On Tue, 2011-05-03 at 08:30 -0400, Simo Sorce wrote:
> On Mon, 2011-05-02 at 11:04 +0200, Martin Kosek wrote:
> > diff --git a/ipa-client/ipa-rmkeytab.c b/ipa-client/ipa-rmkeytab.c
> > index
> > 8afa9e1c4ea822554af436bf4644d717d922f56e..73a74070cf696f1e2b9fe3c8374446b68cc48441
> > 100644
> > --- a/ipa-client/ipa-rmkeytab.c
> > +++ b/ipa-client/ipa-rmkeytab.c
> > @@ -108,6 +108,7 @@ remove_realm(krb5_context context, krb5_keytab
> > ktid, const char *realm, int debu
> > krb5_kt_cursor kt_cursor;
> > char * entry_princ_s = NULL;
> > int rval = 0;
> > + char realm_found = FALSE;
>
> -----^^^^^---------------^^^^^^--
>
> > krberr = krb5_kt_start_seq_get(context, ktid, &kt_cursor);
> > memset(&entry, 0, sizeof(entry));
> > @@ -128,6 +129,7 @@ remove_realm(krb5_context context, krb5_keytab
> > ktid, const char *realm, int debu
> > krb5_kt_end_seq_get(context, ktid, &kt_cursor);
> >
> > if (strstr(entry_princ_s, realm) != NULL) {
> > + realm_found = TRUE;
>
> ---------------------------^^^^^^^
>
> > rval = remove_principal(context, ktid, entry_princ_s,
> > debug);
> > if (rval != 0)
> > goto done;
> > @@ -136,6 +138,11 @@ remove_realm(krb5_context context, krb5_keytab
> > ktid, const char *realm, int debu
> > }
> > }
>
> Nack, please use 'bool', 'false' and 'true' here, not 'char' and
> uppercase boolean value names.
>
> Simo.
>
OK. Fixed patch attached.
Martin
>From fae7b4a5545c28a57ecabe78ab62571538d49211 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Mon, 2 May 2011 10:52:20 +0200
Subject: [PATCH] Bad return values for ipa-rmkeytab command
ipa-rmkeytab returns success even when the realm passed to the
program is not found in a keytab. This patch adds an explanatory
error message and returns error code 5 - Principal or realm not
found.
https://fedorahosted.org/freeipa/ticket/694
---
ipa-client/ipa-rmkeytab.c | 8 ++++++++
ipa-client/man/ipa-rmkeytab.1 | 2 +-
2 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/ipa-client/ipa-rmkeytab.c b/ipa-client/ipa-rmkeytab.c
index 8afa9e1c4ea822554af436bf4644d717d922f56e..a6a68eaf9ab75fe16c6390ba825cf4a04dba7bed 100644
--- a/ipa-client/ipa-rmkeytab.c
+++ b/ipa-client/ipa-rmkeytab.c
@@ -19,6 +19,7 @@
#define _GNU_SOURCE
#include <stdlib.h>
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <krb5.h>
@@ -108,6 +109,7 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu
krb5_kt_cursor kt_cursor;
char * entry_princ_s = NULL;
int rval = 0;
+ bool realm_found = false;
krberr = krb5_kt_start_seq_get(context, ktid, &kt_cursor);
memset(&entry, 0, sizeof(entry));
@@ -128,6 +130,7 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu
krb5_kt_end_seq_get(context, ktid, &kt_cursor);
if (strstr(entry_princ_s, realm) != NULL) {
+ realm_found = true;
rval = remove_principal(context, ktid, entry_princ_s, debug);
if (rval != 0)
goto done;
@@ -136,6 +139,11 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu
}
}
+ if (!realm_found) {
+ fprintf(stderr, _("realm not found\n"));
+ return 5;
+ }
+
done:
return rval;
diff --git a/ipa-client/man/ipa-rmkeytab.1 b/ipa-client/man/ipa-rmkeytab.1
index 71b324e060570eae5325503d07526d1effd53135..6926c7b06731de3694db9a7975533e5ded82b18f 100644
--- a/ipa-client/man/ipa-rmkeytab.1
+++ b/ipa-client/man/ipa-rmkeytab.1
@@ -84,6 +84,6 @@ The exit status is 0 on success, nonzero on error.
4 Unable to parse the principal name
-5 Principal name not found in keytab
+5 Principal name or realm not found in keytab
6 Unable to remove principal from keytab
--
1.7.4.4
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
