IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Initial gettext support for C utils

Browse Source 
Add automatic creation of python an C file lists for potfiles
Deletes useless copy of Makefile in install/po
Remove duplicate maintainer-clean target
Add debug target that prints file lists
Unbreak update-po target, merges in patch from John
This commit is contained in:
Simo Sorce 2010-10-11 18:36:43 -04:00
parent f9c0eb5222
commit b735fc8d17
7 changed files with 357 additions and 269 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
install/po/Makefile.in
View File

@ -32,129 +32,30 @@ po_files = $(patsubst %, %.po, $(languages))
mo_files = $(patsubst %.po, %.mo, $(po_files)) mo_files = $(patsubst %.po, %.mo, $(po_files))
po_count=$(words $(po_files)) po_count=$(words $(po_files))
PYTHON_POTFILES = \ PY_FILES = $(shell cd ../..; git ls-files | grep -v -e "^tests/" -e "^doc/" -e "^install/po/" -e "^ipapython/test/" -e "^ipa-radius-server/" -e "setup.py" -e "setup-client.py" | grep "\.py$$" | tr '\n' ' '; cd install/po)
../../ipa \ C_FILES = $(shell cd ../..; git ls-files | grep "\.c$$" | tr '\n' ' '; cd install/po)
../../lite-server.py \ H_FILES = $(shell cd ../..; git ls-files | grep "\.h$$" | tr '\n' ' '; cd install/po)
../../ipapython/config.py \
../../ipapython/sysrestore.py \
../../ipapython/__init__.py \
../../ipapython/ipautil.py \
../../ipapython/certdb.py \
../../ipapython/ipavalidate.py \
../../ipapython/dnsclient.py \
../../ipapython/dogtag.py \
../../ipapython/nsslib.py \
../../ipapython/entity.py \
../../install/tools/ipa-replica-manage \
../../install/tools/ipa-server-certinstall \
../../install/tools/ipa-replica-install \
../../install/tools/ipa-nis-manage \
../../install/tools/ipa-upgradeconfig \
../../install/tools/ipa-replica-prepare \
../../install/tools/ipa-compat-manage \
../../install/tools/ipa-server-install \
../../install/tools/ipa-ldap-updater \
../../install/migration/migration.py \
../../ipalib/config.py \
../../ipalib/parameters.py \
../../ipalib/request.py \
../../ipalib/output.py \
../../ipalib/__init__.py \
../../ipalib/backend.py \
../../ipalib/pkcs10.py \
../../ipalib/x509.py \
../../ipalib/plugable.py \
../../ipalib/constants.py \
../../ipalib/aci.py \
../../ipalib/base.py \
../../ipalib/ipauuid.py \
../../ipalib/crud.py \
../../ipalib/cli.py \
../../ipalib/text.py \
../../ipalib/compat.py \
../../ipalib/frontend.py \
../../ipalib/rpc.py \
../../ipalib/errors.py \
../../ipalib/encoder.py \
../../ipalib/util.py \
../../ipalib/plugins/config.py \
../../ipalib/plugins/rolegroup.py \
../../ipalib/plugins/host.py \
../../ipalib/plugins/group.py \
../../ipalib/plugins/migration.py \
../../ipalib/plugins/xmlclient.py \
../../ipalib/plugins/service.py \
../../ipalib/plugins/passwd.py \
../../ipalib/plugins/__init__.py \
../../ipalib/plugins/virtual.py \
../../ipalib/plugins/hbac.py \
../../ipalib/plugins/cert.py \
../../ipalib/plugins/baseldap.py \
../../ipalib/plugins/aci.py \
../../ipalib/plugins/kerberos.py \
../../ipalib/plugins/krbtpolicy.py \
../../ipalib/plugins/dns.py \
../../ipalib/plugins/automount.py \
../../ipalib/plugins/netgroup.py \
../../ipalib/plugins/misc.py \
../../ipalib/plugins/user.py \
../../ipalib/plugins/taskgroup.py \
../../ipalib/plugins/hostgroup.py \
../../ipalib/plugins/pwpolicy.py \
../../ipalib/plugins/internal.py \
../../ipaserver/__init__.py \
../../ipaserver/servercore.py \
../../ipaserver/ipautil.py \
../../ipaserver/rpcserver.py \
../../ipaserver/conn.py \
../../ipaserver/ipaldap.py \
../../ipaserver/install/installutils.py \
../../ipaserver/install/service.py \
../../ipaserver/install/ldapupdate.py \
../../ipaserver/install/__init__.py \
../../ipaserver/install/cainstance.py \
../../ipaserver/install/ntpinstance.py \
../../ipaserver/install/bindinstance.py \
../../ipaserver/install/krbinstance.py \
../../ipaserver/install/certs.py \
../../ipaserver/install/dsinstance.py \
../../ipaserver/install/replication.py \
../../ipaserver/install/httpinstance.py \
../../ipaserver/plugins/ldap2.py \
../../ipaserver/plugins/rabase.py \
../../ipaserver/plugins/selfsign.py \
../../ipaserver/plugins/__init__.py \
../../ipaserver/plugins/join.py \
../../ipaserver/plugins/ldapapi.py \
../../ipaserver/plugins/xmlserver.py \
../../ipaserver/plugins/dogtag.py \
../../contrib/RHEL4/ipachangeconf.py \
../../ipa-client/ipaclient/ntpconf.py \
../../ipa-client/ipaclient/__init__.py \
../../ipa-client/ipaclient/ipachangeconf.py \
../../ipa-client/ipaclient/ipadiscovery.py \
../../ipa-client/ipa-install/ipa-client-install
C_POTFILES = \ PY_EXPLICIT_FILES = \
../../daemons/ipa-kpasswd/ipa_kpasswd.c \ ipa \
../../daemons/ipa-slapi-plugins/ipa-enrollment/ipa_enrollment.c \ install/tools/ipa-replica-manage \
../../daemons/ipa-slapi-plugins/ipa-memberof/ipa-memberof.c \ install/tools/ipa-server-certinstall \
../../daemons/ipa-slapi-plugins/ipa-memberof/ipa-memberof.h \ install/tools/ipa-replica-install \
../../daemons/ipa-slapi-plugins/ipa-memberof/ipa-memberof_config.c \ install/tools/ipa-nis-manage \
../../daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c \ install/tools/ipa-upgradeconfig \
../../daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync-config.c \ install/tools/ipa-replica-prepare \
../../daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c \ install/tools/ipa-compat-manage \
../../daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h \ install/tools/ipa-server-install \
../../ipa-client/config.c \ install/tools/ipa-ldap-updater \
../../ipa-client/ipa-getkeytab.c \ ipa-client/ipa-install/ipa-client-install
../../ipa-client/ipa-join.c \
../../ipa-client/ipa-rmkeytab.c
POTFILES = $(PYTHON_POTFILES) $(C_POTFILES) PYTHON_POTFILES = $(PY_FILES) $(PY_EXPLICIT_FILES)
C_POTFILES = $(C_FILES) $(H_FILES)
.SUFFIXES: .SUFFIXES:
.SUFFIXES: .po .mo .SUFFIXES: .po .mo
.PHONY: all create-po update-po update-pot install mostlyclean clean distclean test_lang test mo-files .PHONY: all create-po update-po update-pot install mostlyclean clean distclean test_lang test mo-files debug
all: all:
@ -170,6 +71,7 @@ $(po_files): $(DOMAIN).pot
echo Creating nonexistent $@, you should add this file to your SCM repository; \ echo Creating nonexistent $@, you should add this file to your SCM repository; \
$(MSGINIT) --locale $$lang --no-translator -i $(DOMAIN).pot -o $@; \ $(MSGINIT) --locale $$lang --no-translator -i $(DOMAIN).pot -o $@; \
fi; \ fi; \
echo Merging $(DOMAIN).pot into $@; \
$(MSGMERGE) $@ -o $@ $(DOMAIN).pot $(MSGMERGE) $@ -o $@ $(DOMAIN).pot
create-po: $(DOMAIN).pot create-po: $(DOMAIN).pot
@ -182,20 +84,24 @@ create-po: $(DOMAIN).pot
done done
update-po: update-pot update-po: update-pot
$(MAKE) all $(MAKE) $(po_files)
update-pot: update-pot:
@rm -f $(DOMAIN).pot.update @rm -f $(DOMAIN).pot.update
@$(XGETTEXT) $(XGETTEXT_OPTIONS) \ @pushd ../.. ; \
--output $(DOMAIN).pot.update \ $(XGETTEXT) $(XGETTEXT_OPTIONS) \
--output install/po/$(DOMAIN).pot.update \
--language="python" \ --language="python" \
$(PYTHON_POTFILES) \ $(PYTHON_POTFILES) \
&& \ && \
$(XGETTEXT) $(XGETTEXT_OPTIONS) \ $(XGETTEXT) $(XGETTEXT_OPTIONS) \
--output $(DOMAIN).pot.update \ --output install/po/$(DOMAIN).pot.update \
--join-existing \ --join-existing \
--language="c" \ --language="c" \
--from-code="UTF-8" \
--keyword='_' \
$(C_POTFILES) ; \ $(C_POTFILES) ; \
popd ; \
$(SED) '/^"POT-Creation-Date: .*"$$/d' $(DOMAIN).pot.update > $(DOMAIN).pot.update.tmp ; \ $(SED) '/^"POT-Creation-Date: .*"$$/d' $(DOMAIN).pot.update > $(DOMAIN).pot.update.tmp ; \
$(SED) -i -r -e 's%("Content-Type: text/plain; charset=)(.*)(\\n")%\1UTF-8\3%' $(DOMAIN).pot.update.tmp ; \ $(SED) -i -r -e 's%("Content-Type: text/plain; charset=)(.*)(\\n")%\1UTF-8\3%' $(DOMAIN).pot.update.tmp ; \
$(SED) '/^"POT-Creation-Date: .*"$$/d' $(DOMAIN).pot > $(DOMAIN).pot.tmp ; \ $(SED) '/^"POT-Creation-Date: .*"$$/d' $(DOMAIN).pot > $(DOMAIN).pot.tmp ; \
@ -282,5 +188,11 @@ test_lang:
test: test_lang test: test_lang
./test_i18n.py ./test_i18n.py
maintainer-clean: debug:
@echo Python potfiles:
@echo PY_FILES = $(PY_FILES)
@echo PY_EXPLICIT_FILES = $(PY_EXPLICIT_FILES)
@echo C potfiles:
@echo C_FILES = $(C_FILES)
@echo H_FILES = $(H_FILES)

3
install/po/README
View File

@ -3,6 +3,9 @@ Q: I've added a new source file, how do I make sure it's strings get translated?
A: Edit Makefile.in and add the source file to the appropriate *_POTFILES list. A: Edit Makefile.in and add the source file to the appropriate *_POTFILES list.
Then run "make update-po". Then run "make update-po".
NOTE: Now this i only necessary for python files that lack the .py
extension. All .py, .c and .h files are automatically sourced.
Q: How do I pick up new strings to translate from the source files after the Q: How do I pick up new strings to translate from the source files after the
source have been modified? source have been modified?

1
ipa-client/Makefile.am
View File

@ -12,6 +12,7 @@ INCLUDES = \
-DLIBDIR=\""$(libdir)"\" \ -DLIBDIR=\""$(libdir)"\" \
-DLIBEXECDIR=\""$(libexecdir)"\" \ -DLIBEXECDIR=\""$(libexecdir)"\" \
-DDATADIR=\""$(datadir)"\" \ -DDATADIR=\""$(datadir)"\" \
-DLOCALEDIR=\""$(localedir)"\" \
$(KRB5_CFLAGS) \ $(KRB5_CFLAGS) \
$(OPENLDAP_CFLAGS) \ $(OPENLDAP_CFLAGS) \
$(MOZLDAP_CFLAGS) \ $(MOZLDAP_CFLAGS) \

35
ipa-client/config.c
View File

@ -37,6 +37,11 @@
#include <stdlib.h> #include <stdlib.h>
#include <ctype.h> #include <ctype.h>
#include <errno.h>
#include "config.h"
#include <libintl.h>
#define _(STRING) gettext(STRING)
char * char *
read_config_file(const char *filename) read_config_file(const char *filename)
{ {
@ -47,14 +52,14 @@ read_config_file(const char *filename)
fd = open(filename, O_RDONLY); fd = open(filename, O_RDONLY);
if (fd == -1) { if (fd == -1) {
fprintf(stderr, "cannot open configuration file %s\n", filename); fprintf(stderr, _("cannot open configuration file %s\n"), filename);
return NULL; return NULL;
} }
/* stat() the file so we know the size and can pre-allocate the right /* stat() the file so we know the size and can pre-allocate the right
* amount of memory. */ * amount of memory. */
if (fstat(fd, &st) == -1) { if (fstat(fd, &st) == -1) {
fprintf(stderr, "cannot stat() configuration file %s\n", filename); fprintf(stderr, _("cannot stat() configuration file %s\n"), filename);
return NULL; return NULL;
} }
left = st.st_size; left = st.st_size;
@ -67,7 +72,7 @@ read_config_file(const char *filename)
if (res == 0) if (res == 0)
break; break;
if (res < 0) { if (res < 0) {
fprintf(stderr, "read error\n"); fprintf(stderr, _("read error\n"));
close(fd); close(fd);
free(dest); free(dest);
return NULL; return NULL;
@ -159,3 +164,27 @@ get_config_entry(char * in_data, const char *section, const char *key)
free(data); free(data);
return NULL; return NULL;
} }
int init_gettext(void)
{
char *c;
c = setlocale(LC_ALL, "");
if (!c) {
return EIO;
}
errno = 0;
c = bindtextdomain(PACKAGE, LOCALEDIR);
if (c == NULL) {
return errno;
}
errno = 0;
c = textdomain(PACKAGE);
if (c == NULL) {
return errno;
}
return 0;
}

180
ipa-client/ipa-getkeytab.c
View File

@ -40,6 +40,10 @@
#include <sasl/sasl.h> #include <sasl/sasl.h>
#include <popt.h> #include <popt.h>
#include "config.h"
#include <libintl.h>
#define _(STRING) gettext(STRING)
/* Salt types */ /* Salt types */
#define NO_SALT -1 #define NO_SALT -1
#define KRB5_KDB_SALTTYPE_NORMAL 0 #define KRB5_KDB_SALTTYPE_NORMAL 0
@ -131,7 +135,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str,
krberr = krb5_get_permitted_enctypes(krbctx, &ktypes); krberr = krb5_get_permitted_enctypes(krbctx, &ktypes);
if (krberr) { if (krberr) {
fprintf(stderr, "No system preferred enctypes ?!\n"); fprintf(stderr, _("No system preferred enctypes ?!\n"));
return 0; return 0;
} }
@ -139,7 +143,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str,
ksdata = calloc(n + 1, sizeof(struct krb_key_salt)); ksdata = calloc(n + 1, sizeof(struct krb_key_salt));
if (NULL == ksdata) { if (NULL == ksdata) {
fprintf(stderr, "Out of memory!?\n"); fprintf(stderr, _("Out of memory!?\n"));
return 0; return 0;
} }
@ -157,7 +161,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str,
t = tmp = strdup(str); t = tmp = strdup(str);
if (!tmp) { if (!tmp) {
fprintf(stderr, "Out of memory\n"); fprintf(stderr, _("Out of memory\n"));
return 0; return 0;
} }
@ -172,7 +176,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str,
/* at the end we will have at most n entries + 1 terminating */ /* at the end we will have at most n entries + 1 terminating */
ksdata = calloc(n + 1, sizeof(struct krb_key_salt)); ksdata = calloc(n + 1, sizeof(struct krb_key_salt));
if (!ksdata) { if (!ksdata) {
fprintf(stderr, "Out of memory\n"); fprintf(stderr, _("Out of memory\n"));
return 0; return 0;
} }
@ -187,7 +191,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str,
krberr = krb5_string_to_enctype(t, &ksdata[j].enctype); krberr = krb5_string_to_enctype(t, &ksdata[j].enctype);
if (krberr != 0) { if (krberr != 0) {
fprintf(stderr, fprintf(stderr,
"Warning unrecognized encryption type: [%s]\n", t); _("Warning unrecognized encryption type: [%s]\n"), t);
t = p+1; t = p+1;
continue; continue;
} }
@ -201,7 +205,8 @@ static int prep_ksdata(krb5_context krbctx, const char *str,
krberr = krb5_string_to_salttype(q, &ksdata[j].salttype); krberr = krb5_string_to_salttype(q, &ksdata[j].salttype);
if (krberr != 0) { if (krberr != 0) {
fprintf(stderr, "Warning unrecognized salt type: [%s]\n", q); fprintf(stderr,
_("Warning unrecognized salt type: [%s]\n"), q);
continue; continue;
} }
@ -227,7 +232,7 @@ static int prep_ksdata(krb5_context krbctx, const char *str,
&similar); &similar);
if (krberr) { if (krberr) {
free_keys_contents(krbctx, keys); free_keys_contents(krbctx, keys);
fprintf(stderr, "Enctype comparison failed!\n"); fprintf(stderr, _("Enctype comparison failed!\n"));
return 0; return 0;
} }
if (similar && if (similar &&
@ -289,7 +294,7 @@ static int create_keys(krb5_context krbctx,
ksdata[i].enctype, ksdata[i].enctype,
&ksdata[i].key); &ksdata[i].key);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to create random key!\n"); fprintf(stderr, _("Failed to create random key!\n"));
return 0; return 0;
} }
/* set the salt to NO_SALT as the key was random */ /* set the salt to NO_SALT as the key was random */
@ -302,14 +307,14 @@ static int create_keys(krb5_context krbctx,
case KRB5_KDB_SALTTYPE_ONLYREALM: case KRB5_KDB_SALTTYPE_ONLYREALM:
krberr = krb5_copy_data(krbctx, realm, &salt); krberr = krb5_copy_data(krbctx, realm, &salt);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to create key!\n"); fprintf(stderr, _("Failed to create key!\n"));
return 0; return 0;
} }
ksdata[i].salt.length = salt->length; ksdata[i].salt.length = salt->length;
ksdata[i].salt.data = malloc(salt->length); ksdata[i].salt.data = malloc(salt->length);
if (!ksdata[i].salt.data) { if (!ksdata[i].salt.data) {
fprintf(stderr, "Out of memory!\n"); fprintf(stderr, _("Out of memory!\n"));
return 0; return 0;
} }
memcpy(ksdata[i].salt.data, salt->data, salt->length); memcpy(ksdata[i].salt.data, salt->data, salt->length);
@ -319,7 +324,7 @@ static int create_keys(krb5_context krbctx,
case KRB5_KDB_SALTTYPE_NOREALM: case KRB5_KDB_SALTTYPE_NOREALM:
krberr = krb5_principal2salt_norealm(krbctx, princ, &ksdata[i].salt); krberr = krb5_principal2salt_norealm(krbctx, princ, &ksdata[i].salt);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to create key!\n"); fprintf(stderr, _("Failed to create key!\n"));
return 0; return 0;
} }
break; break;
@ -327,7 +332,7 @@ static int create_keys(krb5_context krbctx,
case KRB5_KDB_SALTTYPE_NORMAL: case KRB5_KDB_SALTTYPE_NORMAL:
krberr = krb5_principal2salt(krbctx, princ, &ksdata[i].salt); krberr = krb5_principal2salt(krbctx, princ, &ksdata[i].salt);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to create key!\n"); fprintf(stderr, _("Failed to create key!\n"));
return 0; return 0;
} }
break; break;
@ -342,7 +347,7 @@ static int create_keys(krb5_context krbctx,
*/ */
ksdata[i].salt.data = (char *)malloc(realm->length + 1); ksdata[i].salt.data = (char *)malloc(realm->length + 1);
if (NULL == ksdata[i].salt.data) { if (NULL == ksdata[i].salt.data) {
fprintf(stderr, "Out of memory!\n"); fprintf(stderr, _("Out of memory!\n"));
return 0; return 0;
} }
memcpy((char *)ksdata[i].salt.data, memcpy((char *)ksdata[i].salt.data,
@ -353,7 +358,7 @@ static int create_keys(krb5_context krbctx,
break; break;
default: default:
fprintf(stderr, "Bad or unsupported salt type (%d)!\n", fprintf(stderr, _("Bad or unsupported salt type (%d)!\n"),
ksdata[i].salttype); ksdata[i].salttype);
return 0; return 0;
} }
@ -364,7 +369,7 @@ static int create_keys(krb5_context krbctx,
&ksdata[i].salt, &ksdata[i].salt,
&ksdata[i].key); &ksdata[i].key);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to create key!\n"); fprintf(stderr, _("Failed to create key!\n"));
return 0; return 0;
} }
@ -473,7 +478,7 @@ int filter_keys(krb5_context krbctx, struct keys_container *keys,
} }
if (n == 0) { if (n == 0) {
fprintf(stderr, "No keys accepted by KDC\n"); fprintf(stderr, _("No keys accepted by KDC\n"));
return 0; return 0;
} }
@ -488,7 +493,7 @@ static int ipa_ldap_init(LDAP ** ld, const char * scheme, const char * servernam
url = (char *)malloc (url_len); url = (char *)malloc (url_len);
if (!url){ if (!url){
fprintf(stderr, "Out of memory \n"); fprintf(stderr, _("Out of memory \n"));
return LDAP_NO_MEMORY; return LDAP_NO_MEMORY;
} }
sprintf(url,"%s://%s:%d",scheme,servername,port); sprintf(url,"%s://%s:%d",scheme,servername,port);
@ -526,14 +531,14 @@ static int ldap_set_keytab(krb5_context krbctx,
/* cant' return more than nkeys, sometimes less */ /* cant' return more than nkeys, sometimes less */
encs = calloc(keys->nkeys + 1, sizeof(ber_int_t)); encs = calloc(keys->nkeys + 1, sizeof(ber_int_t));
if (!encs) { if (!encs) {
fprintf(stderr, "Out of Memory!\n"); fprintf(stderr, _("Out of Memory!\n"));
return 0; return 0;
} }
/* build password change control */ /* build password change control */
control = create_key_control(keys, principal_name); control = create_key_control(keys, principal_name);
if (!control) { if (!control) {
fprintf(stderr, "Failed to create control!\n"); fprintf(stderr, _("Failed to create control!\n"));
goto error_out; goto error_out;
} }
@ -557,21 +562,21 @@ static int ldap_set_keytab(krb5_context krbctx,
} }
if(ld == NULL) { if(ld == NULL) {
fprintf(stderr, "Unable to initialize ldap library!\n"); fprintf(stderr, _("Unable to initialize ldap library!\n"));
goto error_out; goto error_out;
} }
version = LDAP_VERSION3; version = LDAP_VERSION3;
ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);
if (ret != LDAP_SUCCESS) { if (ret != LDAP_SUCCESS) {
fprintf(stderr, "Unable to set ldap options!\n"); fprintf(stderr, _("Unable to set ldap options!\n"));
goto error_out; goto error_out;
} }
if (binddn) { if (binddn) {
ret = ldap_bind_s(ld, binddn, bindpw, LDAP_AUTH_SIMPLE); ret = ldap_bind_s(ld, binddn, bindpw, LDAP_AUTH_SIMPLE);
if (ret != LDAP_SUCCESS) { if (ret != LDAP_SUCCESS) {
fprintf(stderr, "Simple bind failed\n"); fprintf(stderr, _("Simple bind failed\n"));
goto error_out; goto error_out;
} }
} else { } else {
@ -581,7 +586,7 @@ static int ldap_set_keytab(krb5_context krbctx,
LDAP_SASL_QUIET, LDAP_SASL_QUIET,
ldap_sasl_interact, princ); ldap_sasl_interact, princ);
if (ret != LDAP_SUCCESS) { if (ret != LDAP_SUCCESS) {
fprintf(stderr, "SASL Bind failed!\n"); fprintf(stderr, _("SASL Bind failed!\n"));
goto error_out; goto error_out;
} }
} }
@ -597,7 +602,8 @@ static int ldap_set_keytab(krb5_context krbctx,
control, NULL, NULL, control, NULL, NULL,
&msgid); &msgid);
if (ret != LDAP_SUCCESS) { if (ret != LDAP_SUCCESS) {
fprintf(stderr, "Operation failed! %s\n", ldap_err2string(ret)); fprintf(stderr, _("Operation failed! %s\n"),
ldap_err2string(ret));
goto error_out; goto error_out;
} }
@ -609,24 +615,27 @@ static int ldap_set_keytab(krb5_context krbctx,
ret = ldap_result(ld, msgid, 1, &tv, &res); ret = ldap_result(ld, msgid, 1, &tv, &res);
if (ret == -1) { if (ret == -1) {
fprintf(stderr, "Operation failed! %s\n", ldap_err2string(ret)); fprintf(stderr, _("Operation failed! %s\n"),
ldap_err2string(ret));
goto error_out; goto error_out;
} }
ret = ldap_parse_extended_result(ld, res, &retoid, &retdata, 0); ret = ldap_parse_extended_result(ld, res, &retoid, &retdata, 0);
if(ret != LDAP_SUCCESS) { if(ret != LDAP_SUCCESS) {
fprintf(stderr, "Operation failed! %s\n", ldap_err2string(ret)); fprintf(stderr, _("Operation failed! %s\n"),
ldap_err2string(ret));
goto error_out; goto error_out;
} }
ret = ldap_parse_result(ld, res, &rc, NULL, &err, NULL, &srvctrl, 0); ret = ldap_parse_result(ld, res, &rc, NULL, &err, NULL, &srvctrl, 0);
if(ret != LDAP_SUCCESS || rc != LDAP_SUCCESS) { if(ret != LDAP_SUCCESS || rc != LDAP_SUCCESS) {
fprintf(stderr, "Operation failed! %s\n", err?err:ldap_err2string(ret)); fprintf(stderr, _("Operation failed! %s\n"),
err ? err : ldap_err2string(ret));
goto error_out; goto error_out;
} }
if (!srvctrl) { if (!srvctrl) {
fprintf(stderr, "Missing reply control!\n"); fprintf(stderr, _("Missing reply control!\n"));
goto error_out; goto error_out;
} }
@ -636,14 +645,14 @@ static int ldap_set_keytab(krb5_context krbctx,
} }
} }
if (!pprc) { if (!pprc) {
fprintf(stderr, "Missing reply control!\n"); fprintf(stderr, _("Missing reply control!\n"));
goto error_out; goto error_out;
} }
sctrl = ber_init(&pprc->ldctl_value); sctrl = ber_init(&pprc->ldctl_value);
if (!sctrl) { if (!sctrl) {
fprintf(stderr, "ber_init() failed, Invalid control ?!\n"); fprintf(stderr, _("ber_init() failed, Invalid control ?!\n"));
goto error_out; goto error_out;
} }
@ -662,7 +671,7 @@ static int ldap_set_keytab(krb5_context krbctx,
rtag = ber_scanf(sctrl, "{i{", &kvno); rtag = ber_scanf(sctrl, "{i{", &kvno);
if (rtag == LBER_ERROR) { if (rtag == LBER_ERROR) {
fprintf(stderr, "ber_scanf() failed, Invalid control ?!\n"); fprintf(stderr, _("ber_scanf() failed, Invalid control ?!\n"));
goto error_out; goto error_out;
} }
@ -703,13 +712,13 @@ static char *ask_password(krb5_context krbctx)
k5d_pw0.length = sizeof(pw0); k5d_pw0.length = sizeof(pw0);
k5d_pw0.data = pw0; k5d_pw0.data = pw0;
ap_prompts[0].prompt = "New Principal Password"; ap_prompts[0].prompt = _("New Principal Password");
ap_prompts[0].hidden = 1; ap_prompts[0].hidden = 1;
ap_prompts[0].reply = &k5d_pw0; ap_prompts[0].reply = &k5d_pw0;
k5d_pw1.length = sizeof(pw1); k5d_pw1.length = sizeof(pw1);
k5d_pw1.data = pw1; k5d_pw1.data = pw1;
ap_prompts[1].prompt = "Verify Principal Password"; ap_prompts[1].prompt = _("Verify Principal Password");
ap_prompts[1].hidden = 1; ap_prompts[1].hidden = 1;
ap_prompts[1].reply = &k5d_pw1; ap_prompts[1].reply = &k5d_pw1;
@ -718,7 +727,7 @@ static char *ask_password(krb5_context krbctx)
2, ap_prompts); 2, ap_prompts);
if (strcmp(pw0, pw1)) { if (strcmp(pw0, pw1)) {
fprintf(stderr, "Passwords do not match!"); fprintf(stderr, _("Passwords do not match!"));
return NULL; return NULL;
} }
@ -730,6 +739,30 @@ static char *ask_password(krb5_context krbctx)
return password; return password;
} }
int init_gettext(void)
{
char *c;
c = setlocale(LC_ALL, "");
if (!c) {
return EIO;
}
errno = 0;
c = bindtextdomain(PACKAGE, LOCALEDIR);
if (c == NULL) {
return errno;
}
errno = 0;
c = textdomain(PACKAGE);
if (c == NULL) {
return errno;
}
return 0;
}
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
static const char *server = NULL; static const char *server = NULL;
@ -742,17 +775,31 @@ int main(int argc, char *argv[])
int askpass = 0; int askpass = 0;
int permitted_enctypes = 0; int permitted_enctypes = 0;
struct poptOption options[] = { struct poptOption options[] = {
{ "quiet", 'q', POPT_ARG_NONE, &quiet, 0, "Print as little as possible", "Output only on errors"}, { "quiet", 'q', POPT_ARG_NONE, &quiet, 0,
{ "server", 's', POPT_ARG_STRING, &server, 0, "Contact this specific KDC Server", "Server Name" }, _("Print as little as possible"), _("Output only on errors")},
{ "principal", 'p', POPT_ARG_STRING, &principal, 0, "The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)", "Kerberos Service Principal Name" }, { "server", 's', POPT_ARG_STRING, &server, 0,
{ "keytab", 'k', POPT_ARG_STRING, &keytab, 0, "File were to store the keytab information", "Keytab File Name" }, _("Contact this specific KDC Server"),
{ "enctypes", 'e', POPT_ARG_STRING, &enctypes_string, 0, "Encryption types to request", "Comma separated encryption types list" }, _("Server Name") },
{ "permitted-enctypes", 0, POPT_ARG_NONE, &permitted_enctypes, 0, "Show the list of permitted encryption types and exit", "Permitted Encryption Types"}, { "principal", 'p', POPT_ARG_STRING, &principal, 0,
{ "password", 'P', POPT_ARG_NONE, &askpass, 0, "Asks for a non-random password to use for the principal" }, _("The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)"),
{ "binddn", 'D', POPT_ARG_STRING, &binddn, 0, "LDAP DN", "DN to bind as if not using kerberos" }, _("Kerberos Service Principal Name") },
{ "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0, "LDAP password", "password to use if not using kerberos" }, { "keytab", 'k', POPT_ARG_STRING, &keytab, 0,
POPT_AUTOHELP _("File were to store the keytab information"),
POPT_TABLEEND _("Keytab File Name") },
{ "enctypes", 'e', POPT_ARG_STRING, &enctypes_string, 0,
_("Encryption types to request"),
_("Comma separated encryption types list") },
{ "permitted-enctypes", 0, POPT_ARG_NONE, &permitted_enctypes, 0,
_("Show the list of permitted encryption types and exit"),
_("Permitted Encryption Types") },
{ "password", 'P', POPT_ARG_NONE, &askpass, 0,
_("Asks for a non-random password to use for the principal") },
{ "binddn", 'D', POPT_ARG_STRING, &binddn, 0,
_("LDAP DN"), _("DN to bind as if not using kerberos") },
{ "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0,
_("LDAP password"), _("password to use if not using kerberos") },
POPT_AUTOHELP
POPT_TABLEEND
}; };
poptContext pc; poptContext pc;
char *ktname; char *ktname;
@ -768,9 +815,14 @@ int main(int argc, char *argv[])
int kvno; int kvno;
int i, ret; int i, ret;
ret = init_gettext();
if (ret) {
exit(1);
}
krberr = krb5_init_context(&krbctx); krberr = krb5_init_context(&krbctx);
if (krberr) { if (krberr) {
fprintf(stderr, "Kerberos context initialization failed\n"); fprintf(stderr, _("Kerberos context initialization failed\n"));
exit(1); exit(1);
} }
@ -783,14 +835,15 @@ int main(int argc, char *argv[])
krberr = krb5_get_permitted_enctypes(krbctx, &ktypes); krberr = krb5_get_permitted_enctypes(krbctx, &ktypes);
if (krberr) { if (krberr) {
fprintf(stderr, "No system preferred enctypes ?!\n"); fprintf(stderr, _("No system preferred enctypes ?!\n"));
exit(1); exit(1);
} }
fprintf(stdout, "Supported encryption types:\n"); fprintf(stdout, _("Supported encryption types:\n"));
for (i = 0; ktypes[i]; i++) { for (i = 0; ktypes[i]; i++) {
krberr = krb5_enctype_to_string(ktypes[i], enc, 79); krberr = krb5_enctype_to_string(ktypes[i], enc, 79);
if (krberr) { if (krberr) {
fprintf(stderr, "Warning: failed to convert type (#%d)\n", i); fprintf(stderr, _("Warning: "
"failed to convert type (#%d)\n"), i);
continue; continue;
} }
fprintf(stdout, "%s\n", enc); fprintf(stdout, "%s\n", enc);
@ -807,7 +860,8 @@ int main(int argc, char *argv[])
} }
if (NULL!=binddn && NULL==bindpw) { if (NULL!=binddn && NULL==bindpw) {
fprintf(stderr, "Bind password required when using a bind DN.\n"); fprintf(stderr,
_("Bind password required when using a bind DN.\n"));
if (!quiet) if (!quiet)
poptPrintUsage(pc, stderr, 0); poptPrintUsage(pc, stderr, 0);
exit(10); exit(10);
@ -820,7 +874,8 @@ int main(int argc, char *argv[])
} }
} else if (enctypes_string && strchr(enctypes_string, ':')) { } else if (enctypes_string && strchr(enctypes_string, ':')) {
if (!quiet) { if (!quiet) {
fprintf(stderr, "Warning: salt types are not honored with randomized passwords (see opt. -P)\n"); fprintf(stderr, _("Warning: salt types are not honored"
" with randomized passwords (see opt. -P)\n"));
} }
} }
@ -831,36 +886,38 @@ int main(int argc, char *argv[])
krberr = krb5_parse_name(krbctx, principal, &sprinc); krberr = krb5_parse_name(krbctx, principal, &sprinc);
if (krberr) { if (krberr) {
fprintf(stderr, "Invalid Service Principal Name\n"); fprintf(stderr, _("Invalid Service Principal Name\n"));
exit(4); exit(4);
} }
if (NULL == bindpw) { if (NULL == bindpw) {
krberr = krb5_cc_default(krbctx, &ccache); krberr = krb5_cc_default(krbctx, &ccache);
if (krberr) { if (krberr) {
fprintf(stderr, "Kerberos Credential Cache not found\n" fprintf(stderr,
"Do you have a Kerberos Ticket?\n"); _("Kerberos Credential Cache not found. "
"Do you have a Kerberos Ticket?\n"));
exit(5); exit(5);
} }
krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc); krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc);
if (krberr) { if (krberr) {
fprintf(stderr, "Kerberos User Principal not found\n" fprintf(stderr,
"Do you have a valid Credential Cache?\n"); _("Kerberos User Principal not found. "
"Do you have a valid Credential Cache?\n"));
exit(6); exit(6);
} }
} }
krberr = krb5_kt_resolve(krbctx, ktname, &kt); krberr = krb5_kt_resolve(krbctx, ktname, &kt);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to open Keytab\n"); fprintf(stderr, _("Failed to open Keytab\n"));
exit(7); exit(7);
} }
/* create key material */ /* create key material */
ret = create_keys(krbctx, sprinc, password, enctypes_string, &keys); ret = create_keys(krbctx, sprinc, password, enctypes_string, &keys);
if (!ret) { if (!ret) {
fprintf(stderr, "Failed to create key material\n"); fprintf(stderr, _("Failed to create key material\n"));
exit(8); exit(8);
} }
@ -878,7 +935,8 @@ int main(int argc, char *argv[])
krberr = krb5_kt_add_entry(krbctx, kt, &kt_entry); krberr = krb5_kt_add_entry(krbctx, kt, &kt_entry);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to add key to the keytab\n"); fprintf(stderr,
_("Failed to add key to the keytab\n"));
exit (11); exit (11);
} }
} }
@ -887,13 +945,13 @@ int main(int argc, char *argv[])
krberr = krb5_kt_close(krbctx, kt); krberr = krb5_kt_close(krbctx, kt);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to close the keytab\n"); fprintf(stderr, _("Failed to close the keytab\n"));
exit (12); exit (12);
} }
if (!quiet) { if (!quiet) {
fprintf(stderr, fprintf(stderr,
"Keytab successfully retrieved and stored in: %s\n", _("Keytab successfully retrieved and stored in: %s\n"),
keytab); keytab);
} }
exit(0); exit(0);

165
ipa-client/ipa-join.c
View File

@ -38,6 +38,9 @@
#include "xmlrpc-c/base.h" #include "xmlrpc-c/base.h"
#include "xmlrpc-c/client.h" #include "xmlrpc-c/client.h"
#include <libintl.h>
#define _(STRING) gettext(STRING)
#define NAME "ipa-join" #define NAME "ipa-join"
#define VERSION "1.0" #define VERSION "1.0"
@ -60,7 +63,8 @@ handle_fault(xmlrpc_env * const envP) {
if (envP->fault_occurred) { if (envP->fault_occurred) {
switch(envP->fault_code) { switch(envP->fault_code) {
case 2100: /* unable to add new host entry or write objectClass */ case 2100: /* unable to add new host entry or write objectClass */
fprintf(stderr, "No permission to join this host to the IPA domain.\n"); fprintf(stderr,
_("No permission to join this host to the IPA domain.\n"));
break; break;
default: default:
fprintf(stderr, "%s\n", envP->fault_string); fprintf(stderr, "%s\n", envP->fault_string);
@ -96,7 +100,9 @@ static int check_perms(const char *keytab)
if (ret == -1) { if (ret == -1) {
switch(errno) { switch(errno) {
case EACCES: case EACCES:
fprintf(stderr, "No write permissions on keytab file '%s'\n", keytab); fprintf(stderr,
_("No write permissions on keytab file '%s'\n"),
keytab);
break; break;
case ENOENT: case ENOENT:
/* file doesn't exist, lets touch it and see if writable */ /* file doesn't exist, lets touch it and see if writable */
@ -106,10 +112,14 @@ static int check_perms(const char *keytab)
unlink(keytab); unlink(keytab);
return 0; return 0;
} }
fprintf(stderr, "No write permissions on keytab file '%s'\n", keytab); fprintf(stderr,
_("No write permissions on keytab file '%s'\n"),
keytab);
break; break;
default: default:
fprintf(stderr, "access() on %s failed: errno = %d\n", keytab, errno); fprintf(stderr,
_("access() on %s failed: errno = %d\n"),
keytab, errno);
break; break;
} }
return 1; return 1;
@ -187,13 +197,13 @@ connect_ldap(const char *hostname, const char *binddn, const char *bindpw) {
ld = (LDAP *)ldap_init(hostname, 636); ld = (LDAP *)ldap_init(hostname, 636);
if (ldap_set_option(ld, LDAP_OPT_X_TLS, &ssl) != LDAP_OPT_SUCCESS) { if (ldap_set_option(ld, LDAP_OPT_X_TLS, &ssl) != LDAP_OPT_SUCCESS) {
fprintf(stderr, "Unable to enable SSL in LDAP\n"); fprintf(stderr, _("Unable to enable SSL in LDAP\n"));
goto fail; goto fail;
} }
ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);
if (ret != LDAP_SUCCESS) { if (ret != LDAP_SUCCESS) {
fprintf(stderr, "Unable to set LDAP version\n"); fprintf(stderr, _("Unable to set LDAP version\n"));
goto fail; goto fail;
} }
@ -203,7 +213,7 @@ connect_ldap(const char *hostname, const char *binddn, const char *bindpw) {
ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &err); ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &err);
if (debug) if (debug)
fprintf(stderr, "Bind failed: %s\n", ldap_err2string(err)); fprintf(stderr, _("Bind failed: %s\n"), ldap_err2string(err));
goto fail; goto fail;
} }
@ -236,7 +246,7 @@ get_root_dn(const char *ipaserver, char **ldap_base)
NULL, NULL, NULL, 0, &res); NULL, NULL, NULL, 0, &res);
if (ret != LDAP_SUCCESS) { if (ret != LDAP_SUCCESS) {
fprintf(stderr, "Search for %s on rootdse failed with error %d", fprintf(stderr, _("Search for %s on rootdse failed with error %d"),
root_attrs[0], ret); root_attrs[0], ret);
rval = 14; rval = 14;
goto done; goto done;
@ -246,7 +256,7 @@ get_root_dn(const char *ipaserver, char **ldap_base)
entry = ldap_first_entry(ld, res); entry = ldap_first_entry(ld, res);
ncvals = ldap_get_values_len(ld, entry, root_attrs[0]); ncvals = ldap_get_values_len(ld, entry, root_attrs[0]);
if (!ncvals) { if (!ncvals) {
fprintf(stderr, "No values for %s", root_attrs[0]); fprintf(stderr, _("No values for %s"), root_attrs[0]);
rval = 14; rval = 14;
goto done; goto done;
} }
@ -288,7 +298,9 @@ get_subject(const char *ipaserver, char *ldap_base, const char **subject)
NULL, NULL, NULL, 0, &res); NULL, NULL, NULL, 0, &res);
if (ret != LDAP_SUCCESS) { if (ret != LDAP_SUCCESS) {
fprintf(stderr, "Search for ipaCertificateSubjectBase failed with error %d", ret); fprintf(stderr,
_("Search for ipaCertificateSubjectBase failed with error %d"),
ret);
rval = 14; rval = 14;
goto done; goto done;
} }
@ -296,7 +308,7 @@ get_subject(const char *ipaserver, char *ldap_base, const char **subject)
entry = ldap_first_entry(ld, res); entry = ldap_first_entry(ld, res);
ncvals = ldap_get_values_len(ld, entry, attrs[0]); ncvals = ldap_get_values_len(ld, entry, attrs[0]);
if (!ncvals) { if (!ncvals) {
fprintf(stderr, "No values for %s", attrs[0]); fprintf(stderr, _("No values for %s"), attrs[0]);
rval = 14; rval = 14;
goto done; goto done;
} }
@ -353,21 +365,25 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha
if (get_root_dn(ipaserver, &ldap_base) != 0) { if (get_root_dn(ipaserver, &ldap_base) != 0) {
if (!quiet) if (!quiet)
fprintf(stderr, "Unable to determine root DN of %s\n", ipaserver); fprintf(stderr, _("Unable to determine root DN of %s\n"),
ipaserver);
rval = 14; rval = 14;
goto done; goto done;
} }
if (get_subject(ipaserver, ldap_base, subject) != 0) { if (get_subject(ipaserver, ldap_base, subject) != 0) {
if (!quiet) if (!quiet)
fprintf(stderr, "Unable to determine certificate subject of %s\n", ipaserver); fprintf(stderr,
_("Unable to determine certificate subject of %s\n"),
ipaserver);
/* Not a critical failure */ /* Not a critical failure */
} }
ld = connect_ldap(ipaserver, NULL, NULL); ld = connect_ldap(ipaserver, NULL, NULL);
if (!ld) { if (!ld) {
if (!quiet) if (!quiet)
fprintf(stderr, "Unable to make an LDAP connection to %s\n", ipaserver); fprintf(stderr, _("Unable to make an LDAP connection to %s\n"),
ipaserver);
rval = 14; rval = 14;
goto done; goto done;
} }
@ -375,26 +391,28 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha
asprintf(&filter, "(fqdn=%s)", hostname); asprintf(&filter, "(fqdn=%s)", hostname);
asprintf(&search_base, "cn=computers,cn=accounts,%s", ldap_base); asprintf(&search_base, "cn=computers,cn=accounts,%s", ldap_base);
if (debug) { if (debug) {
fprintf(stderr, "Searching with %s in %s\n", filter, search_base); fprintf(stderr, _("Searching with %s in %s\n"), filter, search_base);
} }
if ((ret = ldap_search_ext_s(ld, ldap_base, LDAP_SCOPE_SUB, if ((ret = ldap_search_ext_s(ld, ldap_base, LDAP_SCOPE_SUB,
filter, attrs, 0, NULL, NULL, LDAP_NO_LIMIT, filter, attrs, 0, NULL, NULL, LDAP_NO_LIMIT,
LDAP_NO_LIMIT, &result)) != LDAP_SUCCESS) { LDAP_NO_LIMIT, &result)) != LDAP_SUCCESS) {
if (!quiet) if (!quiet)
fprintf(stderr, "ldap_search_ext_s: %s\n", ldap_err2string(ret)); fprintf(stderr, _("ldap_search_ext_s: %s\n"),
ldap_err2string(ret));
rval = 14; rval = 14;
goto ldap_done; goto ldap_done;
} }
e = ldap_first_entry(ld, result); e = ldap_first_entry(ld, result);
if (!e) { if (!e) {
if (!quiet) if (!quiet)
fprintf(stderr, "Unable to find host '%s'\n", hostname); fprintf(stderr, _("Unable to find host '%s'\n"), hostname);
rval = 14; rval = 14;
goto ldap_done; goto ldap_done;
} }
if ((*binddn = ldap_get_dn(ld, e)) == NULL) { if ((*binddn = ldap_get_dn(ld, e)) == NULL) {
if (!quiet) if (!quiet)
fprintf(stderr, "Unable to get binddn for host '%s'\n", hostname); fprintf(stderr,
_("Unable to get binddn for host '%s'\n"), hostname);
rval = 14; rval = 14;
goto ldap_done; goto ldap_done;
} }
@ -406,7 +424,8 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha
*/ */
has_principal = 1; has_principal = 1;
if (debug) if (debug)
fprintf(stderr, "Host already has principal, trying bind anyway\n"); fprintf(stderr,
_("Host already has principal, trying bind anyway\n"));
} }
ldap_value_free_len(ncvals); ldap_value_free_len(ncvals);
@ -420,11 +439,11 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha
if (!ld) { if (!ld) {
if (has_principal) { if (has_principal) {
if (!quiet) if (!quiet)
fprintf(stderr, "Host is already joined.\n"); fprintf(stderr, _("Host is already joined.\n"));
rval = 13; rval = 13;
} else { } else {
if (!quiet) if (!quiet)
fprintf(stderr, "Incorrect password.\n"); fprintf(stderr, _("Incorrect password.\n"));
rval = 15; rval = 15;
} }
goto done; goto done;
@ -435,7 +454,7 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha
if ((rc = ldap_extended_operation_s(ld, JOIN_OID, &valrequest, NULL, NULL, &oidresult, &valresult)) != LDAP_SUCCESS) { if ((rc = ldap_extended_operation_s(ld, JOIN_OID, &valrequest, NULL, NULL, &oidresult, &valresult)) != LDAP_SUCCESS) {
if (!quiet) if (!quiet)
fprintf(stderr, "principal not found in host entry\n"); fprintf(stderr, _("principal not found in host entry\n"));
if (debug) ldap_perror(ld, "ldap_extended_operation_s"); if (debug) ldap_perror(ld, "ldap_extended_operation_s");
rval = 18; rval = 18;
goto ldap_done; goto ldap_done;
@ -542,7 +561,7 @@ join_krb5(const char *ipaserver, char *hostname, const char **hostdn, const char
xmlrpc_DECREF(singleprincP); xmlrpc_DECREF(singleprincP);
} else { } else {
if (!quiet) if (!quiet)
fprintf(stderr, "principal not found in XML-RPC response\n"); fprintf(stderr, _("principal not found in XML-RPC response\n"));
rval = 12; rval = 12;
goto cleanup; goto cleanup;
} }
@ -557,7 +576,7 @@ join_krb5(const char *ipaserver, char *hostname, const char **hostdn, const char
xmlrpc_read_string(&env, singleprincP, &krblastpwdchange); xmlrpc_read_string(&env, singleprincP, &krblastpwdchange);
xmlrpc_DECREF(krblastpwdchangeP); xmlrpc_DECREF(krblastpwdchangeP);
if (!quiet) if (!quiet)
fprintf(stderr, "Host is already joined.\n"); fprintf(stderr, _("Host is already joined.\n"));
rval = 13; rval = 13;
goto cleanup; goto cleanup;
} }
@ -624,7 +643,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
char * conf_data = read_config_file(IPA_CONFIG); char * conf_data = read_config_file(IPA_CONFIG);
if ((ipaserver = getIPAserver(conf_data)) == NULL) { if ((ipaserver = getIPAserver(conf_data)) == NULL) {
if (!quiet) if (!quiet)
fprintf(stderr, "Unable to determine IPA server from %s\n", IPA_CONFIG); fprintf(stderr, _("Unable to determine IPA server from %s\n"),
IPA_CONFIG);
exit(1); exit(1);
} }
free(conf_data); free(conf_data);
@ -639,7 +659,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
if (NULL == strstr(host, ".")) { if (NULL == strstr(host, ".")) {
if (!quiet) if (!quiet)
fprintf(stderr, "The hostname must be fully-qualified: %s\n", host); fprintf(stderr, _("The hostname must be fully-qualified: %s\n"),
host);
rval = 16; rval = 16;
goto cleanup; goto cleanup;
} }
@ -647,14 +668,15 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
krberr = krb5_init_context(&krbctx); krberr = krb5_init_context(&krbctx);
if (krberr) { if (krberr) {
if (!quiet) if (!quiet)
fprintf(stderr, "Unable to join host: Kerberos context initialization failed\n"); fprintf(stderr, _("Unable to join host: "
"Kerberos context initialization failed\n"));
rval = 1; rval = 1;
goto cleanup; goto cleanup;
} }
krberr = krb5_kt_resolve(krbctx, ktname, &keytab); krberr = krb5_kt_resolve(krbctx, ktname, &keytab);
if (krberr != 0) { if (krberr != 0) {
if (!quiet) if (!quiet)
fprintf(stderr, "Error resolving keytab: %s.\n", fprintf(stderr, _("Error resolving keytab: %s.\n"),
error_message(krberr)); error_message(krberr));
rval = 7; rval = 7;
goto cleanup; goto cleanup;
@ -664,8 +686,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
krberr = krb5_parse_name(krbctx, principal, &princ); krberr = krb5_parse_name(krbctx, principal, &princ);
if (krberr != 0) { if (krberr != 0) {
if (!quiet) if (!quiet)
fprintf(stderr, "Error parsing \"%s\": %s.\n", principal, fprintf(stderr, _("Error parsing \"%s\": %s.\n"),
error_message(krberr)); principal, error_message(krberr));
return krberr; return krberr;
} }
strcpy(tgs, KRB5_TGS_NAME); strcpy(tgs, KRB5_TGS_NAME);
@ -682,7 +704,7 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
0, tgs, &gicopts); 0, tgs, &gicopts);
if (krberr != 0) { if (krberr != 0) {
if (!quiet) if (!quiet)
fprintf(stderr, "Error obtaining initial credentials: %s.\n", fprintf(stderr, _("Error obtaining initial credentials: %s.\n"),
error_message(krberr)); error_message(krberr));
return krberr; return krberr;
} }
@ -692,14 +714,16 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
krberr = krb5_cc_initialize(krbctx, ccache, creds.client); krberr = krb5_cc_initialize(krbctx, ccache, creds.client);
} else { } else {
if (!quiet) if (!quiet)
fprintf(stderr, "Unable to generate Kerberos Credential Cache\n"); fprintf(stderr,
_("Unable to generate Kerberos Credential Cache\n"));
rval = 19; rval = 19;
goto cleanup; goto cleanup;
} }
krberr = krb5_cc_store_cred(krbctx, ccache, &creds); krberr = krb5_cc_store_cred(krbctx, ccache, &creds);
if (krberr != 0) { if (krberr != 0) {
if (!quiet) if (!quiet)
fprintf(stderr, "Error storing creds in credential cache: %s.\n", fprintf(stderr,
_("Error storing creds in credential cache: %s.\n"),
error_message(krberr)); error_message(krberr));
return krberr; return krberr;
} }
@ -742,15 +766,15 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
xmlrpc_read_bool(&env, princP, &result); xmlrpc_read_bool(&env, princP, &result);
if (result == 1) { if (result == 1) {
if (!quiet) if (!quiet)
fprintf(stderr, "Unenrollment successful.\n"); fprintf(stderr, _("Unenrollment successful.\n"));
} else { } else {
if (!quiet) if (!quiet)
fprintf(stderr, "Unenrollment failed.\n"); fprintf(stderr, _("Unenrollment failed.\n"));
} }
xmlrpc_DECREF(princP); xmlrpc_DECREF(princP);
} else { } else {
fprintf(stderr, "result not found in XML-RPC response\n"); fprintf(stderr, _("result not found in XML-RPC response\n"));
rval = 20; rval = 20;
goto cleanup; goto cleanup;
} }
@ -796,7 +820,8 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k
} else { } else {
char * conf_data = read_config_file(IPA_CONFIG); char * conf_data = read_config_file(IPA_CONFIG);
if ((ipaserver = getIPAserver(conf_data)) == NULL) { if ((ipaserver = getIPAserver(conf_data)) == NULL) {
fprintf(stderr, "Unable to determine IPA server from %s\n", IPA_CONFIG); fprintf(stderr, _("Unable to determine IPA server from %s\n"),
IPA_CONFIG);
exit(1); exit(1);
} }
free(conf_data); free(conf_data);
@ -810,7 +835,7 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k
} }
if (NULL == strstr(host, ".")) { if (NULL == strstr(host, ".")) {
fprintf(stderr, "The hostname must be fully-qualified: %s\n", host); fprintf(stderr, _("The hostname must be fully-qualified: %s\n"), host);
rval = 16; rval = 16;
goto cleanup; goto cleanup;
} }
@ -820,20 +845,23 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k
else { else {
krberr = krb5_init_context(&krbctx); krberr = krb5_init_context(&krbctx);
if (krberr) { if (krberr) {
fprintf(stderr, "Unable to join host: Kerberos context initialization failed\n"); fprintf(stderr, _("Unable to join host: "
"Kerberos context initialization failed\n"));
rval = 1; rval = 1;
goto cleanup; goto cleanup;
} }
krberr = krb5_cc_default(krbctx, &ccache); krberr = krb5_cc_default(krbctx, &ccache);
if (krberr) { if (krberr) {
fprintf(stderr, "Unable to join host: Kerberos Credential Cache not found\n"); fprintf(stderr, _("Unable to join host:"
" Kerberos Credential Cache not found\n"));
rval = 5; rval = 5;
goto cleanup; goto cleanup;
} }
krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc); krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc);
if (krberr) { if (krberr) {
fprintf(stderr, "Unable to join host: Kerberos User Principal not found and host password not provided.\n"); fprintf(stderr, _("Unable to join host: Kerberos User Principal "
"not found and host password not provided.\n"));
rval = 6; rval = 6;
goto cleanup; goto cleanup;
} }
@ -846,7 +874,7 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k
childpid = fork(); childpid = fork();
if (childpid < 0) { if (childpid < 0) {
fprintf(stderr, "fork() failed\n"); fprintf(stderr, _("fork() failed\n"));
rval = 1; rval = 1;
goto cleanup; goto cleanup;
} }
@ -874,15 +902,16 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k
err = execv(path, argv); err = execv(path, argv);
if (err == -1) { if (err == -1) {
switch(errno) { switch(errno) {
case ENOENT: case ENOENT:
fprintf(stderr, "ipa-getkeytab not found\n"); fprintf(stderr, _("ipa-getkeytab not found\n"));
break; break;
case EACCES: case EACCES:
fprintf(stderr, "ipa-getkeytab has bad permissions?\n"); fprintf(stderr, _("ipa-getkeytab has bad permissions?\n"));
break; break;
default: default:
fprintf(stderr, "executing ipa-getkeytab failed, errno %d\n", errno); fprintf(stderr, _("executing ipa-getkeytab failed, "
break; "errno %d\n"), errno);
break;
} }
} }
} else { } else {
@ -892,13 +921,13 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k
if WIFEXITED(status) { if WIFEXITED(status) {
rval = WEXITSTATUS(status); rval = WEXITSTATUS(status);
if (rval != 0) { if (rval != 0) {
fprintf(stderr, "child exited with %d\n", rval); fprintf(stderr, _("child exited with %d\n"), rval);
} }
} }
cleanup: cleanup:
if (NULL != subject) if (NULL != subject)
fprintf(stderr, "Certificate subject base is: %s\n", subject); fprintf(stderr, _("Certificate subject base is: %s\n"), subject);
free((char *)princ); free((char *)princ);
free((char *)subject); free((char *)subject);
@ -930,19 +959,31 @@ main(int argc, char **argv) {
int quiet = 0; int quiet = 0;
int unenroll = 0; int unenroll = 0;
struct poptOption options[] = { struct poptOption options[] = {
{ "debug", 'd', POPT_ARG_NONE, &debug, 0, "Print the raw XML-RPC output", "XML-RPC debugging Output"}, { "debug", 'd', POPT_ARG_NONE, &debug, 0,
{ "quiet", 'q', POPT_ARG_NONE, &quiet, 0, "Print as little as possible", "Output only on errors"}, _("Print the raw XML-RPC output"), _("XML-RPC debugging Output") },
{ "unenroll", 'u', POPT_ARG_NONE, &unenroll, 0, "Unenroll this host", "Unenroll this host from IPA server" }, { "quiet", 'q', POPT_ARG_NONE, &quiet, 0,
{ "hostname", 'h', POPT_ARG_STRING, &hostname, 0, "Use this hostname instead of the node name", "Host Name" }, _("Print as little as possible"), _("Output only on errors") },
{ "server", 's', POPT_ARG_STRING, &server, 0, "IPA Server to use", "IPA Server Name" }, { "unenroll", 'u', POPT_ARG_NONE, &unenroll, 0,
{ "keytab", 'k', POPT_ARG_STRING, &keytab, 0, "File were to store the keytab information", "Keytab File Name" }, _("Unenroll this host"), _("Unenroll this host from IPA server") },
{ "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0, "LDAP password", "password to use if not using kerberos" }, { "hostname", 'h', POPT_ARG_STRING, &hostname, 0,
POPT_AUTOHELP _("Use this hostname instead of the node name"), _("Host Name") },
POPT_TABLEEND { "server", 's', POPT_ARG_STRING, &server, 0,
_("IPA Server to use"), _("IPA Server Name") },
{ "keytab", 'k', POPT_ARG_STRING, &keytab, 0,
_("File were to store the keytab information"), _("Keytab File Name") },
{ "bindpw", 'w', POPT_ARG_STRING, &bindpw, 0,
_("LDAP password"), _("password to use if not using kerberos") },
POPT_AUTOHELP
POPT_TABLEEND
}; };
poptContext pc; poptContext pc;
int ret; int ret;
ret = init_gettext();
if (ret) {
exit(2);
}
pc = poptGetContext("ipa-join", argc, (const char **)argv, options, 0); pc = poptGetContext("ipa-join", argc, (const char **)argv, options, 0);
ret = poptGetNextOpt(pc); ret = poptGetNextOpt(pc);
if (ret != -1) { if (ret != -1) {

82
ipa-client/ipa-rmkeytab.c
View File

@ -25,6 +25,11 @@
#include <popt.h> #include <popt.h>
#include <errno.h> #include <errno.h>
#include "config.h"
#include <libintl.h>
#define _(STRING) gettext(STRING)
int int
remove_principal(krb5_context context, krb5_keytab ktid, const char *principal, int debug) remove_principal(krb5_context context, krb5_keytab ktid, const char *principal, int debug)
{ {
@ -36,9 +41,10 @@ remove_principal(krb5_context context, krb5_keytab ktid, const char *principal,
memset(&entry, 0, sizeof(entry)); memset(&entry, 0, sizeof(entry));
krberr = krb5_parse_name(context, principal, &entry.principal); krberr = krb5_parse_name(context, principal, &entry.principal);
if (krberr) { if (krberr) {
fprintf(stderr, "Unable to parse principal name\n"); fprintf(stderr, _("Unable to parse principal name\n"));
if (debug) if (debug)
fprintf(stderr, "krb5_parse_name %d: %s\n", krberr, error_message(krberr)); fprintf(stderr, _("krb5_parse_name %d: %s\n"),
krberr, error_message(krberr));
rval = 4; rval = 4;
goto done; goto done;
} }
@ -47,7 +53,7 @@ remove_principal(krb5_context context, krb5_keytab ktid, const char *principal,
* irrespective of the encryption type. A failure to find one after the * irrespective of the encryption type. A failure to find one after the
* first means we're done. * first means we're done.
*/ */
fprintf(stderr, "Removing principal %s\n", principal); fprintf(stderr, _("Removing principal %s\n"), principal);
while (1) { while (1) {
memset(&entry2, 0, sizeof(entry2)); memset(&entry2, 0, sizeof(entry2));
krberr = krb5_kt_get_entry(context, ktid, krberr = krb5_kt_get_entry(context, ktid,
@ -60,23 +66,25 @@ remove_principal(krb5_context context, krb5_keytab ktid, const char *principal,
/* not found but we've removed some, we're done */ /* not found but we've removed some, we're done */
break; break;
if (krberr == ENOENT) { if (krberr == ENOENT) {
fprintf(stderr, "Failed to open keytab\n"); fprintf(stderr, _("Failed to open keytab\n"));
rval = 3; rval = 3;
goto done; goto done;
} }
fprintf(stderr, "principal not found\n"); fprintf(stderr, _("principal not found\n"));
if (debug) if (debug)
fprintf(stderr, "krb5_kt_get_entry %d: %s\n", krberr, error_message(krberr)); fprintf(stderr, _("krb5_kt_get_entry %d: %s\n"),
krberr, error_message(krberr));
rval = 5; rval = 5;
break; break;
} }
krberr = krb5_kt_remove_entry(context, ktid, &entry2); krberr = krb5_kt_remove_entry(context, ktid, &entry2);
if (krberr) { if (krberr) {
fprintf(stderr, "Unable to remove entry\n"); fprintf(stderr, _("Unable to remove entry\n"));
if (debug) { if (debug) {
fprintf(stdout, "kvno %d\n", entry2.vno); fprintf(stdout, _("kvno %d\n"), entry2.vno);
fprintf(stderr, "krb5_kt_remove_entry %d: %s\n", krberr, error_message(krberr)); fprintf(stderr, _("krb5_kt_remove_entry %d: %s\n"),
krberr, error_message(krberr));
} }
rval = 6; rval = 6;
break; break;
@ -108,9 +116,10 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu
while (krb5_kt_next_entry(context, ktid, &entry, &kt_cursor) == 0) { while (krb5_kt_next_entry(context, ktid, &entry, &kt_cursor) == 0) {
krberr = krb5_unparse_name(context, entry.principal, &entry_princ_s); krberr = krb5_unparse_name(context, entry.principal, &entry_princ_s);
if (krberr) { if (krberr) {
fprintf(stderr, "Unable to parse principal\n"); fprintf(stderr, _("Unable to parse principal\n"));
if (debug) { if (debug) {
fprintf(stderr, "krb5_unparse_name %d: %s\n", krberr, error_message(krberr)); fprintf(stderr, _("krb5_unparse_name %d: %s\n"),
krberr, error_message(krberr));
} }
rval = 4; rval = 4;
goto done; goto done;
@ -134,6 +143,30 @@ done:
return rval; return rval;
} }
int init_gettext(void)
{
char *c;
c = setlocale(LC_ALL, "");
if (!c) {
return EIO;
}
errno = 0;
c = bindtextdomain(PACKAGE, LOCALEDIR);
if (c == NULL) {
return errno;
}
errno = 0;
c = textdomain(PACKAGE);
if (c == NULL) {
return errno;
}
return 0;
}
int int
main(int argc, char **argv) main(int argc, char **argv)
{ {
@ -149,19 +182,29 @@ main(int argc, char **argv)
int debug = 0; int debug = 0;
int ret, rval; int ret, rval;
struct poptOption options[] = { struct poptOption options[] = {
{ "debug", 'd', POPT_ARG_NONE, &debug, 0, "Print debugging information", "Debugging output" }, { "debug", 'd', POPT_ARG_NONE, &debug, 0,
{ "principal", 'p', POPT_ARG_STRING, &principal, 0, "The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)", "Kerberos Service Principal Name" }, _("Print debugging information"), _("Debugging output") },
{ "keytab", 'k', POPT_ARG_STRING, &keytab, 0, "File were to store the keytab information", "Keytab File Name" }, { "principal", 'p', POPT_ARG_STRING, &principal, 0,
{ "realm", 'r', POPT_ARG_STRING, &realm, 0, "Remove all principals in this realm", "Realm name" }, _("The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)"),
_("Kerberos Service Principal Name") },
{ "keytab", 'k', POPT_ARG_STRING, &keytab, 0,
_("File were to store the keytab information"), _("Keytab File Name") },
{ "realm", 'r', POPT_ARG_STRING, &realm, 0,
_("Remove all principals in this realm"), _("Realm name") },
POPT_AUTOHELP POPT_AUTOHELP
POPT_TABLEEND POPT_TABLEEND
}; };
ret = init_gettext();
if (ret) {
exit(1);
}
memset(&ktid, 0, sizeof(ktid)); memset(&ktid, 0, sizeof(ktid));
krberr = krb5_init_context(&context); krberr = krb5_init_context(&context);
if (krberr) { if (krberr) {
fprintf(stderr, "Kerberos context initialization failed\n"); fprintf(stderr, _("Kerberos context initialization failed\n"));
exit(1); exit(1);
} }
@ -195,7 +238,7 @@ main(int argc, char **argv)
krberr = krb5_kt_resolve(context, ktname, &ktid); krberr = krb5_kt_resolve(context, ktname, &ktid);
if (krberr) { if (krberr) {
fprintf(stderr, "Failed to open keytab '%s'\n", keytab); fprintf(stderr, _("Failed to open keytab '%s'\n"), keytab);
rval = 3; rval = 3;
goto cleanup; goto cleanup;
} }
@ -209,9 +252,10 @@ cleanup:
if (rval == 0 || rval > 3) { if (rval == 0 || rval > 3) {
krberr = krb5_kt_close(context, ktid); krberr = krb5_kt_close(context, ktid);
if (krberr) { if (krberr) {
fprintf(stderr, "Closing keytab failed\n"); fprintf(stderr, _("Closing keytab failed\n"));
if (debug) if (debug)
fprintf(stderr, "krb5_kt_close %d: %s\n", krberr, error_message(krberr)); fprintf(stderr, _("krb5_kt_close %d: %s\n"),
krberr, error_message(krberr));
} }
} }