28 * Copyright 1997 The Open Group Research Institute. All rights reserved. |
28 * Copyright 1997 The Open Group Research Institute. All rights reserved. |
29 */ |
29 */ |
30 |
30 |
31 package sun.security.krb5.internal.tools; |
31 package sun.security.krb5.internal.tools; |
32 |
32 |
|
33 import java.net.InetAddress; |
33 import sun.security.krb5.*; |
34 import sun.security.krb5.*; |
34 import sun.security.krb5.internal.*; |
35 import sun.security.krb5.internal.*; |
35 import sun.security.krb5.internal.ccache.*; |
36 import sun.security.krb5.internal.ccache.*; |
36 import sun.security.krb5.internal.ktab.*; |
37 import sun.security.krb5.internal.ktab.*; |
37 import sun.security.krb5.internal.crypto.EType; |
38 import sun.security.krb5.internal.crypto.EType; |
38 import sun.security.krb5.KrbCryptoException; |
|
39 import java.lang.RuntimeException; |
|
40 import java.io.IOException; |
|
41 import java.io.BufferedReader; |
|
42 import java.io.InputStreamReader; |
|
43 import java.io.File; |
|
44 |
39 |
45 /** |
40 /** |
46 * This class can execute as a command-line tool to list entries in |
41 * This class can execute as a command-line tool to list entries in |
47 * credential cache and key tab. |
42 * credential cache and key tab. |
48 * |
43 * |
49 * @author Yanni Zhang |
44 * @author Yanni Zhang |
50 * @author Ram Marti |
45 * @author Ram Marti |
51 */ |
46 */ |
52 public class Klist { |
47 public class Klist { |
53 Object target; |
48 Object target; |
54 // for credentials cache, options are 'f' and 'e'; |
49 // for credentials cache, options are 'f', 'e', 'a' and 'n'; |
55 // for keytab, optionsare 't' and 'K' and 'e' |
50 // for keytab, optionsare 't' and 'K' and 'e' |
56 char[] options = new char[3]; |
51 char[] options = new char[4]; |
57 String name; // the name of credentials cache and keytable. |
52 String name; // the name of credentials cache and keytable. |
58 char action; // actions would be 'c' for credentials cache |
53 char action; // actions would be 'c' for credentials cache |
59 // and 'k' for keytable. |
54 // and 'k' for keytable. |
60 private static boolean DEBUG = Krb5.DEBUG; |
55 private static boolean DEBUG = Krb5.DEBUG; |
61 |
56 |
62 /** |
57 /** |
63 * The main program that can be invoked at command line. |
58 * The main program that can be invoked at command line. |
64 * <br>Usage: klist |
59 * <br>Usage: klist |
65 * [[-c] [-f] [-e]] [-k [-t] [-K]] [name] |
60 * [[-c] [-f] [-e] [-a [-n]]] [-k [-t] [-K]] [name] |
66 * -c specifes that credential cache is to be listed |
61 * -c specifes that credential cache is to be listed |
67 * -k specifies that key tab is to be listed |
62 * -k specifies that key tab is to be listed |
68 * name name of the credentials cache or keytab |
63 * name name of the credentials cache or keytab |
69 * <br>available options for credential caches: |
64 * <br>available options for credential caches: |
70 * <ul> |
65 * <ul> |
71 * <li><b>-f</b> shows credentials flags |
66 * <li><b>-f</b> shows credentials flags |
72 * <li><b>-e</b> shows the encryption type |
67 * <li><b>-e</b> shows the encryption type |
|
68 * <li><b>-a</b> shows addresses |
|
69 * <li><b>-n</b> do not reverse-resolve addresses |
73 * </ul> |
70 * </ul> |
74 * available options for keytabs: |
71 * available options for keytabs: |
75 * <li><b>-t</b> shows keytab entry timestamps |
72 * <li><b>-t</b> shows keytab entry timestamps |
76 * <li><b>-K</b> shows keytab entry DES keys |
73 * <li><b>-K</b> shows keytab entry DES keys |
77 */ |
74 */ |
247 servicePrincipal); |
250 servicePrincipal); |
248 System.out.println(" Valid starting: " + starttime); |
251 System.out.println(" Valid starting: " + starttime); |
249 System.out.println(" Expires: " + endtime); |
252 System.out.println(" Expires: " + endtime); |
250 if (options[0] == 'e') { |
253 if (options[0] == 'e') { |
251 etype = EType.toString(creds[i].getEType()); |
254 etype = EType.toString(creds[i].getEType()); |
252 System.out.println("\t Encryption type: " + etype); |
255 System.out.println(" Encryption type: " + etype); |
253 } |
256 } |
254 if (options[1] == 'f') { |
257 if (options[1] == 'f') { |
255 System.out.println("\t Flags: " + |
258 System.out.println(" Flags: " + |
256 creds[i].getTicketFlags().toString()); |
259 creds[i].getTicketFlags().toString()); |
|
260 } |
|
261 if (options[2] == 'a') { |
|
262 boolean first = true; |
|
263 InetAddress[] caddr |
|
264 = creds[i].setKrbCreds().getClientAddresses(); |
|
265 if (caddr != null) { |
|
266 for (InetAddress ia: caddr) { |
|
267 String out; |
|
268 if (options[3] == 'n') { |
|
269 out = ia.getHostAddress(); |
|
270 } else { |
|
271 out = ia.getCanonicalHostName(); |
|
272 } |
|
273 System.out.println(" " + |
|
274 (first?"Addresses:":" ") + |
|
275 " " + out); |
|
276 first = false; |
|
277 } |
|
278 } else { |
|
279 System.out.println(" [No host addresses info]"); |
|
280 } |
257 } |
281 } |
258 } catch (RealmException e) { |
282 } catch (RealmException e) { |
259 System.out.println("Error reading principal from "+ |
283 System.out.println("Error reading principal from "+ |
260 "the entry."); |
284 "the entry."); |
261 if (DEBUG) { |
285 if (DEBUG) { |
293 /** |
317 /** |
294 * Printes out the help information. |
318 * Printes out the help information. |
295 */ |
319 */ |
296 void printHelp() { |
320 void printHelp() { |
297 System.out.println("\nUsage: klist " + |
321 System.out.println("\nUsage: klist " + |
298 "[[-c] [-f] [-e]] [-k [-t] [-K]] [name]"); |
322 "[[-c] [-f] [-e] [-a [-n]]] [-k [-t] [-K]] [name]"); |
299 System.out.println(" name\t name of credentials cache or " + |
323 System.out.println(" name\t name of credentials cache or " + |
300 " keytab with the prefix. File-based cache or " |
324 " keytab with the prefix. File-based cache or " |
301 + "keytab's prefix is FILE:."); |
325 + "keytab's prefix is FILE:."); |
302 System.out.println(" -c specifes that credential cache is to be " + |
326 System.out.println(" -c specifes that credential cache is to be " + |
303 "listed"); |
327 "listed"); |
304 System.out.println(" -k specifies that key tab is to be listed"); |
328 System.out.println(" -k specifies that key tab is to be listed"); |
305 System.out.println(" options for credentials caches:"); |
329 System.out.println(" options for credentials caches:"); |
306 System.out.println("\t-f \t shows credentials flags"); |
330 System.out.println("\t-f \t shows credentials flags"); |
307 System.out.println("\t-e \t shows the encryption type"); |
331 System.out.println("\t-e \t shows the encryption type"); |
|
332 System.out.println("\t-a \t shows addresses"); |
|
333 System.out.println("\t -n \t do not reverse-resolve addresses"); |
308 System.out.println(" options for keytabs:"); |
334 System.out.println(" options for keytabs:"); |
309 System.out.println("\t-t \t shows keytab entry timestamps"); |
335 System.out.println("\t-t \t shows keytab entry timestamps"); |
310 System.out.println("\t-K \t shows keytab entry key value"); |
336 System.out.println("\t-K \t shows keytab entry key value"); |
311 System.out.println("\t-e \t shows keytab entry key type"); |
337 System.out.println("\t-e \t shows keytab entry key type"); |
312 System.out.println("\nUsage: java sun.security.krb5.tools.Klist " + |
338 System.out.println("\nUsage: java sun.security.krb5.tools.Klist " + |