1 /*
2 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 #pragma ident "%Z%%M% %I% %E% SMI"
7
8 /*
9 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
10 *
11 * Openvision retains the copyright to derivative works of
12 * this source code. Do *NOT* create a derivative of this
13 * source code before consulting with your legal department.
14 * Do *NOT* integrate *ANY* of this source code into another
15 * product before consulting with your legal department.
16 *
17 * For further information, read the top-level Openvision
18 * copyright which is contained in the top-level MIT Kerberos
19 * copyright.
20 *
21 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
22 *
23 */
24
25
26 /*
27 * kadmin/ktutil/ktutil.c
28 *
29 * Copyright 1995, 1996 by the Massachusetts Institute of Technology.
30 * All Rights Reserved.
31 *
32 * Export of this software from the United States of America may
33 * require a specific license from the United States Government.
34 * It is the responsibility of any person or organization contemplating
35 * export to obtain such a license before exporting.
36 *
37 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
38 * distribute this software and its documentation for any purpose and
39 * without fee is hereby granted, provided that the above copyright
40 * notice appear in all copies and that both that copyright notice and
41 * this permission notice appear in supporting documentation, and that
42 * the name of M.I.T. not be used in advertising or publicity pertaining
43 * to distribution of the software without specific, written prior
44 * permission. Furthermore if you modify this software you must label
45 * your software as modified software and not distribute it in such a
46 * fashion that it might be confused with the original M.I.T. software.
47 * M.I.T. makes no representations about the suitability of
48 * this software for any purpose. It is provided "as is" without express
49 * or implied warranty.
50 *
51 * SS user interface for ktutil.
52 */
53
54 #include "k5-int.h"
55 #include "ktutil.h"
56 #include <com_err.h>
57 #include <ss/ss.h>
58 #include <stdio.h>
59 #ifdef HAVE_STDLIB_H
60 #include <stdlib.h>
61 #endif
62 #include <libintl.h>
63 #include <locale.h>
64
65 extern ss_request_table ktutil_cmds;
66 krb5_context kcontext;
67 krb5_kt_list ktlist = NULL;
68
main(argc,argv)69 int main(argc, argv)
70 int argc;
71 char *argv[];
72 {
73 krb5_error_code retval;
74 int sci_idx;
75
76 (void) setlocale(LC_ALL, "");
77
78 #if !defined(TEXT_DOMAIN) /* Should be defined by cc -D */
79 #define TEXT_DOMAIN "SYS_TEST" /* Use this only if it weren't */
80 #endif
81
82 (void) textdomain(TEXT_DOMAIN);
83
84 retval = krb5_init_context(&kcontext);
85 if (retval) {
86 com_err(argv[0], retval, gettext("while initializing krb5"));
87 exit(1);
88 }
89 retval = ktutil_initialize_cmds_table (&ktutil_cmds);
90 if (retval) {
91 com_err(argv[0], retval,
92 gettext("while localizing command description messages"));
93 exit(1);
94 }
95 sci_idx = ss_create_invocation("ktutil", "5.0", (char *) NULL,
96 &ktutil_cmds, &retval);
97 if (retval) {
98 ss_perror(sci_idx, retval, gettext("creating invocation"));
99 exit(1);
100 }
101 retval = ss_listen(sci_idx);
102 ktutil_free_kt_list(kcontext, ktlist);
103 exit(0);
104 }
105
ktutil_clear_list(argc,argv)106 void ktutil_clear_list(argc, argv)
107 int argc;
108 char *argv[];
109 {
110 krb5_error_code retval;
111
112 if (argc != 1) {
113 fprintf(stderr, gettext("%s: invalid arguments\n"), argv[0]);
114 return;
115 }
116 retval = ktutil_free_kt_list(kcontext, ktlist);
117 if (retval)
118 com_err(argv[0], retval, gettext("while freeing ktlist"));
119 ktlist = NULL;
120 }
121
ktutil_read_v5(argc,argv)122 void ktutil_read_v5(argc, argv)
123 int argc;
124 char *argv[];
125 {
126 krb5_error_code retval;
127
128 if (argc != 2) {
129 fprintf(stderr,
130 gettext("%s: must specify keytab to read\n"), argv[0]);
131 return;
132 }
133 retval = ktutil_read_keytab(kcontext, argv[1], &ktlist);
134 if (retval)
135 com_err(argv[0], retval,
136 gettext("while reading keytab \"%s\""), argv[1]);
137 }
138
ktutil_read_v4(argc,argv)139 void ktutil_read_v4(argc, argv)
140 int argc;
141 char *argv[];
142 {
143 #ifdef KRB5_KRB4_COMPAT
144 krb5_error_code retval;
145
146 if (argc != 2) {
147 fprintf(stderr,
148 gettext("%s: must specify the srvtab to read\n"), argv[0]);
149 return;
150 }
151 retval = ktutil_read_srvtab(kcontext, argv[1], &ktlist);
152 if (retval)
153 com_err(argv[0], retval,
154 gettext("while reading srvtab \"%s\""), argv[1]);
155 #else
156 fprintf(stderr, gettext("%s: krb4 support not configured\n"), argv[0]);
157 #endif
158 }
159
ktutil_write_v5(argc,argv)160 void ktutil_write_v5(argc, argv)
161 int argc;
162 char *argv[];
163 {
164 krb5_error_code retval;
165
166 if (argc != 2) {
167 fprintf(stderr,
168 gettext("%s: must specify keytab to write\n"), argv[0]);
169 return;
170 }
171 retval = ktutil_write_keytab(kcontext, ktlist, argv[1]);
172 if (retval)
173 com_err(argv[0], retval,
174 gettext("while writing keytab \"%s\""), argv[1]);
175 }
176
ktutil_write_v4(argc,argv)177 void ktutil_write_v4(argc, argv)
178 int argc;
179 char *argv[];
180 {
181 #ifdef KRB5_KRB4_COMPAT
182 krb5_error_code retval;
183
184 if (argc != 2) {
185 fprintf(stderr,
186 gettext("%s: must specify srvtab to write\n"), argv[0]);
187 return;
188 }
189 retval = ktutil_write_srvtab(kcontext, ktlist, argv[1]);
190 if (retval)
191 com_err(argv[0], retval,
192 gettext("while writing srvtab \"%s\""), argv[1]);
193 #else
194 fprintf(stderr, gettext("%s: krb4 support not configured\n"), argv[0]);
195 #endif
196 }
197
ktutil_add_entry(argc,argv)198 void ktutil_add_entry(argc, argv)
199 int argc;
200 char *argv[];
201 {
202 krb5_error_code retval;
203 char *princ = NULL;
204 char *enctype = NULL;
205 krb5_kvno kvno = 0;
206 int use_pass = 0, use_key = 0, i;
207
208 for (i = 1; i < argc; i++) {
209 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-p", 2)) {
210 princ = argv[++i];
211 continue;
212 }
213 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-k", 2)) {
214 kvno = (krb5_kvno) atoi(argv[++i]);
215 continue;
216 }
217 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-e", 2)) {
218 enctype = argv[++i];
219 continue;
220 }
221 if ((strlen(argv[i]) == 9) && !strncmp(argv[i], "-password", 9)) {
222 use_pass++;
223 continue;
224 }
225 if ((strlen(argv[i]) == 4) && !strncmp(argv[i], "-key", 4)) {
226 use_key++;
227 continue;
228 }
229 }
230
231 if (argc != 8 || !(princ && kvno && enctype) || (use_pass+use_key != 1)) {
232 fprintf(stderr, "%s: %s (-key | -password) -p principal "
233 "-k kvno -e enctype\n", gettext("usage"), argv[0]);
234 return;
235 }
236
237 retval = ktutil_add(kcontext, &ktlist, princ, kvno, enctype, use_pass);
238 if (retval)
239 com_err(argv[0], retval, gettext("while adding new entry"));
240 }
241
ktutil_delete_entry(argc,argv)242 void ktutil_delete_entry(argc, argv)
243 int argc;
244 char *argv[];
245 {
246 krb5_error_code retval;
247
248 if (argc != 2) {
249 fprintf(stderr,
250 gettext("%s: must specify entry to delete\n"), argv[0]);
251 return;
252 }
253 retval = ktutil_delete(kcontext, &ktlist, atoi(argv[1]));
254 if (retval)
255 com_err(argv[0], retval,
256 gettext("while deleting entry %d"), atoi(argv[1]));
257 }
258
ktutil_list(argc,argv)259 void ktutil_list(argc, argv)
260 int argc;
261 char *argv[];
262 {
263 krb5_error_code retval;
264 krb5_kt_list lp;
265 int show_time = 0, show_keys = 0, show_enctype = 0;
266 int i, j;
267 char *pname;
268
269 for (i = 1; i < argc; i++) {
270 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-t", 2)) {
271 show_time++;
272 continue;
273 }
274 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-k", 2)) {
275 show_keys++;
276 continue;
277 }
278 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-e", 2)) {
279 show_enctype++;
280 continue;
281 }
282
283 fprintf(stderr, "%s: %s [-t] [-k] [-e]\n", gettext("usage"), argv[0]);
284 return;
285 }
286 if (show_time) {
287 printf(gettext("slot KVNO Timestamp Principal\n"));
288 printf("---- ---- ----------------- ---------------------------------------------------\n");
289 } else {
290 printf(gettext("slot KVNO Principal\n"));
291 printf("---- ---- ---------------------------------------------------------------------\n");
292 }
293 for (i = 1, lp = ktlist; lp; i++, lp = lp->next) {
294 retval = krb5_unparse_name(kcontext, lp->entry->principal, &pname);
295 if (retval) {
296 com_err(argv[0], retval,
297 gettext("while unparsing principal name"));
298 return;
299 }
300 printf("%4d %4d ", i, lp->entry->vno);
301 if (show_time) {
302 char fmtbuf[18];
303 char fill;
304 time_t tstamp;
305
306 (void) localtime(&tstamp);
307 lp->entry->timestamp = tstamp;
308 fill = ' ';
309 if (!krb5_timestamp_to_sfstring((krb5_timestamp)lp->entry->
310 timestamp,
311 fmtbuf,
312 sizeof(fmtbuf),
313 &fill))
314 printf("%s ", fmtbuf);
315 }
316 printf("%40s", pname);
317 if (show_enctype) {
318 static char buf[256];
319 if ((retval = krb5_enctype_to_string(
320 lp->entry->key.enctype, buf, 256))) {
321 if (retval == EINVAL)
322 snprintf(buf, sizeof(buf), gettext("unsupported encryption type %d"),
323 lp->entry->key.enctype);
324 else {
325 com_err(argv[0], retval,
326 gettext("While converting "
327 "enctype to string"));
328 return;
329 }
330 }
331 printf(" (%s) ", buf);
332 }
333
334 if (show_keys) {
335 printf(" (0x");
336 for (j = 0; j < lp->entry->key.length; j++)
337 printf("%02x", lp->entry->key.contents[j]);
338 printf(")");
339 }
340 printf("\n");
341 krb5_xfree(pname);
342 }
343 }
344
345
346
347
348
349
350
351
352
353
354