add --credential argument that just remove one credential entry out of

the cache specified git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13729 ec53bebd-3082-4978-b11e-865c3cabbd6b
2004-04-17 17:00:06 +00:00
parent 627a7a31ef
commit 432db5d5c9
1 changed files with 23 additions and 1 deletions
--- a/kuser/kdestroy.c
+++ b/kuser/kdestroy.c
@@ -35,12 +35,15 @@
 RCSID("$Id$");

 static const char *cache;
+static const char *credential;
 static int help_flag;
 static int version_flag;
 static int unlog_flag = 1;
 static int dest_tkt_flag = 1;

 struct getargs args[] = {
+    { "credential",	0,   arg_string, &credential,
+      "remove one credential", "principal" },
    { "cache",		'c', arg_string, &cache, "cache to destroy", "cache" },
    { "unlog",		0,   arg_negative_flag, &unlog_flag,
      "do not destroy tokens", NULL },
@@ -104,6 +107,25 @@ main (int argc, char **argv)
 			   &ccache);

    if (ret == 0) {
+	if (credential) {
+	    krb5_creds mcred;
+	    
+	    krb5_cc_clear_mcred(&mcred);
+
+	    ret = krb5_parse_name(context, credential, &mcred.server);
+	    if (ret)
+		krb5_err(context, 1, ret,
+			 "Can't parse principal %s", credential);
+
+	    ret = krb5_cc_remove_cred(context, ccache, 0, &mcred);
+	    if (ret)
+		krb5_err(context, 1, ret, 
+			 "Failed to remove principal %s", credential);
+
+	    krb5_free_context(context);
+	    return 0;
+	}
+
 	ret = krb5_cc_destroy (context, ccache);
 	if (ret) {
 	    warnx ("krb5_cc_destroy: %s", krb5_get_err_text(context, ret));