/**
* shishi_init_with_paths:
* @handle: Pointer to a Shishi handle created by this call.
* @tktsfile: Filename of ticket file, or %NULL.
* @systemcfgfile: Filename of system configuration, or %NULL.
* @usercfgfile: Filename of user configuration, or %NULL.
*
* Creates a Shishi library handle, using shishi(), and reads the system
* configuration file, user configuration file, and user tickets at
* the specified locations. If any of @usercfgfile or @systemcfgfile
* is %NULL, the file is read from its default location, which for
* the system configuration is decided at compile time, and is
* $sysconfdir/shishi.conf, and for the user configuration it is
* $HOME/.shishi/config. If the ticket file name is %NULL, a ticket
* file is not read at all.
*
* The handle is allocated regardless of return value. The single
* exception being %SHISHI_HANDLE_ERROR, which indicates a problem
* in allocating the handle. Other error conditions could arise
* while reading files.
*
* Return value: Returns %SHISHI_OK iff successful.
**/
int
shishi_init_with_paths (Shishi ** handle,
const char *tktsfile,
const char *systemcfgfile, const char *usercfgfile)
{
if (!handle || !(*handle = shishi ()))
return SHISHI_HANDLE_ERROR;
shishi_tkts_default_file_set (*handle, tktsfile);
return init_read (*handle, tktsfile, systemcfgfile, usercfgfile);
}
/**
* shishi_done:
* @handle: Shishi handle as allocated by shishi_init().
*
* Deallocates the Shishi library handle. The handle must not be used
* in any call to a shishi function after an execution of shishi_done().
*
* If there is a default #tkts, it is written to the default tkts file.
* If you do not wish to write the default tkts file, close the
* default file before calling this function. It is closed with a
* simple #shishi_tkts_done(@handle, %NULL). For related information,
* see shishi_tkts_default_file_set().
**/
void
shishi_done (Shishi * handle)
{
int rc;
if (handle->tkts)
{
shishi_tkts_to_file (handle->tkts, shishi_tkts_default_file (handle));
shishi_tkts_done (&handle->tkts);
}
shishi_principal_default_set (handle, NULL);
shishi_tkts_default_file_set (handle, NULL);
#ifdef USE_STARTTLS
rc = _shishi_tls_done (handle);
if (rc != SHISHI_OK)
shishi_warn (handle, "Cannot deinitialize TLS library");
#endif
if (handle->realminfos)
{
size_t i, j;
for (i = 0; i < handle->nrealminfos; i++)
{
/* XXX free each address */
free (handle->realminfos[i].kdcaddresses);
free (handle->realminfos[i].name);
for (j = 0; j < handle->realminfos[i].nserverwildcards; j++)
free (handle->realminfos[i].serverwildcards[j]);
}
}
free (handle->default_realm);
free (handle->usercfgfile);
free (handle->hostkeysdefaultfile);
free (handle->clientkdcetypes);
free (handle->authorizationtypes);
free (handle->stringprocess);
free (handle->userdirectory);
if (handle->asn1)
shishi_asn1_done (handle, handle->asn1);
free (handle);
}
int
main (int argc, char *argv[])
{
struct gengetopt_args_info args;
time_t starttime, endtime, renew_till;
Shishi *sh;
int rc;
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
textdomain (PACKAGE);
set_program_name (argv[0]);
if (cmdline_parser (argc, argv, &args) != 0)
usage (EXIT_FAILURE);
if (args.version_given)
{
version_etc (stdout, "shishi", PACKAGE_NAME, VERSION,
"Simon Josefsson", (char *) NULL);
return EXIT_SUCCESS;
}
if (args.inputs_num > 2 ||
args.destroy_given + args.list_given + args.renew_given > 1)
{
error (0, 0, _("too many arguments"));
usage (EXIT_FAILURE);
}
if (args.help_given)
usage (EXIT_SUCCESS);
rc = shishi_init_with_paths (&sh, args.ticket_file_arg,
args.system_configuration_file_arg,
args.configuration_file_arg);
if (rc == SHISHI_HANDLE_ERROR)
error (EXIT_FAILURE, 0, _("Could not initialize libshishi."));
rc = shishi_cfg_clientkdcetype_set (sh, args.encryption_type_arg);
if (rc != SHISHI_OK)
error (EXIT_FAILURE, 0, _("Could not set encryption types: %s"),
shishi_strerror (rc));
if (args.inputs_num > 0)
{
rc = shishi_parse_name (sh, args.inputs[0],
(args.client_name_arg ? NULL :
&args.client_name_arg),
(args.realm_arg ? NULL : &args.realm_arg));
if (rc != SHISHI_OK)
error (EXIT_FAILURE, 0,
_("Could not parse client principal \"%s\": %s"),
args.inputs[0], shishi_strerror (rc));
}
if (args.inputs_num > 1)
{
rc = shishi_parse_name (sh, args.inputs[1],
(args.server_name_arg ? NULL :
&args.server_name_arg),
(args.realm_arg ? NULL : &args.realm_arg));
if (rc != SHISHI_OK)
error (EXIT_FAILURE, 0,
_("Could not parse server principal \"%s\": %s"),
args.inputs[1], shishi_strerror (rc));
}
rc = shishi_cfg (sh, args.library_options_arg);
if (rc != SHISHI_OK)
error (EXIT_FAILURE, 0, _("Could not read library options: %s"),
shishi_strerror (rc));
if (args.verbose_given > 0)
shishi_cfg (sh, "verbose");
if (args.verbose_given > 1)
shishi_cfg (sh, "verbose-noise");
if (args.verbose_given > 2)
shishi_cfg (sh, "verbose-asn1");
if (args.verbose_given > 3)
shishi_cfg (sh, "verbose-crypto");
if (args.verbose_given > 4)
shishi_cfg (sh, "verbose-crypto-noise");
if (args.starttime_arg)
{
starttime = shishi_get_date (args.starttime_arg, NULL);
if (starttime == -1)
error (EXIT_FAILURE, 0, _("Invalid --starttime date `%s'"),
args.starttime_arg);
}
else
starttime = time (NULL);
if (args.endtime_arg)
{
endtime = shishi_get_date (args.endtime_arg, &starttime);
if (endtime == -1)
error (EXIT_FAILURE, 0, _("Invalid --endtime date `%s'"),
args.starttime_arg);
}
else
endtime = 0;
if (args.renew_till_arg)
{
renew_till = shishi_get_date (args.renew_till_arg, &starttime);
if (renew_till == -1)
error (EXIT_FAILURE, 0, _("Invalid --renew-till date `%s'"),
args.renew_till_arg);
}
else
renew_till = 0;
if (args.client_name_arg)
shishi_principal_default_set (sh, args.client_name_arg);
if (args.realm_arg)
shishi_realm_default_set (sh, args.realm_arg);
if (!args.ticket_granter_arg)
asprintf (&args.ticket_granter_arg, "krbtgt/%s",
shishi_realm_default (sh));
if (args.list_flag)
{
if (!args.quiet_flag)
printf (_("Tickets in `%s':\n"), shishi_tkts_default_file (sh));
rc = shishi_tkts_print_for_service (shishi_tkts_default (sh),
stdout, args.server_name_arg);
if (rc != SHISHI_OK)
error (EXIT_FAILURE, 0, _("Could not list tickets: %s"),
shishi_strerror (rc));
}
else if (args.destroy_flag)
{
int i, removed = 0;
for (i = 0; i < shishi_tkts_size (shishi_tkts_default (sh)); i++)
{
if (args.server_name_arg &&
!shishi_tkt_server_p (shishi_tkts_nth (shishi_tkts_default (sh),
i),
args.server_name_arg))
continue;
if (args.verbose_given)
{
printf (_("Removing ticket:\n"));
shishi_tkt_pretty_print (shishi_tkts_nth
(shishi_tkts_default (sh), i), stdout);
}
rc = shishi_tkts_remove (shishi_tkts_default (sh), i);
if (rc != SHISHI_OK)
error (EXIT_FAILURE, 0, _("Could not destroy ticket %d:\n%s"), i,
shishi_strerror (rc));
i--;
removed++;
}
if (!args.quiet_flag)
{
if (removed == 0)
printf (_("No tickets removed.\n"));
else
printf (ngettext ("%d ticket removed.\n",
"%d tickets removed.\n", removed), removed);
}
}
else if (args.renew_given)
{
error (EXIT_FAILURE, 0, "Command --renew not implemented.");
}
else
{
Shishi_tkt *tkt;
Shishi_tkts_hint hint;
memset (&hint, 0, sizeof (hint));
hint.client = args.client_name_arg;
hint.server = args.server_name_arg ? args.server_name_arg :
args.ticket_granter_arg;
hint.starttime = starttime;
hint.endtime = endtime;
hint.renew_till = renew_till;
if (args.renewable_flag)
hint.tktflags |= SHISHI_TICKETFLAGS_RENEWABLE;
if (args.proxiable_flag)
hint.tktflags |= SHISHI_TICKETFLAGS_PROXIABLE;
if (args.proxy_flag)
hint.tktflags |= SHISHI_TICKETFLAGS_PROXY;
if (args.forwardable_flag)
hint.tktflags |= SHISHI_TICKETFLAGS_FORWARDABLE;
if (args.forwarded_flag)
hint.tktflags |= SHISHI_TICKETFLAGS_FORWARDED;
tkt = shishi_tkts_get (shishi_tkts_default (sh), &hint);
if (!tkt)
error (EXIT_FAILURE, 0, _("Could not get ticket as `%s' for `%s'."),
hint.client ? hint.client : shishi_principal_default (sh),
hint.server);
shishi_tkt_pretty_print (tkt, stdout);
}
shishi_tkts_expire (shishi_tkts_default (sh));
if (args.ticket_write_file_arg)
shishi_tkts_default_file_set (sh, args.ticket_write_file_arg);
shishi_done (sh);
return EXIT_SUCCESS;
}
