summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/kuser
diff options
context:
space:
mode:
authorassar <assar@FreeBSD.org>2001-06-21 02:12:07 +0000
committerassar <assar@FreeBSD.org>2001-06-21 02:12:07 +0000
commit0c8fa354358381b3f1b92598e7f1b46f8cf744cc (patch)
treeed28ffb73cc0ae48a9892dab3f10b09bc36436d5 /crypto/heimdal/kuser
parent06c859ecf534f468a52f24a3eb14409d73a4907c (diff)
downloadFreeBSD-src-0c8fa354358381b3f1b92598e7f1b46f8cf744cc.zip
FreeBSD-src-0c8fa354358381b3f1b92598e7f1b46f8cf744cc.tar.gz
import of heimdal 0.3f
Diffstat (limited to 'crypto/heimdal/kuser')
-rw-r--r--crypto/heimdal/kuser/Makefile.in16
-rw-r--r--crypto/heimdal/kuser/generate-requests.c4
-rw-r--r--crypto/heimdal/kuser/kdecode_ticket.c4
-rw-r--r--crypto/heimdal/kuser/kdestroy.12
-rw-r--r--crypto/heimdal/kuser/kdestroy.c4
-rw-r--r--crypto/heimdal/kuser/kdestroy.cat130
-rw-r--r--crypto/heimdal/kuser/kgetcred.15
-rw-r--r--crypto/heimdal/kuser/kgetcred.c4
-rw-r--r--crypto/heimdal/kuser/kgetcred.cat127
-rw-r--r--crypto/heimdal/kuser/kinit.132
-rw-r--r--crypto/heimdal/kuser/kinit.c55
-rw-r--r--crypto/heimdal/kuser/kinit.cat1119
-rw-r--r--crypto/heimdal/kuser/klist.15
-rw-r--r--crypto/heimdal/kuser/klist.c8
-rw-r--r--crypto/heimdal/kuser/klist.cat189
15 files changed, 360 insertions, 44 deletions
diff --git a/crypto/heimdal/kuser/Makefile.in b/crypto/heimdal/kuser/Makefile.in
index 40ab2b6..45dd3d2 100644
--- a/crypto/heimdal/kuser/Makefile.in
+++ b/crypto/heimdal/kuser/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
CHECK_LOCAL = $(bin_PROGRAMS)
man_MANS = kinit.1 klist.1 kdestroy.1 kgetcred.1
@@ -313,7 +316,7 @@ OBJECTS = generate-requests.$(OBJEXT) $(am_kauth_OBJECTS) kdecode_ticket.$(OBJEX
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign kuser/Makefile
@@ -483,6 +486,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
|| etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
+GTAGS:
+ here=`CDPATH=: && cd $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $$here
+
mostlyclean-tags:
clean-tags:
diff --git a/crypto/heimdal/kuser/generate-requests.c b/crypto/heimdal/kuser/generate-requests.c
index f7f5dd1..74371a7 100644
--- a/crypto/heimdal/kuser/generate-requests.c
+++ b/crypto/heimdal/kuser/generate-requests.c
@@ -33,7 +33,7 @@
#include "kuser_locl.h"
-RCSID("$Id: generate-requests.c,v 1.2 2000/12/31 07:49:27 assar Exp $");
+RCSID("$Id: generate-requests.c,v 1.3 2001/02/20 01:44:51 assar Exp $");
static krb5_error_code
null_key_proc (krb5_context context,
@@ -134,7 +134,7 @@ main(int argc, char **argv)
int nreq;
char *end;
- set_progname(argv[0]);
+ setprogname(argv[0]);
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind))
usage(1);
argc -= optind;
diff --git a/crypto/heimdal/kuser/kdecode_ticket.c b/crypto/heimdal/kuser/kdecode_ticket.c
index 499a3e9..74ca5af 100644
--- a/crypto/heimdal/kuser/kdecode_ticket.c
+++ b/crypto/heimdal/kuser/kdecode_ticket.c
@@ -33,7 +33,7 @@
#include "kuser_locl.h"
-RCSID("$Id: kdecode_ticket.c,v 1.4 2000/12/31 07:50:19 assar Exp $");
+RCSID("$Id: kdecode_ticket.c,v 1.5 2001/02/20 01:44:51 assar Exp $");
static char *etype_str;
static int version_flag;
@@ -103,7 +103,7 @@ main(int argc, char **argv)
krb5_creds in, *out;
int optind = 0;
- set_progname (argv[0]);
+ setprogname (argv[0]);
ret = krb5_init_context (&context);
if (ret)
diff --git a/crypto/heimdal/kuser/kdestroy.1 b/crypto/heimdal/kuser/kdestroy.1
index 6ac96a2..8d8b430 100644
--- a/crypto/heimdal/kuser/kdestroy.1
+++ b/crypto/heimdal/kuser/kdestroy.1
@@ -1,4 +1,4 @@
-.\" $Id: kdestroy.1,v 1.2 1999/05/14 14:05:40 assar Exp $
+.\" $Id: kdestroy.1,v 1.3 2001/05/02 08:59:22 assar Exp $
.\"
.Dd August 27, 1997
.Dt KDESTROY 1
diff --git a/crypto/heimdal/kuser/kdestroy.c b/crypto/heimdal/kuser/kdestroy.c
index 847c50e..a1a5c0d 100644
--- a/crypto/heimdal/kuser/kdestroy.c
+++ b/crypto/heimdal/kuser/kdestroy.c
@@ -32,7 +32,7 @@
*/
#include "kuser_locl.h"
-RCSID("$Id: kdestroy.c,v 1.12 2000/12/31 07:51:09 assar Exp $");
+RCSID("$Id: kdestroy.c,v 1.13 2001/02/20 01:44:51 assar Exp $");
static const char *cache;
static int help_flag;
@@ -68,7 +68,7 @@ main (int argc, char **argv)
int optind = 0;
int exit_val = 0;
- set_progname (argv[0]);
+ setprogname (argv[0]);
if(getarg(args, num_args, argc, argv, &optind))
usage(1);
diff --git a/crypto/heimdal/kuser/kdestroy.cat1 b/crypto/heimdal/kuser/kdestroy.cat1
new file mode 100644
index 0000000..0949f96
--- /dev/null
+++ b/crypto/heimdal/kuser/kdestroy.cat1
@@ -0,0 +1,30 @@
+
+KDESTROY(1) UNIX Reference Manual KDESTROY(1)
+
+NNAAMMEE
+ kkddeessttrrooyy - destroy the current ticket file
+
+SSYYNNOOPPSSIISS
+ kkddeessttrrooyy [--cc _c_a_c_h_e_f_i_l_e] [----ccaacchhee==_c_a_c_h_e_f_i_l_e] [----nnoo--uunnlloogg] [----nnoo--ddeelleettee--vv44]
+ [----vveerrssiioonn] [----hheellpp]
+
+DDEESSCCRRIIPPTTIIOONN
+ kkddeessttrrooyy remove the current set of tickets.
+
+ Supported options:
+
+ --cc _c_a_c_h_e_f_i_l_e
+
+ --ccaacchhee==_c_a_c_h_e_f_i_l_e
+ The cache file to remove.
+
+ ----nnoo--uunnlloogg
+ Do not remove AFS tokens.
+
+ ----nnoo--ddeelleettee--vv44
+ Do not remove v4 tickets.
+
+SSEEEE AALLSSOO
+ kinit(1), klist(1)
+
+ HEIMDAL August 27, 1997 1
diff --git a/crypto/heimdal/kuser/kgetcred.1 b/crypto/heimdal/kuser/kgetcred.1
index 4fcadbb..c7235f3 100644
--- a/crypto/heimdal/kuser/kgetcred.1
+++ b/crypto/heimdal/kuser/kgetcred.1
@@ -1,4 +1,4 @@
-.\" $Id: kgetcred.1,v 1.2 1999/05/13 22:26:35 assar Exp $
+.\" $Id: kgetcred.1,v 1.4 2001/06/08 21:40:40 joda Exp $
.\"
.Dd May 14, 1999
.Dt KGETCRED 1
@@ -9,8 +9,9 @@
.Sh SYNOPSIS
.Nm
.Oo Fl e Ar enctype \*(Ba Xo
-.Fl -enctype= Ns Ar enctype Oc
+.Fl -enctype= Ns Ar enctype
.Xc
+.Oc
.Op Fl -version
.Op Fl -help
.Ar service
diff --git a/crypto/heimdal/kuser/kgetcred.c b/crypto/heimdal/kuser/kgetcred.c
index a2b3b27..6707455 100644
--- a/crypto/heimdal/kuser/kgetcred.c
+++ b/crypto/heimdal/kuser/kgetcred.c
@@ -33,7 +33,7 @@
#include "kuser_locl.h"
-RCSID("$Id: kgetcred.c,v 1.4 2000/12/31 07:52:59 assar Exp $");
+RCSID("$Id: kgetcred.c,v 1.5 2001/02/20 01:44:51 assar Exp $");
static char *etype_str;
static int version_flag;
@@ -65,7 +65,7 @@ main(int argc, char **argv)
krb5_creds in, *out;
int optind = 0;
- set_progname (argv[0]);
+ setprogname (argv[0]);
ret = krb5_init_context (&context);
if (ret)
diff --git a/crypto/heimdal/kuser/kgetcred.cat1 b/crypto/heimdal/kuser/kgetcred.cat1
new file mode 100644
index 0000000..63a6c98
--- /dev/null
+++ b/crypto/heimdal/kuser/kgetcred.cat1
@@ -0,0 +1,27 @@
+
+KGETCRED(1) UNIX Reference Manual KGETCRED(1)
+
+NNAAMMEE
+ kkggeettccrreedd - get a ticket for a particular service
+
+SSYYNNOOPPSSIISS
+ kkggeettccrreedd [--ee _e_n_c_t_y_p_e | ----eennccttyyppee==_e_n_c_t_y_p_e] [----vveerrssiioonn] [----hheellpp] _s_e_r_v_i_c_e
+
+DDEESSCCRRIIPPTTIIOONN
+ kkggeettccrreedd obtains a ticket for a service. Usually tickets for services
+ are obtained automatically when needed but sometimes for some odd reason
+ you want to obtain a particular ticket or of a special type.
+
+ Supported options:
+
+ --ee _e_n_c_t_y_p_e, ----eennccttyyppee==_e_n_c_t_y_p_e
+ encryption type to use
+
+ ----vveerrssiioonn
+
+ ----hheellpp
+
+SSEEEE AALLSSOO
+ kinit(1), klist(1)
+
+ HEIMDAL May 14, 1999 1
diff --git a/crypto/heimdal/kuser/kinit.1 b/crypto/heimdal/kuser/kinit.1
index 8775e7a..8c2fc81 100644
--- a/crypto/heimdal/kuser/kinit.1
+++ b/crypto/heimdal/kuser/kinit.1
@@ -1,4 +1,4 @@
-.\" $Id: kinit.1,v 1.8 2001/01/28 21:44:56 assar Exp $
+.\" $Id: kinit.1,v 1.11 2001/06/08 21:35:32 joda Exp $
.\"
.Dd May 29, 1998
.Dt KINIT 1
@@ -12,38 +12,45 @@
.Op Fl 4 | Fl -524init
.Op Fl -afslog
.Oo Fl c Ar cachename \*(Ba Xo
-.Fl -cache= Ns Ar cachename Oc
+.Fl -cache= Ns Ar cachename
.Xc
+.Oc
.Op Fl f | Fl -forwardable
.Oo Fl t Ar keytabname \*(Ba Xo
-.Fl -keytab= Ns Ar keytabname Oc
+.Fl -keytab= Ns Ar keytabname
.Xc
+.Oc
.Oo Fl l Ar time \*(Ba Xo
-.Fl -lifetime= Ns Ar time Oc
+.Fl -lifetime= Ns Ar time
.Xc
+.Oc
.Op Fl p | Fl -proxiable
.Op Fl R | Fl -renew
.Op Fl -renewable
.Oo Fl r Ar time \*(Ba Xo
-.Fl -renewable-life= Ns Ar time Oc
+.Fl -renewable-life= Ns Ar time
.Xc
+.Oc
.Oo Fl S Ar principal \*(Ba Xo
-.Fl -server= Ns Ar principal Oc
+.Fl -server= Ns Ar principal
.Xc
+.Oc
.Oo Fl s Ar time \*(Ba Xo
-.Fl -start-time= Ns Ar time Oc
+.Fl -start-time= Ns Ar time
.Xc
+.Oc
.Op Fl k | Fl -use-keytab
.Op Fl v | Fl -validate
.Oo Fl e Ar enctype \*(Ba Xo
-.Fl -enctypes= Ns Ar enctype Oc
+.Fl -enctypes= Ns Ar enctype
.Xc
+.Oc
.Op Fl -fcache-version= Ns Ar integer
.Op Fl -no-addresses
.Op Fl -anonymous
.Op Fl -version
.Op Fl -help
-.Op Ar principal
+.Op Ar principal Op Ar command
.Sh DESCRIPTION
.Nm
is used to authenticate to the kerberos server as
@@ -184,6 +191,13 @@ options can be set to a default value from the
.Dv appdefaults
section in krb5.conf, see
.Xr krb5_appdefault 3 .
+.Pp
+If a
+.Ar command
+is given,
+.Nm kinit
+will setup new credentials caches, and AFS PAG, and then run the given
+command. When it finishes the credentials will be removed.
.Sh ENVIRONMENT
.Bl -tag -width Ds
.It Ev KRB5CCNAME
diff --git a/crypto/heimdal/kuser/kinit.c b/crypto/heimdal/kuser/kinit.c
index be2857c..560e0e2 100644
--- a/crypto/heimdal/kuser/kinit.c
+++ b/crypto/heimdal/kuser/kinit.c
@@ -32,7 +32,7 @@
*/
#include "kuser_locl.h"
-RCSID("$Id: kinit.c,v 1.69 2001/01/05 16:32:55 joda Exp $");
+RCSID("$Id: kinit.c,v 1.75 2001/05/07 21:08:15 assar Exp $");
#ifdef KRB4
/* for when the KDC tells us it's a v4 one, we try to talk that */
@@ -248,7 +248,7 @@ usage (int ret)
arg_printusage (args,
sizeof(args)/sizeof(*args),
NULL,
- "[principal]");
+ "[principal [command]]");
exit (ret);
}
@@ -290,9 +290,12 @@ renew_validate(krb5_context context,
flags.i = 0;
flags.b.renewable = flags.b.renew = renew;
flags.b.validate = validate;
- flags.b.forwardable = forwardable_flag;
- flags.b.proxiable = proxiable_flag;
- flags.b.request_anonymous = anonymous_flag;
+ if (forwardable_flag != -1)
+ flags.b.forwardable = forwardable_flag;
+ if (proxiable_flag != -1)
+ flags.b.proxiable = proxiable_flag;
+ if (anonymous_flag != -1)
+ flags.b.request_anonymous = anonymous_flag;
if(life)
in.times.endtime = time(NULL) + life;
@@ -339,7 +342,7 @@ main (int argc, char **argv)
krb5_addresses no_addrs;
char passwd[256];
- set_progname (argv[0]);
+ setprogname (argv[0]);
memset(&cred, 0, sizeof(cred));
ret = krb5_init_context (&context);
@@ -376,9 +379,6 @@ main (int argc, char **argv)
argc -= optind;
argv += optind;
- if (argc > 1)
- usage (1);
-
if (argv[0]) {
ret = krb5_parse_name (context, argv[0], &principal);
if (ret)
@@ -394,8 +394,26 @@ main (int argc, char **argv)
if(cred_cache)
ret = krb5_cc_resolve(context, cred_cache, &ccache);
- else
- ret = krb5_cc_default (context, &ccache);
+ else {
+ if(argc > 1) {
+ char s[1024];
+ ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &ccache);
+ if(ret)
+ krb5_err(context, 1, ret, "creating cred cache");
+ snprintf(s, sizeof(s), "%s:%s",
+ krb5_cc_get_type(context, ccache),
+ krb5_cc_get_name(context, ccache));
+ setenv("KRB5CCNAME", s, 1);
+#ifdef KRB4
+ snprintf(s, sizeof(s), "%s_XXXXXX", TKT_ROOT);
+ close(mkstemp(s));
+ setenv("KRBTKFILE", s, 1);
+ if (k_hasafs ())
+ k_setpag();
+#endif
+ } else
+ ret = krb5_cc_default (context, &ccache);
+ }
if (ret)
krb5_err (context, 1, ret, "resolving credentials cache");
@@ -437,7 +455,7 @@ main (int argc, char **argv)
errx (1, "unparsable time: %s", renew_life);
krb5_get_init_creds_opt_set_renew_life (&opt, tmp);
- } else if (renewable_flag)
+ } else if (renewable_flag == 1)
krb5_get_init_creds_opt_set_renew_life (&opt, 1 << 30);
if(ticket_life != 0)
@@ -570,9 +588,18 @@ main (int argc, char **argv)
}
if(do_afslog && k_hasafs())
krb5_afslog(context, ccache, NULL, NULL);
-#endif
krb5_free_creds_contents (context, &cred);
- krb5_cc_close (context, ccache);
+#endif
+ if(argc > 1) {
+ simple_execvp(argv[1], argv+1);
+ krb5_cc_destroy(context, ccache);
+#ifdef KRB4
+ dest_tkt();
+ if(k_hasafs())
+ k_unlog();
+#endif
+ } else
+ krb5_cc_close (context, ccache);
krb5_free_context (context);
return 0;
}
diff --git a/crypto/heimdal/kuser/kinit.cat1 b/crypto/heimdal/kuser/kinit.cat1
new file mode 100644
index 0000000..3507385
--- /dev/null
+++ b/crypto/heimdal/kuser/kinit.cat1
@@ -0,0 +1,119 @@
+
+KINIT(1) UNIX Reference Manual KINIT(1)
+
+NNAAMMEE
+ kkiinniitt, kkaauutthh - acquire initial tickets
+
+SSYYNNOOPPSSIISS
+ kkiinniitt [--44 | ----552244iinniitt] [----aaffsslloogg] [--cc _c_a_c_h_e_n_a_m_e | ----ccaacchhee==_c_a_c_h_e_n_a_m_e] [--ff
+ | ----ffoorrwwaarrddaabbllee] [--tt _k_e_y_t_a_b_n_a_m_e | ----kkeeyyttaabb==_k_e_y_t_a_b_n_a_m_e] [--ll _t_i_m_e |
+ ----lliiffeettiimmee==_t_i_m_e] [--pp | ----pprrooxxiiaabbllee] [--RR | ----rreenneeww] [----rreenneewwaabbllee]
+ [--rr _t_i_m_e | ----rreenneewwaabbllee--lliiffee==_t_i_m_e] [--SS _p_r_i_n_c_i_p_a_l |
+ ----sseerrvveerr==_p_r_i_n_c_i_p_a_l] [--ss _t_i_m_e | ----ssttaarrtt--ttiimmee==_t_i_m_e] [--kk |
+ ----uussee--kkeeyyttaabb] [--vv | ----vvaalliiddaattee] [--ee _e_n_c_t_y_p_e | ----eennccttyyppeess==_e_n_c_t_y_p_e]
+ [----ffccaacchhee--vveerrssiioonn==_i_n_t_e_g_e_r] [----nnoo--aaddddrreesssseess] [----aannoonnyymmoouuss]
+ [----vveerrssiioonn] [----hheellpp] [_p_r_i_n_c_i_p_a_l [_c_o_m_m_a_n_d]]
+
+DDEESSCCRRIIPPTTIIOONN
+ kkiinniitt is used to authenticate to the kerberos server as _p_r_i_n_c_i_p_a_l, or if
+ none is given, a system generated default (typically your login name at
+ the default realm), and acquire a ticket granting ticket that can later
+ be used to obtain tickets for other services.
+
+ If you have compiled kinit with Kerberos 4 support and you have a Ker-
+ beros 4 server, kkiinniitt will detect this and get you Kerberos 4 tickets.
+
+ Supported options:
+
+ --cc _c_a_c_h_e_n_a_m_e ----ccaacchhee==_c_a_c_h_e_n_a_m_e
+ The credentials cache to put the acquired ticket in, if other
+ than default.
+
+ --ff, ----ffoorrwwaarrddaabbllee
+ Get ticket that can be forwarded to another host.
+
+ --tt _k_e_y_t_a_b_n_a_m_e, ----kkeeyyttaabb==_k_e_y_t_a_b_n_a_m_e
+ Don't ask for a password, but instead get the key from the speci-
+ fied keytab.
+
+ --ll _t_i_m_e, ----lliiffeettiimmee==_t_i_m_e
+ Specifies the lifetime of the ticket. The argument can either be
+ in seconds, or a more human readable string like `1h'.
+
+ --pp, ----pprrooxxiiaabbllee
+ Request tickets with the proxiable flag set.
+
+ --RR, ----rreenneeww
+ Try to renew ticket. The ticket must have the `renewable' flag
+ set, and must not be expired.
+
+ ----rreenneewwaabbllee
+ The same as ----rreenneewwaabbllee--lliiffee, with an infinite time.
+
+ --rr _t_i_m_e, ----rreenneewwaabbllee--lliiffee==_t_i_m_e
+ The max renewable ticket life.
+
+ --SS _p_r_i_n_c_i_p_a_l, ----sseerrvveerr==_p_r_i_n_c_i_p_a_l
+ Get a ticket for a service other than krbtgt/LOCAL.REALM.
+
+ --ss _t_i_m_e, ----ssttaarrtt--ttiimmee==_t_i_m_e
+ Obtain a ticket that starts to be valid _t_i_m_e (which can really be
+ a generic time specification, like `1h') seconds into the future.
+
+ --kk, ----uussee--kkeeyyttaabb
+ The same as ----kkeeyyttaabb, but with the default keytab name (normally
+
+ _F_I_L_E_:_/_e_t_c_/_k_r_b_5_._k_e_y_t_a_b).
+
+ --vv, ----vvaalliiddaattee
+ Try to validate an invalid ticket.
+
+ --ee, ----eennccttyyppeess==_e_n_c_t_y_p_e_s
+ Request tickets with this particular enctype.
+
+ ----ffccaacchhee--vveerrssiioonn==_v_e_r_s_i_o_n
+ Create a credentials cache of version vveerrssiioonn.
+
+ ----nnoo--aaddddrreesssseess
+ Request a ticket with no addresses.
+
+ ----aannoonnyymmoouuss
+ Request an anonymous ticket (which means that the ticket will be
+ issued to an anonymous principal, typically ``anonymous@REALM).''
+
+ The following options are only available if kkiinniitt has been compiled with
+ support for Kerberos 4. The kkaauutthh program is identical to kkiinniitt, but has
+ these options enabled by default.
+
+ --44, ----552244iinniitt
+ Try to convert the obtained Kerberos 5 krbtgt to a version 4 com-
+ patible ticket. It will store this ticket in the default Kerberos
+ 4 ticket file.
+
+ ----aaffsslloogg
+ Gets AFS tickets, converts them to version 4 format, and stores
+ them in the kernel. Only useful if you have AFS.
+
+ The _f_o_r_w_a_r_d_a_b_l_e, _p_r_o_x_i_a_b_l_e, _t_i_c_k_e_t___l_i_f_e, and _r_e_n_e_w_a_b_l_e___l_i_f_e options can
+ be set to a default value from the appdefaults section in krb5.conf, see
+ krb5_appdefault(3).
+
+ If a _c_o_m_m_a_n_d is given, kkiinniitt will setup new credentials caches, and AFS
+ PAG, and then run the given command. When it finishes the credentials
+ will be removed.
+
+EENNVVIIRROONNMMEENNTT
+ KRB5CCNAME
+ Specifies the default cache file.
+
+ KRB5_CONFIG
+ The directory where the _k_r_b_5_._c_o_n_f can be found, default is _/_e_t_c.
+
+ KRBTKFILE
+ Specifies the Kerberos 4 ticket file to store version 4 tickets
+ in.
+
+SSEEEE AALLSSOO
+ kdestroy(1), klist(1), krb5.conf(5), krb5_appdefault(3)
+
+ HEIMDAL May 29, 1998 2
diff --git a/crypto/heimdal/kuser/klist.1 b/crypto/heimdal/kuser/klist.1
index 7676508..296e4fa 100644
--- a/crypto/heimdal/kuser/klist.1
+++ b/crypto/heimdal/kuser/klist.1
@@ -1,4 +1,4 @@
-.\" $Id: klist.1,v 1.6 2000/07/08 20:47:58 joda Exp $
+.\" $Id: klist.1,v 1.8 2001/06/08 21:35:32 joda Exp $
.\"
.Dd July 8, 2000
.Dt KLIST 1
@@ -9,8 +9,9 @@
.Sh SYNOPSIS
.Nm
.Oo Fl c Ar cache \*(Ba Xo
-.Fl -cache= Ns Ar cache Oc
+.Fl -cache= Ns Ar cache
.Xc
+.Oc
.Op Fl s | Fl t | Fl -test
.Op Fl 4 | Fl -v4
.Op Fl T | Fl -tokens
diff --git a/crypto/heimdal/kuser/klist.c b/crypto/heimdal/kuser/klist.c
index 6bfaeb8..ebeebad 100644
--- a/crypto/heimdal/kuser/klist.c
+++ b/crypto/heimdal/kuser/klist.c
@@ -34,7 +34,7 @@
#include "kuser_locl.h"
#include "rtbl.h"
-RCSID("$Id: klist.c,v 1.62 2001/01/25 12:37:01 assar Exp $");
+RCSID("$Id: klist.c,v 1.64 2001/05/11 19:55:13 assar Exp $");
static char*
printable_time(time_t t)
@@ -275,8 +275,8 @@ print_tickets (krb5_context context,
}
while (krb5_cc_next_cred (context,
ccache,
- &creds,
- &cursor) == 0) {
+ &cursor,
+ &creds) == 0) {
if(do_verbose){
print_cred_verbose(context, &creds);
}else{
@@ -629,7 +629,7 @@ main (int argc, char **argv)
int optind = 0;
int exit_status = 0;
- set_progname (argv[0]);
+ setprogname (argv[0]);
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind))
usage(1);
diff --git a/crypto/heimdal/kuser/klist.cat1 b/crypto/heimdal/kuser/klist.cat1
new file mode 100644
index 0000000..20f2c33
--- /dev/null
+++ b/crypto/heimdal/kuser/klist.cat1
@@ -0,0 +1,89 @@
+
+KLIST(1) UNIX Reference Manual KLIST(1)
+
+NNAAMMEE
+ kklliisstt - list Kerberos credentials
+
+SSYYNNOOPPSSIISS
+ kklliisstt [--cc _c_a_c_h_e | ----ccaacchhee==_c_a_c_h_e] [--ss | --tt | ----tteesstt] [--44 | ----vv44] [--TT |
+ ----ttookkeennss] [--55 | ----vv55] [--vv | ----vveerrbboossee] [--ff] [----vveerrssiioonn] [----hheellpp]
+
+DDEESSCCRRIIPPTTIIOONN
+ kklliisstt reads and displays the current tickets in the crential cache (also
+ known as the ticket file).
+
+ Options supported:
+
+ --cc _c_a_c_h_e, ----ccaacchhee==_c_a_c_h_e
+ credentials cache to list
+
+ --ss, --tt, ----tteesstt
+ Test for there being an active and valid TGT for the local realm
+ of the user in the credential cache.
+
+ --44, ----vv44
+ display v4 tickets
+
+ --TT, ----ttookkeennss
+ display AFS tokens
+
+ --55, ----vv55
+ display v5 cred cache (this is the default)
+
+ --ff Include ticket flags in short form, each charcted stands for a
+ specific flag, as follows:
+ F forwardable
+ f forwarded
+ P proxiable
+ p proxied
+ D postdate-able
+ d postdated
+ R renewable
+ I initial
+ i invalid
+ A pre-authenticated
+ H hardware authenticated
+
+ This information is also output with the ----vveerrbboossee option, but in
+ a more verbose way.
+
+ --vv, ----vveerrbboossee
+ Verbose output. Include all possible information:
+
+ Server
+ the princial the ticket is for
+
+ Ticket etype
+ the encryption type use in the ticket, followed by
+ the key version of the ticket, if it is available
+
+ Session key
+ the encryption type of the session key, if it's dif-
+ ferent from the encryption type of the ticket
+
+ Auth time
+
+ the time the authentication exchange took place
+
+ Start time
+ the time that this tickets is valid from (only print-
+ ed if it's different from the auth time)
+
+ End time
+ when the ticket expires, if it has already expired
+ this is also noted
+
+ Renew till
+ the maximum possible end time of any ticket derived
+ from this one
+
+ Ticket flags
+ the flags set on the ticket
+
+ Addresses
+ the set of addresses from which this ticket is valid
+
+SSEEEE AALLSSOO
+ kinit(1), kdestroy(1)
+
+ HEIMDAL July 8, 2000 2
OpenPOWER on IntegriCloud