diff options
Diffstat (limited to 'crypto/heimdal/kuser')
-rw-r--r-- | crypto/heimdal/kuser/Makefile.in | 16 | ||||
-rw-r--r-- | crypto/heimdal/kuser/generate-requests.c | 4 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kdecode_ticket.c | 4 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kdestroy.1 | 2 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kdestroy.c | 4 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kdestroy.cat1 | 30 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kgetcred.1 | 5 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kgetcred.c | 4 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kgetcred.cat1 | 27 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kinit.1 | 32 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kinit.c | 55 | ||||
-rw-r--r-- | crypto/heimdal/kuser/kinit.cat1 | 119 | ||||
-rw-r--r-- | crypto/heimdal/kuser/klist.1 | 5 | ||||
-rw-r--r-- | crypto/heimdal/kuser/klist.c | 8 | ||||
-rw-r--r-- | crypto/heimdal/kuser/klist.cat1 | 89 |
15 files changed, 360 insertions, 44 deletions
diff --git a/crypto/heimdal/kuser/Makefile.in b/crypto/heimdal/kuser/Makefile.in index 40ab2b6..45dd3d2 100644 --- a/crypto/heimdal/kuser/Makefile.in +++ b/crypto/heimdal/kuser/Makefile.in @@ -1,6 +1,7 @@ -# Makefile.in generated automatically by automake 1.4a from Makefile.am +# Makefile.in generated automatically by automake 1.4b from Makefile.am -# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. +# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000 +# Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -119,7 +120,7 @@ install_sh = @install_sh@ # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ -# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ +# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $ AUTOMAKE_OPTIONS = foreign no-dependencies @@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la +@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la + CHECK_LOCAL = $(bin_PROGRAMS) man_MANS = kinit.1 klist.1 kdestroy.1 kgetcred.1 @@ -313,7 +316,7 @@ OBJECTS = generate-requests.$(OBJEXT) $(am_kauth_OBJECTS) kdecode_ticket.$(OBJEX all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x +.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign kuser/Makefile @@ -483,6 +486,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) +GTAGS: + here=`CDPATH=: && cd $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $$here + mostlyclean-tags: clean-tags: diff --git a/crypto/heimdal/kuser/generate-requests.c b/crypto/heimdal/kuser/generate-requests.c index f7f5dd1..74371a7 100644 --- a/crypto/heimdal/kuser/generate-requests.c +++ b/crypto/heimdal/kuser/generate-requests.c @@ -33,7 +33,7 @@ #include "kuser_locl.h" -RCSID("$Id: generate-requests.c,v 1.2 2000/12/31 07:49:27 assar Exp $"); +RCSID("$Id: generate-requests.c,v 1.3 2001/02/20 01:44:51 assar Exp $"); static krb5_error_code null_key_proc (krb5_context context, @@ -134,7 +134,7 @@ main(int argc, char **argv) int nreq; char *end; - set_progname(argv[0]); + setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) usage(1); argc -= optind; diff --git a/crypto/heimdal/kuser/kdecode_ticket.c b/crypto/heimdal/kuser/kdecode_ticket.c index 499a3e9..74ca5af 100644 --- a/crypto/heimdal/kuser/kdecode_ticket.c +++ b/crypto/heimdal/kuser/kdecode_ticket.c @@ -33,7 +33,7 @@ #include "kuser_locl.h" -RCSID("$Id: kdecode_ticket.c,v 1.4 2000/12/31 07:50:19 assar Exp $"); +RCSID("$Id: kdecode_ticket.c,v 1.5 2001/02/20 01:44:51 assar Exp $"); static char *etype_str; static int version_flag; @@ -103,7 +103,7 @@ main(int argc, char **argv) krb5_creds in, *out; int optind = 0; - set_progname (argv[0]); + setprogname (argv[0]); ret = krb5_init_context (&context); if (ret) diff --git a/crypto/heimdal/kuser/kdestroy.1 b/crypto/heimdal/kuser/kdestroy.1 index 6ac96a2..8d8b430 100644 --- a/crypto/heimdal/kuser/kdestroy.1 +++ b/crypto/heimdal/kuser/kdestroy.1 @@ -1,4 +1,4 @@ -.\" $Id: kdestroy.1,v 1.2 1999/05/14 14:05:40 assar Exp $ +.\" $Id: kdestroy.1,v 1.3 2001/05/02 08:59:22 assar Exp $ .\" .Dd August 27, 1997 .Dt KDESTROY 1 diff --git a/crypto/heimdal/kuser/kdestroy.c b/crypto/heimdal/kuser/kdestroy.c index 847c50e..a1a5c0d 100644 --- a/crypto/heimdal/kuser/kdestroy.c +++ b/crypto/heimdal/kuser/kdestroy.c @@ -32,7 +32,7 @@ */ #include "kuser_locl.h" -RCSID("$Id: kdestroy.c,v 1.12 2000/12/31 07:51:09 assar Exp $"); +RCSID("$Id: kdestroy.c,v 1.13 2001/02/20 01:44:51 assar Exp $"); static const char *cache; static int help_flag; @@ -68,7 +68,7 @@ main (int argc, char **argv) int optind = 0; int exit_val = 0; - set_progname (argv[0]); + setprogname (argv[0]); if(getarg(args, num_args, argc, argv, &optind)) usage(1); diff --git a/crypto/heimdal/kuser/kdestroy.cat1 b/crypto/heimdal/kuser/kdestroy.cat1 new file mode 100644 index 0000000..0949f96 --- /dev/null +++ b/crypto/heimdal/kuser/kdestroy.cat1 @@ -0,0 +1,30 @@ + +KDESTROY(1) UNIX Reference Manual KDESTROY(1) + +NNAAMMEE + kkddeessttrrooyy - destroy the current ticket file + +SSYYNNOOPPSSIISS + kkddeessttrrooyy [--cc _c_a_c_h_e_f_i_l_e] [----ccaacchhee==_c_a_c_h_e_f_i_l_e] [----nnoo--uunnlloogg] [----nnoo--ddeelleettee--vv44] + [----vveerrssiioonn] [----hheellpp] + +DDEESSCCRRIIPPTTIIOONN + kkddeessttrrooyy remove the current set of tickets. + + Supported options: + + --cc _c_a_c_h_e_f_i_l_e + + --ccaacchhee==_c_a_c_h_e_f_i_l_e + The cache file to remove. + + ----nnoo--uunnlloogg + Do not remove AFS tokens. + + ----nnoo--ddeelleettee--vv44 + Do not remove v4 tickets. + +SSEEEE AALLSSOO + kinit(1), klist(1) + + HEIMDAL August 27, 1997 1 diff --git a/crypto/heimdal/kuser/kgetcred.1 b/crypto/heimdal/kuser/kgetcred.1 index 4fcadbb..c7235f3 100644 --- a/crypto/heimdal/kuser/kgetcred.1 +++ b/crypto/heimdal/kuser/kgetcred.1 @@ -1,4 +1,4 @@ -.\" $Id: kgetcred.1,v 1.2 1999/05/13 22:26:35 assar Exp $ +.\" $Id: kgetcred.1,v 1.4 2001/06/08 21:40:40 joda Exp $ .\" .Dd May 14, 1999 .Dt KGETCRED 1 @@ -9,8 +9,9 @@ .Sh SYNOPSIS .Nm .Oo Fl e Ar enctype \*(Ba Xo -.Fl -enctype= Ns Ar enctype Oc +.Fl -enctype= Ns Ar enctype .Xc +.Oc .Op Fl -version .Op Fl -help .Ar service diff --git a/crypto/heimdal/kuser/kgetcred.c b/crypto/heimdal/kuser/kgetcred.c index a2b3b27..6707455 100644 --- a/crypto/heimdal/kuser/kgetcred.c +++ b/crypto/heimdal/kuser/kgetcred.c @@ -33,7 +33,7 @@ #include "kuser_locl.h" -RCSID("$Id: kgetcred.c,v 1.4 2000/12/31 07:52:59 assar Exp $"); +RCSID("$Id: kgetcred.c,v 1.5 2001/02/20 01:44:51 assar Exp $"); static char *etype_str; static int version_flag; @@ -65,7 +65,7 @@ main(int argc, char **argv) krb5_creds in, *out; int optind = 0; - set_progname (argv[0]); + setprogname (argv[0]); ret = krb5_init_context (&context); if (ret) diff --git a/crypto/heimdal/kuser/kgetcred.cat1 b/crypto/heimdal/kuser/kgetcred.cat1 new file mode 100644 index 0000000..63a6c98 --- /dev/null +++ b/crypto/heimdal/kuser/kgetcred.cat1 @@ -0,0 +1,27 @@ + +KGETCRED(1) UNIX Reference Manual KGETCRED(1) + +NNAAMMEE + kkggeettccrreedd - get a ticket for a particular service + +SSYYNNOOPPSSIISS + kkggeettccrreedd [--ee _e_n_c_t_y_p_e | ----eennccttyyppee==_e_n_c_t_y_p_e] [----vveerrssiioonn] [----hheellpp] _s_e_r_v_i_c_e + +DDEESSCCRRIIPPTTIIOONN + kkggeettccrreedd obtains a ticket for a service. Usually tickets for services + are obtained automatically when needed but sometimes for some odd reason + you want to obtain a particular ticket or of a special type. + + Supported options: + + --ee _e_n_c_t_y_p_e, ----eennccttyyppee==_e_n_c_t_y_p_e + encryption type to use + + ----vveerrssiioonn + + ----hheellpp + +SSEEEE AALLSSOO + kinit(1), klist(1) + + HEIMDAL May 14, 1999 1 diff --git a/crypto/heimdal/kuser/kinit.1 b/crypto/heimdal/kuser/kinit.1 index 8775e7a..8c2fc81 100644 --- a/crypto/heimdal/kuser/kinit.1 +++ b/crypto/heimdal/kuser/kinit.1 @@ -1,4 +1,4 @@ -.\" $Id: kinit.1,v 1.8 2001/01/28 21:44:56 assar Exp $ +.\" $Id: kinit.1,v 1.11 2001/06/08 21:35:32 joda Exp $ .\" .Dd May 29, 1998 .Dt KINIT 1 @@ -12,38 +12,45 @@ .Op Fl 4 | Fl -524init .Op Fl -afslog .Oo Fl c Ar cachename \*(Ba Xo -.Fl -cache= Ns Ar cachename Oc +.Fl -cache= Ns Ar cachename .Xc +.Oc .Op Fl f | Fl -forwardable .Oo Fl t Ar keytabname \*(Ba Xo -.Fl -keytab= Ns Ar keytabname Oc +.Fl -keytab= Ns Ar keytabname .Xc +.Oc .Oo Fl l Ar time \*(Ba Xo -.Fl -lifetime= Ns Ar time Oc +.Fl -lifetime= Ns Ar time .Xc +.Oc .Op Fl p | Fl -proxiable .Op Fl R | Fl -renew .Op Fl -renewable .Oo Fl r Ar time \*(Ba Xo -.Fl -renewable-life= Ns Ar time Oc +.Fl -renewable-life= Ns Ar time .Xc +.Oc .Oo Fl S Ar principal \*(Ba Xo -.Fl -server= Ns Ar principal Oc +.Fl -server= Ns Ar principal .Xc +.Oc .Oo Fl s Ar time \*(Ba Xo -.Fl -start-time= Ns Ar time Oc +.Fl -start-time= Ns Ar time .Xc +.Oc .Op Fl k | Fl -use-keytab .Op Fl v | Fl -validate .Oo Fl e Ar enctype \*(Ba Xo -.Fl -enctypes= Ns Ar enctype Oc +.Fl -enctypes= Ns Ar enctype .Xc +.Oc .Op Fl -fcache-version= Ns Ar integer .Op Fl -no-addresses .Op Fl -anonymous .Op Fl -version .Op Fl -help -.Op Ar principal +.Op Ar principal Op Ar command .Sh DESCRIPTION .Nm is used to authenticate to the kerberos server as @@ -184,6 +191,13 @@ options can be set to a default value from the .Dv appdefaults section in krb5.conf, see .Xr krb5_appdefault 3 . +.Pp +If a +.Ar command +is given, +.Nm kinit +will setup new credentials caches, and AFS PAG, and then run the given +command. When it finishes the credentials will be removed. .Sh ENVIRONMENT .Bl -tag -width Ds .It Ev KRB5CCNAME diff --git a/crypto/heimdal/kuser/kinit.c b/crypto/heimdal/kuser/kinit.c index be2857c..560e0e2 100644 --- a/crypto/heimdal/kuser/kinit.c +++ b/crypto/heimdal/kuser/kinit.c @@ -32,7 +32,7 @@ */ #include "kuser_locl.h" -RCSID("$Id: kinit.c,v 1.69 2001/01/05 16:32:55 joda Exp $"); +RCSID("$Id: kinit.c,v 1.75 2001/05/07 21:08:15 assar Exp $"); #ifdef KRB4 /* for when the KDC tells us it's a v4 one, we try to talk that */ @@ -248,7 +248,7 @@ usage (int ret) arg_printusage (args, sizeof(args)/sizeof(*args), NULL, - "[principal]"); + "[principal [command]]"); exit (ret); } @@ -290,9 +290,12 @@ renew_validate(krb5_context context, flags.i = 0; flags.b.renewable = flags.b.renew = renew; flags.b.validate = validate; - flags.b.forwardable = forwardable_flag; - flags.b.proxiable = proxiable_flag; - flags.b.request_anonymous = anonymous_flag; + if (forwardable_flag != -1) + flags.b.forwardable = forwardable_flag; + if (proxiable_flag != -1) + flags.b.proxiable = proxiable_flag; + if (anonymous_flag != -1) + flags.b.request_anonymous = anonymous_flag; if(life) in.times.endtime = time(NULL) + life; @@ -339,7 +342,7 @@ main (int argc, char **argv) krb5_addresses no_addrs; char passwd[256]; - set_progname (argv[0]); + setprogname (argv[0]); memset(&cred, 0, sizeof(cred)); ret = krb5_init_context (&context); @@ -376,9 +379,6 @@ main (int argc, char **argv) argc -= optind; argv += optind; - if (argc > 1) - usage (1); - if (argv[0]) { ret = krb5_parse_name (context, argv[0], &principal); if (ret) @@ -394,8 +394,26 @@ main (int argc, char **argv) if(cred_cache) ret = krb5_cc_resolve(context, cred_cache, &ccache); - else - ret = krb5_cc_default (context, &ccache); + else { + if(argc > 1) { + char s[1024]; + ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &ccache); + if(ret) + krb5_err(context, 1, ret, "creating cred cache"); + snprintf(s, sizeof(s), "%s:%s", + krb5_cc_get_type(context, ccache), + krb5_cc_get_name(context, ccache)); + setenv("KRB5CCNAME", s, 1); +#ifdef KRB4 + snprintf(s, sizeof(s), "%s_XXXXXX", TKT_ROOT); + close(mkstemp(s)); + setenv("KRBTKFILE", s, 1); + if (k_hasafs ()) + k_setpag(); +#endif + } else + ret = krb5_cc_default (context, &ccache); + } if (ret) krb5_err (context, 1, ret, "resolving credentials cache"); @@ -437,7 +455,7 @@ main (int argc, char **argv) errx (1, "unparsable time: %s", renew_life); krb5_get_init_creds_opt_set_renew_life (&opt, tmp); - } else if (renewable_flag) + } else if (renewable_flag == 1) krb5_get_init_creds_opt_set_renew_life (&opt, 1 << 30); if(ticket_life != 0) @@ -570,9 +588,18 @@ main (int argc, char **argv) } if(do_afslog && k_hasafs()) krb5_afslog(context, ccache, NULL, NULL); -#endif krb5_free_creds_contents (context, &cred); - krb5_cc_close (context, ccache); +#endif + if(argc > 1) { + simple_execvp(argv[1], argv+1); + krb5_cc_destroy(context, ccache); +#ifdef KRB4 + dest_tkt(); + if(k_hasafs()) + k_unlog(); +#endif + } else + krb5_cc_close (context, ccache); krb5_free_context (context); return 0; } diff --git a/crypto/heimdal/kuser/kinit.cat1 b/crypto/heimdal/kuser/kinit.cat1 new file mode 100644 index 0000000..3507385 --- /dev/null +++ b/crypto/heimdal/kuser/kinit.cat1 @@ -0,0 +1,119 @@ + +KINIT(1) UNIX Reference Manual KINIT(1) + +NNAAMMEE + kkiinniitt, kkaauutthh - acquire initial tickets + +SSYYNNOOPPSSIISS + kkiinniitt [--44 | ----552244iinniitt] [----aaffsslloogg] [--cc _c_a_c_h_e_n_a_m_e | ----ccaacchhee==_c_a_c_h_e_n_a_m_e] [--ff + | ----ffoorrwwaarrddaabbllee] [--tt _k_e_y_t_a_b_n_a_m_e | ----kkeeyyttaabb==_k_e_y_t_a_b_n_a_m_e] [--ll _t_i_m_e | + ----lliiffeettiimmee==_t_i_m_e] [--pp | ----pprrooxxiiaabbllee] [--RR | ----rreenneeww] [----rreenneewwaabbllee] + [--rr _t_i_m_e | ----rreenneewwaabbllee--lliiffee==_t_i_m_e] [--SS _p_r_i_n_c_i_p_a_l | + ----sseerrvveerr==_p_r_i_n_c_i_p_a_l] [--ss _t_i_m_e | ----ssttaarrtt--ttiimmee==_t_i_m_e] [--kk | + ----uussee--kkeeyyttaabb] [--vv | ----vvaalliiddaattee] [--ee _e_n_c_t_y_p_e | ----eennccttyyppeess==_e_n_c_t_y_p_e] + [----ffccaacchhee--vveerrssiioonn==_i_n_t_e_g_e_r] [----nnoo--aaddddrreesssseess] [----aannoonnyymmoouuss] + [----vveerrssiioonn] [----hheellpp] [_p_r_i_n_c_i_p_a_l [_c_o_m_m_a_n_d]] + +DDEESSCCRRIIPPTTIIOONN + kkiinniitt is used to authenticate to the kerberos server as _p_r_i_n_c_i_p_a_l, or if + none is given, a system generated default (typically your login name at + the default realm), and acquire a ticket granting ticket that can later + be used to obtain tickets for other services. + + If you have compiled kinit with Kerberos 4 support and you have a Ker- + beros 4 server, kkiinniitt will detect this and get you Kerberos 4 tickets. + + Supported options: + + --cc _c_a_c_h_e_n_a_m_e ----ccaacchhee==_c_a_c_h_e_n_a_m_e + The credentials cache to put the acquired ticket in, if other + than default. + + --ff, ----ffoorrwwaarrddaabbllee + Get ticket that can be forwarded to another host. + + --tt _k_e_y_t_a_b_n_a_m_e, ----kkeeyyttaabb==_k_e_y_t_a_b_n_a_m_e + Don't ask for a password, but instead get the key from the speci- + fied keytab. + + --ll _t_i_m_e, ----lliiffeettiimmee==_t_i_m_e + Specifies the lifetime of the ticket. The argument can either be + in seconds, or a more human readable string like `1h'. + + --pp, ----pprrooxxiiaabbllee + Request tickets with the proxiable flag set. + + --RR, ----rreenneeww + Try to renew ticket. The ticket must have the `renewable' flag + set, and must not be expired. + + ----rreenneewwaabbllee + The same as ----rreenneewwaabbllee--lliiffee, with an infinite time. + + --rr _t_i_m_e, ----rreenneewwaabbllee--lliiffee==_t_i_m_e + The max renewable ticket life. + + --SS _p_r_i_n_c_i_p_a_l, ----sseerrvveerr==_p_r_i_n_c_i_p_a_l + Get a ticket for a service other than krbtgt/LOCAL.REALM. + + --ss _t_i_m_e, ----ssttaarrtt--ttiimmee==_t_i_m_e + Obtain a ticket that starts to be valid _t_i_m_e (which can really be + a generic time specification, like `1h') seconds into the future. + + --kk, ----uussee--kkeeyyttaabb + The same as ----kkeeyyttaabb, but with the default keytab name (normally + + _F_I_L_E_:_/_e_t_c_/_k_r_b_5_._k_e_y_t_a_b). + + --vv, ----vvaalliiddaattee + Try to validate an invalid ticket. + + --ee, ----eennccttyyppeess==_e_n_c_t_y_p_e_s + Request tickets with this particular enctype. + + ----ffccaacchhee--vveerrssiioonn==_v_e_r_s_i_o_n + Create a credentials cache of version vveerrssiioonn. + + ----nnoo--aaddddrreesssseess + Request a ticket with no addresses. + + ----aannoonnyymmoouuss + Request an anonymous ticket (which means that the ticket will be + issued to an anonymous principal, typically ``anonymous@REALM).'' + + The following options are only available if kkiinniitt has been compiled with + support for Kerberos 4. The kkaauutthh program is identical to kkiinniitt, but has + these options enabled by default. + + --44, ----552244iinniitt + Try to convert the obtained Kerberos 5 krbtgt to a version 4 com- + patible ticket. It will store this ticket in the default Kerberos + 4 ticket file. + + ----aaffsslloogg + Gets AFS tickets, converts them to version 4 format, and stores + them in the kernel. Only useful if you have AFS. + + The _f_o_r_w_a_r_d_a_b_l_e, _p_r_o_x_i_a_b_l_e, _t_i_c_k_e_t___l_i_f_e, and _r_e_n_e_w_a_b_l_e___l_i_f_e options can + be set to a default value from the appdefaults section in krb5.conf, see + krb5_appdefault(3). + + If a _c_o_m_m_a_n_d is given, kkiinniitt will setup new credentials caches, and AFS + PAG, and then run the given command. When it finishes the credentials + will be removed. + +EENNVVIIRROONNMMEENNTT + KRB5CCNAME + Specifies the default cache file. + + KRB5_CONFIG + The directory where the _k_r_b_5_._c_o_n_f can be found, default is _/_e_t_c. + + KRBTKFILE + Specifies the Kerberos 4 ticket file to store version 4 tickets + in. + +SSEEEE AALLSSOO + kdestroy(1), klist(1), krb5.conf(5), krb5_appdefault(3) + + HEIMDAL May 29, 1998 2 diff --git a/crypto/heimdal/kuser/klist.1 b/crypto/heimdal/kuser/klist.1 index 7676508..296e4fa 100644 --- a/crypto/heimdal/kuser/klist.1 +++ b/crypto/heimdal/kuser/klist.1 @@ -1,4 +1,4 @@ -.\" $Id: klist.1,v 1.6 2000/07/08 20:47:58 joda Exp $ +.\" $Id: klist.1,v 1.8 2001/06/08 21:35:32 joda Exp $ .\" .Dd July 8, 2000 .Dt KLIST 1 @@ -9,8 +9,9 @@ .Sh SYNOPSIS .Nm .Oo Fl c Ar cache \*(Ba Xo -.Fl -cache= Ns Ar cache Oc +.Fl -cache= Ns Ar cache .Xc +.Oc .Op Fl s | Fl t | Fl -test .Op Fl 4 | Fl -v4 .Op Fl T | Fl -tokens diff --git a/crypto/heimdal/kuser/klist.c b/crypto/heimdal/kuser/klist.c index 6bfaeb8..ebeebad 100644 --- a/crypto/heimdal/kuser/klist.c +++ b/crypto/heimdal/kuser/klist.c @@ -34,7 +34,7 @@ #include "kuser_locl.h" #include "rtbl.h" -RCSID("$Id: klist.c,v 1.62 2001/01/25 12:37:01 assar Exp $"); +RCSID("$Id: klist.c,v 1.64 2001/05/11 19:55:13 assar Exp $"); static char* printable_time(time_t t) @@ -275,8 +275,8 @@ print_tickets (krb5_context context, } while (krb5_cc_next_cred (context, ccache, - &creds, - &cursor) == 0) { + &cursor, + &creds) == 0) { if(do_verbose){ print_cred_verbose(context, &creds); }else{ @@ -629,7 +629,7 @@ main (int argc, char **argv) int optind = 0; int exit_status = 0; - set_progname (argv[0]); + setprogname (argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) usage(1); diff --git a/crypto/heimdal/kuser/klist.cat1 b/crypto/heimdal/kuser/klist.cat1 new file mode 100644 index 0000000..20f2c33 --- /dev/null +++ b/crypto/heimdal/kuser/klist.cat1 @@ -0,0 +1,89 @@ + +KLIST(1) UNIX Reference Manual KLIST(1) + +NNAAMMEE + kklliisstt - list Kerberos credentials + +SSYYNNOOPPSSIISS + kklliisstt [--cc _c_a_c_h_e | ----ccaacchhee==_c_a_c_h_e] [--ss | --tt | ----tteesstt] [--44 | ----vv44] [--TT | + ----ttookkeennss] [--55 | ----vv55] [--vv | ----vveerrbboossee] [--ff] [----vveerrssiioonn] [----hheellpp] + +DDEESSCCRRIIPPTTIIOONN + kklliisstt reads and displays the current tickets in the crential cache (also + known as the ticket file). + + Options supported: + + --cc _c_a_c_h_e, ----ccaacchhee==_c_a_c_h_e + credentials cache to list + + --ss, --tt, ----tteesstt + Test for there being an active and valid TGT for the local realm + of the user in the credential cache. + + --44, ----vv44 + display v4 tickets + + --TT, ----ttookkeennss + display AFS tokens + + --55, ----vv55 + display v5 cred cache (this is the default) + + --ff Include ticket flags in short form, each charcted stands for a + specific flag, as follows: + F forwardable + f forwarded + P proxiable + p proxied + D postdate-able + d postdated + R renewable + I initial + i invalid + A pre-authenticated + H hardware authenticated + + This information is also output with the ----vveerrbboossee option, but in + a more verbose way. + + --vv, ----vveerrbboossee + Verbose output. Include all possible information: + + Server + the princial the ticket is for + + Ticket etype + the encryption type use in the ticket, followed by + the key version of the ticket, if it is available + + Session key + the encryption type of the session key, if it's dif- + ferent from the encryption type of the ticket + + Auth time + + the time the authentication exchange took place + + Start time + the time that this tickets is valid from (only print- + ed if it's different from the auth time) + + End time + when the ticket expires, if it has already expired + this is also noted + + Renew till + the maximum possible end time of any ticket derived + from this one + + Ticket flags + the flags set on the ticket + + Addresses + the set of addresses from which this ticket is valid + +SSEEEE AALLSSOO + kinit(1), kdestroy(1) + + HEIMDAL July 8, 2000 2 |