From ebfe6dc471c206300fd82c7c0fd145f683aa52f6 Mon Sep 17 00:00:00 2001 From: assar Date: Tue, 13 Feb 2001 16:46:19 +0000 Subject: import of heimdal 0.3e --- crypto/heimdal/kuser/Makefile.am | 10 +- crypto/heimdal/kuser/Makefile.in | 386 +++++++++++++------------------ crypto/heimdal/kuser/generate-requests.c | 151 ++++++++++++ crypto/heimdal/kuser/kdecode_ticket.c | 10 +- crypto/heimdal/kuser/kdestroy.c | 6 +- crypto/heimdal/kuser/kgetcred.c | 6 +- crypto/heimdal/kuser/kinit.1 | 120 ++++++---- crypto/heimdal/kuser/kinit.c | 265 +++++++++++++++++---- crypto/heimdal/kuser/klist.1 | 94 +++++++- crypto/heimdal/kuser/klist.c | 348 +++++++++++++++++++++++----- crypto/heimdal/kuser/kverify.c | 8 +- 11 files changed, 1016 insertions(+), 388 deletions(-) create mode 100644 crypto/heimdal/kuser/generate-requests.c (limited to 'crypto/heimdal/kuser') diff --git a/crypto/heimdal/kuser/Makefile.am b/crypto/heimdal/kuser/Makefile.am index 4faed9a..f3900ff 100644 --- a/crypto/heimdal/kuser/Makefile.am +++ b/crypto/heimdal/kuser/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am,v 1.25 1999/09/21 05:12:29 assar Exp $ +# $Id: Makefile.am,v 1.27 2000/11/15 22:51:13 assar Exp $ include $(top_srcdir)/Makefile.am.common @@ -12,7 +12,7 @@ kinit_SOURCES = kinit.c kinit_options.c kauth_SOURCES = kinit.c kauth_options.c -noinst_PROGRAMS = kverify kdecode_ticket +noinst_PROGRAMS = kverify kdecode_ticket generate-requests CHECK_LOCAL = $(bin_PROGRAMS) @@ -20,7 +20,7 @@ kauth_LDADD = \ $(LIB_kafs) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_krb4) \ - $(top_builddir)/lib/des/libdes.la \ + $(LIB_des) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) @@ -32,6 +32,6 @@ klist_LDADD = $(kauth_LDADD) LDADD = \ $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/des/libdes.la \ - $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_des) \ + $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) diff --git a/crypto/heimdal/kuser/Makefile.in b/crypto/heimdal/kuser/Makefile.in index 06ec4716..40ab2b6 100644 --- a/crypto/heimdal/kuser/Makefile.in +++ b/crypto/heimdal/kuser/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.25 1999/09/21 05:12:29 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.27 2000/11/15 22:51:13 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,24 +170,20 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(bin_PROGRAMS) @@ -181,9 +195,15 @@ kinit_SOURCES = kinit.c kinit_options.c kauth_SOURCES = kinit.c kauth_options.c -noinst_PROGRAMS = kverify kdecode_ticket +noinst_PROGRAMS = kverify kdecode_ticket generate-requests -kauth_LDADD = $(LIB_kafs) $(top_builddir)/lib/krb5/libkrb5.la $(LIB_krb4) $(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la $(LIB_roken) +kauth_LDADD = \ + $(LIB_kafs) \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(LIB_krb4) \ + $(LIB_des) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_roken) kinit_LDADD = $(kauth_LDADD) @@ -192,101 +212,108 @@ kdestroy_LDADD = $(kauth_LDADD) klist_LDADD = $(kauth_LDADD) -LDADD = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la $(LIB_roken) +LDADD = \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(LIB_des) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_roken) +subdir = kuser mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../include/config.h CONFIG_CLEAN_FILES = bin_PROGRAMS = kinit$(EXEEXT) kauth$(EXEEXT) klist$(EXEEXT) \ kdestroy$(EXEEXT) kgetcred$(EXEEXT) -noinst_PROGRAMS = kverify$(EXEEXT) kdecode_ticket$(EXEEXT) +noinst_PROGRAMS = kverify$(EXEEXT) kdecode_ticket$(EXEEXT) \ +generate-requests$(EXEEXT) PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) DEFS = @DEFS@ -I. -I$(srcdir) -I../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ -kinit_OBJECTS = kinit.$(OBJEXT) kinit_options.$(OBJEXT) -@KRB4_TRUE@kinit_DEPENDENCIES = $(top_builddir)/lib/kafs/libkafs.la \ -@KRB4_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la -@KRB4_FALSE@kinit_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ +generate_requests_SOURCES = generate-requests.c +generate_requests_OBJECTS = generate-requests.$(OBJEXT) +generate_requests_LDADD = $(LDADD) +generate_requests_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la +generate_requests_LDFLAGS = +am_kauth_OBJECTS = kinit.$(OBJEXT) kauth_options.$(OBJEXT) +kauth_OBJECTS = $(am_kauth_OBJECTS) +@KRB4_FALSE@kauth_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la -kinit_LDFLAGS = -kauth_OBJECTS = kinit.$(OBJEXT) kauth_options.$(OBJEXT) @KRB4_TRUE@kauth_DEPENDENCIES = $(top_builddir)/lib/kafs/libkafs.la \ @KRB4_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ @KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la -@KRB4_FALSE@kauth_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la kauth_LDFLAGS = -klist_SOURCES = klist.c -klist_OBJECTS = klist.$(OBJEXT) -@KRB4_TRUE@klist_DEPENDENCIES = $(top_builddir)/lib/kafs/libkafs.la \ -@KRB4_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la -@KRB4_FALSE@klist_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la -klist_LDFLAGS = +kdecode_ticket_SOURCES = kdecode_ticket.c +kdecode_ticket_OBJECTS = kdecode_ticket.$(OBJEXT) +kdecode_ticket_LDADD = $(LDADD) +kdecode_ticket_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la +kdecode_ticket_LDFLAGS = kdestroy_SOURCES = kdestroy.c kdestroy_OBJECTS = kdestroy.$(OBJEXT) +@KRB4_FALSE@kdestroy_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la @KRB4_TRUE@kdestroy_DEPENDENCIES = $(top_builddir)/lib/kafs/libkafs.la \ @KRB4_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ @KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la -@KRB4_FALSE@kdestroy_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la kdestroy_LDFLAGS = kgetcred_SOURCES = kgetcred.c kgetcred_OBJECTS = kgetcred.$(OBJEXT) kgetcred_LDADD = $(LDADD) kgetcred_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la +$(top_builddir)/lib/asn1/libasn1.la kgetcred_LDFLAGS = +am_kinit_OBJECTS = kinit.$(OBJEXT) kinit_options.$(OBJEXT) +kinit_OBJECTS = $(am_kinit_OBJECTS) +@KRB4_FALSE@kinit_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_TRUE@kinit_DEPENDENCIES = $(top_builddir)/lib/kafs/libkafs.la \ +@KRB4_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la +kinit_LDFLAGS = +klist_SOURCES = klist.c +klist_OBJECTS = klist.$(OBJEXT) +@KRB4_FALSE@klist_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_TRUE@klist_DEPENDENCIES = $(top_builddir)/lib/kafs/libkafs.la \ +@KRB4_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la +klist_LDFLAGS = kverify_SOURCES = kverify.c kverify_OBJECTS = kverify.$(OBJEXT) kverify_LDADD = $(LDADD) kverify_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la +$(top_builddir)/lib/asn1/libasn1.la kverify_LDFLAGS = -kdecode_ticket_SOURCES = kdecode_ticket.c -kdecode_ticket_OBJECTS = kdecode_ticket.$(OBJEXT) -kdecode_ticket_LDADD = $(LDADD) -kdecode_ticket_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la -kdecode_ticket_LDFLAGS = -CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = generate-requests.c $(kauth_SOURCES) kdecode_ticket.c \ +kdestroy.c kgetcred.c $(kinit_SOURCES) klist.c kverify.c man1dir = $(mandir)/man1 MANS = $(man_MANS) +depcomp = DIST_COMMON = Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best -SOURCES = $(kinit_SOURCES) $(kauth_SOURCES) klist.c kdestroy.c kgetcred.c kverify.c kdecode_ticket.c -OBJECTS = $(kinit_OBJECTS) $(kauth_OBJECTS) klist.$(OBJEXT) kdestroy.$(OBJEXT) kgetcred.$(OBJEXT) kverify.$(OBJEXT) kdecode_ticket.$(OBJEXT) +SOURCES = generate-requests.c $(kauth_SOURCES) kdecode_ticket.c kdestroy.c kgetcred.c $(kinit_SOURCES) klist.c kverify.c +OBJECTS = generate-requests.$(OBJEXT) $(am_kauth_OBJECTS) kdecode_ticket.$(OBJEXT) kdestroy.$(OBJEXT) kgetcred.$(OBJEXT) $(am_kinit_OBJECTS) klist.$(OBJEXT) kverify.$(OBJEXT) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign kuser/Makefile @@ -309,15 +336,18 @@ install-binPROGRAMS: $(bin_PROGRAMS) $(mkinstalldirs) $(DESTDIR)$(bindir) @list='$(bin_PROGRAMS)'; for p in $$list; do \ if test -f $$p; then \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \ else :; fi; \ done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - list='$(bin_PROGRAMS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " rm -f $(DESTDIR)$(bindir)/$$f"; \ + rm -f $(DESTDIR)$(bindir)/$$f; \ done mostlyclean-noinstPROGRAMS: @@ -329,20 +359,6 @@ distclean-noinstPROGRAMS: maintainer-clean-noinstPROGRAMS: -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -354,15 +370,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -373,17 +380,17 @@ distclean-libtool: maintainer-clean-libtool: -kinit$(EXEEXT): $(kinit_OBJECTS) $(kinit_DEPENDENCIES) - @rm -f kinit$(EXEEXT) - $(LINK) $(kinit_LDFLAGS) $(kinit_OBJECTS) $(kinit_LDADD) $(LIBS) +generate-requests$(EXEEXT): $(generate_requests_OBJECTS) $(generate_requests_DEPENDENCIES) + @rm -f generate-requests$(EXEEXT) + $(LINK) $(generate_requests_LDFLAGS) $(generate_requests_OBJECTS) $(generate_requests_LDADD) $(LIBS) kauth$(EXEEXT): $(kauth_OBJECTS) $(kauth_DEPENDENCIES) @rm -f kauth$(EXEEXT) $(LINK) $(kauth_LDFLAGS) $(kauth_OBJECTS) $(kauth_LDADD) $(LIBS) -klist$(EXEEXT): $(klist_OBJECTS) $(klist_DEPENDENCIES) - @rm -f klist$(EXEEXT) - $(LINK) $(klist_LDFLAGS) $(klist_OBJECTS) $(klist_LDADD) $(LIBS) +kdecode_ticket$(EXEEXT): $(kdecode_ticket_OBJECTS) $(kdecode_ticket_DEPENDENCIES) + @rm -f kdecode_ticket$(EXEEXT) + $(LINK) $(kdecode_ticket_LDFLAGS) $(kdecode_ticket_OBJECTS) $(kdecode_ticket_LDADD) $(LIBS) kdestroy$(EXEEXT): $(kdestroy_OBJECTS) $(kdestroy_DEPENDENCIES) @rm -f kdestroy$(EXEEXT) @@ -393,13 +400,23 @@ kgetcred$(EXEEXT): $(kgetcred_OBJECTS) $(kgetcred_DEPENDENCIES) @rm -f kgetcred$(EXEEXT) $(LINK) $(kgetcred_LDFLAGS) $(kgetcred_OBJECTS) $(kgetcred_LDADD) $(LIBS) +kinit$(EXEEXT): $(kinit_OBJECTS) $(kinit_DEPENDENCIES) + @rm -f kinit$(EXEEXT) + $(LINK) $(kinit_LDFLAGS) $(kinit_OBJECTS) $(kinit_LDADD) $(LIBS) + +klist$(EXEEXT): $(klist_OBJECTS) $(klist_DEPENDENCIES) + @rm -f klist$(EXEEXT) + $(LINK) $(klist_LDFLAGS) $(klist_OBJECTS) $(klist_LDADD) $(LIBS) + kverify$(EXEEXT): $(kverify_OBJECTS) $(kverify_DEPENDENCIES) @rm -f kverify$(EXEEXT) $(LINK) $(kverify_LDFLAGS) $(kverify_OBJECTS) $(kverify_LDADD) $(LIBS) - -kdecode_ticket$(EXEEXT): $(kdecode_ticket_OBJECTS) $(kdecode_ticket_DEPENDENCIES) - @rm -f kdecode_ticket$(EXEEXT) - $(LINK) $(kdecode_ticket_LDFLAGS) $(kdecode_ticket_OBJECTS) $(kdecode_ticket_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< install-man1: $(mkinstalldirs) $(DESTDIR)$(man1dir) @@ -414,6 +431,7 @@ install-man1: else file=$$i; fi; \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst"; \ $(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst; \ @@ -429,6 +447,7 @@ uninstall-man1: for i in $$list; do \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ echo " rm -f $(DESTDIR)$(man1dir)/$$inst"; \ rm -f $(DESTDIR)$(man1dir)/$$inst; \ @@ -442,23 +461,27 @@ uninstall-man: tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -471,17 +494,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = kuser - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -510,7 +532,7 @@ uninstall: uninstall-am all-am: Makefile $(PROGRAMS) $(MANS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1 @@ -524,6 +546,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-binPROGRAMS mostlyclean-noinstPROGRAMS \ mostlyclean-compile mostlyclean-libtool \ mostlyclean-tags mostlyclean-generic @@ -564,8 +587,9 @@ clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ check-local check check-am installcheck-am installcheck install-exec-am \ install-exec install-data-local install-data-am install-data install-am \ install uninstall-am uninstall all-local all-redirect all-am all \ -installdirs mostlyclean-generic distclean-generic clean-generic \ -maintainer-clean-generic clean mostlyclean distclean maintainer-clean +install-strip installdirs mostlyclean-generic distclean-generic \ +clean-generic maintainer-clean-generic clean mostlyclean distclean \ +maintainer-clean install-suid-programs: @@ -573,7 +597,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -585,8 +612,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -655,87 +682,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/kuser/generate-requests.c b/crypto/heimdal/kuser/generate-requests.c new file mode 100644 index 0000000..f7f5dd1 --- /dev/null +++ b/crypto/heimdal/kuser/generate-requests.c @@ -0,0 +1,151 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kuser_locl.h" + +RCSID("$Id: generate-requests.c,v 1.2 2000/12/31 07:49:27 assar Exp $"); + +static krb5_error_code +null_key_proc (krb5_context context, + krb5_enctype type, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key) +{ + return ENOTTY; +} + +static unsigned +read_words (const char *filename, char ***ret_w) +{ + unsigned n, alloc; + FILE *f; + char buf[256]; + char **w = NULL; + + f = fopen (filename, "r"); + if (f == NULL) + err (1, "cannot open %s", filename); + alloc = n = 0; + while (fgets (buf, sizeof(buf), f) != NULL) { + if (buf[strlen (buf) - 1] == '\n') + buf[strlen (buf) - 1] = '\0'; + if (n >= alloc) { + alloc += 16; + w = erealloc (w, alloc * sizeof(char **)); + } + w[n++] = estrdup (buf); + } + *ret_w = w; + return n; +} + +static void +generate_requests (const char *filename, unsigned nreq) +{ + krb5_context context; + krb5_error_code ret; + krb5_creds cred; + int i; + char **words; + unsigned nwords; + + ret = krb5_init_context (&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + nwords = read_words (filename, &words); + + for (i = 0; i < nreq; ++i) { + char *name = words[rand() % nwords]; + krb5_realm *client_realm; + + memset(&cred, 0, sizeof(cred)); + + ret = krb5_parse_name (context, name, &cred.client); + if (ret) + krb5_err (context, 1, ret, "krb5_parse_name %s", name); + client_realm = krb5_princ_realm (context, cred.client); + + ret = krb5_make_principal(context, &cred.server, *client_realm, + KRB5_TGS_NAME, *client_realm, NULL); + if (ret) + krb5_err (context, 1, ret, "krb5_make_principal"); + + ret = krb5_get_in_cred (context, 0, NULL, NULL, NULL, NULL, + null_key_proc, NULL, NULL, NULL, + &cred, NULL); + krb5_free_creds_contents (context, &cred); + } +} + +static int version_flag = 0; +static int help_flag = 0; + +static struct getargs args[] = { + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + "file number"); + exit (ret); +} + +int +main(int argc, char **argv) +{ + int optind = 0; + int nreq; + char *end; + + set_progname(argv[0]); + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) + usage(1); + argc -= optind; + argv += optind; + + if (argc != 2) + usage (1); + srand (0); + nreq = strtol (argv[1], &end, 0); + if (argv[1] == end || *end != '\0') + usage (1); + generate_requests (argv[0], nreq); + return 0; +} diff --git a/crypto/heimdal/kuser/kdecode_ticket.c b/crypto/heimdal/kuser/kdecode_ticket.c index dd365dc..499a3e9 100644 --- a/crypto/heimdal/kuser/kdecode_ticket.c +++ b/crypto/heimdal/kuser/kdecode_ticket.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kuser_locl.h" -RCSID("$Id: kdecode_ticket.c,v 1.2 1999/12/02 17:05:00 joda Exp $"); +RCSID("$Id: kdecode_ticket.c,v 1.4 2000/12/31 07:50:19 assar Exp $"); static char *etype_str; static int version_flag; @@ -61,7 +61,9 @@ print_and_decode_tkt (krb5_context context, if (ret) krb5_err (context, 1, ret, "krb5_string_to_key"); - krb5_crypto_init(context, &key, 0, &crypto); + ret = krb5_crypto_init(context, &key, 0, &crypto); + if (ret) + krb5_err (context, 1, ret, "krb5_crypto_init"); ret = krb5_decrypt_EncryptedData (context, crypto, KRB5_KU_TICKET, &tkt.enc_part, &dec_data); @@ -105,7 +107,7 @@ main(int argc, char **argv) ret = krb5_init_context (&context); if (ret) - errx(1, "krb5_init_context failed: %u", ret); + errx(1, "krb5_init_context failed: %d", ret); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) usage(1); diff --git a/crypto/heimdal/kuser/kdestroy.c b/crypto/heimdal/kuser/kdestroy.c index 632d02e..847c50e 100644 --- a/crypto/heimdal/kuser/kdestroy.c +++ b/crypto/heimdal/kuser/kdestroy.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,7 +32,7 @@ */ #include "kuser_locl.h" -RCSID("$Id: kdestroy.c,v 1.11 1999/12/02 17:05:01 joda Exp $"); +RCSID("$Id: kdestroy.c,v 1.12 2000/12/31 07:51:09 assar Exp $"); static const char *cache; static int help_flag; @@ -89,7 +89,7 @@ main (int argc, char **argv) ret = krb5_init_context (&context); if (ret) - errx (1, "krb5_init_context: %s", krb5_get_err_text(context, ret)); + errx (1, "krb5_init_context failed: %d", ret); if(cache == NULL) cache = krb5_cc_default_name(context); diff --git a/crypto/heimdal/kuser/kgetcred.c b/crypto/heimdal/kuser/kgetcred.c index 644e69e..a2b3b27 100644 --- a/crypto/heimdal/kuser/kgetcred.c +++ b/crypto/heimdal/kuser/kgetcred.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kuser_locl.h" -RCSID("$Id: kgetcred.c,v 1.3 1999/12/02 17:05:01 joda Exp $"); +RCSID("$Id: kgetcred.c,v 1.4 2000/12/31 07:52:59 assar Exp $"); static char *etype_str; static int version_flag; @@ -69,7 +69,7 @@ main(int argc, char **argv) ret = krb5_init_context (&context); if (ret) - errx(1, "krb5_init_context failed: %u", ret); + errx(1, "krb5_init_context failed: %d", ret); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) usage(1); diff --git a/crypto/heimdal/kuser/kinit.1 b/crypto/heimdal/kuser/kinit.1 index 749798a..37d7390 100644 --- a/crypto/heimdal/kuser/kinit.1 +++ b/crypto/heimdal/kuser/kinit.1 @@ -1,4 +1,4 @@ -.\" $Id: kinit.1,v 1.4 2000/02/01 14:12:13 joda Exp $ +.\" $Id: kinit.1,v 1.8 2001/01/28 21:44:56 assar Exp $ .\" .Dd May 29, 1998 .Dt KINIT 1 @@ -10,38 +10,38 @@ acquire initial tickets .Sh SYNOPSIS .Nm kinit -.Op Fl 4 -.Op Fl -524init +.Op Fl 4 | Fl -524init .Op Fl -afslog -.Op Fl c Ar cachename -.Op Fl -cache= Ns Ar cachename -.Op Fl c Ar cachename -.Op Fl -cache= Ns Ar cachename -.Op Fl f -.Op Fl -forwardable -.Op Fl t Ar keytabname -.Op Fl -keytab= Ns Ar keytabname -.Op Fl l Ar seconds -.Op Fl -lifetime= Ns Ar seconds -.Op Fl p -.Op Fl -proxiable -.Op Fl R -.Op Fl -renew +.Oo Fl c Ar cachename \*(Ba Xo +.Fl -cache= Ns Ar cachename Oc +.Xc +.Op Fl f | Fl -forwardable +.Oo Fl t Ar keytabname \*(Ba Xo +.Fl -keytab= Ns Ar keytabname Oc +.Xc +.Oo Fl l Ar time \*(Ba Xo +.Fl -lifetime= Ns Ar time Oc +.Xc +.Op Fl p | Fl -proxiable +.Op Fl R | Fl -renew .Op Fl -renewable -.Op Fl r Ar seconds -.Op Fl -renewable-life= Ns Ar seconds -.Op Fl S Ar principal -.Op Fl -server= Ns Ar principal -.Op Fl s Ar seconds -.Op Fl -start-time= Ns Ar seconds -.Op Fl k -.Op Fl -use-keytab -.Op Fl v -.Op Fl -validate -.Op Fl e -.Op Fl -enctypes= Ns Ar enctypes -.Op Fl -fcache-version= Ns Ar version +.Oo Fl r Ar time \*(Ba Xo +.Fl -renewable-life= Ns Ar time Oc +.Xc +.Oo Fl S Ar principal \*(Ba Xo +.Fl -server= Ns Ar principal Oc +.Xc +.Oo Fl s Ar time \*(Ba Xo +.Fl -start-time= Ns Ar time Oc +.Xc +.Op Fl k | Fl -use-keytab +.Op Fl v | Fl -validate +.Oo Fl e Ar enctype \*(Ba Xo +.Fl -enctypes= Ns Ar enctype Oc +.Xc +.Op Fl -fcache-version= Ns Ar integer .Op Fl -no-addresses +.Op Fl -anonymous .Op Fl -version .Op Fl -help .Op Ar principal @@ -49,9 +49,15 @@ acquire initial tickets .Nm is used to authenticate to the kerberos server as .Ar principal , -or if none is given, a system generated default, and acquire a ticket -granting ticket that can later be used to obtain tickets for other -services. +or if none is given, a system generated default (typically your login +name at the default realm), and acquire a ticket granting ticket that +can later be used to obtain tickets for other services. +.Pp +If you have compiled kinit with Kerberos 4 support and you have a +Kerberos 4 server, +.Nm +will detect this and get you Kerberos 4 tickets. +.Pp Supported options: .Bl -tag -width Ds .It Xo @@ -72,10 +78,12 @@ Get ticket that can be forwarded to another host. Don't ask for a password, but instead get the key from the specified keytab. .It Xo -.Fl l Ar seconds Ns , -.Fl -lifetime= Ns Ar seconds +.Fl l Ar time Ns , +.Fl -lifetime= Ns Ar time .Xc -Specifies the lifetime of the ticket. +Specifies the lifetime of the ticket. The argument can either be in +seconds, or a more human readable string like +.Sq 1h . .It Xo .Fl p Ns , .Fl -proxiable @@ -93,8 +101,8 @@ The same as .Fl -renewable-life , with an infinite time. .It Xo -.Fl r Ar seconds Ns , -.Fl -renewable-life= Ns Ar seconds +.Fl r Ar time Ns , +.Fl -renewable-life= Ns Ar time .Xc The max renewable ticket life. .It Xo @@ -103,10 +111,14 @@ The max renewable ticket life. .Xc Get a ticket for a service other than krbtgt/LOCAL.REALM. .It Xo -.Fl s Ar seconds Ns , -.Fl -start-time= Ns Ar seconds +.Fl s Ar time Ns , +.Fl -start-time= Ns Ar time .Xc -Start time of ticket, if other than the current time. +Obtain a ticket that starts to be valid +.Ar time +(which can really be a generic time specification, like +.Sq 1h ) +seconds into the future. .It Xo .Fl k Ns , .Fl -use-keytab @@ -134,8 +146,14 @@ Create a credentials cache of version .Fl -no-addresses .Xc Request a ticket with no addresses. +.It Xo +.Fl -anonymous +.Xc +Request an anonymous ticket (which means that the ticket will be +issued to an anonymous principal, typically +.Dq anonymous@REALM). .El - +.Pp The following options are only available if .Nm has been compiled with support for Kerberos 4. The @@ -149,13 +167,24 @@ default. .Fl 4 Ns , .Fl -524init .Xc -Try to convert the obtained krbtgt to a version 4 compatible +Try to convert the obtained Kerberos 5 krbtgt to a version 4 compatible ticket. It will store this ticket in the default Kerberos 4 ticket file. .It Fl -afslog Gets AFS tickets, converts them to version 4 format, and stores them in the kernel. Only useful if you have AFS. .El +.Pp +The +.Ar forwardable , +.Ar proxiable , +.Ar ticket_life , +and +.Ar renewable_life +options can be set to a default value from the +.Dv appdefaults +section in krb5.conf, see +.Xr krb5_appdefault 3 . .Sh ENVIRONMENT .Bl -tag -width Ds .It Ev KRB5CCNAME @@ -172,9 +201,10 @@ Specifies the Kerberos 4 ticket file to store version 4 tickets in. .\".Sh EXAMPLES .\".Sh DIAGNOSTICS .Sh SEE ALSO -.Xr krb5.conf 5 , +.Xr kdestroy 1 , .Xr klist 1 , -.Xr kdestroy 1 +.Xr krb5.conf 5 , +.Xr krb5_appdefault 3 .\".Sh STANDARDS .\".Sh HISTORY .\".Sh AUTHORS diff --git a/crypto/heimdal/kuser/kinit.c b/crypto/heimdal/kuser/kinit.c index 35b493a..be2857c 100644 --- a/crypto/heimdal/kuser/kinit.c +++ b/crypto/heimdal/kuser/kinit.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,16 +32,142 @@ */ #include "kuser_locl.h" -RCSID("$Id: kinit.c,v 1.60 2000/02/01 14:06:33 joda Exp $"); +RCSID("$Id: kinit.c,v 1.69 2001/01/05 16:32:55 joda Exp $"); -int forwardable = 0; -int proxiable = 0; -int renewable = 0; +#ifdef KRB4 +/* for when the KDC tells us it's a v4 one, we try to talk that */ + +static int +key_to_key(const char *user, + char *instance, + const char *realm, + const void *arg, + des_cblock *key) +{ + memcpy(key, arg, sizeof(des_cblock)); + return 0; +} + +static int +do_v4_fallback (krb5_context context, + const krb5_principal principal, + int lifetime, + int use_srvtab, const char *srvtab_str, + char *passwd, size_t passwd_size) +{ + int ret; + krb_principal princ; + des_cblock key; + krb5_error_code kret; + + if (lifetime == 0) + lifetime = DEFAULT_TKT_LIFE; + else + lifetime = krb_time_to_life (0, lifetime); + + kret = krb5_524_conv_principal (context, principal, + princ.name, + princ.instance, + princ.realm); + if (kret) { + krb5_warn (context, kret, "krb5_524_conv_principal"); + return 1; + } + + if (use_srvtab || srvtab_str) { + if (srvtab_str == NULL) + srvtab_str = KEYFILE; + + ret = read_service_key (princ.name, princ.instance, princ.realm, + 0, srvtab_str, (char *)&key); + if (ret) { + warnx ("read_service_key %s: %s", srvtab_str, + krb_get_err_text (ret)); + return 1; + } + ret = krb_get_in_tkt (princ.name, princ.instance, princ.realm, + KRB_TICKET_GRANTING_TICKET, princ.realm, + lifetime, key_to_key, NULL, key); + } else { + ret = krb_get_pw_in_tkt2(princ.name, princ.instance, princ.realm, + KRB_TICKET_GRANTING_TICKET, princ.realm, + lifetime, passwd, &key); + } + memset (passwd, 0, passwd_size); + memset (key, 0, sizeof(key)); + if (ret) { + warnx ("%s", krb_get_err_text(ret)); + return 1; + } + if (k_hasafs()) { + if ((ret = krb_afslog(NULL, NULL)) != 0 && ret != KDC_PR_UNKNOWN) { + if(ret > 0) + warnx ("%s", krb_get_err_text(ret)); + else + warnx ("failed to store AFS token"); + } + } + return 0; +} + + +/* + * the special version of get_default_principal that takes v4 into account + */ + +static krb5_error_code +kinit_get_default_principal (krb5_context context, + krb5_principal *princ) +{ + krb5_error_code ret; + krb5_ccache id; + krb_principal v4_princ; + int kret; + + ret = krb5_cc_default (context, &id); + if (ret == 0) { + ret = krb5_cc_get_principal (context, id, princ); + krb5_cc_close (context, id); + if (ret == 0) + return 0; + } + + kret = krb_get_tf_fullname (tkt_string(), + v4_princ.name, + v4_princ.instance, + v4_princ.realm); + if (kret == KSUCCESS) { + ret = krb5_425_conv_principal (context, + v4_princ.name, + v4_princ.instance, + v4_princ.realm, + princ); + if (ret == 0) + return 0; + } + return krb5_get_default_principal (context, princ); +} + +#else /* !KRB4 */ + +static krb5_error_code +kinit_get_default_principal (krb5_context context, + krb5_principal *princ) +{ + return krb5_get_default_principal (context, princ); +} + +#endif /* !KRB4 */ + +int forwardable_flag = -1; +int proxiable_flag = -1; +int renewable_flag = -1; int renew_flag = 0; int validate_flag = 0; int version_flag = 0; int help_flag = 0; int addrs_flag = 1; +int anonymous_flag = 0; char *lifetime = NULL; char *renew_life = NULL; char *server = NULL; @@ -56,7 +182,7 @@ extern int get_v4_tgt; #endif int fcache_version; -struct getargs args[] = { +static struct getargs args[] = { #ifdef KRB4 { "524init", '4', arg_flag, &get_v4_tgt, "obtain version 4 TGT" }, @@ -67,32 +193,32 @@ struct getargs args[] = { { "cache", 'c', arg_string, &cred_cache, "credentials cache", "cachename" }, - { "forwardable", 'f', arg_flag, &forwardable, + { "forwardable", 'f', arg_flag, &forwardable_flag, "get forwardable tickets"}, { "keytab", 't', arg_string, &keytab_str, "keytab to use", "keytabname" }, { "lifetime", 'l', arg_string, &lifetime, - "lifetime of tickets", "seconds"}, + "lifetime of tickets", "time"}, - { "proxiable", 'p', arg_flag, &proxiable, + { "proxiable", 'p', arg_flag, &proxiable_flag, "get proxiable tickets" }, { "renew", 'R', arg_flag, &renew_flag, "renew TGT" }, - { "renewable", 0, arg_flag, &renewable, + { "renewable", 0, arg_flag, &renewable_flag, "get renewable tickets" }, { "renewable-life", 'r', arg_string, &renew_life, - "renewable lifetime of tickets", "seconds" }, + "renewable lifetime of tickets", "time" }, { "server", 'S', arg_string, &server, "server to get ticket for", "principal" }, { "start-time", 's', arg_string, &start_str, - "when ticket gets valid", "seconds" }, + "when ticket gets valid", "time" }, { "use-keytab", 'k', arg_flag, &use_keytab, "get key from keytab" }, @@ -101,7 +227,7 @@ struct getargs args[] = { "validate TGT" }, { "enctypes", 'e', arg_strings, &etype_str, - "encryption type to use", "enctype" }, + "encryption types to use", "enctypes" }, { "fcache-version", 0, arg_integer, &fcache_version, "file cache version to create" }, @@ -109,6 +235,9 @@ struct getargs args[] = { { "addresses", 0, arg_negative_flag, &addrs_flag, "request a ticket with no addresses" }, + { "anonymous", 0, arg_flag, &anonymous_flag, + "request an anonymous ticket" }, + { "version", 0, arg_flag, &version_flag }, { "help", 0, arg_flag, &help_flag } }; @@ -159,10 +288,11 @@ renew_validate(krb5_context context, } } flags.i = 0; - flags.b.renewable = flags.b.renew = renew; - flags.b.validate = validate; - flags.b.forwardable = forwardable; - flags.b.proxiable = proxiable; + flags.b.renewable = flags.b.renew = renew; + flags.b.validate = validate; + flags.b.forwardable = forwardable_flag; + flags.b.proxiable = proxiable_flag; + flags.b.request_anonymous = anonymous_flag; if(life) in.times.endtime = time(NULL) + life; @@ -207,18 +337,22 @@ main (int argc, char **argv) krb5_deltat start_time = 0; krb5_deltat ticket_life = 0; krb5_addresses no_addrs; + char passwd[256]; set_progname (argv[0]); memset(&cred, 0, sizeof(cred)); ret = krb5_init_context (&context); if (ret) - errx(1, "krb5_init_context failed: %u", ret); + errx(1, "krb5_init_context failed: %d", ret); - forwardable = krb5_config_get_bool (context, NULL, - "libdefaults", - "forwardable", - NULL); + /* XXX no way to figure out if set without explict test */ + if(krb5_config_get_string(context, NULL, "libdefaults", + "forwardable", NULL)) + forwardable_flag = krb5_config_get_bool (context, NULL, + "libdefaults", + "forwardable", + NULL); #ifdef KRB4 get_v4_tgt = krb5_config_get_bool_default (context, NULL, @@ -239,6 +373,22 @@ main (int argc, char **argv) exit(0); } + argc -= optind; + argv += optind; + + if (argc > 1) + usage (1); + + if (argv[0]) { + ret = krb5_parse_name (context, argv[0], &principal); + if (ret) + krb5_err (context, 1, ret, "krb5_parse_name"); + } else { + ret = kinit_get_default_principal (context, &principal); + if (ret) + krb5_err (context, 1, ret, "krb5_get_default_principal"); + } + if(fcache_version) krb5_set_fcache_version(context, fcache_version); @@ -264,8 +414,15 @@ main (int argc, char **argv) krb5_get_init_creds_opt_init (&opt); - krb5_get_init_creds_opt_set_forwardable (&opt, forwardable); - krb5_get_init_creds_opt_set_proxiable (&opt, proxiable); + krb5_get_init_creds_opt_set_default_flags(context, "kinit", + /* XXX */principal->realm, &opt); + + if(forwardable_flag != -1) + krb5_get_init_creds_opt_set_forwardable (&opt, forwardable_flag); + if(proxiable_flag != -1) + krb5_get_init_creds_opt_set_proxiable (&opt, proxiable_flag); + if(anonymous_flag != -1) + krb5_get_init_creds_opt_set_anonymous (&opt, anonymous_flag); if (!addrs_flag) { no_addrs.len = 0; @@ -280,7 +437,7 @@ main (int argc, char **argv) errx (1, "unparsable time: %s", renew_life); krb5_get_init_creds_opt_set_renew_life (&opt, tmp); - } else if (renewable) + } else if (renewable_flag) krb5_get_init_creds_opt_set_renew_life (&opt, 1 << 30); if(ticket_life != 0) @@ -311,18 +468,16 @@ main (int argc, char **argv) etype_str.num_strings); } - argc -= optind; - argv += optind; - - if (argc > 1) - usage (1); - - if (argv[0]) { - ret = krb5_parse_name (context, argv[0], &principal); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name"); - } else - principal = NULL; +#ifdef KRB4 + get_v4_tgt = krb5_config_get_bool_default (context, + NULL, + get_v4_tgt, + "realms", + krb5_princ_realm(context, + principal), + "krb4_get_tickets", + NULL); +#endif if(use_keytab || keytab_str) { krb5_keytab kt; @@ -340,23 +495,55 @@ main (int argc, char **argv) server, &opt); krb5_kt_close(context, kt); - } else + } else { + char *p, *prompt; + + krb5_unparse_name (context, principal, &p); + asprintf (&prompt, "%s's Password: ", p); + free (p); + + if (des_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0)){ + memset(passwd, 0, sizeof(passwd)); + exit(1); + } + + free (prompt); + ret = krb5_get_init_creds_password (context, &cred, principal, - NULL, + passwd, krb5_prompter_posix, NULL, start_time, server, &opt); + } +#ifdef KRB4 + if (ret == KRB5KRB_AP_ERR_V4_REPLY || ret == KRB5_KDC_UNREACH) { + int exit_val; + + exit_val = do_v4_fallback (context, principal, ticket_life, + use_keytab, keytab_str, + passwd, sizeof(passwd)); + memset(passwd, 0, sizeof(passwd)); + if (exit_val == 0 || ret == KRB5KRB_AP_ERR_V4_REPLY) { + krb5_free_context (context); + return exit_val; + } + } +#endif + memset(passwd, 0, sizeof(passwd)); + switch(ret){ case 0: break; case KRB5_LIBOS_PWDINTR: /* don't print anything if it was just C-c:ed */ + memset(passwd, 0, sizeof(passwd)); exit(1); case KRB5KRB_AP_ERR_BAD_INTEGRITY: case KRB5KRB_AP_ERR_MODIFIED: + memset(passwd, 0, sizeof(passwd)); krb5_errx(context, 1, "Password incorrect"); break; default: diff --git a/crypto/heimdal/kuser/klist.1 b/crypto/heimdal/kuser/klist.1 index e875401..384ce8e 100644 --- a/crypto/heimdal/kuser/klist.1 +++ b/crypto/heimdal/kuser/klist.1 @@ -1,36 +1,118 @@ -.\" $Id: klist.1,v 1.4 1999/05/14 14:03:55 assar Exp $ +.\" $Id: klist.1,v 1.6 2000/07/08 20:47:58 joda Exp $ .\" -.Dd Aug 27, 1997 +.Dd July 8, 2000 .Dt KLIST 1 .Os HEIMDAL .Sh NAME .Nm klist .Nd -list the current tickets +list Kerberos credentials .Sh SYNOPSIS .Nm -.Op Fl t | Fl -test +.Oo Fl c Ar cache \*(Ba Xo +.Fl -cache= Ns Ar cache Oc +.Xc +.Op Fl s | Fl t | Fl -test +.Op Fl 4 | Fl -v4 +.Op Fl T | Fl -tokens +.Op Fl 5 | Fl -v5 .Op Fl v | Fl -verbose +.Op Fl f .Op Fl -version .Op Fl -help .Sh DESCRIPTION .Nm reads and displays the current tickets in the crential cache (also -knows as the ticket file). +known as the ticket file). .Pp Options supported: .Bl -tag -width Ds .It Xo +.Fl c Ar cache Ns , +.Fl -cache= Ns Ar cache +.Xc +credentials cache to list +.It Xo +.Fl s Ns , .Fl t Ns , .Fl -test .Xc Test for there being an active and valid TGT for the local realm of the user in the credential cache. .It Xo +.Fl 4 Ns , +.Fl -v4 +.Xc +display v4 tickets +.It Xo +.Fl T Ns , +.Fl -tokens +.Xc +display AFS tokens +.It Xo +.Fl 5 Ns , +.Fl -v5 +.Xc +display v5 cred cache (this is the default) +.It Fl f +Include ticket flags in short form, each charcted stands for a +specific flag, as follows: +.Bl -tag -width XXX -compact -offset indent +.It F +forwardable +.It f +forwarded +.It P +proxiable +.It p +proxied +.It D +postdate-able +.It d +postdated +.It R +renewable +.It I +initial +.It i +invalid +.It A +pre-authenticated +.It H +hardware authenticated +.El + +This information is also output with the +.Fl -verbose +option, but in a more verbose way. +.It Xo .Fl v Ns , .Fl -verbose .Xc -Verbose output. Include all information from tickets. +Verbose output. Include all possible information: +.Bl -tag -width XXXX -offset indent +.It Server +the princial the ticket is for +.It Ticket etype +the encryption type use in the ticket, followed by the key version of +the ticket, if it is available +.It Session key +the encryption type of the session key, if it's different from the +encryption type of the ticket +.It Auth time +the time the authentication exchange took place +.It Start time +the time that this tickets is valid from (only printed if it's +different from the auth time) +.It End time +when the ticket expires, if it has already expired this is also noted +.It Renew till +the maximum possible end time of any ticket derived from this one +.It Ticket flags +the flags set on the ticket +.It Addresses +the set of addresses from which this ticket is valid +.El .El .Sh SEE ALSO .Xr kinit 1 , diff --git a/crypto/heimdal/kuser/klist.c b/crypto/heimdal/kuser/klist.c index 180e9f3..6bfaeb8 100644 --- a/crypto/heimdal/kuser/klist.c +++ b/crypto/heimdal/kuser/klist.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,8 +32,9 @@ */ #include "kuser_locl.h" +#include "rtbl.h" -RCSID("$Id: klist.c,v 1.53 2000/02/06 08:15:40 assar Exp $"); +RCSID("$Id: klist.c,v 1.62 2001/01/25 12:37:01 assar Exp $"); static char* printable_time(time_t t) @@ -53,8 +54,14 @@ printable_time_long(time_t t) return s; } +#define COL_ISSUED " Issued" +#define COL_EXPIRES " Expires" +#define COL_FLAGS "Flags" +#define COL_PRINCIPAL " Principal" +#define COL_PRINCIPAL_KVNO " Principal (kvno)" + static void -print_cred(krb5_context context, krb5_creds *cred) +print_cred(krb5_context context, krb5_creds *cred, rtbl_t ct, int do_flags) { char *str; krb5_error_code ret; @@ -62,20 +69,51 @@ print_cred(krb5_context context, krb5_creds *cred) krb5_timeofday (context, &sec); + if(cred->times.starttime) - printf ("%s ", printable_time(cred->times.starttime)); + rtbl_add_column_entry(ct, COL_ISSUED, + printable_time(cred->times.starttime)); else - printf ("%s ", printable_time(cred->times.authtime)); + rtbl_add_column_entry(ct, COL_ISSUED, + printable_time(cred->times.authtime)); if(cred->times.endtime > sec) - printf ("%s ", printable_time(cred->times.endtime)); + rtbl_add_column_entry(ct, COL_EXPIRES, + printable_time(cred->times.endtime)); else - printf ("%-15s ", ">>>Expired<<<"); + rtbl_add_column_entry(ct, COL_EXPIRES, ">>>Expired<<<"); ret = krb5_unparse_name (context, cred->server, &str); if (ret) krb5_err(context, 1, ret, "krb5_unparse_name"); - printf ("%s\n", str); - free (str); + rtbl_add_column_entry(ct, COL_PRINCIPAL, str); + if(do_flags) { + char s[16], *sp = s; + if(cred->flags.b.forwardable) + *sp++ = 'F'; + if(cred->flags.b.forwarded) + *sp++ = 'f'; + if(cred->flags.b.proxiable) + *sp++ = 'P'; + if(cred->flags.b.proxy) + *sp++ = 'p'; + if(cred->flags.b.may_postdate) + *sp++ = 'D'; + if(cred->flags.b.postdated) + *sp++ = 'd'; + if(cred->flags.b.renewable) + *sp++ = 'R'; + if(cred->flags.b.initial) + *sp++ = 'I'; + if(cred->flags.b.invalid) + *sp++ = 'i'; + if(cred->flags.b.pre_authent) + *sp++ = 'A'; + if(cred->flags.b.hw_authent) + *sp++ = 'H'; + *sp++ = '\0'; + rtbl_add_column_entry(ct, COL_FLAGS, s); + } + free(str); } static void @@ -101,11 +139,12 @@ print_cred_verbose(krb5_context context, krb5_creds *cred) decode_Ticket(cred->ticket.data, cred->ticket.length, &t, &len); ret = krb5_enctype_to_string(context, t.enc_part.etype, &s); + printf("Ticket etype: "); if (ret == 0) { - printf("Ticket etype: %s", s); + printf("%s", s); free(s); } else { - printf("Unknown etype: %d", t.enc_part.etype); + printf("unknown(%d)", t.enc_part.etype); } if(t.enc_part.kvno) printf(", kvno %d", *t.enc_part.kvno); @@ -175,13 +214,16 @@ static void print_tickets (krb5_context context, krb5_ccache ccache, krb5_principal principal, - int do_verbose) + int do_verbose, + int do_flags) { krb5_error_code ret; char *str; krb5_cc_cursor cursor; krb5_creds creds; + rtbl_t ct = NULL; + ret = krb5_unparse_name (context, principal, &str); if (ret) krb5_err (context, 1, ret, "krb5_unparse_name"); @@ -208,7 +250,7 @@ print_tickets (krb5_context context, sig = -1; val = -val; } - + unparse_time (val, buf, sizeof(buf)); printf ("%17s: %s%s\n", "KDC time offset", @@ -221,9 +263,16 @@ print_tickets (krb5_context context, if (ret) krb5_err(context, 1, ret, "krb5_cc_start_seq_get"); - if(!do_verbose) - printf(" %-15s %-15s %s\n", "Issued", "Expires", "Principal"); - + if(!do_verbose) { + ct = rtbl_create(); + rtbl_add_column(ct, COL_ISSUED, 0); + rtbl_add_column(ct, COL_EXPIRES, 0); + if(do_flags) + rtbl_add_column(ct, COL_FLAGS, 0); + rtbl_add_column(ct, COL_PRINCIPAL, 0); + rtbl_set_prefix(ct, " "); + rtbl_set_column_prefix(ct, COL_ISSUED, ""); + } while (krb5_cc_next_cred (context, ccache, &creds, @@ -231,13 +280,17 @@ print_tickets (krb5_context context, if(do_verbose){ print_cred_verbose(context, &creds); }else{ - print_cred(context, &creds); + print_cred(context, &creds, ct, do_flags); } krb5_free_creds_contents (context, &creds); } ret = krb5_cc_end_seq_get (context, ccache, &cursor); if (ret) krb5_err (context, 1, ret, "krb5_cc_end_seq_get"); + if(!do_verbose) { + rtbl_format(ct, stdout); + rtbl_destroy(ct); + } } /* @@ -277,6 +330,143 @@ check_for_tgt (krb5_context context, } #ifdef KRB4 +/* prints the approximate kdc time differential as something human + readable */ + +static void +print_time_diff(int do_verbose) +{ + int d = abs(krb_get_kdc_time_diff()); + char buf[80]; + + if ((do_verbose && d > 0) || d > 60) { + unparse_time_approx (d, buf, sizeof(buf)); + printf ("Time diff:\t%s\n", buf); + } +} + +/* + * return a short representation of `dp' in string form. + */ + +static char * +short_date(int32_t dp) +{ + char *cp; + time_t t = (time_t)dp; + + if (t == (time_t)(-1L)) return "*** Never *** "; + cp = ctime(&t) + 4; + cp[15] = '\0'; + return (cp); +} + +/* + * Print a list of all the v4 tickets + */ + +static int +display_v4_tickets (int do_verbose) +{ + char *file; + int ret; + krb_principal princ; + CREDENTIALS cred; + int found = 0; + + rtbl_t ct; + + file = getenv ("KRBTKFILE"); + if (file == NULL) + file = TKT_FILE; + + printf("v4-ticket file: %s\n", file); + + ret = krb_get_tf_realm (file, princ.realm); + if (ret) { + warnx ("%s", krb_get_err_text(ret)); + return 1; + } + + ret = tf_init (file, R_TKT_FIL); + if (ret) { + warnx ("tf_init: %s", krb_get_err_text(ret)); + return 1; + } + ret = tf_get_pname (princ.name); + if (ret) { + tf_close (); + warnx ("tf_get_pname: %s", krb_get_err_text(ret)); + return 1; + } + ret = tf_get_pinst (princ.instance); + if (ret) { + tf_close (); + warnx ("tf_get_pname: %s", krb_get_err_text(ret)); + return 1; + } + + printf("Principal:\t%s\n", krb_unparse_name (&princ)); + print_time_diff(do_verbose); + printf("\n"); + + ct = rtbl_create(); + rtbl_add_column(ct, COL_ISSUED, 0); + rtbl_add_column(ct, COL_EXPIRES, 0); + if (do_verbose) + rtbl_add_column(ct, COL_PRINCIPAL_KVNO, 0); + else + rtbl_add_column(ct, COL_PRINCIPAL, 0); + rtbl_set_prefix(ct, " "); + rtbl_set_column_prefix(ct, COL_ISSUED, ""); + + while ((ret = tf_get_cred(&cred)) == KSUCCESS) { + struct timeval tv; + char buf1[20], buf2[20]; + const char *pp; + + found++; + + strlcpy(buf1, + short_date(cred.issue_date), + sizeof(buf1)); + cred.issue_date = krb_life_to_time(cred.issue_date, cred.lifetime); + krb_kdctimeofday(&tv); + if (do_verbose || tv.tv_sec < (unsigned long) cred.issue_date) + strlcpy(buf2, + short_date(cred.issue_date), + sizeof(buf2)); + else + strlcpy(buf2, + ">>> Expired <<<", + sizeof(buf2)); + rtbl_add_column_entry(ct, COL_ISSUED, buf1); + rtbl_add_column_entry(ct, COL_EXPIRES, buf2); + pp = krb_unparse_name_long(cred.service, + cred.instance, + cred.realm); + if (do_verbose) { + char *tmp; + + asprintf(&tmp, "%s (%d)", pp, cred.kvno); + rtbl_add_column_entry(ct, COL_PRINCIPAL_KVNO, tmp); + free(tmp); + } else { + rtbl_add_column_entry(ct, COL_PRINCIPAL, pp); + } + } + rtbl_format(ct, stdout); + rtbl_destroy(ct); + if (!found && ret == EOF) + printf("No tickets in file.\n"); + tf_close(); + + /* + * should do NAT stuff here + */ + return 0; +} + /* * Print a list of all AFS tokens */ @@ -332,28 +522,91 @@ display_tokens(int do_verbose) putchar('\n'); } } -#endif +#endif /* KRB4 */ + +/* + * display the ccache in `cred_cache' + */ + +static int +display_v5_ccache (const char *cred_cache, int do_test, int do_verbose, + int do_flags) +{ + krb5_error_code ret; + krb5_context context; + krb5_ccache ccache; + krb5_principal principal; + int exit_status = 0; + + ret = krb5_init_context (&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + if(cred_cache) { + ret = krb5_cc_resolve(context, cred_cache, &ccache); + if (ret) + krb5_err (context, 1, ret, "%s", cred_cache); + } else { + ret = krb5_cc_default (context, &ccache); + if (ret) + krb5_err (context, 1, ret, "krb5_cc_resolve"); + } + + ret = krb5_cc_get_principal (context, ccache, &principal); + if (ret) { + if(ret == ENOENT) { + if (!do_test) + krb5_warnx(context, "No ticket file: %s", + krb5_cc_get_name(context, ccache)); + return 1; + } else + krb5_err (context, 1, ret, "krb5_cc_get_principal"); + } + if (do_test) + exit_status = check_for_tgt (context, ccache, principal); + else + print_tickets (context, ccache, principal, do_verbose, do_flags); + + ret = krb5_cc_close (context, ccache); + if (ret) + krb5_err (context, 1, ret, "krb5_cc_close"); + + krb5_free_principal (context, principal); + krb5_free_context (context); + return exit_status; +} static int version_flag = 0; static int help_flag = 0; static int do_verbose = 0; static int do_test = 0; #ifdef KRB4 +static int do_v4 = 1; static int do_tokens = 0; #endif +static int do_v5 = 1; static char *cred_cache; +static int do_flags = 0; static struct getargs args[] = { + { NULL, 'f', arg_flag, &do_flags }, { "cache", 'c', arg_string, &cred_cache, "credentials cache to list", "cache" }, { "test", 't', arg_flag, &do_test, "test for having tickets", NULL }, + { NULL, 's', arg_flag, &do_test }, #ifdef KRB4 + { "v4", '4', arg_flag, &do_v4, + "display v4 tickets", NULL }, { "tokens", 'T', arg_flag, &do_tokens, "display AFS tokens", NULL }, #endif + { "v5", '5', arg_flag, &do_v5, + "display v5 cred cache", NULL}, { "verbose", 'v', arg_flag, &do_verbose, - "Verbose output", NULL }, + "verbose output", NULL }, + { NULL, 'a', arg_flag, &do_verbose }, + { NULL, 'n', arg_flag, &do_verbose }, { "version", 0, arg_flag, &version_flag, "print version", NULL }, { "help", 0, arg_flag, &help_flag, @@ -373,10 +626,6 @@ usage (int ret) int main (int argc, char **argv) { - krb5_error_code ret; - krb5_context context; - krb5_ccache ccache; - krb5_principal principal; int optind = 0; int exit_status = 0; @@ -399,46 +648,23 @@ main (int argc, char **argv) if (argc != 0) usage (1); - ret = krb5_init_context (&context); - if (ret) - krb5_err(context, 1, ret, "krb5_init_context"); - - if(cred_cache) { - ret = krb5_cc_resolve(context, cred_cache, &ccache); - if (ret) - krb5_err (context, 1, ret, "%s", cred_cache); - } else { - ret = krb5_cc_default (context, &ccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_resolve"); - } - - ret = krb5_cc_get_principal (context, ccache, &principal); - if (ret) { - if(ret == ENOENT) { - if (do_test) - return 1; - else - krb5_errx(context, 1, "No ticket file: %s", - krb5_cc_get_name(context, ccache)); - } else - krb5_err (context, 1, ret, "krb5_cc_get_principal"); - } - if (do_test) - exit_status = check_for_tgt (context, ccache, principal); - else - print_tickets (context, ccache, principal, do_verbose); - - ret = krb5_cc_close (context, ccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_close"); - - krb5_free_principal (context, principal); - krb5_free_context (context); + if (do_v5) + exit_status = display_v5_ccache (cred_cache, do_test, + do_verbose, do_flags); #ifdef KRB4 - if (!do_test && do_tokens && k_hasafs ()) - display_tokens (do_verbose); + if (!do_test) { + if (do_v4) { + if (do_v5) + printf ("\n"); + display_v4_tickets (do_verbose); + } + if (do_tokens && k_hasafs ()) { + if (do_v4 || do_v5) + printf ("\n"); + display_tokens (do_verbose); + } + } #endif return exit_status; diff --git a/crypto/heimdal/kuser/kverify.c b/crypto/heimdal/kuser/kverify.c index 986d7c9..72b15f9 100644 --- a/crypto/heimdal/kuser/kverify.c +++ b/crypto/heimdal/kuser/kverify.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kuser_locl.h" -RCSID("$Id: kverify.c,v 1.3 1999/12/02 17:05:01 joda Exp $"); +RCSID("$Id: kverify.c,v 1.4 2000/12/31 07:55:54 assar Exp $"); int main(int argc, char **argv) @@ -45,7 +45,9 @@ main(int argc, char **argv) krb5_get_init_creds_opt get_options; krb5_verify_init_creds_opt verify_options; - krb5_init_context(&context); + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); krb5_get_init_creds_opt_init (&get_options); -- cgit v1.1