oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

convert to slc

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14260 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2004-09-23 14:45:29 +00:00
parent 553e4214ea
commit 3474819438
8 changed files with 175 additions and 372 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
admin/add.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -35,115 +35,96 @@
RCSID("$Id$"); RCSID("$Id$");
static char *
readstring(const char *prompt, char *buf, size_t len)
{
printf("%s", prompt);
if (fgets(buf, len, stdin) == NULL)
return NULL;
buf[strcspn(buf, "\r\n")] = '\0';
return buf;
}
int int
kt_add(int argc, char **argv) kt_add(struct add_options *opt, int argc, char **argv)
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_keytab keytab; krb5_keytab keytab;
krb5_keytab_entry entry; krb5_keytab_entry entry;
char buf[128]; char buf[1024];
char *principal_string = NULL;
int kvno = -1;
char *enctype_string = NULL;
krb5_enctype enctype; krb5_enctype enctype;
char *password_string = NULL;
int salt_flag = 1;
int random_flag = 0;
int help_flag = 0;
struct getargs args[] = {
{ "principal", 'p', arg_string, NULL, "principal of key", "principal"},
{ "kvno", 'V', arg_integer, NULL, "key version of key" },
{ "enctype", 'e', arg_string, NULL, "encryption type of key" },
{ "password", 'w', arg_string, NULL, "password for key"},
{ "salt", 's', arg_negative_flag, NULL, "no salt" },
{ "random", 'r', arg_flag, NULL, "generate random key" },
{ "help", 'h', arg_flag, NULL }
};
int num_args = sizeof(args) / sizeof(args[0]);
int optind = 0;
int i = 0;
args[i++].value = &principal_string;
args[i++].value = &kvno;
args[i++].value = &enctype_string;
args[i++].value = &password_string;
args[i++].value = &salt_flag;
args[i++].value = &random_flag;
args[i++].value = &help_flag;
if(getarg(args, num_args, argc, argv, &optind)) {
arg_printusage(args, num_args, "ktutil add", "");
return 1;
}
if(help_flag) {
arg_printusage(args, num_args, "ktutil add", "");
return 1;
}
if((keytab = ktutil_open_keytab()) == NULL) if((keytab = ktutil_open_keytab()) == NULL)
return 1; return 1;
memset(&entry, 0, sizeof(entry)); memset(&entry, 0, sizeof(entry));
if(principal_string == NULL) { if(opt->principal_string == NULL) {
printf("Principal: "); if(readstring("Principal: ", buf, sizeof(buf)) == NULL)
if (fgets(buf, sizeof(buf), stdin) == NULL)
return 1; return 1;
buf[strcspn(buf, "\r\n")] = '\0'; opt->principal_string = buf;
principal_string = buf;
} }
ret = krb5_parse_name(context, principal_string, &entry.principal); ret = krb5_parse_name(context, opt->principal_string, &entry.principal);
if(ret) { if(ret) {
krb5_warn(context, ret, "%s", principal_string); krb5_warn(context, ret, "%s", opt->principal_string);
goto out; goto out;
} }
if(enctype_string == NULL) { if(opt->enctype_string == NULL) {
printf("Encryption type: "); if(readstring("Encryption type: ", buf, sizeof(buf)) == NULL) {
if (fgets(buf, sizeof(buf), stdin) == NULL) ret = 1;
goto out; goto out;
buf[strcspn(buf, "\r\n")] = '\0'; }
enctype_string = buf; opt->enctype_string = buf;
} }
ret = krb5_string_to_enctype(context, enctype_string, &enctype); ret = krb5_string_to_enctype(context, opt->enctype_string, &enctype);
if(ret) { if(ret) {
int t; int t;
if(sscanf(enctype_string, "%d", &t) == 1) if(sscanf(opt->enctype_string, "%d", &t) == 1)
enctype = t; enctype = t;
else { else {
krb5_warn(context, ret, "%s", enctype_string); krb5_warn(context, ret, "%s", opt->enctype_string);
goto out; goto out;
} }
} }
if(kvno == -1) { if(opt->kvno_integer == -1) {
printf("Key version: "); if(readstring("Key version: ", buf, sizeof(buf)) == NULL) {
if (fgets(buf, sizeof(buf), stdin) == NULL) ret = 1;
goto out; goto out;
buf[strcspn(buf, "\r\n")] = '\0'; }
kvno = atoi(buf); if(sscanf(buf, "%u", &opt->kvno_integer) != 1)
}
if(password_string == NULL && random_flag == 0) {
if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ", 1))
goto out; goto out;
password_string = buf;
} }
if(password_string) { if(opt->password_string == NULL && opt->random_flag == 0) {
if (!salt_flag) { if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ", 1)) {
ret = 1;
goto out;
}
opt->password_string = buf;
}
if(opt->password_string) {
if (!opt->salt_flag) {
krb5_salt salt; krb5_salt salt;
krb5_data pw; krb5_data pw;
salt.salttype = KRB5_PW_SALT; salt.salttype = KRB5_PW_SALT;
salt.saltvalue.data = NULL; salt.saltvalue.data = NULL;
salt.saltvalue.length = 0; salt.saltvalue.length = 0;
pw.data = (void*)password_string; pw.data = (void*)opt->password_string;
pw.length = strlen(password_string); pw.length = strlen(opt->password_string);
krb5_string_to_key_data_salt(context, enctype, pw, salt, ret = krb5_string_to_key_data_salt(context, enctype, pw, salt,
&entry.keyblock); &entry.keyblock);
} else { } else {
krb5_string_to_key(context, enctype, password_string, ret = krb5_string_to_key(context, enctype, opt->password_string,
entry.principal, &entry.keyblock); entry.principal, &entry.keyblock);
} }
memset (password_string, 0, strlen(password_string)); memset (opt->password_string, 0, strlen(opt->password_string));
} else { } else {
krb5_generate_random_keyblock(context, enctype, &entry.keyblock); ret = krb5_generate_random_keyblock(context, enctype, &entry.keyblock);
} }
entry.vno = kvno; if(ret) {
krb5_warn(context, ret, "add");
goto out;
}
entry.vno = opt->kvno_integer;
entry.timestamp = time (NULL); entry.timestamp = time (NULL);
ret = krb5_kt_add_entry(context, keytab, &entry); ret = krb5_kt_add_entry(context, keytab, &entry);
if(ret) if(ret)
@@ -151,5 +132,5 @@ kt_add(int argc, char **argv)
out: out:
krb5_kt_free_entry(context, &entry); krb5_kt_free_entry(context, &entry);
krb5_kt_close(context, keytab); krb5_kt_close(context, keytab);
return 0; return ret != 0;
} }

59
admin/change.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -35,7 +35,7 @@
RCSID("$Id$"); RCSID("$Id$");
static void static krb5_error_code
change_entry (krb5_context context, krb5_keytab keytab, change_entry (krb5_context context, krb5_keytab keytab,
krb5_principal principal, krb5_kvno kvno, krb5_principal principal, krb5_kvno kvno,
const char *realm, const char *admin_server, int server_port) const char *realm, const char *admin_server, int server_port)
@@ -51,7 +51,7 @@ change_entry (krb5_context context, krb5_keytab keytab,
ret = krb5_unparse_name (context, principal, &client_name); ret = krb5_unparse_name (context, principal, &client_name);
if (ret) { if (ret) {
krb5_warn (context, ret, "krb5_unparse_name"); krb5_warn (context, ret, "krb5_unparse_name");
return; return ret;
} }
memset (&conf, 0, sizeof(conf)); memset (&conf, 0, sizeof(conf));
@@ -59,7 +59,7 @@ change_entry (krb5_context context, krb5_keytab keytab,
if(realm) if(realm)
conf.realm = (char *)realm; conf.realm = (char *)realm;
else else
conf.realm = *krb5_princ_realm (context, principal); conf.realm = (char*)krb5_principal_get_realm(context, principal);
conf.mask |= KADM5_CONFIG_REALM; conf.mask |= KADM5_CONFIG_REALM;
if (admin_server) { if (admin_server) {
@@ -81,13 +81,13 @@ change_entry (krb5_context context, krb5_keytab keytab,
free (client_name); free (client_name);
if (ret) { if (ret) {
krb5_warn (context, ret, "kadm5_c_init_with_skey_ctx"); krb5_warn (context, ret, "kadm5_c_init_with_skey_ctx");
return; return ret;
} }
ret = kadm5_randkey_principal (kadm_handle, principal, &keys, &num_keys); ret = kadm5_randkey_principal (kadm_handle, principal, &keys, &num_keys);
kadm5_destroy (kadm_handle); kadm5_destroy (kadm_handle);
if (ret) { if (ret) {
krb5_warn(context, ret, "kadm5_randkey_principal"); krb5_warn(context, ret, "kadm5_randkey_principal");
return; return ret;
} }
for (i = 0; i < num_keys; ++i) { for (i = 0; i < num_keys; ++i) {
krb5_keytab_entry new_entry; krb5_keytab_entry new_entry;
@@ -102,6 +102,7 @@ change_entry (krb5_context context, krb5_keytab keytab,
krb5_warn (context, ret, "krb5_kt_add_entry"); krb5_warn (context, ret, "krb5_kt_add_entry");
krb5_free_keyblock_contents (context, &keys[i]); krb5_free_keyblock_contents (context, &keys[i]);
} }
return ret;
} }
/* /*
@@ -115,45 +116,15 @@ struct change_set {
}; };
int int
kt_change (int argc, char **argv) kt_change (struct change_options *opt, int argc, char **argv)
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_keytab keytab; krb5_keytab keytab;
krb5_kt_cursor cursor; krb5_kt_cursor cursor;
krb5_keytab_entry entry; krb5_keytab_entry entry;
char *realm = NULL;
char *admin_server = NULL;
int server_port = 0;
int help_flag = 0;
int optind = 0;
int i, j, max; int i, j, max;
struct change_set *changeset; struct change_set *changeset;
struct getargs args[] = {
{ "realm", 'r', arg_string, NULL,
"realm to use", "realm"
},
{ "admin-server", 'a', arg_string, NULL,
"server to contact", "host"
},
{ "server-port", 's', arg_integer, NULL,
"port to contact", "port number"
},
{ "help", 'h', arg_flag, NULL }
};
args[0].value = &realm;
args[1].value = &admin_server;
args[2].value = &server_port;
args[3].value = &help_flag;
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)
|| help_flag) {
arg_printusage(args, sizeof(args) / sizeof(args[0]),
"ktutil change", "principal...");
return 1;
}
if((keytab = ktutil_open_keytab()) == NULL) if((keytab = ktutil_open_keytab()) == NULL)
return 1; return 1;
@@ -163,7 +134,7 @@ kt_change (int argc, char **argv)
ret = krb5_kt_start_seq_get(context, keytab, &cursor); ret = krb5_kt_start_seq_get(context, keytab, &cursor);
if(ret){ if(ret){
krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_string); krb5_warn(context, ret, "%s", keytab_string);
goto out; goto out;
} }
@@ -181,15 +152,15 @@ kt_change (int argc, char **argv)
if (i < j) if (i < j)
continue; continue;
if (optind == argc) { if (argc == 0) {
add = 1; add = 1;
} else { } else {
for (i = optind; i < argc; ++i) { for (i = 0; i < argc; ++i) {
krb5_principal princ; krb5_principal princ;
ret = krb5_parse_name (context, argv[i], &princ); ret = krb5_parse_name (context, argv[i], &princ);
if (ret) { if (ret) {
krb5_warn (context, ret, "krb5_parse_name %s", argv[i]); krb5_warn (context, ret, "%s", argv[i]);
continue; continue;
} }
if (krb5_principal_compare (context, princ, entry.principal)) if (krb5_principal_compare (context, princ, entry.principal))
@@ -243,7 +214,9 @@ kt_change (int argc, char **argv)
} }
change_entry (context, keytab, change_entry (context, keytab,
changeset[i].principal, changeset[i].kvno, changeset[i].principal, changeset[i].kvno,
realm, admin_server, server_port); opt->realm_string,
opt->admin_server_string,
opt->server_port_integer);
} }
} }
for (i = 0; i < j; i++) for (i = 0; i < j; i++)
@@ -253,5 +226,5 @@ kt_change (int argc, char **argv)
ret = krb5_kt_end_seq_get(context, keytab, &cursor); ret = krb5_kt_end_seq_get(context, keytab, &cursor);
out: out:
krb5_kt_close(context, keytab); krb5_kt_close(context, keytab);
return 0; return ret != 0;
} }

138
admin/copy.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -80,8 +80,16 @@ kt_copy_int (const char *from, const char *to)
&entry, &cursor)) == 0) { &entry, &cursor)) == 0) {
char *name_str; char *name_str;
char *etype_str; char *etype_str;
krb5_unparse_name (context, entry.principal, &name_str); ret = krb5_unparse_name (context, entry.principal, &name_str);
krb5_enctype_to_string(context, entry.keyblock.keytype, &etype_str); if(ret) {
krb5_warn(context, ret, "krb5_unparse_name");
name_str = NULL; /* XXX */
}
ret = krb5_enctype_to_string(context, entry.keyblock.keytype, &etype_str);
if(ret) {
krb5_warn(context, ret, "krb5_enctype_to_string");
etype_str = NULL; /* XXX */
}
ret = krb5_kt_get_entry(context, dst_keytab, ret = krb5_kt_get_entry(context, dst_keytab,
entry.principal, entry.principal,
entry.vno, entry.vno,
@@ -102,7 +110,8 @@ kt_copy_int (const char *from, const char *to)
free(etype_str); free(etype_str);
continue; continue;
} else if(ret != KRB5_KT_NOTFOUND) { } else if(ret != KRB5_KT_NOTFOUND) {
krb5_warn(context, ret, "krb5_kt_get_entry(%s)", name_str); krb5_warn (context, ret, "%s: fetching %s/%s/%u",
to, name_str, etype_str, entry.vno);
krb5_kt_free_entry (context, &entry); krb5_kt_free_entry (context, &entry);
free(name_str); free(name_str);
free(etype_str); free(etype_str);
@@ -114,7 +123,8 @@ kt_copy_int (const char *from, const char *to)
ret = krb5_kt_add_entry (context, dst_keytab, &entry); ret = krb5_kt_add_entry (context, dst_keytab, &entry);
krb5_kt_free_entry (context, &entry); krb5_kt_free_entry (context, &entry);
if (ret) { if (ret) {
krb5_warn (context, ret, "krb5_kt_add_entry(%s)", name_str); krb5_warn (context, ret, "%s: adding %s/%s/%u",
to, name_str, etype_str, entry.vno);
free(name_str); free(name_str);
free(etype_str); free(etype_str);
break; break;
@@ -127,121 +137,39 @@ kt_copy_int (const char *from, const char *to)
out: out:
krb5_kt_close (context, src_keytab); krb5_kt_close (context, src_keytab);
krb5_kt_close (context, dst_keytab); krb5_kt_close (context, dst_keytab);
return 0; return ret != 0;
} }
int int
kt_copy (int argc, char **argv) kt_copy (void *opt, int argc, char **argv)
{ {
int help_flag = 0;
int optind = 0;
struct getargs args[] = {
{ "help", 'h', arg_flag, NULL}
};
int num_args = sizeof(args) / sizeof(args[0]);
int i = 0;
args[i++].value = &help_flag;
if(getarg(args, num_args, argc, argv, &optind)) {
arg_printusage(args, num_args, "ktutil copy",
"keytab-src keytab-dest");
return 1;
}
if (help_flag) {
arg_printusage(args, num_args, "ktutil copy",
"keytab-src keytab-dest");
return 1;
}
argv += optind;
argc -= optind;
if (argc != 2) {
arg_printusage(args, num_args, "ktutil copy",
"keytab-src keytab-dest");
return 1;
}
return kt_copy_int(argv[0], argv[1]); return kt_copy_int(argv[0], argv[1]);
} }
#ifndef KEYFILE int
#define KEYFILE SYSCONFDIR "/srvtab" srvconv(struct srvconvert_options *opt, int argc, char **argv)
#endif
/* copy to from v4 srvtab, just short for copy */
static int
conv(int srvconv, int argc, char **argv)
{ {
int help_flag = 0;
char *srvtab = KEYFILE;
int optind = 0;
char kt4[1024], kt5[1024]; char kt4[1024], kt5[1024];
char *name; snprintf(kt4, sizeof(kt4), "krb4:%s", opt->srvtab_string);
struct getargs args[] = { if(keytab_string != NULL)
{ "srvtab", 's', arg_string, NULL}, return kt_copy_int(kt4, keytab_string);
{ "help", 'h', arg_flag, NULL}
};
int num_args = sizeof(args) / sizeof(args[0]); krb5_kt_default_modify_name(context, kt5, sizeof(kt5));
int i = 0; return kt_copy_int(kt4, kt5);
args[i++].value = &srvtab;
args[i++].value = &help_flag;
if(srvconv)
name = "ktutil srvconvert";
else
name = "ktutil srvcreate";
if(getarg(args, num_args, argc, argv, &optind)){
arg_printusage(args, num_args, name, "");
return 1;
}
if(help_flag){
arg_printusage(args, num_args, name, "");
return 0;
}
argc -= optind;
argv += optind;
if (argc != 0) {
arg_printusage(args, num_args, name, "");
return 1;
}
snprintf(kt4, sizeof(kt4), "krb4:%s", srvtab);
if(srvconv) {
if(keytab_string != NULL)
return kt_copy_int(kt4, keytab_string);
else {
krb5_kt_default_modify_name(context, kt5, sizeof(kt5));
return kt_copy_int(kt4, kt5);
}
} else {
if(keytab_string != NULL)
return kt_copy_int(keytab_string, kt4);
krb5_kt_default_name(context, kt5, sizeof(kt5));
return kt_copy_int(kt5, kt4);
}
} }
int int
srvconv(int argc, char **argv) srvcreate(struct srvcreate_options *opt, int argc, char **argv)
{ {
return conv(1, argc, argv); char kt4[1024], kt5[1024];
}
int snprintf(kt4, sizeof(kt4), "krb4:%s", opt->srvtab_string);
srvcreate(int argc, char **argv)
{ if(keytab_string != NULL)
return conv(0, argc, argv); return kt_copy_int(keytab_string, kt4);
krb5_kt_default_name(context, kt5, sizeof(kt5));
return kt_copy_int(kt5, kt4);
} }

65
admin/ktutil.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -42,35 +42,6 @@ int verbose_flag;
char *keytab_string; char *keytab_string;
static char keytab_buf[256]; static char keytab_buf[256];
static int help(int argc, char **argv);
static SL_cmd cmds[] = {
{ "add", kt_add, "add",
"adds key to keytab" },
{ "change", kt_change, "change [principal...]",
"get new key for principals (all)" },
{ "copy", kt_copy, "copy src dst",
"copy one keytab to another" },
{ "get", kt_get, "get [principal...]",
"create key in database and add to keytab" },
{ "list", kt_list, "list",
"shows contents of a keytab" },
{ "purge", kt_purge, "purge",
"remove old and superceeded entries" },
{ "remove", kt_remove, "remove",
"remove key from keytab" },
{ "rename", kt_rename, "rename from to",
"rename entry" },
{ "srvconvert", srvconv, "srvconvert [flags]",
"convert v4 srvtab to keytab" },
{ "srv2keytab" },
{ "srvcreate", srvcreate, "srvcreate [flags]",
"convert keytab to v4 srvtab" },
{ "key2srvtab" },
{ "help", help, "help", "" },
{ NULL, NULL, NULL, NULL }
};
static struct getargs args[] = { static struct getargs args[] = {
{ {
"version", "version",
@@ -134,10 +105,36 @@ ktutil_open_keytab(void)
return keytab; return keytab;
} }
static int int
help(int argc, char **argv) help(void *opt, int argc, char **argv)
{ {
sl_help(cmds, argc, argv); if(argc == 0) {
sl_help(commands, 1, argv - 1 /* XXX */);
} else {
SL_cmd *c = sl_match (commands, argv[0], 0);
if(c == NULL) {
fprintf (stderr, "No such command: %s. "
"Try \"help\" for a list of commands\n",
argv[0]);
} else {
if(c->func) {
char *fake[] = { argv[0], "--help", NULL };
(*c->func)(2, fake);
fprintf(stderr, "\n");
}
if(c->help && *c->help)
fprintf (stderr, "%s\n", c->help);
if((++c)->name && c->func == NULL) {
int f = 0;
fprintf (stderr, "Synonyms:");
while (c->name && c->func == NULL) {
fprintf (stderr, "%s%s", f ? ", " : " ", (c++)->name);
f = 1;
}
fprintf (stderr, "\n");
}
}
}
return 0; return 0;
} }
@@ -169,7 +166,7 @@ main(int argc, char **argv)
argv += optind; argv += optind;
if(argc == 0) if(argc == 0)
usage(1); usage(1);
ret = sl_command(cmds, argc, argv); ret = sl_command(commands, argc, argv);
if(ret == -1) if(ret == -1)
krb5_warnx (context, "unrecognized command: %s", argv[0]); krb5_warnx (context, "unrecognized command: %s", argv[0]);
return ret; return ret;

13
admin/ktutil_locl.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -69,15 +69,6 @@ extern char *keytab_string;
krb5_keytab ktutil_open_keytab(void); krb5_keytab ktutil_open_keytab(void);
int kt_add (int argc, char **argv); #include "ktutil-commands.h"
int kt_change (int argc, char **argv);
int kt_copy (int argc, char **argv);
int kt_get (int argc, char **argv);
int kt_list(int argc, char **argv);
int kt_purge(int argc, char **argv);
int kt_remove(int argc, char **argv);
int kt_rename(int argc, char **argv);
int srvconv(int argc, char **argv);
int srvcreate(int argc, char **argv);
#endif /* __KTUTIL_LOCL_H__ */ #endif /* __KTUTIL_LOCL_H__ */

59
admin/list.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2004 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -36,20 +36,8 @@
RCSID("$Id$"); RCSID("$Id$");
static int help_flag;
static int list_keys;
static int list_timestamp;
static struct getargs args[] = {
{ "help", 'h', arg_flag, &help_flag },
{ "keys", 0, arg_flag, &list_keys, "show key value" },
{ "timestamp", 0, arg_flag, &list_timestamp, "show timestamp" },
};
static int num_args = sizeof(args) / sizeof(args[0]);
static int static int
do_list(const char *keytab_string) do_list(struct list_options *opt, const char *keytab_string)
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_keytab keytab; krb5_keytab keytab;
@@ -61,26 +49,29 @@ do_list(const char *keytab_string)
int flag = 0; int flag = 0;
char buf[1024]; char buf[1024];
keytab_string += 4; keytab_string += 4;
ret = 0;
while (strsep_copy((const char**)&keytab_string, ",", while (strsep_copy((const char**)&keytab_string, ",",
buf, sizeof(buf)) != -1) { buf, sizeof(buf)) != -1) {
if(flag) if(flag)
printf("\n"); printf("\n");
do_list(buf); if(do_list(opt, buf))
ret = 1;
flag = 1; flag = 1;
} }
return 0; return ret;
} }
ret = krb5_kt_resolve(context, keytab_string, &keytab); ret = krb5_kt_resolve(context, keytab_string, &keytab);
if (ret) { if (ret) {
krb5_warn(context, ret, "resolving keytab %s", keytab_string); krb5_warn(context, ret, "resolving keytab %s", keytab_string);
return 0; return ret;
} }
ret = krb5_kt_start_seq_get(context, keytab, &cursor); ret = krb5_kt_start_seq_get(context, keytab, &cursor);
if(ret){ if(ret) {
krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_string); krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_string);
goto out; krb5_kt_close(context, keytab);
return ret;
} }
printf ("%s:\n\n", keytab_string); printf ("%s:\n\n", keytab_string);
@@ -90,9 +81,9 @@ do_list(const char *keytab_string)
rtbl_add_column_by_id(table, 0, "Vno", RTBL_ALIGN_RIGHT); rtbl_add_column_by_id(table, 0, "Vno", RTBL_ALIGN_RIGHT);
rtbl_add_column_by_id(table, 1, "Type", 0); rtbl_add_column_by_id(table, 1, "Type", 0);
rtbl_add_column_by_id(table, 2, "Principal", 0); rtbl_add_column_by_id(table, 2, "Principal", 0);
if (list_timestamp) if (opt->timestamp_flag)
rtbl_add_column_by_id(table, 3, "Date", 0); rtbl_add_column_by_id(table, 3, "Date", 0);
if(list_keys) if(opt->keys_flag)
rtbl_add_column_by_id(table, 4, "Key", 0); rtbl_add_column_by_id(table, 4, "Key", 0);
rtbl_set_separator(table, " "); rtbl_set_separator(table, " ");
@@ -115,12 +106,12 @@ do_list(const char *keytab_string)
krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf)); krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf));
rtbl_add_column_entry_by_id(table, 2, buf); rtbl_add_column_entry_by_id(table, 2, buf);
if (list_timestamp) { if (opt->timestamp_flag) {
krb5_format_time(context, entry.timestamp, buf, krb5_format_time(context, entry.timestamp, buf,
sizeof(buf), FALSE); sizeof(buf), FALSE);
rtbl_add_column_entry_by_id(table, 3, buf); rtbl_add_column_entry_by_id(table, 3, buf);
} }
if(list_keys) { if(opt->keys_flag) {
int i; int i;
s = malloc(2 * entry.keyblock.keyvalue.length + 1); s = malloc(2 * entry.keyblock.keyvalue.length + 1);
for(i = 0; i < entry.keyblock.keyvalue.length; i++) for(i = 0; i < entry.keyblock.keyvalue.length; i++)
@@ -135,37 +126,25 @@ do_list(const char *keytab_string)
rtbl_format(table, stdout); rtbl_format(table, stdout);
rtbl_destroy(table); rtbl_destroy(table);
out:
krb5_kt_close(context, keytab); krb5_kt_close(context, keytab);
return 0; return ret;
} }
int int
kt_list(int argc, char **argv) kt_list(struct list_options *opt, int argc, char **argv)
{ {
krb5_error_code ret; krb5_error_code ret;
int optind = 0;
char kt[1024]; char kt[1024];
if(verbose_flag) if(verbose_flag)
list_timestamp = 1; opt->timestamp_flag = 1;
if(getarg(args, num_args, argc, argv, &optind)){
arg_printusage(args, num_args, "ktutil list", "");
return 1;
}
if(help_flag){
arg_printusage(args, num_args, "ktutil list", "");
return 0;
}
if (keytab_string == NULL) { if (keytab_string == NULL) {
if((ret = krb5_kt_default_name(context, kt, sizeof(kt))) != 0) { if((ret = krb5_kt_default_name(context, kt, sizeof(kt))) != 0) {
krb5_warn(context, ret, "getting default keytab name"); krb5_warn(context, ret, "getting default keytab name");
return 0; return 1;
} }
keytab_string = kt; keytab_string = kt;
} }
do_list(keytab_string); return do_list(opt, keytab_string) != 0;
return 0;
} }

50
admin/remove.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -36,60 +36,36 @@
RCSID("$Id$"); RCSID("$Id$");
int int
kt_remove(int argc, char **argv) kt_remove(struct remove_options *opt, int argc, char **argv)
{ {
krb5_error_code ret = 0; krb5_error_code ret = 0;
krb5_keytab_entry entry; krb5_keytab_entry entry;
krb5_keytab keytab; krb5_keytab keytab;
char *principal_string = NULL;
krb5_principal principal = NULL; krb5_principal principal = NULL;
int kvno = 0;
char *keytype_string = NULL;
krb5_enctype enctype = 0; krb5_enctype enctype = 0;
int help_flag = 0;
struct getargs args[] = { if(opt->principal_string) {
{ "principal", 'p', arg_string, NULL, "principal to remove" }, ret = krb5_parse_name(context, opt->principal_string, &principal);
{ "kvno", 'V', arg_integer, NULL, "key version to remove" },
{ "enctype", 'e', arg_string, NULL, "enctype to remove" },
{ "help", 'h', arg_flag, NULL }
};
int num_args = sizeof(args) / sizeof(args[0]);
int optind = 0;
int i = 0;
args[i++].value = &principal_string;
args[i++].value = &kvno;
args[i++].value = &keytype_string;
args[i++].value = &help_flag;
if(getarg(args, num_args, argc, argv, &optind)) {
arg_printusage(args, num_args, "ktutil remove", "");
return 1;
}
if(help_flag) {
arg_printusage(args, num_args, "ktutil remove", "");
return 0;
}
if(principal_string) {
ret = krb5_parse_name(context, principal_string, &principal);
if(ret) { if(ret) {
krb5_warn(context, ret, "%s", principal_string); krb5_warn(context, ret, "%s", opt->principal_string);
return 1; return 1;
} }
} }
if(keytype_string) { if(opt->enctype_string) {
ret = krb5_string_to_enctype(context, keytype_string, &enctype); ret = krb5_string_to_enctype(context, opt->enctype_string, &enctype);
if(ret) { if(ret) {
int t; int t;
if(sscanf(keytype_string, "%d", &t) == 1) if(sscanf(opt->enctype_string, "%d", &t) == 1)
enctype = t; enctype = t;
else { else {
krb5_warn(context, ret, "%s", keytype_string); krb5_warn(context, ret, "%s", opt->enctype_string);
if(principal) if(principal)
krb5_free_principal(context, principal); krb5_free_principal(context, principal);
return 1; return 1;
} }
} }
} }
if (!principal && !enctype && !kvno) { if (!principal && !enctype && !opt->kvno_integer) {
krb5_warnx(context, krb5_warnx(context,
"You must give at least one of " "You must give at least one of "
"principal, enctype or kvno."); "principal, enctype or kvno.");
@@ -101,13 +77,13 @@ kt_remove(int argc, char **argv)
entry.principal = principal; entry.principal = principal;
entry.keyblock.keytype = enctype; entry.keyblock.keytype = enctype;
entry.vno = kvno; entry.vno = opt->kvno_integer;
ret = krb5_kt_remove_entry(context, keytab, &entry); ret = krb5_kt_remove_entry(context, keytab, &entry);
krb5_kt_close(context, keytab); krb5_kt_close(context, keytab);
if(ret) if(ret)
krb5_warn(context, ret, "remove"); krb5_warn(context, ret, "remove");
if(principal) if(principal)
krb5_free_principal(context, principal); krb5_free_principal(context, principal);
return 0; return ret != 0;
} }

36
admin/rename.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2001 Kungliga Tekniska H<>gskolan * Copyright (c) 2001-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -36,49 +36,25 @@
RCSID("$Id$"); RCSID("$Id$");
int int
kt_rename(int argc, char **argv) kt_rename(void *opt, int argc, char **argv)
{ {
krb5_error_code ret = 0; krb5_error_code ret = 0;
krb5_keytab_entry entry; krb5_keytab_entry entry;
krb5_keytab keytab; krb5_keytab keytab;
krb5_kt_cursor cursor; krb5_kt_cursor cursor;
krb5_principal from_princ, to_princ; krb5_principal from_princ, to_princ;
int help_flag = 0;
struct getargs args[] = {
{ "help", 'h', arg_flag, NULL }
};
int num_args = sizeof(args) / sizeof(args[0]);
int optind = 0;
int i = 0;
args[i++].value = &help_flag;
if(getarg(args, num_args, argc, argv, &optind)) {
arg_printusage(args, num_args, "ktutil rename", "from to");
return 1;
}
if(help_flag) {
arg_printusage(args, num_args, "ktutil rename", "from to");
return 0;
}
argv += optind;
argc -= optind;
if(argc != 2) {
arg_printusage(args, num_args, "ktutil rename", "from to");
return 0;
}
ret = krb5_parse_name(context, argv[0], &from_princ); ret = krb5_parse_name(context, argv[0], &from_princ);
if(ret != 0) { if(ret != 0) {
krb5_warn(context, ret, "%s", argv[0]); krb5_warn(context, ret, "%s", argv[0]);
return 0; return 1;
} }
ret = krb5_parse_name(context, argv[1], &to_princ); ret = krb5_parse_name(context, argv[1], &to_princ);
if(ret != 0) { if(ret != 0) {
krb5_free_principal(context, from_princ); krb5_free_principal(context, from_princ);
krb5_warn(context, ret, "%s", argv[1]); krb5_warn(context, ret, "%s", argv[1]);
return 0; return 1;
} }
if((keytab = ktutil_open_keytab()) == NULL) { if((keytab = ktutil_open_keytab()) == NULL) {
@@ -99,6 +75,8 @@ kt_rename(int argc, char **argv)
if(ret != 0) { if(ret != 0) {
if(ret != KRB5_CC_END && ret != KRB5_KT_END) if(ret != KRB5_CC_END && ret != KRB5_KT_END)
krb5_warn(context, ret, "getting entry from keytab"); krb5_warn(context, ret, "getting entry from keytab");
else
ret = 0;
break; break;
} }
if(krb5_principal_compare(context, entry.principal, from_princ)) { if(krb5_principal_compare(context, entry.principal, from_princ)) {
@@ -128,6 +106,6 @@ kt_rename(int argc, char **argv)
krb5_free_principal(context, from_princ); krb5_free_principal(context, from_princ);
krb5_free_principal(context, to_princ); krb5_free_principal(context, to_princ);
return 0; return ret != 0;
} }