oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Add kgetcred --no-store and --cached-only options

Browse Source 
These are useful for diagnostics and for exercising more krb5 get
credentials API options.
This commit is contained in:
Nicolas Williams
2015-03-25 14:21:17 -05:00
parent 50615d2a37
commit e695766d65
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
kuser/kgetcred.1
View File

@@ -56,6 +56,8 @@
.Oc .Oc
.Op Fl name-type= Ns Ar name-type .Op Fl name-type= Ns Ar name-type
.Op Fl Fl no-transit-check .Op Fl Fl no-transit-check
.Op Fl Fl no-store
.Op Fl Fl cached-only
.Op Fl Fl version .Op Fl Fl version
.Op Fl Fl help .Op Fl Fl help
.Ar service .Ar service
@@ -94,6 +96,10 @@ the credential cache to use for delegation.
encryption type to use. encryption type to use.
.It Fl Fl no-transit-check .It Fl Fl no-transit-check
requests that the KDC doesn't do transit checking. requests that the KDC doesn't do transit checking.
.It Fl Fl no-store
do not store tickets in the ccache.
.It Fl Fl cached-only
do not talk the TGS, search only the ccache.
.It Fl Fl forwardable .It Fl Fl forwardable
.It Fl Fl debug .It Fl Fl debug
enables debug output to stderr. enables debug output to stderr.

16
kuser/kgetcred.c
View File

@@ -44,7 +44,9 @@ static int is_hostbased_flag;
static int is_canonical_flag; static int is_canonical_flag;
static char *impersonate_str; static char *impersonate_str;
static char *nametype_str; static char *nametype_str;
static int debug; static int store_flag = 1;
static int cached_only_flag;
static int debug_flag;
static int version_flag; static int version_flag;
static int help_flag; static int help_flag;
@@ -70,7 +72,11 @@ struct getargs args[] = {
NP_("Kerberos name type", ""), NULL }, NP_("Kerberos name type", ""), NULL },
{ "hostbased", 'H', arg_flag, &is_hostbased_flag, { "hostbased", 'H', arg_flag, &is_hostbased_flag,
NP_("indicate that the name is a host-based service name", ""), NULL }, NP_("indicate that the name is a host-based service name", ""), NULL },
{ "debug", 0, arg_flag, &debug, NULL, NULL }, { "store", 0, arg_negative_flag, &store_flag,
NP_("don't store the tickets obtained in the cache", ""), NULL },
{ "cached-only", 0, arg_flag, &cached_only_flag,
NP_("don't talk to the KDC, just search the cache", ""), NULL },
{ "debug", 0, arg_flag, &debug_flag, NULL, NULL },
{ "version", 0, arg_flag, &version_flag, NULL, NULL }, { "version", 0, arg_flag, &version_flag, NULL, NULL },
{ "help", 0, arg_flag, &help_flag, NULL, NULL } { "help", 0, arg_flag, &help_flag, NULL, NULL }
}; };
@@ -118,7 +124,7 @@ main(int argc, char **argv)
argc -= optidx; argc -= optidx;
argv += optidx; argv += optidx;
if (debug) { if (debug_flag) {
ret = krb5_set_debug_dest(context, getprogname(), "STDERR"); ret = krb5_set_debug_dest(context, getprogname(), "STDERR");
if (ret) if (ret)
krb5_warn(context, ret, "krb5_set_debug_dest"); krb5_warn(context, ret, "krb5_set_debug_dest");
@@ -166,6 +172,10 @@ main(int argc, char **argv)
krb5_get_creds_opt_add_options(context, opt, KRB5_GC_NO_TRANSIT_CHECK); krb5_get_creds_opt_add_options(context, opt, KRB5_GC_NO_TRANSIT_CHECK);
if (canonicalize_flag) if (canonicalize_flag)
krb5_get_creds_opt_add_options(context, opt, KRB5_GC_CANONICALIZE); krb5_get_creds_opt_add_options(context, opt, KRB5_GC_CANONICALIZE);
if (!store_flag)
krb5_get_creds_opt_add_options(context, opt, KRB5_GC_NO_STORE);
if (cached_only_flag)
krb5_get_creds_opt_add_options(context, opt, KRB5_GC_CACHED);
if (delegation_cred_str) { if (delegation_cred_str) {
krb5_ccache id; krb5_ccache id;