4 files changed, 130 insertions, 37 deletions

diff --git a/src/clients/kvno/ChangeLog b/src/clients/kvno/ChangeLog
index 14169ae..db2c418 100644
--- a/src/clients/kvno/ChangeLog
+++ b/src/clients/kvno/ChangeLog
@@ -1,3 +1,13 @@
+2002-07-26  Ken Raeburn  <raeburn@mit.edu>
+
+	* kvno.c (do_v5_kvno): New function, split out from main.
+	(do_v4_kvno): New function.
+	(prog, quiet): New global variables.
+	(main): Parse new option '-4' and call do_v5_kvno or do_v4_kvno.
+	(usage): List new option.
+	* kvno.M: Document v4 aspects.
+	* Makefile.in (kvno): Use krb4 compat libraries.
+
 2001-06-08  Ezra Peisach  <epeisach@mit.edu>
 
 	* kvno.c: Include unistd.h (if present) for getopt() prototype. 
diff --git a/src/clients/kvno/Makefile.in b/src/clients/kvno/Makefile.in
index f5cf443..25adaa0a 100644
--- a/src/clients/kvno/Makefile.in
+++ b/src/clients/kvno/Makefile.in
@@ -10,8 +10,8 @@ all-unix:: kvno
 all-windows:: $(OUTPRE)kvno.exe
 all-mac::
 
-kvno: kvno.o $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o $@ kvno.o $(KRB5_BASE_LIBS)
+kvno: kvno.o $(KRB4COMPAT_DEPLIBS)
+	$(CC_LINK) -o $@ kvno.o $(KRB4COMPAT_LIBS)
 
 $(OUTPRE)kvno.exe: $(OUTPRE)kvno.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB)
 	link $(EXE_LINKOPTS) /out:$@ $**
diff --git a/src/clients/kvno/kvno.M b/src/clients/kvno/kvno.M
index b89f751..e9f7942 100644
--- a/src/clients/kvno/kvno.M
+++ b/src/clients/kvno/kvno.M
@@ -40,16 +40,27 @@ prints out the key version numbers of each.
 specifies the enctype which will be requested for the session key of
 all the services named on the command line.  This is useful in certain
 backward compatibility situations.
+.TP
+.B \-4
+specifies that Kerberos version 4 tickets should be acquired and
+described.  This option is only available if Kerberos 4 support was
+enabled at compilation time.
 .SH ENVIRONMENT
 .B Kvno
 uses the following environment variable:
 .TP "\w'.SM KRB5CCNAME\ \ 'u"
 .SM KRB5CCNAME
 Location of the credentials (ticket) cache.
+.TP
+.SM KRBTKFILE
+Location of the v4 ticket file.
 .SH FILES
 .TP "\w'/tmp/krb5cc_[uid]\ \ 'u"
 /tmp/krb5cc_[uid]
 default location of the credentials cache ([uid] is the decimal UID of
 the user).
+.TP
+/tmp/tkt[uid]
+default location of the v4 ticket file.
 .SH SEE ALSO
 kinit(1), kdestroy(1), krb5(3)
diff --git a/src/clients/kvno/kvno.c b/src/clients/kvno/kvno.c
index ce4c9bf..1c6180b 100644
--- a/src/clients/kvno/kvno.c
+++ b/src/clients/kvno/kvno.c
@@ -29,67 +29,139 @@
 #include <unistd.h>
 #endif
 #include <string.h>
-#include <krb5.h>
 
 extern int optind;
 extern char *optarg;
 
-static void usage(char *argv0)
-{
-    char *cmd;
-
-    cmd = strrchr(argv0, '/');
-    cmd = cmd?(cmd+1):argv0;
-
-    fprintf(stderr, "usage: %s [-e etype] service1 service2 ...\n", cmd);
+char *prog;
 
+static void usage()
+{
+#ifdef KRB5_KRB4_COMPAT
+    fprintf(stderr, "usage: %s [-4 | -e etype] service1 service2 ...\n", prog);
+#else
+    fprintf(stderr, "usage: %s [-e etype] service1 service2 ...\n", prog);
+#endif
     exit(1);
 }
 
+int quiet = 0;
+
+static void do_v4_kvno (int argc, char *argv[]);
+static void do_v5_kvno (int argc, char *argv[], char *etypestr);
+
 int main(int argc, char *argv[])
 {
-    krb5_context context;
-    krb5_error_code ret;
-    int option, i, errors;
+    int option;
     char *etypestr = 0;
-    int quiet = 0;
-    krb5_enctype etype;
-    krb5_ccache ccache;
-    krb5_principal me;
-    krb5_creds in_creds, *out_creds;
-    krb5_ticket *ticket;
-    char *princ;
+    int v4 = 0;
 
-    ret = krb5_init_context(&context);
-    if (ret) {
-	com_err(argv[0], ret, "while initializing krb5 library");
-	exit(1);
-    }
+    prog = strrchr(argv[0], '/');
+    prog = prog ? (prog + 1) : argv[0];
 
-    while ((option = getopt(argc, argv, "e:hq")) != -1) {
+    while ((option = getopt(argc, argv, "e:hq4")) != -1) {
 	switch (option) {
 	case 'e':
 	    etypestr = optarg;
 	    break;
 	case 'h':
-	    usage(argv[0]);
+	    usage();
 	    break;
 	case 'q':
 	    quiet = 1;
 	    break;
+	case '4':
+	    v4 = 1;
+	    break;
 	default:
-	    usage(argv[0]);
+	    usage();
 	    break;
 	}
     }
 
     if ((argc - optind) < 1)
-	usage(argv[0]);
+	usage();
+
+    if (etypestr != 0 && v4)
+	usage();
+
+    if (v4)
+	do_v4_kvno(argc - optind, argv + optind);
+    else
+	do_v5_kvno(argc - optind, argv + optind, etypestr);
+    return 0;
+}
+
+#ifdef KRB5_KRB4_COMPAT
+#include <kerberosIV/krb.h>
+#endif
+static void do_v4_kvno (int count, char *names[])
+{
+#ifdef KRB5_KRB4_COMPAT
+    int i;
+
+    for (i = 0; i < count; i++) {
+	int err;
+	char name[ANAME_SZ], inst[INST_SZ], realm[REALM_SZ];
+	KTEXT_ST req;
+	CREDENTIALS creds;
+	err = kname_parse (name, inst, realm, names[i]);
+	if (err) {
+	    fprintf(stderr, "%s: error parsing name '%s': %s\n",
+		    prog, names[i], krb_get_err_text(err));
+	    exit(1);
+	}
+	if (realm[0] == 0) {
+	    err = krb_get_lrealm(realm, 1);
+	    if (err) {
+		fprintf(stderr, "%s: error looking up local realm: %s\n",
+			prog, krb_get_err_text(err));
+		exit(1);
+	    }
+	}
+	err = krb_mk_req(&req, name, inst, realm, 0);
+	if (err) {
+	    fprintf(stderr, "%s: krb_mk_req error: %s\n", prog,
+		    krb_get_err_text(err));
+	    exit(1);
+	}
+	err = krb_get_cred(name, inst, realm, &creds);
+	if (err) {
+	    fprintf(stderr, "%s: krb_get_cred error: %s\n", prog,
+		    krb_get_err_text(err));
+	    exit(1);
+	}
+	if (!quiet)
+	    printf("%s: kvno = %d\n", names[i], creds.kvno);
+    }
+#else
+    usage(prog);
+#endif
+}
+
+#include <krb5.h>
+static void do_v5_kvno (int count, char *names[], char *etypestr)
+{
+    krb5_context context;
+    krb5_error_code ret;
+    int i, errors;
+    krb5_enctype etype;
+    krb5_ccache ccache;
+    krb5_principal me;
+    krb5_creds in_creds, *out_creds;
+    krb5_ticket *ticket;
+    char *princ;
+
+    ret = krb5_init_context(&context);
+    if (ret) {
+	com_err(prog, ret, "while initializing krb5 library");
+	exit(1);
+    }
 
     if (etypestr) {
         ret = krb5_string_to_enctype(etypestr, &etype);
 	if (ret) {
-	    com_err(argv[0], ret, "while converting etype");
+	    com_err(prog, ret, "while converting etype");
 	    exit(1);
 	}
     } else {
@@ -98,28 +170,28 @@ int main(int argc, char *argv[])
 
     ret = krb5_cc_default(context, &ccache);
     if (ret) {
-	com_err(argv[0], ret, "while opening ccache");
+	com_err(prog, ret, "while opening ccache");
 	exit(1);
     }
 
     ret = krb5_cc_get_principal(context, ccache, &me);
     if (ret) {
-	com_err(argv[0], ret, "while getting client principal name");
+	com_err(prog, ret, "while getting client principal name");
 	exit(1);
     }
 
     errors = 0;
 
-    for (i = optind; i < argc; i++) {
+    for (i = 0; i < count; i++) {
 	memset(&in_creds, 0, sizeof(in_creds));
 
 	in_creds.client = me;
 
-	ret = krb5_parse_name(context, argv[i], &in_creds.server);
+	ret = krb5_parse_name(context, names[i], &in_creds.server);
 	if (ret) {
 	    if (!quiet)
 		fprintf(stderr, "%s: %s while parsing principal name\n",
-			argv[i], error_message(ret));
+			names[i], error_message(ret));
 	    errors++;
 	    continue;
 	}
@@ -127,7 +199,7 @@ int main(int argc, char *argv[])
 	ret = krb5_unparse_name(context, in_creds.server, &princ);
 	if (ret) {
 	    fprintf(stderr, "%s: %s while printing principal name\n",
-		    argv[i], error_message(ret));
+		    names[i], error_message(ret));
 	    errors++;
 	    continue;
 	}