diff options
Diffstat (limited to 'crypto/heimdal/kuser/kdestroy.c')
-rw-r--r-- | crypto/heimdal/kuser/kdestroy.c | 156 |
1 files changed, 89 insertions, 67 deletions
diff --git a/crypto/heimdal/kuser/kdestroy.c b/crypto/heimdal/kuser/kdestroy.c index 5358fcd67d92..1823bf56ca48 100644 --- a/crypto/heimdal/kuser/kdestroy.c +++ b/crypto/heimdal/kuser/kdestroy.c @@ -1,52 +1,57 @@ /* - * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kuser_locl.h" -RCSID("$Id: kdestroy.c 20458 2007-04-19 20:41:27Z lha $"); static const char *cache; static const char *credential; static int help_flag; static int version_flag; +#ifndef NO_AFS static int unlog_flag = 1; +#endif static int dest_tkt_flag = 1; +static int all_flag = 0; struct getargs args[] = { - { "credential", 0, arg_string, &credential, + { "credential", 0, arg_string, rk_UNCONST(&credential), "remove one credential", "principal" }, - { "cache", 'c', arg_string, &cache, "cache to destroy", "cache" }, + { "cache", 'c', arg_string, rk_UNCONST(&cache), "cache to destroy", "cache" }, + { "all", 'A', arg_flag, &all_flag, "destroy all caches", NULL }, +#ifndef NO_AFS { "unlog", 0, arg_negative_flag, &unlog_flag, "do not destroy tokens", NULL }, +#endif { "delete-v4", 0, arg_negative_flag, &dest_tkt_flag, "do not destroy v4 tickets", NULL }, { "version", 0, arg_flag, &version_flag, NULL, NULL }, @@ -75,15 +80,15 @@ main (int argc, char **argv) if(getarg(args, num_args, argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); - + if(version_flag){ print_version(NULL); exit(0); } - + argc -= optidx; argv += optidx; @@ -93,58 +98,75 @@ main (int argc, char **argv) ret = krb5_init_context (&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - - if(cache == NULL) { - cache = krb5_cc_default_name(context); - if (cache == NULL) { - warnx ("krb5_cc_default_name: %s", krb5_get_err_text(context, ret)); - exit(1); - } - } - ret = krb5_cc_resolve(context, - cache, - &ccache); + if (all_flag) { + krb5_cccol_cursor cursor; - if (ret == 0) { - if (credential) { - krb5_creds mcred; - - krb5_cc_clear_mcred(&mcred); + ret = krb5_cccol_cursor_new (context, &cursor); + if (ret) + krb5_err(context, 1, ret, "krb5_cccol_cursor_new"); - ret = krb5_parse_name(context, credential, &mcred.server); - if (ret) - krb5_err(context, 1, ret, - "Can't parse principal %s", credential); + while (krb5_cccol_cursor_next (context, cursor, &ccache) == 0 && ccache != NULL) { - ret = krb5_cc_remove_cred(context, ccache, 0, &mcred); - if (ret) - krb5_err(context, 1, ret, - "Failed to remove principal %s", credential); + ret = krb5_cc_destroy (context, ccache); + if (ret) { + krb5_warn(context, ret, "krb5_cc_destroy"); + exit_val = 1; + } + } + krb5_cccol_cursor_free(context, &cursor); - krb5_cc_close(context, ccache); - krb5_free_principal(context, mcred.server); - krb5_free_context(context); - return 0; + } else { + if(cache == NULL) { + ret = krb5_cc_default(context, &ccache); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_default"); + } else { + ret = krb5_cc_resolve(context, + cache, + &ccache); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_resolve"); } - ret = krb5_cc_destroy (context, ccache); - if (ret) { - warnx ("krb5_cc_destroy: %s", krb5_get_err_text(context, ret)); - exit_val = 1; + if (ret == 0) { + if (credential) { + krb5_creds mcred; + + krb5_cc_clear_mcred(&mcred); + + ret = krb5_parse_name(context, credential, &mcred.server); + if (ret) + krb5_err(context, 1, ret, + "Can't parse principal %s", credential); + + ret = krb5_cc_remove_cred(context, ccache, 0, &mcred); + if (ret) + krb5_err(context, 1, ret, + "Failed to remove principal %s", credential); + + krb5_cc_close(context, ccache); + krb5_free_principal(context, mcred.server); + krb5_free_context(context); + return 0; + } + + ret = krb5_cc_destroy (context, ccache); + if (ret) { + krb5_warn(context, ret, "krb5_cc_destroy"); + exit_val = 1; + } } - } else { - warnx ("krb5_cc_resolve(%s): %s", cache, - krb5_get_err_text(context, ret)); - exit_val = 1; } krb5_free_context (context); +#ifndef NO_AFS if (unlog_flag && k_hasafs ()) { if (k_unlog ()) exit_val = 1; } +#endif return exit_val; } |