search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
No empty .Rs/.Re
[netbsd-mini2440.git] / crypto / dist / heimdal / appl / gssmask / gssmaestro.c
blob12b81569852c1aea1c5ae9a3364e26e261ea65c3
1 /*
2 * Copyright (c) 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of KTH nor the names of its contributors may be
18 * used to endorse or promote products derived from this software without
19 * specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 */
33
34 #include <common.h>
35 __RCSID("$Heimdal: gssmaestro.c 21605 2007-07-17 06:51:57Z lha $"
36 "$NetBSD$");
37
38 static FILE *logfile;
39
40 /*
41 *
42 */
43
44 struct client {
45 char *name;
46 struct sockaddr *sa;
47 socklen_t salen;
48 krb5_storage *sock;
49 int32_t capabilities;
50 char *target_name;
51 char *moniker;
52 krb5_storage *logsock;
53 int have_log;
54 #ifdef ENABLE_PTHREAD_SUPPORT
55 pthread_t thr;
56 #else
57 pid_t child;
58 #endif
59 };
60
61 static struct client **clients;
62 static int num_clients;
63
64 static int
65 init_sec_context(struct client *client,
66 int32_t *hContext, int32_t *hCred,
67 int32_t flags,
68 const char *targetname,
69 const krb5_data *itoken, krb5_data *otoken)
70 {
71 int32_t val;
72 krb5_data_zero(otoken);
73 put32(client, eInitContext);
74 put32(client, *hContext);
75 put32(client, *hCred);
76 put32(client, flags);
77 putstring(client, targetname);
78 putdata(client, *itoken);
79 ret32(client, *hContext);
80 ret32(client, val);
81 retdata(client, *otoken);
82 return val;
83 }
84
85 static int
86 accept_sec_context(struct client *client,
87 int32_t *hContext,
88 int32_t flags,
89 const krb5_data *itoken,
90 krb5_data *otoken,
91 int32_t *hDelegCred)
92 {
93 int32_t val;
94 krb5_data_zero(otoken);
95 put32(client, eAcceptContext);
96 put32(client, *hContext);
97 put32(client, flags);
98 putdata(client, *itoken);
99 ret32(client, *hContext);
100 ret32(client, val);
101 retdata(client, *otoken);
102 ret32(client, *hDelegCred);
103 return val;
104 }
105
106 static int
107 acquire_cred(struct client *client,
108 const char *username,
109 const char *password,
110 int32_t flags,
111 int32_t *hCred)
112 {
113 int32_t val;
114 put32(client, eAcquireCreds);
115 putstring(client, username);
116 putstring(client, password);
117 put32(client, flags);
118 ret32(client, val);
119 ret32(client, *hCred);
120 return val;
121 }
122
123 static int
124 toast_resource(struct client *client,
125 int32_t hCred)
126 {
127 int32_t val;
128 put32(client, eToastResource);
129 put32(client, hCred);
130 ret32(client, val);
131 return val;
132 }
133
134 static int
135 goodbye(struct client *client)
136 {
137 put32(client, eGoodBye);
138 return GSMERR_OK;
139 }
140
141 static int
142 get_targetname(struct client *client,
143 char **target)
144 {
145 put32(client, eGetTargetName);
146 retstring(client, *target);
147 return GSMERR_OK;
148 }
149
150 static int32_t
151 encrypt_token(struct client *client, int32_t hContext, int32_t flags,
152 krb5_data *in, krb5_data *out)
153 {
154 int32_t val;
155 put32(client, eEncrypt);
156 put32(client, hContext);
157 put32(client, flags);
158 put32(client, 0);
159 putdata(client, *in);
160 ret32(client, val);
161 retdata(client, *out);
162 return val;
163 }
164
165 static int32_t
166 decrypt_token(struct client *client, int32_t hContext, int flags,
167 krb5_data *in, krb5_data *out)
168 {
169 int32_t val;
170 put32(client, eDecrypt);
171 put32(client, hContext);
172 put32(client, flags);
173 put32(client, 0);
174 putdata(client, *in);
175 ret32(client, val);
176 retdata(client, *out);
177 return val;
178 }
179
180 static int32_t
181 get_mic(struct client *client, int32_t hContext,
182 krb5_data *in, krb5_data *mic)
183 {
184 int32_t val;
185 put32(client, eSign);
186 put32(client, hContext);
187 put32(client, 0);
188 put32(client, 0);
189 putdata(client, *in);
190 ret32(client, val);
191 retdata(client, *mic);
192 return val;
193 }
194
195 static int32_t
196 verify_mic(struct client *client, int32_t hContext,
197 krb5_data *in, krb5_data *mic)
198 {
199 int32_t val;
200 put32(client, eVerify);
201 put32(client, hContext);
202 put32(client, 0);
203 put32(client, 0);
204 putdata(client, *in);
205 putdata(client, *mic);
206 ret32(client, val);
207 return val;
208 }
209
210
211 static int32_t
212 get_version_capa(struct client *client,
213 int32_t *version, int32_t *capa,
214 char **version_str)
215 {
216 put32(client, eGetVersionAndCapabilities);
217 ret32(client, *version);
218 ret32(client, *capa);
219 retstring(client, *version_str);
220 return GSMERR_OK;
221 }
222
223 static int32_t
224 get_moniker(struct client *client,
225 char **moniker)
226 {
227 put32(client, eGetMoniker);
228 retstring(client, *moniker);
229 return GSMERR_OK;
230 }
231
232 static int
233 wait_log(struct client *c)
234 {
235 int32_t port;
236 struct sockaddr_storage sast;
237 socklen_t salen = sizeof(sast);
238 int fd, fd2, ret;
239
240 memset(&sast, 0, sizeof(sast));
241
242 assert(sizeof(sast) >= c->salen);
243
244 fd = socket(c->sa->sa_family, SOCK_STREAM, 0);
245 if (fd < 0)
246 err(1, "failed to build socket for %s's logging port", c->moniker);
247
248 ((struct sockaddr *)&sast)->sa_family = c->sa->sa_family;
249 ret = bind(fd, (struct sockaddr *)&sast, c->salen);
250 if (ret < 0)
251 err(1, "failed to bind %s's logging port", c->moniker);
252
253 if (listen(fd, SOMAXCONN) < 0)
254 err(1, "failed to listen %s's logging port", c->moniker);
255
256 salen = sizeof(sast);
257 ret = getsockname(fd, (struct sockaddr *)&sast, &salen);
258 if (ret < 0)
259 err(1, "failed to get address of local socket for %s", c->moniker);
260
261 port = socket_get_port((struct sockaddr *)&sast);
262
263 put32(c, eSetLoggingSocket);
264 put32(c, ntohs(port));
265
266 salen = sizeof(sast);
267 fd2 = accept(fd, (struct sockaddr *)&sast, &salen);
268 if (fd2 < 0)
269 err(1, "failed to accept local socket for %s", c->moniker);
270 close(fd);
271
272 return fd2;
273 }
274
275
276
277
278 static int
279 build_context(struct client *ipeer, struct client *apeer,
280 int32_t flags, int32_t hCred,
281 int32_t *iContext, int32_t *aContext, int32_t *hDelegCred)
282 {
283 int32_t val = GSMERR_ERROR, ic = 0, ac = 0, deleg = 0;
284 krb5_data itoken, otoken;
285 int iDone = 0, aDone = 0;
286 int step = 0;
287 int first_call = 0x80;
288
289 if (apeer->target_name == NULL)
290 errx(1, "apeer %s have no target name", apeer->name);
291
292 krb5_data_zero(&itoken);
293
294 while (!iDone || !aDone) {
295
296 if (iDone) {
297 warnx("iPeer already done, aPeer want extra rtt");
298 val = GSMERR_ERROR;
299 goto out;
300 }
301
302 val = init_sec_context(ipeer, &ic, &hCred, flags|first_call,
303 apeer->target_name, &itoken, &otoken);
304 step++;
305 switch(val) {
306 case GSMERR_OK:
307 iDone = 1;
308 if (aDone)
309 continue;
310 break;
311 case GSMERR_CONTINUE_NEEDED:
312 break;
313 default:
314 warnx("iPeer %s failed with %d (step %d)",
315 ipeer->name, (int)val, step);
316 goto out;
317 }
318
319 if (aDone) {
320 warnx("aPeer already done, iPeer want extra rtt");
321 val = GSMERR_ERROR;
322 goto out;
323 }
324
325 val = accept_sec_context(apeer, &ac, flags|first_call,
326 &otoken, &itoken, &deleg);
327 step++;
328 switch(val) {
329 case GSMERR_OK:
330 aDone = 1;
331 if (iDone)
332 continue;
333 break;
334 case GSMERR_CONTINUE_NEEDED:
335 break;
336 default:
337 warnx("aPeer %s failed with %d (step %d)",
338 apeer->name, (int)val, step);
339 val = GSMERR_ERROR;
340 goto out;
341 }
342 first_call = 0;
343 val = GSMERR_OK;
344 }
345
346 if (iContext == NULL || val != GSMERR_OK) {
347 if (ic)
348 toast_resource(ipeer, ic);
349 if (iContext)
350 *iContext = 0;
351 } else
352 *iContext = ic;
353
354 if (aContext == NULL || val != GSMERR_OK) {
355 if (ac)
356 toast_resource(apeer, ac);
357 if (aContext)
358 *aContext = 0;
359 } else
360 *aContext = ac;
361
362 if (hDelegCred == NULL || val != GSMERR_OK) {
363 if (deleg)
364 toast_resource(apeer, deleg);
365 if (hDelegCred)
366 *hDelegCred = 0;
367 } else
368 *hDelegCred = deleg;
369
370 out:
371 return val;
372 }
373
374 static void
375 test_mic(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2)
376 {
377 krb5_data msg, mic;
378 int32_t val;
379
380 msg.data = "foo";
381 msg.length = 3;
382
383 krb5_data_zero(&mic);
384
385 val = get_mic(c1, hc1, &msg, &mic);
386 if (val)
387 errx(1, "get_mic failed to host: %s", c1->moniker);
388 val = verify_mic(c2, hc2, &msg, &mic);
389 if (val)
390 errx(1, "verify_mic failed to host: %s", c2->moniker);
391
392 krb5_data_free(&mic);
393 }
394
395 static int32_t
396 test_wrap(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2,
397 int conf)
398 {
399 krb5_data msg, wrapped, out;
400 int32_t val;
401
402 msg.data = "foo";
403 msg.length = 3;
404
405 krb5_data_zero(&wrapped);
406 krb5_data_zero(&out);
407
408 val = encrypt_token(c1, hc1, conf, &msg, &wrapped);
409 if (val) {
410 warnx("encrypt_token failed to host: %s", c1->moniker);
411 return val;
412 }
413 val = decrypt_token(c2, hc2, conf, &wrapped, &out);
414 if (val) {
415 krb5_data_free(&wrapped);
416 warnx("decrypt_token failed to host: %s", c2->moniker);
417 return val;
418 }
419
420 if (msg.length != out.length) {
421 warnx("decrypted'ed token have wrong length (%lu != %lu)",
422 (unsigned long)msg.length, (unsigned long)out.length);
423 val = GSMERR_ERROR;
424 } else if (memcmp(msg.data, out.data, msg.length) != 0) {
425 warnx("decryptd'ed token have wrong data");
426 val = GSMERR_ERROR;
427 }
428
429 krb5_data_free(&wrapped);
430 krb5_data_free(&out);
431 return val;
432 }
433
434 static int32_t
435 test_token(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2)
436 {
437 int32_t val;
438 int i;
439
440 for (i = 0; i < 10; i++) {
441 test_mic(c1, hc1, c2, hc2);
442 test_mic(c2, hc2, c1, hc1);
443 val = test_wrap(c1, hc1, c2, hc2, 0);
444 if (val) return val;
445 val = test_wrap(c2, hc2, c1, hc1, 0);
446 if (val) return val;
447 val = test_wrap(c1, hc1, c2, hc2, 1);
448 if (val) return val;
449 val = test_wrap(c2, hc2, c1, hc1, 1);
450 if (val) return val;
451 }
452 return GSMERR_OK;
453 }
454
455 static int
456 log_function(void *ptr)
457 {
458 struct client *c = ptr;
459 int32_t cmd, line;
460 char *file, *string;
461
462 while (1) {
463 if (krb5_ret_int32(c->logsock, &cmd))
464 goto out;
465
466 switch (cmd) {
467 case eLogSetMoniker:
468 if (krb5_ret_string(c->logsock, &file))
469 goto out;
470 free(file);
471 break;
472 case eLogInfo:
473 case eLogFailure:
474 if (krb5_ret_string(c->logsock, &file))
475 goto out;
476 if (krb5_ret_int32(c->logsock, &line))
477 goto out;
478 if (krb5_ret_string(c->logsock, &string))
479 goto out;
480 printf("%s:%lu: %s\n",
481 file, (unsigned long)line, string);
482 fprintf(logfile, "%s:%lu: %s\n",
483 file, (unsigned long)line, string);
484 fflush(logfile);
485 free(file);
486 free(string);
487 if (krb5_store_int32(c->logsock, 0))
488 goto out;
489 break;
490 default:
491 errx(1, "client send bad log command: %d", (int)cmd);
492 }
493 }
494 out:
495
496 return 0;
497 }
498
499 static void
500 connect_client(const char *slave)
501 {
502 char *name, *port;
503 struct client *c = ecalloc(1, sizeof(*c));
504 struct addrinfo hints, *res0, *res;
505 int ret, fd;
506
507 name = estrdup(slave);
508 port = strchr(name, ':');
509 if (port == NULL)
510 errx(1, "port missing from %s", name);
511 *port++ = 0;
512
513 c->name = estrdup(slave);
514
515 memset(&hints, 0, sizeof(hints));
516 hints.ai_family = PF_UNSPEC;
517 hints.ai_socktype = SOCK_STREAM;
518
519 ret = getaddrinfo(name, port, &hints, &res0);
520 if (ret)
521 errx(1, "error resolving %s", name);
522
523 for (res = res0, fd = -1; res; res = res->ai_next) {
524 fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
525 if (fd < 0)
526 continue;
527 if (connect(fd, res->ai_addr, res->ai_addrlen) < 0) {
528 close(fd);
529 fd = -1;
530 continue;
531 }
532 c->sa = ecalloc(1, res->ai_addrlen);
533 memcpy(c->sa, res->ai_addr, res->ai_addrlen);
534 c->salen = res->ai_addrlen;
535 break; /* okay we got one */
536 }
537 if (fd < 0)
538 err(1, "connect to host: %s", name);
539 freeaddrinfo(res);
540
541 c->sock = krb5_storage_from_fd(fd);
542 close(fd);
543 if (c->sock == NULL)
544 errx(1, "krb5_storage_from_fd");
545
546 {
547 int32_t version;
548 char *str = NULL;
549 get_version_capa(c, &version, &c->capabilities, &str);
550 if (str) {
551 free(str);
552 }
553 if (c->capabilities & HAS_MONIKER)
554 get_moniker(c, &c->moniker);
555 else
556 c->moniker = c->name;
557 if (c->capabilities & ISSERVER)
558 get_targetname(c, &c->target_name);
559 }
560
561 if (logfile) {
562 int fd;
563
564 printf("starting log socket to client %s\n", c->moniker);
565
566 fd = wait_log(c);
567
568 c->logsock = krb5_storage_from_fd(fd);
569 close(fd);
570 if (c->logsock == NULL)
571 errx(1, "failed to create log krb5_storage");
572 #ifdef ENABLE_PTHREAD_SUPPORT
573 pthread_create(&c->thr, NULL, log_function, c);
574 #else
575 c->child = fork();
576 if (c->child == -1)
577 errx(1, "failed to fork");
578 else if (c->child == 0) {
579 log_function(c);
580 fclose(logfile);
581 exit(0);
582 }
583 #endif
584 }
585
586
587 clients = erealloc(clients, (num_clients + 1) * sizeof(*clients));
588
589 clients[num_clients] = c;
590 num_clients++;
591
592 free(name);
593 }
594
595 static struct client *
596 get_client(const char *slave)
597 {
598 size_t i;
599 for (i = 0; i < num_clients; i++)
600 if (strcmp(slave, clients[i]->name) == 0)
601 return clients[i];
602 errx(1, "failed to find client %s", slave);
603 }
604
605 /*
606 *
607 */
608
609 static int version_flag;
610 static int help_flag;
611 static char *logfile_str;
612 static getarg_strings principals;
613 static getarg_strings slaves;
614
615 struct getargs args[] = {
616 { "principals", 0, arg_strings, &principals, "Test principal",
617 NULL },
618 { "slaves", 0, arg_strings, &slaves, "Slaves",
619 NULL },
620 { "log-file", 0, arg_string, &logfile_str, "Logfile",
621 NULL },
622 { "version", 0, arg_flag, &version_flag, "Print version",
623 NULL },
624 { "help", 0, arg_flag, &help_flag, NULL,
625 NULL }
626 };
627
628 static void
629 usage(int ret)
630 {
631 arg_printusage (args,
632 sizeof(args) / sizeof(args[0]),
633 NULL,
634 "");
635 exit (ret);
636 }
637
638 int
639 main(int argc, char **argv)
640 {
641 int optidx= 0;
642 char *user;
643 char *password;
644 char ***list, **p;
645 size_t num_list, i, j, k;
646 int failed = 0;
647
648 setprogname (argv[0]);
649
650 if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
651 usage (1);
652
653 if (help_flag)
654 usage (0);
655
656 if (version_flag) {
657 print_version (NULL);
658 return 0;
659 }
660
661 if (optidx != argc)
662 usage (1);
663
664 if (principals.num_strings == 0)
665 errx(1, "no principals");
666
667 user = estrdup(principals.strings[0]);
668 password = strchr(user, ':');
669 if (password == NULL)
670 errx(1, "password missing from %s", user);
671 *password++ = 0;
672
673 if (slaves.num_strings == 0)
674 errx(1, "no principals");
675
676 if (logfile_str) {
677 printf("open logfile %s\n", logfile_str);
678 logfile = fopen(logfile_str, "w+");
679 if (logfile == NULL)
680 err(1, "failed to open: %s", logfile_str);
681 }
682
683 /*
684 *
685 */
686
687 list = permutate_all(&slaves, &num_list);
688
689 /*
690 * Set up connection to all clients
691 */
692
693 printf("Connecting to slaves\n");
694 for (i = 0; i < slaves.num_strings; i++)
695 connect_client(slaves.strings[i]);
696
697 /*
698 * Test acquire credentials
699 */
700
701 printf("Test acquire credentials\n");
702 for (i = 0; i < slaves.num_strings; i++) {
703 int32_t hCred, val;
704
705 val = acquire_cred(clients[i], user, password, 1, &hCred);
706 if (val != GSMERR_OK) {
707 warnx("Failed to acquire_cred on host %s: %d",
708 clients[i]->moniker, (int)val);
709 failed = 1;
710 } else
711 toast_resource(clients[i], hCred);
712 }
713
714 if (failed)
715 goto out;
716
717 /*
718 * First test if all slaves can build context to them-self.
719 */
720
721 printf("Self context tests\n");
722 for (i = 0; i < num_clients; i++) {
723 int32_t hCred, val, delegCred;
724 int32_t clientC, serverC;
725 struct client *c = clients[i];
726
727 if (c->target_name == NULL)
728 continue;
729
730 printf("%s connects to self using %s\n",
731 c->moniker, c->target_name);
732
733 val = acquire_cred(c, user, password, 1, &hCred);
734 if (val != GSMERR_OK)
735 errx(1, "failed to acquire_cred: %d", (int)val);
736
737 val = build_context(c, c,
738 GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG|
739 GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG|
740 GSS_C_DELEG_FLAG|GSS_C_MUTUAL_FLAG,
741 hCred, &clientC, &serverC, &delegCred);
742 if (val == GSMERR_OK) {
743 test_token(c, clientC, c, serverC);
744 toast_resource(c, clientC);
745 toast_resource(c, serverC);
746 if (delegCred)
747 toast_resource(c, delegCred);
748 } else {
749 warnx("build_context failed: %d", (int)val);
750 }
751 /*
752 *
753 */
754
755 val = build_context(c, c,
756 GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG,
757 hCred, &clientC, &serverC, &delegCred);
758 if (val == GSMERR_OK) {
759 test_token(c, clientC, c, serverC);
760 toast_resource(c, clientC);
761 toast_resource(c, serverC);
762 if (delegCred)
763 toast_resource(c, delegCred);
764 } else {
765 warnx("build_context failed: %d", (int)val);
766 }
767
768 toast_resource(c, hCred);
769 }
770 /*
771 * Build contexts though all entries in each lists, including the
772 * step from the last entry to the first, ie treat the list as a
773 * circle.
774 *
775 * Only follow the delegated credential, but test "all"
776 * flags. (XXX only do deleg|mutual right now.
777 */
778
779 printf("\"All\" permutation tests\n");
780
781 for (i = 0; i < num_list; i++) {
782 int32_t hCred, val, delegCred = 0;
783 int32_t clientC = 0, serverC = 0;
784 struct client *client, *server;
785
786 p = list[i];
787
788 client = get_client(p[0]);
789
790 val = acquire_cred(client, user, password, 1, &hCred);
791 if (val != GSMERR_OK)
792 errx(1, "failed to acquire_cred: %d", (int)val);
793
794 for (j = 1; j < num_clients + 1; j++) {
795 server = get_client(p[j % num_clients]);
796
797 if (server->target_name == NULL)
798 break;
799
800 for (k = 1; k < j; k++)
801 printf("\t");
802 printf("%s -> %s\n", client->moniker, server->moniker);
803
804 val = build_context(client, server,
805 GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG|
806 GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG|
807 GSS_C_DELEG_FLAG|GSS_C_MUTUAL_FLAG,
808 hCred, &clientC, &serverC, &delegCred);
809 if (val != GSMERR_OK) {
810 warnx("build_context failed: %d", (int)val);
811 break;
812 }
813
814 val = test_token(client, clientC, server, serverC);
815 if (val)
816 break;
817
818 toast_resource(client, clientC);
819 toast_resource(server, serverC);
820 if (!delegCred) {
821 warnx("no delegated cred on %s", server->moniker);
822 break;
823 }
824 toast_resource(client, hCred);
825 hCred = delegCred;
826 client = server;
827 }
828 if (hCred)
829 toast_resource(client, hCred);
830 }
831
832 /*
833 * Close all connections to clients
834 */
835
836 out:
837 printf("sending goodbye and waiting for log sockets\n");
838 for (i = 0; i < num_clients; i++) {
839 goodbye(clients[i]);
840 if (clients[i]->logsock) {
841 #ifdef ENABLE_PTHREAD_SUPPORT
842 pthread_join(&clients[i]->thr, NULL);
843 #else
844 waitpid(clients[i]->child, NULL, 0);
845 #endif
846 }
847 }
848
849 printf("done\n");
850
851 return 0;
852 }
NetBSD on the FriendlyARM MINI2440