
 	$(CC_LINK) -o $@ $< copy_auth.o $(KRB5_BASE_LIBS)
 
diff --git a/src/lib/krb5/krb/t_ad_fx_armor.c b/src/lib/krb5/krb/t_ad_fx_armor.c
new file mode 100644
index 0000000000..74d7e5f1ab
--- /dev/null
+++ b/src/lib/krb5/krb/t_ad_fx_armor.c
@@ -0,0 +1,36 @@
+#include <memory.h>
+#include <stdio.h>
+#include <krb5/krb5.h>
+
+#define test(x) do {retval = (x); \
+  if(retval != 0) {						\
+  const char *errmsg = krb5_get_error_message(context, retval);	\
+  fprintf(stderr, "Error message: %s\n", errmsg); \
+  abort(); } \
+  } while(0);
+
+krb5_authdata ad_fx_armor = {0, KRB5_AUTHDATA_FX_ARMOR, 1, ""};
+krb5_authdata *array[] = {&ad_fx_armor, NULL};
+
+
+int main( int argc, char **argv)
+{
+    krb5_context context;
+    krb5_ccache ccache = NULL;
+    krb5_creds creds, *out_creds = NULL;
+    krb5_error_code retval = 0;
+    test(krb5_init_context(&context));
+    memset(&creds, 0, sizeof(creds));
+    creds.authdata = array;
+    test(krb5_cc_default(context, &ccache));
+    test(krb5_cc_get_principal(context, ccache, &creds.client));
+    test(krb5_parse_name(context, argv[1], &creds.server));
+    test(krb5_get_credentials(context, 0, ccache, &creds, &out_creds));
+    test(krb5_cc_destroy(context, ccache));
+    test(krb5_cc_default(context, &ccache));
+    test(krb5_cc_initialize(context, ccache, out_creds->client));
+    test(krb5_cc_store_cred(context, ccache, out_creds));
+    test(krb5_cc_close(context,ccache));
+    return 0;
+		 
+}