From: Tom Yu Date: Thu, 16 Oct 2014 19:40:33 +0000 (-0400) Subject: Parse "ktadd -norandkey" in remote kadmin client X-Git-Tag: krb5-1.12.3-final~12 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=590e8da448d038c26b1b30019800f6cef1d40a72;p=thirdparty%2Fkrb5.git Parse "ktadd -norandkey" in remote kadmin client The remote kadmin client would not parse the "-norandkey" option to the ktadd subcommand, terminating option parsing and possibly causing options to be interpreted as principal names. (cherry picked from commit 13e9694b17945d43d0cfc203b2645204f2d87086) ticket: 8131 (new) version_fixed: 1.12.3 status: resolved --- diff --git a/src/kadmin/cli/keytab.c b/src/kadmin/cli/keytab.c index 6d7288feb9..580787998c 100644 --- a/src/kadmin/cli/keytab.c +++ b/src/kadmin/cli/keytab.c @@ -52,9 +52,7 @@ static char *etype_string(krb5_enctype enctype); static int quiet; -#ifdef KADMIN_LOCAL static int norandkey; -#endif static void add_usage() @@ -135,9 +133,7 @@ kadmin_keytab_add(int argc, char **argv) argc--; argv++; quiet = 0; -#ifdef KADMIN_LOCAL norandkey = 0; -#endif while (argc) { if (strncmp(*argv, "-k", 2) == 0) { argc--; argv++; @@ -148,9 +144,13 @@ kadmin_keytab_add(int argc, char **argv) keytab_str = *argv; } else if (strcmp(*argv, "-q") == 0) { quiet++; -#ifdef KADMIN_LOCAL } else if (strcmp(*argv, "-norandkey") == 0) { +#ifdef KADMIN_LOCAL norandkey++; +#else + fprintf(stderr, + _("-norandkey option only valid for kadmin.local\n")); + return; #endif } else if (strcmp(*argv, "-e") == 0) { argc--; @@ -176,13 +176,11 @@ kadmin_keytab_add(int argc, char **argv) return; } -#ifdef KADMIN_LOCAL if (norandkey && ks_tuple) { fprintf(stderr, _("cannot specify keysaltlist when not changing key\n")); return; } -#endif if (process_keytab(context, &keytab_str, &keytab)) return;