* kinit.c: Add support for using both -4 and -5. Default to krb5

only.  Add KINIT_DEFAULT_BOTH support.  Tweak usage info.

* kinit.M: Fix a couple of typos.  Document new default
behavior.   Document that -4 and -5 may be combined.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12108 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 73 insertions, 71 deletions

diff --git a/src/clients/kinit/ChangeLog b/src/clients/kinit/ChangeLog
index 4c959384d..e6637351b 100644
--- a/src/clients/kinit/ChangeLog
+++ b/src/clients/kinit/ChangeLog
@@ -1,3 +1,11 @@
+2000-03-07  Danilo Almeida  <dalmeida@mit.edu>
+
+	* kinit.c: Add support for using both -4 and -5.  Default to krb5
+	only.  Add KINIT_DEFAULT_BOTH support.  Tweak usage info.
+
+	* kinit.M: Fix a couple of typos.  Document new default
+	behavior.   Document that -4 and -5 may be combined.
+
 2000-02-16  Danilo Almeida  <dalmeida@mit.edu>
 
 	* kinit.M: Document that -s is not applicable to Kerberos 4.
diff --git a/src/clients/kinit/kinit.M b/src/clients/kinit/kinit.M
index c731bae0c..bd362eb7f 100644
--- a/src/clients/kinit/kinit.M
+++ b/src/clients/kinit/kinit.M
@@ -44,19 +44,27 @@ kinit \- obtain and cache Kerberos ticket-granting ticket
 .SH DESCRIPTION
 .I kinit
 obtains and caches an initial ticket-granting ticket for
-.IR principal .  If kinit was build with Kerberos 4 support,
-the default behavior is to acquired both Kerberos 5 and Kerberos 4 tickets.
-Otherwise, the default behavior is to acquire only Kerberos 5 tickets.
+.IR principal .  The typical default behavior is to acquire only
+Kerberos 5 tickets.  However, if kinit was built with both 
+Kerberos 4 support and with the default behavior of acquiring both
+types of tickets, it will try to acquire both Kerberos 5 and Kerberos 4
+by default.
 Any documentation particular to Kerberos 4 does not apply if Kerberos 4
 support was not built into kinit.
 .SH OPTIONS
 .TP
 .B \-5
-get Kerberos 5 tickets only.
+get Kerberos 5 tickets.  This overrides whatever the default built-in
+behavior may be.  This option may be used with
+.B \-4
+.
 .TP
 .B \-4
-get Kerberos 4 tickets only.  This option is only avialbale if kinit was built
-with Kerberos 4 compatibility.
+get Kerberos 4 tickets.  This overrides whatever the default built-in
+behavior may be.  This option is only available if kinit was built
+with Kerberos 4 compatibility.  This option may be used with 
+.B \-5
+.
 .TP
 .B \-V
 display verbose output.
@@ -163,7 +171,7 @@ Kerberos 5 and Kerberos 4 with a kdc that supports Kerberos 5 to Kerberos 4
 ticket conversion.)
 .SH ENVIRONMENT
 .B Kinit
-uses the following environment variable:
+uses the following environment variables:
 .TP "\w'.SM KRB5CCNAME\ \ 'u"
 .SM KRB5CCNAME
 Location of the Kerberos 5 credentials (ticket) cache.
@@ -173,10 +181,12 @@ Filename of the Kerberos 4 credentials (ticket) cache.
 .SH FILES
 .TP "\w'/tmp/krb5cc_[uid]\ \ 'u"
 /tmp/krb5cc_[uid]
-default Kerberos 5 credentials cache ([uid] is the decimal UID of the user).
+default location of Kerberos 5 credentials cache 
+([uid] is the decimal UID of the user).
 .TP "\w'/tmp/tkt[uid]\ \ 'u"
 /tmp/tkt[uid]
-default Kerberos 4 credentials cache ([uid] is the decimal UID of the user).
+default location of Kerberos 4 credentials cache 
+([uid] is the decimal UID of the user).
 .TP
 /etc/krb5.keytab
 default location for the local host's
diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c
index 5f281e3a2..4587cb838 100644
--- a/src/clients/kinit/kinit.c
+++ b/src/clients/kinit/kinit.c
@@ -97,8 +97,15 @@ static char* progname_v5 = 0;
 static char* progname_v4 = 0;
 static char* progname_v524 = 0;
 
-static int got_k4 = 0;
 static int got_k5 = 0;
+static int got_k4 = 0;
+
+static int default_k5 = 1;
+#if defined(KRB5_KRB4_COMPAT) && defined(KINIT_DEFAULT_BOTH)
+static int default_k4 = 1;
+#else
+static int default_k4 = 0;
+#endif
 
 static int authed_k5 = 0;
 static int authed_k4 = 0;
@@ -174,13 +181,8 @@ struct option long_options[] = {
 #endif
 
 void
-usage(have_k4, have_k5)
-    int have_k4;
-int have_k5;
+usage(void)
 {
-    char* k4_default = 0;
-    char* k5_default = 0;
-
 #define USAGE_BREAK "\n\t"
 
 #ifdef GETOPT_LONG
@@ -209,32 +211,11 @@ int have_k5;
 	    "[-k [-t keytab_file]] "
 	    USAGE_BREAK
 	    "[-c cachename] "
-            "[-S service_name] [principal]"
-            "\n\n", 
+	    "[-S service_name] [principal]"
+	    "\n\n", 
 	    progname);
 
-#define DEFAULT_BOTH  "(default is Kerberos 4 & 5)"
-#define DEFAULT       "(default)"
-#define NOT_AVAILABLE "(not available)"
-
-    if (have_k4 && have_k5)
-    {
-	k4_default = k5_default = DEFAULT_BOTH;
-    }
-    else if (have_k5)
-    {
-	k4_default = NOT_AVAILABLE;
-	k5_default = DEFAULT;
-    }
-    else if (have_k4)
-    {
-	k4_default = DEFAULT;
-	k5_default = NOT_AVAILABLE;
-    }
-    else
-    {
-	k4_default = k5_default = NOT_AVAILABLE;
-    }
+#define KRB_AVAIL_STRING(x) ((x)?"available":"not available")
 
 #define OPTTYPE_KRB5   "5"
 #define OPTTYPE_KRB4   "4"
@@ -255,8 +236,13 @@ int have_k5;
 fprintf(stderr, USAGE_OPT_FMT, indent, col1, col2)
 
     ULINE("    ", "options:", "valid with Kerberos:");
-    fprintf(stderr, "\t-5 Kerberos 5 only %s\n", k5_default);
-    fprintf(stderr, "\t-4 Kerberos 4 only %s\n", k4_default);
+    fprintf(stderr, "\t-5 Kerberos 5 (%s)\n", KRB_AVAIL_STRING(got_k5));
+    fprintf(stderr, "\t-4 Kerberos 4 (%s)\n", KRB_AVAIL_STRING(got_k4));
+    fprintf(stderr, "\t   (Default behavior is to try %s%s%s%s)\n",
+	    default_k5?"Kerberos 5":"",
+            (default_k5 && default_k4)?" and ":"",
+	    default_k4?"Kerberos 4":"",
+            (!default_k5 && !default_k4)?"neither":"");
     ULINE("\t", "-V verbose",                   OPTTYPE_EITHER);
     ULINE("\t", "-l lifetime",                  OPTTYPE_EITHER);
     ULINE("\t", "-s start time",                OPTTYPE_KRB5);
@@ -280,15 +266,15 @@ fprintf(stderr, USAGE_OPT_FMT, indent, col1, col2)
 char *
 parse_options(argc, argv, opts)
     int argc;
-char **argv;
-struct k_opts* opts;
+    char **argv;
+    struct k_opts* opts;
 {
     krb5_error_code code;
     int errflg = 0;
-    int use_k4_only = 0;
-    int use_k5_only = 0;
-    int old_got_k4 = got_k4;
-    int old_got_k5 = got_k5;
+    int use_k4 = 0;
+    int use_k5 = 0;
+    int have_k4 = got_k4;
+    int have_k5 = got_k5;
     int i;
 
     while ((i = GETOPT(argc, argv, "r:fpFP54AVl:s:c:kt:RS:v"))
@@ -397,11 +383,11 @@ struct k_opts* opts;
 #ifdef KRB5_KRB4_COMPAT
 		fprintf(stderr, "Kerberos 4 support could not be loaded\n");
 #else
-		fprintf(stderr, "This kinit was not built with Kerberos 4 support\n");
+		fprintf(stderr, "This was not built with Kerberos 4 support\n");
 #endif
 		exit(3);
 	    }
-	    use_k4_only = 1;
+	    use_k4 = 1;
 	    break;
 	case '5':
 	    if (!got_k5)
@@ -409,7 +395,7 @@ struct k_opts* opts;
 		fprintf(stderr, "Kerberos 5 support could not be loaded\n");
 		exit(3);
 	    }
-	    use_k5_only = 1;
+	    use_k5 = 1;
 	    break;
 	default:
 	    errflg++;
@@ -417,11 +403,6 @@ struct k_opts* opts;
 	}
     }
 
-    if (use_k5_only && use_k4_only)
-    {
-	fprintf(stderr, "Only one of -4 and -5 allowed\n");
-	errflg++;
-    }
     if (opts->forwardable && opts->not_forwardable)
     {
 	fprintf(stderr, "Only one of -f and -F allowed\n");
@@ -446,13 +427,13 @@ struct k_opts* opts;
 
     /* At this point, if errorless, we know we only have one option
        selection */
-    if (use_k4_only)
-	got_k5 = 0;
-    if (use_k5_only)
-	got_k4 = 0;
+    if (!use_k5 && !use_k4) {
+	use_k5 = default_k5;
+	use_k4 = default_k4;
+    }
 
     /* Now, we encode the OPTTYPE stuff here... */
-    if (!got_k5 &&
+    if (!use_k5 &&
 	(opts->starttime || opts->rlife || opts->forwardable || 
 	 opts->proxiable || opts->addresses || opts->not_forwardable || 
 	 opts->not_proxiable || opts->no_addresses || 
@@ -461,7 +442,7 @@ struct k_opts* opts;
 	fprintf(stderr, "Specified option that requires Kerberos 5\n");
 	errflg++;
     }
-    if (!got_k4 &&
+    if (!use_k4 &&
 	opts->k4_cache_name)
     {
 	fprintf(stderr, "Specified option that require Kerberos 4\n");
@@ -469,9 +450,9 @@ struct k_opts* opts;
     }
     if (
 #ifdef HAVE_KRB524
-	!got_k5
+	!use_k5
 #else
-	got_k4
+	use_k4
 #endif
 	&& (opts->service_name || opts->keytab_name || 
 	    (opts->action == INIT_KT) || (opts->action == RENEW))
@@ -482,9 +463,12 @@ struct k_opts* opts;
     }
 
     if (errflg) {
-	usage(old_got_k4, old_got_k5);
+	usage();
     }
 
+    got_k5 = got_k5 && use_k5;
+    got_k4 = got_k4 && use_k4;
+
     opts->principal_name = (optind == argc-1) ? argv[optind] : 0;
     return opts->principal_name;
 }
@@ -605,7 +589,7 @@ k5_end(k5)
 int
 k4_begin(opts, k4)
     struct k_opts* opts;
-struct k4_data* k4;
+    struct k4_data* k4;
 {
     char* progname = progname_v4;
     int k_errno = 0;
@@ -698,8 +682,8 @@ k4_end(k4)
 int
 k5_kinit(opts, k5, password)
     struct k_opts* opts;
-struct k5_data* k5;
-char* password;
+    struct k5_data* k5;
+    char* password;
 {
     char* progname = progname_v5;
     int notix = 1;
@@ -841,8 +825,8 @@ char* password;
 int
 k4_kinit(opts, k4, password)
     struct k_opts* opts;
-struct k4_data* k4;
-char* password;
+    struct k4_data* k4;
+    char* password;
 {
     char* progname = progname_v4;
     int k_errno = 0;
@@ -1005,7 +989,7 @@ int try_convert524(k5)
 int
 main(argc, argv)
     int argc;
-char **argv;
+    char **argv;
 {
     struct k_opts opts;
     struct k5_data k5;