From 0fdc59ef5e538fdf0fd65fa190483e84289f66c1 Mon Sep 17 00:00:00 2001 From: sashan Date: Sat, 28 Nov 2020 00:27:47 +0100 Subject: [PATCH] Update t_rcache.c for new replay cache interface Commit dcb853ac32779b173f39e19c0f24b0087de8577 changed the internal replay cache interface. Update tests/threads/t_rcache.c to match. [ghudson@mit.edu: edited commit message; simplified code changes; added k5_rc_store to libkrb5 export list] --- src/lib/krb5/libkrb5.exports | 1 + src/tests/threads/Makefile.in | 4 +- src/tests/threads/t_rcache.c | 86 ++++++++++++++++++----------------- 3 files changed, 48 insertions(+), 43 deletions(-) diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports index c6472da3b3..e862ed3306 100644 --- a/src/lib/krb5/libkrb5.exports +++ b/src/lib/krb5/libkrb5.exports @@ -173,6 +173,7 @@ k5_plugin_register_dyn k5_rc_close k5_rc_get_name k5_rc_resolve +k5_rc_store k5_size_auth_context k5_size_authdata k5_size_authdata_context diff --git a/src/tests/threads/Makefile.in b/src/tests/threads/Makefile.in index bb1913c1ef..4e12b3731f 100644 --- a/src/tests/threads/Makefile.in +++ b/src/tests/threads/Makefile.in @@ -15,7 +15,7 @@ SRCS=$(srcdir)/t_rcache.c \ all: run-t_rcache: t_rcache - $(RUN_TEST) ./t_rcache + $(RUN_TEST) ./t_rcache file2:test.rcache2 t_rcache: t_rcache.o $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o t_rcache t_rcache.o $(KRB5_BASE_LIBS) $(THREAD_LINKOPTS) @@ -37,4 +37,4 @@ profread: profread.o $(KRB5_BASE_DEPLIBS) install: clean: - $(RM) *.o t_rcache syms prof1 gss-perf + $(RM) *.o t_rcache syms prof1 gss-perf test.rcache2 diff --git a/src/tests/threads/t_rcache.c b/src/tests/threads/t_rcache.c index 6aa773ae36..07c45cca29 100644 --- a/src/tests/threads/t_rcache.c +++ b/src/tests/threads/t_rcache.c @@ -31,7 +31,7 @@ krb5_context ctx; krb5_rcache rcache; -krb5_data piece = { .data = "hello", .length = 5 }; +const char *rcname; time_t end_time; const char *prog; @@ -60,19 +60,45 @@ static void wait_for_tick () } while (now == next); } +/* Encrypt data into out (preallocated by the caller) with a random key. */ +static krb5_error_code encrypt_data (krb5_data *data, krb5_enc_data *out) +{ + krb5_keyblock kb; + krb5_error_code err; + + err = krb5_c_make_random_key(ctx, ENCTYPE_AES256_CTS_HMAC_SHA1_96, + &kb); + if (err) + return err; + err = krb5_c_encrypt(ctx, &kb, KRB5_KEYUSAGE_TGS_REQ_AUTH, NULL, data, + out); + krb5_free_keyblock_contents(ctx, &kb); + return err; +} + static void try_one (struct tinfo *t) { - krb5_donot_replay r; krb5_error_code err; - char buf[100], buf2[100], tag[8]; + char buf[256], buf2[512]; krb5_rcache my_rcache; + krb5_data d; + krb5_enc_data enc; snprintf(buf, sizeof(buf), "host/all-in-one.mit.edu/%p@ATHENA.MIT.EDU", buf); - r.server = buf; - r.client = (t->my_cusec & 7) + "abcdefgh@ATHENA.MIT.EDU"; - r.msghash = NULL; - r.tag = empty_data(); + + /* k5_rc_store() requires a ciphertext. Create one by encrypting a dummy + * value in a random key. */ + d = string2data(buf); + enc.ciphertext = make_data(buf2, sizeof(buf2)); + err = encrypt_data(&d, &enc); + if (err != 0) { + const char *msg = krb5_get_error_message(ctx, err); + fprintf(stderr, "%s: encrypting authenticator: %s\n", prog, msg); + krb5_free_error_message(ctx, msg); + exit(1); + } + if (t->now != t->my_ctime) { if (t->my_ctime != 0) { snprintf(buf2, sizeof(buf2), "%3d: %ld %5d\n", t->idx, @@ -83,13 +109,8 @@ static void try_one (struct tinfo *t) t->my_cusec = 1; } else t->my_cusec++; - r.ctime = t->my_ctime; - r.cusec = t->my_cusec; - store_32_be(r.ctime, tag); - store_32_be(r.cusec, tag + 4); - r.tag = make_data(tag, 8); if (!init_once) { - err = krb5_get_server_rcache(ctx, &piece, &my_rcache); + err = k5_rc_resolve(ctx, rcname, &my_rcache); if (err) { const char *msg = krb5_get_error_message(ctx, err); fprintf(stderr, "%s: %s while initializing replay cache\n", prog, msg); @@ -98,13 +119,13 @@ static void try_one (struct tinfo *t) } } else my_rcache = rcache; - err = krb5_rc_store(ctx, my_rcache, &r); + err = k5_rc_store(ctx, my_rcache, &enc); if (err) { com_err(prog, err, "storing in replay cache"); exit(1); } if (!init_once) - krb5_rc_close(ctx, my_rcache); + k5_rc_close(ctx, my_rcache); } static void *run_a_loop (void *x) @@ -127,7 +148,7 @@ static void *run_a_loop (void *x) static void usage(void) { - fprintf (stderr, "usage: %s [ options ]\n", prog); + fprintf (stderr, "usage: %s [ options ] rcname\n", prog); fprintf (stderr, "options:\n"); fprintf (stderr, "\t-1\tcreate one rcache handle for process\n"); fprintf (stderr, "\t-t N\tnumber of threads to create (default: %d)\n", @@ -166,6 +187,12 @@ static void process_options (int argc, char *argv[]) break; } } + + argc -= optind; + argv += optind; + if (argc != 1) + usage (); + rcname = argv[0]; } int main (int argc, char *argv[]) @@ -181,31 +208,8 @@ int main (int argc, char *argv[]) return 1; } - /* - * For consistency, run the tests without an existing replay - * cache. Since there isn't a way to ask the library for the - * pathname that would be used for the rcache, we create an rcache - * object and then destroy it. - */ - err = krb5_get_server_rcache(ctx, &piece, &rcache); - if (err) { - const char *msg = krb5_get_error_message(ctx, err); - fprintf(stderr, "%s: %s while initializing replay cache\n", prog, msg); - krb5_free_error_message(ctx, msg); - return 1; - } - err = krb5_rc_destroy(ctx, rcache); - if (err) { - const char *msg = krb5_get_error_message(ctx, err); - fprintf(stderr, "%s: %s while destroying old replay cache\n", - prog, msg); - krb5_free_error_message(ctx, msg); - return 1; - } - rcache = NULL; - if (init_once) { - err = krb5_get_server_rcache(ctx, &piece, &rcache); + err = k5_rc_resolve(ctx, rcname, &rcache); if (err) { const char *msg = krb5_get_error_message(ctx, err); fprintf(stderr, "%s: %s while initializing new replay cache\n", @@ -250,7 +254,7 @@ int main (int argc, char *argv[]) free(ip); if (init_once) - krb5_rc_close(ctx, rcache); + k5_rc_close(ctx, rcache); krb5_free_context(ctx); return 0; } -- 2.47.2