diff options
author | Nalin Dahyabhai <nalin@dahyabhai.net> | 2012-07-23 20:35:02 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2012-10-15 12:03:00 -0400 |
commit | 1ea3986a6b0355ceffa49de55fe8450ff00933fd (patch) | |
tree | bc0e5cc58186e171b12f85b26de9e6ddc42b3ade | |
parent | 31390cda1de73dc84394e6c826310192b93520be (diff) | |
download | krb5-1ea3986a6b0355ceffa49de55fe8450ff00933fd.tar.gz krb5-1ea3986a6b0355ceffa49de55fe8450ff00933fd.tar.xz krb5-1ea3986a6b0355ceffa49de55fe8450ff00933fd.zip |
Add a -C flag to klist to also show config entries
-rw-r--r-- | doc/rst_source/krb_users/user_commands/klist.rst | 6 | ||||
-rw-r--r-- | src/clients/klist/klist.c | 66 |
2 files changed, 60 insertions, 12 deletions
diff --git a/doc/rst_source/krb_users/user_commands/klist.rst b/doc/rst_source/krb_users/user_commands/klist.rst index 6eae5f475e..d303f34d83 100644 --- a/doc/rst_source/krb_users/user_commands/klist.rst +++ b/doc/rst_source/krb_users/user_commands/klist.rst @@ -9,6 +9,7 @@ SYNOPSIS **klist** [**-e**] [[**-c**] [**-l**] [**-A**] [**-f**] [**-s**] [**-a** [**-n**]]] +[**-C**] [**-k** [**-t**] [**-K**]] [**-V**] [*cache_name*\|\ *keytab_name*] @@ -74,6 +75,11 @@ OPTIONS **-n** Show numeric addresses instead of reverse-resolving addresses. +**-C** + List configuration data that has been stored in the credentials + cache when klist encounters it. By default, configuration data + is not listed. + **-k** List keys held in a keytab file. diff --git a/src/clients/klist/klist.c b/src/clients/klist/klist.c index 3f633fd906..6c040673c1 100644 --- a/src/clients/klist/klist.c +++ b/src/clients/klist/klist.c @@ -59,6 +59,7 @@ extern int optind; int show_flags = 0, show_time = 0, status_only = 0, show_keys = 0; int show_etype = 0, show_addresses = 0, no_resolve = 0, print_version = 0; int show_adtype = 0, show_all = 0, list_all = 0, use_client_keytab = 0; +int show_config = 0; char *defname; char *progname; krb5_int32 now; @@ -126,7 +127,7 @@ main(argc, argv) name = NULL; mode = DEFAULT; /* V=version so v can be used for verbose later if desired. */ - while ((c = getopt(argc, argv, "dfetKsnacki45lAV")) != -1) { + while ((c = getopt(argc, argv, "dfetKsnacki45lAVC")) != -1) { switch (c) { case 'd': show_adtype = 1; @@ -175,6 +176,9 @@ main(argc, argv) case 'A': show_all = 1; break; + case 'C': + show_config = 1; + break; case 'V': print_version = 1; break; @@ -516,7 +520,7 @@ do_ccache(krb5_ccache cache) return 1; } while (!(code = krb5_cc_next_cred(kcontext, cache, &cur, &creds))) { - if (krb5_is_config_principal(kcontext, creds.server)) + if (!show_config && krb5_is_config_principal(kcontext, creds.server)) continue; if (status_only) { if (exit_status && creds.server->length == 2 && @@ -624,6 +628,31 @@ printtime(tv) } } +static void +print_config_data(int col, krb5_data *data) +{ + unsigned int i; + + for (i = 0; i < data->length; i++) { + while (col < 8) { + putchar(' '); + col++; + } + if (data->data[i] > 0x20 && data->data[i] < 0x7f) { + putchar(data->data[i]); + col++; + } else { + col += printf("\\%03o", (unsigned char)data->data[i]); + } + if (col > 72) { + putchar('\n'); + col = 0; + } + } + if (col > 0) + putchar('\n'); +} + void show_credential(cred) register krb5_creds * cred; @@ -631,7 +660,7 @@ show_credential(cred) krb5_error_code retval; krb5_ticket *tkt; char *name, *sname, *flags; - int extra_field = 0; + int extra_field = 0, ccol = 0, i; retval = krb5_unparse_name(kcontext, cred->client, &name); if (retval) { @@ -647,18 +676,35 @@ show_credential(cred) if (!cred->times.starttime) cred->times.starttime = cred->times.authtime; - printtime(cred->times.starttime); - putchar(' '); putchar(' '); - printtime(cred->times.endtime); - putchar(' '); putchar(' '); + if (!krb5_is_config_principal(kcontext, cred->server)) { + printtime(cred->times.starttime); + putchar(' '); putchar(' '); + printtime(cred->times.endtime); + putchar(' '); putchar(' '); - printf("%s\n", sname); + printf("%s\n", sname); + } else { + fputs("config: ", stdout); + ccol = 8; + for (i = 1; i < cred->server->length; i++) { + ccol += printf("%s%.*s%s", + i > 1 ? "(" : "", + (int)cred->server->data[i].length, + cred->server->data[i].data, + i > 1 ? ")" : ""); + } + fputs(" = ", stdout); + ccol += 3; + } if (strcmp(name, defname)) { printf(_("\tfor client %s"), name); extra_field++; } + if (krb5_is_config_principal(kcontext, cred->server)) + print_config_data(ccol, &cred->ticket); + if (cred->times.renew_till) { if (!extra_field) fputs("\t",stdout); @@ -712,8 +758,6 @@ show_credential(cred) } if (show_adtype) { - int i; - if (cred->authdata != NULL) { if (!extra_field) fputs("\t",stdout); @@ -738,8 +782,6 @@ show_credential(cred) if (!cred->addresses || !cred->addresses[0]) { printf(_("\tAddresses: (none)\n")); } else { - int i; - printf(_("\tAddresses: ")); one_addr(cred->addresses[0]); |