+2004-08-20 Jeffrey Altman <jaltman@mit.edu>
+
+ * Add kcpytkt and kdeltkt directories
+
2003-01-10 Ken Raeburn <raeburn@mit.edu>
* configure.in: Use V5_AC_OUTPUT_MAKEFILE instead of
mydir=.
BUILDTOP=$(REL)..
-LOCAL_SUBDIRS= klist kinit kdestroy kpasswd ksu kvno
+LOCAL_SUBDIRS= klist kinit kdestroy kpasswd ksu kvno kcpytkt kdeltkt
NO_OUTPRE=1
all-windows::
@echo Making all in clients\kvno
cd ..\kvno
$(MAKE) -$(MFLAGS)
+ cd ..\kcpytkt
+ $(MAKE) -$(MFLAGS)
+ cd ..\kdeltkt
+ $(MAKE) -$(MFLAGS)
cd ..
clean-windows::
@echo Making clean in clients\kvno
cd ..\kvno
$(MAKE) -$(MFLAGS) clean
+ cd ..\kcpytkt
+ $(MAKE) -$(MFLAGS) clean
+ cd ..\kdeltkt
+ $(MAKE) -$(MFLAGS) clean
cd ..
--- /dev/null
+2004-08-20 Jeffrey Altman <jaltman@mit.edu>
+
+ * kcpytkt.c, kcpytkt.M: Create a new application.
+
--- /dev/null
+thisconfigdir=./..
+myfulldir=clients/kcpytkt
+mydir=kcpytkt
+BUILDTOP=$(REL)..$(S)..
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+all-unix:: kcpytkt
+all-windows:: $(OUTPRE)kcpytkt.exe
+all-mac::
+
+kcpytkt: kcpytkt.o $(KRB4COMPAT_DEPLIBS)
+ $(CC_LINK) -o $@ kcpytkt.o $(KRB4COMPAT_LIBS)
+
+$(OUTPRE)kcpytkt.exe: $(OUTPRE)kcpytkt.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB)
+ link $(EXE_LINKOPTS) /out:$@ $**
+
+clean-unix::
+ $(RM) kcpytkt.o kcpytkt
+
+install-unix::
+ for f in kcpytkt; do \
+ $(INSTALL_PROGRAM) $$f \
+ $(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`; \
+ $(INSTALL_DATA) $(srcdir)/$$f.M \
+ $(DESTDIR)$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \
+ done
--- /dev/null
+.\"
+.\" clients/kvnol/kcpytkt.M
+.\" "
+.TH KCPYTKT 1
+.SH NAME
+kcpytkt \- copies one or more service tickets between credentials caches
+.SH SYNOPSIS
+\fBkcpytkt\fP [\fB\-h\fP] [\fB\-c source_ccache\fP] [\fB\-e etype\fP] [\fB\-f flags\fP]
+\fBdest_ccache\fP \fBservice1\fP \fBservice2\fP \fB...\fP
+.br
+.SH DESCRIPTION
+.I kcpytkt
+copies the specified service tickets to the destination credentials cache
+.SH OPTIONS
+.TP
+.B \-c
+specifies the source credentials cache from which service tickets will be.
+copied. if no ccache is specified, the default ccache is used.
+.TP
+.B \-e
+specifies the session key enctype of the service tickets you wish to delete.
+.TP
+.B \-h
+prints a usage statement and exits
+.SH ENVIRONMENT
+.B kcpytkt
+uses the following environment variable:
+.TP "\w'.SM KRB5CCNAME\ \ 'u"
+.SM KRB5CCNAME
+Location of the credentials (ticket) cache.
+.SH FILES
+.TP "\w'/tmp/krb5cc_[uid]\ \ 'u"
+/tmp/krb5cc_[uid]
+default location of the credentials cache ([uid] is the decimal UID of
+the user).
+.SH SEE ALSO
+kinit(1), kdestroy(1), krb5(3)
--- /dev/null
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#include <string.h>
+#include <krb5.h>
+
+extern int optind;
+extern char *optarg;
+
+static char *prog;
+
+static void xusage()
+{
+ fprintf(stderr, "xusage: %s [-c from_ccache] [-e etype] [-f flags] dest_ccache service1 service2 ...\n", prog);
+ exit(1);
+}
+
+int quiet = 0;
+
+static void do_kcpytkt (int argc, char *argv[], char *fromccachestr, char *etypestr, int flags);
+
+int main(int argc, char *argv[])
+{
+ int option;
+ char *etypestr = 0;
+ char *fromccachestr = 0;
+ int flags = 0;
+
+ prog = strrchr(argv[0], '/');
+ prog = prog ? (prog + 1) : argv[0];
+
+ while ((option = getopt(argc, argv, "c:e:f:hq")) != -1) {
+ switch (option) {
+ case 'c':
+ fromccachestr = optarg;
+ break;
+ case 'e':
+ etypestr = optarg;
+ break;
+ case 'f':
+ flags = atoi(optarg);
+ break;
+ case 'q':
+ quiet = 1;
+ break;
+ case 'h':
+ default:
+ xusage();
+ break;
+ }
+ }
+
+ if ((argc - optind) < 2)
+ xusage();
+
+ do_kcpytkt(argc - optind, argv + optind, fromccachestr, etypestr, flags);
+ return 0;
+}
+
+static void do_kcpytkt (int count, char *names[],
+ char *fromccachestr, char *etypestr, int flags)
+{
+ krb5_context context;
+ krb5_error_code ret;
+ int i, errors;
+ krb5_enctype etype;
+ krb5_ccache fromccache;
+ krb5_ccache destccache;
+ krb5_principal me;
+ krb5_creds in_creds, out_creds;
+ int retflags;
+ char *princ;
+
+ ret = krb5_init_context(&context);
+ if (ret) {
+ com_err(prog, ret, "while initializing krb5 library");
+ exit(1);
+ }
+
+ if (etypestr) {
+ ret = krb5_string_to_enctype(etypestr, &etype);
+ if (ret) {
+ com_err(prog, ret, "while converting etype");
+ exit(1);
+ }
+ retflags = KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES;
+ } else {
+ etype = 0;
+ retflags = KRB5_TC_MATCH_SRV_NAMEONLY;
+ }
+
+ if (fromccachestr)
+ ret = krb5_cc_resolve(context, fromccachestr, &fromccache);
+ else
+ ret = krb5_cc_default(context, &fromccache);
+ if (ret) {
+ com_err(prog, ret, "while opening source ccache");
+ exit(1);
+ }
+
+ ret = krb5_cc_get_principal(context, fromccache, &me);
+ if (ret) {
+ com_err(prog, ret, "while getting client principal name");
+ exit(1);
+ }
+
+ ret = krb5_cc_resolve(context, names[0], &destccache);
+ if (ret) {
+ com_err(prog, ret, "while opening destination cache");
+ exit(1);
+ }
+
+ errors = 0;
+
+ for (i = 1; i < count; i++) {
+ memset(&in_creds, 0, sizeof(in_creds));
+
+ in_creds.client = me;
+
+ ret = krb5_parse_name(context, names[i], &in_creds.server);
+ if (ret) {
+ if (!quiet)
+ fprintf(stderr, "%s: %s while parsing principal name\n",
+ names[i], error_message(ret));
+ errors++;
+ continue;
+ }
+
+ ret = krb5_unparse_name(context, in_creds.server, &princ);
+ if (ret) {
+ fprintf(stderr, "%s: %s while printing principal name\n",
+ names[i], error_message(ret));
+ errors++;
+ continue;
+ }
+
+ in_creds.keyblock.enctype = etype;
+
+ ret = krb5_cc_retrieve_cred(context, fromccache, retflags,
+ &in_creds, &out_creds);
+ if (ret) {
+ fprintf(stderr, "%s: %s while retrieving credentials\n",
+ princ, error_message(ret));
+
+ krb5_free_unparsed_name(context, princ);
+
+ errors++;
+ continue;
+ }
+
+ ret = krb5_cc_store_cred(context, destccache, &out_creds);
+
+ krb5_free_principal(context, in_creds.server);
+
+ if (ret) {
+ fprintf(stderr, "%s: %s while removing credentials\n",
+ princ, error_message(ret));
+
+ krb5_free_cred_contents(context, &out_creds);
+ krb5_free_unparsed_name(context, princ);
+
+ errors++;
+ continue;
+ }
+
+ krb5_free_unparsed_name(context, princ);
+ krb5_free_cred_contents(context, &out_creds);
+ }
+
+ krb5_free_principal(context, me);
+ krb5_cc_close(context, fromccache);
+ krb5_cc_close(context, destccache);
+ krb5_free_context(context);
+
+ if (errors)
+ exit(1);
+
+ exit(0);
+}
--- /dev/null
+2004-08-19 Jeffrey Altman <jaltman@mit.edu>
+
+ * kdeltkt.c, kdeltkt.M: Create a new application.
+
--- /dev/null
+thisconfigdir=./..
+myfulldir=clients/kvno
+mydir=kvno
+BUILDTOP=$(REL)..$(S)..
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+all-unix:: kvno
+all-windows:: $(OUTPRE)kvno.exe
+all-mac::
+
+kvno: kvno.o $(KRB4COMPAT_DEPLIBS)
+ $(CC_LINK) -o $@ kvno.o $(KRB4COMPAT_LIBS)
+
+$(OUTPRE)kvno.exe: $(OUTPRE)kvno.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB)
+ link $(EXE_LINKOPTS) /out:$@ $**
+
+clean-unix::
+ $(RM) kvno.o kvno
+
+install-unix::
+ for f in kvno; do \
+ $(INSTALL_PROGRAM) $$f \
+ $(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`; \
+ $(INSTALL_DATA) $(srcdir)/$$f.M \
+ $(DESTDIR)$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \
+ done
--- /dev/null
+.\"
+.\" clients/kvnol/kdeltkt.M
+.\" "
+.TH KDELTKT 1
+.SH NAME
+kdeltkt \- delete one or more service tickets from the credentials cache
+.SH SYNOPSIS
+\fBkdeltkt\fP [\fB\-h\fP] [\fB\-c ccache\fP] [\fB\-e etype\fP] [\fB\-f flags\fP]
+\fBservice1\fP \fBservice2\fP \fB...\fP
+.br
+.SH DESCRIPTION
+.I kdeltkt
+deletes the specified service tickets from the credentials cache
+.SH OPTIONS
+.TP
+.B \-c
+specifies the credentials cache from which service tickets will be deleted.
+if no cache is specified, the default cache is used.
+.TP
+.B \-e
+specifies the session key enctype of the service tickets you wish to delete.
+.TP
+.B \-h
+prints a usage statement and exits
+.SH ENVIRONMENT
+.B kdeltkt
+uses the following environment variable:
+.TP "\w'.SM KRB5CCNAME\ \ 'u"
+.SM KRB5CCNAME
+Location of the credentials (ticket) cache.
+.SH FILES
+.TP "\w'/tmp/krb5cc_[uid]\ \ 'u"
+/tmp/krb5cc_[uid]
+default location of the credentials cache ([uid] is the decimal UID of
+the user).
+.SH SEE ALSO
+kinit(1), kdestroy(1), krb5(3)
--- /dev/null
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#include <string.h>
+#include <krb5.h>
+
+extern int optind;
+extern char *optarg;
+
+static char *prog;
+
+static void xusage()
+{
+ fprintf(stderr, "xusage: %s [-c ccache] [-e etype] [-f flags] service1 service2 ...\n", prog);
+ exit(1);
+}
+
+int quiet = 0;
+
+static void do_kdeltkt (int argc, char *argv[], char *ccachestr, char *etypestr, int flags);
+
+int main(int argc, char *argv[])
+{
+ int option;
+ char *etypestr = 0;
+ char *ccachestr = 0;
+ int flags = 0;
+
+ prog = strrchr(argv[0], '/');
+ prog = prog ? (prog + 1) : argv[0];
+
+ while ((option = getopt(argc, argv, "c:e:f:hq")) != -1) {
+ switch (option) {
+ case 'c':
+ ccachestr = optarg;
+ break;
+ case 'e':
+ etypestr = optarg;
+ break;
+ case 'f':
+ flags = atoi(optarg);
+ break;
+ case 'q':
+ quiet = 1;
+ break;
+ case 'h':
+ default:
+ xusage();
+ break;
+ }
+ }
+
+ if ((argc - optind) < 1)
+ xusage();
+
+ do_kdeltkt(argc - optind, argv + optind, ccachestr, etypestr, flags);
+ return 0;
+}
+
+static void do_kdeltkt (int count, char *names[],
+ char *ccachestr, char *etypestr, int flags)
+{
+ krb5_context context;
+ krb5_error_code ret;
+ int i, errors;
+ krb5_enctype etype;
+ krb5_ccache ccache;
+ krb5_principal me;
+ krb5_creds in_creds, out_creds;
+ int retflags;
+ char *princ;
+
+ ret = krb5_init_context(&context);
+ if (ret) {
+ com_err(prog, ret, "while initializing krb5 library");
+ exit(1);
+ }
+
+ if (etypestr) {
+ ret = krb5_string_to_enctype(etypestr, &etype);
+ if (ret) {
+ com_err(prog, ret, "while converting etype");
+ exit(1);
+ }
+ retflags = KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES;
+ } else {
+ etype = 0;
+ retflags = KRB5_TC_MATCH_SRV_NAMEONLY;
+ }
+
+ if (ccachestr)
+ ret = krb5_cc_resolve(context, ccachestr, &ccache);
+ else
+ ret = krb5_cc_default(context, &ccache);
+ if (ret) {
+ com_err(prog, ret, "while opening ccache");
+ exit(1);
+ }
+
+ ret = krb5_cc_get_principal(context, ccache, &me);
+ if (ret) {
+ com_err(prog, ret, "while getting client principal name");
+ exit(1);
+ }
+
+ errors = 0;
+
+ for (i = 0; i < count; i++) {
+ memset(&in_creds, 0, sizeof(in_creds));
+
+ in_creds.client = me;
+
+ ret = krb5_parse_name(context, names[i], &in_creds.server);
+ if (ret) {
+ if (!quiet)
+ fprintf(stderr, "%s: %s while parsing principal name\n",
+ names[i], error_message(ret));
+ errors++;
+ continue;
+ }
+
+ ret = krb5_unparse_name(context, in_creds.server, &princ);
+ if (ret) {
+ fprintf(stderr, "%s: %s while printing principal name\n",
+ names[i], error_message(ret));
+ errors++;
+ continue;
+ }
+
+ in_creds.keyblock.enctype = etype;
+
+ ret = krb5_cc_retrieve_cred(context, ccache, retflags,
+ &in_creds, &out_creds);
+ if (ret) {
+ fprintf(stderr, "%s: %s while retrieving credentials\n",
+ princ, error_message(ret));
+
+ krb5_free_unparsed_name(context, princ);
+
+ errors++;
+ continue;
+ }
+
+ ret = krb5_cc_remove_cred(context, ccache, flags, &out_creds);
+
+ krb5_free_principal(context, in_creds.server);
+
+ if (ret) {
+ fprintf(stderr, "%s: %s while removing credentials\n",
+ princ, error_message(ret));
+
+ krb5_free_cred_contents(context, &out_creds);
+ krb5_free_unparsed_name(context, princ);
+
+ errors++;
+ continue;
+ }
+
+ krb5_free_unparsed_name(context, princ);
+ krb5_free_cred_contents(context, &out_creds);
+ }
+
+ krb5_free_principal(context, me);
+ krb5_cc_close(context, ccache);
+ krb5_free_context(context);
+
+ if (errors)
+ exit(1);
+
+ exit(0);
+}