X-Git-Url: https://snippets.scripts.mit.edu/gitweb.cgi/Scripts/git/.git/blobdiff_plain/fc9ab391a52dce801a9aa3568400d10b584b0eda..refs/heads/master:/kerberos/kdo

diff --git a/kerberos/kdo b/kerberos/kdo
index 059612e..b171c4b 100644
--- a/kerberos/kdo
+++ b/kerberos/kdo
@@ -24,7 +24,7 @@
 # interface to multiple credential caches by defining two functions:
 #
 #  - kcaches::
-#      Print one line per current credential cache of the form "<KRB5CCNAME> <PRINCIPAL>" 
+#      Print one line per current credential cache of the form "<PRINCIPAL> <KRB5CCNAME>"
 #  - knewcache::
 #      Without changing the current credentials cache, get credentials
 #      for the principal in $1, passing the remaining arguments to
@@ -40,15 +40,15 @@
 # CONFIGURATION
 kdo_args=(-l15m -r60m -F)
 
-# CC interface for OS X
-if [ "Darwin" = "$(uname)" ]; then
+# CC interface for OS X or modern MIT krb5
+if type kswitch &>/dev/null; then
     kcaches () {
-        klist -A | awk '/^Kerberos 5 ticket cache:/ {cache = $5; princline=NR+1} NR==princline {print substr(cache, 2, length(cache)-2), $3}'
+        klist -A | perl -ne '$cache = $1 if /^(?:Kerberos 5 ticket|Ticket|Credentials) cache: '\''?(.*)'\''?/; print "$1 $cache\n" if /^(?:Default p|P)rincipal: (.*)$/'
     }
 
     knewcache () {
         princ="$1"; shift
-        local oldcache="$(klist | grep 'Kerberos 5 ticket cache' | cut -f 2 -d "'")"
+        local oldcache="$(klist | perl -ne 'print $1 if /^(?:Kerberos 5 ticket|Ticket|Credentials) cache: '\''?(.*)'\''?/')"
         # " # <-- emacs thinks there's an unbalanced " on the previous line.
         kinit "$@" "$princ" || return 1
         cache="$(kfindcache "$princ")"
@@ -64,9 +64,9 @@ fi
 
 # If kcaches and knewcache have been defined for this platform, then
 # setup kdo. Otherwise, add a helpful error.
-if hash kcaches &>/dev/null && hash knewcache &>/dev/null; then
+if type kcaches &>/dev/null && type knewcache &>/dev/null; then
     kfindcache () {
-        kcaches | fgrep "$1" | awk '{print $1}'
+        kcaches | fgrep "$1" | cut -d' ' -f2-
     }
 
     kdo () {
@@ -76,7 +76,7 @@ if hash kcaches &>/dev/null && hash knewcache &>/dev/null; then
         # destroy that cache so we don't try to use it again and clear
         # $cache so that we'll revert to acquiring a new set of
         # tickets
-        if [ -n "$cache" ] && ! klist -s "$cache"; then
+        if [ -n "$cache" ] && ! (KRB5CCNAME="$cache" klist -s); then
             KRB5CCNAME="$cache" kdestroy
             cache=""
         fi
@@ -90,7 +90,7 @@ if hash kcaches &>/dev/null && hash knewcache &>/dev/null; then
         local cur
         COMPREPLY=()
         cur="${COMP_WORDS[COMP_CWORD]}"
-        opts="$(kcaches | awk '{ print $2 }')"
+        opts="$(kcaches | awk '{ print $1 }')"
         case $COMP_CWORD in
             1)
                 COMPREPLY=($(compgen -W "${opts}" -- "${cur}"))
@@ -99,20 +99,21 @@ if hash kcaches &>/dev/null && hash knewcache &>/dev/null; then
                 COMPREPLY=($(compgen -c -- "${cur}"))
         esac
     }
-    complete -o bashdefault -F _kdo kdo
+    if type complete &>/dev/null; then
+        complete -o bashdefault -F _kdo kdo
+    fi
 
-    krootssh () {
-        kdo ${ATHENA_USER:-$USER}/root@ATHENA.MIT.EDU ssh -o GSSAPIDelegateCredentials=no "$@"
-    }
 else
     kdo () {
         echo "kdo has not been ported to this platform yet." >&2
         return 1
     }
-
-    krootssh () {
-        echo "kdo has not been ported to this plastform yet." >&2
-        return 1
-    }
 fi
 
+krootssh () {
+    kdo ${ATHENA_USER:-$USER}/root@ATHENA.MIT.EDU ssh -o GSSAPIDelegateCredentials=no "$@"
+}
+
+krootscp () {
+    kdo ${ATHENA_USER:-$USER}/root@ATHENA.MIT.EDU scp -o GSSAPIDelegateCredentials=no "$@"
+}