int get_timestamp_width (void)
{
static int width = 0;
if (width == 0) {
char time_string[BUFSIZ];
if (!krb5_timestamp_to_sfstring (now, time_string, 20, NULL) ||
!krb5_timestamp_to_sfstring (now, time_string, sizeof (time_string), NULL)) {
width = strlen (time_string);
} else {
width = 15;
}
}
return width;
}
static void
printtime(krb5_timestamp ts)
{
char timestring[BUFSIZ], fill = ' ';
if (!krb5_timestamp_to_sfstring(ts, timestring, timestamp_width + 1,
&fill))
printf("%s", timestring);
}
static isc_result_t
check_credentials(krb5_context context, krb5_ccache ccache, krb5_principal service)
{
char *realm = NULL;
krb5_creds creds;
krb5_creds mcreds;
krb5_error_code krberr;
krb5_timestamp now;
isc_result_t result = ISC_R_FAILURE;
memset(&mcreds, 0, sizeof(mcreds));
memset(&creds, 0, sizeof(creds));
krberr = krb5_get_default_realm(context, &realm);
CHECK_KRB5(context, krberr, "Failed to retrieve default realm");
krberr = krb5_build_principal(context, &mcreds.server,
strlen(realm), realm,
"krbtgt", realm, NULL);
CHECK_KRB5(context, krberr, "Failed to build 'krbtgt/REALM' principal");
mcreds.client = service;
krberr = krb5_cc_retrieve_cred(context, ccache, 0, &mcreds, &creds);
if (krberr) {
const char * errmsg = krb5_get_error_message(context, krberr);
log_error("Credentials are not present in cache (%s)\n", errmsg);
krb5_free_error_message(context, errmsg);
result = ISC_R_FAILURE;
goto cleanup;
}
CHECK_KRB5(context, krberr, "Credentials are not present in cache ");
krberr = krb5_timeofday(context, &now);
CHECK_KRB5(context, krberr, "Failed to get time of day");
if (now > (creds.times.endtime + KRB_MIN_TIME)) {
log_error("Credentials cache expired");
result = ISC_R_FAILURE;
goto cleanup;
} else {
char buf[255];
char fill = ' ';
krb5_timestamp_to_sfstring(creds.times.endtime, buf, 16, &fill);
log_info("Credentials valid til %s\n", buf);
}
result = ISC_R_SUCCESS;
cleanup:
krb5_free_cred_contents(context, &creds);
if (mcreds.server) krb5_free_principal(context, mcreds.server);
if (realm) krb5_free_default_realm(context, realm);
return result;
}
void printtime (time_t t)
{
char string[BUFSIZ];
char filler = ' ';
if (!krb5_timestamp_to_sfstring((krb5_timestamp) t, string,
get_timestamp_width() + 1, &filler)) {
printmsg ("%s", string);
}
}
int
main(int argc, char *argv[])
{
krb5_error_code ret;
char *name, tmp[BUFSIZ];
int c, mode;
setlocale(LC_ALL, "");
progname = GET_PROGNAME(argv[0]);
set_com_err_hook(extended_com_err_fn);
name = NULL;
mode = DEFAULT;
/* V = version so v can be used for verbose later if desired. */
while ((c = getopt(argc, argv, "dfetKsnacki45lAVC")) != -1) {
switch (c) {
case 'd':
show_adtype = 1;
break;
case 'f':
show_flags = 1;
break;
case 'e':
show_etype = 1;
break;
case 't':
show_time = 1;
break;
case 'K':
show_keys = 1;
break;
case 's':
status_only = 1;
break;
case 'n':
no_resolve = 1;
break;
case 'a':
show_addresses = 1;
break;
case 'c':
if (mode != DEFAULT)
usage();
mode = CCACHE;
break;
case 'k':
if (mode != DEFAULT)
usage();
mode = KEYTAB;
break;
case 'i':
use_client_keytab = 1;
break;
case '4':
fprintf(stderr, _("Kerberos 4 is no longer supported\n"));
exit(3);
break;
case '5':
break;
case 'l':
list_all = 1;
break;
case 'A':
show_all = 1;
break;
case 'C':
show_config = 1;
break;
case 'V':
print_version = 1;
break;
default:
usage();
break;
}
}
if (no_resolve && !show_addresses)
usage();
if (mode == DEFAULT || mode == CCACHE) {
if (show_time || show_keys)
usage();
if ((show_all && list_all) || (status_only && list_all))
usage();
} else {
if (show_flags || status_only || show_addresses ||
show_all || list_all)
usage();
}
if (argc - optind > 1) {
fprintf(stderr, _("Extra arguments (starting with \"%s\").\n"),
argv[optind + 1]);
usage();
}
if (print_version) {
#ifdef _WIN32 /* No access to autoconf vars; fix somehow. */
printf("Kerberos for Windows\n");
#else
printf(_("%s version %s\n"), PACKAGE_NAME, PACKAGE_VERSION);
#endif
exit(0);
}
name = (optind == argc - 1) ? argv[optind] : NULL;
now = time(0);
if (!krb5_timestamp_to_sfstring(now, tmp, 20, NULL) ||
!krb5_timestamp_to_sfstring(now, tmp, sizeof(tmp), NULL))
timestamp_width = (int)strlen(tmp);
else
timestamp_width = 15;
ret = krb5_init_context(&context);
if (ret) {
com_err(progname, ret, _("while initializing krb5"));
exit(1);
}
if (list_all)
list_all_ccaches();
else if (show_all)
show_all_ccaches();
else if (mode == DEFAULT || mode == CCACHE)
do_ccache_name(name);
else
do_keytab(name);
return 0;
}
