Make kinit smarter about using keytabs

Previously, we would happily accept -i or -t name and do nothing
with it, if -k was not given.  If the user is passing -i or -t, they
clearly want to use a keytab, so do so (but print a warning).

While here, enforce that only one of -t and -i is given.

ticket: 7218
tags: pullup
target_version: 1.11

diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c
index ac204c1d07f5133f88c208a2fb51e3a593233c72..71a2fec5861848805eea9ba7a8a91f4088cf5687 100644 (file)
--- a/src/clients/kinit/kinit.c
+++ b/src/clients/kinit/kinit.c
@@ -434,6 +434,17 @@ parse_options(argc, argv, opts)
         fprintf(stderr, _("Only one of -a and -A allowed\n"));
         errflg++;
     }
+    if (opts->keytab_name != NULL && opts->use_client_keytab == 1)
+    {
+        fprintf(stderr, _("Only one of -t and -i allowed\n"));
+        errflg++;
+    }
+    if ((opts->keytab_name != NULL || opts->use_client_keytab == 1) &&
+        opts->action != INIT_KT)
+    {
+        opts->action = INIT_KT;
+        fprintf(stderr, _("keytab specified, forcing -k\n"));
+    }
 
     if (argc - optind > 1) {
         fprintf(stderr, _("Extra arguments (starting with \"%s\").\n"),