diff options
Diffstat (limited to 'src/clients/ksu')
| -rw-r--r-- | src/clients/ksu/authorization.c | 21 | ||||
| -rw-r--r-- | src/clients/ksu/ccache.c | 22 | ||||
| -rw-r--r-- | src/clients/ksu/krb_auth_su.c | 73 | ||||
| -rw-r--r-- | src/clients/ksu/main.c | 168 |
4 files changed, 146 insertions, 138 deletions
diff --git a/src/clients/ksu/authorization.c b/src/clients/ksu/authorization.c index fcc5ca99d9..f1cc8acd10 100644 --- a/src/clients/ksu/authorization.c +++ b/src/clients/ksu/authorization.c @@ -366,13 +366,17 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err) }else{ /* must be either full path or just the cmd name */ if (strchr(fcmd, '/')){ - asprintf(&err,"Error: bad entry - %s in %s file, must be either full path or just the cmd name\n", fcmd, KRB5_USERS_NAME); + asprintf(&err, _("Error: bad entry - %s in %s file, must be " + "either full path or just the cmd name\n"), + fcmd, KRB5_USERS_NAME); *out_err = err; return FALSE; } #ifndef CMD_PATH - asprintf(&err,"Error: bad entry - %s in %s file, since %s is just the cmd name, CMD_PATH must be defined \n", fcmd, KRB5_USERS_NAME, fcmd); + asprintf(&err, _("Error: bad entry - %s in %s file, since %s is just " + "the cmd name, CMD_PATH must be defined \n"), + fcmd, KRB5_USERS_NAME, fcmd); *out_err = err; return FALSE; #else @@ -385,7 +389,8 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err) tc = get_first_token (path_ptr, &lp); if (! tc){ - asprintf(&err,"Error: bad entry - %s in %s file, CMD_PATH contains no paths \n", fcmd, KRB5_USERS_NAME); + asprintf(&err, _("Error: bad entry - %s in %s file, CMD_PATH " + "contains no paths \n"), fcmd, KRB5_USERS_NAME); *out_err = err; return FALSE; } @@ -393,7 +398,8 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err) i=0; do{ if (*tc != '/'){ /* must be full path */ - asprintf(&err,"Error: bad path %s in CMD_PATH for %s must start with '/' \n",tc, KRB5_USERS_NAME ); + asprintf(&err, _("Error: bad path %s in CMD_PATH for %s must " + "start with '/' \n"), tc, KRB5_USERS_NAME ); *out_err = err; return FALSE; } @@ -508,7 +514,7 @@ krb5_boolean find_first_cmd_that_exists(fcmd_arr, cmd_out, err_out) if (retbool == FALSE ){ krb5int_buf_init_dynamic(&buf); - krb5int_buf_add(&buf, "Error: not found -> "); + krb5int_buf_add(&buf, _("Error: not found -> ")); for(j= 0; j < i; j ++) krb5int_buf_add_fmt(&buf, " %s ", fcmd_arr[j]); krb5int_buf_add(&buf, "\n"); @@ -714,9 +720,8 @@ void init_auth_names(pw_dir) pw_dir, sep, KRB5_USERS_NAME); if (SNPRINTF_OVERFLOW(r1, sizeof(k5login_path)) || SNPRINTF_OVERFLOW(r2, sizeof(k5users_path))) { - fprintf (stderr, - "home directory name `%s' too long, can't search for .k5login\n", - pw_dir); + fprintf(stderr, _("home directory name `%s' too long, can't search " + "for .k5login\n"), pw_dir); exit (1); } } diff --git a/src/clients/ksu/ccache.c b/src/clients/ksu/ccache.c index 5192623512..9916c75f30 100644 --- a/src/clients/ksu/ccache.c +++ b/src/clients/ksu/ccache.c @@ -70,8 +70,7 @@ krb5_error_code krb5_ccache_copy (context, cc_def, cc_other_tag, cc_other = (krb5_ccache *) xcalloc(1, sizeof (krb5_ccache)); if ((retval = krb5_cc_resolve(context, cc_other_tag, cc_other))){ - com_err (prog_name, retval, "resolving ccache %s", - cc_other_tag); + com_err(prog_name, retval, _("resolving ccache %s"), cc_other_tag); return retval; } @@ -382,7 +381,7 @@ krb5_get_login_princ(luser, princ_list) } result = snprintf(pbuf, sizeof(pbuf), "%s/.k5login", pwd->pw_dir); if (SNPRINTF_OVERFLOW(result, sizeof(pbuf))) { - fprintf (stderr, "home directory path for %s too long\n", luser); + fprintf(stderr, _("home directory path for %s too long\n"), luser); exit (1); } @@ -464,22 +463,22 @@ show_credential(context, cred, cc) retval = krb5_unparse_name(context, cred->client, &name); if (retval) { - com_err(prog_name, retval, "while unparsing client name"); + com_err(prog_name, retval, _("while unparsing client name")); return; } retval = krb5_unparse_name(context, cred->server, &sname); if (retval) { - com_err(prog_name, retval, "while unparsing server name"); + com_err(prog_name, retval, _("while unparsing server name")); free(name); return; } if ((retval = krb5_cc_get_principal(context, cc, &princ))) { - com_err(prog_name, retval, "while retrieving principal name"); + com_err(prog_name, retval, _("while retrieving principal name")); return; } if ((retval = krb5_unparse_name(context, princ, &defname))) { - com_err(prog_name, retval, "while unparsing principal name"); + com_err(prog_name, retval, _("while unparsing principal name")); return; } @@ -494,7 +493,7 @@ show_credential(context, cred, cc) printf("%s\n", sname); if (strcmp(name, defname)) { - printf("\tfor client %s", name); + printf(_("\tfor client %s"), name); first = 0; } @@ -503,7 +502,7 @@ show_credential(context, cred, cc) fputs("\t",stdout); else fputs(", ",stdout); - fputs("renew until ", stdout); + fputs(_("renew until "), stdout); printtime(cred->times.renew_till); } if (show_flags) { @@ -513,7 +512,7 @@ show_credential(context, cred, cc) fputs("\t",stdout); else fputs(", ",stdout); - printf("Flags: %s", flags); + printf(_("Flags: %s"), flags); first = 0; } } @@ -660,8 +659,7 @@ krb5_error_code krb5_ccache_copy_restricted (context, cc_def, cc_other_tag, cc_other = (krb5_ccache *) xcalloc(1, sizeof (krb5_ccache)); if ((retval = krb5_cc_resolve(context, cc_other_tag, cc_other))){ - com_err (prog_name, retval, "resolving ccache %s", - cc_other_tag); + com_err(prog_name, retval, _("resolving ccache %s"), cc_other_tag); return retval; } diff --git a/src/clients/ksu/krb_auth_su.c b/src/clients/ksu/krb_auth_su.c index b919c39b20..eb597aa268 100644 --- a/src/clients/ksu/krb_auth_su.c +++ b/src/clients/ksu/krb_auth_su.c @@ -63,7 +63,7 @@ krb5_boolean krb5_auth_check(context, client_pname, hostname, options, if ((retval= krb5_copy_principal(context, client_pname, &client))){ - com_err(prog_name, retval,"while copying client principal"); + com_err(prog_name, retval, _("while copying client principal")); return (FALSE) ; } @@ -75,7 +75,7 @@ krb5_boolean krb5_auth_check(context, client_pname, hostname, options, if ((retval = krb5_sname_to_principal(context, hostname, NULL, KRB5_NT_SRV_HST, &server))){ com_err(prog_name, retval, - "while creating server %s principal name", hostname); + _("while creating server %s principal name"), hostname); krb5_free_principal(context, client); return (FALSE) ; } @@ -100,14 +100,14 @@ krb5_boolean krb5_auth_check(context, client_pname, hostname, options, /* check to see if the local tgt is in the cache */ if ((retval= krb5_copy_principal(context, client, &tgtq.client))){ - com_err(prog_name, retval,"while copying client principal"); + com_err(prog_name, retval, _("while copying client principal")); return (FALSE) ; } if ((retval = ksu_tgtname(context, krb5_princ_realm(context, client), krb5_princ_realm(context, client), &tgtq.server))){ - com_err(prog_name, retval, "while creating tgt for local realm"); + com_err(prog_name, retval, _("while creating tgt for local realm")); krb5_free_principal(context, client); krb5_free_principal(context, server); return (FALSE) ; @@ -123,8 +123,7 @@ krb5_boolean krb5_auth_check(context, client_pname, hostname, options, if (retval){ if ((retval != KRB5_CC_NOTFOUND) && (retval != KRB5KRB_AP_ERR_TKT_EXPIRED)){ - com_err(prog_name, retval, - "while retrieving creds from cache"); + com_err(prog_name, retval, _("while retrieving creds from cache")); return (FALSE) ; } } else{ @@ -135,13 +134,15 @@ krb5_boolean krb5_auth_check(context, client_pname, hostname, options, #ifdef GET_TGT_VIA_PASSWD if (krb5_seteuid(0)||krb5_seteuid(target_uid)) { - com_err("ksu", errno, "while switching to target uid"); + com_err("ksu", errno, _("while switching to target uid")); return FALSE; } - fprintf(stderr,"WARNING: Your password may be exposed if you enter it here and are logged \n"); - fprintf(stderr," in remotely using an unsecure (non-encrypted) channel. \n"); + fprintf(stderr, _("WARNING: Your password may be exposed if you enter " + "it here and are logged \n")); + fprintf(stderr, _(" in remotely using an unsecure " + "(non-encrypted) channel. \n")); /*get the ticket granting ticket, via passwd(promt for passwd)*/ if (krb5_get_tkt_via_passwd (context, &cc, client, tgtq.server, @@ -152,13 +153,14 @@ krb5_boolean krb5_auth_check(context, client_pname, hostname, options, } *path_passwd = 1; if (krb5_seteuid(0)) { - com_err("ksu", errno, "while reclaiming root uid"); + com_err("ksu", errno, _("while reclaiming root uid")); return FALSE; } #else plain_dump_principal (context, client); - fprintf(stderr,"does not have any appropriate tickets in the cache.\n"); + fprintf(stderr, + _("does not have any appropriate tickets in the cache.\n")); return FALSE; #endif /* GET_TGT_VIA_PASSWD */ @@ -166,18 +168,18 @@ krb5_boolean krb5_auth_check(context, client_pname, hostname, options, } if ((retval= krb5_copy_principal(context, client, &in_creds.client))){ - com_err(prog_name, retval,"while copying client principal"); + com_err(prog_name, retval, _("while copying client principal")); return (FALSE) ; } if ((retval= krb5_copy_principal(context, server, &in_creds.server))){ - com_err(prog_name, retval,"while copying client principal"); + com_err(prog_name, retval, _("while copying client principal")); return (FALSE) ; } if ((retval = krb5_get_credentials(context, 0, cc, &in_creds, &out_creds))){ - com_err(prog_name, retval, "while getting credentials from kdc"); + com_err(prog_name, retval, _("while getting credentials from kdc")); return (FALSE); } @@ -194,7 +196,7 @@ krb5_boolean krb5_auth_check(context, client_pname, hostname, options, NULL /*output ccache*/, &vfy_opts); if (retval) { - com_err(prog_name, retval, "while verifying ticket for server"); + com_err(prog_name, retval, _("while verifying ticket for server")); return (FALSE); } @@ -220,12 +222,12 @@ krb5_boolean krb5_fast_auth(context, client, server, target_user, cc) memset(&tgt, 0, sizeof(tgt)); if ((retval= krb5_copy_principal(context, client, &tgtq.client))){ - com_err(prog_name, retval,"while copying client principal"); + com_err(prog_name, retval, _("while copying client principal")); return (FALSE) ; } if ((retval= krb5_copy_principal(context, server, &tgtq.server))){ - com_err(prog_name, retval,"while copying client principal"); + com_err(prog_name, retval, _("while copying client principal")); return (FALSE) ; } @@ -233,7 +235,7 @@ krb5_boolean krb5_fast_auth(context, client, server, target_user, cc) KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))){ if (auth_debug) - com_err(prog_name, retval,"While Retrieving credentials"); + com_err(prog_name, retval, _("while Retrieving credentials")); return (FALSE) ; } @@ -243,7 +245,7 @@ krb5_boolean krb5_fast_auth(context, client, server, target_user, cc) NULL /*output ccache*/, &vfy_opts); if (retval){ - com_err(prog_name, retval, "while verifing ticket for server"); + com_err(prog_name, retval, _("while verifying ticket for server")); return (FALSE); } @@ -271,24 +273,24 @@ krb5_boolean krb5_get_tkt_via_passwd (context, ccache, client, server, *zero_password = FALSE; if ((code = krb5_unparse_name(context, client, &client_name))) { - com_err (prog_name, code, "when unparsing name"); + com_err (prog_name, code, _("when unparsing name")); return (FALSE); } memset(&my_creds, 0, sizeof(my_creds)); if ((code = krb5_copy_principal(context, client, &my_creds.client))){ - com_err (prog_name, code, "while copying principal"); + com_err (prog_name, code, _("while copying principal")); return (FALSE); } if ((code = krb5_copy_principal(context, server, &my_creds.server))){ - com_err (prog_name, code, "while copying principal"); + com_err (prog_name, code, _("while copying principal")); return (FALSE); } if ((code = krb5_timeofday(context, &now))) { - com_err(prog_name, code, "while getting time of day"); + com_err(prog_name, code, _("while getting time of day")); return (FALSE); } @@ -301,12 +303,12 @@ krb5_boolean krb5_get_tkt_via_passwd (context, ccache, client, server, } else my_creds.times.renew_till = 0; - result = snprintf(prompt, sizeof(prompt), "Kerberos password for %s: ", + result = snprintf(prompt, sizeof(prompt), _("Kerberos password for %s: "), client_name); if (SNPRINTF_OVERFLOW(result, sizeof(prompt))) { - fprintf (stderr, - "principal name %s too long for internal buffer space\n", - client_name); + fprintf(stderr, + _("principal name %s too long for internal buffer space\n"), + client_name); return FALSE; } @@ -314,14 +316,14 @@ krb5_boolean krb5_get_tkt_via_passwd (context, ccache, client, server, code = krb5_read_password(context, prompt, 0, password, &pwsize); if (code ) { - com_err(prog_name, code, "while reading password for '%s'\n", + com_err(prog_name, code, _("while reading password for '%s'\n"), client_name); memset(password, 0, sizeof(password)); return (FALSE); } if ( pwsize == 0) { - fprintf(stderr, "No password given\n"); + fprintf(stderr, _("No password given\n")); *zero_password = TRUE; memset(password, 0, sizeof(password)); return (FALSE); @@ -335,9 +337,9 @@ krb5_boolean krb5_get_tkt_via_passwd (context, ccache, client, server, if (code) { if (code == KRB5KRB_AP_ERR_BAD_INTEGRITY) - fprintf (stderr, "%s: Password incorrect\n", prog_name); + fprintf(stderr, _("%s: Password incorrect\n"), prog_name); else - com_err (prog_name, code, "while getting initial credentials"); + com_err(prog_name, code, _("while getting initial credentials")); return (FALSE); } return (TRUE); @@ -353,7 +355,8 @@ void dump_principal (context, str, p) krb5_error_code retval; if ((retval = krb5_unparse_name(context, p, &stname))) { - fprintf(stderr, " %s while unparsing name\n", error_message(retval)); + fprintf(stderr, _(" %s while unparsing name\n"), + error_message(retval)); } fprintf(stderr, " %s: %s\n", str, stname); } @@ -365,8 +368,10 @@ void plain_dump_principal (context, p) char * stname; krb5_error_code retval; - if ((retval = krb5_unparse_name(context, p, &stname))) - fprintf(stderr, " %s while unparsing name\n", error_message(retval)); + if ((retval = krb5_unparse_name(context, p, &stname))) { + fprintf(stderr, _(" %s while unparsing name\n"), + error_message(retval)); + } fprintf(stderr, "%s ", stname); } diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c index e548f1699a..e3d2999e56 100644 --- a/src/clients/ksu/main.c +++ b/src/clients/ksu/main.c @@ -58,7 +58,10 @@ char * get_dir_of_file(); ill specified arguments to commands */ void usage (){ - fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); + fprintf(stderr, + _("Usage: %s [target user] [-n principal] [-c source cachename] " + "[-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] " + "[-e command [args... ] ] [-a [args... ] ]\n"), prog_name); } /* for Ultrix and friends ... */ @@ -128,7 +131,7 @@ main (argc, argv) retval = krb5_init_secure_context(&ksu_context); if (retval) { - com_err(argv[0], retval, "while initializing krb5"); + com_err(argv[0], retval, _("while initializing krb5")); exit(1); } @@ -137,7 +140,9 @@ main (argc, argv) prog_name = argv[0]; if (strlen (prog_name) > 50) { /* this many chars *after* last / ?? */ - com_err(prog_name, 0, "program name too long - quitting to avoid triggering system logging bugs"); + com_err(prog_name, 0, + _("program name too long - quitting to avoid triggering " + "system logging bugs")); exit (1); } @@ -162,7 +167,7 @@ main (argc, argv) pargc = argc -1; if ((pargv =(char **) calloc(pargc +1,sizeof(char *)))==NULL){ - com_err(prog_name, errno, "while allocating memory"); + com_err(prog_name, errno, _("while allocating memory")); exit(1); } @@ -175,7 +180,7 @@ main (argc, argv) } if (krb5_seteuid (ruid)) { - com_err (prog_name, errno, "while setting euid to source user"); + com_err (prog_name, errno, _("while setting euid to source user")); exit (1); } while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){ @@ -186,7 +191,7 @@ main (argc, argv) optarg = "bad-time"; retval = krb5_string_to_deltat(optarg, &options.rlife); if (retval != 0 || options.rlife == 0) { - fprintf(stderr, "Bad lifetime value (%s hours?)\n", optarg); + fprintf(stderr, _("Bad lifetime value (%s hours?)\n"), optarg); errflg++; } break; @@ -197,7 +202,7 @@ main (argc, argv) if (auth_debug){printf("Before get_params optind=%d\n", optind);} if ((retval = get_params( & optind, pargc, pargv, ¶ms))){ - com_err(prog_name, retval, "when gathering parameters"); + com_err(prog_name, retval, _("when gathering parameters")); errflg++; } if(auth_debug){ printf("After get_params optind=%d\n", optind);} @@ -220,13 +225,13 @@ main (argc, argv) optarg = "bad-time"; retval = krb5_string_to_deltat(optarg, &options.lifetime); if (retval != 0 || options.lifetime == 0) { - fprintf(stderr, "Bad lifetime value (%s hours?)\n", optarg); + fprintf(stderr, _("Bad lifetime value (%s hours?)\n"), optarg); errflg++; } break; case 'n': if ((retval = krb5_parse_name(ksu_context, optarg, &client))){ - com_err(prog_name, retval, "when parsing name %s", optarg); + com_err(prog_name, retval, _("when parsing name %s"), optarg); errflg++; } @@ -242,7 +247,7 @@ main (argc, argv) some_rest_copy = 1; if(all_rest_copy) { fprintf(stderr, - "-z option is mutually exclusive with -Z.\n"); + _("-z option is mutually exclusive with -Z.\n")); errflg++; } break; @@ -250,7 +255,7 @@ main (argc, argv) all_rest_copy = 1; if(some_rest_copy) { fprintf(stderr, - "-Z option is mutually exclusive with -z.\n"); + _("-Z option is mutually exclusive with -z.\n")); errflg++; } break; @@ -261,20 +266,20 @@ main (argc, argv) cc_source_tag_tmp = strchr(cc_source_tag, ':') + 1; if( stat( cc_source_tag_tmp, &st_temp)){ - com_err (prog_name, errno, - "while looking for credentials file %s", - cc_source_tag_tmp); + com_err(prog_name, errno, + _("while looking for credentials file %s"), + cc_source_tag_tmp); exit (1); } } else { - fprintf(stderr,"malformed credential cache name %s\n", + fprintf(stderr, _("malformed credential cache name %s\n"), cc_source_tag); errflg++; } } else { - fprintf(stderr, "Only one -c option allowed\n"); + fprintf(stderr, _("Only one -c option allowed\n")); errflg++; } break; @@ -282,7 +287,7 @@ main (argc, argv) cmd = xstrdup(optarg); if(auth_debug){printf("Before get_params optind=%d\n", optind);} if ((retval = get_params( & optind, pargc, pargv, ¶ms))){ - com_err(prog_name, retval, "when gathering parameters"); + com_err(prog_name, retval, _("when gathering parameters")); errflg++; } if(auth_debug){printf("After get_params optind=%d\n", optind);} @@ -326,11 +331,11 @@ main (argc, argv) } if (pwd == NULL) { - fprintf(stderr, "ksu: who are you?\n"); + fprintf(stderr, _("ksu: who are you?\n")); exit(1); } if (pwd->pw_uid != ruid) { - fprintf (stderr, "Your uid doesn't match your passwd entry?!\n"); + fprintf (stderr, _("Your uid doesn't match your passwd entry?!\n")); exit (1); } /* Okay, now we have *some* passwd entry that matches the @@ -347,7 +352,7 @@ main (argc, argv) } if ((target_pwd = getpwnam(target_user)) == NULL){ - fprintf(stderr, "ksu: unknown login %s\n", target_user); + fprintf(stderr, _("ksu: unknown login %s\n"), target_user); exit(1); } target_uid = target_pwd->pw_uid; @@ -368,13 +373,13 @@ main (argc, argv) /* get a handle for the cache */ if ((retval = krb5_cc_resolve(ksu_context, cc_source_tag, &cc_source))){ - com_err(prog_name, retval,"while getting source cache"); + com_err(prog_name, retval, _("while getting source cache")); exit(1); } if (((retval = krb5_cc_set_flags(ksu_context, cc_source, 0x0)) != 0) && (retval != KRB5_FCC_NOFILE)) { - com_err(prog_name, retval, "while opening ccache"); + com_err(prog_name, retval, _("while opening ccache")); exit(1); } if ((retval = get_best_princ_for_target(ksu_context, source_uid, @@ -382,7 +387,7 @@ main (argc, argv) target_user, cc_source, &options, cmd, localhostname, &client, &hp))){ - com_err(prog_name,retval, "while selecting the best principal"); + com_err(prog_name,retval, _("while selecting the best principal")); exit(1); } @@ -390,7 +395,8 @@ main (argc, argv) what happened; become source.*/ if ( geteuid() != source_uid) { if (krb5_seteuid(0) || krb5_seteuid(source_uid) ) { - com_err(prog_name, errno, "while returning to source uid after finding best principal"); + com_err(prog_name, errno, _("while returning to source uid after " + "finding best principal")); exit(1); } } @@ -409,7 +415,7 @@ main (argc, argv) if (hp){ if (gb_err) fprintf(stderr, "%s", gb_err); - fprintf(stderr,"account %s: authorization failed\n",target_user); + fprintf(stderr, _("account %s: authorization failed\n"), target_user); exit(1); } @@ -435,7 +441,7 @@ main (argc, argv) if (access(dir_of_cc_target, R_OK | W_OK )){ fprintf(stderr, - "%s does not have correct permissions for %s\n", + _("%s does not have correct permissions for %s\n"), source_user, cc_target_tag); exit(1); } @@ -465,19 +471,16 @@ main (argc, argv) cc_target_tag, client, &cc_target, &stored, target_uid))){ - com_err (prog_name, retval, - "while copying cache %s to %s", - krb5_cc_get_name(ksu_context, cc_source),cc_target_tag); + com_err(prog_name, retval, _("while copying cache %s to %s"), + krb5_cc_get_name(ksu_context, cc_source), cc_target_tag); exit(1); } } else { if ((retval = krb5_ccache_copy(ksu_context, cc_source, cc_target_tag, client,&cc_target, &stored, target_uid))) { - com_err (prog_name, retval, - "while copying cache %s to %s", - krb5_cc_get_name(ksu_context, cc_source), - cc_target_tag); + com_err(prog_name, retval, _("while copying cache %s to %s"), + krb5_cc_get_name(ksu_context, cc_source), cc_target_tag); exit(1); } @@ -486,7 +489,7 @@ main (argc, argv) /* Become root for authentication*/ if (krb5_seteuid(0)) { - com_err(prog_name, errno, "while reclaiming root uid"); + com_err(prog_name, errno, _("while reclaiming root uid")); exit(1); } @@ -498,25 +501,26 @@ main (argc, argv) krb5_princ_realm(ksu_context, client), &kdc_server))){ com_err(prog_name, retval, - "while creating tgt for local realm"); + _("while creating tgt for local realm")); sweep_up(ksu_context, cc_target); exit(1); } - fprintf(stderr,"WARNING: Your password may be exposed if you enter it here and are logged\n"); - fprintf(stderr," in remotely using an unsecure (non-encrypted) channel.\n"); + fprintf(stderr, _("WARNING: Your password may be exposed if you " + "enter it here and are logged\n")); + fprintf(stderr, _(" in remotely using an unsecure " + "(non-encrypted) channel.\n")); if (krb5_get_tkt_via_passwd (ksu_context, &cc_target, client, kdc_server, &options, &zero_password) == FALSE){ if (zero_password == FALSE){ - fprintf(stderr,"Goodbye\n"); + fprintf(stderr, _("Goodbye\n")); sweep_up(ksu_context, cc_target); exit(1); } - fprintf(stderr, - "Could not get a tgt for "); + fprintf(stderr, _("Could not get a tgt for ")); plain_dump_principal (ksu_context, client); fprintf(stderr, "\n"); @@ -536,9 +540,8 @@ main (argc, argv) /* if Kerberos authentication failed then exit */ if (auth_val ==FALSE){ - fprintf(stderr, "Authentication failed.\n"); - syslog(LOG_WARNING, - "'%s %s' authentication failed for %s%s", + fprintf(stderr, _("Authentication failed.\n")); + syslog(LOG_WARNING, "'%s %s' authentication failed for %s%s", prog_name,target_user,source_user,ontty()); sweep_up(ksu_context, cc_target); exit(1); @@ -572,51 +575,51 @@ main (argc, argv) #endif /*0*/ if ((retval = krb5_unparse_name(ksu_context, client, &client_name))) { - com_err (prog_name, retval, "When unparsing name"); + com_err(prog_name, retval, _("When unparsing name")); sweep_up(ksu_context, cc_target); exit(1); } - print_status("Authenticated %s\n", client_name); + print_status(_("Authenticated %s\n"), client_name); syslog(LOG_NOTICE,"'%s %s' authenticated %s for %s%s", prog_name,target_user,client_name, source_user,ontty()); /* Run authorization as target.*/ if (krb5_seteuid(target_uid)) { - com_err(prog_name, errno, "while switching to target for authorization check"); + com_err(prog_name, errno, _("while switching to target for " + "authorization check")); sweep_up(ksu_context, cc_target); exit(1); } if ((retval = krb5_authorization(ksu_context, client,target_user, cmd, &authorization_val, &exec_cmd))){ - com_err(prog_name,retval,"while checking authorization"); + com_err(prog_name,retval, _("while checking authorization")); krb5_seteuid(0); /*So we have some chance of sweeping up*/ sweep_up(ksu_context, cc_target); exit(1); } if (krb5_seteuid(0)) { - com_err(prog_name, errno, "while switching back from target after authorization check"); + com_err(prog_name, errno, _("while switching back from target " + "after authorization check")); sweep_up(ksu_context, cc_target); exit(1); } if (authorization_val == TRUE){ if (cmd) { - print_status( - "Account %s: authorization for %s for execution of\n", - target_user, client_name); - print_status(" %s successful\n",exec_cmd); + print_status(_("Account %s: authorization for %s for " + "execution of\n"), target_user, client_name); + print_status(_(" %s successful\n"), exec_cmd); syslog(LOG_NOTICE, "Account %s: authorization for %s for execution of %s successful", target_user, client_name, exec_cmd); }else{ - print_status( - "Account %s: authorization for %s successful\n", - target_user, client_name); + print_status(_("Account %s: authorization for %s " + "successful\n"), target_user, client_name); syslog(LOG_NOTICE, "Account %s: authorization for %s successful", target_user, client_name); @@ -627,16 +630,15 @@ main (argc, argv) fprintf(stderr, "%s", exec_cmd ); syslog(LOG_WARNING, "%s",exec_cmd); } - fprintf(stderr, - "Account %s: authorization for %s for execution of %s failed\n", + fprintf(stderr, _("Account %s: authorization for %s for " + "execution of %s failed\n"), target_user, client_name, cmd ); syslog(LOG_WARNING, "Account %s: authorization for %s for execution of %s failed", target_user, client_name, cmd ); }else{ - fprintf(stderr, - "Account %s: authorization of %s failed\n", + fprintf(stderr, _("Account %s: authorization of %s failed\n"), target_user, client_name); syslog(LOG_WARNING, "Account %s: authorization of %s failed", @@ -651,7 +653,7 @@ main (argc, argv) if( some_rest_copy){ if ((retval = krb5_ccache_filter(ksu_context, cc_target, client))){ - com_err(prog_name,retval,"while calling cc_filter"); + com_err(prog_name,retval, _("while calling cc_filter")); sweep_up(ksu_context, cc_target); exit(1); } @@ -659,8 +661,7 @@ main (argc, argv) if (all_rest_copy){ if ((retval = krb5_cc_initialize(ksu_context, cc_target, client))){ - com_err(prog_name, retval, - "while erasing target cache"); + com_err(prog_name, retval, _("while erasing target cache")); exit(1); } @@ -680,7 +681,7 @@ main (argc, argv) /* insist that the target login uses a standard shell (root is omited) */ if (!standard_shell(target_pwd->pw_shell) && source_uid) { - fprintf(stderr, "ksu: permission denied (shell).\n"); + fprintf(stderr, _("ksu: permission denied (shell).\n")); sweep_up(ksu_context, cc_target); exit(1); } @@ -689,20 +690,21 @@ main (argc, argv) if (target_pwd->pw_uid){ if(set_env_var("USER", target_pwd->pw_name)){ - fprintf(stderr,"ksu: couldn't set environment variable USER\n"); + fprintf(stderr, + _("ksu: couldn't set environment variable USER\n")); sweep_up(ksu_context, cc_target); exit(1); } } if(set_env_var( "HOME", target_pwd->pw_dir)){ - fprintf(stderr,"ksu: couldn't set environment variable USER\n"); + fprintf(stderr, _("ksu: couldn't set environment variable USER\n")); sweep_up(ksu_context, cc_target); exit(1); } if(set_env_var( "SHELL", shell)){ - fprintf(stderr,"ksu: couldn't set environment variable USER\n"); + fprintf(stderr, _("ksu: couldn't set environment variable SHELL\n")); sweep_up(ksu_context, cc_target); exit(1); } @@ -710,7 +712,7 @@ main (argc, argv) /* set the cc env name to target */ if(set_env_var( KRB5_ENV_CCNAME, cc_target_tag)){ - fprintf(stderr,"ksu: couldn't set environment variable %s\n", + fprintf(stderr, _("ksu: couldn't set environment variable %s\n"), KRB5_ENV_CCNAME); sweep_up(ksu_context, cc_target); exit(1); @@ -725,16 +727,16 @@ main (argc, argv) if (initgroups(target_user, target_pwd->pw_gid)) { - fprintf(stderr, "ksu: initgroups failed.\n"); + fprintf(stderr, _("ksu: initgroups failed.\n")); sweep_up(ksu_context, cc_target); exit(1); } if ( ! strcmp(target_user, source_user)){ - print_status("Leaving uid as %s (%ld)\n", + print_status(_("Leaving uid as %s (%ld)\n"), target_user, (long) target_pwd->pw_uid); }else{ - print_status("Changing uid to %s (%ld)\n", + print_status(_("Changing uid to %s (%ld)\n"), target_user, (long) target_pwd->pw_uid); } @@ -759,7 +761,7 @@ main (argc, argv) if (access( cc_target_tag_tmp, R_OK | W_OK )){ com_err(prog_name, errno, - "%s does not have correct permissions for %s, %s aborted", + _("%s does not have correct permissions for %s, %s aborted"), target_user, cc_target_tag_tmp, prog_name); exit(1); } @@ -773,8 +775,8 @@ main (argc, argv) } if( !exec_cmd){ - fprintf(stderr, - "Internal error: command %s did not get resolved\n",cmd); + fprintf(stderr, _("Internal error: command %s did not get " + "resolved\n"), cmd); exit(1); } @@ -790,8 +792,7 @@ main (argc, argv) if( keep_target_cache ) { execv(params[0], params); - com_err(prog_name, errno, "while trying to execv %s", - params[0]); + com_err(prog_name, errno, _("while trying to execv %s"), params[0]); sweep_up(ksu_context, cc_target); exit(1); }else{ @@ -817,17 +818,18 @@ main (argc, argv) printf("The exit status of the child is %d\n", statusp); } if (ret_pid == -1) { - com_err(prog_name, errno, "while calling waitpid"); + com_err(prog_name, errno, _("while calling waitpid")); } sweep_up(ksu_context, cc_target); exit (statusp); case -1: - com_err(prog_name, errno, "while trying to fork."); + com_err(prog_name, errno, _("while trying to fork.")); sweep_up(ksu_context, cc_target); exit (1); case 0: execv(params[0], params); - com_err(prog_name, errno, "while trying to execv %s", params[0]); + com_err(prog_name, errno, _("while trying to execv %s"), + params[0]); exit (1); } } @@ -859,7 +861,7 @@ static char * ontty() if ((p = ttyname(STDERR_FILENO))) { result = snprintf(buf, sizeof(buf), " on %s", p); if (SNPRINTF_OVERFLOW(result, sizeof(buf))) { - fprintf (stderr, "terminal name %s too long\n", p); + fprintf(stderr, _("terminal name %s too long\n"), p); exit (1); } } @@ -889,16 +891,14 @@ static void sweep_up(context, cc) krb5_seteuid(0); if (krb5_seteuid(target_uid) < 0) { com_err(prog_name, errno, - "while changing to target uid for destroying ccache"); + _("while changing to target uid for destroying ccache")); exit(1); } cc_name = krb5_cc_get_name(context, cc); if ( ! stat(cc_name, &st_temp)){ - if ((retval = krb5_cc_destroy(context, cc))){ - com_err(prog_name, retval, - "while destroying cache"); - } + if ((retval = krb5_cc_destroy(context, cc))) + com_err(prog_name, retval, _("while destroying cache")); } } |