package Heimdal::Kadm5;
use strict;
+no strict qw(refs);
+
use Carp;
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK $AUTOLOAD);
# @Heimdal::Kadm5::Principal::ISA = qw(Heimdal::Kadm5::SPrincipal);
use POSIX qw(strftime);
+use Time::Seconds;
sub _sec2date { $_[0] ? strftime "%Y-%m-%d %T UTC", gmtime($_[0]): 'never'; }
-sub _attr2str { }
+# Convert seconds into a days and weeks format for ticket lifetime and
+# maximum lifetime.
+# TODO: This assumes you have an even number of days, and will fail at
+# anything like '25 hours'. The handling should be improved.
+sub _sec2days {
+ my $seconds = shift;
+ my $val = Time::Seconds->new($seconds);
+ my $str = '';
+ if ($val->weeks >= 1) {
+ if ($val->weeks == 1) {
+ $str = $val->weeks . ' week';
+ } else {
+ $str = $val->weeks . ' weeks';
+ }
+ }
+ if ($val->days % 7 == 0) {
+ return $str;
+ } else {
+ $str .= ', ' if $str;
+ return $str . $val->days . ' day' if $val->days == 1;
+ return $str . $val->days.' days';
+ }
+}
+
+# Given an attribute bitmask, convert it into a string of attribute text.
+sub _attr2str {
+ my $mask = shift;
+ my @attrs = ();
+ my @possible = ('KRB5_KDB_DISALLOW_ALL_TIX',
+ 'KRB5_KDB_DISALLOW_DUP_SKEY',
+ 'KRB5_KDB_DISALLOW_FORWARDABLE',
+ 'KRB5_KDB_DISALLOW_POSTDATED',
+ 'KRB5_KDB_DISALLOW_PROXIABLE',
+ 'KRB5_KDB_DISALLOW_RENEWABLE',
+ 'KRB5_KDB_DISALLOW_SVR',
+ 'KRB5_KDB_DISALLOW_TGT_BASED',
+ 'KRB5_KDB_NEW_PRINC',
+ 'KRB5_KDB_REQUIRES_HW_AUTH',
+ 'KRB5_KDB_REQUIRES_PRE_AUTH',
+ 'KRB5_KDB_REQUIRES_PWCHANGE',
+ 'KRB5_KDB_SUPPORT_DESMD5',
+ );
+
+ foreach my $test (@possible) {
+ push (@attrs, $test) if $mask & &{"Heimdal::Kadm5::$test"}();
+ }
+ return join (', ', sort @attrs);
+}
-# TODO: Test new format.
-# TODO: Convert bitmap of attributes to a string.
-# TODO: Convert seconds to days/week format for Max ticket/renewable life.
sub dump
{
my $sp = shift;
_sec2date($sp->getPwExpiration);
printf $io "%21s: %s\n", 'Last password change',
_sec2date($sp->getLastPwdChange);
- printf $io "%21s: %d seconds\n", 'Max ticket life', $sp->getMaxLife;
- printf $io "%21s: %d seconds\n", 'Max renewable life',
- $sp->getMaxRenewableLife;
+ printf $io "%21s: %s\n", 'Max ticket life',
+ _sec2days($sp->getMaxLife);
+ printf $io "%21s: %s\n", 'Max renewable life',
+ _sec2days($sp->getMaxRenewableLife);
printf $io "%21s: %s\n", 'Kvno', $sp->getKvno;
printf $io "%21s: %s\n", 'Mkvno', $sp->getMKvno;
printf $io "%21s: %s\n", 'Last successful login',
printf $io "%21s: %d\n", 'Failed login count', $sp->getFailAuthCounts;
printf $io "%21s: %s\n", 'Last modified', _sec2date($sp->getModDate);
printf $io "%21s: %s\n", 'Modifier', $sp->getModName;
- printf $io "%21s: %s\n", 'Attributes', $sp->getAttributes;
+ printf $io "%21s: %s\n", 'Attributes', _attr2str($sp->getAttributes);
my @keys;
foreach my $kt (@{$sp->getKeytypes})
{