oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
f6d1dfd60f34ef40532707d4e116bf5f19268a28
heimdal/lib/gssapi/gss-commands.in
Nicolas Williams ae7d6746d1 gsstool: Add GSS-based kinit-like acquire_cred cmd 
This has most of the features needed to act as a kinit that uses GSS
APIs, specifically gss_acquire_cred_from() and gss_store_cred_into2().

It's missing some functionality, such as being able to drive prompts
from AS responses (if we add minor status codes for representing KDC
pre-auth proposals, then we do drive prompts, but we would have to
encode a lot of mechanism-specific knowledge into gsstool).

The point of this commit is to explore:

 - GSS functionality for kinit-like actions

 - credential store key/value pairs supported by the mechanisms

 - document the credential store key/value pairs (in gsstool.1)

that might lead to further enhancements.  But gsstool acquire-cred
is quite functional at this point!
2026-01-18 19:06:16 -06:00

137 lines
3.3 KiB
Plaintext
Raw Blame History

/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id$ */
command = {
name = "mechanisms"
name = "supported-mechanisms"
help = "Print the supported mechanisms"
}
command = {
name = "attributes"
name = "attrs-for-mech"
help = "Print the attributes for mechs"
option = {
long = "all"
type = "flag"
}
option = {
long = "mech"
type = "string"
argument = "mechanism"
}
}
command = {
name = "acquire-cred"
help = "Acquire a credential"
option = {
long = "initiator"
type = "flag"
}
option = {
long = "acceptor"
type = "flag"
}
option = {
long = "mech"
type = "strings"
argument = "mechanism"
}
option = {
long = "name-type"
type = "string"
argument = "name-type for desired name"
}
option = {
long = "name"
type = "string"
argument = "desired name"
}
option = {
long = "time-req"
type = "integer"
argument = "desired credential lifetime"
}
option = {
long = "from"
type = "strings"
argument = "key=value pair"
}
option = {
long = "from-prompt"
type = "strings"
argument = "key=prompt pair"
}
option = {
long = "from-file"
type = "strings"
argument = "key=filename pair"
}
option = {
long = "into"
type = "strings"
argument = "key=value pair"
}
option = {
long = "into-prompt"
type = "strings"
argument = "key=prompt pair"
}
option = {
long = "into-file"
type = "strings"
argument = "key=filename pair"
}
option = {
long = "verbose"
short = "v"
type = "flag"
help = "Verbose"
}
option = {
long = "shell"
short = "s"
type = "flag"
help = "Verbose"
}
argument = "[cmd args]"
}
command = {
name = "help"
name = "?"
argument = "[command]"
min_args = "0"
max_args = "1"
help = "gsstool mechanisms | attributes | acquire-cred"
}
Reference in New Issue View Git Blame Copy Permalink