xref: /freebsd/crypto/heimdal/kuser/kdestroy.c (revision a5921bc3653e2e286715e6fe8d473ec0d02da38c)
1 /*
2  * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "kuser_locl.h"
35 
36 static const char *cache;
37 static const char *credential;
38 static int help_flag;
39 static int version_flag;
40 #ifndef NO_AFS
41 static int unlog_flag = 1;
42 #endif
43 static int dest_tkt_flag = 1;
44 static int all_flag = 0;
45 
46 struct getargs args[] = {
47     { "credential",	0,   arg_string, rk_UNCONST(&credential),
48       "remove one credential", "principal" },
49     { "cache",		'c', arg_string, rk_UNCONST(&cache), "cache to destroy", "cache" },
50     { "all",		'A', arg_flag, &all_flag, "destroy all caches", NULL },
51 #ifndef NO_AFS
52     { "unlog",		0,   arg_negative_flag, &unlog_flag,
53       "do not destroy tokens", NULL },
54 #endif
55     { "delete-v4",	0,   arg_negative_flag, &dest_tkt_flag,
56       "do not destroy v4 tickets", NULL },
57     { "version", 	0,   arg_flag, &version_flag, NULL, NULL },
58     { "help",		'h', arg_flag, &help_flag, NULL, NULL}
59 };
60 
61 int num_args = sizeof(args) / sizeof(args[0]);
62 
63 static void
64 usage (int status)
65 {
66     arg_printusage (args, num_args, NULL, "");
67     exit (status);
68 }
69 
70 int
71 main (int argc, char **argv)
72 {
73     krb5_error_code ret;
74     krb5_context context;
75     krb5_ccache  ccache;
76     int optidx = 0;
77     int exit_val = 0;
78 
79     setprogname (argv[0]);
80 
81     if(getarg(args, num_args, argc, argv, &optidx))
82 	usage(1);
83 
84     if (help_flag)
85 	usage (0);
86 
87     if(version_flag){
88 	print_version(NULL);
89 	exit(0);
90     }
91 
92     argc -= optidx;
93     argv += optidx;
94 
95     if (argc != 0)
96 	usage (1);
97 
98     ret = krb5_init_context (&context);
99     if (ret)
100 	errx (1, "krb5_init_context failed: %d", ret);
101 
102     if (all_flag) {
103 	krb5_cccol_cursor cursor;
104 
105 	ret = krb5_cccol_cursor_new (context, &cursor);
106 	if (ret)
107 	    krb5_err(context, 1, ret, "krb5_cccol_cursor_new");
108 
109 	while (krb5_cccol_cursor_next (context, cursor, &ccache) == 0 && ccache != NULL) {
110 
111 	    ret = krb5_cc_destroy (context, ccache);
112 	    if (ret) {
113 		krb5_warn(context, ret, "krb5_cc_destroy");
114 		exit_val = 1;
115 	    }
116 	}
117 	krb5_cccol_cursor_free(context, &cursor);
118 
119     } else {
120 	if(cache == NULL) {
121 	    ret = krb5_cc_default(context, &ccache);
122 	    if (ret)
123 		krb5_err(context, 1, ret, "krb5_cc_default");
124 	} else {
125 	    ret =  krb5_cc_resolve(context,
126 				   cache,
127 				   &ccache);
128 	    if (ret)
129 		krb5_err(context, 1, ret, "krb5_cc_resolve");
130 	}
131 
132 	if (ret == 0) {
133 	    if (credential) {
134 		krb5_creds mcred;
135 
136 		krb5_cc_clear_mcred(&mcred);
137 
138 		ret = krb5_parse_name(context, credential, &mcred.server);
139 		if (ret)
140 		    krb5_err(context, 1, ret,
141 			     "Can't parse principal %s", credential);
142 
143 		ret = krb5_cc_remove_cred(context, ccache, 0, &mcred);
144 		if (ret)
145 		    krb5_err(context, 1, ret,
146 			     "Failed to remove principal %s", credential);
147 
148 		krb5_cc_close(context, ccache);
149 		krb5_free_principal(context, mcred.server);
150 		krb5_free_context(context);
151 		return 0;
152 	    }
153 
154 	    ret = krb5_cc_destroy (context, ccache);
155 	    if (ret) {
156 		krb5_warn(context, ret, "krb5_cc_destroy");
157 		exit_val = 1;
158 	    }
159 	}
160     }
161 
162     krb5_free_context (context);
163 
164 #ifndef NO_AFS
165     if (unlog_flag && k_hasafs ()) {
166 	if (k_unlog ())
167 	    exit_val = 1;
168     }
169 #endif
170 
171     return exit_val;
172 }
173