Skip Menu |
 

From schwim@whatmore.Stanford.EDU Wed May 20 21:34:40 1998
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id VAA18968 for <bugs@RT-11.MIT.EDU>; Wed, 20 May 1998 21:34:39 -0400
Received: from whatmore.Stanford.EDU by MIT.EDU with SMTP
id AA07682; Wed, 20 May 98 21:34:44 EDT
Received: (from schwim@localhost)
by whatmore.Stanford.EDU (8.8.8/8.8.8) id SAA28126;
Wed, 20 May 1998 18:34:37 -0700 (PDT)
Message-Id: <199805210134.SAA28126@whatmore.Stanford.EDU>
Date: Wed, 20 May 1998 18:34:37 -0700 (PDT)
From: Larry Schwimmer <schwim@whatmore.Stanford.EDU>
To: krb5-bugs@MIT.EDU
Subject: PATCH: krb5-1.0.5 clients/kdestroy krb4 support

Show quoted text
>Number: 594
>Category: krb5-clients
>Synopsis: krb4 support for kdestroy
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Wed May 20 21:35:01 EDT 1998
>Last-Modified: Fri Sep 14 11:46:04 EDT 2001
>Originator: Larry Schwimmer
>Organization:
Stanford University
Show quoted text
>Release: krb5-1.0.5
>Environment:
ALL
Show quoted text
>Description:

In an environment that uses krb4 and krb5, it is useful to
have a kdestroy that destroys both k4 and k5 tickets.
The code to destroy a ticket is trivial; main difficulty in
coding the patch was printing the reply message.

Show quoted text
>How-To-Repeat:
>Fix:

1) clients/kdestroy/kdestroy.c

Adds three flags

-4 destroy k4 ticket
-5 destroy k5 ticket
-f suppress status message (a very quiet option)

The default behaviour added is to destroy both the k4 and k5 caches.

2) clients/kdestroy/kdestroy.M

Documentation for the -4, -5, -f flags and the krb4
environmental variable and default ticket file.

3) clients/kdestroy/configure

I know the "proper" file to patch is configure.in but until
the krb5 distribution works with standard autoconf, patching it just
tends to make builds fail. The changes needed is pretty
straightforward, though; it just adds in -lkrb4.

yours,
Larry Schwimmer
schwim@leland.stanford.edu
Leland Systems Group

--- clients/kdestroy/kdestroy.c.orig Fri Feb 6 19:41:52 1998
+++ clients/kdestroy/kdestroy.c Tue Apr 14 00:58:09 1998
@@ -25,6 +25,9 @@
*/

#include "krb5.h"
+#ifdef KRB5_KRB4_COMPAT
+#include <kerberosIV/krb.h>
+#endif
#include "com_err.h"
#include <string.h>
#include <stdio.h>
@@ -32,7 +35,60 @@
extern int optind;
extern char *optarg;

-void
+static int
+destroy_k5(fflag, quiet, kcontext, cache)
+ int fflag;
+ int quiet;
+ krb5_context *kcontext;
+ krb5_ccache cache;
+{
+ int code;
+
+ if (cache == NULL) {
+ if (code = krb5_cc_default(*kcontext, &cache)) {
+ com_err("kdestroy", code, "while getting default ccache");
+ return 1;
+ }
+ }
+
+ code = krb5_cc_destroy (*kcontext, cache);
+ if (code != 0 && code != KRB5_FCC_NOFILE) {
+ com_err ("kdestroy", code, "while destroying cache");
+ if (quiet)
+ fprintf(stderr, "Ticket cache NOT destroyed!\n");
+ else {
+#ifdef __STDC__
+ fprintf(stderr, "Ticket cache \aNOT\a destroyed!\n");
+#else
+ fprintf(stderr, "Ticket cache \007NOT\007 destroyed!\n");
+#endif
+ }
+ return 1;
+ }
+ return ((code == 0) ? 0 : 2);
+}
+
+#ifdef KRB5_KRB4_COMPAT
+static int
+destroy_k4(fflag, quiet)
+ int fflag;
+ int quiet;
+{
+ int code;
+
+ code = dest_tkt();
+
+ if (code != 0 && code != RET_TKFIL) {
+ fprintf(stderr, "Tickets NOT destroyed.\n");
+ if (!quiet)
+ fprintf(stderr, "\007");
+ return 1;
+ }
+ return (code == 0) ? 0 : 2;
+}
+#endif
+
+int
main(argc, argv)
int argc;
char **argv;
@@ -42,10 +98,18 @@
int c;
krb5_ccache cache = NULL;
char *cache_name = NULL;
- int code;
int errflg=0;
int quiet = 0;
-
+ int fflag = 0;
+ int v5_code = 0;
+#ifdef KRB5_KRB4_COMPAT
+ int v4_code = 0;
+ int v5_flag = 0;
+#else
+ int v5_flag = 1;
+#endif
+ int v4_flag = 0;
+
retval = krb5_init_context(&kcontext);
if (retval) {
com_err(argv[0], retval, "while initializing krb5");
@@ -55,18 +119,30 @@
if (strrchr(argv[0], '/'))
argv[0] = strrchr(argv[0], '/')+1;

- while ((c = getopt(argc, argv, "qc:")) != EOF) {
+ while ((c = getopt(argc, argv, "qc:f45")) != EOF) {
switch (c) {
case 'q':
quiet = 1;
- break;
+ break;
+ case 'f':
+ fflag++;
+ break;
+#ifdef KRB5_KRB4_COMPAT
+ case '4':
+ v4_flag++;
+ break;
+#endif
+ case '5':
+ v5_flag++;
+ break;
case 'c':
if (cache == NULL) {
cache_name = optarg;

- code = krb5_cc_resolve (kcontext, cache_name, &cache);
- if (code != 0) {
- com_err (argv[0], code, "while resolving %s", cache_name);
+ v5_code = krb5_cc_resolve (kcontext, cache_name, &cache);
+ if (v5_code != 0) {
+ com_err (argv[0], v5_code,
+ "while resolving %s", cache_name);
errflg++;
}
} else {
@@ -85,30 +161,66 @@
errflg++;

if (errflg) {
- fprintf(stderr, "Usage: %s [-q] [ -c cache-name ]\n", argv[0]);
+#ifdef KRB5_KRB4_COMPAT
+ fprintf(stderr, "Usage: %s [-qf45] [ -c cache-name ]\n", argv[0]);
+#else
+ fprintf(stderr, "Usage: %s [-qf] [ -c cache-name ]\n", argv[0]);
+#endif
exit(2);
}

- if (cache == NULL) {
- if (code = krb5_cc_default(kcontext, &cache)) {
- com_err(argv[0], code, "while getting default ccache");
- exit(1);
- }
+ if (v5_flag || !v4_flag) {
+ v5_code = destroy_k5(quiet,fflag,kcontext,cache);
+ if (v5_flag && !v4_flag)
+ switch (v5_code) {
+ case 2:
+ if (!fflag && !quiet)
+ fprintf(stderr, "No ticket cache to destroy.\n");
+ case 1:
+ exit(1);
+ default:
+ if (!fflag && !quiet)
+ fprintf(stderr,"Ticket cache destroyed.\n");
+ exit(0);
+ }
}
-
- code = krb5_cc_destroy (kcontext, cache);
- if (code != 0) {
- com_err (argv[0], code, "while destroying cache");
- if (quiet)
- fprintf(stderr, "Ticket cache NOT destroyed!\n");
- else {
-#ifdef __STDC__
- fprintf(stderr, "Ticket cache \aNOT\a destroyed!\n");
-#else
- fprintf(stderr, "Ticket cache \007NOT\007 destroyed!\n");
-#endif
- }
- exit (1);
+#ifdef KRB5_KRB4_COMPAT
+ if (v4_flag || !v5_flag) {
+ v4_code = destroy_k4(quiet,fflag);
+ if (v4_flag && !v5_flag)
+ switch (v5_code) {
+ case 2:
+ if (!fflag && !quiet)
+ fprintf(stderr, "No ticket to destroy.\n");
+ case 1:
+ exit(1);
+ default:
+ if (!fflag && !quiet)
+ fprintf(stderr,"Ticket destroyed.\n");
+ exit(0);
+ }
+ }
+ /* At this point, we called both routines.
+ * Case I: No tickets destroyed (v4_code == 2, v5_code == 2)
+ * Case II: One ticket destroyed (v4_code == 0 xor v5_code == 0)
+ * Case III: Two tickets destroyed (v4_code == v5_code == 0)
+ */
+ if (v4_code == 2 && v5_code == 2) {
+ if (!fflag && !quiet)
+ fprintf(stderr, "No ticket to destroy.\n");
+ exit(0);
+ } else if (v4_code != 0 && v5_code == 0) {
+ if (!fflag && !quiet)
+ fprintf(stderr,"Ticket cache destroyed.\n");
+ exit(v4_code);
+ } else if (v4_code == 0 && v5_code != 0) {
+ if (!fflag && !quiet)
+ fprintf(stderr,"Ticket destroyed.\n");
+ exit(v5_code);
+ } else if (v4_code == 0 && v5_code == 0) {
+ if (!fflag && !quiet)
+ fprintf(stderr,"Tickets destroyed.\n");
+ exit(0);
}
- exit (0);
+#endif /* KRB5_KRB4_COMPAT */
}
--- clients/kdestroy/kdestroy.M.orig Fri Feb 6 19:41:52 1998
+++ clients/kdestroy/kdestroy.M Wed May 20 18:23:11 1998
@@ -23,7 +23,7 @@
kdestroy \- destroy Kerberos tickets
.SH SYNOPSIS
.B kdestroy
-[\fB\-q\fP] [\fB\-c\fP \fIcache_name]
+[\fB\-qf45\fP] [\fB\-c\fP \fIcache_name]
.br
.SH DESCRIPTION
The
@@ -41,6 +41,15 @@
.B \-q
flag suppresses this behavior.
.TP
+.B \-f
+Run very quietly. Suppresses status message.
+.TP
+.B \-4
+Destroy kerberos 4 ticket file. Default is both.
+.TP
+.B \-5
+Destroy kerberos 5 credentials cache. Default is both.
+.TP
\fB\-c\fP \fIcache_name\fP
use
.I cache_name
@@ -49,8 +58,11 @@
.sp
The default credentials cache may vary between systems. If the
.SM KRB5CCNAME
-environment variable is set, its value is used to name the default
-ticket cache.
+environment variable is set, the value is used to name the default
+ticket cache. If the
+.SM KRBTKFILE
+environment variable is set, the value is used to name the default
+kerberos IV ticket file.
.PP
Most installations recommend that you place the
.I kdestroy
@@ -59,14 +71,20 @@
file, so that your tickets are destroyed automatically when you log out.
.SH ENVIRONMENT
.B Kdestroy
-uses the following environment variable:
+uses the following environment variables:
.TP "\w'.SM KRB5CCNAME\ \ 'u"
.SM KRB5CCNAME
Location of the credentials (ticket) cache.
+.TP "\w'.SM KRBTKFILE\ \ 'u"
+.SM KRBTKFILE
+Location of kerberos IV ticket file.
.SH FILES
.TP "\w'/tmp/krb5cc_[uid]\ \ 'u"
/tmp/krb5cc_[uid]
default credentials cache ([uid] is the decimal UID of the user).
+.TP "\w'/tmp/krb5cc_[uid]\ \ 'u"
+/tmp/tkt[uid]
+default kerberos IV ticket file ([uid] is the decimal UID of the user).
.SH SEE ALSO
kinit(1), klist(1)
.SH BUGS
--- clients/kdestroy/configure.orig Fri Feb 6 19:48:06 1998
+++ clients/kdestroy/configure Tue Apr 14 00:30:55 1998
@@ -1153,11 +1153,11 @@
LIBS="$save_LIBS"
fi
SRVDEPLIBS="\$(DEPLOCAL_LIBRARIES) $kadmsrv_deplib $gssrpc_deplib $gssapi_deplib $kdb5_deplib $kutil_deplib \$(TOPLIBD)/libkrb5.a $krb4_deplib \$(TOPLIBD)/libcrypto.a $ss_deplib $dyn_deplib $db_deplib \$(TOPLIBD)/libcom_err.a"
-SRVLIBS="\$(LOCAL_LIBRARIES) $kadmsrv_lib $gssrpc_lib $gssapi_lib $kdb5_lib $kutil_lib $krb4_lib -lkrb5 -lcrypto $ss_lib $dyn_lib $db_lib -lcom_err $LIBS"
+SRVLIBS="\$(LOCAL_LIBRARIES) $kadmsrv_lib $gssrpc_lib $gssapi_lib $kdb5_lib $kutil_lib $krb4_lib -lkrb5 -lkrb4 -lcrypto $ss_lib $dyn_lib $db_lib -lcom_err $LIBS"
CLNTDEPLIBS="\$(DEPLOCAL_LIBRARIES) $kadmclnt_deplib $gssrpc_deplib $gssapi_deplib $kdb5_deplib $kutil_deplib \$(TOPLIBD)/libkrb5.a $krb4_deplib \$(TOPLIBD)/libcrypto.a $ss_deplib $dyn_deplib $db_deplib \$(TOPLIBD)/libcom_err.a"
-CLNTLIBS="\$(LOCAL_LIBRARIES) $kadmclnt_lib $gssrpc_lib $gssapi_lib $kdb5_lib $kutil_lib $krb4_lib -lkrb5 -lcrypto $ss_lib $dyn_lib $db_lib -lcom_err $LIBS"
+CLNTLIBS="\$(LOCAL_LIBRARIES) $kadmclnt_lib $gssrpc_lib $gssapi_lib $kdb5_lib $kutil_lib $krb4_lib -lkrb5 -lkrb4 -lcrypto $ss_lib $dyn_lib $db_lib -lcom_err $LIBS"
DEPLIBS="\$(DEPLOCAL_LIBRARIES) $kadmclnt_deplib $kadmsrv_deplib $gssrpc_deplib $gssapi_deplib $kdb5_deplib $kutil_deplib \$(TOPLIBD)/libkrb5.a $krb4_deplib \$(TOPLIBD)/libcrypto.a $ss_deplib $dyn_deplib $db_deplib \$(TOPLIBD)/libcom_err.a"
-LIBS="\$(LOCAL_LIBRARIES) $kadmclnt_lib $kadmsrv_lib $gssrpc_lib $gssapi_lib $kdb5_lib $kutil_lib $krb4_lib -lkrb5 -lcrypto $ss_lib $dyn_lib $db_lib -lcom_err $LIBS"
+LIBS="\$(LOCAL_LIBRARIES) $kadmclnt_lib $kadmsrv_lib $gssrpc_lib $gssapi_lib $kdb5_lib $kutil_lib $krb4_lib -lkrb5 -lkrb4 -lcrypto $ss_lib $dyn_lib $db_lib -lcom_err $LIBS"
LDFLAGS="$LDFLAGS -L\$(TOPLIBD)"


Show quoted text
>Audit-Trail:

Responsible-Changed-From-To: gnats-admin->krb5-unassigned
Responsible-Changed-By: raeburn
Responsible-Changed-When: Fri Sep 14 11:45:58 2001
Responsible-Changed-Why:
reformat/refile
Show quoted text
>Unformatted:
was fixed around 1.2 or so