1/*
2 * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska H��gskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 *    may be used to endorse or promote products derived from this software
19 *    without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#include "kuser_locl.h"
35
36static const char *cache;
37static const char *credential;
38static int help_flag;
39static int version_flag;
40#ifndef NO_AFS
41static int unlog_flag = 1;
42#endif
43static int dest_tkt_flag = 1;
44static int all_flag = 0;
45
46struct getargs args[] = {
47    { "credential",	0,   arg_string, rk_UNCONST(&credential),
48      "remove one credential", "principal" },
49    { "cache",		'c', arg_string, rk_UNCONST(&cache), "cache to destroy", "cache" },
50    { "all",		'A', arg_flag, &all_flag, "destroy all caches", NULL },
51#ifndef NO_AFS
52    { "unlog",		0,   arg_negative_flag, &unlog_flag,
53      "do not destroy tokens", NULL },
54#endif
55    { "delete-v4",	0,   arg_negative_flag, &dest_tkt_flag,
56      "do not destroy v4 tickets", NULL },
57    { "version", 	0,   arg_flag, &version_flag, NULL, NULL },
58    { "help",		'h', arg_flag, &help_flag, NULL, NULL}
59};
60
61int num_args = sizeof(args) / sizeof(args[0]);
62
63static void
64usage (int status)
65{
66    arg_printusage (args, num_args, NULL, "");
67    exit (status);
68}
69
70int
71main (int argc, char **argv)
72{
73    krb5_error_code ret;
74    krb5_context context;
75    krb5_ccache  ccache;
76    int optidx = 0;
77    int exit_val = 0;
78
79    setprogname (argv[0]);
80
81    if(getarg(args, num_args, argc, argv, &optidx))
82	usage(1);
83
84    if (help_flag)
85	usage (0);
86
87    if(version_flag){
88	print_version(NULL);
89	exit(0);
90    }
91
92    argc -= optidx;
93    argv += optidx;
94
95    if (argc != 0)
96	usage (1);
97
98    ret = krb5_init_context (&context);
99    if (ret)
100	errx (1, "krb5_init_context failed: %d", ret);
101
102    if (all_flag) {
103	krb5_cccol_cursor cursor;
104
105	ret = krb5_cccol_cursor_new (context, &cursor);
106	if (ret)
107	    krb5_err(context, 1, ret, "krb5_cccol_cursor_new");
108
109	while (krb5_cccol_cursor_next (context, cursor, &ccache) == 0 && ccache != NULL) {
110
111	    ret = krb5_cc_destroy (context, ccache);
112	    if (ret) {
113		krb5_warn(context, ret, "krb5_cc_destroy");
114		exit_val = 1;
115	    }
116	}
117	krb5_cccol_cursor_free(context, &cursor);
118
119    } else {
120	if(cache == NULL) {
121	    ret = krb5_cc_default(context, &ccache);
122	    if (ret)
123		krb5_err(context, 1, ret, "krb5_cc_default");
124	} else {
125	    ret =  krb5_cc_resolve(context,
126				   cache,
127				   &ccache);
128	    if (ret)
129		krb5_err(context, 1, ret, "krb5_cc_resolve");
130	}
131
132	if (ret == 0) {
133	    if (credential) {
134		krb5_creds mcred;
135
136		krb5_cc_clear_mcred(&mcred);
137
138		ret = krb5_parse_name(context, credential, &mcred.server);
139		if (ret)
140		    krb5_err(context, 1, ret,
141			     "Can't parse principal %s", credential);
142
143		ret = krb5_cc_remove_cred(context, ccache, 0, &mcred);
144		if (ret)
145		    krb5_err(context, 1, ret,
146			     "Failed to remove principal %s", credential);
147
148		krb5_cc_close(context, ccache);
149		krb5_free_principal(context, mcred.server);
150		krb5_free_context(context);
151		return 0;
152	    }
153
154	    ret = krb5_cc_destroy (context, ccache);
155	    if (ret) {
156		krb5_warn(context, ret, "krb5_cc_destroy");
157		exit_val = 1;
158	    }
159	}
160    }
161
162    krb5_free_context (context);
163
164#ifndef NO_AFS
165    if (unlog_flag && k_hasafs ()) {
166	if (k_unlog ())
167	    exit_val = 1;
168    }
169#endif
170
171    return exit_val;
172}
173