From krb5-bugs-incoming-bounces@PCH.mit.edu Fri Mar 12 17:09:52 2010 Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 7ADB03F0F8; Fri, 12 Mar 2010 17:09:51 -0500 (EST) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id o2CM9pgb013895; Fri, 12 Mar 2010 17:09:51 -0500 Received: from mailhub-dmz-1.mit.edu (MAILHUB-DMZ-1.MIT.EDU [18.9.21.41]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id o2CKgPmo001072 for ; Fri, 12 Mar 2010 15:42:25 -0500 Received: from dmz-mailsec-scanner-1.mit.edu (DMZ-MAILSEC-SCANNER-1.MIT.EDU [18.9.25.12]) by mailhub-dmz-1.mit.edu (8.13.8/8.9.2) with ESMTP id o2CKfRCW022295 for ; Fri, 12 Mar 2010 15:42:25 -0500 X-AuditID: 1209190c-b7c8cae00000610c-c5-4b9aa7317e59 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by dmz-mailsec-scanner-1.mit.edu (Symantec Brightmail Gateway) with SMTP id 9D.B5.24844.137AA9B4; Fri, 12 Mar 2010 15:42:25 -0500 (EST) Received: from int-mx04.intmail.prod.int.phx2.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.17]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o2CKgOwg013366 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 12 Mar 2010 15:42:24 -0500 Received: from blade.bos.redhat.com (blade.bos.redhat.com [10.16.0.23]) by int-mx04.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id o2CKgMnU032536 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 12 Mar 2010 15:42:23 -0500 Received: from blade.bos.redhat.com (localhost [127.0.0.1]) by blade.bos.redhat.com (8.14.4/8.14.3) with ESMTP id o2CKgMXj023161 for ; Fri, 12 Mar 2010 15:42:22 -0500 Received: (from nalin@localhost) by blade.bos.redhat.com (8.14.4/8.14.4/Submit) id o2CKgMgP023160; Fri, 12 Mar 2010 15:42:22 -0500 Date: Fri, 12 Mar 2010 15:42:22 -0500 Message-Id: <201003122042.o2CKgMgP023160@blade.bos.redhat.com> To: krb5-bugs@mit.edu Subject: kpasswd doesn't guess the client principal name correctly without a ccache From: nalin@redhat.com X-send-pr-version: 3.99 X-Scanned-By: MIMEDefang 2.67 on 10.5.11.17 X-Brightmail-Tracker: AAAABAF7bc0TPSK9Ez0j1hM9/MI= X-Mailman-Approved-At: Fri, 12 Mar 2010 17:09:50 -0500 X-BeenThere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Reply-To: nalin@redhat.com Sender: krb5-bugs-incoming-bounces@PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu >Submitter-Id: net >Originator: Nalin Dahyabhai >Organization: >Confidential: no >Synopsis: kpasswd doesn't guess the client principal name correctly without a ccache >Severity: non-critical >Priority: low >Category: krb5-clients >Class: sw-bug >Release: 1.8 >Environment: System: Linux blade.bos.redhat.com 2.6.31.9-174.fc12.x86_64 #1 SMP Mon Dec 21 05:33:33 UTC 2009 x86_64 x86_64 x86_64 GNU/Linux Architecture: x86_64 >Description: When the invoking user doesn't have a credential cache, kpasswd doesn't derive the client's principal name from the user name, while the man page says that it does. >How-To-Repeat: env -i kdestroy env -i kpasswd >Fix: Here's a patch for moving on after encountering errors while attempting to read the user's principal name from the ccache: Index: src/clients/kpasswd/kpasswd.c =================================================================== --- src/clients/kpasswd/kpasswd.c (revision 23799) +++ src/clients/kpasswd/kpasswd.c (working copy) @@ -85,21 +85,23 @@ exit(1); } } else if ((ret = krb5_cc_default(context, &ccache)) != KRB5_CC_NOTFOUND) { + princ = NULL; + if (ret) { com_err(argv[0], ret, "opening default ccache"); - exit(1); } + else if ((ret = krb5_cc_get_principal(context, ccache, &princ))) { com_err(argv[0], ret, "getting principal from ccache"); - exit(1); } + else if ((ret = krb5_cc_close(context, ccache))) { com_err(argv[0], ret, "closing ccache"); - exit(1); } - } else { + } + if (princ == NULL) { get_name_from_passwd_file(argv[0], context, &princ); }