1 /* $NetBSD: kverify.c,v 1.2 2017/01/28 21:31:45 christos Exp $ */
2
3 /*
4 * Copyright (c) 1997 - 2005, 2007 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #include "kuser_locl.h"
37
38 static int help_flag = 0;
39 static int version_flag = 0;
40
41 static struct getargs args[] = {
42 { "version", 0, arg_flag, &version_flag, NULL, NULL },
43 { "help", 0, arg_flag, &help_flag, NULL, NULL }
44 };
45
46 static void
usage(int ret)47 usage (int ret)
48 {
49 arg_printusage (args,
50 sizeof(args)/sizeof(*args),
51 NULL,
52 "[principal]");
53 exit (ret);
54 }
55
56 int
main(int argc,char ** argv)57 main(int argc, char **argv)
58 {
59 krb5_context context;
60 krb5_error_code ret;
61 krb5_creds cred;
62 krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP};
63 krb5_get_init_creds_opt *get_options;
64 krb5_verify_init_creds_opt verify_options;
65 krb5_principal principal = NULL;
66 int optidx = 0;
67
68 setprogname (argv[0]);
69
70 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
71 usage(1);
72
73 if (help_flag)
74 usage (0);
75
76 if(version_flag) {
77 print_version(NULL);
78 exit(0);
79 }
80
81 argc -= optidx;
82 argv += optidx;
83
84 ret = krb5_init_context(&context);
85 if (ret)
86 errx (1, "krb5_init_context failed: %d", ret);
87
88 ret = krb5_get_init_creds_opt_alloc (context, &get_options);
89 if (ret)
90 krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc");
91
92 krb5_get_init_creds_opt_set_preauth_list (get_options,
93 pre_auth_types,
94 1);
95
96 krb5_verify_init_creds_opt_init (&verify_options);
97
98 if (argc) {
99 ret = krb5_parse_name(context, argv[0], &principal);
100 if (ret)
101 krb5_err(context, 1, ret, "krb5_parse_name: %s", argv[0]);
102 } else {
103 ret = krb5_get_default_principal(context, &principal);
104 if (ret)
105 krb5_err(context, 1, ret, "krb5_get_default_principal");
106
107 }
108
109 ret = krb5_get_init_creds_password (context,
110 &cred,
111 principal,
112 NULL,
113 krb5_prompter_posix,
114 NULL,
115 0,
116 NULL,
117 get_options);
118 if (ret)
119 krb5_err(context, 1, ret, "krb5_get_init_creds");
120
121 ret = krb5_verify_init_creds (context,
122 &cred,
123 NULL,
124 NULL,
125 NULL,
126 &verify_options);
127 if (ret)
128 krb5_err(context, 1, ret, "krb5_verify_init_creds");
129 krb5_free_cred_contents (context, &cred);
130 krb5_free_context (context);
131 return 0;
132 }
133