krb5 commit: Make kinit smarter about using keytabs
Benjamin Kaduk
kaduk at MIT.EDU
Fri Nov 16 12:15:12 EST 2012
https://github.com/krb5/krb5/commit/cfd85f4130e015bf823a745438e87641f9ead49e
commit cfd85f4130e015bf823a745438e87641f9ead49e
Author: Ben Kaduk <kaduk at mit.edu>
Date: Thu Sep 27 12:46:26 2012 -0400
Make kinit smarter about using keytabs
Previously, we would happily accept -i or -t name and do nothing
with it, if -k was not given. If the user is passing -i or -t, they
clearly want to use a keytab, so do so (but print a warning).
While here, enforce that only one of -t and -i is given.
ticket: 7218
tags: pullup
target_version: 1.11
src/clients/kinit/kinit.c | 11 +++++++++++
1 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c
index ac204c1..71a2fec 100644
--- a/src/clients/kinit/kinit.c
+++ b/src/clients/kinit/kinit.c
@@ -434,6 +434,17 @@ parse_options(argc, argv, opts)
fprintf(stderr, _("Only one of -a and -A allowed\n"));
errflg++;
}
+ if (opts->keytab_name != NULL && opts->use_client_keytab == 1)
+ {
+ fprintf(stderr, _("Only one of -t and -i allowed\n"));
+ errflg++;
+ }
+ if ((opts->keytab_name != NULL || opts->use_client_keytab == 1) &&
+ opts->action != INIT_KT)
+ {
+ opts->action = INIT_KT;
+ fprintf(stderr, _("keytab specified, forcing -k\n"));
+ }
if (argc - optind > 1) {
fprintf(stderr, _("Extra arguments (starting with \"%s\").\n"),
More information about the cvs-krb5
mailing list