diff options
Diffstat (limited to 'ipa-client')
-rw-r--r-- | ipa-client/Makefile.am | 1 | ||||
-rw-r--r-- | ipa-client/config.c | 35 | ||||
-rw-r--r-- | ipa-client/ipa-getkeytab.c | 180 | ||||
-rw-r--r-- | ipa-client/ipa-join.c | 165 | ||||
-rw-r--r-- | ipa-client/ipa-rmkeytab.c | 82 |
5 files changed, 318 insertions, 145 deletions
diff --git a/ipa-client/Makefile.am b/ipa-client/Makefile.am index 3f3c13b1a..2fc45be25 100644 --- a/ipa-client/Makefile.am +++ b/ipa-client/Makefile.am @@ -12,6 +12,7 @@ INCLUDES = \ -DLIBDIR=\""$(libdir)"\" \ -DLIBEXECDIR=\""$(libexecdir)"\" \ -DDATADIR=\""$(datadir)"\" \ + -DLOCALEDIR=\""$(localedir)"\" \ $(KRB5_CFLAGS) \ $(OPENLDAP_CFLAGS) \ $(MOZLDAP_CFLAGS) \ diff --git a/ipa-client/config.c b/ipa-client/config.c index c32946ed6..69bd9cb33 100644 --- a/ipa-client/config.c +++ b/ipa-client/config.c @@ -37,6 +37,11 @@ #include <stdlib.h> #include <ctype.h> +#include <errno.h> +#include "config.h" +#include <libintl.h> +#define _(STRING) gettext(STRING) + char * read_config_file(const char *filename) { @@ -47,14 +52,14 @@ read_config_file(const char *filename) fd = open(filename, O_RDONLY); if (fd == -1) { - fprintf(stderr, "cannot open configuration file %s\n", filename); + fprintf(stderr, _("cannot open configuration file %s\n"), filename); return NULL; } /* stat() the file so we know the size and can pre-allocate the right * amount of memory. */ if (fstat(fd, &st) == -1) { - fprintf(stderr, "cannot stat() configuration file %s\n", filename); + fprintf(stderr, _("cannot stat() configuration file %s\n"), filename); return NULL; } left = st.st_size; @@ -67,7 +72,7 @@ read_config_file(const char *filename) if (res == 0) break; if (res < 0) { - fprintf(stderr, "read error\n"); + fprintf(stderr, _("read error\n")); close(fd); free(dest); return NULL; @@ -159,3 +164,27 @@ get_config_entry(char * in_data, const char *section, const char *key) free(data); return NULL; } + +int init_gettext(void) +{ + char *c; + + c = setlocale(LC_ALL, ""); + if (!c) { + return EIO; + } + + errno = 0; + c = bindtextdomain(PACKAGE, LOCALEDIR); + if (c == NULL) { + return errno; + } + + errno = 0; + c = textdomain(PACKAGE); + if (c == NULL) { + return errno; + } + + return 0; +} diff --git a/ipa-client/ipa-getkeytab.c b/ipa-client/ipa-getkeytab.c index b8701c554..a54c57c7e 100644 --- a/ipa-client/ipa-getkeytab.c +++ b/ipa-client/ipa-getkeytab.c @@ -40,6 +40,10 @@ #include <sasl/sasl.h> #include <popt.h> +#include "config.h" +#include <libintl.h> +#define _(STRING) gettext(STRING) + /* Salt types */ #define NO_SALT -1 #define KRB5_KDB_SALTTYPE_NORMAL 0 @@ -131,7 +135,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str, krberr = krb5_get_permitted_enctypes(krbctx, &ktypes); if (krberr) { - fprintf(stderr, "No system preferred enctypes ?!\n"); + fprintf(stderr, _("No system preferred enctypes ?!\n")); return 0; } @@ -139,7 +143,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str, ksdata = calloc(n + 1, sizeof(struct krb_key_salt)); if (NULL == ksdata) { - fprintf(stderr, "Out of memory!?\n"); + fprintf(stderr, _("Out of memory!?\n")); return 0; } @@ -157,7 +161,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str, t = tmp = strdup(str); if (!tmp) { - fprintf(stderr, "Out of memory\n"); + fprintf(stderr, _("Out of memory\n")); return 0; } @@ -172,7 +176,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str, /* at the end we will have at most n entries + 1 terminating */ ksdata = calloc(n + 1, sizeof(struct krb_key_salt)); if (!ksdata) { - fprintf(stderr, "Out of memory\n"); + fprintf(stderr, _("Out of memory\n")); return 0; } @@ -187,7 +191,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str, krberr = krb5_string_to_enctype(t, &ksdata[j].enctype); if (krberr != 0) { fprintf(stderr, - "Warning unrecognized encryption type: [%s]\n", t); + _("Warning unrecognized encryption type: [%s]\n"), t); t = p+1; continue; } @@ -201,7 +205,8 @@ static int prep_ksdata(krb5_context krbctx, const char *str, krberr = krb5_string_to_salttype(q, &ksdata[j].salttype); if (krberr != 0) { - fprintf(stderr, "Warning unrecognized salt type: [%s]\n", q); + fprintf(stderr, + _("Warning unrecognized salt type: [%s]\n"), q); continue; } @@ -227,7 +232,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str, &similar); if (krberr) { free_keys_contents(krbctx, keys); - fprintf(stderr, "Enctype comparison failed!\n"); + fprintf(stderr, _("Enctype comparison failed!\n")); return 0; } if (similar && @@ -289,7 +294,7 @@ static int create_keys(krb5_context krbctx, ksdata[i].enctype, &ksdata[i].key); if (krberr) { - fprintf(stderr, "Failed to create random key!\n"); + fprintf(stderr, _("Failed to create random key!\n")); return 0; } /* set the salt to NO_SALT as the key was random */ @@ -302,14 +307,14 @@ static int create_keys(krb5_context krbctx, case KRB5_KDB_SALTTYPE_ONLYREALM: krberr = krb5_copy_data(krbctx, realm, &salt); if (krberr) { - fprintf(stderr, "Failed to create key!\n"); + fprintf(stderr, _("Failed to create key!\n")); return 0; } ksdata[i].salt.length = salt->length; ksdata[i].salt.data = malloc(salt->length); if (!ksdata[i].salt.data) { - fprintf(stderr, "Out of memory!\n"); + fprintf(stderr, _("Out of memory!\n")); return 0; } memcpy(ksdata[i].salt.data, salt->data, salt->length); @@ -319,7 +324,7 @@ static int create_keys(krb5_context krbctx, case KRB5_KDB_SALTTYPE_NOREALM: krberr = krb5_principal2salt_norealm(krbctx, princ, &ksdata[i].salt); if (krberr) { - fprintf(stderr, "Failed to create key!\n"); + fprintf(stderr, _("Failed to create key!\n")); return 0; } break; @@ -327,7 +332,7 @@ static int create_keys(krb5_context krbctx, case KRB5_KDB_SALTTYPE_NORMAL: krberr = krb5_principal2salt(krbctx, princ, &ksdata[i].salt); if (krberr) { - fprintf(stderr, "Failed to create key!\n"); + fprintf(stderr, _("Failed to create key!\n")); return 0; } break; @@ -342,7 +347,7 @@ static int create_keys(krb5_context krbctx, */ ksdata[i].salt.data = (char *)malloc(realm->length + 1); if (NULL == ksdata[i].salt.data) { - fprintf(stderr, "Out of memory!\n"); + fprintf(stderr, _("Out of memory!\n")); return 0; } memcpy((char *)ksdata[i].salt.data, @@ -353,7 +358,7 @@ static int create_keys(krb5_context krbctx, break; default: - fprintf(stderr, "Bad or unsupported salt type (%d)!\n", + fprintf(stderr, _("Bad or unsupported salt type (%d)!\n"), ksdata[i].salttype); return 0; } @@ -364,7 +369,7 @@ static int create_keys(krb5_context krbctx, &ksdata[i].salt, &ksdata[i].key); if (krberr) { - fprintf(stderr, "Failed to create key!\n"); + fprintf(stderr, _("Failed to create key!\n")); return 0; } @@ -473,7 +478,7 @@ int filter_keys(krb5_context krbctx, struct keys_container *keys, } if (n == 0) { - fprintf(stderr, "No keys accepted by KDC\n"); + fprintf(stderr, _("No keys accepted by KDC\n")); return 0; } @@ -488,7 +493,7 @@ static int ipa_ldap_init(LDAP ** ld, const char * scheme, const char * servernam url = (char *)malloc (url_len); if (!url){ - fprintf(stderr, "Out of memory \n"); + fprintf(stderr, _("Out of memory \n")); return LDAP_NO_MEMORY; } sprintf(url,"%s://%s:%d",scheme,servername,port); @@ -526,14 +531,14 @@ static int ldap_set_keytab(krb5_context krbctx, /* cant' return more than nkeys, sometimes less */ encs = calloc(keys->nkeys + 1, sizeof(ber_int_t)); if (!encs) { - fprintf(stderr, "Out of Memory!\n"); + fprintf(stderr, _("Out of Memory!\n")); return 0; } /* build password change control */ control = create_key_control(keys, principal_name); if (!control) { - fprintf(stderr, "Failed to create control!\n"); + fprintf(stderr, _("Failed to create control!\n")); goto error_out; } @@ -557,21 +562,21 @@ static int ldap_set_keytab(krb5_context krbctx, } if(ld == NULL) { - fprintf(stderr, "Unable to initialize ldap library!\n"); + fprintf(stderr, _("Unable to initialize ldap library!\n")); goto error_out; } version = LDAP_VERSION3; ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); if (ret != LDAP_SUCCESS) { - fprintf(stderr, "Unable to set ldap options!\n"); + fprintf(stderr, _("Unable to set ldap options!\n")); goto error_out; } if (binddn) { ret = ldap_bind_s(ld, binddn, bindpw, LDAP_AUTH_SIMPLE); if (ret != LDAP_SUCCESS) { - fprintf(stderr, "Simple bind failed\n"); + fprintf(stderr, _("Simple bind failed\n")); goto error_out; } } else { @@ -581,7 +586,7 @@ static int ldap_set_keytab(krb5_context krbctx, LDAP_SASL_QUIET, ldap_sasl_interact, princ); if (ret != LDAP_SUCCESS) { - fprintf(stderr, "SASL Bind failed!\n"); + fprintf(stderr, _("SASL Bind failed!\n")); goto error_out; } } @@ -597,7 +602,8 @@ static int ldap_set_keytab(krb5_context krbctx, control, NULL, NULL, &msgid); if (ret != LDAP_SUCCESS) { - fprintf(stderr, "Operation failed! %s\n", ldap_err2string(ret)); + fprintf(stderr, _("Operation failed! %s\n"), + ldap_err2string(ret)); goto error_out; } @@ -609,24 +615,27 @@ static int ldap_set_keytab(krb5_context krbctx, ret = ldap_result(ld, msgid, 1, &tv, &res); if (ret == -1) { - fprintf(stderr, "Operation failed! %s\n", ldap_err2string(ret)); + fprintf(stderr, _("Operation failed! %s\n"), + ldap_err2string(ret)); goto error_out; } ret = ldap_parse_extended_result(ld, res, &retoid, &retdata, 0); if(ret != LDAP_SUCCESS) { - fprintf(stderr, "Operation failed! %s\n", ldap_err2string(ret)); + fprintf(stderr, _("Operation failed! %s\n"), + ldap_err2string(ret)); goto error_out; } ret = ldap_parse_result(ld, res, &rc, NULL, &err, NULL, &srvctrl, 0); if(ret != LDAP_SUCCESS || rc != LDAP_SUCCESS) { - fprintf(stderr, "Operation failed! %s\n", err?err:ldap_err2string(ret)); + fprintf(stderr, _("Operation failed! %s\n"), + err ? err : ldap_err2string(ret)); goto error_out; } if (!srvctrl) { - fprintf(stderr, "Missing reply control!\n"); + fprintf(stderr, _("Missing reply control!\n")); goto error_out; } @@ -636,14 +645,14 @@ static int ldap_set_keytab(krb5_context krbctx, } } if (!pprc) { - fprintf(stderr, "Missing reply control!\n"); + fprintf(stderr, _("Missing reply control!\n")); goto error_out; } sctrl = ber_init(&pprc->ldctl_value); if (!sctrl) { - fprintf(stderr, "ber_init() failed, Invalid control ?!\n"); + fprintf(stderr, _("ber_init() failed, Invalid control ?!\n")); goto error_out; } @@ -662,7 +671,7 @@ static int ldap_set_keytab(krb5_context krbctx, rtag = ber_scanf(sctrl, "{i{", &kvno); if (rtag == LBER_ERROR) { - fprintf(stderr, "ber_scanf() failed, Invalid control ?!\n"); + fprintf(stderr, _("ber_scanf() failed, Invalid control ?!\n")); goto error_out; } @@ -703,13 +712,13 @@ static char *ask_password(krb5_context krbctx) k5d_pw0.length = sizeof(pw0); k5d_pw0.data = pw0; - ap_prompts[0].prompt = "New Principal Password"; + ap_prompts[0].prompt = _("New Principal Password"); ap_prompts[0].hidden = 1; ap_prompts[0].reply = &k5d_pw0; k5d_pw1.length = sizeof(pw1); k5d_pw1.data = pw1; - ap_prompts[1].prompt = "Verify Principal Password"; + ap_prompts[1].prompt = _("Verify Principal Password"); ap_prompts[1].hidden = 1; ap_prompts[1].reply = &k5d_pw1; @@ -718,7 +727,7 @@ static char *ask_password(krb5_context krbctx) 2, ap_prompts); if (strcmp(pw0, pw1)) { - fprintf(stderr, "Passwords do not match!"); + fprintf(stderr, _("Passwords do not match!")); return NULL; } @@ -730,6 +739,30 @@ static char *ask_password(krb5_context krbctx) return password; } +int init_gettext(void) +{ + char *c; + + c = setlocale(LC_ALL, ""); + if (!c) { + return EIO; + } + + errno = 0; + c = bindtextdomain(PACKAGE, LOCALEDIR); + if (c == NULL) { + return errno; + } + + errno = 0; + c = textdomain(PACKAGE); + if (c == NULL) { + return errno; + } + + return 0; +} + int main(int argc, char *argv[]) { static const char *server = NULL; @@ -742,17 +775,31 @@ int main(int argc, char *argv[]) int askpass = 0; int permitted_enctypes = 0; struct poptOption options[] = { - { "quiet", 'q', POPT_ARG_NONE, &quiet, 0, "Print as little as possible", "Output only on errors"}, - { "server", 's', POPT_ARG_STRING, &server, 0, "Contact this specific KDC Server", "Server Name" }, - { "principal", 'p', POPT_ARG_STRING, &principal, 0, "The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)", "Kerberos Service Principal Name" }, - { "keytab", 'k', POPT_ARG_STRING, &keytab, 0, "File were to store the keytab information", "Keytab File Name" }, - { "enctypes", 'e', POPT_ARG_STRING, &enctypes_string, 0, "Encryption types to request", "Comma separated encryption types list" }, - { "permitted-enctypes", 0, POPT_ARG_NONE, &permitted_enctypes, 0, "Show the list of permitted encryption types and exit", "Permitted Encryption Types"}, - { "password", 'P', POPT_ARG_NONE, &askpass, 0, "Asks for a non-random password to use for the principal" }, - { "binddn", 'D', POPT_ARG_STRING, &binddn, 0, "LDAP DN", "DN to bind as if not using kerberos" }, - { "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0, "LDAP password", "password to use if not using kerberos" }, - POPT_AUTOHELP - POPT_TABLEEND + { "quiet", 'q', POPT_ARG_NONE, &quiet, 0, + _("Print as little as possible"), _("Output only on errors")}, + { "server", 's', POPT_ARG_STRING, &server, 0, + _("Contact this specific KDC Server"), + _("Server Name") }, + { "principal", 'p', POPT_ARG_STRING, &principal, 0, + _("The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)"), + _("Kerberos Service Principal Name") }, + { "keytab", 'k', POPT_ARG_STRING, &keytab, 0, + _("File were to store the keytab information"), + _("Keytab File Name") }, + { "enctypes", 'e', POPT_ARG_STRING, &enctypes_string, 0, + _("Encryption types to request"), + _("Comma separated encryption types list") }, + { "permitted-enctypes", 0, POPT_ARG_NONE, &permitted_enctypes, 0, + _("Show the list of permitted encryption types and exit"), + _("Permitted Encryption Types") }, + { "password", 'P', POPT_ARG_NONE, &askpass, 0, + _("Asks for a non-random password to use for the principal") }, + { "binddn", 'D', POPT_ARG_STRING, &binddn, 0, + _("LDAP DN"), _("DN to bind as if not using kerberos") }, + { "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0, + _("LDAP password"), _("password to use if not using kerberos") }, + POPT_AUTOHELP + POPT_TABLEEND }; poptContext pc; char *ktname; @@ -768,9 +815,14 @@ int main(int argc, char *argv[]) int kvno; int i, ret; + ret = init_gettext(); + if (ret) { + exit(1); + } + krberr = krb5_init_context(&krbctx); if (krberr) { - fprintf(stderr, "Kerberos context initialization failed\n"); + fprintf(stderr, _("Kerberos context initialization failed\n")); exit(1); } @@ -783,14 +835,15 @@ int main(int argc, char *argv[]) krberr = krb5_get_permitted_enctypes(krbctx, &ktypes); if (krberr) { - fprintf(stderr, "No system preferred enctypes ?!\n"); + fprintf(stderr, _("No system preferred enctypes ?!\n")); exit(1); } - fprintf(stdout, "Supported encryption types:\n"); + fprintf(stdout, _("Supported encryption types:\n")); for (i = 0; ktypes[i]; i++) { krberr = krb5_enctype_to_string(ktypes[i], enc, 79); if (krberr) { - fprintf(stderr, "Warning: failed to convert type (#%d)\n", i); + fprintf(stderr, _("Warning: " + "failed to convert type (#%d)\n"), i); continue; } fprintf(stdout, "%s\n", enc); @@ -807,7 +860,8 @@ int main(int argc, char *argv[]) } if (NULL!=binddn && NULL==bindpw) { - fprintf(stderr, "Bind password required when using a bind DN.\n"); + fprintf(stderr, + _("Bind password required when using a bind DN.\n")); if (!quiet) poptPrintUsage(pc, stderr, 0); exit(10); @@ -820,7 +874,8 @@ int main(int argc, char *argv[]) } } else if (enctypes_string && strchr(enctypes_string, ':')) { if (!quiet) { - fprintf(stderr, "Warning: salt types are not honored with randomized passwords (see opt. -P)\n"); + fprintf(stderr, _("Warning: salt types are not honored" + " with randomized passwords (see opt. -P)\n")); } } @@ -831,36 +886,38 @@ int main(int argc, char *argv[]) krberr = krb5_parse_name(krbctx, principal, &sprinc); if (krberr) { - fprintf(stderr, "Invalid Service Principal Name\n"); + fprintf(stderr, _("Invalid Service Principal Name\n")); exit(4); } if (NULL == bindpw) { krberr = krb5_cc_default(krbctx, &ccache); if (krberr) { - fprintf(stderr, "Kerberos Credential Cache not found\n" - "Do you have a Kerberos Ticket?\n"); + fprintf(stderr, + _("Kerberos Credential Cache not found. " + "Do you have a Kerberos Ticket?\n")); exit(5); } krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc); if (krberr) { - fprintf(stderr, "Kerberos User Principal not found\n" - "Do you have a valid Credential Cache?\n"); + fprintf(stderr, + _("Kerberos User Principal not found. " + "Do you have a valid Credential Cache?\n")); exit(6); } } krberr = krb5_kt_resolve(krbctx, ktname, &kt); if (krberr) { - fprintf(stderr, "Failed to open Keytab\n"); + fprintf(stderr, _("Failed to open Keytab\n")); exit(7); } /* create key material */ ret = create_keys(krbctx, sprinc, password, enctypes_string, &keys); if (!ret) { - fprintf(stderr, "Failed to create key material\n"); + fprintf(stderr, _("Failed to create key material\n")); exit(8); } @@ -878,7 +935,8 @@ int main(int argc, char *argv[]) krberr = krb5_kt_add_entry(krbctx, kt, &kt_entry); if (krberr) { - fprintf(stderr, "Failed to add key to the keytab\n"); + fprintf(stderr, + _("Failed to add key to the keytab\n")); exit (11); } } @@ -887,13 +945,13 @@ int main(int argc, char *argv[]) krberr = krb5_kt_close(krbctx, kt); if (krberr) { - fprintf(stderr, "Failed to close the keytab\n"); + fprintf(stderr, _("Failed to close the keytab\n")); exit (12); } if (!quiet) { fprintf(stderr, - "Keytab successfully retrieved and stored in: %s\n", + _("Keytab successfully retrieved and stored in: %s\n"), keytab); } exit(0); diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c index c8bf421a2..e67f29b81 100644 --- a/ipa-client/ipa-join.c +++ b/ipa-client/ipa-join.c @@ -38,6 +38,9 @@ #include "xmlrpc-c/base.h" #include "xmlrpc-c/client.h" +#include <libintl.h> +#define _(STRING) gettext(STRING) + #define NAME "ipa-join" #define VERSION "1.0" @@ -60,7 +63,8 @@ handle_fault(xmlrpc_env * const envP) { if (envP->fault_occurred) { switch(envP->fault_code) { case 2100: /* unable to add new host entry or write objectClass */ - fprintf(stderr, "No permission to join this host to the IPA domain.\n"); + fprintf(stderr, + _("No permission to join this host to the IPA domain.\n")); break; default: fprintf(stderr, "%s\n", envP->fault_string); @@ -96,7 +100,9 @@ static int check_perms(const char *keytab) if (ret == -1) { switch(errno) { case EACCES: - fprintf(stderr, "No write permissions on keytab file '%s'\n", keytab); + fprintf(stderr, + _("No write permissions on keytab file '%s'\n"), + keytab); break; case ENOENT: /* file doesn't exist, lets touch it and see if writable */ @@ -106,10 +112,14 @@ static int check_perms(const char *keytab) unlink(keytab); return 0; } - fprintf(stderr, "No write permissions on keytab file '%s'\n", keytab); + fprintf(stderr, + _("No write permissions on keytab file '%s'\n"), + keytab); break; default: - fprintf(stderr, "access() on %s failed: errno = %d\n", keytab, errno); + fprintf(stderr, + _("access() on %s failed: errno = %d\n"), + keytab, errno); break; } return 1; @@ -187,13 +197,13 @@ connect_ldap(const char *hostname, const char *binddn, const char *bindpw) { ld = (LDAP *)ldap_init(hostname, 636); if (ldap_set_option(ld, LDAP_OPT_X_TLS, &ssl) != LDAP_OPT_SUCCESS) { - fprintf(stderr, "Unable to enable SSL in LDAP\n"); + fprintf(stderr, _("Unable to enable SSL in LDAP\n")); goto fail; } ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); if (ret != LDAP_SUCCESS) { - fprintf(stderr, "Unable to set LDAP version\n"); + fprintf(stderr, _("Unable to set LDAP version\n")); goto fail; } @@ -203,7 +213,7 @@ connect_ldap(const char *hostname, const char *binddn, const char *bindpw) { ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &err); if (debug) - fprintf(stderr, "Bind failed: %s\n", ldap_err2string(err)); + fprintf(stderr, _("Bind failed: %s\n"), ldap_err2string(err)); goto fail; } @@ -236,7 +246,7 @@ get_root_dn(const char *ipaserver, char **ldap_base) NULL, NULL, NULL, 0, &res); if (ret != LDAP_SUCCESS) { - fprintf(stderr, "Search for %s on rootdse failed with error %d", + fprintf(stderr, _("Search for %s on rootdse failed with error %d"), root_attrs[0], ret); rval = 14; goto done; @@ -246,7 +256,7 @@ get_root_dn(const char *ipaserver, char **ldap_base) entry = ldap_first_entry(ld, res); ncvals = ldap_get_values_len(ld, entry, root_attrs[0]); if (!ncvals) { - fprintf(stderr, "No values for %s", root_attrs[0]); + fprintf(stderr, _("No values for %s"), root_attrs[0]); rval = 14; goto done; } @@ -288,7 +298,9 @@ get_subject(const char *ipaserver, char *ldap_base, const char **subject) NULL, NULL, NULL, 0, &res); if (ret != LDAP_SUCCESS) { - fprintf(stderr, "Search for ipaCertificateSubjectBase failed with error %d", ret); + fprintf(stderr, + _("Search for ipaCertificateSubjectBase failed with error %d"), + ret); rval = 14; goto done; } @@ -296,7 +308,7 @@ get_subject(const char *ipaserver, char *ldap_base, const char **subject) entry = ldap_first_entry(ld, res); ncvals = ldap_get_values_len(ld, entry, attrs[0]); if (!ncvals) { - fprintf(stderr, "No values for %s", attrs[0]); + fprintf(stderr, _("No values for %s"), attrs[0]); rval = 14; goto done; } @@ -353,21 +365,25 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha if (get_root_dn(ipaserver, &ldap_base) != 0) { if (!quiet) - fprintf(stderr, "Unable to determine root DN of %s\n", ipaserver); + fprintf(stderr, _("Unable to determine root DN of %s\n"), + ipaserver); rval = 14; goto done; } if (get_subject(ipaserver, ldap_base, subject) != 0) { if (!quiet) - fprintf(stderr, "Unable to determine certificate subject of %s\n", ipaserver); + fprintf(stderr, + _("Unable to determine certificate subject of %s\n"), + ipaserver); /* Not a critical failure */ } ld = connect_ldap(ipaserver, NULL, NULL); if (!ld) { if (!quiet) - fprintf(stderr, "Unable to make an LDAP connection to %s\n", ipaserver); + fprintf(stderr, _("Unable to make an LDAP connection to %s\n"), + ipaserver); rval = 14; goto done; } @@ -375,26 +391,28 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha asprintf(&filter, "(fqdn=%s)", hostname); asprintf(&search_base, "cn=computers,cn=accounts,%s", ldap_base); if (debug) { - fprintf(stderr, "Searching with %s in %s\n", filter, search_base); + fprintf(stderr, _("Searching with %s in %s\n"), filter, search_base); } if ((ret = ldap_search_ext_s(ld, ldap_base, LDAP_SCOPE_SUB, filter, attrs, 0, NULL, NULL, LDAP_NO_LIMIT, LDAP_NO_LIMIT, &result)) != LDAP_SUCCESS) { if (!quiet) - fprintf(stderr, "ldap_search_ext_s: %s\n", ldap_err2string(ret)); + fprintf(stderr, _("ldap_search_ext_s: %s\n"), + ldap_err2string(ret)); rval = 14; goto ldap_done; } e = ldap_first_entry(ld, result); if (!e) { if (!quiet) - fprintf(stderr, "Unable to find host '%s'\n", hostname); + fprintf(stderr, _("Unable to find host '%s'\n"), hostname); rval = 14; goto ldap_done; } if ((*binddn = ldap_get_dn(ld, e)) == NULL) { if (!quiet) - fprintf(stderr, "Unable to get binddn for host '%s'\n", hostname); + fprintf(stderr, + _("Unable to get binddn for host '%s'\n"), hostname); rval = 14; goto ldap_done; } @@ -406,7 +424,8 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha */ has_principal = 1; if (debug) - fprintf(stderr, "Host already has principal, trying bind anyway\n"); + fprintf(stderr, + _("Host already has principal, trying bind anyway\n")); } ldap_value_free_len(ncvals); @@ -420,11 +439,11 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha if (!ld) { if (has_principal) { if (!quiet) - fprintf(stderr, "Host is already joined.\n"); + fprintf(stderr, _("Host is already joined.\n")); rval = 13; } else { if (!quiet) - fprintf(stderr, "Incorrect password.\n"); + fprintf(stderr, _("Incorrect password.\n")); rval = 15; } goto done; @@ -435,7 +454,7 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha if ((rc = ldap_extended_operation_s(ld, JOIN_OID, &valrequest, NULL, NULL, &oidresult, &valresult)) != LDAP_SUCCESS) { if (!quiet) - fprintf(stderr, "principal not found in host entry\n"); + fprintf(stderr, _("principal not found in host entry\n")); if (debug) ldap_perror(ld, "ldap_extended_operation_s"); rval = 18; goto ldap_done; @@ -542,7 +561,7 @@ join_krb5(const char *ipaserver, char *hostname, const char **hostdn, const char xmlrpc_DECREF(singleprincP); } else { if (!quiet) - fprintf(stderr, "principal not found in XML-RPC response\n"); + fprintf(stderr, _("principal not found in XML-RPC response\n")); rval = 12; goto cleanup; } @@ -557,7 +576,7 @@ join_krb5(const char *ipaserver, char *hostname, const char **hostdn, const char xmlrpc_read_string(&env, singleprincP, &krblastpwdchange); xmlrpc_DECREF(krblastpwdchangeP); if (!quiet) - fprintf(stderr, "Host is already joined.\n"); + fprintf(stderr, _("Host is already joined.\n")); rval = 13; goto cleanup; } @@ -624,7 +643,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int char * conf_data = read_config_file(IPA_CONFIG); if ((ipaserver = getIPAserver(conf_data)) == NULL) { if (!quiet) - fprintf(stderr, "Unable to determine IPA server from %s\n", IPA_CONFIG); + fprintf(stderr, _("Unable to determine IPA server from %s\n"), + IPA_CONFIG); exit(1); } free(conf_data); @@ -639,7 +659,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int if (NULL == strstr(host, ".")) { if (!quiet) - fprintf(stderr, "The hostname must be fully-qualified: %s\n", host); + fprintf(stderr, _("The hostname must be fully-qualified: %s\n"), + host); rval = 16; goto cleanup; } @@ -647,14 +668,15 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int krberr = krb5_init_context(&krbctx); if (krberr) { if (!quiet) - fprintf(stderr, "Unable to join host: Kerberos context initialization failed\n"); + fprintf(stderr, _("Unable to join host: " + "Kerberos context initialization failed\n")); rval = 1; goto cleanup; } krberr = krb5_kt_resolve(krbctx, ktname, &keytab); if (krberr != 0) { if (!quiet) - fprintf(stderr, "Error resolving keytab: %s.\n", + fprintf(stderr, _("Error resolving keytab: %s.\n"), error_message(krberr)); rval = 7; goto cleanup; @@ -664,8 +686,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int krberr = krb5_parse_name(krbctx, principal, &princ); if (krberr != 0) { if (!quiet) - fprintf(stderr, "Error parsing \"%s\": %s.\n", principal, - error_message(krberr)); + fprintf(stderr, _("Error parsing \"%s\": %s.\n"), + principal, error_message(krberr)); return krberr; } strcpy(tgs, KRB5_TGS_NAME); @@ -682,7 +704,7 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int 0, tgs, &gicopts); if (krberr != 0) { if (!quiet) - fprintf(stderr, "Error obtaining initial credentials: %s.\n", + fprintf(stderr, _("Error obtaining initial credentials: %s.\n"), error_message(krberr)); return krberr; } @@ -692,14 +714,16 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int krberr = krb5_cc_initialize(krbctx, ccache, creds.client); } else { if (!quiet) - fprintf(stderr, "Unable to generate Kerberos Credential Cache\n"); + fprintf(stderr, + _("Unable to generate Kerberos Credential Cache\n")); rval = 19; goto cleanup; } krberr = krb5_cc_store_cred(krbctx, ccache, &creds); if (krberr != 0) { if (!quiet) - fprintf(stderr, "Error storing creds in credential cache: %s.\n", + fprintf(stderr, + _("Error storing creds in credential cache: %s.\n"), error_message(krberr)); return krberr; } @@ -742,15 +766,15 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int xmlrpc_read_bool(&env, princP, &result); if (result == 1) { if (!quiet) - fprintf(stderr, "Unenrollment successful.\n"); + fprintf(stderr, _("Unenrollment successful.\n")); } else { if (!quiet) - fprintf(stderr, "Unenrollment failed.\n"); + fprintf(stderr, _("Unenrollment failed.\n")); } xmlrpc_DECREF(princP); } else { - fprintf(stderr, "result not found in XML-RPC response\n"); + fprintf(stderr, _("result not found in XML-RPC response\n")); rval = 20; goto cleanup; } @@ -796,7 +820,8 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k } else { char * conf_data = read_config_file(IPA_CONFIG); if ((ipaserver = getIPAserver(conf_data)) == NULL) { - fprintf(stderr, "Unable to determine IPA server from %s\n", IPA_CONFIG); + fprintf(stderr, _("Unable to determine IPA server from %s\n"), + IPA_CONFIG); exit(1); } free(conf_data); @@ -810,7 +835,7 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k } if (NULL == strstr(host, ".")) { - fprintf(stderr, "The hostname must be fully-qualified: %s\n", host); + fprintf(stderr, _("The hostname must be fully-qualified: %s\n"), host); rval = 16; goto cleanup; } @@ -820,20 +845,23 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k else { krberr = krb5_init_context(&krbctx); if (krberr) { - fprintf(stderr, "Unable to join host: Kerberos context initialization failed\n"); + fprintf(stderr, _("Unable to join host: " + "Kerberos context initialization failed\n")); rval = 1; goto cleanup; } krberr = krb5_cc_default(krbctx, &ccache); if (krberr) { - fprintf(stderr, "Unable to join host: Kerberos Credential Cache not found\n"); + fprintf(stderr, _("Unable to join host:" + " Kerberos Credential Cache not found\n")); rval = 5; goto cleanup; } krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc); if (krberr) { - fprintf(stderr, "Unable to join host: Kerberos User Principal not found and host password not provided.\n"); + fprintf(stderr, _("Unable to join host: Kerberos User Principal " + "not found and host password not provided.\n")); rval = 6; goto cleanup; } @@ -846,7 +874,7 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k childpid = fork(); if (childpid < 0) { - fprintf(stderr, "fork() failed\n"); + fprintf(stderr, _("fork() failed\n")); rval = 1; goto cleanup; } @@ -874,15 +902,16 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k err = execv(path, argv); if (err == -1) { switch(errno) { - case ENOENT: - fprintf(stderr, "ipa-getkeytab not found\n"); - break; - case EACCES: - fprintf(stderr, "ipa-getkeytab has bad permissions?\n"); - break; - default: - fprintf(stderr, "executing ipa-getkeytab failed, errno %d\n", errno); - break; + case ENOENT: + fprintf(stderr, _("ipa-getkeytab not found\n")); + break; + case EACCES: + fprintf(stderr, _("ipa-getkeytab has bad permissions?\n")); + break; + default: + fprintf(stderr, _("executing ipa-getkeytab failed, " + "errno %d\n"), errno); + break; } } } else { @@ -892,13 +921,13 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k if WIFEXITED(status) { rval = WEXITSTATUS(status); if (rval != 0) { - fprintf(stderr, "child exited with %d\n", rval); + fprintf(stderr, _("child exited with %d\n"), rval); } } cleanup: if (NULL != subject) - fprintf(stderr, "Certificate subject base is: %s\n", subject); + fprintf(stderr, _("Certificate subject base is: %s\n"), subject); free((char *)princ); free((char *)subject); @@ -930,19 +959,31 @@ main(int argc, char **argv) { int quiet = 0; int unenroll = 0; struct poptOption options[] = { - { "debug", 'd', POPT_ARG_NONE, &debug, 0, "Print the raw XML-RPC output", "XML-RPC debugging Output"}, - { "quiet", 'q', POPT_ARG_NONE, &quiet, 0, "Print as little as possible", "Output only on errors"}, - { "unenroll", 'u', POPT_ARG_NONE, &unenroll, 0, "Unenroll this host", "Unenroll this host from IPA server" }, - { "hostname", 'h', POPT_ARG_STRING, &hostname, 0, "Use this hostname instead of the node name", "Host Name" }, - { "server", 's', POPT_ARG_STRING, &server, 0, "IPA Server to use", "IPA Server Name" }, - { "keytab", 'k', POPT_ARG_STRING, &keytab, 0, "File were to store the keytab information", "Keytab File Name" }, - { "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0, "LDAP password", "password to use if not using kerberos" }, - POPT_AUTOHELP - POPT_TABLEEND + { "debug", 'd', POPT_ARG_NONE, &debug, 0, + _("Print the raw XML-RPC output"), _("XML-RPC debugging Output") }, + { "quiet", 'q', POPT_ARG_NONE, &quiet, 0, + _("Print as little as possible"), _("Output only on errors") }, + { "unenroll", 'u', POPT_ARG_NONE, &unenroll, 0, + _("Unenroll this host"), _("Unenroll this host from IPA server") }, + { "hostname", 'h', POPT_ARG_STRING, &hostname, 0, + _("Use this hostname instead of the node name"), _("Host Name") }, + { "server", 's', POPT_ARG_STRING, &server, 0, + _("IPA Server to use"), _("IPA Server Name") }, + { "keytab", 'k', POPT_ARG_STRING, &keytab, 0, + _("File were to store the keytab information"), _("Keytab File Name") }, + { "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0, + _("LDAP password"), _("password to use if not using kerberos") }, + POPT_AUTOHELP + POPT_TABLEEND }; poptContext pc; int ret; + ret = init_gettext(); + if (ret) { + exit(2); + } + pc = poptGetContext("ipa-join", argc, (const char **)argv, options, 0); ret = poptGetNextOpt(pc); if (ret != -1) { diff --git a/ipa-client/ipa-rmkeytab.c b/ipa-client/ipa-rmkeytab.c index 043379873..c46bb8b6c 100644 --- a/ipa-client/ipa-rmkeytab.c +++ b/ipa-client/ipa-rmkeytab.c @@ -25,6 +25,11 @@ #include <popt.h> #include <errno.h> +#include "config.h" +#include <libintl.h> +#define _(STRING) gettext(STRING) + + int remove_principal(krb5_context context, krb5_keytab ktid, const char *principal, int debug) { @@ -36,9 +41,10 @@ remove_principal(krb5_context context, krb5_keytab ktid, const char *principal, memset(&entry, 0, sizeof(entry)); krberr = krb5_parse_name(context, principal, &entry.principal); if (krberr) { - fprintf(stderr, "Unable to parse principal name\n"); + fprintf(stderr, _("Unable to parse principal name\n")); if (debug) - fprintf(stderr, "krb5_parse_name %d: %s\n", krberr, error_message(krberr)); + fprintf(stderr, _("krb5_parse_name %d: %s\n"), + krberr, error_message(krberr)); rval = 4; goto done; } @@ -47,7 +53,7 @@ remove_principal(krb5_context context, krb5_keytab ktid, const char *principal, * irrespective of the encryption type. A failure to find one after the * first means we're done. */ - fprintf(stderr, "Removing principal %s\n", principal); + fprintf(stderr, _("Removing principal %s\n"), principal); while (1) { memset(&entry2, 0, sizeof(entry2)); krberr = krb5_kt_get_entry(context, ktid, @@ -60,23 +66,25 @@ remove_principal(krb5_context context, krb5_keytab ktid, const char *principal, /* not found but we've removed some, we're done */ break; if (krberr == ENOENT) { - fprintf(stderr, "Failed to open keytab\n"); + fprintf(stderr, _("Failed to open keytab\n")); rval = 3; goto done; } - fprintf(stderr, "principal not found\n"); + fprintf(stderr, _("principal not found\n")); if (debug) - fprintf(stderr, "krb5_kt_get_entry %d: %s\n", krberr, error_message(krberr)); + fprintf(stderr, _("krb5_kt_get_entry %d: %s\n"), + krberr, error_message(krberr)); rval = 5; break; } krberr = krb5_kt_remove_entry(context, ktid, &entry2); if (krberr) { - fprintf(stderr, "Unable to remove entry\n"); + fprintf(stderr, _("Unable to remove entry\n")); if (debug) { - fprintf(stdout, "kvno %d\n", entry2.vno); - fprintf(stderr, "krb5_kt_remove_entry %d: %s\n", krberr, error_message(krberr)); + fprintf(stdout, _("kvno %d\n"), entry2.vno); + fprintf(stderr, _("krb5_kt_remove_entry %d: %s\n"), + krberr, error_message(krberr)); } rval = 6; break; @@ -108,9 +116,10 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu while (krb5_kt_next_entry(context, ktid, &entry, &kt_cursor) == 0) { krberr = krb5_unparse_name(context, entry.principal, &entry_princ_s); if (krberr) { - fprintf(stderr, "Unable to parse principal\n"); + fprintf(stderr, _("Unable to parse principal\n")); if (debug) { - fprintf(stderr, "krb5_unparse_name %d: %s\n", krberr, error_message(krberr)); + fprintf(stderr, _("krb5_unparse_name %d: %s\n"), + krberr, error_message(krberr)); } rval = 4; goto done; @@ -134,6 +143,30 @@ done: return rval; } +int init_gettext(void) +{ + char *c; + + c = setlocale(LC_ALL, ""); + if (!c) { + return EIO; + } + + errno = 0; + c = bindtextdomain(PACKAGE, LOCALEDIR); + if (c == NULL) { + return errno; + } + + errno = 0; + c = textdomain(PACKAGE); + if (c == NULL) { + return errno; + } + + return 0; +} + int main(int argc, char **argv) { @@ -149,19 +182,29 @@ main(int argc, char **argv) int debug = 0; int ret, rval; struct poptOption options[] = { - { "debug", 'd', POPT_ARG_NONE, &debug, 0, "Print debugging information", "Debugging output" }, - { "principal", 'p', POPT_ARG_STRING, &principal, 0, "The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)", "Kerberos Service Principal Name" }, - { "keytab", 'k', POPT_ARG_STRING, &keytab, 0, "File were to store the keytab information", "Keytab File Name" }, - { "realm", 'r', POPT_ARG_STRING, &realm, 0, "Remove all principals in this realm", "Realm name" }, + { "debug", 'd', POPT_ARG_NONE, &debug, 0, + _("Print debugging information"), _("Debugging output") }, + { "principal", 'p', POPT_ARG_STRING, &principal, 0, + _("The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)"), + _("Kerberos Service Principal Name") }, + { "keytab", 'k', POPT_ARG_STRING, &keytab, 0, + _("File were to store the keytab information"), _("Keytab File Name") }, + { "realm", 'r', POPT_ARG_STRING, &realm, 0, + _("Remove all principals in this realm"), _("Realm name") }, POPT_AUTOHELP POPT_TABLEEND }; + ret = init_gettext(); + if (ret) { + exit(1); + } + memset(&ktid, 0, sizeof(ktid)); krberr = krb5_init_context(&context); if (krberr) { - fprintf(stderr, "Kerberos context initialization failed\n"); + fprintf(stderr, _("Kerberos context initialization failed\n")); exit(1); } @@ -195,7 +238,7 @@ main(int argc, char **argv) krberr = krb5_kt_resolve(context, ktname, &ktid); if (krberr) { - fprintf(stderr, "Failed to open keytab '%s'\n", keytab); + fprintf(stderr, _("Failed to open keytab '%s'\n"), keytab); rval = 3; goto cleanup; } @@ -209,9 +252,10 @@ cleanup: if (rval == 0 || rval > 3) { krberr = krb5_kt_close(context, ktid); if (krberr) { - fprintf(stderr, "Closing keytab failed\n"); + fprintf(stderr, _("Closing keytab failed\n")); if (debug) - fprintf(stderr, "krb5_kt_close %d: %s\n", krberr, error_message(krberr)); + fprintf(stderr, _("krb5_kt_close %d: %s\n"), + krberr, error_message(krberr)); } } |