add --cache-type that allows the user to control the resulting

credential cache type, inherit the type from the invoking process git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14574 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-02-12 14:23:28 +00:00
parent fb681cc82f
commit aeedc46505
1 changed files with 125 additions and 75 deletions
--- a/appl/afsutil/pagsh.c
+++ b/appl/afsutil/pagsh.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995 - 2003 Kungliga Tekniska H<>gskolan
+ * Copyright (c) 1995 - 2005 Kungliga Tekniska H<>gskolan
 * (Royal Institute of Technology, Stockholm, Sweden).
 * All rights reserved.
 * 
@@ -71,9 +71,15 @@ RCSID("$Id$");
 static int help_flag;
 static int version_flag;
 static int c_flag;
+#ifdef KRB5
+static char *typename_arg;
+#endif

 struct getargs getargs[] = {
    { NULL,	'c', arg_flag, &c_flag },
+#ifdef KRB5
+    { "cache-type", 0,  arg_string, &typename_arg },
+#endif
    { "version", 0,  arg_flag, &version_flag },
    { "help",	'h', arg_flag, &help_flag },
 };
@@ -117,13 +123,57 @@ main(int argc, char **argv)
    argv += optind;

 #ifdef KRB5
-  snprintf (tf, sizeof(tf), "%sXXXXXX", KRB5_DEFAULT_CCROOT);
-  f = mkstemp (tf + 5);
-  if (f < 0)
-      err(1, "mkstemp failed");
-  close (f);
-  unlink (tf + 5);
+    {
+	const krb5_cc_ops *type;
+	krb5_error_code ret;
+	krb5_context context;
+	krb5_ccache id;
+	const char *name;
+
+	ret = krb5_init_context(&context);
+	if (ret) /* XXX should this really call exit ? */
+	    errx(1, "no kerberos 5 support");
+
+	if (typename_arg == NULL) {
+	    char *s;
+
+	    name = krb5_cc_default_name(context);
+	    if (name == NULL)
+		krb5_errx(context, 1, "Failed getting default "
+			  "credential cache type");
+	    
+	    typename_arg = strdup(name);
+	    if (typename_arg == NULL)
+		errx(1, "strdup");
+	    
+	    s = strchr(typename_arg, ':');
+	    if (s)
+		*s = '\0';
+	}
+
+	type = krb5_cc_get_prefix_ops(context, typename_arg);
+	if (type == NULL)
+	    krb5_err(context, 1, ret, "Failed getting ops for %s "
+		     "credential cache", typename_arg);
+     
+	ret = krb5_cc_gen_new(context, type, &id);
+	if (ret)
+	    krb5_err(context, 1, ret, "Failed generating credential cache");
+
+	name = krb5_cc_get_name(context, id);
+	if (name == NULL)
+	    krb5_errx(context, 1, "Generated credential cache have no name");
+
+	snprintf(tf, sizeof(tf), "%s:%s", typename_arg, name);
+
+	ret = krb5_cc_close(context, id);
+	if (ret)
+	    krb5_err(context, 1, ret, "Failed closing credential cache");
+
+	krb5_free_context(context);
+
 	esetenv("KRB5CCNAME", tf, 1);
+    }
 #endif

    snprintf (tf, sizeof(tf), "%s_XXXXXX", TKT_ROOT);