1/*
2 * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
3 * Use is subject to license terms.
4 */
5
6#pragma ident	"%Z%%M%	%I%	%E% SMI"
7
8/*
9 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
10 *
11 *	Openvision retains the copyright to derivative works of
12 *	this source code.  Do *NOT* create a derivative of this
13 *	source code before consulting with your legal department.
14 *	Do *NOT* integrate *ANY* of this source code into another
15 *	product before consulting with your legal department.
16 *
17 *	For further information, read the top-level Openvision
18 *	copyright which is contained in the top-level MIT Kerberos
19 *	copyright.
20 *
21 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
22 *
23 */
24
25
26/*
27 * kadmin/ktutil/ktutil.c
28 *
29 * Copyright 1995, 1996 by the Massachusetts Institute of Technology.
30 * All Rights Reserved.
31 *
32 * Export of this software from the United States of America may
33 *   require a specific license from the United States Government.
34 *   It is the responsibility of any person or organization contemplating
35 *   export to obtain such a license before exporting.
36 *
37 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
38 * distribute this software and its documentation for any purpose and
39 * without fee is hereby granted, provided that the above copyright
40 * notice appear in all copies and that both that copyright notice and
41 * this permission notice appear in supporting documentation, and that
42 * the name of M.I.T. not be used in advertising or publicity pertaining
43 * to distribution of the software without specific, written prior
44 * permission.  Furthermore if you modify this software you must label
45 * your software as modified software and not distribute it in such a
46 * fashion that it might be confused with the original M.I.T. software.
47 * M.I.T. makes no representations about the suitability of
48 * this software for any purpose.  It is provided "as is" without express
49 * or implied warranty.
50 *
51 * SS user interface for ktutil.
52 */
53
54#include "k5-int.h"
55#include "ktutil.h"
56#include <com_err.h>
57#include <ss/ss.h>
58#include <stdio.h>
59#ifdef HAVE_STDLIB_H
60#include <stdlib.h>
61#endif
62#include <libintl.h>
63#include <locale.h>
64
65extern ss_request_table ktutil_cmds;
66krb5_context kcontext;
67krb5_kt_list ktlist = NULL;
68
69int main(argc, argv)
70    int argc;
71    char *argv[];
72{
73    krb5_error_code retval;
74    int sci_idx;
75
76	(void) setlocale(LC_ALL, "");
77
78#if !defined(TEXT_DOMAIN)  /* Should be defined by cc -D */
79#define	TEXT_DOMAIN	"SYS_TEST"	/* Use this only if it weren't */
80#endif
81
82	(void) textdomain(TEXT_DOMAIN);
83
84    retval = krb5_init_context(&kcontext);
85    if (retval) {
86		com_err(argv[0], retval, gettext("while initializing krb5"));
87	exit(1);
88    }
89	retval = ktutil_initialize_cmds_table (&ktutil_cmds);
90	if (retval) {
91		com_err(argv[0], retval,
92		    gettext("while localizing command description messages"));
93		exit(1);
94	}
95    sci_idx = ss_create_invocation("ktutil", "5.0", (char *) NULL,
96				   &ktutil_cmds, &retval);
97    if (retval) {
98	ss_perror(sci_idx, retval, gettext("creating invocation"));
99	exit(1);
100    }
101    retval = ss_listen(sci_idx);
102    ktutil_free_kt_list(kcontext, ktlist);
103    exit(0);
104}
105
106void ktutil_clear_list(argc, argv)
107    int argc;
108    char *argv[];
109{
110    krb5_error_code retval;
111
112    if (argc != 1) {
113		fprintf(stderr, gettext("%s: invalid arguments\n"), argv[0]);
114	return;
115    }
116    retval = ktutil_free_kt_list(kcontext, ktlist);
117    if (retval)
118		com_err(argv[0], retval, gettext("while freeing ktlist"));
119    ktlist = NULL;
120}
121
122void ktutil_read_v5(argc, argv)
123    int argc;
124    char *argv[];
125{
126    krb5_error_code retval;
127
128    if (argc != 2) {
129		fprintf(stderr,
130			gettext("%s: must specify keytab to read\n"), argv[0]);
131	return;
132    }
133    retval = ktutil_read_keytab(kcontext, argv[1], &ktlist);
134    if (retval)
135		com_err(argv[0], retval,
136		    gettext("while reading keytab \"%s\""), argv[1]);
137}
138
139void ktutil_read_v4(argc, argv)
140    int argc;
141    char *argv[];
142{
143#ifdef KRB5_KRB4_COMPAT
144    krb5_error_code retval;
145
146    if (argc != 2) {
147		fprintf(stderr,
148		    gettext("%s: must specify the srvtab to read\n"), argv[0]);
149	return;
150    }
151    retval = ktutil_read_srvtab(kcontext, argv[1], &ktlist);
152    if (retval)
153		com_err(argv[0], retval,
154		    gettext("while reading srvtab \"%s\""), argv[1]);
155#else
156	fprintf(stderr, gettext("%s: krb4 support not configured\n"), argv[0]);
157#endif
158}
159
160void ktutil_write_v5(argc, argv)
161    int argc;
162    char *argv[];
163{
164    krb5_error_code retval;
165
166    if (argc != 2) {
167		fprintf(stderr,
168		    gettext("%s: must specify keytab to write\n"), argv[0]);
169	return;
170    }
171    retval = ktutil_write_keytab(kcontext, ktlist, argv[1]);
172    if (retval)
173		com_err(argv[0], retval,
174		    gettext("while writing keytab \"%s\""), argv[1]);
175}
176
177void ktutil_write_v4(argc, argv)
178    int argc;
179    char *argv[];
180{
181#ifdef KRB5_KRB4_COMPAT
182    krb5_error_code retval;
183
184    if (argc != 2) {
185		fprintf(stderr,
186		    gettext("%s: must specify srvtab to write\n"), argv[0]);
187	return;
188    }
189    retval = ktutil_write_srvtab(kcontext, ktlist, argv[1]);
190    if (retval)
191		com_err(argv[0], retval,
192		    gettext("while writing srvtab \"%s\""), argv[1]);
193#else
194	fprintf(stderr, gettext("%s: krb4 support not configured\n"), argv[0]);
195#endif
196}
197
198void ktutil_add_entry(argc, argv)
199    int argc;
200    char *argv[];
201{
202    krb5_error_code retval;
203    char *princ = NULL;
204    char *enctype = NULL;
205    krb5_kvno kvno = 0;
206    int use_pass = 0, use_key = 0, i;
207
208    for (i = 1; i < argc; i++) {
209	if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-p", 2)) {
210	    princ = argv[++i];
211	    continue;
212	}
213	if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-k", 2)) {
214	    kvno = (krb5_kvno) atoi(argv[++i]);
215	    continue;
216	}
217	if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-e", 2)) {
218	    enctype = argv[++i];
219	    continue;
220	}
221	if ((strlen(argv[i]) == 9) && !strncmp(argv[i], "-password", 9)) {
222	    use_pass++;
223	    continue;
224	}
225	if ((strlen(argv[i]) == 4) && !strncmp(argv[i], "-key", 4)) {
226	    use_key++;
227	    continue;
228	}
229    }
230
231    if (argc != 8 || !(princ && kvno && enctype) || (use_pass+use_key != 1)) {
232        fprintf(stderr, "%s: %s (-key | -password) -p principal "
233		"-k kvno -e enctype\n", gettext("usage"), argv[0]);
234	return;
235    }
236
237    retval = ktutil_add(kcontext, &ktlist, princ, kvno, enctype, use_pass);
238    if (retval)
239        com_err(argv[0], retval, gettext("while adding new entry"));
240}
241
242void ktutil_delete_entry(argc, argv)
243    int argc;
244    char *argv[];
245{
246    krb5_error_code retval;
247
248    if (argc != 2) {
249	fprintf(stderr,
250	    gettext("%s: must specify entry to delete\n"), argv[0]);
251	return;
252    }
253    retval = ktutil_delete(kcontext, &ktlist, atoi(argv[1]));
254    if (retval)
255	com_err(argv[0], retval,
256		    gettext("while deleting entry %d"), atoi(argv[1]));
257}
258
259void ktutil_list(argc, argv)
260    int argc;
261    char *argv[];
262{
263    krb5_error_code retval;
264    krb5_kt_list lp;
265    int show_time = 0, show_keys = 0, show_enctype = 0;
266    int i, j;
267    char *pname;
268
269    for (i = 1; i < argc; i++) {
270	if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-t", 2)) {
271	    show_time++;
272	    continue;
273	}
274	if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-k", 2)) {
275	    show_keys++;
276	    continue;
277	}
278	if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-e", 2)) {
279	    show_enctype++;
280	    continue;
281	}
282
283	fprintf(stderr, "%s: %s [-t] [-k] [-e]\n", gettext("usage"), argv[0]);
284	return;
285    }
286    if (show_time) {
287	printf(gettext("slot KVNO Timestamp         Principal\n"));
288	printf("---- ---- ----------------- ---------------------------------------------------\n");
289    } else {
290	printf(gettext("slot KVNO Principal\n"));
291	printf("---- ---- ---------------------------------------------------------------------\n");
292    }
293    for (i = 1, lp = ktlist; lp; i++, lp = lp->next) {
294	retval = krb5_unparse_name(kcontext, lp->entry->principal, &pname);
295	if (retval) {
296	    com_err(argv[0], retval,
297	    gettext("while unparsing principal name"));
298	    return;
299	}
300	printf("%4d %4d ", i, lp->entry->vno);
301	if (show_time) {
302	    char fmtbuf[18];
303	    char fill;
304	    time_t tstamp;
305
306	    (void) localtime(&tstamp);
307	    lp->entry->timestamp = tstamp;
308	    fill = ' ';
309	    if (!krb5_timestamp_to_sfstring((krb5_timestamp)lp->entry->
310					    	timestamp,
311					    fmtbuf,
312					    sizeof(fmtbuf),
313					    &fill))
314		printf("%s ", fmtbuf);
315	}
316	printf("%40s", pname);
317	if (show_enctype) {
318	    static char buf[256];
319		if ((retval = krb5_enctype_to_string(
320		    lp->entry->key.enctype, buf, 256))) {
321		    if (retval == EINVAL)
322			snprintf(buf, sizeof(buf), gettext("unsupported encryption type %d"),
323			    lp->entry->key.enctype);
324		    else {
325			com_err(argv[0], retval,
326			    gettext("While converting "
327			    "enctype to string"));
328			return;
329		    }
330		}
331	    printf(" (%s) ", buf);
332	}
333
334	if (show_keys) {
335	    printf(" (0x");
336	    for (j = 0; j < lp->entry->key.length; j++)
337		printf("%02x", lp->entry->key.contents[j]);
338	    printf(")");
339	}
340	printf("\n");
341	krb5_xfree(pname);
342    }
343}
344
345
346
347
348
349
350
351
352
353
354