155682Smarkm/* 2233294Sstas * Copyright (c) 1997-2008 Kungliga Tekniska H��gskolan 3233294Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4233294Sstas * All rights reserved. 555682Smarkm * 6233294Sstas * Portions Copyright (c) 2009 Apple Inc. All rights reserved. 755682Smarkm * 8233294Sstas * Redistribution and use in source and binary forms, with or without 9233294Sstas * modification, are permitted provided that the following conditions 10233294Sstas * are met: 1155682Smarkm * 12233294Sstas * 1. Redistributions of source code must retain the above copyright 13233294Sstas * notice, this list of conditions and the following disclaimer. 1455682Smarkm * 15233294Sstas * 2. Redistributions in binary form must reproduce the above copyright 16233294Sstas * notice, this list of conditions and the following disclaimer in the 17233294Sstas * documentation and/or other materials provided with the distribution. 1855682Smarkm * 19233294Sstas * 3. Neither the name of the Institute nor the names of its contributors 20233294Sstas * may be used to endorse or promote products derived from this software 21233294Sstas * without specific prior written permission. 22233294Sstas * 23233294Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24233294Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25233294Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26233294Sstas * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27233294Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28233294Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29233294Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30233294Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31233294Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32233294Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33233294Sstas * SUCH DAMAGE. 3455682Smarkm */ 3555682Smarkm 3655682Smarkm#include "kuser_locl.h" 3772445Sassar#include "rtbl.h" 38233294Sstas#include "parse_units.h" 39233294Sstas#include "kcc-commands.h" 4055682Smarkm 4155682Smarkmstatic char* 42233294Sstasprintable_time_internal(time_t t, int x) 4355682Smarkm{ 4455682Smarkm static char s[128]; 45233294Sstas char *p; 46233294Sstas 47233294Sstas if ((p = ctime(&t)) == NULL) 48233294Sstas strlcpy(s, "?", sizeof(s)); 49233294Sstas else 50233294Sstas strlcpy(s, p + 4, sizeof(s)); 51233294Sstas s[x] = 0; 5255682Smarkm return s; 5355682Smarkm} 5455682Smarkm 5555682Smarkmstatic char* 56233294Sstasprintable_time(time_t t) 57233294Sstas{ 58233294Sstas return printable_time_internal(t, 20); 59233294Sstas} 60233294Sstas 61233294Sstasstatic char* 6255682Smarkmprintable_time_long(time_t t) 6355682Smarkm{ 64233294Sstas return printable_time_internal(t, 20); 6555682Smarkm} 6655682Smarkm 67233294Sstas#define COL_ISSUED NP_(" Issued","") 68233294Sstas#define COL_EXPIRES NP_(" Expires", "") 69233294Sstas#define COL_FLAGS NP_("Flags", "") 70233294Sstas#define COL_NAME NP_(" Name", "") 71233294Sstas#define COL_PRINCIPAL NP_(" Principal", "in klist output") 72233294Sstas#define COL_PRINCIPAL_KVNO NP_(" Principal (kvno)", "in klist output") 73233294Sstas#define COL_CACHENAME NP_(" Cache name", "name in klist output") 74233294Sstas#define COL_DEFCACHE NP_("", "") 7572445Sassar 7655682Smarkmstatic void 7772445Sassarprint_cred(krb5_context context, krb5_creds *cred, rtbl_t ct, int do_flags) 7855682Smarkm{ 7955682Smarkm char *str; 8055682Smarkm krb5_error_code ret; 8157416Smarkm krb5_timestamp sec; 8255682Smarkm 8355682Smarkm krb5_timeofday (context, &sec); 8455682Smarkm 8572445Sassar 8655682Smarkm if(cred->times.starttime) 8772445Sassar rtbl_add_column_entry(ct, COL_ISSUED, 8872445Sassar printable_time(cred->times.starttime)); 8955682Smarkm else 9072445Sassar rtbl_add_column_entry(ct, COL_ISSUED, 9172445Sassar printable_time(cred->times.authtime)); 92233294Sstas 9355682Smarkm if(cred->times.endtime > sec) 9472445Sassar rtbl_add_column_entry(ct, COL_EXPIRES, 9572445Sassar printable_time(cred->times.endtime)); 9655682Smarkm else 97233294Sstas rtbl_add_column_entry(ct, COL_EXPIRES, N_(">>>Expired<<<", "")); 9855682Smarkm ret = krb5_unparse_name (context, cred->server, &str); 9955682Smarkm if (ret) 10055682Smarkm krb5_err(context, 1, ret, "krb5_unparse_name"); 10172445Sassar rtbl_add_column_entry(ct, COL_PRINCIPAL, str); 10272445Sassar if(do_flags) { 10372445Sassar char s[16], *sp = s; 10472445Sassar if(cred->flags.b.forwardable) 10572445Sassar *sp++ = 'F'; 10672445Sassar if(cred->flags.b.forwarded) 10772445Sassar *sp++ = 'f'; 10872445Sassar if(cred->flags.b.proxiable) 10972445Sassar *sp++ = 'P'; 11072445Sassar if(cred->flags.b.proxy) 11172445Sassar *sp++ = 'p'; 11272445Sassar if(cred->flags.b.may_postdate) 11372445Sassar *sp++ = 'D'; 11472445Sassar if(cred->flags.b.postdated) 11572445Sassar *sp++ = 'd'; 11672445Sassar if(cred->flags.b.renewable) 11772445Sassar *sp++ = 'R'; 11872445Sassar if(cred->flags.b.initial) 11972445Sassar *sp++ = 'I'; 12072445Sassar if(cred->flags.b.invalid) 12172445Sassar *sp++ = 'i'; 12272445Sassar if(cred->flags.b.pre_authent) 12372445Sassar *sp++ = 'A'; 12472445Sassar if(cred->flags.b.hw_authent) 12572445Sassar *sp++ = 'H'; 126233294Sstas *sp = '\0'; 12772445Sassar rtbl_add_column_entry(ct, COL_FLAGS, s); 12872445Sassar } 12972445Sassar free(str); 13055682Smarkm} 13155682Smarkm 13255682Smarkmstatic void 13355682Smarkmprint_cred_verbose(krb5_context context, krb5_creds *cred) 13455682Smarkm{ 135233294Sstas size_t j; 13655682Smarkm char *str; 13755682Smarkm krb5_error_code ret; 13857416Smarkm krb5_timestamp sec; 13955682Smarkm 14055682Smarkm krb5_timeofday (context, &sec); 14155682Smarkm 14255682Smarkm ret = krb5_unparse_name(context, cred->server, &str); 14355682Smarkm if(ret) 14455682Smarkm exit(1); 145233294Sstas printf(N_("Server: %s\n", ""), str); 14655682Smarkm free (str); 147178825Sdfr 148178825Sdfr ret = krb5_unparse_name(context, cred->client, &str); 149178825Sdfr if(ret) 150178825Sdfr exit(1); 151233294Sstas printf(N_("Client: %s\n", ""), str); 152178825Sdfr free (str); 153178825Sdfr 15455682Smarkm { 15555682Smarkm Ticket t; 15655682Smarkm size_t len; 15755682Smarkm char *s; 15855682Smarkm 15955682Smarkm decode_Ticket(cred->ticket.data, cred->ticket.length, &t, &len); 16055682Smarkm ret = krb5_enctype_to_string(context, t.enc_part.etype, &s); 161233294Sstas printf(N_("Ticket etype: ", "")); 16255682Smarkm if (ret == 0) { 16372445Sassar printf("%s", s); 16455682Smarkm free(s); 16555682Smarkm } else { 166233294Sstas printf(N_("unknown-enctype(%d)", ""), t.enc_part.etype); 16755682Smarkm } 16855682Smarkm if(t.enc_part.kvno) 169233294Sstas printf(N_(", kvno %d", ""), *t.enc_part.kvno); 17055682Smarkm printf("\n"); 17155682Smarkm if(cred->session.keytype != t.enc_part.etype) { 172178825Sdfr ret = krb5_enctype_to_string(context, cred->session.keytype, &str); 17355682Smarkm if(ret) 17455682Smarkm krb5_warn(context, ret, "session keytype"); 17555682Smarkm else { 176233294Sstas printf(N_("Session key: %s\n", "enctype"), str); 17755682Smarkm free(str); 17855682Smarkm } 17955682Smarkm } 18055682Smarkm free_Ticket(&t); 181233294Sstas printf(N_("Ticket length: %lu\n", ""), 182233294Sstas (unsigned long)cred->ticket.length); 18355682Smarkm } 184233294Sstas printf(N_("Auth time: %s\n", ""), 185233294Sstas printable_time_long(cred->times.authtime)); 18655682Smarkm if(cred->times.authtime != cred->times.starttime) 187233294Sstas printf(N_("Start time: %s\n", ""), 188233294Sstas printable_time_long(cred->times.starttime)); 189233294Sstas printf(N_("End time: %s", ""), 190233294Sstas printable_time_long(cred->times.endtime)); 19155682Smarkm if(sec > cred->times.endtime) 192233294Sstas printf(N_(" (expired)", "")); 19355682Smarkm printf("\n"); 19455682Smarkm if(cred->flags.b.renewable) 195233294Sstas printf(N_("Renew till: %s\n", ""), 19655682Smarkm printable_time_long(cred->times.renew_till)); 197233294Sstas { 198233294Sstas char flags[1024]; 199233294Sstas unparse_flags(TicketFlags2int(cred->flags.b), 200233294Sstas asn1_TicketFlags_units(), 201233294Sstas flags, sizeof(flags)); 202233294Sstas printf(N_("Ticket flags: %s\n", ""), flags); 203233294Sstas } 204233294Sstas printf(N_("Addresses: ", "")); 205178825Sdfr if (cred->addresses.len != 0) { 206178825Sdfr for(j = 0; j < cred->addresses.len; j++){ 207178825Sdfr char buf[128]; 208178825Sdfr size_t len; 209178825Sdfr if(j) printf(", "); 210233294Sstas ret = krb5_print_address(&cred->addresses.val[j], 211178825Sdfr buf, sizeof(buf), &len); 212233294Sstas 213178825Sdfr if(ret == 0) 214178825Sdfr printf("%s", buf); 215178825Sdfr } 216178825Sdfr } else { 217233294Sstas printf(N_("addressless", "")); 21855682Smarkm } 21955682Smarkm printf("\n\n"); 22055682Smarkm} 22155682Smarkm 22255682Smarkm/* 22355682Smarkm * Print all tickets in `ccache' on stdout, verbosily iff do_verbose. 22455682Smarkm */ 22555682Smarkm 22655682Smarkmstatic void 22755682Smarkmprint_tickets (krb5_context context, 22855682Smarkm krb5_ccache ccache, 22955682Smarkm krb5_principal principal, 23072445Sassar int do_verbose, 231178825Sdfr int do_flags, 232178825Sdfr int do_hidden) 23355682Smarkm{ 23455682Smarkm krb5_error_code ret; 235233294Sstas char *str, *name; 23655682Smarkm krb5_cc_cursor cursor; 23755682Smarkm krb5_creds creds; 238233294Sstas krb5_deltat sec; 23955682Smarkm 24072445Sassar rtbl_t ct = NULL; 24172445Sassar 24255682Smarkm ret = krb5_unparse_name (context, principal, &str); 24355682Smarkm if (ret) 24455682Smarkm krb5_err (context, 1, ret, "krb5_unparse_name"); 24555682Smarkm 246233294Sstas printf ("%17s: %s:%s\n", 247233294Sstas N_("Credentials cache", ""), 24855682Smarkm krb5_cc_get_type(context, ccache), 24955682Smarkm krb5_cc_get_name(context, ccache)); 250233294Sstas printf ("%17s: %s\n", N_("Principal", ""), str); 251233294Sstas 252233294Sstas ret = krb5_cc_get_friendly_name(context, ccache, &name); 253233294Sstas if (ret == 0) { 254233294Sstas if (strcmp(name, str) != 0) 255233294Sstas printf ("%17s: %s\n", N_("Friendly name", ""), name); 256233294Sstas free(name); 257233294Sstas } 25855682Smarkm free (str); 259233294Sstas 260233294Sstas if(do_verbose) { 261233294Sstas printf ("%17s: %d\n", N_("Cache version", ""), 26255682Smarkm krb5_cc_get_version(context, ccache)); 263233294Sstas } else { 264233294Sstas krb5_cc_set_flags(context, ccache, KRB5_TC_NOTICKET); 265233294Sstas } 266178825Sdfr 267233294Sstas ret = krb5_cc_get_kdc_offset(context, ccache, &sec); 268233294Sstas 269233294Sstas if (ret == 0 && do_verbose && sec != 0) { 27055682Smarkm char buf[BUFSIZ]; 27155682Smarkm int val; 27255682Smarkm int sig; 27355682Smarkm 274178825Sdfr val = sec; 27555682Smarkm sig = 1; 27655682Smarkm if (val < 0) { 27755682Smarkm sig = -1; 27855682Smarkm val = -val; 27955682Smarkm } 280233294Sstas 28155682Smarkm unparse_time (val, buf, sizeof(buf)); 28255682Smarkm 283233294Sstas printf ("%17s: %s%s\n", N_("KDC time offset", ""), 28455682Smarkm sig == -1 ? "-" : "", buf); 28555682Smarkm } 28655682Smarkm 28755682Smarkm printf("\n"); 28855682Smarkm 28955682Smarkm ret = krb5_cc_start_seq_get (context, ccache, &cursor); 29055682Smarkm if (ret) 29155682Smarkm krb5_err(context, 1, ret, "krb5_cc_start_seq_get"); 29255682Smarkm 29372445Sassar if(!do_verbose) { 29472445Sassar ct = rtbl_create(); 29572445Sassar rtbl_add_column(ct, COL_ISSUED, 0); 29672445Sassar rtbl_add_column(ct, COL_EXPIRES, 0); 29772445Sassar if(do_flags) 29872445Sassar rtbl_add_column(ct, COL_FLAGS, 0); 29972445Sassar rtbl_add_column(ct, COL_PRINCIPAL, 0); 300178825Sdfr rtbl_set_separator(ct, " "); 30172445Sassar } 302127808Snectar while ((ret = krb5_cc_next_cred (context, 303127808Snectar ccache, 304127808Snectar &cursor, 305127808Snectar &creds)) == 0) { 306233294Sstas if (!do_hidden && krb5_is_config_principal(context, creds.server)) { 307178825Sdfr ; 308178825Sdfr }else if(do_verbose){ 30955682Smarkm print_cred_verbose(context, &creds); 31055682Smarkm }else{ 31172445Sassar print_cred(context, &creds, ct, do_flags); 31255682Smarkm } 313178825Sdfr krb5_free_cred_contents (context, &creds); 31455682Smarkm } 315127808Snectar if(ret != KRB5_CC_END) 316127808Snectar krb5_err(context, 1, ret, "krb5_cc_get_next"); 31755682Smarkm ret = krb5_cc_end_seq_get (context, ccache, &cursor); 31855682Smarkm if (ret) 31955682Smarkm krb5_err (context, 1, ret, "krb5_cc_end_seq_get"); 32072445Sassar if(!do_verbose) { 32172445Sassar rtbl_format(ct, stdout); 32272445Sassar rtbl_destroy(ct); 32372445Sassar } 32455682Smarkm} 32555682Smarkm 32655682Smarkm/* 32755682Smarkm * Check if there's a tgt for the realm of `principal' and ccache and 32855682Smarkm * if so return 0, else 1 32955682Smarkm */ 33055682Smarkm 33155682Smarkmstatic int 33255682Smarkmcheck_for_tgt (krb5_context context, 33355682Smarkm krb5_ccache ccache, 334178825Sdfr krb5_principal principal, 335178825Sdfr time_t *expiration) 33655682Smarkm{ 33755682Smarkm krb5_error_code ret; 33855682Smarkm krb5_creds pattern; 33955682Smarkm krb5_creds creds; 340233294Sstas krb5_const_realm client_realm; 34155682Smarkm int expired; 34255682Smarkm 343178825Sdfr krb5_cc_clear_mcred(&pattern); 344178825Sdfr 345233294Sstas client_realm = krb5_principal_get_realm(context, principal); 34655682Smarkm 34755682Smarkm ret = krb5_make_principal (context, &pattern.server, 348233294Sstas client_realm, KRB5_TGS_NAME, client_realm, NULL); 34955682Smarkm if (ret) 35055682Smarkm krb5_err (context, 1, ret, "krb5_make_principal"); 351178825Sdfr pattern.client = principal; 35255682Smarkm 35355682Smarkm ret = krb5_cc_retrieve_cred (context, ccache, 0, &pattern, &creds); 35455682Smarkm krb5_free_principal (context, pattern.server); 35555682Smarkm if (ret) { 35655682Smarkm if (ret == KRB5_CC_END) 35755682Smarkm return 1; 35855682Smarkm krb5_err (context, 1, ret, "krb5_cc_retrieve_cred"); 35955682Smarkm } 36055682Smarkm 361178825Sdfr expired = time(NULL) > creds.times.endtime; 36272445Sassar 363178825Sdfr if (expiration) 364178825Sdfr *expiration = creds.times.endtime; 36572445Sassar 366178825Sdfr krb5_free_cred_contents (context, &creds); 36772445Sassar 368178825Sdfr return expired; 36972445Sassar} 37072445Sassar 37172445Sassar/* 37255682Smarkm * Print a list of all AFS tokens 37355682Smarkm */ 37455682Smarkm 375233294Sstas#ifndef NO_AFS 376233294Sstas 37755682Smarkmstatic void 37855682Smarkmdisplay_tokens(int do_verbose) 37955682Smarkm{ 380178825Sdfr uint32_t i; 381102644Snectar unsigned char t[4096]; 38255682Smarkm struct ViceIoctl parms; 38355682Smarkm 38455682Smarkm parms.in = (void *)&i; 38555682Smarkm parms.in_size = sizeof(i); 38655682Smarkm parms.out = (void *)t; 38755682Smarkm parms.out_size = sizeof(t); 38855682Smarkm 389102644Snectar for (i = 0;; i++) { 39055682Smarkm int32_t size_secret_tok, size_public_tok; 39155682Smarkm unsigned char *cell; 39255682Smarkm struct ClearToken ct; 39355682Smarkm unsigned char *r = t; 39455682Smarkm struct timeval tv; 39555682Smarkm char buf1[20], buf2[20]; 39655682Smarkm 397102644Snectar if(k_pioctl(NULL, VIOCGETTOK, &parms, 0) < 0) { 398102644Snectar if(errno == EDOM) 399102644Snectar break; 400102644Snectar continue; 401102644Snectar } 402107207Snectar if(parms.out_size > sizeof(t)) 403102644Snectar continue; 404102644Snectar if(parms.out_size < sizeof(size_secret_tok)) 405102644Snectar continue; 406120945Snectar t[min(parms.out_size,sizeof(t)-1)] = 0; 40755682Smarkm memcpy(&size_secret_tok, r, sizeof(size_secret_tok)); 40855682Smarkm /* dont bother about the secret token */ 40955682Smarkm r += size_secret_tok + sizeof(size_secret_tok); 410102644Snectar if (parms.out_size < (r - t) + sizeof(size_public_tok)) 411102644Snectar continue; 41255682Smarkm memcpy(&size_public_tok, r, sizeof(size_public_tok)); 41355682Smarkm r += sizeof(size_public_tok); 414102644Snectar if (parms.out_size < (r - t) + size_public_tok + sizeof(int32_t)) 415102644Snectar continue; 41655682Smarkm memcpy(&ct, r, size_public_tok); 41755682Smarkm r += size_public_tok; 41855682Smarkm /* there is a int32_t with length of cellname, but we dont read it */ 41955682Smarkm r += sizeof(int32_t); 42055682Smarkm cell = r; 42155682Smarkm 42255682Smarkm gettimeofday (&tv, NULL); 42355682Smarkm strlcpy (buf1, printable_time(ct.BeginTimestamp), 424102644Snectar sizeof(buf1)); 42555682Smarkm if (do_verbose || tv.tv_sec < ct.EndTimestamp) 42655682Smarkm strlcpy (buf2, printable_time(ct.EndTimestamp), 427102644Snectar sizeof(buf2)); 42855682Smarkm else 429233294Sstas strlcpy (buf2, N_(">>> Expired <<<", ""), sizeof(buf2)); 43055682Smarkm 43155682Smarkm printf("%s %s ", buf1, buf2); 43255682Smarkm 43355682Smarkm if ((ct.EndTimestamp - ct.BeginTimestamp) & 1) 434233294Sstas printf(N_("User's (AFS ID %d) tokens for %s", ""), ct.ViceId, cell); 43555682Smarkm else 436233294Sstas printf(N_("Tokens for %s", ""), cell); 43755682Smarkm if (do_verbose) 43855682Smarkm printf(" (%d)", ct.AuthHandle); 43955682Smarkm putchar('\n'); 44055682Smarkm } 44155682Smarkm} 442233294Sstas#endif 44355682Smarkm 44472445Sassar/* 44572445Sassar * display the ccache in `cred_cache' 44672445Sassar */ 44772445Sassar 44872445Sassarstatic int 449233294Sstasdisplay_v5_ccache (krb5_context context, krb5_ccache ccache, 450233294Sstas int do_test, int do_verbose, 451178825Sdfr int do_flags, int do_hidden) 45272445Sassar{ 45372445Sassar krb5_error_code ret; 45472445Sassar krb5_principal principal; 45572445Sassar int exit_status = 0; 45672445Sassar 45772445Sassar 45872445Sassar ret = krb5_cc_get_principal (context, ccache, &principal); 45972445Sassar if (ret) { 46072445Sassar if(ret == ENOENT) { 46172445Sassar if (!do_test) 462233294Sstas krb5_warnx(context, N_("No ticket file: %s", ""), 46372445Sassar krb5_cc_get_name(context, ccache)); 46472445Sassar return 1; 46572445Sassar } else 46672445Sassar krb5_err (context, 1, ret, "krb5_cc_get_principal"); 46772445Sassar } 46872445Sassar if (do_test) 469178825Sdfr exit_status = check_for_tgt (context, ccache, principal, NULL); 47072445Sassar else 471178825Sdfr print_tickets (context, ccache, principal, do_verbose, 472178825Sdfr do_flags, do_hidden); 47372445Sassar 47472445Sassar ret = krb5_cc_close (context, ccache); 47572445Sassar if (ret) 47672445Sassar krb5_err (context, 1, ret, "krb5_cc_close"); 47772445Sassar 47872445Sassar krb5_free_principal (context, principal); 479233294Sstas 48072445Sassar return exit_status; 48172445Sassar} 48272445Sassar 483178825Sdfr/* 484178825Sdfr * 485178825Sdfr */ 486178825Sdfr 487178825Sdfrstatic int 488233294Sstaslist_caches(krb5_context context) 489178825Sdfr{ 490178825Sdfr krb5_cc_cache_cursor cursor; 491233294Sstas const char *cdef_name; 492233294Sstas char *def_name; 493178825Sdfr krb5_error_code ret; 494178825Sdfr krb5_ccache id; 495178825Sdfr rtbl_t ct; 496178825Sdfr 497233294Sstas cdef_name = krb5_cc_default_name(context); 498233294Sstas if (cdef_name == NULL) 499233294Sstas krb5_errx(context, 1, "krb5_cc_default_name"); 500233294Sstas def_name = strdup(cdef_name); 501233294Sstas 502178825Sdfr ret = krb5_cc_cache_get_first (context, NULL, &cursor); 503178825Sdfr if (ret == KRB5_CC_NOSUPP) 504178825Sdfr return 0; 505178825Sdfr else if (ret) 506178825Sdfr krb5_err (context, 1, ret, "krb5_cc_cache_get_first"); 507178825Sdfr 508178825Sdfr ct = rtbl_create(); 509233294Sstas rtbl_add_column(ct, COL_NAME, 0); 510178825Sdfr rtbl_add_column(ct, COL_CACHENAME, 0); 511178825Sdfr rtbl_add_column(ct, COL_EXPIRES, 0); 512233294Sstas rtbl_add_column(ct, COL_DEFCACHE, 0); 513178825Sdfr rtbl_set_prefix(ct, " "); 514233294Sstas rtbl_set_column_prefix(ct, COL_NAME, ""); 515178825Sdfr 516233294Sstas while (krb5_cc_cache_next (context, cursor, &id) == 0) { 517233294Sstas krb5_principal principal = NULL; 518233294Sstas int expired = 0; 519178825Sdfr char *name; 520233294Sstas time_t t; 521178825Sdfr 522178825Sdfr ret = krb5_cc_get_principal(context, id, &principal); 523233294Sstas if (ret) 524233294Sstas continue; 525233294Sstas 526233294Sstas expired = check_for_tgt (context, id, principal, &t); 527233294Sstas 528233294Sstas ret = krb5_cc_get_friendly_name(context, id, &name); 529178825Sdfr if (ret == 0) { 530233294Sstas const char *str; 531233294Sstas char *fname; 532233294Sstas rtbl_add_column_entry(ct, COL_NAME, name); 533233294Sstas rtbl_add_column_entry(ct, COL_CACHENAME, 534233294Sstas krb5_cc_get_name(context, id)); 535233294Sstas if (expired) 536233294Sstas str = N_(">>> Expired <<<", ""); 537233294Sstas else 538233294Sstas str = printable_time(t); 539233294Sstas rtbl_add_column_entry(ct, COL_EXPIRES, str); 540233294Sstas free(name); 541178825Sdfr 542233294Sstas ret = krb5_cc_get_full_name(context, id, &fname); 543233294Sstas if (ret) 544233294Sstas krb5_err (context, 1, ret, "krb5_cc_get_full_name"); 545233294Sstas 546233294Sstas if (strcmp(fname, def_name) == 0) 547233294Sstas rtbl_add_column_entry(ct, COL_DEFCACHE, "*"); 548233294Sstas else 549233294Sstas rtbl_add_column_entry(ct, COL_DEFCACHE, ""); 550233294Sstas 551233294Sstas krb5_xfree(fname); 552178825Sdfr } 553178825Sdfr krb5_cc_close(context, id); 554233294Sstas 555233294Sstas krb5_free_principal(context, principal); 556178825Sdfr } 557178825Sdfr 558178825Sdfr krb5_cc_cache_end_seq_get(context, cursor); 559178825Sdfr 560233294Sstas free(def_name); 561178825Sdfr rtbl_format(ct, stdout); 562178825Sdfr rtbl_destroy(ct); 563233294Sstas 564178825Sdfr return 0; 565178825Sdfr} 566178825Sdfr 567178825Sdfr/* 568178825Sdfr * 569178825Sdfr */ 570178825Sdfr 57155682Smarkmint 572233294Sstasklist(struct klist_options *opt, int argc, char **argv) 57355682Smarkm{ 574233294Sstas krb5_error_code ret; 57555682Smarkm int exit_status = 0; 57655682Smarkm 577233294Sstas int do_verbose = 578233294Sstas opt->verbose_flag || 579233294Sstas opt->a_flag || 580233294Sstas opt->n_flag; 581233294Sstas int do_test = 582233294Sstas opt->test_flag || 583233294Sstas opt->s_flag; 58455682Smarkm 585233294Sstas if (opt->list_all_flag) { 586233294Sstas exit_status = list_caches(kcc_context); 587233294Sstas return exit_status; 58855682Smarkm } 58955682Smarkm 590233294Sstas if (opt->v5_flag) { 591233294Sstas krb5_ccache id; 59255682Smarkm 593233294Sstas if (opt->all_content_flag) { 594233294Sstas krb5_cc_cache_cursor cursor; 59555682Smarkm 596233294Sstas ret = krb5_cc_cache_get_first(kcc_context, NULL, &cursor); 597233294Sstas if (ret) 598233294Sstas krb5_err(kcc_context, 1, ret, "krb5_cc_cache_get_first"); 599233294Sstas 600233294Sstas 601233294Sstas while (krb5_cc_cache_next(kcc_context, cursor, &id) == 0) { 602233294Sstas exit_status |= display_v5_ccache(kcc_context, id, do_test, 603233294Sstas do_verbose, opt->flags_flag, 604233294Sstas opt->hidden_flag); 605233294Sstas printf("\n\n"); 606233294Sstas } 607233294Sstas krb5_cc_cache_end_seq_get(kcc_context, cursor); 608233294Sstas 609233294Sstas } else { 610233294Sstas if(opt->cache_string) { 611233294Sstas ret = krb5_cc_resolve(kcc_context, opt->cache_string, &id); 612233294Sstas if (ret) 613233294Sstas krb5_err(kcc_context, 1, ret, "%s", opt->cache_string); 614233294Sstas } else { 615233294Sstas ret = krb5_cc_default(kcc_context, &id); 616233294Sstas if (ret) 617233294Sstas krb5_err(kcc_context, 1, ret, "krb5_cc_resolve"); 618233294Sstas } 619233294Sstas exit_status = display_v5_ccache(kcc_context, id, do_test, 620233294Sstas do_verbose, opt->flags_flag, 621233294Sstas opt->hidden_flag); 622233294Sstas } 623178825Sdfr } 624178825Sdfr 625120945Snectar if (!do_test) { 626233294Sstas#ifndef NO_AFS 627233294Sstas if (opt->tokens_flag && k_hasafs()) { 628233294Sstas if (opt->v5_flag) 629233294Sstas printf("\n"); 630233294Sstas display_tokens(opt->verbose_flag); 63172445Sassar } 632233294Sstas#endif 63355682Smarkm } 63455682Smarkm 63555682Smarkm return exit_status; 63655682Smarkm} 637