Make salt defaulting work for keysalts

Make krb5_string_to_keysalts() default to only ":" as a key:salt
separator character.  Change most of its callers to pass NULL so they
get the default separators.

Adapted from a patch proposed by Jon Looney.

ticket: 884

diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c
index f5ca8adf301198d754b8a07a3ce7ee3ae599adc5..733e784c929ee6046150cae99581f1b890997a98 100644 (file)
--- a/src/kadmin/cli/kadmin.c
+++ b/src/kadmin/cli/kadmin.c
@@ -337,7 +337,7 @@ kadmin_startup(int argc, char *argv[])
             params.mask |= KADM5_CONFIG_MKEY_FROM_KBD;
             break;
         case 'e':
-            retval = krb5_string_to_keysalts(optarg, ", \t", ":.-", 0,
+            retval = krb5_string_to_keysalts(optarg, NULL, NULL, 0,
                                              &params.keysalts,
                                              &params.num_keysalts);
             if (retval) {
@@ -788,7 +788,7 @@ kadmin_cpw(int argc, char *argv[])
                 cpw_usage(_("change_password: missing keysaltlist arg"));
                 goto cleanup;
             }
-            retval = krb5_string_to_keysalts(*++argv, ", \t", ":.-", 0,
+            retval = krb5_string_to_keysalts(*++argv, NULL, NULL, 0,
                                              &ks_tuple, &n_ks_tuple);
             if (retval) {
                 com_err("change_password", retval,
@@ -1068,7 +1068,7 @@ kadmin_parse_princ_args(int argc, char *argv[], kadm5_principal_ent_t oprinc,
         if (!strcmp("-e", argv[i])) {
             if (++i > argc - 2)
                 return -1;
-            retval = krb5_string_to_keysalts(argv[i], ", \t", ":.-", 0,
+            retval = krb5_string_to_keysalts(argv[i], NULL, NULL, 0,
                                              ks_tuple, n_ks_tuple);
             if (retval) {
                 com_err(caller, retval, _("while parsing keysalts %s"),
@@ -1616,7 +1616,7 @@ kadmin_parse_policy_args(int argc, char *argv[], kadm5_policy_ent_t policy,
             if (++i > argc - 2)
                 return -1;
             if (strcmp(argv[i], "-")) {
-                retval = krb5_string_to_keysalts(argv[i], ",", ":.-", 0,
+                retval = krb5_string_to_keysalts(argv[i], ",", NULL, 0,
                                                  &ks_tuple, &n_ks_tuple);
                 if (retval) {
                     com_err(caller, retval, _("while parsing keysalts %s"),

diff --git a/src/kadmin/cli/keytab.c b/src/kadmin/cli/keytab.c
index 6d7288feb9f21e0b232119de9a5e5be6f34f9fe7..cd52da58b2da9f189e05b71393ed652c12a4a907 100644 (file)
--- a/src/kadmin/cli/keytab.c
+++ b/src/kadmin/cli/keytab.c
@@ -158,7 +158,7 @@ kadmin_keytab_add(int argc, char **argv)
                 add_usage();
                 return;
             }
-            retval = krb5_string_to_keysalts(*++argv, ", \t", ":.-", 0,
+            retval = krb5_string_to_keysalts(*++argv, NULL, NULL, 0,
                                              &ks_tuple, &n_ks_tuple);
             if (retval) {
                 com_err("ktadd", retval, _("while parsing keysalts %s"),

diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c
index f12c6853bed5540841c4b2c5dc2c3b367109f250..b7816472876599f8a30df07d6510a848c2a24db5 100644 (file)
--- a/src/kadmin/dbutil/kdb5_util.c
+++ b/src/kadmin/dbutil/kdb5_util.c
@@ -586,7 +586,7 @@ add_random_key(argc, argv)
         return;
     }
     ret = krb5_string_to_keysalts(ks_str,
-                                  ", \t", ":.-", 0,
+                                  NULL, NULL, 0,
                                   &keysalts,
                                   &num_keysalts);
     if (ret) {

diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index bd1b8c82a6ffe51644fe119b78223ef2abd7ac9e..09be1efdadae9e99f557f082d02c8cf0cde41f6e 100644 (file)
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -727,8 +727,8 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
         params.keysalts = NULL;
         params.num_keysalts = 0;
         krb5_string_to_keysalts(svalue,
-                                ", \t", /* Tuple separators */
-                                ":.-",  /* Key/salt separators */
+                                NULL, /* Tuple separators */
+                                NULL, /* Key/salt separators */
                                 0,      /* No duplicates */
                                 &params.keysalts,
                                 &params.num_keysalts);

diff --git a/src/lib/kadm5/srv/svr_policy.c b/src/lib/kadm5/srv/svr_policy.c
index 1f794e41b18557d29501f35b056395e4505aa7b9..dfb31832ee8d9307e025ffacace7c513dc8fde7a 100644 (file)
--- a/src/lib/kadm5/srv/svr_policy.c
+++ b/src/lib/kadm5/srv/svr_policy.c
@@ -27,7 +27,7 @@ validate_allowed_keysalts(const char *allowed_keysalts)
 
     if (strchr(allowed_keysalts, '\t') != NULL)
         return KADM5_BAD_KEYSALTS;
-    ret = krb5_string_to_keysalts(allowed_keysalts, ",", ":.-", 0,
+    ret = krb5_string_to_keysalts(allowed_keysalts, ",", NULL, 0,
                                   &ks_tuple, &n_ks_tuple);
     free(ks_tuple);
     if (ret == EINVAL)

diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index 7681636a73dba1041226e29f9960bd33e7794be3..bc66d5c74e1b14cdc72a759fac159554ffad8b04 100644 (file)
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -256,8 +256,8 @@ apply_keysalt_policy(kadm5_server_handle_t handle, const char *policy,
     }
 
     ret = krb5_string_to_keysalts(polent.allowed_keysalts,
-                                  ", ",  /* Tuple separators */
-                                  ":.-", /* Key/salt separators */
+                                  ",",   /* Tuple separators */
+                                  NULL,  /* Key/salt separators */
                                   0,     /* No duplicates */
                                   &ak_ks_tuple,
                                   &ak_n_ks_tuple);

diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c
index 00d61f5603448313aa30c41ac0f558628936451a..83d081e78ba34a9f16e2a747db290fa415f48f14 100644 (file)
--- a/src/lib/kadm5/str_conv.c
+++ b/src/lib/kadm5/str_conv.c
@@ -57,7 +57,7 @@ struct flags_lookup_entry {
  */
 
 static const char default_tupleseps[]   = ", \t";
-static const char default_ksaltseps[]   = ":.";
+static const char default_ksaltseps[]   = ":";
 
 /* Keytype strings */
 /* Flags strings */