Macro test authentication methods stand alone.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ TestAuth.C +
+ +
+ Test of authentication methods +
+ +
+ Syntax: +
+ +
+ .x TestAuth.C(<port>,"<user>","<krb5_princ>","<globus_det>") +
+ +
+ <port> = rootd port (default 1094) +
+ <user> = login user name for the test +
+ (default from getpwuid) +
+ <krb5_princ> = Principal to be used for Krb5 authentication +
+ in the form user@THE.REA.LM +
+ ( default: <running_user@Default_Realm with +
+ Default_realm taken from /etc/krb5.conf +
+ or the $KRB5_CONFIG file ) +
+ <globus_det> = details for the globus authentication +
+ ( default ad:certificates cd:$HOME/.globus +
+ cf:usercert.pem kf:userkey.pem ) +
+ +
+ >>> MAKE SURE that rootd is running <<< +
+ +
+ See $ROOTSYS/README/README.AUTH for additional details +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ Basic test parameters: +
+ +
+ Local User is : ganis
+ Authentication
Details : pt:0 ru:1
us:ganis
+ Current directory is : /home/ganis/local/root/root/tutorials
+ Krb5
Details : pt:0 ru:1
us:ganis@PCEPSFT43.CERN.CH
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ Testing UsrPwd ... +
ganis@localhost password:
+ +
+ Testing SRP ... +
ganis@localhost SRP password:
+ +
+ Testing Krb5 ... +
Password for ganis@PCEPSFT43.CERN.CH:
+ +
+ Testing Globus ... +
Local Globus Certificates ( )
Enter <key>:<new value> to change:
Your identity: /O=Grid/OU=GlobusTest/OU=simpleCA-arthux.cern.ch/OU=cern.ch/CN=ganis
Enter GRID pass phrase for this identity:
Creating proxy ............................ Done
Your proxy is valid until: Fri Oct 31 09:33:04 2003
+ +
+ Testing SSH ... +
ganis@localhost's password:
+ +
+ Testing UidGid ... +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ Result of the tests: +
+ +
+ Method: 0 (UsrPwd): successful! (reuse: successful!) +
+ Method: 1 (SRP): successful! (reuse: successful!) +
+ Method: 2 (Krb5): successful! (reuse: successful!) +
+ Method: 3 (Globus): successful! (reuse: successful!) +
+ Method: 4 (SSH): successful! (reuse: successful!) +
+ Method: 5 (UidGid): successful! +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
int TestAuth(int port = 1094, char *user = "", char *krb5 = "", char *globus = "")
{
Bool_t HaveMeth[6] = {1,0,0,0,0,1};
Int_t TestMeth[6] = {0,0,0,0,0,0};
Int_t TestReUse[6] = {3,3,3,3,3,3};
printf("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
printf("+ +\n");
printf("+ TestAuth.C +\n");
printf("+ +\n");
printf("+ Test of authentication methods +\n");
printf("+ +\n");
printf("+ Syntax: +\n");
printf("+ +\n");
printf("+ .x TestAuth.C(<port>,\"<user>\",\"<krb5_princ>\",\"<globus_det>\") +\n");
printf("+ +\n");
printf("+ <port> = rootd port (default 1094) +\n");
printf("+ <user> = login user name for the test +\n");
printf("+ (default from getpwuid) +\n");
printf("+ <krb5_princ> = Principal to be used for Krb5 authentication +\n");
printf("+ in the form user@THE.REA.LM +\n");
printf("+ ( default: <running_user@Default_Realm with +\n");
printf("+ Default_realm taken from /etc/krb5.conf +\n");
printf("+ or the $KRB5_CONFIG file ) +\n");
printf("+ <globus_det> = details for the globus authentication +\n");
printf("+ ( default ad:certificates cd:$HOME/.globus +\n");
printf("+ cf:usercert.pem kf:userkey.pem ) +\n");
printf("+ +\n");
printf("+ >>> MAKE SURE that rootd is running <<< +\n");
printf("+ +\n");
printf("+ See $ROOTSYS/README/README.AUTH for additional details +\n");
printf("+ +\n");
printf("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n\n");
if (User == "") {
if (!u) {
printf("\n >>>> 'user' not defined: please enter a valid username:\n");
char utmp[256] = {0};
scanf("%s",utmp);
if (strlen(utmp)) {
User = utmp;
} else {
printf(">>>> no 'user' defined: return!\n");
return 1;
}
} else {
}
}
char *p;
HaveMeth[1] = 1;
}
delete[] p;
HaveMeth[2] = 1;
if (strlen(krb5) > 0) {
} else {
}
Krb5Conf = "/etc/krb5.conf";
} else {
printf("\n >>>> Kerberos Principal undefined\n");
printf("\n >>>> unable to localize Kerberos config file to build a default\n");
printf("\n >>>> Switching off Kerberos\n");
printf("\n >>>> Run again with giving the principal as 3rd argument\n");
printf("\n >>>> or define the variable KRB5_CONFIG with the full path \n");
printf("\n >>>> to the config file (usually /etc/krb5.conf)\n");
HaveMeth[2] = 0;
}
if (HaveMeth[2] == 1) {
FILE *fc = fopen(Krb5Conf.
Data(),
"r");
if (fc) {
char line[1024], fs1[1024], fs2[1024], fs3[1024];
while (fgets(line, sizeof(line), fc) != 0) {
int nf = sscanf(line,"%s %s %s",fs1,fs2,fs3);
if (nf == 3 && !strcmp(fs1,"default_realm")) {
Realm = fs3;
break;
}
}
fclose(fc);
} else {
HaveMeth[2] = 0;
}
}
}
}
delete[] p;
HaveMeth[3] = 1;
}
delete[] p;
HaveMeth[4] = 1;
}
printf("\n+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
printf("+ +\n");
printf("+ Basic test parameters: +\n");
printf("+ +\n");
printf(
"+ Local User is : %s \n",User.
Data());
printf(
"+ Authentication Details : %s \n",Details.
Data());
printf(
"+ TFTP string : %s \n",TFTPPath.
Data());
if (HaveMeth[2]) {
printf(
"+ Krb5 Details : %s \n",Krb5Details.
Data());
}
printf("+ +\n");
printf("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
if (lDebug > 0)
printf("+ +\n");
printf("+ Testing UsrPwd ... +\n");
if (ha) {
} else {
}
if (lDebug > 0)
{
TestMeth[0] = 1;
} else {
printf(" >>>>>>>>>>>>>>>> Test of UsrPwd authentication failed \n");
}}
if (TestMeth[0] == 1) {
if (ai->GetMethod() == 0) {
TestReUse[0] = 0;
if (OffSet > -1) {
TestReUse[0] = 1;
}
}
}
}
if ( HaveMeth[1] ) {
printf("+ +\n");
printf("+ Testing SRP ... +\n");
if (lDebug > 0)
TestMeth[1] = 1;
} else {
printf(" >>>>>>>>>>>>>>>> Test of SRP authentication failed \n");
}
if (TestMeth[1] == 1) {
if (ai->GetMethod() == 1) {
TestReUse[1] = 0;
if (OffSet > -1) {
TestReUse[1] = 1;
}
}
}
}
}
if ( HaveMeth[2] ) {
printf("+ +\n");
printf("+ Testing Krb5 ... +\n");
if (hak) {
if (lDebug > 0)
printf(" >>>>>>>>>>>>>>>> Krb5: existing THostAuth found \n");
} else {
}
if (lDebug > 0)
TestMeth[2] = 1;
} else {
printf(" >>>>>>>>>>>>>>>> Test of Kerberos authentication failed \n");
if (strlen(krb5) > 0) {
printf(" >>>>>>>>>>>>>>>> details used: '%s' \n",krb5);
}
}
if (TestMeth[2] == 1) {
if (ai->GetMethod() == 2) {
TestReUse[2] = 0;
if (OffSet > -1) {
TestReUse[2] = 1;
}
}
}
}
}
if ( HaveMeth[3] ) {
printf("+ +\n");
printf("+ Testing Globus ... +\n");
if (lDebug > 0)
TestMeth[3] = 1;
} else {
printf(" >>>>>>>>>>>>>>>> Test of Globus authentication failed \n");
if (strlen(globus) > 0) {
printf(" >>>>>>>>>>>>>>>> details used: '%s' \n",globus);
} else {
printf(" >>>>>>>>>>>>>>>> using default details: \n");
printf(" >>>>>>>>>>>>>>>> ad:/etc/grid-security/certificates");
printf(" cd:$HOME/.globus cf:usercert.pem kf:userkey.pem\n");
}
if (u) {
printf(" >>>>>>>>>>>>>>>> You are not root,");
printf(" you may not have the right privileges\n");
printf(" >>>>>>>>>>>>>>>> Make sure that the used details are correct! \n");
}
}
}
if (TestMeth[3] == 1) {
if (ai->GetMethod() == 3) {
TestReUse[3] = 0;
if (OffSet > -1) {
TestReUse[3] = 1;
}
}
}
}
}
if ( HaveMeth[4] ) {
printf("+ +\n");
printf("+ Testing SSH ... +\n");
if (lDebug > 0)
TestMeth[4] = 1;
} else {
printf(" >>>>>>>>>>>>>>>> Test of SSH authentication failed \n");
}
if (TestMeth[4] == 1) {
if (ai->GetMethod() == 4) {
TestReUse[4] = 0;
if (OffSet > -1) {
TestReUse[4] = 1;
}
}
}
}
}
printf("+ +\n");
printf("+ Testing UidGid ... +\n");
if (lDebug > 0)
{
TestMeth[5] = 1;
} else {
printf(" >>>>>>>>>>>>>>>> Test of UidGid authentication failed \n");
}}
printf("+ +\n");
printf("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
if (lDebug > 0)
if (hasv1) {
} else {
}
if (hasv2) {
} else {
}
printf("\n+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
printf("+ +\n");
printf("+ Result of the tests: +\n");
printf("+ +\n");
char status[4][20] = {"failed!","successful!","not testable","not tested"};
int i = 0;
for( i=0; i<6; i++ ) {
if (HaveMeth[i] && TestMeth[i] < 2) {
if (i < 5) {
printf("+ Method: %d %8s: %11s (reuse: %11s) +\n",i,
status[TestMeth[i]],status[TestReUse[i]]);
} else
printf("+ Method: %d %8s: %11s +\n",i,
status[TestMeth[i]]);
}
}
for( i=0; i<6; i++ ) {
if (HaveMeth[i] && TestMeth[i] > 1) {
if (NotPrinted) {
printf("+ +\n");
printf("+ Could not be tested: +\n");
printf("+ +\n");
}
printf("+ Method: %d %8s: %11s +\n",i,
status[TestMeth[i]]);
}
}
printf("+ +\n");
printf("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
}