2 #include "kuser_locl.h"
4 static char *etypestr = 0;
5 static char *fromccachestr = 0;
6 static char *flagstr = 0;
8 static int quiet_flag = 0;
9 static int version_flag = 0;
10 static int help_flag = 0;
12 struct getargs args[] = {
13 { "cache", 'c', arg_string, &fromccachestr,
14 "Credentials cache", "cachename" },
15 { "enctype", 'e', arg_string, &etypestr,
16 "Encryption type", "enctype" },
17 { "flags", 'f', arg_string, &flagstr,
19 { "expired-ok", 'E', arg_flag, &exp_ok,
20 "Keep expired tickets" },
21 { "quiet", 'q', arg_flag, &quiet_flag, "Quiet" },
22 { "version", 0, arg_flag, &version_flag },
23 { "help", 0, arg_flag, &help_flag }
29 arg_printusage(args, sizeof(args)/sizeof(args[0]),
30 "Usage: ", "dest_ccache service1 [service2 ...]");
34 static void do_kcpytkt (int argc, char *argv[], char *fromccachestr, char *etypestr, int flags);
36 int main(int argc, char *argv[])
43 if (getarg(args, sizeof(args)/sizeof(args[0]), argc, argv, &optidx))
61 flags = atoi(flagstr);
63 do_kcpytkt(argc, argv, fromccachestr, etypestr, flags);
68 static void do_kcpytkt (int count, char *names[],
69 char *fromccachestr, char *etypestr, int flags)
75 krb5_ccache fromccache;
76 krb5_ccache destccache;
78 krb5_creds in_creds, out_creds;
82 ret = krb5_init_context(&context);
84 errx(1, "krb5_init_context failed: %d", ret);
87 ret = krb5_string_to_enctype(context, etypestr, &etype);
89 krb5_err(context, 1, ret, "Can't convert enctype %s", etypestr);
90 retflags = KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_MATCH_KEYTYPE;
93 retflags = KRB5_TC_MATCH_SRV_NAMEONLY;
97 ret = krb5_cc_resolve(context, fromccachestr, &fromccache);
99 ret = krb5_cc_default(context, &fromccache);
101 krb5_err(context, 1, ret, "Can't resolve credentials cache");
103 ret = krb5_cc_get_principal(context, fromccache, &me);
105 krb5_err(context, 1, ret, "Can't query client principal name");
107 ret = krb5_cc_resolve(context, names[0], &destccache);
109 krb5_err(context, 1, ret, "Can't resolve destination cache");
113 for (i = 1; i < count; i++) {
114 memset(&in_creds, 0, sizeof(in_creds));
116 in_creds.client = me;
118 ret = krb5_parse_name(context, names[i], &in_creds.server);
121 krb5_warn(context, ret, "Parse error for %s", names[i]);
126 ret = krb5_unparse_name(context, in_creds.server, &princ);
128 krb5_warn(context, ret, "Unparse error for %s", names[i]);
133 in_creds.session.keytype = etype;
136 krb5_timeofday(context, &in_creds.times.endtime);
137 retflags |= KRB5_TC_MATCH_TIMES;
140 ret = krb5_cc_retrieve_cred(context, fromccache, retflags,
141 &in_creds, &out_creds);
143 krb5_warn(context, ret, "Can't retrieve credentials for %s", princ);
145 krb5_free_unparsed_name(context, princ);
151 ret = krb5_cc_store_cred(context, destccache, &out_creds);
153 krb5_free_principal(context, in_creds.server);
156 krb5_warn(context, ret, "Can't store credentials for %s", princ);
158 krb5_free_cred_contents(context, &out_creds);
159 krb5_free_unparsed_name(context, princ);
165 krb5_free_unparsed_name(context, princ);
166 krb5_free_cred_contents(context, &out_creds);
169 krb5_free_principal(context, me);
170 krb5_cc_close(context, fromccache);
171 krb5_cc_close(context, destccache);
172 krb5_free_context(context);