convert to slc
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14260 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
127
admin/add.c
127
admin/add.c
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -35,115 +35,96 @@
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
static char *
|
||||
readstring(const char *prompt, char *buf, size_t len)
|
||||
{
|
||||
printf("%s", prompt);
|
||||
if (fgets(buf, len, stdin) == NULL)
|
||||
return NULL;
|
||||
buf[strcspn(buf, "\r\n")] = '\0';
|
||||
return buf;
|
||||
}
|
||||
|
||||
int
|
||||
kt_add(int argc, char **argv)
|
||||
kt_add(struct add_options *opt, int argc, char **argv)
|
||||
{
|
||||
krb5_error_code ret;
|
||||
krb5_keytab keytab;
|
||||
krb5_keytab_entry entry;
|
||||
char buf[128];
|
||||
char *principal_string = NULL;
|
||||
int kvno = -1;
|
||||
char *enctype_string = NULL;
|
||||
char buf[1024];
|
||||
krb5_enctype enctype;
|
||||
char *password_string = NULL;
|
||||
int salt_flag = 1;
|
||||
int random_flag = 0;
|
||||
int help_flag = 0;
|
||||
struct getargs args[] = {
|
||||
{ "principal", 'p', arg_string, NULL, "principal of key", "principal"},
|
||||
{ "kvno", 'V', arg_integer, NULL, "key version of key" },
|
||||
{ "enctype", 'e', arg_string, NULL, "encryption type of key" },
|
||||
{ "password", 'w', arg_string, NULL, "password for key"},
|
||||
{ "salt", 's', arg_negative_flag, NULL, "no salt" },
|
||||
{ "random", 'r', arg_flag, NULL, "generate random key" },
|
||||
{ "help", 'h', arg_flag, NULL }
|
||||
};
|
||||
int num_args = sizeof(args) / sizeof(args[0]);
|
||||
int optind = 0;
|
||||
int i = 0;
|
||||
args[i++].value = &principal_string;
|
||||
args[i++].value = &kvno;
|
||||
args[i++].value = &enctype_string;
|
||||
args[i++].value = &password_string;
|
||||
args[i++].value = &salt_flag;
|
||||
args[i++].value = &random_flag;
|
||||
args[i++].value = &help_flag;
|
||||
|
||||
if(getarg(args, num_args, argc, argv, &optind)) {
|
||||
arg_printusage(args, num_args, "ktutil add", "");
|
||||
return 1;
|
||||
}
|
||||
if(help_flag) {
|
||||
arg_printusage(args, num_args, "ktutil add", "");
|
||||
return 1;
|
||||
}
|
||||
if((keytab = ktutil_open_keytab()) == NULL)
|
||||
return 1;
|
||||
|
||||
memset(&entry, 0, sizeof(entry));
|
||||
if(principal_string == NULL) {
|
||||
printf("Principal: ");
|
||||
if (fgets(buf, sizeof(buf), stdin) == NULL)
|
||||
if(opt->principal_string == NULL) {
|
||||
if(readstring("Principal: ", buf, sizeof(buf)) == NULL)
|
||||
return 1;
|
||||
buf[strcspn(buf, "\r\n")] = '\0';
|
||||
principal_string = buf;
|
||||
opt->principal_string = buf;
|
||||
}
|
||||
ret = krb5_parse_name(context, principal_string, &entry.principal);
|
||||
ret = krb5_parse_name(context, opt->principal_string, &entry.principal);
|
||||
if(ret) {
|
||||
krb5_warn(context, ret, "%s", principal_string);
|
||||
krb5_warn(context, ret, "%s", opt->principal_string);
|
||||
goto out;
|
||||
}
|
||||
if(enctype_string == NULL) {
|
||||
printf("Encryption type: ");
|
||||
if (fgets(buf, sizeof(buf), stdin) == NULL)
|
||||
if(opt->enctype_string == NULL) {
|
||||
if(readstring("Encryption type: ", buf, sizeof(buf)) == NULL) {
|
||||
ret = 1;
|
||||
goto out;
|
||||
buf[strcspn(buf, "\r\n")] = '\0';
|
||||
enctype_string = buf;
|
||||
}
|
||||
opt->enctype_string = buf;
|
||||
}
|
||||
ret = krb5_string_to_enctype(context, enctype_string, &enctype);
|
||||
ret = krb5_string_to_enctype(context, opt->enctype_string, &enctype);
|
||||
if(ret) {
|
||||
int t;
|
||||
if(sscanf(enctype_string, "%d", &t) == 1)
|
||||
if(sscanf(opt->enctype_string, "%d", &t) == 1)
|
||||
enctype = t;
|
||||
else {
|
||||
krb5_warn(context, ret, "%s", enctype_string);
|
||||
krb5_warn(context, ret, "%s", opt->enctype_string);
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
if(kvno == -1) {
|
||||
printf("Key version: ");
|
||||
if (fgets(buf, sizeof(buf), stdin) == NULL)
|
||||
if(opt->kvno_integer == -1) {
|
||||
if(readstring("Key version: ", buf, sizeof(buf)) == NULL) {
|
||||
ret = 1;
|
||||
goto out;
|
||||
buf[strcspn(buf, "\r\n")] = '\0';
|
||||
kvno = atoi(buf);
|
||||
}
|
||||
if(password_string == NULL && random_flag == 0) {
|
||||
if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ", 1))
|
||||
}
|
||||
if(sscanf(buf, "%u", &opt->kvno_integer) != 1)
|
||||
goto out;
|
||||
password_string = buf;
|
||||
}
|
||||
if(password_string) {
|
||||
if (!salt_flag) {
|
||||
if(opt->password_string == NULL && opt->random_flag == 0) {
|
||||
if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ", 1)) {
|
||||
ret = 1;
|
||||
goto out;
|
||||
}
|
||||
opt->password_string = buf;
|
||||
}
|
||||
if(opt->password_string) {
|
||||
if (!opt->salt_flag) {
|
||||
krb5_salt salt;
|
||||
krb5_data pw;
|
||||
|
||||
salt.salttype = KRB5_PW_SALT;
|
||||
salt.saltvalue.data = NULL;
|
||||
salt.saltvalue.length = 0;
|
||||
pw.data = (void*)password_string;
|
||||
pw.length = strlen(password_string);
|
||||
krb5_string_to_key_data_salt(context, enctype, pw, salt,
|
||||
&entry.keyblock);
|
||||
pw.data = (void*)opt->password_string;
|
||||
pw.length = strlen(opt->password_string);
|
||||
ret = krb5_string_to_key_data_salt(context, enctype, pw, salt,
|
||||
&entry.keyblock);
|
||||
} else {
|
||||
krb5_string_to_key(context, enctype, password_string,
|
||||
entry.principal, &entry.keyblock);
|
||||
ret = krb5_string_to_key(context, enctype, opt->password_string,
|
||||
entry.principal, &entry.keyblock);
|
||||
}
|
||||
memset (password_string, 0, strlen(password_string));
|
||||
memset (opt->password_string, 0, strlen(opt->password_string));
|
||||
} else {
|
||||
krb5_generate_random_keyblock(context, enctype, &entry.keyblock);
|
||||
ret = krb5_generate_random_keyblock(context, enctype, &entry.keyblock);
|
||||
}
|
||||
entry.vno = kvno;
|
||||
if(ret) {
|
||||
krb5_warn(context, ret, "add");
|
||||
goto out;
|
||||
}
|
||||
entry.vno = opt->kvno_integer;
|
||||
entry.timestamp = time (NULL);
|
||||
ret = krb5_kt_add_entry(context, keytab, &entry);
|
||||
if(ret)
|
||||
@@ -151,5 +132,5 @@ kt_add(int argc, char **argv)
|
||||
out:
|
||||
krb5_kt_free_entry(context, &entry);
|
||||
krb5_kt_close(context, keytab);
|
||||
return 0;
|
||||
return ret != 0;
|
||||
}
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -35,7 +35,7 @@
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
static void
|
||||
static krb5_error_code
|
||||
change_entry (krb5_context context, krb5_keytab keytab,
|
||||
krb5_principal principal, krb5_kvno kvno,
|
||||
const char *realm, const char *admin_server, int server_port)
|
||||
@@ -51,7 +51,7 @@ change_entry (krb5_context context, krb5_keytab keytab,
|
||||
ret = krb5_unparse_name (context, principal, &client_name);
|
||||
if (ret) {
|
||||
krb5_warn (context, ret, "krb5_unparse_name");
|
||||
return;
|
||||
return ret;
|
||||
}
|
||||
|
||||
memset (&conf, 0, sizeof(conf));
|
||||
@@ -59,7 +59,7 @@ change_entry (krb5_context context, krb5_keytab keytab,
|
||||
if(realm)
|
||||
conf.realm = (char *)realm;
|
||||
else
|
||||
conf.realm = *krb5_princ_realm (context, principal);
|
||||
conf.realm = (char*)krb5_principal_get_realm(context, principal);
|
||||
conf.mask |= KADM5_CONFIG_REALM;
|
||||
|
||||
if (admin_server) {
|
||||
@@ -81,13 +81,13 @@ change_entry (krb5_context context, krb5_keytab keytab,
|
||||
free (client_name);
|
||||
if (ret) {
|
||||
krb5_warn (context, ret, "kadm5_c_init_with_skey_ctx");
|
||||
return;
|
||||
return ret;
|
||||
}
|
||||
ret = kadm5_randkey_principal (kadm_handle, principal, &keys, &num_keys);
|
||||
kadm5_destroy (kadm_handle);
|
||||
if (ret) {
|
||||
krb5_warn(context, ret, "kadm5_randkey_principal");
|
||||
return;
|
||||
return ret;
|
||||
}
|
||||
for (i = 0; i < num_keys; ++i) {
|
||||
krb5_keytab_entry new_entry;
|
||||
@@ -102,6 +102,7 @@ change_entry (krb5_context context, krb5_keytab keytab,
|
||||
krb5_warn (context, ret, "krb5_kt_add_entry");
|
||||
krb5_free_keyblock_contents (context, &keys[i]);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -115,45 +116,15 @@ struct change_set {
|
||||
};
|
||||
|
||||
int
|
||||
kt_change (int argc, char **argv)
|
||||
kt_change (struct change_options *opt, int argc, char **argv)
|
||||
{
|
||||
krb5_error_code ret;
|
||||
krb5_keytab keytab;
|
||||
krb5_kt_cursor cursor;
|
||||
krb5_keytab_entry entry;
|
||||
char *realm = NULL;
|
||||
char *admin_server = NULL;
|
||||
int server_port = 0;
|
||||
int help_flag = 0;
|
||||
int optind = 0;
|
||||
int i, j, max;
|
||||
struct change_set *changeset;
|
||||
|
||||
struct getargs args[] = {
|
||||
{ "realm", 'r', arg_string, NULL,
|
||||
"realm to use", "realm"
|
||||
},
|
||||
{ "admin-server", 'a', arg_string, NULL,
|
||||
"server to contact", "host"
|
||||
},
|
||||
{ "server-port", 's', arg_integer, NULL,
|
||||
"port to contact", "port number"
|
||||
},
|
||||
{ "help", 'h', arg_flag, NULL }
|
||||
};
|
||||
|
||||
args[0].value = &realm;
|
||||
args[1].value = &admin_server;
|
||||
args[2].value = &server_port;
|
||||
args[3].value = &help_flag;
|
||||
|
||||
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)
|
||||
|| help_flag) {
|
||||
arg_printusage(args, sizeof(args) / sizeof(args[0]),
|
||||
"ktutil change", "principal...");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if((keytab = ktutil_open_keytab()) == NULL)
|
||||
return 1;
|
||||
|
||||
@@ -163,7 +134,7 @@ kt_change (int argc, char **argv)
|
||||
|
||||
ret = krb5_kt_start_seq_get(context, keytab, &cursor);
|
||||
if(ret){
|
||||
krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_string);
|
||||
krb5_warn(context, ret, "%s", keytab_string);
|
||||
goto out;
|
||||
}
|
||||
|
||||
@@ -181,15 +152,15 @@ kt_change (int argc, char **argv)
|
||||
if (i < j)
|
||||
continue;
|
||||
|
||||
if (optind == argc) {
|
||||
if (argc == 0) {
|
||||
add = 1;
|
||||
} else {
|
||||
for (i = optind; i < argc; ++i) {
|
||||
for (i = 0; i < argc; ++i) {
|
||||
krb5_principal princ;
|
||||
|
||||
ret = krb5_parse_name (context, argv[i], &princ);
|
||||
if (ret) {
|
||||
krb5_warn (context, ret, "krb5_parse_name %s", argv[i]);
|
||||
krb5_warn (context, ret, "%s", argv[i]);
|
||||
continue;
|
||||
}
|
||||
if (krb5_principal_compare (context, princ, entry.principal))
|
||||
@@ -243,7 +214,9 @@ kt_change (int argc, char **argv)
|
||||
}
|
||||
change_entry (context, keytab,
|
||||
changeset[i].principal, changeset[i].kvno,
|
||||
realm, admin_server, server_port);
|
||||
opt->realm_string,
|
||||
opt->admin_server_string,
|
||||
opt->server_port_integer);
|
||||
}
|
||||
}
|
||||
for (i = 0; i < j; i++)
|
||||
@@ -253,5 +226,5 @@ kt_change (int argc, char **argv)
|
||||
ret = krb5_kt_end_seq_get(context, keytab, &cursor);
|
||||
out:
|
||||
krb5_kt_close(context, keytab);
|
||||
return 0;
|
||||
return ret != 0;
|
||||
}
|
||||
|
138
admin/copy.c
138
admin/copy.c
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -80,8 +80,16 @@ kt_copy_int (const char *from, const char *to)
|
||||
&entry, &cursor)) == 0) {
|
||||
char *name_str;
|
||||
char *etype_str;
|
||||
krb5_unparse_name (context, entry.principal, &name_str);
|
||||
krb5_enctype_to_string(context, entry.keyblock.keytype, &etype_str);
|
||||
ret = krb5_unparse_name (context, entry.principal, &name_str);
|
||||
if(ret) {
|
||||
krb5_warn(context, ret, "krb5_unparse_name");
|
||||
name_str = NULL; /* XXX */
|
||||
}
|
||||
ret = krb5_enctype_to_string(context, entry.keyblock.keytype, &etype_str);
|
||||
if(ret) {
|
||||
krb5_warn(context, ret, "krb5_enctype_to_string");
|
||||
etype_str = NULL; /* XXX */
|
||||
}
|
||||
ret = krb5_kt_get_entry(context, dst_keytab,
|
||||
entry.principal,
|
||||
entry.vno,
|
||||
@@ -102,7 +110,8 @@ kt_copy_int (const char *from, const char *to)
|
||||
free(etype_str);
|
||||
continue;
|
||||
} else if(ret != KRB5_KT_NOTFOUND) {
|
||||
krb5_warn(context, ret, "krb5_kt_get_entry(%s)", name_str);
|
||||
krb5_warn (context, ret, "%s: fetching %s/%s/%u",
|
||||
to, name_str, etype_str, entry.vno);
|
||||
krb5_kt_free_entry (context, &entry);
|
||||
free(name_str);
|
||||
free(etype_str);
|
||||
@@ -114,7 +123,8 @@ kt_copy_int (const char *from, const char *to)
|
||||
ret = krb5_kt_add_entry (context, dst_keytab, &entry);
|
||||
krb5_kt_free_entry (context, &entry);
|
||||
if (ret) {
|
||||
krb5_warn (context, ret, "krb5_kt_add_entry(%s)", name_str);
|
||||
krb5_warn (context, ret, "%s: adding %s/%s/%u",
|
||||
to, name_str, etype_str, entry.vno);
|
||||
free(name_str);
|
||||
free(etype_str);
|
||||
break;
|
||||
@@ -127,121 +137,39 @@ kt_copy_int (const char *from, const char *to)
|
||||
out:
|
||||
krb5_kt_close (context, src_keytab);
|
||||
krb5_kt_close (context, dst_keytab);
|
||||
return 0;
|
||||
return ret != 0;
|
||||
}
|
||||
|
||||
int
|
||||
kt_copy (int argc, char **argv)
|
||||
kt_copy (void *opt, int argc, char **argv)
|
||||
{
|
||||
int help_flag = 0;
|
||||
int optind = 0;
|
||||
|
||||
struct getargs args[] = {
|
||||
{ "help", 'h', arg_flag, NULL}
|
||||
};
|
||||
|
||||
int num_args = sizeof(args) / sizeof(args[0]);
|
||||
int i = 0;
|
||||
|
||||
args[i++].value = &help_flag;
|
||||
|
||||
if(getarg(args, num_args, argc, argv, &optind)) {
|
||||
arg_printusage(args, num_args, "ktutil copy",
|
||||
"keytab-src keytab-dest");
|
||||
return 1;
|
||||
}
|
||||
if (help_flag) {
|
||||
arg_printusage(args, num_args, "ktutil copy",
|
||||
"keytab-src keytab-dest");
|
||||
return 1;
|
||||
}
|
||||
|
||||
argv += optind;
|
||||
argc -= optind;
|
||||
|
||||
if (argc != 2) {
|
||||
arg_printusage(args, num_args, "ktutil copy",
|
||||
"keytab-src keytab-dest");
|
||||
return 1;
|
||||
}
|
||||
|
||||
return kt_copy_int(argv[0], argv[1]);
|
||||
}
|
||||
|
||||
#ifndef KEYFILE
|
||||
#define KEYFILE SYSCONFDIR "/srvtab"
|
||||
#endif
|
||||
|
||||
/* copy to from v4 srvtab, just short for copy */
|
||||
static int
|
||||
conv(int srvconv, int argc, char **argv)
|
||||
int
|
||||
srvconv(struct srvconvert_options *opt, int argc, char **argv)
|
||||
{
|
||||
int help_flag = 0;
|
||||
char *srvtab = KEYFILE;
|
||||
int optind = 0;
|
||||
char kt4[1024], kt5[1024];
|
||||
|
||||
char *name;
|
||||
snprintf(kt4, sizeof(kt4), "krb4:%s", opt->srvtab_string);
|
||||
|
||||
struct getargs args[] = {
|
||||
{ "srvtab", 's', arg_string, NULL},
|
||||
{ "help", 'h', arg_flag, NULL}
|
||||
};
|
||||
if(keytab_string != NULL)
|
||||
return kt_copy_int(kt4, keytab_string);
|
||||
|
||||
int num_args = sizeof(args) / sizeof(args[0]);
|
||||
int i = 0;
|
||||
|
||||
args[i++].value = &srvtab;
|
||||
args[i++].value = &help_flag;
|
||||
|
||||
if(srvconv)
|
||||
name = "ktutil srvconvert";
|
||||
else
|
||||
name = "ktutil srvcreate";
|
||||
|
||||
if(getarg(args, num_args, argc, argv, &optind)){
|
||||
arg_printusage(args, num_args, name, "");
|
||||
return 1;
|
||||
}
|
||||
if(help_flag){
|
||||
arg_printusage(args, num_args, name, "");
|
||||
return 0;
|
||||
}
|
||||
|
||||
argc -= optind;
|
||||
argv += optind;
|
||||
|
||||
if (argc != 0) {
|
||||
arg_printusage(args, num_args, name, "");
|
||||
return 1;
|
||||
}
|
||||
|
||||
snprintf(kt4, sizeof(kt4), "krb4:%s", srvtab);
|
||||
|
||||
if(srvconv) {
|
||||
if(keytab_string != NULL)
|
||||
return kt_copy_int(kt4, keytab_string);
|
||||
else {
|
||||
krb5_kt_default_modify_name(context, kt5, sizeof(kt5));
|
||||
return kt_copy_int(kt4, kt5);
|
||||
}
|
||||
} else {
|
||||
if(keytab_string != NULL)
|
||||
return kt_copy_int(keytab_string, kt4);
|
||||
|
||||
krb5_kt_default_name(context, kt5, sizeof(kt5));
|
||||
return kt_copy_int(kt5, kt4);
|
||||
}
|
||||
krb5_kt_default_modify_name(context, kt5, sizeof(kt5));
|
||||
return kt_copy_int(kt4, kt5);
|
||||
}
|
||||
|
||||
int
|
||||
srvconv(int argc, char **argv)
|
||||
srvcreate(struct srvcreate_options *opt, int argc, char **argv)
|
||||
{
|
||||
return conv(1, argc, argv);
|
||||
}
|
||||
char kt4[1024], kt5[1024];
|
||||
|
||||
int
|
||||
srvcreate(int argc, char **argv)
|
||||
{
|
||||
return conv(0, argc, argv);
|
||||
snprintf(kt4, sizeof(kt4), "krb4:%s", opt->srvtab_string);
|
||||
|
||||
if(keytab_string != NULL)
|
||||
return kt_copy_int(keytab_string, kt4);
|
||||
|
||||
krb5_kt_default_name(context, kt5, sizeof(kt5));
|
||||
return kt_copy_int(kt5, kt4);
|
||||
}
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -42,35 +42,6 @@ int verbose_flag;
|
||||
char *keytab_string;
|
||||
static char keytab_buf[256];
|
||||
|
||||
static int help(int argc, char **argv);
|
||||
|
||||
static SL_cmd cmds[] = {
|
||||
{ "add", kt_add, "add",
|
||||
"adds key to keytab" },
|
||||
{ "change", kt_change, "change [principal...]",
|
||||
"get new key for principals (all)" },
|
||||
{ "copy", kt_copy, "copy src dst",
|
||||
"copy one keytab to another" },
|
||||
{ "get", kt_get, "get [principal...]",
|
||||
"create key in database and add to keytab" },
|
||||
{ "list", kt_list, "list",
|
||||
"shows contents of a keytab" },
|
||||
{ "purge", kt_purge, "purge",
|
||||
"remove old and superceeded entries" },
|
||||
{ "remove", kt_remove, "remove",
|
||||
"remove key from keytab" },
|
||||
{ "rename", kt_rename, "rename from to",
|
||||
"rename entry" },
|
||||
{ "srvconvert", srvconv, "srvconvert [flags]",
|
||||
"convert v4 srvtab to keytab" },
|
||||
{ "srv2keytab" },
|
||||
{ "srvcreate", srvcreate, "srvcreate [flags]",
|
||||
"convert keytab to v4 srvtab" },
|
||||
{ "key2srvtab" },
|
||||
{ "help", help, "help", "" },
|
||||
{ NULL, NULL, NULL, NULL }
|
||||
};
|
||||
|
||||
static struct getargs args[] = {
|
||||
{
|
||||
"version",
|
||||
@@ -134,10 +105,36 @@ ktutil_open_keytab(void)
|
||||
return keytab;
|
||||
}
|
||||
|
||||
static int
|
||||
help(int argc, char **argv)
|
||||
int
|
||||
help(void *opt, int argc, char **argv)
|
||||
{
|
||||
sl_help(cmds, argc, argv);
|
||||
if(argc == 0) {
|
||||
sl_help(commands, 1, argv - 1 /* XXX */);
|
||||
} else {
|
||||
SL_cmd *c = sl_match (commands, argv[0], 0);
|
||||
if(c == NULL) {
|
||||
fprintf (stderr, "No such command: %s. "
|
||||
"Try \"help\" for a list of commands\n",
|
||||
argv[0]);
|
||||
} else {
|
||||
if(c->func) {
|
||||
char *fake[] = { argv[0], "--help", NULL };
|
||||
(*c->func)(2, fake);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
if(c->help && *c->help)
|
||||
fprintf (stderr, "%s\n", c->help);
|
||||
if((++c)->name && c->func == NULL) {
|
||||
int f = 0;
|
||||
fprintf (stderr, "Synonyms:");
|
||||
while (c->name && c->func == NULL) {
|
||||
fprintf (stderr, "%s%s", f ? ", " : " ", (c++)->name);
|
||||
f = 1;
|
||||
}
|
||||
fprintf (stderr, "\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -169,7 +166,7 @@ main(int argc, char **argv)
|
||||
argv += optind;
|
||||
if(argc == 0)
|
||||
usage(1);
|
||||
ret = sl_command(cmds, argc, argv);
|
||||
ret = sl_command(commands, argc, argv);
|
||||
if(ret == -1)
|
||||
krb5_warnx (context, "unrecognized command: %s", argv[0]);
|
||||
return ret;
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -69,15 +69,6 @@ extern char *keytab_string;
|
||||
|
||||
krb5_keytab ktutil_open_keytab(void);
|
||||
|
||||
int kt_add (int argc, char **argv);
|
||||
int kt_change (int argc, char **argv);
|
||||
int kt_copy (int argc, char **argv);
|
||||
int kt_get (int argc, char **argv);
|
||||
int kt_list(int argc, char **argv);
|
||||
int kt_purge(int argc, char **argv);
|
||||
int kt_remove(int argc, char **argv);
|
||||
int kt_rename(int argc, char **argv);
|
||||
int srvconv(int argc, char **argv);
|
||||
int srvcreate(int argc, char **argv);
|
||||
#include "ktutil-commands.h"
|
||||
|
||||
#endif /* __KTUTIL_LOCL_H__ */
|
||||
|
59
admin/list.c
59
admin/list.c
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2004 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -36,20 +36,8 @@
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
static int help_flag;
|
||||
static int list_keys;
|
||||
static int list_timestamp;
|
||||
|
||||
static struct getargs args[] = {
|
||||
{ "help", 'h', arg_flag, &help_flag },
|
||||
{ "keys", 0, arg_flag, &list_keys, "show key value" },
|
||||
{ "timestamp", 0, arg_flag, &list_timestamp, "show timestamp" },
|
||||
};
|
||||
|
||||
static int num_args = sizeof(args) / sizeof(args[0]);
|
||||
|
||||
static int
|
||||
do_list(const char *keytab_string)
|
||||
do_list(struct list_options *opt, const char *keytab_string)
|
||||
{
|
||||
krb5_error_code ret;
|
||||
krb5_keytab keytab;
|
||||
@@ -61,26 +49,29 @@ do_list(const char *keytab_string)
|
||||
int flag = 0;
|
||||
char buf[1024];
|
||||
keytab_string += 4;
|
||||
ret = 0;
|
||||
while (strsep_copy((const char**)&keytab_string, ",",
|
||||
buf, sizeof(buf)) != -1) {
|
||||
if(flag)
|
||||
printf("\n");
|
||||
do_list(buf);
|
||||
if(do_list(opt, buf))
|
||||
ret = 1;
|
||||
flag = 1;
|
||||
}
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
ret = krb5_kt_resolve(context, keytab_string, &keytab);
|
||||
if (ret) {
|
||||
krb5_warn(context, ret, "resolving keytab %s", keytab_string);
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
ret = krb5_kt_start_seq_get(context, keytab, &cursor);
|
||||
if(ret){
|
||||
if(ret) {
|
||||
krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_string);
|
||||
goto out;
|
||||
krb5_kt_close(context, keytab);
|
||||
return ret;
|
||||
}
|
||||
|
||||
printf ("%s:\n\n", keytab_string);
|
||||
@@ -90,9 +81,9 @@ do_list(const char *keytab_string)
|
||||
rtbl_add_column_by_id(table, 0, "Vno", RTBL_ALIGN_RIGHT);
|
||||
rtbl_add_column_by_id(table, 1, "Type", 0);
|
||||
rtbl_add_column_by_id(table, 2, "Principal", 0);
|
||||
if (list_timestamp)
|
||||
if (opt->timestamp_flag)
|
||||
rtbl_add_column_by_id(table, 3, "Date", 0);
|
||||
if(list_keys)
|
||||
if(opt->keys_flag)
|
||||
rtbl_add_column_by_id(table, 4, "Key", 0);
|
||||
rtbl_set_separator(table, " ");
|
||||
|
||||
@@ -115,12 +106,12 @@ do_list(const char *keytab_string)
|
||||
krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf));
|
||||
rtbl_add_column_entry_by_id(table, 2, buf);
|
||||
|
||||
if (list_timestamp) {
|
||||
if (opt->timestamp_flag) {
|
||||
krb5_format_time(context, entry.timestamp, buf,
|
||||
sizeof(buf), FALSE);
|
||||
rtbl_add_column_entry_by_id(table, 3, buf);
|
||||
}
|
||||
if(list_keys) {
|
||||
if(opt->keys_flag) {
|
||||
int i;
|
||||
s = malloc(2 * entry.keyblock.keyvalue.length + 1);
|
||||
for(i = 0; i < entry.keyblock.keyvalue.length; i++)
|
||||
@@ -135,37 +126,25 @@ do_list(const char *keytab_string)
|
||||
rtbl_format(table, stdout);
|
||||
rtbl_destroy(table);
|
||||
|
||||
out:
|
||||
krb5_kt_close(context, keytab);
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
int
|
||||
kt_list(int argc, char **argv)
|
||||
kt_list(struct list_options *opt, int argc, char **argv)
|
||||
{
|
||||
krb5_error_code ret;
|
||||
int optind = 0;
|
||||
char kt[1024];
|
||||
|
||||
if(verbose_flag)
|
||||
list_timestamp = 1;
|
||||
|
||||
if(getarg(args, num_args, argc, argv, &optind)){
|
||||
arg_printusage(args, num_args, "ktutil list", "");
|
||||
return 1;
|
||||
}
|
||||
if(help_flag){
|
||||
arg_printusage(args, num_args, "ktutil list", "");
|
||||
return 0;
|
||||
}
|
||||
opt->timestamp_flag = 1;
|
||||
|
||||
if (keytab_string == NULL) {
|
||||
if((ret = krb5_kt_default_name(context, kt, sizeof(kt))) != 0) {
|
||||
krb5_warn(context, ret, "getting default keytab name");
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
keytab_string = kt;
|
||||
}
|
||||
do_list(keytab_string);
|
||||
return 0;
|
||||
return do_list(opt, keytab_string) != 0;
|
||||
}
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -36,60 +36,36 @@
|
||||
RCSID("$Id$");
|
||||
|
||||
int
|
||||
kt_remove(int argc, char **argv)
|
||||
kt_remove(struct remove_options *opt, int argc, char **argv)
|
||||
{
|
||||
krb5_error_code ret = 0;
|
||||
krb5_keytab_entry entry;
|
||||
krb5_keytab keytab;
|
||||
char *principal_string = NULL;
|
||||
krb5_principal principal = NULL;
|
||||
int kvno = 0;
|
||||
char *keytype_string = NULL;
|
||||
krb5_enctype enctype = 0;
|
||||
int help_flag = 0;
|
||||
struct getargs args[] = {
|
||||
{ "principal", 'p', arg_string, NULL, "principal to remove" },
|
||||
{ "kvno", 'V', arg_integer, NULL, "key version to remove" },
|
||||
{ "enctype", 'e', arg_string, NULL, "enctype to remove" },
|
||||
{ "help", 'h', arg_flag, NULL }
|
||||
};
|
||||
int num_args = sizeof(args) / sizeof(args[0]);
|
||||
int optind = 0;
|
||||
int i = 0;
|
||||
args[i++].value = &principal_string;
|
||||
args[i++].value = &kvno;
|
||||
args[i++].value = &keytype_string;
|
||||
args[i++].value = &help_flag;
|
||||
if(getarg(args, num_args, argc, argv, &optind)) {
|
||||
arg_printusage(args, num_args, "ktutil remove", "");
|
||||
return 1;
|
||||
}
|
||||
if(help_flag) {
|
||||
arg_printusage(args, num_args, "ktutil remove", "");
|
||||
return 0;
|
||||
}
|
||||
if(principal_string) {
|
||||
ret = krb5_parse_name(context, principal_string, &principal);
|
||||
|
||||
if(opt->principal_string) {
|
||||
ret = krb5_parse_name(context, opt->principal_string, &principal);
|
||||
if(ret) {
|
||||
krb5_warn(context, ret, "%s", principal_string);
|
||||
krb5_warn(context, ret, "%s", opt->principal_string);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
if(keytype_string) {
|
||||
ret = krb5_string_to_enctype(context, keytype_string, &enctype);
|
||||
if(opt->enctype_string) {
|
||||
ret = krb5_string_to_enctype(context, opt->enctype_string, &enctype);
|
||||
if(ret) {
|
||||
int t;
|
||||
if(sscanf(keytype_string, "%d", &t) == 1)
|
||||
if(sscanf(opt->enctype_string, "%d", &t) == 1)
|
||||
enctype = t;
|
||||
else {
|
||||
krb5_warn(context, ret, "%s", keytype_string);
|
||||
krb5_warn(context, ret, "%s", opt->enctype_string);
|
||||
if(principal)
|
||||
krb5_free_principal(context, principal);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!principal && !enctype && !kvno) {
|
||||
if (!principal && !enctype && !opt->kvno_integer) {
|
||||
krb5_warnx(context,
|
||||
"You must give at least one of "
|
||||
"principal, enctype or kvno.");
|
||||
@@ -101,13 +77,13 @@ kt_remove(int argc, char **argv)
|
||||
|
||||
entry.principal = principal;
|
||||
entry.keyblock.keytype = enctype;
|
||||
entry.vno = kvno;
|
||||
entry.vno = opt->kvno_integer;
|
||||
ret = krb5_kt_remove_entry(context, keytab, &entry);
|
||||
krb5_kt_close(context, keytab);
|
||||
if(ret)
|
||||
krb5_warn(context, ret, "remove");
|
||||
if(principal)
|
||||
krb5_free_principal(context, principal);
|
||||
return 0;
|
||||
return ret != 0;
|
||||
}
|
||||
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2001 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 2001-2004 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -36,49 +36,25 @@
|
||||
RCSID("$Id$");
|
||||
|
||||
int
|
||||
kt_rename(int argc, char **argv)
|
||||
kt_rename(void *opt, int argc, char **argv)
|
||||
{
|
||||
krb5_error_code ret = 0;
|
||||
krb5_keytab_entry entry;
|
||||
krb5_keytab keytab;
|
||||
krb5_kt_cursor cursor;
|
||||
krb5_principal from_princ, to_princ;
|
||||
int help_flag = 0;
|
||||
|
||||
struct getargs args[] = {
|
||||
{ "help", 'h', arg_flag, NULL }
|
||||
};
|
||||
int num_args = sizeof(args) / sizeof(args[0]);
|
||||
int optind = 0;
|
||||
int i = 0;
|
||||
|
||||
args[i++].value = &help_flag;
|
||||
if(getarg(args, num_args, argc, argv, &optind)) {
|
||||
arg_printusage(args, num_args, "ktutil rename", "from to");
|
||||
return 1;
|
||||
}
|
||||
if(help_flag) {
|
||||
arg_printusage(args, num_args, "ktutil rename", "from to");
|
||||
return 0;
|
||||
}
|
||||
argv += optind;
|
||||
argc -= optind;
|
||||
if(argc != 2) {
|
||||
arg_printusage(args, num_args, "ktutil rename", "from to");
|
||||
return 0;
|
||||
}
|
||||
|
||||
ret = krb5_parse_name(context, argv[0], &from_princ);
|
||||
if(ret != 0) {
|
||||
krb5_warn(context, ret, "%s", argv[0]);
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
ret = krb5_parse_name(context, argv[1], &to_princ);
|
||||
if(ret != 0) {
|
||||
krb5_free_principal(context, from_princ);
|
||||
krb5_warn(context, ret, "%s", argv[1]);
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
if((keytab = ktutil_open_keytab()) == NULL) {
|
||||
@@ -99,6 +75,8 @@ kt_rename(int argc, char **argv)
|
||||
if(ret != 0) {
|
||||
if(ret != KRB5_CC_END && ret != KRB5_KT_END)
|
||||
krb5_warn(context, ret, "getting entry from keytab");
|
||||
else
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
if(krb5_principal_compare(context, entry.principal, from_princ)) {
|
||||
@@ -128,6 +106,6 @@ kt_rename(int argc, char **argv)
|
||||
krb5_free_principal(context, from_princ);
|
||||
krb5_free_principal(context, to_princ);
|
||||
|
||||
return 0;
|
||||
return ret != 0;
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user