1 /* $NetBSD: kdeltkt.c,v 1.1.1.2 2014/04/24 12:45:28 pettai Exp $ */
4 #include "kuser_locl.h"
6 static char *etypestr
= 0;
7 static char *ccachestr
= 0;
8 static char *flagstr
= 0;
9 static int quiet_flag
= 0;
10 static int help_flag
= 0;
11 static int version_flag
= 0;
13 struct getargs args
[] = {
14 { "cache", 'c', arg_string
, &ccachestr
,
15 "Credentials cache", "cachename" },
16 { "enctype", 'e', arg_string
, &etypestr
,
17 "Encryption type", "enctype" },
18 { "flags", 'f', arg_string
, &flagstr
,
20 { "quiet", 'q', arg_flag
, &quiet_flag
, "Quiet" },
21 { "version", 0, arg_flag
, &version_flag
},
22 { "help", 0, arg_flag
, &help_flag
}
28 arg_printusage(args
, sizeof(args
)/sizeof(args
[0]),
29 "Usage: ", "service1 [service2 ...]");
33 static void do_kdeltkt (int argc
, char *argv
[], char *ccachestr
, char *etypestr
, int flags
);
35 int main(int argc
, char *argv
[])
42 if (getarg(args
, sizeof(args
)/sizeof(args
[0]), argc
, argv
, &optidx
))
60 flags
= atoi(flagstr
);
62 do_kdeltkt(argc
, argv
, ccachestr
, etypestr
, flags
);
67 static void do_kdeltkt (int count
, char *names
[],
68 char *ccachestr
, char *etypestr
, int flags
)
76 krb5_creds in_creds
, out_creds
;
80 ret
= krb5_init_context(&context
);
82 errx(1, "krb5_init_context failed: %d", ret
);
85 ret
= krb5_string_to_enctype(context
, etypestr
, &etype
);
87 krb5_err(context
, 1, ret
, "Can't convert enctype %s", etypestr
);
88 retflags
= KRB5_TC_MATCH_SRV_NAMEONLY
| KRB5_TC_MATCH_KEYTYPE
;
91 retflags
= KRB5_TC_MATCH_SRV_NAMEONLY
;
95 ret
= krb5_cc_resolve(context
, ccachestr
, &ccache
);
97 ret
= krb5_cc_default(context
, &ccache
);
99 krb5_err(context
, 1, ret
, "Can't open credentials cache");
101 ret
= krb5_cc_get_principal(context
, ccache
, &me
);
103 krb5_err(context
, 1, ret
, "Can't get client principal");
107 for (i
= 0; i
< count
; i
++) {
108 memset(&in_creds
, 0, sizeof(in_creds
));
110 in_creds
.client
= me
;
112 ret
= krb5_parse_name(context
, names
[i
], &in_creds
.server
);
115 krb5_warn(context
, ret
, "Can't parse principal name %s", names
[i
]);
120 ret
= krb5_unparse_name(context
, in_creds
.server
, &princ
);
122 krb5_warn(context
, ret
, "Can't unparse principal name %s", names
[i
]);
127 in_creds
.session
.keytype
= etype
;
129 ret
= krb5_cc_retrieve_cred(context
, ccache
, retflags
,
130 &in_creds
, &out_creds
);
132 krb5_warn(context
, ret
, "Can't retrieve credentials for %s", princ
);
134 krb5_free_unparsed_name(context
, princ
);
140 ret
= krb5_cc_remove_cred(context
, ccache
, flags
, &out_creds
);
142 krb5_free_principal(context
, in_creds
.server
);
145 krb5_warn(context
, ret
, "Can't remove credentials for %s", princ
);
147 krb5_free_cred_contents(context
, &out_creds
);
148 krb5_free_unparsed_name(context
, princ
);
154 krb5_free_unparsed_name(context
, princ
);
155 krb5_free_cred_contents(context
, &out_creds
);
158 krb5_free_principal(context
, me
);
159 krb5_cc_close(context
, ccache
);
160 krb5_free_context(context
);