use client-amel
[heimdal.git] / kuser / kdeltkt.c
blob1b4f9b6556df68b02b381b97e4f1e01e17bbf774
2 #include "kuser_locl.h"
4 static char *etypestr = 0;
5 static char *ccachestr = 0;
6 static char *flagstr = 0;
7 static int quiet_flag = 0;
8 static int help_flag = 0;
9 static int version_flag = 0;
11 struct getargs args[] = {
12 { "cache", 'c', arg_string, &ccachestr,
13 "Credentials cache", "cachename" },
14 { "enctype", 'e', arg_string, &etypestr,
15 "Encryption type", "enctype" },
16 { "flags", 'f', arg_string, &flagstr,
17 "Flags", "flags" },
18 { "quiet", 'q', arg_flag, &quiet_flag, "Quiet" },
19 { "version", 0, arg_flag, &version_flag },
20 { "help", 0, arg_flag, &help_flag }
23 static void
24 usage(int ret)
26 arg_printusage(args, sizeof(args)/sizeof(args[0]),
27 "Usage: ", "service1 [service2 ...]");
28 exit(ret);
31 static void do_kdeltkt (int argc, char *argv[], char *ccachestr, char *etypestr, int flags);
33 int main(int argc, char *argv[])
35 int optidx = 0;
36 int flags = 0;
38 setprogname(argv[0]);
40 if (getarg(args, sizeof(args)/sizeof(args[0]), argc, argv, &optidx))
41 usage (1);
43 if (help_flag)
44 usage(0);
46 if (version_flag) {
47 print_version(NULL);
48 exit(0);
51 argc -= optidx;
52 argv += optidx;
54 if (argc < 1)
55 usage (1);
57 if (flagstr)
58 flags = atoi(flagstr);
60 do_kdeltkt(argc, argv, ccachestr, etypestr, flags);
62 return 0;
65 static void do_kdeltkt (int count, char *names[],
66 char *ccachestr, char *etypestr, int flags)
68 krb5_context context;
69 krb5_error_code ret;
70 int i, errors;
71 krb5_enctype etype;
72 krb5_ccache ccache;
73 krb5_principal me;
74 krb5_creds in_creds, out_creds;
75 int retflags;
76 char *princ;
78 ret = krb5_init_context(&context);
79 if (ret)
80 errx(1, "krb5_init_context failed: %d", ret);
82 if (etypestr) {
83 ret = krb5_string_to_enctype(context, etypestr, &etype);
84 if (ret)
85 krb5_err(context, 1, ret, "Can't convert enctype %s", etypestr);
86 retflags = KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_MATCH_KEYTYPE;
87 } else {
88 etype = 0;
89 retflags = KRB5_TC_MATCH_SRV_NAMEONLY;
92 if (ccachestr)
93 ret = krb5_cc_resolve(context, ccachestr, &ccache);
94 else
95 ret = krb5_cc_default(context, &ccache);
96 if (ret)
97 krb5_err(context, 1, ret, "Can't open credentials cache");
99 ret = krb5_cc_get_principal(context, ccache, &me);
100 if (ret)
101 krb5_err(context, 1, ret, "Can't get client principal");
103 errors = 0;
105 for (i = 0; i < count; i++) {
106 memset(&in_creds, 0, sizeof(in_creds));
108 in_creds.client = me;
110 ret = krb5_parse_name(context, names[i], &in_creds.server);
111 if (ret) {
112 if (!quiet_flag)
113 krb5_warn(context, ret, "Can't parse principal name %s", names[i]);
114 errors++;
115 continue;
118 ret = krb5_unparse_name(context, in_creds.server, &princ);
119 if (ret) {
120 krb5_warn(context, ret, "Can't unparse principal name %s", names[i]);
121 errors++;
122 continue;
125 in_creds.session.keytype = etype;
127 ret = krb5_cc_retrieve_cred(context, ccache, retflags,
128 &in_creds, &out_creds);
129 if (ret) {
130 krb5_warn(context, ret, "Can't retrieve credentials for %s", princ);
132 krb5_free_unparsed_name(context, princ);
134 errors++;
135 continue;
138 ret = krb5_cc_remove_cred(context, ccache, flags, &out_creds);
140 krb5_free_principal(context, in_creds.server);
142 if (ret) {
143 krb5_warn(context, ret, "Can't remove credentials for %s", princ);
145 krb5_free_cred_contents(context, &out_creds);
146 krb5_free_unparsed_name(context, princ);
148 errors++;
149 continue;
152 krb5_free_unparsed_name(context, princ);
153 krb5_free_cred_contents(context, &out_creds);
156 krb5_free_principal(context, me);
157 krb5_cc_close(context, ccache);
158 krb5_free_context(context);
160 if (errors)
161 exit(1);
163 exit(0);