xref: /netbsd-src/crypto/external/bsd/heimdal/dist/kuser/kdestroy.c (revision afab4e300d3a9fb07dd8c80daf53d0feb3345706) 
1 /*	$NetBSD: kdestroy.c,v 1.3 2023/06/19 21:41:42 christos Exp $	*/
2 
3 /*
4  * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * 3. Neither the name of the Institute nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #include "kuser_locl.h"
37 
38 static const char *cache;
39 static const char *credential;
40 static int help_flag;
41 static int version_flag;
42 #ifndef NO_AFS
43 static int unlog_flag = 1;
44 #endif
45 static int dest_tkt_flag = 1;
46 static int all_flag = 0;
47 
48 struct getargs args[] = {
49     { "credential",	0,   arg_string, rk_UNCONST(&credential),
50       "remove one credential", "principal" },
51     { "cache",		'c', arg_string, rk_UNCONST(&cache), "cache to destroy", "cache" },
52     { "all",		'A', arg_flag, &all_flag, "destroy all caches", NULL },
53 #ifndef NO_AFS
54     { "unlog",		0,   arg_negative_flag, &unlog_flag,
55       "do not destroy tokens", NULL },
56 #endif
57     { "delete-v4",	0,   arg_negative_flag, &dest_tkt_flag,
58       "do not destroy v4 tickets", NULL },
59     { "version", 	0,   arg_flag, &version_flag, NULL, NULL },
60     { "help",		'h', arg_flag, &help_flag, NULL, NULL}
61 };
62 
63 int num_args = sizeof(args) / sizeof(args[0]);
64 
65 static void
usage(int status)66 usage (int status)
67 {
68     arg_printusage (args, num_args, NULL, "");
69     exit (status);
70 }
71 
72 int
main(int argc,char ** argv)73 main (int argc, char **argv)
74 {
75     krb5_error_code ret;
76     krb5_context context;
77     krb5_ccache  ccache;
78     int optidx = 0;
79     int exit_val = 0;
80 
81     setprogname (argv[0]);
82 
83     if(getarg(args, num_args, argc, argv, &optidx))
84 	usage(1);
85 
86     if (help_flag)
87 	usage (0);
88 
89     if(version_flag){
90 	print_version(NULL);
91 	exit(0);
92     }
93 
94     argc -= optidx;
95 #ifndef __clang_analyzer__
96     argv += optidx;
97 #endif
98 
99     if (argc != 0)
100 	usage (1);
101 
102     ret = krb5_init_context (&context);
103     if (ret)
104 	errx (1, "krb5_init_context failed: %d", ret);
105 
106     if (all_flag) {
107 	krb5_cccol_cursor cursor;
108 
109 	ret = krb5_cccol_cursor_new (context, &cursor);
110 	if (ret)
111 	    krb5_err(context, 1, ret, "krb5_cccol_cursor_new");
112 
113 	while (krb5_cccol_cursor_next (context, cursor, &ccache) == 0 && ccache != NULL) {
114 
115 	    ret = krb5_cc_destroy (context, ccache);
116 	    if (ret) {
117 		krb5_warn(context, ret, "krb5_cc_destroy");
118 		exit_val = 1;
119 	    }
120 	}
121 	krb5_cccol_cursor_free(context, &cursor);
122 
123     } else {
124 	if(cache == NULL) {
125 	    ret = krb5_cc_default(context, &ccache);
126 	    if (ret)
127 		krb5_err(context, 1, ret, "krb5_cc_default");
128 	} else {
129 	    ret =  krb5_cc_resolve(context,
130 				   cache,
131 				   &ccache);
132 	    if (ret)
133 		krb5_err(context, 1, ret, "krb5_cc_resolve");
134 	}
135 
136 	if (ret == 0) {
137 	    if (credential) {
138 		krb5_creds mcred;
139 
140 		krb5_cc_clear_mcred(&mcred);
141 
142 		ret = krb5_parse_name(context, credential, &mcred.server);
143 		if (ret)
144 		    krb5_err(context, 1, ret,
145 			     "Can't parse principal %s", credential);
146 
147 		ret = krb5_cc_remove_cred(context, ccache, 0, &mcred);
148 		if (ret)
149 		    krb5_err(context, 1, ret,
150 			     "Failed to remove principal %s", credential);
151 
152 		krb5_cc_close(context, ccache);
153 		krb5_free_principal(context, mcred.server);
154 		krb5_free_context(context);
155 		return 0;
156 	    }
157 
158 	    ret = krb5_cc_destroy (context, ccache);
159 	    if (ret) {
160 		krb5_warn(context, ret, "krb5_cc_destroy");
161 		exit_val = 1;
162 	    }
163 	}
164     }
165 
166     krb5_free_context (context);
167 
168 #ifndef NO_AFS
169     if (unlog_flag && k_hasafs ()) {
170 	if (k_unlog ())
171 	    exit_val = 1;
172     }
173 #endif
174 
175     return exit_val;
176 }
177