From 95000406af071c518de6abb0efaaec9d37971cd1 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Mon, 22 Dec 2008 03:12:19 +0000 Subject: [PATCH] Improvements from Shawn Emery: an extra-verbose mode git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21562 dc483132-0cff-0310-8789-dd5450dbe970 --- src/slave/kproplog.c | 287 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 275 insertions(+), 12 deletions(-) diff --git a/src/slave/kproplog.c b/src/slave/kproplog.c index 5326e2940..7bf9bbaa3 100644 --- a/src/slave/kproplog.c +++ b/src/slave/kproplog.c @@ -1,5 +1,5 @@ /* - * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Copyright 2008 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -28,77 +28,340 @@ static char *progname; static void usage() { - (void) fprintf(stderr, _("\nUsage: %s [-h] [-v] [-e num]\n\n"), + (void) fprintf(stderr, _("\nUsage: %s [-h] [-v] [-v] [-e num]\n\n"), progname); exit(1); } +/* + * Print the attribute flags of principal in human readable form. + */ +static void +print_flags(unsigned int flags) +{ + unsigned int i; + static char *prflags[] = { + "DISALLOW_POSTDATED", /* 0x00000001 */ + "DISALLOW_FORWARDABLE", /* 0x00000002 */ + "DISALLOW_TGT_BASED", /* 0x00000004 */ + "DISALLOW_RENEWABLE", /* 0x00000008 */ + "DISALLOW_PROXIABLE", /* 0x00000010 */ + "DISALLOW_DUP_SKEY", /* 0x00000020 */ + "DISALLOW_ALL_TIX", /* 0x00000040 */ + "REQUIRES_PRE_AUTH", /* 0x00000080 */ + "REQUIRES_HW_AUTH", /* 0x00000100 */ + "REQUIRES_PWCHANGE", /* 0x00000200 */ + "UNKNOWN_0x00000400", /* 0x00000400 */ + "UNKNOWN_0x00000800", /* 0x00000800 */ + "DISALLOW_SVR", /* 0x00001000 */ + "PWCHANGE_SERVICE", /* 0x00002000 */ + "SUPPORT_DESMD5", /* 0x00004000 */ + "NEW_PRINC", /* 0x00008000 */ + }; + + for (i = 0; i < sizeof (prflags) / sizeof (char *); i++) { + if (flags & (krb5_flags) 1 << i) + printf("\t\t\t%s\n", prflags[i]); + } +} + +/* + * Display time information. + */ +static void +print_time(unsigned int *timep) +{ + if (*timep == 0L) + printf("\t\t\tNone\n"); + else { + time_t ltime = *timep; + printf("\t\t\t%s", ctime(<ime)); + } +} + +/* + * Display string in hex primitive. + */ +static void +print_hex(const char *tag, utf8str_t *str) +{ + unsigned int i; + unsigned int len; + + len = str->utf8str_t_len; + + (void) printf("\t\t\t%s(%d): 0x", tag, len); + for (i = 0; i < len; i++) { + printf("%02x", (krb5_octet) str->utf8str_t_val[i]); + } + (void) printf("\n"); +} + +/* + * Display string primitive. + */ +static void +print_str(const char *tag, utf8str_t *str) +{ + char *dis; + unsigned int len; + + /* + 1 for null byte */ + len = str->utf8str_t_len + 1; + dis = (char *) malloc(len); + + if (!dis) { + (void) fprintf(stderr, _("\nCouldn't allocate memory")); + exit(1); + } + + (void) snprintf(dis, len, "%s", str->utf8str_t_val); + + (void) printf("\t\t\t%s(%d): %s\n", tag, len - 1, dis); + + free(dis); +} + +/* + * Display data components. + */ +static void +print_data(const char *tag, kdbe_data_t *data) +{ + + (void) printf("\t\t\tmagic: 0x%x\n", data->k_magic); + + (void) print_str(tag, &data->k_data); +} + +/* + * Display the principal components. + */ +static void +print_princ(kdbe_princ_t *princ) +{ + int i, len; + kdbe_data_t *data; + + print_str("realm", &princ->k_realm); + + len = princ->k_components.k_components_len; + data = princ->k_components.k_components_val; + + for (i = 0; i < len; i++, data++) { + + print_data("princ", data); + } +} + +/* + * Display individual key. + */ +static void +print_key(kdbe_key_t *k) +{ + unsigned int i; + utf8str_t *str; + + printf("\t\t\tver: %d\n", k->k_ver); + + printf("\t\t\tkvno: %d\n", k->k_kvno); + + for (i = 0; i < k->k_enctype.k_enctype_len; i++) { + printf("\t\t\tenc type: 0x%x\n", + k->k_enctype.k_enctype_val[i]); + } + + str = k->k_contents.k_contents_val; + for (i = 0; i < k->k_contents.k_contents_len; i++, str++) { + print_hex("key", str); + } +} + +/* + * Display all key data. + */ +static void +print_keydata(kdbe_key_t *keys, unsigned int len) +{ + unsigned int i; + + for (i = 0; i < len; i++, keys++) { + print_key(keys); + } +} + +/* + * Display TL item. + */ +static void +print_tl(kdbe_tl_t *tl) +{ + int i, len; + + printf("\t\t\ttype: 0x%x\n", tl->tl_type); + + len = tl->tl_data.tl_data_len; + + printf("\t\t\tvalue(%d): 0x", len); + for (i = 0; i < len; i++) { + printf("%02x", (krb5_octet) tl->tl_data.tl_data_val[i]); + } + printf("\n"); +} + +/* + * Display TL data items. + */ +static void +print_tldata(kdbe_tl_t *tldata, int len) +{ + int i; + + printf("\t\t\titems: %d\n", len); + + for (i = 0; i < len; i++, tldata++) { + print_tl(tldata); + } +} + /* * Print the individual types if verbose mode was specified. + * If verbose-verbose then print types along with respective values. */ static void -print_attr(kdbe_attr_type_t type) +print_attr(kdbe_val_t *val, int vverbose) { - switch (type) { + switch (val->av_type) { case AT_ATTRFLAGS: (void) printf(_("\t\tAttribute flags\n")); + if (vverbose) { + print_flags(val->kdbe_val_t_u.av_attrflags); + } break; case AT_MAX_LIFE: (void) printf(_("\t\tMaximum ticket life\n")); + if (vverbose) { + print_time(&val->kdbe_val_t_u.av_max_life); + } break; case AT_MAX_RENEW_LIFE: (void) printf(_("\t\tMaximum renewable life\n")); + if (vverbose) { + print_time(&val->kdbe_val_t_u.av_max_renew_life); + } break; case AT_EXP: (void) printf(_("\t\tPrincipal expiration\n")); + if (vverbose) { + print_time(&val->kdbe_val_t_u.av_exp); + } break; case AT_PW_EXP: (void) printf(_("\t\tPassword expiration\n")); + if (vverbose) { + print_time(&val->kdbe_val_t_u.av_pw_exp); + } break; case AT_LAST_SUCCESS: (void) printf(_("\t\tLast successful auth\n")); + if (vverbose) { + print_time(&val->kdbe_val_t_u.av_last_success); + } break; case AT_LAST_FAILED: (void) printf(_("\t\tLast failed auth\n")); + if (vverbose) { + print_time(&val->kdbe_val_t_u.av_last_failed); + } break; case AT_FAIL_AUTH_COUNT: (void) printf(_("\t\tFailed passwd attempt\n")); + if (vverbose) { + (void) printf("\t\t\t%d\n", + val->kdbe_val_t_u.av_fail_auth_count); + } break; case AT_PRINC: (void) printf(_("\t\tPrincipal\n")); + if (vverbose) { + print_princ(&val->kdbe_val_t_u.av_princ); + } break; case AT_KEYDATA: (void) printf(_("\t\tKey data\n")); + if (vverbose) { + print_keydata( + val->kdbe_val_t_u.av_keydata.av_keydata_val, + val->kdbe_val_t_u.av_keydata.av_keydata_len); + } break; case AT_TL_DATA: (void) printf(_("\t\tTL data\n")); + if (vverbose) { + print_tldata( + val->kdbe_val_t_u.av_tldata.av_tldata_val, + val->kdbe_val_t_u.av_tldata.av_tldata_len); + } break; case AT_LEN: (void) printf(_("\t\tLength\n")); + if (vverbose) { + (void) printf("\t\t\t%d\n", + val->kdbe_val_t_u.av_len); + } + break; + case AT_PW_LAST_CHANGE: + (void) printf(_("\t\tPassword last changed\n")); + if (vverbose) { + print_time(&val->kdbe_val_t_u.av_pw_last_change); + } break; case AT_MOD_PRINC: (void) printf(_("\t\tModifying principal\n")); + if (vverbose) { + print_princ(&val->kdbe_val_t_u.av_mod_princ); + } break; case AT_MOD_TIME: (void) printf(_("\t\tModification time\n")); + if (vverbose) { + print_time(&val->kdbe_val_t_u.av_mod_time); + } break; case AT_MOD_WHERE: (void) printf(_("\t\tModified where\n")); - break; - case AT_PW_LAST_CHANGE: - (void) printf(_("\t\tPassword last changed\n")); + if (vverbose) { + print_str("where", + &val->kdbe_val_t_u.av_mod_where); + } break; case AT_PW_POLICY: (void) printf(_("\t\tPassword policy\n")); + if (vverbose) { + print_str("policy", + &val->kdbe_val_t_u.av_pw_policy); + } break; case AT_PW_POLICY_SWITCH: (void) printf(_("\t\tPassword policy switch\n")); + if (vverbose) { + (void) printf("\t\t\t%d\n", + val->kdbe_val_t_u.av_pw_policy_switch); + } break; case AT_PW_HIST_KVNO: (void) printf(_("\t\tPassword history KVNO\n")); + if (vverbose) { + (void) printf("\t\t\t%d\n", + val->kdbe_val_t_u.av_pw_hist_kvno); + } break; case AT_PW_HIST: (void) printf(_("\t\tPassword history\n")); + if (vverbose) { + (void) printf("\t\t\tPW history elided\n"); + } break; } /* switch */ @@ -107,7 +370,7 @@ print_attr(kdbe_attr_type_t type) * Print the update entry information */ static void -print_update(kdb_hlog_t *ulog, uint32_t entry, bool_t verbose) +print_update(kdb_hlog_t *ulog, uint32_t entry, unsigned int verbose) { XDR xdrs; uint32_t start_sno, i, j, indx; @@ -182,8 +445,8 @@ print_update(kdb_hlog_t *ulog, uint32_t entry, bool_t verbose) if (verbose) for (j = 0; j < upd.kdb_update.kdbe_t_len; j++) - print_attr( - upd.kdb_update.kdbe_t_val[j].av_type); + print_attr(&upd.kdb_update.kdbe_t_val[j], + verbose > 1 ? 1 : 0); xdr_free(xdr_kdb_incr_update_t, (char *)&upd); free(dbprinc); @@ -194,7 +457,7 @@ int main(int argc, char **argv) { int c; - bool_t verbose = FALSE; + unsigned int verbose = 0; bool_t headeronly = FALSE; uint32_t entry = 0; krb5_context context; @@ -222,7 +485,7 @@ main(int argc, char **argv) entry = atoi(optarg); break; case 'v': - verbose = TRUE; + verbose++; break; default: usage(); -- 2.26.2