diff options
| -rw-r--r-- | src/clients/kinit/ChangeLog | 9 | ||||
| -rw-r--r-- | src/clients/kinit/kinit.M | 9 | ||||
| -rw-r--r-- | src/clients/kinit/kinit.c | 41 |
3 files changed, 50 insertions, 9 deletions
diff --git a/src/clients/kinit/ChangeLog b/src/clients/kinit/ChangeLog index b7c2ed728..b4e064f3d 100644 --- a/src/clients/kinit/ChangeLog +++ b/src/clients/kinit/ChangeLog @@ -1,3 +1,12 @@ +Wed May 1 02:37:17 1996 Mark Eichin <eichin@cygnus.com> + + * kinit.c (main): add -s starttime option. Have it accept a delta + time (if the value doesn't parse as a valid timestamp.) Set the + postdated option as well. get time of day early enough in main so + the options code can use it. Make the end time relative to the + start time, if given. + * kinit.M: document -s option. + Thu Feb 15 12:31:03 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> * kinit.c (main): Do not free memory until all done using it. diff --git a/src/clients/kinit/kinit.M b/src/clients/kinit/kinit.M index 2ac10ffb4..d9c70abda 100644 --- a/src/clients/kinit/kinit.M +++ b/src/clients/kinit/kinit.M @@ -28,6 +28,9 @@ kinit \- obtain and cache Kerberos ticket-granting ticket .B \-l .I lifetime ] [ +.B \-s +.I starttime +] [ .B \-p ] [ .B \-f @@ -51,6 +54,12 @@ if this option is not specified, the default ticket lifetime (configured by each site) is used instead. .PP The +.B \-s +option specifies the start time, and causes you to get a postdated ticket. +Postdated tickets are issued with the +.I invalid +flag set, and needs to be fed back to the kdc before use. +The .B \-p option specifies that the PROXIABLE option should be requested for the ticket. diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c index 38e3d751c..6c24adfd1 100644 --- a/src/clients/kinit/kinit.c +++ b/src/clients/kinit/kinit.c @@ -56,11 +56,12 @@ main(argc, argv) int argc; char **argv; { - krb5_context kcontext; + krb5_context kcontext; krb5_ccache ccache = NULL; char *cache_name = NULL; /* -f option */ char *keytab_name = NULL; /* -t option */ krb5_deltat lifetime = KRB5_DEFAULT_LIFE; /* -l option */ + krb5_timestamp starttime = 0; krb5_deltat rlife = 0; int options = KRB5_DEFAULT_OPTIONS; int option; @@ -81,10 +82,15 @@ main(argc, argv) krb5_init_context(&kcontext); krb5_init_ets(kcontext); + if ((code = krb5_timeofday(kcontext, &now))) { + com_err(argv[0], code, "while getting time of day"); + exit(1); + } + if (strrchr(argv[0], '/')) argv[0] = strrchr(argv[0], '/')+1; - while ((option = getopt(argc, argv, "r:fpl:c:kt:")) != EOF) { + while ((option = getopt(argc, argv, "r:fpl:s:c:kt:")) != EOF) { switch (option) { case 'r': options |= KDC_OPT_RENEWABLE; @@ -127,7 +133,23 @@ main(argc, argv) errflg++; } break; - case 'c': + case 's': + code = krb5_string_to_timestamp(optarg, &starttime); + if (code != 0 || starttime == 0) { + krb5_deltat ktmp; + code = krb5_string_to_deltat(optarg, &ktmp); + if (code == 0 && ktmp != 0) { + starttime = now + ktmp; + options |= KDC_OPT_POSTDATED; + } else { + fprintf(stderr, "Bad postdate start time value %s\n", optarg); + errflg++; + } + } else { + options |= KDC_OPT_POSTDATED; + } + break; + case 'c': if (ccache == NULL) { cache_name = optarg; @@ -233,13 +255,14 @@ main(argc, argv) my_creds.server = server; - if ((code = krb5_timeofday(kcontext, &now))) { - com_err(argv[0], code, "while getting time of day"); - exit(1); - } - my_creds.times.starttime = 0; /* start timer when request + if (options & KDC_OPT_POSTDATED) { + my_creds.times.starttime = starttime; + my_creds.times.endtime = starttime + lifetime; + } else { + my_creds.times.starttime = 0; /* start timer when request gets to KDC */ - my_creds.times.endtime = now + lifetime; + my_creds.times.endtime = now + lifetime; + } if (options & KDC_OPT_RENEWABLE) { my_creds.times.renew_till = now + rlife; } else |