krb5 commit: Make ccache name work for klist/kdestroy -A

Greg Hudson ghudson at mit.edu
Thu Jul 27 11:24:12 EDT 2017


https://github.com/krb5/krb5/commit/25423218ca55b620c62a398dabc2d510cc1eef49
commit 25423218ca55b620c62a398dabc2d510cc1eef49
Author: Greg Hudson <ghudson at mit.edu>
Date:   Tue Jul 25 13:16:05 2017 -0400

    Make ccache name work for klist/kdestroy -A
    
    In klist and kdestroy, if a ccache name is specified, set it as the
    default ccache name, simplifying the code and making klist -l, klist
    -A, and kdestroy -A can work with a specified ccache name.  Reported
    by Robbie Harwood.
    
    ticket: 8602 (new)

 src/clients/kdestroy/kdestroy.c |   24 ++++++++++++------------
 src/clients/klist/klist.c       |   33 ++++++++++++++++-----------------
 src/tests/t_ccache.py           |   22 ++++++++++++++--------
 3 files changed, 42 insertions(+), 37 deletions(-)

diff --git a/src/clients/kdestroy/kdestroy.c b/src/clients/kdestroy/kdestroy.c
index 4d8c6e6..0bf8358 100644
--- a/src/clients/kdestroy/kdestroy.c
+++ b/src/clients/kdestroy/kdestroy.c
@@ -137,6 +137,14 @@ main(int argc, char *argv[])
         exit(1);
     }
 
+    if (cache_name != NULL) {
+        code = krb5_cc_set_default_name(context, cache_name);
+        if (code) {
+            com_err(progname, code, _("while setting default cache name"));
+            exit(1);
+        }
+    }
+
     if (all) {
         code = krb5_cccol_cursor_new(context, &cursor);
         if (code) {
@@ -162,18 +170,10 @@ main(int argc, char *argv[])
         return 0;
     }
 
-    if (cache_name != NULL) {
-        code = krb5_cc_resolve(context, cache_name, &cache);
-        if (code != 0) {
-            com_err(progname, code, _("while resolving %s"), cache_name);
-            exit(1);
-        }
-    } else {
-        code = krb5_cc_default(context, &cache);
-        if (code) {
-            com_err(progname, code, _("while getting default ccache"));
-            exit(1);
-        }
+    code = krb5_cc_default(context, &cache);
+    if (code) {
+        com_err(progname, code, _("while resolving ccache"));
+        exit(1);
     }
 
     code = krb5_cc_destroy(context, cache);
diff --git a/src/clients/klist/klist.c b/src/clients/klist/klist.c
index 4763bd3..e9e76d8 100644
--- a/src/clients/klist/klist.c
+++ b/src/clients/klist/klist.c
@@ -69,7 +69,7 @@ static void show_credential(krb5_creds *);
 static void list_all_ccaches(void);
 static int list_ccache(krb5_ccache);
 static void show_all_ccaches(void);
-static void do_ccache_name(char *);
+static void do_ccache(void);
 static int show_ccache(krb5_ccache);
 static int check_ccache(krb5_ccache);
 static void do_keytab(const char *);
@@ -242,12 +242,20 @@ main(int argc, char *argv[])
         exit(1);
     }
 
+    if (name != NULL && mode != KEYTAB) {
+        ret = krb5_cc_set_default_name(context, name);
+        if (ret) {
+            com_err(progname, ret, _("while setting default cache name"));
+            exit(1);
+        }
+    }
+
     if (list_all)
         list_all_ccaches();
     else if (show_all)
         show_all_ccaches();
     else if (mode == DEFAULT || mode == CCACHE)
-        do_ccache_name(name);
+        do_ccache();
     else
         do_keytab(name);
     return 0;
@@ -443,25 +451,16 @@ show_all_ccaches(void)
 }
 
 static void
-do_ccache_name(char *name)
+do_ccache()
 {
     krb5_error_code ret;
     krb5_ccache cache;
 
-    if (name == NULL) {
-        ret = krb5_cc_default(context, &cache);
-        if (ret) {
-            if (!status_only)
-                com_err(progname, ret, _("while getting default ccache"));
-            exit(1);
-        }
-    } else {
-        ret = krb5_cc_resolve(context, name, &cache);
-        if (ret) {
-            if (!status_only)
-                com_err(progname, ret, _("while resolving ccache %s"), name);
-            exit(1);
-        }
+    ret = krb5_cc_default(context, &cache);
+    if (ret) {
+        if (!status_only)
+            com_err(progname, ret, _("while resolving ccache"));
+        exit(1);
     }
     exit(status_only ? check_ccache(cache) : show_ccache(cache));
 }
diff --git a/src/tests/t_ccache.py b/src/tests/t_ccache.py
index 2dcd191..61d549b 100755
--- a/src/tests/t_ccache.py
+++ b/src/tests/t_ccache.py
@@ -57,6 +57,7 @@ realm.addprinc('bob', password('bob'))
 realm.addprinc('carol', password('carol'))
 
 def collection_test(realm, ccname):
+    oldccname = realm.env['KRB5CCNAME']
     realm.env['KRB5CCNAME'] = ccname
 
     realm.run([klist, '-A', '-s'], expected_code=1)
@@ -82,7 +83,7 @@ def collection_test(realm, ccname):
     if '---\nalice@' not in output or output.count('\n') != 4:
         fail('klist -l did not show expected output after re-kinit for alice.')
     realm.kinit('bob', password('bob'))
-    output = realm.run([klist, '-A'])
+    output = realm.run([klist, '-A', ccname])
     if 'bob@' not in output.splitlines()[1] or 'alice@' not in output or \
             'carol' not in output or output.count('Default principal:') != 3:
         fail('klist -A did not show expected output after kinit for bob.')
@@ -90,17 +91,22 @@ def collection_test(realm, ccname):
     output = realm.run([klist, '-l'])
     if '---\ncarol@' not in output or output.count('\n') != 5:
         fail('klist -l did not show expected output after kswitch to carol.')
-    realm.run([kdestroy])
-    output = realm.run([klist, '-l'])
+
+    # Switch to specifying the collection name on the command line
+    # (only works with klist/kdestroy for now, not kinit/kswitch).
+    realm.env['KRB5CCNAME'] = oldccname
+
+    realm.run([kdestroy, '-c', ccname])
+    output = realm.run([klist, '-l', ccname])
     if 'carol@' in output or 'bob@' not in output or output.count('\n') != 4:
         fail('kdestroy failed to remove only primary ccache.')
-    realm.run([klist, '-s'], expected_code=1)
-    realm.run([klist, '-A', '-s'])
-    realm.run([kdestroy, '-A'])
-    output = realm.run([klist, '-l'], expected_code=1)
+    realm.run([klist, '-s', ccname], expected_code=1)
+    realm.run([klist, '-A', '-s', ccname])
+    realm.run([kdestroy, '-A', '-c', ccname])
+    output = realm.run([klist, '-l', ccname], expected_code=1)
     if not output.endswith('---\n') or output.count('\n') != 2:
         fail('kdestroy -a failed to empty cache collection.')
-    realm.run([klist, '-A', '-s'], expected_code=1)
+    realm.run([klist, '-A', '-s', ccname], expected_code=1)
 
 
 collection_test(realm, 'DIR:' + os.path.join(realm.testdir, 'cc'))


More information about the cvs-krb5 mailing list