xref: /freebsd/crypto/heimdal/kuser/kdestroy.c (revision ec965063070e5753c166cf592c9336444b74720a)
1 /*
2  * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "kuser_locl.h"
35 
36 static const char *cache;
37 static const char *credential;
38 static int help_flag;
39 static int version_flag;
40 #ifndef NO_AFS
41 static int unlog_flag = 1;
42 #endif
43 static int dest_tkt_flag = 1;
44 static int all_flag = 0;
45 
46 struct getargs args[] = {
47     { "credential",	0,   arg_string, rk_UNCONST(&credential),
48       "remove one credential", "principal" },
49     { "cache",		'c', arg_string, rk_UNCONST(&cache), "cache to destroy", "cache" },
50     { "all",		'A', arg_flag, &all_flag, "destroy all caches", NULL },
51 #ifndef NO_AFS
52     { "unlog",		0,   arg_negative_flag, &unlog_flag,
53       "do not destroy tokens", NULL },
54 #endif
55     { "delete-v4",	0,   arg_negative_flag, &dest_tkt_flag,
56       "do not destroy v4 tickets", NULL },
57     { "version", 	0,   arg_flag, &version_flag, NULL, NULL },
58     { "help",		'h', arg_flag, &help_flag, NULL, NULL}
59 };
60 
61 int num_args = sizeof(args) / sizeof(args[0]);
62 
63 static void
64 usage (int status)
65 {
66     arg_printusage (args, num_args, NULL, "");
67     exit (status);
68 }
69 
70 int
71 main (int argc, char **argv)
72 {
73     krb5_error_code ret;
74     krb5_context context;
75     krb5_ccache  ccache;
76     int optidx = 0;
77     int exit_val = 0;
78 
79     setprogname (argv[0]);
80 
81     if(getarg(args, num_args, argc, argv, &optidx))
82 	usage(1);
83 
84     if (help_flag)
85 	usage (0);
86 
87     if(version_flag){
88 	print_version(NULL);
89 	exit(0);
90     }
91 
92     argc -= optidx;
93 #ifndef __clang_analyzer__
94     argv += optidx;
95 #endif
96 
97     if (argc != 0)
98 	usage (1);
99 
100     ret = krb5_init_context (&context);
101     if (ret)
102 	errx (1, "krb5_init_context failed: %d", ret);
103 
104     if (all_flag) {
105 	krb5_cccol_cursor cursor;
106 
107 	ret = krb5_cccol_cursor_new (context, &cursor);
108 	if (ret)
109 	    krb5_err(context, 1, ret, "krb5_cccol_cursor_new");
110 
111 	while (krb5_cccol_cursor_next (context, cursor, &ccache) == 0 && ccache != NULL) {
112 
113 	    ret = krb5_cc_destroy (context, ccache);
114 	    if (ret) {
115 		krb5_warn(context, ret, "krb5_cc_destroy");
116 		exit_val = 1;
117 	    }
118 	}
119 	krb5_cccol_cursor_free(context, &cursor);
120 
121     } else {
122 	if(cache == NULL) {
123 	    ret = krb5_cc_default(context, &ccache);
124 	    if (ret)
125 		krb5_err(context, 1, ret, "krb5_cc_default");
126 	} else {
127 	    ret =  krb5_cc_resolve(context,
128 				   cache,
129 				   &ccache);
130 	    if (ret)
131 		krb5_err(context, 1, ret, "krb5_cc_resolve");
132 	}
133 
134 	if (ret == 0) {
135 	    if (credential) {
136 		krb5_creds mcred;
137 
138 		krb5_cc_clear_mcred(&mcred);
139 
140 		ret = krb5_parse_name(context, credential, &mcred.server);
141 		if (ret)
142 		    krb5_err(context, 1, ret,
143 			     "Can't parse principal %s", credential);
144 
145 		ret = krb5_cc_remove_cred(context, ccache, 0, &mcred);
146 		if (ret)
147 		    krb5_err(context, 1, ret,
148 			     "Failed to remove principal %s", credential);
149 
150 		krb5_cc_close(context, ccache);
151 		krb5_free_principal(context, mcred.server);
152 		krb5_free_context(context);
153 		return 0;
154 	    }
155 
156 	    ret = krb5_cc_destroy (context, ccache);
157 	    if (ret) {
158 		krb5_warn(context, ret, "krb5_cc_destroy");
159 		exit_val = 1;
160 	    }
161 	}
162     }
163 
164     krb5_free_context (context);
165 
166 #ifndef NO_AFS
167     if (unlog_flag && k_hasafs ()) {
168 	if (k_unlog ())
169 	    exit_val = 1;
170     }
171 #endif
172 
173     return exit_val;
174 }
175