1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 2 /* kadmin/ktutil/ktutil.c - SS user interface for ktutil */ 3 /* 4 * Copyright 1995, 1996, 2008 by the Massachusetts Institute of Technology. 5 * All Rights Reserved. 6 * 7 * Export of this software from the United States of America may 8 * require a specific license from the United States Government. 9 * It is the responsibility of any person or organization contemplating 10 * export to obtain such a license before exporting. 11 * 12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 13 * distribute this software and its documentation for any purpose and 14 * without fee is hereby granted, provided that the above copyright 15 * notice appear in all copies and that both that copyright notice and 16 * this permission notice appear in supporting documentation, and that 17 * the name of M.I.T. not be used in advertising or publicity pertaining 18 * to distribution of the software without specific, written prior 19 * permission. Furthermore if you modify this software you must label 20 * your software as modified software and not distribute it in such a 21 * fashion that it might be confused with the original M.I.T. software. 22 * M.I.T. makes no representations about the suitability of 23 * this software for any purpose. It is provided "as is" without express 24 * or implied warranty. 25 */ 26 27 #include "k5-int.h" 28 #include "ktutil.h" 29 #include <com_err.h> 30 #include <locale.h> 31 #include "adm_proto.h" 32 #include <ss/ss.h> 33 #include <stdio.h> 34 #ifdef HAVE_STDLIB_H 35 #include <stdlib.h> 36 #endif 37 38 extern ss_request_table ktutil_cmds; 39 krb5_context kcontext; 40 krb5_kt_list ktlist = NULL; 41 42 int main(argc, argv) 43 int argc; 44 char *argv[]; 45 { 46 krb5_error_code retval; 47 int sci_idx; 48 49 setlocale(LC_ALL, ""); 50 retval = krb5_init_context(&kcontext); 51 if (retval) { 52 com_err(argv[0], retval, _("while initializing krb5")); 53 exit(1); 54 } 55 sci_idx = ss_create_invocation("ktutil", "5.0", (char *)NULL, 56 &ktutil_cmds, &retval); 57 if (retval) { 58 ss_perror(sci_idx, retval, _("creating invocation")); 59 exit(1); 60 } 61 retval = ss_listen(sci_idx); 62 ktutil_free_kt_list(kcontext, ktlist); 63 exit(0); 64 } 65 66 void ktutil_clear_list(argc, argv) 67 int argc; 68 char *argv[]; 69 { 70 krb5_error_code retval; 71 72 if (argc != 1) { 73 fprintf(stderr, _("%s: invalid arguments\n"), argv[0]); 74 return; 75 } 76 retval = ktutil_free_kt_list(kcontext, ktlist); 77 if (retval) 78 com_err(argv[0], retval, _("while freeing ktlist")); 79 ktlist = NULL; 80 } 81 82 void ktutil_read_v5(argc, argv) 83 int argc; 84 char *argv[]; 85 { 86 krb5_error_code retval; 87 88 if (argc != 2) { 89 fprintf(stderr, _("%s: must specify keytab to read\n"), argv[0]); 90 return; 91 } 92 retval = ktutil_read_keytab(kcontext, argv[1], &ktlist); 93 if (retval) 94 com_err(argv[0], retval, _("while reading keytab \"%s\""), argv[1]); 95 } 96 97 void ktutil_read_v4(argc, argv) 98 int argc; 99 char *argv[]; 100 { 101 fprintf(stderr, _("%s: reading srvtabs is no longer supported\n"), 102 argv[0]); 103 } 104 105 void ktutil_write_v5(argc, argv) 106 int argc; 107 char *argv[]; 108 { 109 krb5_error_code retval; 110 111 if (argc != 2) { 112 fprintf(stderr, _("%s: must specify keytab to write\n"), argv[0]); 113 return; 114 } 115 retval = ktutil_write_keytab(kcontext, ktlist, argv[1]); 116 if (retval) 117 com_err(argv[0], retval, _("while writing keytab \"%s\""), argv[1]); 118 } 119 120 void ktutil_write_v4(argc, argv) 121 int argc; 122 char *argv[]; 123 { 124 fprintf(stderr, _("%s: writing srvtabs is no longer supported\n"), 125 argv[0]); 126 } 127 128 void ktutil_add_entry(argc, argv) 129 int argc; 130 char *argv[]; 131 { 132 krb5_error_code retval; 133 char *princ = NULL; 134 char *enctype = NULL; 135 krb5_kvno kvno = 0; 136 int use_pass = 0, use_key = 0, use_kvno = 0, fetch = 0, i; 137 char *salt = NULL; 138 139 for (i = 1; i < argc; i++) { 140 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-p", 2)) { 141 princ = argv[++i]; 142 continue; 143 } 144 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-k", 2)) { 145 kvno = (krb5_kvno) atoi(argv[++i]); 146 use_kvno++; 147 continue; 148 } 149 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-e", 2)) { 150 enctype = argv[++i]; 151 continue; 152 } 153 if ((strlen(argv[i]) == 9) && !strncmp(argv[i], "-password", 9)) { 154 use_pass++; 155 continue; 156 } 157 if ((strlen(argv[i]) == 4) && !strncmp(argv[i], "-key", 4)) { 158 use_key++; 159 continue; 160 } 161 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-s", 2)) { 162 salt = argv[++i]; 163 continue; 164 } 165 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-f", 2)) 166 fetch++; 167 } 168 169 if (princ == NULL || use_pass + use_key != 1 || !use_kvno || 170 (fetch && salt != NULL)) { 171 fprintf(stderr, _("usage: %s (-key | -password) -p principal " 172 "-k kvno [-e enctype] [-f|-s salt]\n"), argv[0]); 173 return; 174 } 175 if (!fetch && enctype == NULL) { 176 fprintf(stderr, _("enctype must be specified if not using -f\n")); 177 return; 178 } 179 180 retval = ktutil_add(kcontext, &ktlist, princ, fetch, kvno, enctype, 181 use_pass, salt); 182 if (retval) 183 com_err(argv[0], retval, _("while adding new entry")); 184 } 185 186 void ktutil_delete_entry(argc, argv) 187 int argc; 188 char *argv[]; 189 { 190 krb5_error_code retval; 191 192 if (argc != 2) { 193 fprintf(stderr, _("%s: must specify entry to delete\n"), argv[0]); 194 return; 195 } 196 retval = ktutil_delete(kcontext, &ktlist, atoi(argv[1])); 197 if (retval) 198 com_err(argv[0], retval, _("while deleting entry %d"), atoi(argv[1])); 199 } 200 201 void ktutil_list(argc, argv) 202 int argc; 203 char *argv[]; 204 { 205 krb5_error_code retval; 206 krb5_kt_list lp; 207 int show_time = 0, show_keys = 0, show_enctype = 0; 208 int i; 209 unsigned int j; 210 char *pname; 211 212 for (i = 1; i < argc; i++) { 213 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-t", 2)) { 214 show_time++; 215 continue; 216 } 217 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-k", 2)) { 218 show_keys++; 219 continue; 220 } 221 if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-e", 2)) { 222 show_enctype++; 223 continue; 224 } 225 226 fprintf(stderr, _("%s: usage: %s [-t] [-k] [-e]\n"), argv[0], argv[0]); 227 return; 228 } 229 /* XXX Translating would disturb table alignment; skip for now. */ 230 if (show_time) { 231 printf("slot KVNO Timestamp Principal\n"); 232 printf("---- ---- ----------------- ---------------------------------------------------\n"); 233 } else { 234 printf("slot KVNO Principal\n"); 235 printf("---- ---- ---------------------------------------------------------------------\n"); 236 } 237 for (i = 1, lp = ktlist; lp; i++, lp = lp->next) { 238 retval = krb5_unparse_name(kcontext, lp->entry->principal, &pname); 239 if (retval) { 240 com_err(argv[0], retval, "while unparsing principal name"); 241 return; 242 } 243 printf("%4d %4d ", i, lp->entry->vno); 244 if (show_time) { 245 char fmtbuf[18]; 246 char fill; 247 time_t tstamp; 248 249 tstamp = lp->entry->timestamp; 250 lp->entry->timestamp = tstamp; 251 fill = ' '; 252 if (!krb5_timestamp_to_sfstring((krb5_timestamp)lp->entry-> 253 timestamp, 254 fmtbuf, 255 sizeof(fmtbuf), 256 &fill)) 257 printf("%s ", fmtbuf); 258 } 259 printf("%40s", pname); 260 if (show_enctype) { 261 static char buf[256]; 262 if ((retval = krb5_enctype_to_name(lp->entry->key.enctype, FALSE, 263 buf, sizeof(buf)))) { 264 com_err(argv[0], retval, 265 _("While converting enctype to string")); 266 return; 267 } 268 printf(" (%s) ", buf); 269 } 270 271 if (show_keys) { 272 printf(" (0x"); 273 for (j = 0; j < lp->entry->key.length; j++) 274 printf("%02x", lp->entry->key.contents[j]); 275 printf(")"); 276 } 277 printf("\n"); 278 free(pname); 279 } 280 } 281