diff options
Diffstat (limited to 'src/tests/icred.c')
-rw-r--r-- | src/tests/icred.c | 67 |
1 files changed, 51 insertions, 16 deletions
diff --git a/src/tests/icred.c b/src/tests/icred.c index 071f91c80219..55f929cd7e77 100644 --- a/src/tests/icred.c +++ b/src/tests/icred.c @@ -35,8 +35,8 @@ * it is very simplistic, but it can be extended as needed. */ +#include "k5-platform.h" #include <krb5.h> -#include <stdio.h> static krb5_context ctx; @@ -59,29 +59,64 @@ main(int argc, char **argv) const char *princstr, *password; krb5_principal client; krb5_init_creds_context icc; + krb5_get_init_creds_opt *opt; krb5_creds creds; + krb5_boolean stepwise = FALSE; + krb5_preauthtype ptypes[64]; + int c, nptypes = 0; + char *val; - if (argc != 3) { - fprintf(stderr, "Usage: icred princname password\n"); - exit(1); + check(krb5_init_context(&ctx)); + check(krb5_get_init_creds_opt_alloc(ctx, &opt)); + + while ((c = getopt(argc, argv, "so:X:")) != -1) { + switch (c) { + case 's': + stepwise = TRUE; + break; + case 'o': + assert(nptypes < 64); + ptypes[nptypes++] = atoi(optarg); + break; + case 'X': + val = strchr(optarg, '='); + if (val != NULL) + *val++ = '\0'; + else + val = "yes"; + check(krb5_get_init_creds_opt_set_pa(ctx, opt, optarg, val)); + break; + default: + abort(); + } } - princstr = argv[1]; - password = argv[2]; - check(krb5_init_context(&ctx)); + argc -= optind; + argv += optind; + if (argc != 2) + abort(); + princstr = argv[0]; + password = argv[1]; + check(krb5_parse_name(ctx, princstr, &client)); - /* Try once with the traditional interface. */ - check(krb5_get_init_creds_password(ctx, &creds, client, password, NULL, - NULL, 0, NULL, NULL)); - krb5_free_cred_contents(ctx, &creds); + if (nptypes > 0) + krb5_get_init_creds_opt_set_preauth_list(opt, ptypes, nptypes); - /* Try again with the step interface. */ - check(krb5_init_creds_init(ctx, client, NULL, NULL, 0, NULL, &icc)); - check(krb5_init_creds_set_password(ctx, icc, password)); - check(krb5_init_creds_get(ctx, icc)); - krb5_init_creds_free(ctx, icc); + if (stepwise) { + /* Use the stepwise interface. */ + check(krb5_init_creds_init(ctx, client, NULL, NULL, 0, NULL, &icc)); + check(krb5_init_creds_set_password(ctx, icc, password)); + check(krb5_init_creds_get(ctx, icc)); + krb5_init_creds_free(ctx, icc); + } else { + /* Use the traditional one-shot interface. */ + check(krb5_get_init_creds_password(ctx, &creds, client, password, NULL, + NULL, 0, NULL, opt)); + krb5_free_cred_contents(ctx, &creds); + } + krb5_get_init_creds_opt_free(ctx, opt); krb5_free_principal(ctx, client); krb5_free_context(ctx); return 0; |