From 44a367881ba0608bdae5c13c2c36ab056a2c8faf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Tue, 3 Jan 2006 09:27:54 +0000 Subject: [PATCH] Add options to allow select principal or credential cache when doing afslog. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16438 ec53bebd-3082-4978-b11e-865c3cabbd6b --- appl/afsutil/afslog.c | 79 ++++++++++++++++--------------------------- 1 file changed, 29 insertions(+), 50 deletions(-) diff --git a/appl/afsutil/afslog.c b/appl/afsutil/afslog.c index fdb026f0e..ddcf655c4 100644 --- a/appl/afsutil/afslog.c +++ b/appl/afsutil/afslog.c @@ -49,9 +49,6 @@ RCSID("$Id$"); static int help_flag; static int version_flag; -#if 0 -static int create_user; -#endif static getarg_strings cells; static char *realm; static getarg_strings files; @@ -61,6 +58,8 @@ static int verbose; static int use_krb4 = 1; #endif #ifdef KRB5 +static char *client_string; +static char *cache_string; static int use_krb5 = 1; #endif @@ -73,10 +72,9 @@ struct getargs args[] = { { "v4", 0, arg_negative_flag, &use_krb4, "don't use Kerberos 4" }, #endif #ifdef KRB5 - { "v5", 0, arg_negative_flag, &use_krb5, "don't use Kerberos 5" }, -#endif -#if 0 - { "create-user", 0, arg_flag, &create_user, "create user if not found" }, + { "principal",'P',arg_string,&client_string,"principal to use","principal"}, + { "cache", 0, arg_string, &cache_string, "ccache to use", "cache"}, + { "v5", 0, arg_negative_flag, &use_krb5, "don't use Kerberos 5" }, #endif { "verbose",'v', arg_flag, &verbose }, { "version", 0, arg_flag, &version_flag }, @@ -131,43 +129,6 @@ expand_cell_name(const char *cell) return cell; } -#if 0 -static int -createuser (char *cell) -{ - char cellbuf[64]; - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; - char cmd[1024]; - - if (cell == NULL) { - FILE *f; - int len; - - f = fopen (_PATH_THISCELL, "r"); - if (f == NULL) - err (1, "open(%s)", _PATH_THISCELL); - if (fgets (cellbuf, sizeof(cellbuf), f) == NULL) - err (1, "read cellname from %s", _PATH_THISCELL); - len = strlen(cellbuf); - if (cellbuf[len-1] == '\n') - cellbuf[len-1] = '\0'; - cell = cellbuf; - } - - if(krb_get_default_principal(name, instance, realm)) - errx (1, "Could not even figure out who you are"); - - snprintf (cmd, sizeof(cmd), - "pts createuser %s%s%s@%s -cell %s", - name, *instance ? "." : "", instance, strlwr(realm), - cell); - DEBUG("Executing %s", cmd); - return system(cmd); -} -#endif - static void usage(int ecode) { @@ -234,14 +195,14 @@ do_afslog(const char *cell) #ifdef KRB5 if(context != NULL && id != NULL && use_krb5) { - k5ret = krb5_afslog(context, id, cell, NULL); + k5ret = krb5_afslog(context, id, cell, realm); if(k5ret == 0) return 0; } #endif #if KRB4 if (use_krb4) { - k4ret = krb_afslog(cell, NULL); + k4ret = krb_afslog(cell, realm); if(k4ret == 0) return 0; } @@ -297,11 +258,29 @@ main(int argc, char **argv) } #ifdef KRB5 ret = krb5_init_context(&context); - if (ret) + if (ret) { context = NULL; - else - if(krb5_cc_default(context, &id) != 0) - id = NULL; + } else { + if (client_string) { + krb5_principal client; + + ret = krb5_parse_name(context, client_string, &client); + if (ret == 0) + ret = krb5_cc_cache_match(context, client, NULL, &id); + if (ret) + id = NULL; + } + if (id == NULL && cache_string) { + if(krb5_cc_resolve(context, cache_string, &id) != 0) { + krb5_warnx(context, "failed to open kerberos 5 cache '%s'", + cache_string); + id = NULL; + } + } + if (id == NULL) + if(krb5_cc_default(context, &id) != 0) + id = NULL; + } #endif if (verbose)