1 /* testsuite.c -- Stress the library a little
4 * $Id: testsuite.c,v 1.46 2006/04/25 14:39:04 mel Exp $
7 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. The name "Carnegie Mellon University" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For permission or any other legal
24 * details, please contact
25 * Office of Technology Transfer
26 * Carnegie Mellon University
28 * Pittsburgh, PA 15213-3890
29 * (412) 268-4387, fax: (412) 268-7395
30 * tech-transfer@andrew.cmu.edu
32 * 4. Redistributions of any form whatsoever must retain the following
34 * "This product includes software developed by Computing Services
35 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
37 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
38 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
39 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
40 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
41 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
42 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
43 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
47 * To create a krb5 srvtab file given a krb4 srvtab
50 * ktutil: rst /etc/srvtab
51 * ktutil: wkt /etc/krb5.keytab
57 * put in alloc() routines that fail occasionally.
68 #include <md5global.h>
79 #include <netinet/in.h>
81 #include <sys/socket.h>
82 #include <arpa/inet.h>
87 __declspec(dllimport) char *optarg;
88 __declspec(dllimport) int optind;
89 __declspec(dllimport) int getsubopt(char **optionp, char * const *tokens, char **valuep);
92 char myhostname[1024+1];
93 #define MAX_STEPS 7 /* maximum steps any mechanism takes */
95 #define CLIENT_TO_SERVER "Hello. Here is some stuff"
97 #define REALLY_LONG_LENGTH 32000
98 #define REALLY_LONG_BACKOFF 2000
100 const char *username = "murch";
101 const char *nonexistant_username = "ABCDEFGHIJ";
102 const char *authname = "murch";
103 const char *proxyasname = "murchproxy";
104 const char *password = "1234";
105 sasl_secret_t * g_secret = NULL;
106 const char *cu_plugin = "INTERNAL";
107 char other_result[1024];
111 static const char *gssapi_service = "host";
113 /* our types of failures */
116 ONEBYTE_RANDOM, /* replace one byte with something random */
117 ONEBYTE_NULL, /* replace one byte with a null */
118 ONEBYTE_QUOTES, /* replace one byte with a double quote
119 (try to fuck with digest-md5) */
120 ONLY_ONE_BYTE, /* send only one byte */
121 ADDSOME, /* add some random bytes onto the end */
122 SHORTEN, /* shorten the string some */
123 REASONABLE_RANDOM, /* send same size but random */
124 REALLYBIG, /* send something absurdly large all random */
125 NEGATIVE_LENGTH, /* send negative length */
126 CORRUPT_SIZE /* keep this one last */
129 const char *corrupt_types[] = {
143 void fatal(char *str)
145 printf("Failed with: %s\n",str);
149 /* interactions we support */
150 static sasl_callback_t client_interactions[] = {
152 SASL_CB_GETREALM, NULL, NULL
154 SASL_CB_USER, NULL, NULL
156 SASL_CB_AUTHNAME, NULL, NULL
158 SASL_CB_PASS, NULL, NULL
160 SASL_CB_LIST_END, NULL, NULL
164 int test_getrealm(void *context __attribute__((unused)), int id,
165 const char **availrealms __attribute__((unused)),
168 if(id != SASL_CB_GETREALM) fatal("test_getrealm not looking for realm");
169 if(!result) return SASL_BADPARAM;
170 *result = myhostname;
174 int test_getsecret(sasl_conn_t *conn __attribute__((unused)),
175 void *context __attribute__((unused)), int id,
176 sasl_secret_t **psecret)
178 if(id != SASL_CB_PASS) fatal("test_getsecret not looking for pass");
179 if(!psecret) return SASL_BADPARAM;
186 int test_getsimple(void *context __attribute__((unused)), int id,
187 const char **result, unsigned *len)
189 if(!result) return SASL_BADPARAM;
191 if (id==SASL_CB_USER && proxyflag == 0) {
192 *result=(char *) username;
193 } else if (id==SASL_CB_USER && proxyflag == 1) {
194 *result=(char *) proxyasname;
195 } else if (id==SASL_CB_AUTHNAME) {
196 *result=(char *) authname;
198 printf("I want %d\n", id);
199 fatal("unknown callback in test_getsimple");
202 if (len) *len = (unsigned) strlen(*result);
206 /* callbacks we support */
207 static sasl_callback_t client_callbacks[] = {
209 SASL_CB_GETREALM, test_getrealm, NULL
211 SASL_CB_USER, test_getsimple, NULL
213 SASL_CB_AUTHNAME, test_getsimple, NULL
215 SASL_CB_PASS, test_getsecret, NULL
217 SASL_CB_LIST_END, NULL, NULL
221 typedef void *foreach_t(char *mech, void *rock);
223 typedef struct tosend_s {
224 corrupt_type_t type; /* type of corruption to make */
225 int step; /* step it should send bogus data on */
226 sasl_callback_t *client_callbacks; /* which client callbacks to use */
229 typedef struct mem_info
233 struct mem_info *next;
236 int DETAILED_MEMORY_DEBUGGING = 0;
238 mem_info_t *head = NULL;
242 void *test_malloc(size_t size)
245 mem_info_t *new_data;
249 if(DETAILED_MEMORY_DEBUGGING)
250 fprintf(stderr, " %X = malloc(%u)\n", (unsigned)out, (unsigned) size);
253 new_data = malloc(sizeof(mem_info_t));
254 if(!new_data) return out;
256 new_data->addr = out;
257 new_data->size = size;
258 new_data->next = head;
265 void *test_realloc(void *ptr, size_t size)
268 mem_info_t **prev, *cur;
270 out = realloc(ptr, size);
272 if(DETAILED_MEMORY_DEBUGGING)
273 fprintf(stderr, " %X = realloc(%X,%d)\n",
274 (unsigned)out, (unsigned)ptr, size);
276 prev = &head; cur = head;
279 if(cur->addr == ptr) {
289 if(DETAILED_MEMORY_DEBUGGING && cur == NULL) {
291 " MEM WARNING: reallocing something we never allocated!\n");
293 cur = malloc(sizeof(mem_info_t));
305 void *test_calloc(size_t nmemb, size_t size)
308 mem_info_t *new_data;
310 out = calloc(nmemb, size);
312 if(DETAILED_MEMORY_DEBUGGING)
313 fprintf(stderr, " %X = calloc(%d, %d)\n",
314 (unsigned)out, nmemb, size);
317 new_data = malloc(sizeof(mem_info_t));
318 if(!new_data) return out;
320 new_data->addr = out;
321 new_data->size = size;
322 new_data->next = head;
330 void test_free(void *ptr)
332 mem_info_t **prev, *cur;
334 if(DETAILED_MEMORY_DEBUGGING)
335 fprintf(stderr, " free(%X)\n",
338 prev = &head; cur = head;
341 if(cur->addr == ptr) {
351 if(DETAILED_MEMORY_DEBUGGING && cur == NULL) {
353 " MEM WARNING: Freeing something we never allocated!\n");
359 #endif /* WITH_DMALLOC */
369 fprintf(stderr, " All memory accounted for!\n");
373 fprintf(stderr, " Currently Still Allocated:\n");
374 for(cur = head; cur; cur = cur->next) {
375 fprintf(stderr, " %X (%5d)\t", (unsigned)cur->addr, cur->size);
376 for(data = (unsigned char *) cur->addr,
377 n = 0; n < (cur->size > 12 ? 12 : cur->size); n++) {
378 if (isprint((int) data[n]))
379 fprintf(stderr, "'%c' ", (char) data[n]);
381 fprintf(stderr, "%02X ", data[n] & 0xff);
384 fprintf(stderr, "...");
385 fprintf(stderr, "\n");
390 #endif /* WITH_DMALLOC */
394 /************* End Memory Allocation functions ******/
396 /* my mutex functions */
399 typedef struct my_mutex_s {
406 void *my_mutex_new(void)
408 my_mutex_t *ret = (my_mutex_t *)malloc(sizeof(my_mutex_t));
409 ret->num = g_mutex_cnt;
417 int my_mutex_lock(my_mutex_t *m)
421 fatal("Trying to lock a mutex already locked [single-threaded app]");
428 int my_mutex_unlock(my_mutex_t *m)
432 fatal("Unlocking mutex that isn't locked");
440 void my_mutex_dispose(my_mutex_t *m)
449 int good_getopt(void *context __attribute__((unused)),
450 const char *plugin_name __attribute__((unused)),
455 if (strcmp(option,"pwcheck_method")==0)
459 *len = (unsigned) strlen("auxprop");
461 } else if (!strcmp(option, "auxprop_plugin")) {
464 *len = (unsigned) strlen("sasldb");
466 } else if (!strcmp(option, "sasldb_path")) {
467 *result = "./sasldb";
469 *len = (unsigned) strlen("./sasldb");
471 } else if (!strcmp(option, "canon_user_plugin")) {
474 *len = (unsigned) strlen(*result);
481 static struct sasl_callback goodsasl_cb[] = {
482 { SASL_CB_GETOPT, &good_getopt, NULL },
483 { SASL_CB_LIST_END, NULL, NULL }
486 int givebadpath(void * context __attribute__((unused)),
490 *path = malloc(10000);
491 strcpy(*path,"/tmp/is/not/valid/path/");
493 for (lup = 0;lup<1000;lup++)
499 static struct sasl_callback withbadpathsasl_cb[] = {
500 { SASL_CB_GETPATH, &givebadpath, NULL },
501 { SASL_CB_LIST_END, NULL, NULL }
504 int giveokpath(void * context __attribute__((unused)),
512 static struct sasl_callback withokpathsasl_cb[] = {
513 { SASL_CB_GETPATH, &giveokpath, NULL },
514 { SASL_CB_LIST_END, NULL, NULL }
517 static struct sasl_callback emptysasl_cb[] = {
518 { SASL_CB_LIST_END, NULL, NULL }
521 static int proxy_authproc(sasl_conn_t *conn,
522 void *context __attribute__((unused)),
523 const char *requested_user,
524 unsigned rlen __attribute__((unused)),
525 const char *auth_identity,
526 unsigned alen __attribute__((unused)),
527 const char *def_realm __attribute__((unused)),
528 unsigned urlen __attribute__((unused)),
529 struct propctx *propctx __attribute__((unused)))
531 if(!strcmp(auth_identity, authname)
532 && !strcmp(requested_user, proxyasname)) return SASL_OK;
534 if(!strcmp(auth_identity, requested_user)) {
535 printf("Warning: Authenticated name but DID NOT proxy (%s/%s)\n",
536 requested_user, auth_identity);
540 sasl_seterror(conn, SASL_NOLOG, "authorization failed: %s by %s",
541 requested_user, auth_identity);
545 static struct sasl_callback goodsaslproxy_cb[] = {
546 { SASL_CB_PROXY_POLICY, &proxy_authproc, NULL },
547 { SASL_CB_GETOPT, &good_getopt, NULL },
548 { SASL_CB_LIST_END, NULL, NULL }
551 char really_long_string[REALLY_LONG_LENGTH];
554 * Setup some things for test
556 void init(unsigned int seed)
563 for (lup=0;lup<REALLY_LONG_LENGTH;lup++)
564 really_long_string[lup] = '0' + (rand() % 10);
566 really_long_string[REALLY_LONG_LENGTH - rand() % REALLY_LONG_BACKOFF] = '\0';
568 result = gethostname(myhostname, sizeof(myhostname)-1);
569 if (result == -1) fatal("gethostname");
571 sasl_set_mutex((sasl_mutex_alloc_t *) &my_mutex_new,
572 (sasl_mutex_lock_t *) &my_mutex_lock,
573 (sasl_mutex_unlock_t *) &my_mutex_unlock,
574 (sasl_mutex_free_t *) &my_mutex_dispose);
577 sasl_set_alloc((sasl_malloc_t *)test_malloc,
578 (sasl_calloc_t *)test_calloc,
579 (sasl_realloc_t *)test_realloc,
580 (sasl_free_t *)test_free);
586 * Tests for sasl_server_init
593 /* sasl_done() before anything */
595 if(mem_stat() != SASL_OK) fatal("memory error after sasl_done test");
597 /* Try passing appname a really long string (just see if it crashes it)*/
599 result = sasl_server_init(NULL,really_long_string);
601 if(mem_stat() != SASL_OK) fatal("memory error after long appname test");
603 /* this calls sasl_done when it wasn't inited */
605 if(mem_stat() != SASL_OK) fatal("memory error after null appname test");
607 /* try giving it a different path for where the plugins are */
608 result = sasl_server_init(withokpathsasl_cb, "Tester");
609 if (result!=SASL_OK) fatal("Didn't deal with ok callback path very well");
611 if(mem_stat() != SASL_OK) fatal("memory error after callback path test");
614 result = sasl_client_init(withokpathsasl_cb);
617 fatal("Client didn't deal with ok callback path very well");
619 if(mem_stat() != SASL_OK) fatal("memory error after client test");
621 #if defined(DO_DLOPEN) && (defined(PIC) || (!defined(PIC) && defined(TRY_DLOPEN_WHEN_STATIC)))
622 /* try giving it an invalid path for where the plugins are */
623 result = sasl_server_init(withbadpathsasl_cb, NULL);
624 if (result==SASL_OK) fatal("Allowed invalid path");
626 if(mem_stat() != SASL_OK) fatal("memory error after bad path test");
629 /* and the client - xxx is this necessary?*/
631 result = sasl_client_init(withbadpathsasl_cb);
634 fatal("Client allowed invalid path");
638 /* Now try to break all the sasl_server_* functions for not returning
641 if(sasl_global_listmech())
642 fatal("sasl_global_listmech did not return NULL with no library initialized");
644 if(sasl_server_new(NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL)
646 fatal("sasl_server_new did not return SASL_NOTINIT");
648 /* Can't check this validly without a server conn, so this would be
649 a hard one to tickle anyway */
651 if(sasl_listmech(NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL)
653 fatal("sasl_listmech did not return SASL_NOTINIT");
656 if(sasl_server_start(NULL, NULL, NULL, 0, NULL, NULL)
658 fatal("sasl_server_start did not return SASL_NOTINIT");
660 if(sasl_server_step(NULL, NULL, 0, NULL, NULL)
662 fatal("sasl_server_step did not return SASL_NOTINIT");
664 #ifdef DO_SASL_CHECKAPOP
665 if(sasl_checkapop(NULL, NULL, 0, NULL, 0)
667 fatal("sasl_checkapop did not return SASL_NOTINIT");
670 if(sasl_checkpass(NULL, NULL, 0, NULL, 0)
672 fatal("sasl_checkpass did not return SASL_NOTINIT");
674 if(sasl_user_exists(NULL, NULL, NULL, NULL)
676 fatal("sasl_user_exists did not return SASL_NOTINIT");
678 if(sasl_setpass(NULL, NULL, NULL, 0, NULL, 0, 0)
680 fatal("sasl_setpass did not return SASL_NOTINIT");
682 /* And sasl_client_*... */
684 if(sasl_client_new(NULL, NULL, NULL, NULL, NULL, 0, NULL)
686 fatal("sasl_client_new did not return SASL_NOTINIT");
688 if(sasl_client_start(NULL, NULL, NULL, NULL, NULL, NULL)
690 fatal("sasl_client_start did not return SASL_NOTINIT");
692 if(sasl_client_step(NULL, NULL, 0, NULL, NULL, NULL)
694 fatal("sasl_client_step did not return SASL_NOTINIT");
700 * Tests sasl_listmech command
703 void test_listmech(void)
705 sasl_conn_t *saslconn, *cconn;
707 const char *str = NULL;
709 unsigned lup, flag, pcount;
712 /* test without initializing library */
713 result = sasl_listmech(NULL, /* conn */
722 /* printf("List mech without library initialized: %s\n",sasl_errstring(result,NULL,NULL));*/
723 if (result == SASL_OK) fatal("Failed sasl_listmech() with NULL saslconn");
725 if (sasl_server_init(emptysasl_cb,"TestSuite")!=SASL_OK)
726 fatal("can't sasl_server_init");
727 if (sasl_client_init(client_interactions)!=SASL_OK)
728 fatal("can't sasl_client_init");
730 if (sasl_server_new("rcmd", myhostname,
731 NULL, NULL, NULL, NULL, 0,
732 &saslconn) != SASL_OK)
733 fatal("can't sasl_server_new");
735 if (sasl_setprop(saslconn, SASL_AUTH_EXTERNAL, authname)!=SASL_OK)
736 fatal("sasl_setprop(SASL_AUTH_EXTERNAL) failed");
738 /* client new connection */
739 if (sasl_client_new("rcmd",
744 fatal("sasl_client_new() failure");
746 if (sasl_setprop(cconn, SASL_AUTH_EXTERNAL, authname)!=SASL_OK)
747 fatal("sasl_setprop(SASL_AUTH_EXTERNAL) failed");
750 list = sasl_global_listmech();
751 if(!list) fatal("sasl_global_listmech failure");
755 for(lup = 0; list[lup]; lup++) {
756 if(flag) printf(",");
758 printf("%s",list[lup]);
762 /* try client side */
763 result = sasl_listmech(cconn,
771 if(result == SASL_OK) {
772 printf("Client mechlist:\n%s\n", str);
774 fatal("client side sasl_listmech failed");
777 /* Test with really long user */
779 result = sasl_listmech(saslconn,
788 if (result != SASL_OK) fatal("Failed sasl_listmech() with long user");
790 if (str[0]!='[') fatal("Failed sasl_listmech() with long user (didn't start with '['");
792 result = sasl_listmech(saslconn,
801 if (result != SASL_OK) fatal("Failed sasl_listmech() with different params");
803 printf("We have the following mechs:\n %s\n",str);
805 /* Test with really long prefix */
807 result = sasl_listmech(saslconn,
816 if (result != SASL_OK) fatal("failed sasl_listmech() with long prefix");
818 if (str[0]!=really_long_string[0]) fatal("failed sasl_listmech() with long prefix (str is suspect)");
820 /* Test with really long suffix */
822 result = sasl_listmech(saslconn,
831 if (result != SASL_OK) fatal("Failed sasl_listmech() with long suffix");
833 /* Test with really long seperator */
835 result = sasl_listmech(saslconn,
844 if (result != SASL_OK) fatal("Failed sasl_listmech() with long seperator");
846 /* Test contents of output string is accurate */
847 result = sasl_listmech(saslconn,
856 if (result != SASL_OK) fatal("Failed sasl_listmech()");
858 if (strlen(str)!=plen) fatal("Length of string doesn't match what we were told");
860 for (lup=0;lup<plen;lup++)
867 printf("mechanism string = %s\n",str);
868 printf("Mechs left = %d\n",pcount);
869 fatal("Number of mechs received doesn't match what we were told");
872 /* Call sasl done then make sure listmech doesn't work anymore */
873 sasl_dispose(&saslconn);
874 sasl_dispose(&cconn);
877 result = sasl_listmech(saslconn,
886 if (result == SASL_OK) fatal("Called sasl_done but listmech still works\n");
891 * Perform tests on the random utilities
894 void test_random(void)
900 /* make sure it works consistantly */
902 for (lup = 0;lup<10;lup++)
904 if (sasl_randcreate(&rpool) != SASL_OK) fatal("sasl_randcreate failed");
905 sasl_randfree(&rpool);
908 /* try seeding w/o calling rand_create first */
910 sasl_randseed(rpool, "seed", 4);
912 /* try seeding with bad values */
913 sasl_randcreate(&rpool);
914 sasl_randseed(rpool, "seed", 0);
915 sasl_randseed(rpool, NULL, 0);
916 sasl_randseed(rpool, NULL, 4);
917 sasl_randfree(&rpool);
919 /* try churning with bad values */
920 sasl_randcreate(&rpool);
921 sasl_churn(rpool, "seed", 0);
922 sasl_churn(rpool, NULL, 0);
923 sasl_churn(rpool, NULL, 4);
924 sasl_randfree(&rpool);
926 /* try seeding with a lot of crap */
927 sasl_randcreate(&rpool);
929 for (lup=0;lup<(int) sizeof(buf);lup++)
931 buf[lup] = (rand() % 256);
933 sasl_randseed(rpool, buf, sizeof(buf));
934 sasl_churn(rpool, buf, sizeof(buf));
936 sasl_randfree(&rpool);
940 * Test SASL base64 conversion routines
950 /* make random crap and see if enc->dec produces same as original */
951 for (lup=0;lup<(int) sizeof(orig);lup++)
952 orig[lup] = (char) (rand() % 256);
954 if (sasl_encode64(orig, sizeof(orig), enc, sizeof(enc), &encsize)!=SASL_OK)
955 fatal("encode64 failed when we didn't expect it to");
957 if (sasl_decode64(enc, encsize, enc, 8192, &encsize)!=SASL_OK)
958 fatal("decode64 failed when we didn't expect it to");
960 if (encsize != sizeof(orig)) fatal("Now has different size");
962 for (lup=0;lup<(int) sizeof(orig);lup++)
963 if (enc[lup] != orig[lup])
964 fatal("enc64->dec64 doesn't match");
966 /* try to get a SASL_BUFOVER */
968 if (sasl_encode64(orig, sizeof(orig)-1, enc, 10, &encsize)!=SASL_BUFOVER)
969 fatal("Expected SASL_BUFOVER");
972 /* pass some bad params */
973 if (sasl_encode64(NULL, 10, enc, sizeof(enc), &encsize)==SASL_OK)
974 fatal("Said ok to null data");
976 if (sasl_encode64(orig, sizeof(orig), enc, sizeof(enc), NULL)!=SASL_OK)
977 fatal("Didn't allow null return size");
979 /* New tests in 2.1.22 */
980 for (lup=0;lup<(int) sizeof(orig);lup++) {
984 if (sasl_decode64(enc, 3, orig, 8192, &encsize) != SASL_CONTINUE)
985 fatal("decode64 succeded on a 3 byte buffer when it shouldn't have");
990 if (sasl_decode64(enc, 4, orig, 8192, &encsize) == SASL_OK)
991 fatal("decode64 succeded on a 4 byte buffer with a bare CR");
993 if (sasl_decode64(enc, 5, orig, 8192, &encsize) == SASL_OK)
994 fatal("decode64 succeded on a 5 byte buffer with CRLF");
1000 if (sasl_decode64(enc, 4, orig, 8192, &encsize) != SASL_OK)
1001 fatal("decode64 failed on a 4 byte buffer with a terminating =");
1003 if (sasl_decode64(enc, 5, orig, 8192, &encsize) != SASL_BADPROT)
1004 fatal("decode64 did not return SASL_CONTINUE on a 5 byte buffer with a terminating =");
1006 /* Test for invalid character after the terminating '=' */
1009 if (sasl_decode64(enc, 4, orig, 8192, &encsize) == SASL_OK)
1010 fatal("decode64 failed on a 4 byte buffer with invalid character a terminating =");
1012 /* Test for '=' in the middle of an encoded string */
1015 if (sasl_decode64(enc, 4, orig, 8192, &encsize) == SASL_OK)
1016 fatal("decode64 succeed on a 4 byte buffer with a data after a terminating =");
1018 if (sasl_decode64(enc, 0, orig, 8192, &encsize) != SASL_OK)
1019 fatal("decode64 should have succeeded on an empty buffer");
1022 /* This isn't complete, but then, what in the testsuite is? */
1023 void test_props(void)
1026 struct propval foobar[3];
1027 struct propctx *ctx, *dupctx;
1029 const char *requests[] = {
1038 const char *more_requests[] = {
1046 const char *short_requests[] = {
1055 fatal("no new prop context");
1058 if(prop_request(NULL, requests) == SASL_OK)
1059 fatal("prop_request w/NULL context succeeded");
1060 if(prop_request(ctx, NULL) == SASL_OK)
1061 fatal("prop_request w/NULL request list succeeded");
1063 result = prop_request(ctx, requests);
1064 if(result != SASL_OK)
1065 fatal("prop request failed");
1067 /* set some values */
1068 prop_set(ctx, "uidNumber", really_long_string, 0);
1069 prop_set(ctx, "userPassword", "pw1", 0);
1070 prop_set(ctx, "userPassword", "pw2", 0);
1071 prop_set(ctx, "userName", "rjs3", 0);
1072 prop_set(ctx, NULL, "tmartin", 0);
1074 /* and request some more (this resets values) */
1075 prop_request(ctx, more_requests);
1077 /* and set some more... */
1078 prop_set(ctx, "c", really_long_string, 0);
1079 prop_set(ctx, "b", really_long_string, 0);
1080 prop_set(ctx, "userPassword", "pw1b", 0);
1081 prop_set(ctx, "userPassword", "pw2b", 0);
1082 prop_set(ctx, "userName", "rjs3b", 0);
1083 prop_set(ctx, NULL, "tmartinagain", 0);
1085 if(prop_set(ctx, "gah", "ack", 0) == SASL_OK) {
1086 printf("setting bad property name succeeded\n");
1090 result = prop_getnames(ctx, short_requests, foobar);
1092 fatal("prop_getnames failed");
1094 if(strcmp(foobar[0].name, short_requests[0]))
1095 fatal("prop_getnames item 0 wrong name");
1096 if(strcmp(foobar[1].name, short_requests[1]))
1097 fatal("prop_getnames item 1 wrong name");
1099 fatal("prop_getnames returned an item 2");
1101 if(strcmp(foobar[0].values[0], "pw1b"))
1102 fatal("prop_getnames item 1a wrong value");
1103 if(strcmp(foobar[0].values[1], "pw2b"))
1104 fatal("prop_getnames item 1b wrong value");
1105 if(strcmp(foobar[1].values[0], "rjs3b"))
1106 fatal("prop_getnames item 2a wrong value");
1107 if(strcmp(foobar[1].values[1], "tmartinagain"))
1108 fatal("prop_getnames item 2b wrong value");
1110 result = prop_dup(ctx, &dupctx);
1111 if(result != SASL_OK)
1112 fatal("could not duplicate");
1116 result = prop_getnames(ctx, short_requests, foobar);
1118 fatal("prop_getnames failed second time");
1121 fatal("it appears that prop_clear failed");
1123 result = prop_getnames(dupctx, short_requests, foobar);
1125 fatal("prop_getnames failed second time");
1128 fatal("prop_clear appears to have affected dup'd context");
1130 prop_clear(dupctx, 0);
1132 result = prop_getnames(dupctx, short_requests, foobar);
1134 fatal("prop_getnames failed second time");
1136 if(!foobar[0].name || strcmp(foobar[0].name, short_requests[0]))
1137 fatal("prop_clear appears to have cleared too much");
1140 prop_dispose(&dupctx);
1142 fatal("ctx not null after prop_dispose");
1145 void interaction (int id, const char *prompt,
1146 const char **tresult, unsigned int *tlen)
1148 if (id==SASL_CB_PASS) {
1149 *tresult=(char *) password;
1150 } else if (id==SASL_CB_USER && proxyflag == 0) {
1151 *tresult=(char *) username;
1152 } else if (id==SASL_CB_USER && proxyflag == 1) {
1153 *tresult=(char *) proxyasname;
1154 } else if (id==SASL_CB_AUTHNAME) {
1155 *tresult=(char *) authname;
1156 } else if ((id==SASL_CB_GETREALM)) {
1157 *tresult=(char *) myhostname;
1161 printf("%s: ",prompt);
1162 fgets(other_result, sizeof(other_result) - 1, stdin);
1163 c = strlen(other_result);
1164 other_result[c - 1] = '\0';
1165 *tresult=other_result;
1168 *tlen = (unsigned int) strlen(*tresult);
1171 void fillin_correctly(sasl_interact_t *tlist)
1173 while (tlist->id!=SASL_CB_LIST_END)
1175 interaction(tlist->id, tlist->prompt,
1176 (void *) &(tlist->result),
1183 const sasl_security_properties_t security_props = {
1192 void set_properties(sasl_conn_t *conn, const sasl_security_properties_t *props)
1195 if (sasl_setprop(conn, SASL_SEC_PROPS, &security_props) != SASL_OK)
1196 fatal("sasl_setprop() failed - default properties");
1198 if (sasl_setprop(conn, SASL_SEC_PROPS, props) != SASL_OK)
1199 fatal("sasl_setprop() failed");
1202 if (sasl_setprop(conn, SASL_AUTH_EXTERNAL, authname)!=SASL_OK)
1203 fatal("sasl_setprop(SASL_AUTH_EXTERNAL) failed");
1207 * This corrupts the string for us
1209 void corrupt(corrupt_type_t type, char *in, int inlen,
1210 char **out, unsigned *outlen)
1221 case ONEBYTE_RANDOM: /* corrupt one byte */
1224 in[ (rand() % inlen) ] = (char) (rand() % 256);
1232 in[ (rand() % inlen) ] = '\0';
1237 case ONEBYTE_QUOTES:
1239 in[ (rand() % inlen) ] = '"';
1245 *out = (char *) malloc(1);
1246 (*out)[0] = (char) (rand() % 256);
1251 *outlen = inlen+ (rand() % 100);
1252 *out = (char *) malloc(*outlen);
1253 memcpy( *out, in, inlen);
1255 for (lup=inlen;lup<*outlen;lup++)
1256 (*out)[lup] = (char) (rand() %256);
1265 *outlen = (rand() % inlen);
1266 *out = (char *) malloc(*outlen);
1267 memcpy(*out, in, *outlen);
1273 case REASONABLE_RANDOM:
1276 *out = (char *) malloc(*outlen);
1280 for (lup=0;lup<*outlen;lup++)
1281 (*out)[lup] = (char) (rand() % 256);
1285 *outlen = rand() % 50000;
1286 *out = (char *) malloc( *outlen);
1288 for (lup=0;lup<*outlen;lup++)
1289 (*out)[lup] = (char) (rand() % 256);
1292 case NEGATIVE_LENGTH:
1295 if (inlen == 0) inlen = 10;
1296 *outlen = -1 * (rand() % inlen);
1300 fatal("Invalid corruption type");
1305 void sendbadsecond(char *mech, void *rock)
1307 int result, need_another_client = 0;
1308 sasl_conn_t *saslconn;
1309 sasl_conn_t *clientconn;
1310 const char *out, *dec, *out2;
1312 unsigned outlen, declen, outlen2;
1313 sasl_interact_t *client_interact=NULL;
1314 const char *mechusing;
1315 const char *service = "rcmd";
1316 int mystep = 0; /* what step in the authentication are we on */
1317 int mayfail = 0; /* we did some corruption earlier so it's likely to fail now */
1319 tosend_t *send = (tosend_t *)rock;
1321 struct sockaddr_in addr;
1326 printf("%s --> start\n",mech);
1328 if (strcmp(mech,"GSSAPI")==0) service = gssapi_service;
1330 if (sasl_client_init(client_interactions)!=SASL_OK) fatal("Unable to init client");
1332 if (sasl_server_init(goodsasl_cb,"TestSuite")!=SASL_OK) fatal("unable to init server");
1334 if ((hp = gethostbyname(myhostname)) == NULL) {
1335 perror("gethostbyname");
1336 fatal("can't gethostbyname");
1339 addr.sin_family = 0;
1340 memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
1341 addr.sin_port = htons(0);
1343 reauth: /* loop back for reauth testing */
1344 sprintf(buf,"%s;%d", inet_ntoa(addr.sin_addr), 23);
1346 /* client new connection */
1347 if (sasl_client_new(service,
1351 &clientconn)!= SASL_OK) fatal("sasl_client_new() failure");
1353 set_properties(clientconn, NULL);
1355 if (sasl_server_new(service, myhostname, NULL,
1357 &saslconn) != SASL_OK) {
1358 fatal("can't sasl_server_new");
1360 set_properties(saslconn, NULL);
1363 result = sasl_client_start(clientconn, mech,
1368 if (result == SASL_INTERACT) fillin_correctly(client_interact);
1369 else if(result == SASL_CONTINUE) need_another_client = 1;
1370 else if(result == SASL_OK) need_another_client = 0;
1371 } while (result == SASL_INTERACT);
1375 printf("%s - \n",sasl_errdetail(clientconn));
1376 fatal("sasl_client_start() error");
1379 if (mystep == send->step && outlen)
1381 memcpy(buf, out, outlen);
1382 corrupt(send->type, buf, outlen, &tmp, &outlen);
1387 result = sasl_server_start(saslconn,
1396 if (result >= SASL_OK)
1397 printf("WARNING: We did a corruption but it still worked\n");
1404 printf("%s\n",sasl_errstring(result,NULL,NULL));
1405 fatal("sasl_server_start() error");
1410 while (result == SASL_CONTINUE) {
1412 if (mystep == send->step)
1414 memcpy(buf,out,outlen);
1415 corrupt(send->type, buf, outlen, &tmp, &outlen);
1421 result = sasl_client_step(clientconn,
1426 if (result == SASL_INTERACT)
1427 fillin_correctly(client_interact);
1428 else if (result == SASL_CONTINUE)
1429 need_another_client = 1;
1430 else if (result == SASL_OK)
1431 need_another_client = 0;
1432 } while (result == SASL_INTERACT);
1437 printf("WARNING: We did a corruption but it still worked\n");
1444 printf("%s\n",sasl_errstring(result,NULL,NULL));
1445 fatal("sasl_client_step() error");
1452 if (mystep == send->step)
1454 memcpy(buf, out, outlen);
1455 corrupt(send->type, buf, outlen, &tmp, &outlen);
1460 result = sasl_server_step(saslconn,
1469 printf("WARNING: We did a corruption but it still worked\n");
1476 printf("%s\n",sasl_errstring(result,NULL,NULL));
1477 fatal("sasl_server_step() error");
1484 if(need_another_client) {
1485 result = sasl_client_step(clientconn,
1489 if(result != SASL_OK)
1490 fatal("client was not ok on last server step");
1494 sasl_dispose(&clientconn);
1495 sasl_dispose(&saslconn);
1501 /* client to server */
1502 result = sasl_encode(clientconn, CLIENT_TO_SERVER,
1503 (unsigned) strlen(CLIENT_TO_SERVER), &out, &outlen);
1504 if (result != SASL_OK) fatal("Error encoding");
1506 if (mystep == send->step)
1508 memcpy(buf, out, outlen);
1509 corrupt(send->type, buf, outlen, &tmp, &outlen);
1514 result = sasl_decode(saslconn, out, outlen, &dec, &declen);
1519 printf("WARNING: We did a corruption but it still worked\n");
1526 printf("%s\n",sasl_errstring(result,NULL,NULL));
1527 fatal("sasl_decode() failure");
1532 /* no need to do other direction since symetric */
1534 /* Just verify oparams */
1535 if(sasl_getprop(saslconn, SASL_USERNAME, (const void **)&out)
1537 fatal("couldn't get server username");
1540 if(sasl_getprop(clientconn, SASL_USERNAME, (const void **)&out2)
1542 fatal("couldn't get client username");
1545 if(strcmp(out,out2)) {
1546 fatal("client username does not match server username");
1550 printf("%s --> %s (as %s)\n",mech,sasl_errstring(result,NULL,NULL),out);
1553 sasl_dispose(&clientconn);
1554 sasl_dispose(&saslconn);
1558 /* Authenticate two sasl_conn_t's to eachother, validly.
1559 * used to test the security layer */
1560 int doauth(char *mech, sasl_conn_t **server_conn, sasl_conn_t **client_conn,
1561 const sasl_security_properties_t *props,
1562 sasl_callback_t *c_calls, int fail_ok)
1564 int result, need_another_client = 0;
1565 sasl_conn_t *saslconn;
1566 sasl_conn_t *clientconn;
1567 const char *out, *out2;
1568 unsigned outlen, outlen2;
1569 sasl_interact_t *client_interact=NULL;
1570 const char *mechusing;
1571 const char *service = "rcmd";
1572 struct sockaddr_in addr;
1576 if(!server_conn || !client_conn) return SASL_BADPARAM;
1578 if (strcmp(mech,"GSSAPI")==0) service = gssapi_service;
1580 result = sasl_client_init((c_calls ? c_calls : client_interactions));
1581 if (result!=SASL_OK) {
1582 if(!fail_ok) fatal("Unable to init client");
1586 if(proxyflag == 0) {
1587 result = sasl_server_init(goodsasl_cb,"TestSuite");
1589 result = sasl_server_init(goodsaslproxy_cb,"TestSuite");
1591 if(result != SASL_OK) {
1592 if(!fail_ok) fatal("unable to init server");
1597 if ((hp = gethostbyname(myhostname)) == NULL) {
1598 perror("gethostbyname");
1599 if(!fail_ok) fatal("can't gethostbyname");
1600 else return SASL_FAIL;
1603 addr.sin_family = 0;
1604 memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
1605 addr.sin_port = htons(0);
1607 sprintf(buf,"%s;%d", inet_ntoa(addr.sin_addr), 0);
1609 /* client new connection */
1610 result = sasl_client_new(service,
1615 if(result != SASL_OK) {
1616 if(!fail_ok) fatal("sasl_client_new() failure");
1620 /* Set the security properties */
1621 set_properties(clientconn, props);
1623 result = sasl_server_new(service, myhostname, NULL,
1626 if(result != SASL_OK) {
1627 if(!fail_ok) fatal("can't sasl_server_new");
1630 set_properties(saslconn, props);
1633 result = sasl_client_start(clientconn, mech,
1638 if (result == SASL_INTERACT) fillin_correctly(client_interact);
1639 else if(result == SASL_CONTINUE) need_another_client = 1;
1640 else if(result == SASL_OK) need_another_client = 0;
1641 } while (result == SASL_INTERACT);
1645 if(!fail_ok) fatal("sasl_client_start() error");
1649 result = sasl_server_start(saslconn,
1658 if(!fail_ok) fatal("sasl_server_start() error");
1662 while (result == SASL_CONTINUE) {
1664 result = sasl_client_step(clientconn,
1669 if (result == SASL_INTERACT)
1670 fillin_correctly(client_interact);
1671 else if (result == SASL_CONTINUE)
1672 need_another_client = 1;
1673 else if (result == SASL_OK)
1674 need_another_client = 0;
1675 } while (result == SASL_INTERACT);
1679 if(!fail_ok) fatal("sasl_client_step() error");
1686 result = sasl_server_step(saslconn,
1694 if(!fail_ok) fatal("sasl_server_step() error");
1700 if(need_another_client) {
1701 if(!fail_ok) fatal("server-last not allowed, but need another client call");
1702 else return SASL_BADPROT;
1705 *server_conn = saslconn;
1706 *client_conn = clientconn;
1711 /* Authenticate two sasl_conn_t's to eachother, validly.
1712 * without allowing client-send-first */
1713 int doauth_noclientfirst(char *mech, sasl_conn_t **server_conn,
1714 sasl_conn_t **client_conn,
1715 const sasl_security_properties_t *props,
1716 sasl_callback_t *c_calls)
1718 int result, need_another_client = 0;
1719 sasl_conn_t *saslconn;
1720 sasl_conn_t *clientconn;
1721 const char *out, *out2;
1722 unsigned outlen, outlen2;
1723 sasl_interact_t *client_interact=NULL;
1724 const char *mechusing;
1725 const char *service = "rcmd";
1727 struct sockaddr_in addr;
1731 if(!server_conn || !client_conn) return SASL_BADPARAM;
1733 if (strcmp(mech,"GSSAPI")==0) service = gssapi_service;
1736 if (sasl_client_init((c_calls ? c_calls : client_interactions))!=SASL_OK)
1737 fatal("Unable to init client");
1739 if (sasl_server_init(goodsasl_cb,"TestSuite")!=SASL_OK)
1740 fatal("unable to init server");
1742 if ((hp = gethostbyname(myhostname)) == NULL) {
1743 perror("gethostbyname");
1744 fatal("can't gethostbyname");
1747 addr.sin_family = 0;
1748 memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
1749 addr.sin_port = htons(0);
1751 sprintf(buf,"%s;%d", inet_ntoa(addr.sin_addr), 0);
1753 /* client new connection */
1754 if (sasl_client_new(service,
1758 &clientconn)!= SASL_OK) fatal("sasl_client_new() failure");
1760 /* Set the security properties */
1761 set_properties(clientconn, props);
1763 if (sasl_server_new(service, myhostname, NULL,
1765 &saslconn) != SASL_OK) {
1766 fatal("can't sasl_server_new");
1768 set_properties(saslconn, props);
1771 result = sasl_client_start(clientconn, mech,
1776 if (result == SASL_INTERACT) fillin_correctly(client_interact);
1777 else if(result == SASL_CONTINUE) need_another_client = 1;
1778 else if(result == SASL_OK) need_another_client = 0;
1779 } while (result == SASL_INTERACT);
1783 fatal("sasl_client_start() error");
1786 result = sasl_server_start(saslconn,
1795 fatal("sasl_server_start() error");
1798 while (result == SASL_CONTINUE) {
1800 result = sasl_client_step(clientconn,
1805 if (result == SASL_INTERACT)
1806 fillin_correctly(client_interact);
1807 else if (result == SASL_CONTINUE)
1808 need_another_client = 1;
1809 else if (result == SASL_OK)
1810 need_another_client = 0;
1811 } while (result == SASL_INTERACT);
1815 fatal("sasl_client_step() error");
1821 result = sasl_server_step(saslconn,
1829 fatal("sasl_server_step() error");
1834 if(need_another_client) {
1835 fatal("server-last not allowed, but need another client call");
1838 *server_conn = saslconn;
1839 *client_conn = clientconn;
1844 /* Authenticate two sasl_conn_t's to eachother, validly.
1845 * used to test the security layer */
1846 int doauth_serverlast(char *mech, sasl_conn_t **server_conn,
1847 sasl_conn_t **client_conn,
1848 const sasl_security_properties_t *props,
1849 sasl_callback_t *c_calls)
1851 int result, need_another_client = 0;
1852 sasl_conn_t *saslconn;
1853 sasl_conn_t *clientconn;
1854 const char *out, *out2;
1855 unsigned outlen, outlen2;
1856 sasl_interact_t *client_interact=NULL;
1857 const char *mechusing;
1858 const char *service = "rcmd";
1860 struct sockaddr_in addr;
1864 if(!server_conn || !client_conn) return SASL_BADPARAM;
1866 if (strcmp(mech,"GSSAPI")==0) service = gssapi_service;
1868 if (sasl_client_init((c_calls ? c_calls : client_interactions))!=SASL_OK)
1869 fatal("unable to init client");
1871 if (sasl_server_init(goodsasl_cb,"TestSuite")!=SASL_OK)
1872 fatal("unable to init server");
1874 if ((hp = gethostbyname(myhostname)) == NULL) {
1875 perror("gethostbyname");
1876 fatal("can't gethostbyname");
1879 addr.sin_family = 0;
1880 memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
1881 addr.sin_port = htons(0);
1883 sprintf(buf,"%s;%d", inet_ntoa(addr.sin_addr), 0);
1885 /* client new connection */
1886 if (sasl_client_new(service,
1890 &clientconn)!= SASL_OK) fatal("sasl_client_new() failure");
1892 /* Set the security properties */
1893 set_properties(clientconn, props);
1895 if (sasl_server_new(service, myhostname, NULL,
1896 buf, buf, NULL, SASL_SUCCESS_DATA,
1897 &saslconn) != SASL_OK) {
1898 fatal("can't sasl_server_new");
1900 set_properties(saslconn, props);
1903 result = sasl_client_start(clientconn, mech,
1908 if (result == SASL_INTERACT) fillin_correctly(client_interact);
1909 else if(result == SASL_CONTINUE) need_another_client = 1;
1910 else if(result == SASL_OK) need_another_client = 0;
1911 } while (result == SASL_INTERACT);
1916 fatal("sasl_client_start() error");
1919 result = sasl_server_start(saslconn,
1928 fatal("sasl_server_start() error");
1931 while (result == SASL_CONTINUE) {
1933 result = sasl_client_step(clientconn,
1938 if (result == SASL_INTERACT)
1939 fillin_correctly(client_interact);
1940 else if (result == SASL_CONTINUE)
1941 need_another_client = 1;
1942 else if (result == SASL_OK)
1943 need_another_client = 0;
1944 } while (result == SASL_INTERACT);
1948 fatal("sasl_client_step() error");
1954 result = sasl_server_step(saslconn,
1962 fatal("sasl_server_step() error");
1967 if(need_another_client) {
1968 result = sasl_client_step(clientconn,
1972 if(result != SASL_OK)
1973 fatal("client was not ok on last server step");
1976 *server_conn = saslconn;
1977 *client_conn = clientconn;
1982 /* Authenticate two sasl_conn_t's to eachother, validly.
1983 * without allowing client-send-first */
1984 int doauth_noclientfirst_andserverlast(char *mech, sasl_conn_t **server_conn,
1985 sasl_conn_t **client_conn,
1986 const sasl_security_properties_t *props,
1987 sasl_callback_t *c_calls)
1989 int result, need_another_client = 0;
1990 sasl_conn_t *saslconn;
1991 sasl_conn_t *clientconn;
1992 const char *out, *out2;
1993 unsigned outlen, outlen2;
1994 sasl_interact_t *client_interact=NULL;
1995 const char *mechusing;
1996 const char *service = "rcmd";
1998 struct sockaddr_in addr;
2002 if(!server_conn || !client_conn) return SASL_BADPARAM;
2004 if (strcmp(mech,"GSSAPI")==0) service = gssapi_service;
2006 if (sasl_client_init((c_calls ? c_calls : client_interactions))!=SASL_OK)
2007 fatal("unable to init client");
2009 if (sasl_server_init(goodsasl_cb,"TestSuite")!=SASL_OK)
2010 fatal("unable to init server");
2012 if ((hp = gethostbyname(myhostname)) == NULL) {
2013 perror("gethostbyname");
2014 fatal("can't gethostbyname");
2017 addr.sin_family = 0;
2018 memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
2019 addr.sin_port = htons(0);
2021 sprintf(buf,"%s;%d", inet_ntoa(addr.sin_addr), 0);
2023 /* client new connection */
2024 if (sasl_client_new(service,
2028 &clientconn)!= SASL_OK) fatal("sasl_client_new() failure");
2030 /* Set the security properties */
2031 set_properties(clientconn, props);
2033 if (sasl_server_new(service, myhostname, NULL,
2034 buf, buf, NULL, SASL_SUCCESS_DATA,
2035 &saslconn) != SASL_OK) {
2036 fatal("can't sasl_server_new");
2038 set_properties(saslconn, props);
2041 result = sasl_client_start(clientconn, mech,
2046 if (result == SASL_INTERACT) fillin_correctly(client_interact);
2047 else if(result == SASL_CONTINUE) need_another_client = 1;
2048 else if(result == SASL_OK) need_another_client = 0;
2049 } while (result == SASL_INTERACT);
2053 fatal("sasl_client_start() error");
2056 result = sasl_server_start(saslconn,
2065 fatal("sasl_server_start() error");
2068 while (result == SASL_CONTINUE) {
2070 result = sasl_client_step(clientconn,
2075 if (result == SASL_INTERACT)
2076 fillin_correctly(client_interact);
2077 else if (result == SASL_CONTINUE)
2078 need_another_client = 1;
2079 else if (result == SASL_OK)
2080 need_another_client = 0;
2081 } while (result == SASL_INTERACT);
2085 fatal("sasl_client_step() error");
2091 result = sasl_server_step(saslconn,
2099 fatal("sasl_server_step() error");
2104 if(need_another_client) {
2105 result = sasl_client_step(clientconn,
2109 if(result != SASL_OK)
2110 fatal("client was not ok on last server step");
2113 *server_conn = saslconn;
2114 *client_conn = clientconn;
2119 void cleanup_auth(sasl_conn_t **client, sasl_conn_t **server)
2121 sasl_dispose(client);
2122 sasl_dispose(server);
2127 const sasl_security_properties_t int_only = {
2136 const sasl_security_properties_t force_des = {
2145 const sasl_security_properties_t force_rc4_56 = {
2154 const sasl_security_properties_t force_3des = {
2164 const sasl_security_properties_t no_int = {
2173 const sasl_security_properties_t disable_seclayer = {
2182 void do_proxypolicy_test(char *mech, void *rock __attribute__((unused)))
2184 sasl_conn_t *sconn, *cconn;
2185 const char *username;
2187 printf("%s --> start\n", mech);
2189 if(doauth(mech, &sconn, &cconn, &security_props, NULL, 0) != SASL_OK) {
2190 fatal("doauth failed in do_proxypolicy_test");
2193 if(sasl_getprop(sconn, SASL_USERNAME, (const void **)&username) != SASL_OK)
2195 fatal("getprop failed in do_proxypolicy_test");
2198 if(strcmp(username, proxyasname)) {
2199 printf("Warning: Server Authorization Name != proxyasuser\n");
2202 cleanup_auth(&cconn, &sconn);
2204 printf("%s --> successful result\n",mech);
2207 void test_clientfirst(char *mech, void *rock)
2209 sasl_conn_t *sconn, *cconn;
2210 tosend_t *tosend = (tosend_t *)rock;
2212 printf("%s --> start\n", mech);
2214 /* Basic crash-tests (none should cause a crash): */
2215 if(doauth(mech, &sconn, &cconn, &security_props, tosend->client_callbacks,
2217 fatal("doauth failed in test_clientfirst");
2220 cleanup_auth(&cconn, &sconn);
2222 printf("%s --> successful result\n", mech);
2225 void test_noclientfirst(char *mech, void *rock)
2227 sasl_conn_t *sconn, *cconn;
2228 tosend_t *tosend = (tosend_t *)rock;
2230 printf("%s --> start\n", mech);
2232 /* Basic crash-tests (none should cause a crash): */
2233 if(doauth_noclientfirst(mech, &sconn, &cconn, &security_props,
2234 tosend->client_callbacks) != SASL_OK) {
2235 fatal("doauth failed in test_noclientfirst");
2238 cleanup_auth(&cconn, &sconn);
2240 printf("%s --> successful result\n", mech);
2243 void test_serverlast(char *mech, void *rock)
2245 sasl_conn_t *sconn, *cconn;
2246 tosend_t *tosend = (tosend_t *)rock;
2248 printf("%s --> start\n", mech);
2250 /* Basic crash-tests (none should cause a crash): */
2251 if(doauth_serverlast(mech, &sconn, &cconn, &security_props,
2252 tosend->client_callbacks) != SASL_OK) {
2253 fatal("doauth failed in test_serverlast");
2256 cleanup_auth(&cconn, &sconn);
2258 printf("%s --> successful result\n", mech);
2262 void test_noclientfirst_andserverlast(char *mech, void *rock)
2264 sasl_conn_t *sconn, *cconn;
2265 tosend_t *tosend = (tosend_t *)rock;
2267 printf("%s --> start\n", mech);
2269 /* Basic crash-tests (none should cause a crash): */
2270 if(doauth_noclientfirst_andserverlast(mech, &sconn, &cconn,
2272 tosend->client_callbacks)
2274 fatal("doauth failed in test_noclientfirst_andserverlast");
2277 cleanup_auth(&cconn, &sconn);
2279 printf("%s --> successful result\n", mech);
2282 void testseclayer(char *mech, void *rock __attribute__((unused)))
2284 sasl_conn_t *sconn, *cconn;
2286 char buf[8192], buf2[8192];
2287 const char *txstring = "THIS IS A TEST";
2288 const char *out, *out2;
2290 const sasl_security_properties_t *test_props[7] =
2297 &disable_seclayer };
2298 const unsigned num_properties = 7;
2300 const sasl_ssf_t *this_ssf;
2301 unsigned outlen = 0, outlen2 = 0, totlen = 0;
2303 printf("%s --> security layer start\n", mech);
2305 for(i=0; i<num_properties; i++) {
2307 /* Basic crash-tests (none should cause a crash): */
2308 result = doauth(mech, &sconn, &cconn, test_props[i], NULL, 1);
2309 if(result == SASL_NOMECH && test_props[i]->min_ssf > 0) {
2310 printf(" Testing SSF: SKIPPED (requested minimum > 0: %d)\n",
2311 test_props[i]->min_ssf);
2312 cleanup_auth(&sconn, &cconn);
2314 } else if(result != SASL_OK) {
2315 fatal("doauth failed in testseclayer");
2318 if(sasl_getprop(cconn, SASL_SSF, (const void **)&this_ssf) != SASL_OK) {
2319 fatal("sasl_getprop in testseclayer");
2322 if(*this_ssf != 0 && !test_props[i]->maxbufsize) {
2323 fatal("got nonzero SSF with zero maxbufsize");
2326 printf(" SUCCESS Testing SSF: %d (requested %d/%d with maxbufsize: %d)\n",
2327 (unsigned)(*this_ssf),
2328 test_props[i]->min_ssf, test_props[i]->max_ssf,
2329 test_props[i]->maxbufsize);
2331 if(!test_props[i]->maxbufsize) {
2332 result = sasl_encode(cconn, txstring, (unsigned) strlen(txstring),
2334 if(result == SASL_OK) {
2335 fatal("got OK when encoding with zero maxbufsize");
2337 result = sasl_decode(sconn, "foo", 3, &out, &outlen);
2338 if(result == SASL_OK) {
2339 fatal("got OK when decoding with zero maxbufsize");
2341 cleanup_auth(&sconn, &cconn);
2345 sasl_encode(NULL, txstring, (unsigned) strlen(txstring), &out, &outlen);
2346 sasl_encode(cconn, NULL, (unsigned) strlen(txstring), &out, &outlen);
2347 sasl_encode(cconn, txstring, 0, &out, &outlen);
2348 sasl_encode(cconn, txstring, (unsigned) strlen(txstring), NULL, &outlen);
2349 sasl_encode(cconn, txstring, (unsigned) strlen(txstring), &out, NULL);
2351 sasl_decode(NULL, txstring, (unsigned) strlen(txstring), &out, &outlen);
2352 sasl_decode(cconn, NULL, (unsigned) strlen(txstring), &out, &outlen);
2353 sasl_decode(cconn, txstring, 0, &out, &outlen);
2354 sasl_decode(cconn, txstring, (unsigned)-1, &out, &outlen);
2355 sasl_decode(cconn, txstring, (unsigned) strlen(txstring), NULL, &outlen);
2356 sasl_decode(cconn, txstring, (unsigned) strlen(txstring), &out, NULL);
2358 cleanup_auth(&sconn, &cconn);
2360 /* Basic I/O Test */
2361 if(doauth(mech, &sconn, &cconn, test_props[i], NULL, 0) != SASL_OK) {
2362 fatal("doauth failed in testseclayer");
2365 result = sasl_encode(cconn, txstring, (unsigned) strlen(txstring),
2367 if(result != SASL_OK) {
2368 fatal("basic sasl_encode failure");
2371 result = sasl_decode(sconn, out, outlen, &out, &outlen);
2372 if(result != SASL_OK) {
2373 fatal("basic sasl_decode failure");
2376 cleanup_auth(&sconn, &cconn);
2378 /* Split one block and reassemble */
2379 if(doauth(mech, &sconn, &cconn, test_props[i], NULL, 0) != SASL_OK) {
2380 fatal("doauth failed in testseclayer");
2383 result = sasl_encode(cconn, txstring, (unsigned) strlen(txstring),
2385 if(result != SASL_OK) {
2386 fatal("basic sasl_encode failure (2)");
2389 memcpy(buf, out, 5);
2394 result = sasl_decode(sconn, buf, 5, &out2, &outlen2);
2395 if(result != SASL_OK) {
2396 printf("Failed with: %s\n", sasl_errstring(result, NULL, NULL));
2397 fatal("sasl_decode failure part 1/2");
2400 memset(buf2, 0, 8192);
2402 memcpy(buf2, out2, outlen2);
2404 result = sasl_decode(sconn, out, outlen - 5, &out, &outlen);
2405 if(result != SASL_OK) {
2406 fatal("sasl_decode failure part 2/2");
2410 if(strcmp(buf2, txstring)) {
2411 printf("Exptected '%s' but got '%s'\n", txstring, buf2);
2412 fatal("did not get correct string back after 2 sasl_decodes");
2415 cleanup_auth(&sconn, &cconn);
2417 /* Combine 2 blocks */
2418 if(doauth(mech, &sconn, &cconn, test_props[i], NULL, 0) != SASL_OK) {
2419 fatal("doauth failed in testseclayer");
2422 result = sasl_encode(cconn, txstring, (unsigned) strlen(txstring),
2424 if(result != SASL_OK) {
2425 fatal("basic sasl_encode failure (3)");
2428 memcpy(buf, out, outlen);
2433 result = sasl_encode(cconn, txstring, (unsigned) strlen(txstring),
2435 if(result != SASL_OK) {
2436 fatal("basic sasl_encode failure (4)");
2439 memcpy(tmp, out, outlen);
2442 result = sasl_decode(sconn, buf, totlen, &out, &outlen);
2443 if(result != SASL_OK) {
2444 printf("Failed with: %s\n", sasl_errstring(result, NULL, NULL));
2445 fatal("sasl_decode failure (2 blocks)");
2448 sprintf(buf2, "%s%s", txstring, txstring);
2450 if(strcmp(out, buf2)) {
2451 fatal("did not get correct string back (2 blocks)");
2454 cleanup_auth(&sconn, &cconn);
2456 /* Combine 2 blocks with 1 split */
2457 if(doauth(mech, &sconn, &cconn, test_props[i], NULL, 0) != SASL_OK) {
2458 fatal("doauth failed in testseclayer");
2461 result = sasl_encode(cconn, txstring, (unsigned) strlen(txstring),
2463 if(result != SASL_OK) {
2464 fatal("basic sasl_encode failure (3)");
2467 memcpy(buf, out, outlen);
2471 result = sasl_encode(cconn, txstring, (unsigned) strlen(txstring),
2473 if(result != SASL_OK) {
2474 fatal("basic sasl_encode failure (4)");
2477 memcpy(tmp, out2, 5);
2484 result = sasl_decode(sconn, buf, outlen, &out, &outlen);
2485 if(result != SASL_OK) {
2486 printf("Failed with: %s\n", sasl_errstring(result, NULL, NULL));
2487 fatal("sasl_decode failure 1/2 (2 blocks, 1 split)");
2490 memset(buf2, 0, 8192);
2491 memcpy(buf2, out, outlen);
2493 tmp = buf2 + outlen;
2495 result = sasl_decode(sconn, out2, outlen2, &out, &outlen);
2496 if(result != SASL_OK) {
2497 printf("Failed with: %s\n", sasl_errstring(result, NULL, NULL));
2498 fatal("sasl_decode failure 2/2 (2 blocks, 1 split)");
2501 memcpy(tmp, out, outlen);
2503 sprintf(buf, "%s%s", txstring, txstring);
2504 if(strcmp(buf, buf2)) {
2505 fatal("did not get correct string back (2 blocks, 1 split)");
2508 cleanup_auth(&sconn, &cconn);
2510 } /* for each properties type we want to test */
2512 printf("%s --> security layer OK\n", mech);
2518 * Apply the given function to each machanism
2521 void foreach_mechanism(foreach_t *func, void *rock)
2525 sasl_conn_t *saslconn;
2527 struct sockaddr_in addr;
2532 /* Get the list of mechanisms */
2535 if (sasl_server_init(emptysasl_cb,"TestSuite")!=SASL_OK)
2536 fatal("sasl_server_init failed in foreach_mechanism");
2538 if ((hp = gethostbyname(myhostname)) == NULL) {
2539 perror("gethostbyname");
2540 fatal("can't gethostbyname");
2543 addr.sin_family = 0;
2544 memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
2545 addr.sin_port = htons(0);
2547 sprintf(buf,"%s;%d", inet_ntoa(addr.sin_addr), 0);
2549 if (sasl_server_new("rcmd", myhostname, NULL,
2551 &saslconn) != SASL_OK) {
2552 fatal("sasl_server_new in foreach_mechanism");
2555 if (sasl_setprop(saslconn, SASL_AUTH_EXTERNAL, authname)!=SASL_OK)
2556 fatal("sasl_setprop(SASL_AUTH_EXTERNAL) failed");
2558 result = sasl_listmech(saslconn,
2567 if(result != SASL_OK) {
2568 fatal("sasl_listmech in foreach_mechanism");
2571 memcpy(buf, out, len + 1);
2573 sasl_dispose(&saslconn);
2576 /* call the function for each mechanism */
2578 while (*start != '\0')
2580 while ((*str != '\n') && (*str != '\0'))
2595 void test_serverstart()
2598 sasl_conn_t *saslconn;
2601 struct sockaddr_in addr;
2605 if (sasl_server_init(emptysasl_cb,"TestSuite")!=SASL_OK)
2606 fatal("can't sasl_server_init in test_serverstart");
2608 if ((hp = gethostbyname(myhostname)) == NULL) {
2609 perror("gethostbyname");
2610 fatal("can't gethostbyname in test_serverstart");
2613 addr.sin_family = 0;
2614 memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
2615 addr.sin_port = htons(0);
2617 sprintf(buf,"%s;%d", inet_ntoa(addr.sin_addr), 0);
2619 if (sasl_server_new("rcmd", myhostname, NULL,
2621 &saslconn) != SASL_OK) {
2622 fatal("can't sasl_server_new in test_serverstart");
2626 /* Test null connection */
2627 result = sasl_server_start(NULL,
2634 if (result == SASL_OK) fatal("Said ok to null sasl_conn_t in sasl_server_start()");
2636 /* send plausible but invalid mechanism */
2637 result = sasl_server_start(saslconn,
2644 if (result == SASL_OK) fatal("Said ok to invalid mechanism");
2646 /* send really long and invalid mechanism */
2647 result = sasl_server_start(saslconn,
2654 if (result == SASL_OK) fatal("Said ok to invalid mechanism");
2656 sasl_dispose(&saslconn);
2660 void test_rand_corrupt(unsigned steps)
2665 for (lup=0;lup<steps;lup++)
2667 tosend.type = rand() % CORRUPT_SIZE;
2668 tosend.step = lup % MAX_STEPS;
2669 tosend.client_callbacks = NULL;
2671 printf("RANDOM TEST: (%s in step %d) (%d of %d)\n",corrupt_types[tosend.type],tosend.step,lup+1,steps);
2672 foreach_mechanism((foreach_t *) &sendbadsecond,&tosend);
2676 void test_proxypolicy()
2678 foreach_mechanism((foreach_t *) &do_proxypolicy_test,NULL);
2681 void test_all_corrupt()
2684 tosend.client_callbacks = NULL;
2686 /* Start just beyond NOTHING */
2687 for(tosend.type=1; tosend.type<CORRUPT_SIZE; tosend.type++) {
2688 for(tosend.step=0; tosend.step<MAX_STEPS; tosend.step++) {
2689 printf("TEST: %s in step %d:\n", corrupt_types[tosend.type],
2691 foreach_mechanism((foreach_t *) &sendbadsecond, &tosend);
2696 void test_seclayer()
2698 foreach_mechanism((foreach_t *) &testseclayer, NULL);
2701 void create_ids(void)
2703 sasl_conn_t *saslconn;
2705 struct sockaddr_in addr;
2708 #ifdef DO_SASL_CHECKAPOP
2710 const char challenge[] = "<1896.697170952@cyrus.andrew.cmu.edu>";
2712 unsigned char digest[16];
2716 if (sasl_server_init(goodsasl_cb,"TestSuite")!=SASL_OK)
2717 fatal("can't sasl_server_init in create_ids");
2719 if ((hp = gethostbyname(myhostname)) == NULL) {
2720 perror("gethostbyname");
2721 fatal("can't gethostbyname in create_ids");
2724 addr.sin_family = 0;
2725 memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
2726 addr.sin_port = htons(0);
2728 sprintf(buf,"%s;%d", inet_ntoa(addr.sin_addr), 0);
2730 if (sasl_server_new("rcmd", myhostname, NULL,
2732 &saslconn) != SASL_OK)
2733 fatal("can't sasl_server_new in create_ids");
2735 /* Try to set password then check it */
2737 result = sasl_setpass(saslconn, username, password,
2738 (unsigned) strlen(password),
2739 NULL, 0, SASL_SET_CREATE);
2740 if (result != SASL_OK) {
2741 printf("error was %s (%d)\n",sasl_errstring(result,NULL,NULL),result);
2742 fatal("Error setting password. Do we have write access to sasldb?");
2745 result = sasl_checkpass(saslconn, username,
2746 (unsigned) strlen(username),
2747 password, (unsigned) strlen(password));
2748 if (result != SASL_OK) {
2749 fprintf(stderr, "%s\n", sasl_errdetail(saslconn));
2750 fatal("Unable to verify password we just set");
2752 result = sasl_user_exists(saslconn, "imap", NULL, username);
2753 if(result != SASL_OK)
2754 fatal("sasl_user_exists did not find user");
2756 result = sasl_user_exists(saslconn, "imap", NULL,
2757 nonexistant_username);
2758 if(result == SASL_OK)
2759 fatal("sasl_user_exists found nonexistant username");
2761 /* Test sasl_checkapop */
2762 #ifdef DO_SASL_CHECKAPOP
2763 _sasl_MD5Init(&ctx);
2764 _sasl_MD5Update(&ctx,challenge,strlen(challenge));
2765 _sasl_MD5Update(&ctx,password,strlen(password));
2766 _sasl_MD5Final(digest, &ctx);
2768 /* convert digest from binary to ASCII hex */
2769 for (i = 0; i < 16; i++)
2770 sprintf(digeststr + (i*2), "%02x", digest[i]);
2772 sprintf(buf, "%s %s", username, digeststr);
2774 result = sasl_checkapop(saslconn,
2775 challenge, strlen(challenge),
2777 if(result != SASL_OK)
2778 fatal("Unable to checkapop password we just set");
2779 /* End checkapop test */
2780 #else /* Just check that checkapop is really turned off */
2781 if(sasl_checkapop(saslconn, NULL, 0, NULL, 0) == SASL_OK)
2782 fatal("sasl_checkapop seems to work but was disabled at compile time");
2785 /* now delete user and make sure can't find him anymore */
2786 result = sasl_setpass(saslconn, username, password,
2787 (unsigned) strlen(password),
2788 NULL, 0, SASL_SET_DISABLE);
2789 if (result != SASL_OK)
2790 fatal("Error disabling password. Do we have write access to sasldb?");
2792 result = sasl_checkpass(saslconn, username,
2793 (unsigned) strlen(username),
2794 password, (unsigned) strlen(password));
2795 if (result == SASL_OK) {
2796 printf("\n WARNING: sasl_checkpass got SASL_OK after disableing\n");
2797 printf(" This is generally ok, just an artifact of sasldb\n");
2798 printf(" being an external verifier\n");
2801 #ifdef DO_SASL_CHECKAPOP
2802 /* And checkapop... */
2803 result = sasl_checkapop(saslconn,
2804 challenge, strlen(challenge),
2806 if (result == SASL_OK) {
2807 printf("\n WARNING: sasl_checkapop got SASL_OK after disableing\n");
2808 printf(" This is generally ok, just an artifact of sasldb\n");
2809 printf(" being an external verifier\n");
2813 /* try bad params */
2814 if (sasl_setpass(NULL,username, password,
2815 (unsigned) strlen(password),
2816 NULL, 0, SASL_SET_CREATE)==SASL_OK)
2817 fatal("Didn't specify saslconn");
2818 if (sasl_setpass(saslconn,username, password, 0, NULL, 0, SASL_SET_CREATE)==SASL_OK)
2819 fatal("Allowed password of zero length");
2820 if (sasl_setpass(saslconn,username, password,
2821 (unsigned) strlen(password), NULL, 0, 43)==SASL_OK)
2822 fatal("Gave weird code");
2825 if (sasl_setpass(saslconn,really_long_string,
2826 password, (unsigned)strlen(password),
2827 NULL, 0, SASL_SET_CREATE)!=SASL_OK)
2828 fatal("Didn't allow really long username");
2830 printf("WARNING: skipping sasl_setpass() on really_long_string with NDBM\n");
2833 if (sasl_setpass(saslconn,"bob",really_long_string,
2834 (unsigned) strlen(really_long_string),NULL, 0,
2835 SASL_SET_CREATE)!=SASL_OK)
2836 fatal("Didn't allow really long password");
2838 result = sasl_setpass(saslconn,"frank",
2839 password, (unsigned) strlen(password),
2840 NULL, 0, SASL_SET_DISABLE);
2842 if ((result!=SASL_NOUSER) && (result!=SASL_OK))
2844 printf("error = %d\n",result);
2845 fatal("Disabling non-existant didn't return SASL_NOUSER");
2848 /* Now set the user again (we use for rest of program) */
2849 result = sasl_setpass(saslconn, username,
2850 password, (unsigned) strlen(password),
2851 NULL, 0, SASL_SET_CREATE);
2852 if (result != SASL_OK)
2853 fatal("Error setting password. Do we have write access to sasldb?");
2856 sasl_dispose(&saslconn);
2861 * Test the checkpass routine
2864 void test_checkpass(void)
2866 sasl_conn_t *saslconn;
2868 /* try without initializing anything */
2869 if(sasl_checkpass(NULL,
2871 (unsigned) strlen(username),
2873 (unsigned) strlen(password)) != SASL_NOTINIT) {
2874 fatal("sasl_checkpass() when library not initialized");
2877 if (sasl_server_init(goodsasl_cb,"TestSuite")!=SASL_OK)
2878 fatal("can't sasl_server_init in test_checkpass");
2880 if (sasl_server_new("rcmd", myhostname,
2881 NULL, NULL, NULL, NULL, 0,
2882 &saslconn) != SASL_OK)
2883 fatal("can't sasl_server_new in test_checkpass");
2885 /* make sure works for general case */
2887 if (sasl_checkpass(saslconn, username, (unsigned) strlen(username),
2888 password, (unsigned) strlen(password))!=SASL_OK)
2889 fatal("sasl_checkpass() failed on simple case");
2892 if (sasl_checkpass(NULL, username, (unsigned) strlen(username),
2893 password, (unsigned) strlen(password)) == SASL_OK)
2894 fatal("Suceeded with NULL saslconn");
2896 /* NULL username -- should be OK if sasl_checkpass enabled */
2897 if (sasl_checkpass(saslconn, NULL, (unsigned) strlen(username),
2898 password, (unsigned) strlen(password)) != SASL_OK)
2899 fatal("failed check if sasl_checkpass is enabled");
2902 if (sasl_checkpass(saslconn, username, (unsigned) strlen(username),
2903 NULL, (unsigned) strlen(password)) == SASL_OK)
2904 fatal("Suceeded with NULL password");
2906 sasl_dispose(&saslconn);
2915 printf("-For KERBEROS_V4 must be able to read srvtab file (usually /etc/srvtab)\n");
2916 printf("-For GSSAPI must be able to read srvtab (/etc/krb5.keytab)\n");
2917 printf("-For both KERBEROS_V4 and GSSAPI you must have non-expired tickets\n");
2918 printf("-For OTP (w/OPIE) must be able to read/write opiekeys (/etc/opiekeys)\n");
2919 printf("-For OTP you must have a non-expired secret\n");
2920 printf("-Must be able to read sasldb, which needs to be setup with a\n");
2921 printf(" username and a password (see top of testsuite.c)\n");
2928 " testsuite [-g name] [-s seed] [-r tests] -a -M\n" \
2929 " g -- gssapi service name to use (default: host)\n" \
2930 " r -- # of random tests to do (default: 25)\n" \
2931 " a -- do all corruption tests (and ignores random ones unless -r specified)\n" \
2932 " n -- skip the initial \"do correctly\" tests\n"
2933 " h -- show this screen\n" \
2934 " s -- random seed to use\n" \
2935 " M -- detailed memory debugging ON\n" \
2939 int main(int argc, char **argv)
2942 int random_tests = -1;
2944 int skip_do_correct = 0;
2945 unsigned int seed = (unsigned int) time(NULL);
2947 /* initialize winsock */
2951 result = WSAStartup( MAKEWORD(2, 0), &wsaData );
2953 fatal("Windows sockets initialization failure");
2957 while ((c = getopt(argc, argv, "Ms:g:r:han")) != EOF)
2960 DETAILED_MEMORY_DEBUGGING = 1;
2963 seed = atoi(optarg);
2966 gssapi_service = optarg;
2969 random_tests = atoi(optarg);
2976 skip_do_correct = 1;
2984 fatal("Invalid parameter\n");
2988 g_secret = malloc(sizeof(sasl_secret_t) + strlen(password));
2989 g_secret->len = (unsigned) strlen(password);
2990 strcpy(g_secret->data, password);
2992 if(random_tests < 0) random_tests = 25;
2998 #if 0 /* Disabled because it is borked */
2999 printf("Creating id's in mechanisms (not in sasldb)...\n");
3001 if(mem_stat() != SASL_OK) fatal("memory error");
3002 printf("Creating id's in mechanisms (not in sasldb)... ok\n");
3005 printf("Checking plaintext passwords... ");
3007 if(mem_stat() != SASL_OK) fatal("memory error");
3010 printf("Random number functions... ");
3012 if(mem_stat() != SASL_OK) fatal("memory error");
3015 printf("Testing base64 functions... ");
3017 if(mem_stat() != SASL_OK) fatal("memory error");
3020 printf("Testing auxprop functions... ");
3022 if(mem_stat() != SASL_OK) fatal("memory error");
3025 printf("Tests of sasl_{server|client}_init()... ");
3027 if(mem_stat() != SASL_OK) fatal("memory error");
3030 printf("Testing sasl_listmech()... \n");
3032 if(mem_stat() != SASL_OK) fatal("memory error");
3033 printf("Testing sasl_listmech()... ok\n");
3035 printf("Testing serverstart...");
3037 if(mem_stat() != SASL_OK) fatal("memory error");
3040 if(!skip_do_correct) {
3043 tosend.type = NOTHING;
3045 tosend.client_callbacks = client_interactions;
3047 printf("Testing client-first/no-server-last correctly...\n");
3048 foreach_mechanism((foreach_t *) &test_clientfirst,&tosend);
3049 if(mem_stat() != SASL_OK) fatal("memory error");
3050 printf("Test of client-first/no-server-last...ok\n");
3052 printf("Testing no-client-first/no-server-last correctly...\n");
3053 foreach_mechanism((foreach_t *) &test_noclientfirst, &tosend);
3054 if(mem_stat() != SASL_OK) fatal("memory error");
3055 printf("Test of no-client-first/no-server-last...ok\n");
3057 printf("Testing no-client-first/server-last correctly...\n");
3058 foreach_mechanism((foreach_t *) &test_noclientfirst_andserverlast,
3060 if(mem_stat() != SASL_OK) fatal("memory error");
3061 printf("Test of no-client-first/server-last...ok\n");
3063 printf("Testing client-first/server-last correctly...\n");
3064 foreach_mechanism((foreach_t *) &test_serverlast, &tosend);
3065 if(mem_stat() != SASL_OK) fatal("memory error");
3066 printf("Test of client-first/server-last...ok\n");
3068 tosend.client_callbacks = client_callbacks;
3069 printf("-=-=-=-=- And now using the callbacks interface -=-=-=-=-\n");
3071 printf("Testing client-first/no-server-last correctly...\n");
3072 foreach_mechanism((foreach_t *) &test_clientfirst,&tosend);
3073 if(mem_stat() != SASL_OK) fatal("memory error");
3074 printf("Test of client-first/no-server-last...ok\n");
3076 printf("Testing no-client-first/no-server-last correctly...\n");
3077 foreach_mechanism((foreach_t *) &test_noclientfirst, &tosend);
3078 if(mem_stat() != SASL_OK) fatal("memory error");
3079 printf("Test of no-client-first/no-server-last...ok\n");
3081 printf("Testing no-client-first/server-last correctly...\n");
3082 foreach_mechanism((foreach_t *) &test_noclientfirst_andserverlast,
3084 if(mem_stat() != SASL_OK) fatal("memory error");
3085 printf("Test of no-client-first/server-last...ok\n");
3087 printf("Testing client-first/server-last correctly...\n");
3088 foreach_mechanism((foreach_t *) &test_serverlast, &tosend);
3089 if(mem_stat() != SASL_OK) fatal("memory error");
3090 printf("Test of client-first/server-last...ok\n");
3092 printf("Testing client-first/no-server-last correctly...skipped\n");
3093 printf("Testing no-client-first/no-server-last correctly...skipped\n");
3094 printf("Testing no-client-first/server-last correctly...skipped\n");
3095 printf("Testing client-first/server-last correctly...skipped\n");
3096 printf("Above tests with callbacks interface...skipped\n");
3099 /* FIXME: do memory tests below here on the things
3100 * that are MEANT to fail sometime. */
3102 printf("All corruption tests...\n");
3104 printf("All corruption tests... ok\n");
3108 printf("Random corruption tests...\n");
3109 test_rand_corrupt(random_tests);
3110 printf("Random tests... ok\n");
3112 printf("Random tests... skipped\n");
3115 printf("Testing Proxy Policy...\n");
3117 printf("Tests of Proxy Policy...ok\n");
3119 printf("Testing security layer...\n");
3121 printf("Tests of security layer... ok\n");
3123 printf("All tests seemed to go ok (i.e. we didn't crash)\n");