2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
11 unlog -- Tell the Andrew Cache Manager to either clean up your connection completely
12 or eliminate the caller's PAG.
19 cell is the name the pertinent cell.
21 If no cell is provided, unlog destroys all tokens.
23 If a cell, for which a token is not held, is provided it is ignored.
29 #include <afsconfig.h>
30 #include <afs/param.h>
36 #include <potpourri.h>
49 #include <sys/types.h>
52 #include <sys/ioctl.h>
57 #include <afs/cellconfig.h>
58 #include <afs/afsutil.h>
66 struct ktc_token token;
67 struct ktc_principal service;
68 struct ktc_principal client;
73 CommandProc(as, arock)
75 struct cmd_syndesc *as;
77 #define MAXCELLS 20 /* XXX */
79 afs_int32 code, i = 0;
82 if (as->parms[0].items) { /* A cell is provided */
83 for (itp = as->parms[0].items; itp; itp = itp->next) {
86 ("The maximum number of cells (%d) is exceeded; the rest are ignored\n",
90 cells[i++] = itp->data;
92 code = unlog_ForgetCertainTokens(cells, i);
94 code = ktc_ForgetAllTokens();
96 printf("unlog: could not discard tickets, code %d\n", code);
103 #include "AFS_component_version_number.c"
110 struct cmd_syndesc *ts;
111 register afs_int32 code;
115 * The following signal action for AIX is necessary so that in case of a
116 * crash (i.e. core is generated) we can include the user's data section
117 * in the core dump. Unfortunately, by default, only a partial core is
118 * generated which, in many cases, isn't too useful.
120 struct sigaction nsa;
122 sigemptyset(&nsa.sa_mask);
123 nsa.sa_handler = SIG_DFL;
124 nsa.sa_flags = SA_FULLDUMP;
125 sigaction(SIGSEGV, &nsa, NULL);
128 ts = cmd_CreateSyntax(NULL, CommandProc, 0,
129 "Release Kerberos authentication");
130 cmd_AddParm(ts, "-cell", CMD_LIST, CMD_OPTIONAL, "cell name");
132 code = cmd_Dispatch(argc, argv);
138 * Problem: only the KTC gives you the ability to selectively destroy
141 * Solution: Build a list of tokens, delete the bad ones (the ones to
142 * remove from the permissions list,) destroy all tokens, and
143 * then re-register the good ones. Ugly, but it works.
146 unlog_ForgetCertainTokens(list, listSize)
150 unsigned count, index, index2;
152 struct ktc_principal serviceName;
153 struct tokenInfo *tokenInfoP;
155 /* normalize all the names in the list */
156 unlog_NormalizeCellNames(list, listSize);
158 /* figure out how many tokens exist */
161 code = ktc_ListTokens(count, &count, &serviceName);
165 (struct tokenInfo *)malloc((sizeof(struct tokenInfo) * count));
167 perror("unlog_ForgetCertainTokens -- osi_Alloc failed");
171 for (code = index = index2 = 0; (!code) && (index < count); index++) {
173 ktc_ListTokens(index2, &index2, &(tokenInfoP + index)->service);
177 ktc_GetToken(&(tokenInfoP + index)->service,
178 &(tokenInfoP + index)->token,
179 sizeof(struct ktc_token),
180 &(tokenInfoP + index)->client);
183 (tokenInfoP + index)->deleted =
184 unlog_CheckUnlogList(list, listSize,
185 &(tokenInfoP + index)->client);
189 unlog_VerifyUnlog(list, listSize, tokenInfoP, count);
190 code = ktc_ForgetAllTokens();
193 printf("unlog: could not discard tickets, code %d\n", code);
197 for (code = index = 0; index < count; index++) {
198 if (!((tokenInfoP + index)->deleted)) {
200 ktc_SetToken(&(tokenInfoP + index)->service,
201 &(tokenInfoP + index)->token,
202 &(tokenInfoP + index)->client, 0);
204 fprintf(stderr, "Couldn't re-register token, code = %d\n",
213 * 0 if not in list, 1 if in list
215 unlog_CheckUnlogList(list, count, principal)
218 struct ktc_principal *principal;
221 if (strcmp(*list, principal->cell) == 0)
231 * Caveat: this routine does NOT free up the memory passed (and replaced).
232 * because it assumes it isn't a problem.
235 unlog_NormalizeCellNames(list, size)
239 char *newCellName, *lcstring();
241 struct afsconf_dir *conf;
243 struct afsconf_cell cellinfo;
245 if (!(conf = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH))) {
246 fprintf(stderr, "Cannot get cell configuration info!\n");
250 for (index = 0; index < size; index++, list++) {
251 newCellName = malloc(MAXKTCREALMLEN);
253 perror("unlog_NormalizeCellNames --- malloc failed");
257 lcstring(newCellName, *list, MAXKTCREALMLEN);
258 code = afsconf_GetCellInfo(conf, newCellName, 0, &cellinfo);
260 if (code == AFSCONF_NOTFOUND) {
261 fprintf(stderr, "Unrecognized cell name %s\n", newCellName);
264 "unlog_NormalizeCellNames - afsconf_GetCellInfo");
265 fprintf(stderr, " failed, code = %d\n", code);
271 strcpy(newCellName, cellinfo.name);
279 * check given list to assure tokens were held for specified cells
280 * prints warning messages for those cells without such entries.
282 unlog_VerifyUnlog(cellList, cellListSize, tokenList, tokenListSize)
285 struct tokenInfo *tokenList;
290 for (index = 0; index < cellListSize; index++) {
294 for (found = index2 = 0; !found && index2 < tokenListSize; index2++)
296 strcmp(cellList[index],
297 (tokenList + index2)->client.cell) == 0;
300 fprintf(stderr, "unlog: Warning - no tokens held for cell %s\n",