svn rev #23506: branches/anonymous/src/clients/kinit/

hartmans@MIT.EDU hartmans at MIT.EDU
Wed Dec 23 16:10:36 EST 2009 

http://src.mit.edu/fisheye/changelog/krb5/?cs=23506
Commit By: hartmans
Log Message:
Add kinit -n for anonymous


Changed Files:
U   branches/anonymous/src/clients/kinit/kinit.c
Modified: branches/anonymous/src/clients/kinit/kinit.c
===================================================================
--- branches/anonymous/src/clients/kinit/kinit.c	2009-12-23 21:10:33 UTC (rev 23505)
+++ branches/anonymous/src/clients/kinit/kinit.c	2009-12-23 21:10:36 UTC (rev 23506)
@@ -106,6 +106,7 @@
 
     int forwardable;
     int proxiable;
+    int anonymous;
     int addresses;
 
     int not_forwardable;
@@ -189,6 +190,7 @@
             USAGE_BREAK_LONG
             "[-p | -P" USAGE_LONG_PROXIABLE "] "
             USAGE_BREAK_LONG
+            "-n"
             "[-a | -A" USAGE_LONG_ADDRESSES "] "
             USAGE_BREAK_LONG
             "[-C" USAGE_LONG_CANONICALIZE "] "
@@ -214,6 +216,7 @@
     fprintf(stderr, "\t-F not forwardable\n");
     fprintf(stderr, "\t-p proxiable\n");
     fprintf(stderr, "\t-P not proxiable\n");
+    fprintf(stderr, "\t -n anonymous\n");
     fprintf(stderr, "\t-a include addresses\n");
     fprintf(stderr, "\t-A do not include addresses\n");
     fprintf(stderr, "\t-v validate\n");
@@ -282,7 +285,7 @@
     int errflg = 0;
     int i;
 
-    while ((i = GETOPT(argc, argv, "r:fpFP54aAVl:s:c:kt:T:RS:vX:CE"))
+    while ((i = GETOPT(argc, argv, "r:fpFPn54aAVl:s:c:kt:T:RS:vX:CE"))
            != -1) {
         switch (i) {
         case 'V':
@@ -316,6 +319,9 @@
         case 'P':
             opts->not_proxiable = 1;
             break;
+        case 'n':
+            opts->anonymous = 1;
+            break;
         case 'a':
             opts->addresses = 1;
             break;
@@ -461,17 +467,31 @@
 
     if (opts->principal_name)
     {
-        /* Use specified name */
-        if ((code = krb5_parse_name_flags(k5->ctx, opts->principal_name,
-                                          flags, &k5->me))) {
-            com_err(progname, code, "when parsing name %s",
-                    opts->principal_name);
-            return 0;
+        if (opts->anonymous) {
+            code = krb5_build_principal_ext(k5->ctx, &k5->me, strlen(opts->principal_name),
+                                            opts->principal_name,
+                                            9, "WELLKNOWN", 9, "ANONYMOUS", 0);
+            if (code) {
+                com_err(progname, code, "while setting up anonymous principal");
+                return 0;
+            }
+        } else {
+            /* Use specified name */
+            if ((code = krb5_parse_name_flags(k5->ctx, opts->principal_name,
+                                              flags, &k5->me))) {
+                com_err(progname, code, "when parsing name %s",
+                        opts->principal_name);
+                return 0;
+            }
         }
     }
     else
     {
         /* No principal name specified */
+        if (opts->anonymous) {
+            fprintf(stderr, "%s: please specify realm for anonymous authentication\n", progname);
+            return 0;
+        }
         if (opts->action == INIT_KT) {
             /* Use the default host/service name */
             code = krb5_sname_to_principal(k5->ctx, NULL, NULL,

More information about the cvs-krb5 mailing list