From: Ken Raeburn Date: Fri, 26 Jul 2002 22:30:48 +0000 (+0000) Subject: add v4 support to kvno X-Git-Tag: krb5-1.3-alpha1~550 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=8372e93d99cd923d5fb24c8d26b34d5665ff333e;p=krb5.git add v4 support to kvno git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14669 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/clients/kvno/ChangeLog b/src/clients/kvno/ChangeLog index 14169ae92..db2c418bc 100644 --- a/src/clients/kvno/ChangeLog +++ b/src/clients/kvno/ChangeLog @@ -1,3 +1,13 @@ +2002-07-26 Ken Raeburn + + * kvno.c (do_v5_kvno): New function, split out from main. + (do_v4_kvno): New function. + (prog, quiet): New global variables. + (main): Parse new option '-4' and call do_v5_kvno or do_v4_kvno. + (usage): List new option. + * kvno.M: Document v4 aspects. + * Makefile.in (kvno): Use krb4 compat libraries. + 2001-06-08 Ezra Peisach * kvno.c: Include unistd.h (if present) for getopt() prototype. diff --git a/src/clients/kvno/Makefile.in b/src/clients/kvno/Makefile.in index f5cf443d3..25adaa0aa 100644 --- a/src/clients/kvno/Makefile.in +++ b/src/clients/kvno/Makefile.in @@ -10,8 +10,8 @@ all-unix:: kvno all-windows:: $(OUTPRE)kvno.exe all-mac:: -kvno: kvno.o $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o $@ kvno.o $(KRB5_BASE_LIBS) +kvno: kvno.o $(KRB4COMPAT_DEPLIBS) + $(CC_LINK) -o $@ kvno.o $(KRB4COMPAT_LIBS) $(OUTPRE)kvno.exe: $(OUTPRE)kvno.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB) link $(EXE_LINKOPTS) /out:$@ $** diff --git a/src/clients/kvno/kvno.M b/src/clients/kvno/kvno.M index b89f751ea..e9f7942ad 100644 --- a/src/clients/kvno/kvno.M +++ b/src/clients/kvno/kvno.M @@ -40,16 +40,27 @@ prints out the key version numbers of each. specifies the enctype which will be requested for the session key of all the services named on the command line. This is useful in certain backward compatibility situations. +.TP +.B \-4 +specifies that Kerberos version 4 tickets should be acquired and +described. This option is only available if Kerberos 4 support was +enabled at compilation time. .SH ENVIRONMENT .B Kvno uses the following environment variable: .TP "\w'.SM KRB5CCNAME\ \ 'u" .SM KRB5CCNAME Location of the credentials (ticket) cache. +.TP +.SM KRBTKFILE +Location of the v4 ticket file. .SH FILES .TP "\w'/tmp/krb5cc_[uid]\ \ 'u" /tmp/krb5cc_[uid] default location of the credentials cache ([uid] is the decimal UID of the user). +.TP +/tmp/tkt[uid] +default location of the v4 ticket file. .SH SEE ALSO kinit(1), kdestroy(1), krb5(3) diff --git a/src/clients/kvno/kvno.c b/src/clients/kvno/kvno.c index ce4c9bf40..1c6180b7f 100644 --- a/src/clients/kvno/kvno.c +++ b/src/clients/kvno/kvno.c @@ -29,67 +29,139 @@ #include #endif #include -#include extern int optind; extern char *optarg; -static void usage(char *argv0) -{ - char *cmd; - - cmd = strrchr(argv0, '/'); - cmd = cmd?(cmd+1):argv0; - - fprintf(stderr, "usage: %s [-e etype] service1 service2 ...\n", cmd); +char *prog; +static void usage() +{ +#ifdef KRB5_KRB4_COMPAT + fprintf(stderr, "usage: %s [-4 | -e etype] service1 service2 ...\n", prog); +#else + fprintf(stderr, "usage: %s [-e etype] service1 service2 ...\n", prog); +#endif exit(1); } +int quiet = 0; + +static void do_v4_kvno (int argc, char *argv[]); +static void do_v5_kvno (int argc, char *argv[], char *etypestr); + int main(int argc, char *argv[]) { - krb5_context context; - krb5_error_code ret; - int option, i, errors; + int option; char *etypestr = 0; - int quiet = 0; - krb5_enctype etype; - krb5_ccache ccache; - krb5_principal me; - krb5_creds in_creds, *out_creds; - krb5_ticket *ticket; - char *princ; + int v4 = 0; - ret = krb5_init_context(&context); - if (ret) { - com_err(argv[0], ret, "while initializing krb5 library"); - exit(1); - } + prog = strrchr(argv[0], '/'); + prog = prog ? (prog + 1) : argv[0]; - while ((option = getopt(argc, argv, "e:hq")) != -1) { + while ((option = getopt(argc, argv, "e:hq4")) != -1) { switch (option) { case 'e': etypestr = optarg; break; case 'h': - usage(argv[0]); + usage(); break; case 'q': quiet = 1; break; + case '4': + v4 = 1; + break; default: - usage(argv[0]); + usage(); break; } } if ((argc - optind) < 1) - usage(argv[0]); + usage(); + + if (etypestr != 0 && v4) + usage(); + + if (v4) + do_v4_kvno(argc - optind, argv + optind); + else + do_v5_kvno(argc - optind, argv + optind, etypestr); + return 0; +} + +#ifdef KRB5_KRB4_COMPAT +#include +#endif +static void do_v4_kvno (int count, char *names[]) +{ +#ifdef KRB5_KRB4_COMPAT + int i; + + for (i = 0; i < count; i++) { + int err; + char name[ANAME_SZ], inst[INST_SZ], realm[REALM_SZ]; + KTEXT_ST req; + CREDENTIALS creds; + err = kname_parse (name, inst, realm, names[i]); + if (err) { + fprintf(stderr, "%s: error parsing name '%s': %s\n", + prog, names[i], krb_get_err_text(err)); + exit(1); + } + if (realm[0] == 0) { + err = krb_get_lrealm(realm, 1); + if (err) { + fprintf(stderr, "%s: error looking up local realm: %s\n", + prog, krb_get_err_text(err)); + exit(1); + } + } + err = krb_mk_req(&req, name, inst, realm, 0); + if (err) { + fprintf(stderr, "%s: krb_mk_req error: %s\n", prog, + krb_get_err_text(err)); + exit(1); + } + err = krb_get_cred(name, inst, realm, &creds); + if (err) { + fprintf(stderr, "%s: krb_get_cred error: %s\n", prog, + krb_get_err_text(err)); + exit(1); + } + if (!quiet) + printf("%s: kvno = %d\n", names[i], creds.kvno); + } +#else + usage(prog); +#endif +} + +#include +static void do_v5_kvno (int count, char *names[], char *etypestr) +{ + krb5_context context; + krb5_error_code ret; + int i, errors; + krb5_enctype etype; + krb5_ccache ccache; + krb5_principal me; + krb5_creds in_creds, *out_creds; + krb5_ticket *ticket; + char *princ; + + ret = krb5_init_context(&context); + if (ret) { + com_err(prog, ret, "while initializing krb5 library"); + exit(1); + } if (etypestr) { ret = krb5_string_to_enctype(etypestr, &etype); if (ret) { - com_err(argv[0], ret, "while converting etype"); + com_err(prog, ret, "while converting etype"); exit(1); } } else { @@ -98,28 +170,28 @@ int main(int argc, char *argv[]) ret = krb5_cc_default(context, &ccache); if (ret) { - com_err(argv[0], ret, "while opening ccache"); + com_err(prog, ret, "while opening ccache"); exit(1); } ret = krb5_cc_get_principal(context, ccache, &me); if (ret) { - com_err(argv[0], ret, "while getting client principal name"); + com_err(prog, ret, "while getting client principal name"); exit(1); } errors = 0; - for (i = optind; i < argc; i++) { + for (i = 0; i < count; i++) { memset(&in_creds, 0, sizeof(in_creds)); in_creds.client = me; - ret = krb5_parse_name(context, argv[i], &in_creds.server); + ret = krb5_parse_name(context, names[i], &in_creds.server); if (ret) { if (!quiet) fprintf(stderr, "%s: %s while parsing principal name\n", - argv[i], error_message(ret)); + names[i], error_message(ret)); errors++; continue; } @@ -127,7 +199,7 @@ int main(int argc, char *argv[]) ret = krb5_unparse_name(context, in_creds.server, &princ); if (ret) { fprintf(stderr, "%s: %s while printing principal name\n", - argv[i], error_message(ret)); + names[i], error_message(ret)); errors++; continue; }