klist patch for -v to display kvno on ccache
Chris Hecker
checker at d6.com
Sat Jul 23 03:25:16 EDT 2011
Not sure if others are interested in this or if Greg et al. want it
for 1.10, but when debugging the ktadd kvno issue from the other
thread, I wanted klist to display the kvno of the tickets in the
cache, so I added -v for this (it's already displayed for keytabs, so
this is only on ccaches).
Chris
=== modified file 'src/clients/klist/klist.c'
--- old/src/clients/klist/klist.c 2011-07-21 08:53:58 +0000
+++ new/src/clients/klist/klist.c 2011-07-23 07:17:53 +0000
@@ -63,7 +63,7 @@
extern int optind;
int show_flags = 0, show_time = 0, status_only = 0, show_keys = 0;
-int show_etype = 0, show_addresses = 0, no_resolve = 0, print_version
= 0;
+int show_etype = 0, show_kvno = 0, show_addresses = 0, no_resolve =
0, print_version = 0;
int show_adtype = 0;
char *defname;
char *progname;
@@ -89,7 +89,7 @@
{
#define KRB_AVAIL_STRING(x) ((x)?"available":"not available")
- fprintf(stderr, "Usage: %s [-e] [-V] [[-c] [-d] [-f] [-s] [-a
[-n]]] %s",
+ fprintf(stderr, "Usage: %s [-e] [-V] [[-c] [-d] [-f] [-v] [-s]
[-a [-n]]] %s",
progname, "[-k [-t] [-K]] [name]\n");
fprintf(stderr, "\t-c specifies credentials cache\n");
fprintf(stderr, "\t-k specifies keytab\n");
@@ -99,6 +99,7 @@
fprintf(stderr, "\toptions for credential caches:\n");
fprintf(stderr, "\t\t-d shows the submitted authorization data
types\n");
fprintf(stderr, "\t\t-f shows credentials flags\n");
+ fprintf(stderr, "\t\t-v shows kvno\n");
fprintf(stderr, "\t\t-s sets exit status based on valid tgt
existence\n");
fprintf(stderr, "\t\t-a displays the address list\n");
fprintf(stderr, "\t\t\t-n do not reverse-resolve\n");
@@ -125,7 +126,7 @@
name = NULL;
mode = DEFAULT;
/* V=version so v can be used for verbose later if desired. */
- while ((c = getopt(argc, argv, "dfetKsnack45V")) != -1) {
+ while ((c = getopt(argc, argv, "dfetKsnvack45V")) != -1) {
switch (c) {
case 'd':
show_adtype = 1;
@@ -136,6 +137,9 @@
case 'e':
show_etype = 1;
break;
+ case 'v':
+ show_kvno = 1;
+ break;
case 't':
show_time = 1;
break;
@@ -512,7 +516,7 @@
register krb5_creds * cred;
{
krb5_error_code retval;
- krb5_ticket *tkt;
+ krb5_ticket *tkt = 0;
char *name, *sname, *flags;
int extra_field = 0;
@@ -585,14 +589,30 @@
fputs(", ",stdout);
printf("Etype (skey, tkt): %s, ",
etype_string(cred->keyblock.enctype));
- printf("%s ",
+ printf("%s",
etype_string(tkt->enc_part.enctype));
extra_field++;
-
- err_tkt:
- if (tkt != NULL)
- krb5_free_ticket(kcontext, tkt);
- }
+ }
+
+ if (show_kvno) {
+ if(!tkt) {
+ retval = krb5_decode_ticket(&cred->ticket, &tkt);
+ if (retval)
+ goto err_tkt;
+ }
+
+ if (!extra_field)
+ fputs("\t",stdout);
+ else
+ fputs(", ",stdout);
+ printf("KVNO: %u",tkt->enc_part.kvno);
+ extra_field++;
+ }
+
+err_tkt:
+ if (tkt != NULL)
+ krb5_free_ticket(kcontext, tkt);
+
if (show_adtype) {
int i;
More information about the Kerberos
mailing list