diff options
| author | Russ Allbery <eagle@eyrie.org> | 2018-06-03 16:58:02 -0700 |
|---|---|---|
| committer | Russ Allbery <eagle@eyrie.org> | 2018-06-03 16:58:02 -0700 |
| commit | edf31eba414d9a105791c076fb1444a78d210dff (patch) | |
| tree | 2bac18fa3b71593e616061a0fbcbfdd6ab26a255 /client | |
| parent | 4b3f858ef567c0d12511e7fea2a56f08f2729635 (diff) | |
| parent | 68c4b05c268cd6e358cc41c8feb44bc2c7fcb898 (diff) | |
New upstream version 1.4
Diffstat (limited to 'client')
| -rw-r--r-- | client/file.c | 4 | ||||
| -rw-r--r-- | client/internal.h | 7 | ||||
| -rw-r--r-- | client/keytab.c | 4 | ||||
| -rw-r--r-- | client/krb5.c | 4 | ||||
| -rw-r--r-- | client/options.c | 131 | ||||
| -rw-r--r-- | client/remctl.c | 2 | ||||
| -rw-r--r-- | client/srvtab.c | 2 | ||||
| -rw-r--r-- | client/wallet-rekey.1 | 30 | ||||
| -rw-r--r-- | client/wallet-rekey.c | 11 | ||||
| -rw-r--r-- | client/wallet-rekey.pod | 8 | ||||
| -rw-r--r-- | client/wallet.1 | 48 | ||||
| -rw-r--r-- | client/wallet.c | 13 | ||||
| -rw-r--r-- | client/wallet.pod | 11 |
13 files changed, 175 insertions, 100 deletions
diff --git a/client/file.c b/client/file.c index 468eb30..809e78b 100644 --- a/client/file.c +++ b/client/file.c @@ -2,10 +2,10 @@ * File handling for the wallet client. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2007, 2008, 2010 + * Copyright 2007-2008, 2010 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #include <config.h> diff --git a/client/internal.h b/client/internal.h index fc0591f..1aed874 100644 --- a/client/internal.h +++ b/client/internal.h @@ -2,10 +2,11 @@ * Internal support functions for the wallet client. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2007, 2008, 2010 + * Copyright 2018 Russ Allbery <eagle@eyrie.org> + * Copyright 2007-2008, 2010 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #ifndef CLIENT_INTERNAL_H @@ -41,7 +42,7 @@ struct options { char *server; char *principal; char *user; - int port; + unsigned short port; }; BEGIN_DECLS diff --git a/client/keytab.c b/client/keytab.c index 7bec459..ed1bdb9 100644 --- a/client/keytab.c +++ b/client/keytab.c @@ -2,10 +2,10 @@ * Implementation of keytab handling for the wallet client. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2007, 2008, 2010, 2013, 2014 + * Copyright 2007-2008, 2010, 2013-2014 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #include <config.h> diff --git a/client/krb5.c b/client/krb5.c index 345df64..f0c0ff1 100644 --- a/client/krb5.c +++ b/client/krb5.c @@ -6,10 +6,10 @@ * client. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2007, 2008, 2010 + * Copyright 2007-2008, 2010 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #include <config.h> diff --git a/client/options.c b/client/options.c index ae88485..7b1f04e 100644 --- a/client/options.c +++ b/client/options.c @@ -5,53 +5,109 @@ * file for both wallet and wallet-rekey. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2006, 2007, 2008, 2010 + * Copyright 2018 Russ Allbery <eagle@eyrie.org> + * Copyright 2006-2008, 2010 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #include <config.h> #include <portable/krb5.h> #include <portable/system.h> +#include <errno.h> + #include <client/internal.h> +#include <util/messages.h> /* - * Load a string option from Kerberos appdefaults. This requires an annoying - * workaround because one cannot specify a default value of NULL. + * Load a number option from Kerberos appdefaults. Takes the Kerberos + * context, the realm, the option, and the result location. The native + * interface doesn't support numbers, so we actually read a string and then + * convert. */ static void -default_string(krb5_context ctx, const char *opt, const char *defval, - char **result) +default_number(krb5_context ctx, const char *realm, const char *opt, + long defval, long *result) { - if (defval == NULL) - defval = ""; - krb5_appdefault_string(ctx, "wallet", NULL, opt, defval, result); - if (*result != NULL && (*result)[0] == '\0') { - free(*result); - *result = NULL; + char *tmp = NULL; + char *end; + long value; +#ifdef HAVE_KRB5_REALM + krb5_const_realm rdata = realm; +#else + krb5_data realm_struct; + const krb5_data *rdata; + + if (realm == NULL) + rdata = NULL; + else { + rdata = &realm_struct; + realm_struct.magic = KV5M_DATA; + realm_struct.data = (void *) realm; + realm_struct.length = (unsigned int) strlen(realm); } +#endif + + *result = defval; + krb5_appdefault_string(ctx, "wallet", rdata, opt, "", &tmp); + if (tmp != NULL && tmp[0] != '\0') { + errno = 0; + value = strtol(tmp, &end, 10); + if (errno != 0 || *end != '\0') + warn("invalid number in krb5.conf setting for %s: %s", opt, tmp); + else + *result = value; + } + free(tmp); } /* - * Load a number option from Kerberos appdefaults. The native interface - * doesn't support numbers, so we actually read a string and then convert. + * Load a string option from Kerberos appdefaults. Takes the Kerberos + * context, the realm, the option, and the result location. + * + * This requires an annoying workaround because one cannot specify a default + * value of NULL with MIT Kerberos, since MIT Kerberos unconditionally calls + * strdup on the default value. There's also no way to determine if memory + * allocation failed while parsing or while setting the default value, so we + * don't return an error code. */ static void -default_number(krb5_context ctx, const char *opt, int defval, int *result) +default_string(krb5_context ctx, const char *realm, const char *opt, + const char *defval, char **result) { - char *tmp = NULL; + char *value = NULL; +#ifdef HAVE_KRB5_REALM + krb5_const_realm rdata = realm; +#else + krb5_data realm_struct; + const krb5_data *rdata; - krb5_appdefault_string(ctx, "wallet", NULL, opt, "", &tmp); - if (tmp != NULL && tmp[0] != '\0') - *result = atoi(tmp); - else - *result = defval; - if (tmp != NULL) - free(tmp); + if (realm == NULL) + rdata = NULL; + else { + rdata = &realm_struct; + realm_struct.magic = KV5M_DATA; + realm_struct.data = (void *) realm; + realm_struct.length = (unsigned int) strlen(realm); + } +#endif + + if (defval == NULL) + defval = ""; + krb5_appdefault_string(ctx, "wallet", rdata, opt, defval, &value); + if (value != NULL) { + if (value[0] == '\0') + free(value); + else { + if (*result != NULL) + free(*result); + *result = value; + } + } } @@ -63,9 +119,28 @@ default_number(krb5_context ctx, const char *opt, int defval, int *result) void default_options(krb5_context ctx, struct options *options) { - default_string(ctx, "wallet_type", "wallet", &options->type); - default_string(ctx, "wallet_server", WALLET_SERVER, &options->server); - default_string(ctx, "wallet_principal", NULL, &options->principal); - default_number(ctx, "wallet_port", WALLET_PORT, &options->port); - options->user = NULL; + long port; + char *realm = NULL; + + /* Having no local realm may be intentional, so don't report an error. */ + krb5_get_default_realm(ctx, &realm); + + /* Load the options. */ + default_string(ctx, realm, "wallet_type", "wallet", &options->type); + default_string(ctx, realm, "wallet_server", WALLET_SERVER, + &options->server); + default_string(ctx, realm, "wallet_principal", NULL, &options->principal); + default_number(ctx, realm, "wallet_port", WALLET_PORT, &port); + + /* Additional checks on the option values. */ + if (port != WALLET_PORT && (port <= 0 || port > 65535)) { + warn("invalid number in krb5.conf setting for wallet_port: %ld", port); + options->port = WALLET_PORT; + } else { + options->port = (unsigned short) port; + } + + /* Clean up. */ + if (realm != NULL) + krb5_free_default_realm(ctx, realm); } diff --git a/client/remctl.c b/client/remctl.c index d4cd09e..26d7e8f 100644 --- a/client/remctl.c +++ b/client/remctl.c @@ -5,7 +5,7 @@ * Copyright 2007, 2010 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #include <config.h> diff --git a/client/srvtab.c b/client/srvtab.c index 045f56d..2b600c2 100644 --- a/client/srvtab.c +++ b/client/srvtab.c @@ -5,7 +5,7 @@ * Copyright 2007, 2008, 2010 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #include <config.h> diff --git a/client/wallet-rekey.1 b/client/wallet-rekey.1 index d596f5f..c9bb847 100644 --- a/client/wallet-rekey.1 +++ b/client/wallet-rekey.1 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.29) +.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== @@ -46,7 +46,7 @@ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" -.\" If the F register is turned on, we'll generate index entries on stderr for +.\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. @@ -54,20 +54,16 @@ .\" Avoid warning from groff about undefined register 'F'. .de IX .. -.nr rF 0 -.if \n(.g .if rF .nr rF 1 -.if (\n(rF:(\n(.g==0)) \{ -. if \nF \{ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.if !\nF .nr F 0 +.if \nF>0 \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. -. if !\nF==2 \{ -. nr % 0 -. nr F 2 -. \} +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 . \} .\} -.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -133,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "WALLET-REKEY 1" -.TH WALLET-REKEY 1 "2016-01-18" "1.3" "wallet" +.TH WALLET-REKEY 1 "2018-06-03" "1.4" "wallet" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -277,12 +273,14 @@ Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without any warranty. +.PP +SPDX-License-Identifier: \s-1FSFAP\s0 .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIkadmin\fR\|(8), \fIkinit\fR\|(1), \fIkrb5.conf\fR\|(5), \fIremctl\fR\|(1), \fIremctld\fR\|(8), \fIwallet\fR\|(1) .PP This program is part of the wallet system. The current version is available -from <http://www.eyrie.org/~eagle/software/wallet/>. +from <https://www.eyrie.org/~eagle/software/wallet/>. .PP \&\fBwallet-rekey\fR uses the remctl protocol. For more information about -remctl, see <http://www.eyrie.org/~eagle/software/remctl/>. +remctl, see <https://www.eyrie.org/~eagle/software/remctl/>. diff --git a/client/wallet-rekey.c b/client/wallet-rekey.c index 95cd328..2aedf57 100644 --- a/client/wallet-rekey.c +++ b/client/wallet-rekey.c @@ -3,10 +3,11 @@ * * Written by Russ Allbery <eagle@eyrie.org> * and Jon Robertson <jonrober@stanford.edu> + * Copyright 2018 Russ Allbery <eagle@eyrie.org> * Copyright 2010 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #include <config.h> @@ -40,7 +41,7 @@ Options:\n\ /* * Display the usage message for wallet-rekey. */ -static void +static void __attribute__((__noreturn__)) usage(int status) { fprintf((status == 0) ? stdout : stderr, usage_message, WALLET_PORT, @@ -68,6 +69,7 @@ main(int argc, char *argv[]) message_program_name = "wallet"; /* Initialize default configuration. */ + memset(&options, 0, sizeof(options)); retval = krb5_init_context(&ctx); if (retval != 0) die_krb5(ctx, retval, "cannot initialize Kerberos"); @@ -83,13 +85,12 @@ main(int argc, char *argv[]) break; case 'h': usage(0); - break; case 'p': errno = 0; tmp = strtol(optarg, &end, 10); if (tmp <= 0 || tmp > 65535 || *end != '\0') die("invalid port number %s", optarg); - options.port = tmp; + options.port = (unsigned short) tmp; break; case 's': options.server = optarg; @@ -100,10 +101,8 @@ main(int argc, char *argv[]) case 'v': printf("%s\n", PACKAGE_STRING); exit(0); - break; default: usage(1); - break; } } argc -= optind; diff --git a/client/wallet-rekey.pod b/client/wallet-rekey.pod index a36a734..d76420f 100644 --- a/client/wallet-rekey.pod +++ b/client/wallet-rekey.pod @@ -1,6 +1,6 @@ =for stopwords wallet-rekey rekey rekeying keytab -hv Heimdal remctl remctld PKINIT kinit -appdefaults Allbery kadmin +appdefaults Allbery kadmin SPDX-License-Identifier FSFAP =head1 NAME @@ -161,14 +161,16 @@ permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without any warranty. +SPDX-License-Identifier: FSFAP + =head1 SEE ALSO kadmin(8), kinit(1), krb5.conf(5), remctl(1), remctld(8), wallet(1) This program is part of the wallet system. The current version is available -from L<http://www.eyrie.org/~eagle/software/wallet/>. +from L<https://www.eyrie.org/~eagle/software/wallet/>. B<wallet-rekey> uses the remctl protocol. For more information about -remctl, see L<http://www.eyrie.org/~eagle/software/remctl/>. +remctl, see L<https://www.eyrie.org/~eagle/software/remctl/>. =cut diff --git a/client/wallet.1 b/client/wallet.1 index 4b5cd83..449cc9e 100644 --- a/client/wallet.1 +++ b/client/wallet.1 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.29) +.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== @@ -46,7 +46,7 @@ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" -.\" If the F register is turned on, we'll generate index entries on stderr for +.\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. @@ -54,20 +54,16 @@ .\" Avoid warning from groff about undefined register 'F'. .de IX .. -.nr rF 0 -.if \n(.g .if rF .nr rF 1 -.if (\n(rF:(\n(.g==0)) \{ -. if \nF \{ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.if !\nF .nr F 0 +.if \nF>0 \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. -. if !\nF==2 \{ -. nr % 0 -. nr F 2 -. \} +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 . \} .\} -.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -133,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "WALLET 1" -.TH WALLET 1 "2016-01-18" "1.3" "wallet" +.TH WALLET 1 "2018-06-03" "1.4" "wallet" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -273,7 +269,7 @@ administrators. The exceptions are \f(CW\*(C`acl check\*(C'\fR, \f(CW\*(C`check \&\f(CW\*(C`store\*(C'\fR, \f(CW\*(C`show\*(C'\fR, \f(CW\*(C`destroy\*(C'\fR, \f(CW\*(C`flag clear\*(C'\fR, \f(CW\*(C`flag set\*(C'\fR, \f(CW\*(C`getattr\*(C'\fR, \&\f(CW\*(C`setattr\*(C'\fR, and \f(CW\*(C`history\*(C'\fR. \f(CW\*(C`acl check\*(C'\fR and \f(CW\*(C`check\*(C'\fR can be run by anyone. All of the rest of those commands have their own ACLs except -\&\f(CW\*(C`getattr\*(C'\fR and \f(CW\*(C`history\*(C'\fR, which use the \f(CW\*(C`show\*(C'\fR \s-1ACL, \s0\f(CW\*(C`setattr\*(C'\fR, which +\&\f(CW\*(C`getattr\*(C'\fR and \f(CW\*(C`history\*(C'\fR, which use the \f(CW\*(C`show\*(C'\fR \s-1ACL,\s0 \f(CW\*(C`setattr\*(C'\fR, which uses the \f(CW\*(C`store\*(C'\fR \s-1ACL,\s0 and \f(CW\*(C`comment\*(C'\fR, which uses the owner or \f(CW\*(C`show\*(C'\fR \s-1ACL\s0 depending on whether one is setting or retrieving the comment. If the appropriate \s-1ACL\s0 is set, it alone is checked to see if the user has access. @@ -314,7 +310,7 @@ or the \s-1ACL\s0 destruction will fail. The special \s-1ACL\s0 named \f(CW\*(C be destroyed. .IP "acl history <id>" 4 .IX Item "acl history <id>" -Display the history of the \s-1ACL\s0 <id>. Each change to the \s-1ACL \s0(not +Display the history of the \s-1ACL\s0 <id>. Each change to the \s-1ACL\s0 (not including changes to the name of the \s-1ACL\s0) will be represented by two lines. The first line will have a timestamp of the change followed by a description of the change, and the second line will give the user who made @@ -323,16 +319,16 @@ the change and the host from which the change was made. .IX Item "acl remove <id> <scheme> <identifier>" Remove the entry with <scheme> and <identifier> from the \s-1ACL\s0 <id>. <id> may be either the name of an \s-1ACL\s0 or its numeric identifier. The last -entry in the special \s-1ACL \s0\f(CW\*(C`ADMIN\*(C'\fR cannot be removed to protect against +entry in the special \s-1ACL\s0 \f(CW\*(C`ADMIN\*(C'\fR cannot be removed to protect against accidental lockout, but administrators can remove themselves from the -\&\f(CW\*(C`ADMIN\*(C'\fR \s-1ACL\s0 and can leave only a non-functioning entry on the \s-1ACL. \s0 Use +\&\f(CW\*(C`ADMIN\*(C'\fR \s-1ACL\s0 and can leave only a non-functioning entry on the \s-1ACL.\s0 Use caution when removing entries from the \f(CW\*(C`ADMIN\*(C'\fR \s-1ACL.\s0 .IP "acl rename <id> <name>" 4 .IX Item "acl rename <id> <name>" Renames the \s-1ACL\s0 identified by <id> to <name>. This changes the human-readable name, not the underlying numeric \s-1ID,\s0 so the \s-1ACL\s0's associations with objects will be unchanged. The \f(CW\*(C`ADMIN\*(C'\fR \s-1ACL\s0 may not be -renamed. <id> may be either the current name or the numeric \s-1ID. \s0 <name> +renamed. <id> may be either the current name or the numeric \s-1ID.\s0 <name> must not be all-numeric. To rename an \s-1ACL,\s0 the current user must be authorized by the \f(CW\*(C`ADMIN\*(C'\fR \s-1ACL.\s0 .IP "acl replace <id> <new\-id>" 4 @@ -342,7 +338,7 @@ Find any objects owned by <id>, and then change their ownership to some objects owned by it. <id> is not deleted afterwards, though in most cases that is probably your next step. The \f(CW\*(C`ADMIN\*(C'\fR \s-1ACL\s0 may not be replaced from. <id> and <new\-id> may be either the current name or the -numeric \s-1ID. \s0 To replace an \s-1ACL,\s0 the current user must be authorized by +numeric \s-1ID.\s0 To replace an \s-1ACL,\s0 the current user must be authorized by the \f(CW\*(C`ADMIN\*(C'\fR \s-1ACL.\s0 .IP "acl show <id>" 4 .IX Item "acl show <id>" @@ -419,7 +415,7 @@ Prints the \s-1ACL\s0 <acl>, which must be one of \f(CW\*(C`get\*(C'\fR, \f(CW\* \&\f(CW\*(C`destroy\*(C'\fR, or \f(CW\*(C`flags\*(C'\fR, for the object identified by <type> and <name>. Prints \f(CW\*(C`No ACL set\*(C'\fR if that \s-1ACL\s0 isn't set on that object. Remember that if the \f(CW\*(C`get\*(C'\fR, \f(CW\*(C`store\*(C'\fR, or \f(CW\*(C`show\*(C'\fR ACLs aren't set, authorization falls -back to checking the owner \s-1ACL. \s0 See the \f(CW\*(C`owner\*(C'\fR command for displaying +back to checking the owner \s-1ACL.\s0 See the \f(CW\*(C`owner\*(C'\fR command for displaying or setting it. .IP "getattr <type> <name> <attr>" 4 .IX Item "getattr <type> <name> <attr>" @@ -558,19 +554,21 @@ overrides this setting. Russ Allbery <eagle@eyrie.org> .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" -Copyright 2007, 2008, 2010, 2011, 2012, 2013 The Board of Trustees of the -Leland Stanford Junior University +Copyright 2007\-2008, 2010\-2013 The Board of Trustees of the Leland +Stanford Junior University .PP Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without any warranty. +.PP +SPDX-License-Identifier: \s-1FSFAP\s0 .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIkadmin\fR\|(8), \fIkinit\fR\|(1), \fIkrb5.conf\fR\|(5), \fIremctl\fR\|(1), \fIremctld\fR\|(8) .PP This program is part of the wallet system. The current version is available -from <http://www.eyrie.org/~eagle/software/wallet/>. +from <https://www.eyrie.org/~eagle/software/wallet/>. .PP \&\fBwallet\fR uses the remctl protocol. For more information about remctl, -see <http://www.eyrie.org/~eagle/software/remctl/>. +see <https://www.eyrie.org/~eagle/software/remctl/>. diff --git a/client/wallet.c b/client/wallet.c index c3b039f..194f1f5 100644 --- a/client/wallet.c +++ b/client/wallet.c @@ -2,10 +2,11 @@ * The client program for the wallet system. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2006, 2007, 2008, 2010, 2014 + * Copyright 2018 Russ Allbery <eagle@eyrie.org> + * Copyright 2006-2008, 2010, 2014 * The Board of Trustees of the Leland Stanford Junior University * - * See LICENSE for licensing terms. + * SPDX-License-Identifier: MIT */ #include <config.h> @@ -44,7 +45,7 @@ Options:\n\ /* * Display the usage message for wallet. */ -static void +static void __attribute__((__noreturn__)) usage(int status) { fprintf((status == 0) ? stdout : stderr, usage_message, WALLET_PORT, @@ -75,6 +76,7 @@ main(int argc, char *argv[]) message_program_name = "wallet"; /* Initialize default configuration. */ + memset(&options, 0, sizeof(options)); retval = krb5_init_context(&ctx); if (retval != 0) die_krb5(ctx, retval, "cannot initialize Kerberos"); @@ -93,13 +95,12 @@ main(int argc, char *argv[]) break; case 'h': usage(0); - break; case 'p': errno = 0; tmp = strtol(optarg, &end, 10); if (tmp <= 0 || tmp > 65535 || *end != '\0') die("invalid port number %s", optarg); - options.port = tmp; + options.port = (unsigned short) tmp; break; case 'S': srvtab = optarg; @@ -113,10 +114,8 @@ main(int argc, char *argv[]) case 'v': printf("%s\n", PACKAGE_STRING); exit(0); - break; default: usage(1); - break; } } argc -= optind; diff --git a/client/wallet.pod b/client/wallet.pod index 672f0e4..63336db 100644 --- a/client/wallet.pod +++ b/client/wallet.pod @@ -2,6 +2,7 @@ -hv srvtab arg keytabs metadata keytab ACL PTS kinit klist remctl PKINIT acl timestamp autocreate backend-specific setacl enctypes enctype ktadd KDC appdefaults remctld Allbery uuencode getacl backend ACL's DES +SPDX-License-Identifier FSFAP =head1 NAME @@ -487,22 +488,24 @@ Russ Allbery <eagle@eyrie.org> =head1 COPYRIGHT AND LICENSE -Copyright 2007, 2008, 2010, 2011, 2012, 2013 The Board of Trustees of the -Leland Stanford Junior University +Copyright 2007-2008, 2010-2013 The Board of Trustees of the Leland +Stanford Junior University Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without any warranty. +SPDX-License-Identifier: FSFAP + =head1 SEE ALSO kadmin(8), kinit(1), krb5.conf(5), remctl(1), remctld(8) This program is part of the wallet system. The current version is available -from L<http://www.eyrie.org/~eagle/software/wallet/>. +from L<https://www.eyrie.org/~eagle/software/wallet/>. B<wallet> uses the remctl protocol. For more information about remctl, -see L<http://www.eyrie.org/~eagle/software/remctl/>. +see L<https://www.eyrie.org/~eagle/software/remctl/>. =cut |