diff options
Diffstat (limited to 'crypto/kerberosIV/kuser/klist.c')
| -rw-r--r-- | crypto/kerberosIV/kuser/klist.c | 395 |
1 files changed, 0 insertions, 395 deletions
diff --git a/crypto/kerberosIV/kuser/klist.c b/crypto/kerberosIV/kuser/klist.c deleted file mode 100644 index 591ebd0..0000000 --- a/crypto/kerberosIV/kuser/klist.c +++ /dev/null @@ -1,395 +0,0 @@ -/* - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Lists your current Kerberos tickets. - * Written by Bill Sommerfeld, MIT Project Athena. - */ - -#include "kuser_locl.h" - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include <sys/ioctl.h> -#endif - -#ifdef HAVE_SYS_IOCCOM_H -#include <sys/ioccom.h> -#endif - -#include <kafs.h> - -#include <parse_time.h> - -RCSID("$Id: klist.c,v 1.44.2.3 2000/10/18 20:38:29 assar Exp $"); - -static int option_verbose = 0; - -static char * -short_date(int32_t dp) -{ - char *cp; - time_t t = (time_t)dp; - - if (t == (time_t)(-1L)) return "*** Never *** "; - cp = ctime(&t) + 4; - cp[15] = '\0'; - return (cp); -} - -/* prints the approximate kdc time differential as something human - readable */ - -static void -print_time_diff(void) -{ - int d = abs(krb_get_kdc_time_diff()); - char buf[80]; - - if ((option_verbose && d > 0) || d > 60) { - unparse_time_approx (d, buf, sizeof(buf)); - printf ("Time diff:\t%s\n", buf); - } -} - -static -int -display_tktfile(char *file, int tgt_test, int long_form) -{ - krb_principal pr; - char buf1[20], buf2[20]; - int k_errno; - CREDENTIALS c; - int header = 1; - - if ((file == NULL) && ((file = getenv("KRBTKFILE")) == NULL)) - file = TKT_FILE; - - if (long_form) - printf("Ticket file: %s\n", file); - - /* - * Since krb_get_tf_realm will return a ticket_file error, - * we will call tf_init and tf_close first to filter out - * things like no ticket file. Otherwise, the error that - * the user would see would be - * klist: can't find realm of ticket file: No ticket file (tf_util) - * instead of - * klist: No ticket file (tf_util) - */ - - /* Open ticket file */ - if ((k_errno = tf_init(file, R_TKT_FIL))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - /* Close ticket file */ - tf_close(); - - /* - * We must find the realm of the ticket file here before calling - * tf_init because since the realm of the ticket file is not - * really stored in the principal section of the file, the - * routine we use must itself call tf_init and tf_close. - */ - if ((k_errno = krb_get_tf_realm(file, pr.realm)) != KSUCCESS) { - if (!tgt_test) - warnx("can't find realm of ticket file: %s", - krb_get_err_text(k_errno)); - return 1; - } - - /* Open ticket file */ - if ((k_errno = tf_init(file, R_TKT_FIL))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - /* Get principal name and instance */ - if ((k_errno = tf_get_pname(pr.name)) || - (k_errno = tf_get_pinst(pr.instance))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - - /* - * You may think that this is the obvious place to get the - * realm of the ticket file, but it can't be done here as the - * routine to do this must open the ticket file. This is why - * it was done before tf_init. - */ - - if (!tgt_test && long_form) { - printf("Principal:\t%s\n", krb_unparse_name(&pr)); - print_time_diff(); - printf("\n"); - } - while ((k_errno = tf_get_cred(&c)) == KSUCCESS) { - if (!tgt_test && long_form && header) { - printf("%-15s %-15s %s%s\n", - " Issued", " Expires", " Principal", - option_verbose ? " (kvno)" : ""); - header = 0; - } - if (tgt_test) { - c.issue_date = krb_life_to_time(c.issue_date, c.lifetime); - if (!strcmp(c.service, KRB_TICKET_GRANTING_TICKET) && - !strcmp(c.instance, pr.realm)) { - if (time(0) < c.issue_date) - return 0; /* tgt hasn't expired */ - else - return 1; /* has expired */ - } - continue; /* not a tgt */ - } - if (long_form) { - struct timeval tv; - strlcpy(buf1, - short_date(c.issue_date), - sizeof(buf1)); - c.issue_date = krb_life_to_time(c.issue_date, c.lifetime); - krb_kdctimeofday(&tv); - if (option_verbose || tv.tv_sec < (unsigned long) c.issue_date) - strlcpy(buf2, - short_date(c.issue_date), - sizeof(buf2)); - else - strlcpy(buf2, - ">>> Expired <<<", - sizeof(buf2)); - printf("%s %s ", buf1, buf2); - } - printf("%s", krb_unparse_name_long(c.service, c.instance, c.realm)); - if(long_form && option_verbose) - printf(" (%d)", c.kvno); - printf("\n"); - } - if (tgt_test) - return 1; /* no tgt found */ - if (header && long_form && k_errno == EOF) { - printf("No tickets in file.\n"); - } - tf_close(); - - if (long_form && krb_get_config_bool("nat_in_use")) { - char realm[REALM_SZ]; - struct in_addr addr; - - printf("-----\nNAT addresses\n"); - - /* Open ticket file (again) */ - if ((k_errno = tf_init(file, R_TKT_FIL))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - - /* Get principal name and instance */ - if ((k_errno = tf_get_pname(pr.name)) || - (k_errno = tf_get_pinst(pr.instance))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - - while ((k_errno = tf_get_cred_addr(realm, sizeof(realm), - &addr)) == KSUCCESS) { - printf("%s: %s\n", realm, inet_ntoa(addr)); - } - tf_close(); - } - - return 0; -} - -/* adapted from getst() in librkb */ -/* - * ok_getst() takes a file descriptor, a string and a count. It reads - * from the file until either it has read "count" characters, or until - * it reads a null byte. When finished, what has been read exists in - * the given string "s". If "count" characters were actually read, the - * last is changed to a null, so the returned string is always null- - * terminated. ok_getst() returns the number of characters read, including - * the null terminator. - * - * If there is a read error, it returns -1 (like the read(2) system call) - */ - -static int -ok_getst(int fd, char *s, int n) -{ - int count = n; - int err; - while ((err = read(fd, s, 1)) > 0 && --count) - if (*s++ == '\0') - return (n - count); - if (err < 0) - return(-1); - *s = '\0'; - return (n - count); -} - -static void -display_tokens(void) -{ - u_int32_t i; - unsigned char t[128]; - struct ViceIoctl parms; - - parms.in = (void *)&i; - parms.in_size = sizeof(i); - parms.out = (void *)t; - parms.out_size = sizeof(t); - - for (i = 0; k_pioctl(NULL, VIOCGETTOK, &parms, 0) == 0; i++) { - int32_t size_secret_tok, size_public_tok; - const char *cell; - struct ClearToken ct; - const unsigned char *r = t; - struct timeval tv; - char buf1[20], buf2[20]; - - memcpy(&size_secret_tok, r, sizeof(size_secret_tok)); - /* dont bother about the secret token */ - r += size_secret_tok + sizeof(size_secret_tok); - memcpy(&size_public_tok, r, sizeof(size_public_tok)); - r += sizeof(size_public_tok); - memcpy(&ct, r, size_public_tok); - r += size_public_tok; - /* there is a int32_t with length of cellname, but we dont read it */ - r += sizeof(int32_t); - cell = (const char *)r; - - krb_kdctimeofday (&tv); - strlcpy (buf1, short_date(ct.BeginTimestamp), sizeof(buf1)); - if (option_verbose || tv.tv_sec < ct.EndTimestamp) - strlcpy (buf2, short_date(ct.EndTimestamp), sizeof(buf2)); - else - strlcpy (buf2, ">>> Expired <<<", sizeof(buf2)); - - printf("%s %s ", buf1, buf2); - - if ((ct.EndTimestamp - ct.BeginTimestamp) & 1) - printf("User's (AFS ID %d) tokens for %s", ct.ViceId, cell); - else - printf("Tokens for %s", cell); - if (option_verbose) - printf(" (%d)", ct.AuthHandle); - putchar('\n'); - } -} - -static void -display_srvtab(char *file) -{ - int stab; - char serv[SNAME_SZ]; - char inst[INST_SZ]; - char rlm[REALM_SZ]; - unsigned char key[8]; - unsigned char vno; - int count; - - printf("Server key file: %s\n", file); - - if ((stab = open(file, O_RDONLY, 0400)) < 0) { - perror(file); - exit(1); - } - printf("%-15s %-15s %-10s %s\n","Service","Instance","Realm", - "Key Version"); - printf("------------------------------------------------------\n"); - - /* argh. getst doesn't return error codes, it silently fails */ - while (((count = ok_getst(stab, serv, SNAME_SZ)) > 0) - && ((count = ok_getst(stab, inst, INST_SZ)) > 0) - && ((count = ok_getst(stab, rlm, REALM_SZ)) > 0)) { - if (((count = read(stab, &vno,1)) != 1) || - ((count = read(stab, key,8)) != 8)) { - if (count < 0) - err(1, "reading from key file"); - else - errx(1, "key file truncated"); - } - printf("%-15s %-15s %-15s %d\n",serv,inst,rlm,vno); - } - if (count < 0) - warn("%s", file); - close(stab); -} - -static void -usage(void) -{ - fprintf(stderr, - "Usage: %s [ -v | -s | -t ] [ -f filename ] [-tokens] [-srvtab ]\n", - __progname); - exit(1); -} - -/* ARGSUSED */ -int -main(int argc, char **argv) -{ - int long_form = 1; - int tgt_test = 0; - int do_srvtab = 0; - int do_tokens = 0; - char *tkt_file = NULL; - int eval; - - set_progname(argv[0]); - - while (*(++argv)) { - if (!strcmp(*argv, "-v")) { - option_verbose = 1; - continue; - } - if (!strcmp(*argv, "-s")) { - long_form = 0; - continue; - } - if (!strcmp(*argv, "-t")) { - tgt_test = 1; - long_form = 0; - continue; - } - if (strcmp(*argv, "-tokens") == 0 - || strcmp(*argv, "-T") == 0) { - do_tokens = k_hasafs(); - continue; - } - if (!strcmp(*argv, "-l")) { /* now default */ - continue; - } - if (!strncmp(*argv, "-f", 2)) { - if (*(++argv)) { - tkt_file = *argv; - continue; - } else - usage(); - } - if (!strcmp(*argv, "-srvtab")) { - if (tkt_file == NULL) /* if no other file spec'ed, - set file to default srvtab */ - tkt_file = (char *)KEYFILE; - do_srvtab = 1; - continue; - } - usage(); - } - - eval = 0; - if (do_srvtab) - display_srvtab(tkt_file); - else - eval = display_tktfile(tkt_file, tgt_test, long_form); - if (long_form && do_tokens){ - printf("\nAFS tokens:\n"); - display_tokens(); - } - exit(eval); -} |
