[krbdev.mit.edu #8535] kinit from keytab fails when principal contains a backslash
Anand Patil via RT
rt-comment at krbdev.mit.edu
Fri Jan 6 17:35:23 EST 2017
Thanks, Greg, sorry for the mis-report!
On Fri, Jan 6, 2017 at 4:27 PM Greg Hudson via RT <rt-comment at krbdev.mit.edu>
wrote:
> In step three, the shell eats one of the backslash characters before
> kinit sees it, so kinit parses the principal name
> "anand\slash at DOMAIN". "\s" is parsed as just "s" (since it is not one
> of the special sequences "\n", "\t", "\b", or "\0" which map to
> newline, tab, bell, and nul), so the result of parsing is the same as
> just "anandslash at DOMAIN".
>
> If you put single quotes around the principal name in the shell line
> like this:
>
> kinit -k -t /tmp/slash.keytab -p 'anand\\slash at DOMAIN'
>
> then it should work, or does in my tests just now.
>
> (Incidentally, the -p flag requests proxiable tickets, which is not
> common usage. You don't need to specify any particular option just to
> give a principal name on the command line.)
>
More information about the krb5-bugs
mailing list