klist patch for -v to display kvno on ccache

Chris Hecker checker at d6.com
Sat Jul 23 03:25:16 EDT 2011


   Not sure if others are interested in this or if Greg et al. want it
   for 1.10, but when debugging the ktadd kvno issue from the other
   thread, I wanted klist to display the kvno of the tickets in the
   cache, so I added -v for this (it's already displayed for keytabs, so
   this is only on ccaches).
   Chris
   === modified file 'src/clients/klist/klist.c'
   --- old/src/clients/klist/klist.c    2011-07-21 08:53:58 +0000
   +++ new/src/clients/klist/klist.c    2011-07-23 07:17:53 +0000
   @@ -63,7 +63,7 @@
    extern int optind;

    int show_flags = 0, show_time = 0, status_only = 0, show_keys = 0;
   -int show_etype = 0, show_addresses = 0, no_resolve = 0, print_version
   = 0;
   +int show_etype = 0, show_kvno = 0, show_addresses = 0, no_resolve =
   0, print_version = 0;
    int show_adtype = 0;
    char *defname;
    char *progname;
   @@ -89,7 +89,7 @@
    {
    #define KRB_AVAIL_STRING(x) ((x)?"available":"not available")

   -    fprintf(stderr, "Usage: %s [-e] [-V] [[-c] [-d] [-f] [-s] [-a
   [-n]]] %s",
   +    fprintf(stderr, "Usage: %s [-e] [-V] [[-c] [-d] [-f] [-v] [-s]
   [-a [-n]]] %s",
                progname, "[-k [-t] [-K]] [name]\n");
        fprintf(stderr, "\t-c specifies credentials cache\n");
        fprintf(stderr, "\t-k specifies keytab\n");
   @@ -99,6 +99,7 @@
        fprintf(stderr, "\toptions for credential caches:\n");
        fprintf(stderr, "\t\t-d shows the submitted authorization data
   types\n");
        fprintf(stderr, "\t\t-f shows credentials flags\n");
   +    fprintf(stderr, "\t\t-v shows kvno\n");
        fprintf(stderr, "\t\t-s sets exit status based on valid tgt
   existence\n");
        fprintf(stderr, "\t\t-a displays the address list\n");
        fprintf(stderr, "\t\t\t-n do not reverse-resolve\n");
   @@ -125,7 +126,7 @@
        name = NULL;
        mode = DEFAULT;
        /* V=version so v can be used for verbose later if desired.  */
   -    while ((c = getopt(argc, argv, "dfetKsnack45V")) != -1) {
   +    while ((c = getopt(argc, argv, "dfetKsnvack45V")) != -1) {
            switch (c) {
            case 'd':
                show_adtype = 1;
   @@ -136,6 +137,9 @@
            case 'e':
                show_etype = 1;
                break;
   +        case 'v':
   +            show_kvno = 1;
   +            break;
            case 't':
                show_time = 1;
                break;
   @@ -512,7 +516,7 @@
        register krb5_creds * cred;
    {
        krb5_error_code retval;
   -    krb5_ticket *tkt;
   +    krb5_ticket *tkt = 0;
        char *name, *sname, *flags;
        int extra_field = 0;

   @@ -585,14 +589,30 @@
                fputs(", ",stdout);
            printf("Etype (skey, tkt): %s, ",
                   etype_string(cred->keyblock.enctype));
   -        printf("%s ",
   +        printf("%s",
                   etype_string(tkt->enc_part.enctype));
            extra_field++;
   -
   -    err_tkt:
   -        if (tkt != NULL)
   -            krb5_free_ticket(kcontext, tkt);
   -    }
   +    }
   +
   +    if (show_kvno) {
   +        if(!tkt) {
   +            retval = krb5_decode_ticket(&cred->ticket, &tkt);
   +            if (retval)
   +                goto err_tkt;
   +        }
   +
   +        if (!extra_field)
   +            fputs("\t",stdout);
   +        else
   +            fputs(", ",stdout);
   +        printf("KVNO: %u",tkt->enc_part.kvno);
   +        extra_field++;
   +    }
   +
   +err_tkt:
   +    if (tkt != NULL)
   +        krb5_free_ticket(kcontext, tkt);
   +

        if (show_adtype) {
            int i;



More information about the Kerberos mailing list