do chdir("/") after chroot()
[heimdal.git] / kuser / kverify.c
blob64bd54a2bea8989c2340b6916dd3720e69480169
1 /*
2 * Copyright (c) 1997 - 2005, 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
34 #include "kuser_locl.h"
36 static int help_flag = 0;
37 static int version_flag = 0;
39 static struct getargs args[] = {
40 { "version", 0, arg_flag, &version_flag },
41 { "help", 0, arg_flag, &help_flag }
44 static void
45 usage (int ret)
47 arg_printusage (args,
48 sizeof(args)/sizeof(*args),
49 NULL,
50 "[principal]");
51 exit (ret);
54 int
55 main(int argc, char **argv)
57 krb5_context context;
58 krb5_error_code ret;
59 krb5_creds cred;
60 krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP};
61 krb5_get_init_creds_opt *get_options;
62 krb5_verify_init_creds_opt verify_options;
63 krb5_principal principal = NULL;
64 int optidx = 0;
66 setprogname (argv[0]);
68 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
69 usage(1);
71 if (help_flag)
72 usage (0);
74 if(version_flag) {
75 print_version(NULL);
76 exit(0);
79 argc -= optidx;
80 argv += optidx;
82 ret = krb5_init_context(&context);
83 if (ret)
84 errx (1, "krb5_init_context failed: %d", ret);
86 ret = krb5_get_init_creds_opt_alloc (context, &get_options);
87 if (ret)
88 krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc");
90 krb5_get_init_creds_opt_set_preauth_list (get_options,
91 pre_auth_types,
92 1);
94 krb5_verify_init_creds_opt_init (&verify_options);
96 if (argc) {
97 ret = krb5_parse_name(context, argv[0], &principal);
98 if (ret)
99 krb5_err(context, 1, ret, "krb5_parse_name: %s", argv[0]);
100 } else {
101 ret = krb5_get_default_principal(context, &principal);
102 if (ret)
103 krb5_err(context, 1, ret, "krb5_get_default_principal");
107 ret = krb5_get_init_creds_password (context,
108 &cred,
109 principal,
110 NULL,
111 krb5_prompter_posix,
112 NULL,
114 NULL,
115 get_options);
116 if (ret)
117 krb5_err(context, 1, ret, "krb5_get_init_creds");
119 ret = krb5_verify_init_creds (context,
120 &cred,
121 NULL,
122 NULL,
123 NULL,
124 &verify_options);
125 if (ret)
126 krb5_err(context, 1, ret, "krb5_verify_init_creds");
127 krb5_free_cred_contents (context, &cred);
128 krb5_free_context (context);
129 return 0;