From 5a48a5d5f7f2af72cf84114453748fbd2a337537 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Wed, 28 Jul 2010 22:05:05 -0700 Subject: Break wallet-rekey out into a separate client program Build a separate wallet-rekey client that rekeys every keytab given on the command-line. Fix some coding style issues and add internal prototypes. Build the shared source for both clients into an uninstalled library to save compilation time. --- client/wallet.c | 85 ++++----------------------------------------------------- 1 file changed, 6 insertions(+), 79 deletions(-) (limited to 'client/wallet.c') diff --git a/client/wallet.c b/client/wallet.c index d61fc74..dc04dcd 100644 --- a/client/wallet.c +++ b/client/wallet.c @@ -22,30 +22,9 @@ #include /* - * Basic wallet behavior options set either on the command line or via - * krb5.conf. If set via krb5.conf, we allocate memory for the strings, but - * we never free them. + * Usage message. Use as a format and pass the port number and default server + * name. */ -struct options { - char *type; - char *server; - char *principal; - char *user; - int port; -}; - -/* - * Allow defaults to be set for a particular site with configure options if - * people don't want to use krb5.conf for some reason. - */ -#ifndef WALLET_SERVER -# define WALLET_SERVER NULL -#endif -#ifndef WALLET_PORT -# define WALLET_PORT 0 -#endif - -/* Usage message. Use as a format and pass the port number. */ static const char usage_message[] = "\ Usage: wallet [options] [ ...]\n\ wallet [options] acl [ ...]\n\ @@ -58,11 +37,12 @@ Options:\n\ -p Port of server (default: %d, if zero, remctl default)\n\ -S For the get keytab command, srvtab output file\n\ -s Server hostname (default: %s)\n\ + -u Authenticate as before running command\n\ -v Display the version of wallet\n"; /* - * Display the usage message for remctl. + * Display the usage message for wallet. */ static void usage(int status) @@ -73,59 +53,6 @@ usage(int status) } -/* - * Load a string option from Kerberos appdefaults. This requires an annoying - * workaround because one cannot specify a default value of NULL. - */ -static void -default_string(krb5_context ctx, const char *opt, const char *defval, - char **result) -{ - if (defval == NULL) - defval = ""; - krb5_appdefault_string(ctx, "wallet", NULL, opt, defval, result); - if (*result != NULL && (*result)[0] == '\0') { - free(*result); - *result = NULL; - } -} - - -/* - * Load a number option from Kerberos appdefaults. The native interface - * doesn't support numbers, so we actually read a string and then convert. - */ -static void -default_number(krb5_context ctx, const char *opt, int defval, int *result) -{ - char *tmp = NULL; - - krb5_appdefault_string(ctx, "wallet", NULL, opt, "", &tmp); - if (tmp != NULL && tmp[0] != '\0') - *result = atoi(tmp); - else - *result = defval; - if (tmp != NULL) - free(tmp); -} - - -/* - * Set option defaults and then get krb5.conf configuration, if any, and - * override the defaults. Later, command-line options will override those - * defaults. - */ -static void -set_defaults(krb5_context ctx, struct options *options) -{ - default_string(ctx, "wallet_type", "wallet", &options->type); - default_string(ctx, "wallet_server", WALLET_SERVER, &options->server); - default_string(ctx, "wallet_principal", NULL, &options->principal); - default_number(ctx, "wallet_port", WALLET_PORT, &options->port); - options->user = NULL; -} - - /* * Main routine. Parse the arguments and then perform the desired operation. */ @@ -151,7 +78,7 @@ main(int argc, char *argv[]) retval = krb5_init_context(&ctx); if (retval != 0) die_krb5(ctx, retval, "cannot initialize Kerberos"); - set_defaults(ctx, &options); + default_options(ctx, &options); while ((option = getopt(argc, argv, "c:f:k:hp:S:s:u:v")) != EOF) { switch (option) { @@ -194,7 +121,7 @@ main(int argc, char *argv[]) } argc -= optind; argv += optind; - if (argc < 3 && strcmp(argv[0], "rekey") != 0) + if (argc < 3) usage(1); /* -f is only supported for get and store and -S with get keytab. */ -- cgit v1.2.3