krb5 commit: Update t_rcache.c for new replay cache interface
Greg Hudson
ghudson at mit.edu
Tue Dec 8 14:54:45 EST 2020
https://github.com/krb5/krb5/commit/0fdc59ef5e538fdf0fd65fa190483e84289f66c1
commit 0fdc59ef5e538fdf0fd65fa190483e84289f66c1
Author: sashan <anedvedicky at gmail.com>
Date: Sat Nov 28 00:27:47 2020 +0100
Update t_rcache.c for new replay cache interface
Commit dcb853ac32779b173f39e19c0f24b0087de8577 changed the internal
replay cache interface. Update tests/threads/t_rcache.c to match.
[ghudson at mit.edu: edited commit message; simplified code changes;
added k5_rc_store to libkrb5 export list]
src/lib/krb5/libkrb5.exports | 1 +
src/tests/threads/Makefile.in | 4 +-
src/tests/threads/t_rcache.c | 86 +++++++++++++++++++++-------------------
3 files changed, 48 insertions(+), 43 deletions(-)
diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports
index c6472da..e862ed3 100644
--- a/src/lib/krb5/libkrb5.exports
+++ b/src/lib/krb5/libkrb5.exports
@@ -173,6 +173,7 @@ k5_plugin_register_dyn
k5_rc_close
k5_rc_get_name
k5_rc_resolve
+k5_rc_store
k5_size_auth_context
k5_size_authdata
k5_size_authdata_context
diff --git a/src/tests/threads/Makefile.in b/src/tests/threads/Makefile.in
index bb1913c..4e12b37 100644
--- a/src/tests/threads/Makefile.in
+++ b/src/tests/threads/Makefile.in
@@ -15,7 +15,7 @@ SRCS=$(srcdir)/t_rcache.c \
all:
run-t_rcache: t_rcache
- $(RUN_TEST) ./t_rcache
+ $(RUN_TEST) ./t_rcache file2:test.rcache2
t_rcache: t_rcache.o $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o t_rcache t_rcache.o $(KRB5_BASE_LIBS) $(THREAD_LINKOPTS)
@@ -37,4 +37,4 @@ profread: profread.o $(KRB5_BASE_DEPLIBS)
install:
clean:
- $(RM) *.o t_rcache syms prof1 gss-perf
+ $(RM) *.o t_rcache syms prof1 gss-perf test.rcache2
diff --git a/src/tests/threads/t_rcache.c b/src/tests/threads/t_rcache.c
index 6aa773a..07c45cc 100644
--- a/src/tests/threads/t_rcache.c
+++ b/src/tests/threads/t_rcache.c
@@ -31,7 +31,7 @@
krb5_context ctx;
krb5_rcache rcache;
-krb5_data piece = { .data = "hello", .length = 5 };
+const char *rcname;
time_t end_time;
const char *prog;
@@ -60,19 +60,45 @@ static void wait_for_tick ()
} while (now == next);
}
+/* Encrypt data into out (preallocated by the caller) with a random key. */
+static krb5_error_code encrypt_data (krb5_data *data, krb5_enc_data *out)
+{
+ krb5_keyblock kb;
+ krb5_error_code err;
+
+ err = krb5_c_make_random_key(ctx, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ &kb);
+ if (err)
+ return err;
+ err = krb5_c_encrypt(ctx, &kb, KRB5_KEYUSAGE_TGS_REQ_AUTH, NULL, data,
+ out);
+ krb5_free_keyblock_contents(ctx, &kb);
+ return err;
+}
+
static void try_one (struct tinfo *t)
{
- krb5_donot_replay r;
krb5_error_code err;
- char buf[100], buf2[100], tag[8];
+ char buf[256], buf2[512];
krb5_rcache my_rcache;
+ krb5_data d;
+ krb5_enc_data enc;
snprintf(buf, sizeof(buf), "host/all-in-one.mit.edu/%p at ATHENA.MIT.EDU",
buf);
- r.server = buf;
- r.client = (t->my_cusec & 7) + "abcdefgh at ATHENA.MIT.EDU";
- r.msghash = NULL;
- r.tag = empty_data();
+
+ /* k5_rc_store() requires a ciphertext. Create one by encrypting a dummy
+ * value in a random key. */
+ d = string2data(buf);
+ enc.ciphertext = make_data(buf2, sizeof(buf2));
+ err = encrypt_data(&d, &enc);
+ if (err != 0) {
+ const char *msg = krb5_get_error_message(ctx, err);
+ fprintf(stderr, "%s: encrypting authenticator: %s\n", prog, msg);
+ krb5_free_error_message(ctx, msg);
+ exit(1);
+ }
+
if (t->now != t->my_ctime) {
if (t->my_ctime != 0) {
snprintf(buf2, sizeof(buf2), "%3d: %ld %5d\n", t->idx,
@@ -83,13 +109,8 @@ static void try_one (struct tinfo *t)
t->my_cusec = 1;
} else
t->my_cusec++;
- r.ctime = t->my_ctime;
- r.cusec = t->my_cusec;
- store_32_be(r.ctime, tag);
- store_32_be(r.cusec, tag + 4);
- r.tag = make_data(tag, 8);
if (!init_once) {
- err = krb5_get_server_rcache(ctx, &piece, &my_rcache);
+ err = k5_rc_resolve(ctx, rcname, &my_rcache);
if (err) {
const char *msg = krb5_get_error_message(ctx, err);
fprintf(stderr, "%s: %s while initializing replay cache\n", prog, msg);
@@ -98,13 +119,13 @@ static void try_one (struct tinfo *t)
}
} else
my_rcache = rcache;
- err = krb5_rc_store(ctx, my_rcache, &r);
+ err = k5_rc_store(ctx, my_rcache, &enc);
if (err) {
com_err(prog, err, "storing in replay cache");
exit(1);
}
if (!init_once)
- krb5_rc_close(ctx, my_rcache);
+ k5_rc_close(ctx, my_rcache);
}
static void *run_a_loop (void *x)
@@ -127,7 +148,7 @@ static void *run_a_loop (void *x)
static void usage(void)
{
- fprintf (stderr, "usage: %s [ options ]\n", prog);
+ fprintf (stderr, "usage: %s [ options ] rcname\n", prog);
fprintf (stderr, "options:\n");
fprintf (stderr, "\t-1\tcreate one rcache handle for process\n");
fprintf (stderr, "\t-t N\tnumber of threads to create (default: %d)\n",
@@ -166,6 +187,12 @@ static void process_options (int argc, char *argv[])
break;
}
}
+
+ argc -= optind;
+ argv += optind;
+ if (argc != 1)
+ usage ();
+ rcname = argv[0];
}
int main (int argc, char *argv[])
@@ -181,31 +208,8 @@ int main (int argc, char *argv[])
return 1;
}
- /*
- * For consistency, run the tests without an existing replay
- * cache. Since there isn't a way to ask the library for the
- * pathname that would be used for the rcache, we create an rcache
- * object and then destroy it.
- */
- err = krb5_get_server_rcache(ctx, &piece, &rcache);
- if (err) {
- const char *msg = krb5_get_error_message(ctx, err);
- fprintf(stderr, "%s: %s while initializing replay cache\n", prog, msg);
- krb5_free_error_message(ctx, msg);
- return 1;
- }
- err = krb5_rc_destroy(ctx, rcache);
- if (err) {
- const char *msg = krb5_get_error_message(ctx, err);
- fprintf(stderr, "%s: %s while destroying old replay cache\n",
- prog, msg);
- krb5_free_error_message(ctx, msg);
- return 1;
- }
- rcache = NULL;
-
if (init_once) {
- err = krb5_get_server_rcache(ctx, &piece, &rcache);
+ err = k5_rc_resolve(ctx, rcname, &rcache);
if (err) {
const char *msg = krb5_get_error_message(ctx, err);
fprintf(stderr, "%s: %s while initializing new replay cache\n",
@@ -250,7 +254,7 @@ int main (int argc, char *argv[])
free(ip);
if (init_once)
- krb5_rc_close(ctx, rcache);
+ k5_rc_close(ctx, rcache);
krb5_free_context(ctx);
return 0;
}
More information about the cvs-krb5
mailing list