Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
X-RT-Original-Encoding: iso-8859-1
Content-Length: 2119

From Stephen.Grau@digex.com  Mon Apr 21 11:11:22 2003
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by krbdev.mit.edu (8.9.3) with ESMTP
	id LAA18962; Mon, 21 Apr 2003 11:11:22 -0400 (EDT)
Received: from beltg1.corp.digex.com ([164.109.120.199])
	by pacific-carrier-annex.mit.edu (8.12.4/8.9.2) with ESMTP id h3LFBMla023787
	for <krb5-bugs@mit.edu>; Mon, 21 Apr 2003 11:11:22 -0400 (EDT)
Received: by beltg1.corp.digex.com with Internet Mail Service (5.5.2653.19)
	id <V4A7GPDB>; Mon, 21 Apr 2003 11:11:12 -0400
Message-ID: <3B220717C7B6DB41BD68E06799F033E6017CBFC3@beltm2.corp.digex.com>
From: "Grau, Stephen" <Stephen.Grau@digex.com>
To: "'krb5-bugs@mit.edu'" <krb5-bugs@mit.edu>
Subject: kinit return code bug
Date: Mon, 21 Apr 2003 11:11:11 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain;
	charset="iso-8859-1"

>Submitter-Id:	net
>Originator:	Stephen Grau
>Organization:
	n/a
>Confidential:	no
>Synopsis:	kinit returns code 0 in some failure situations
>Severity:	non-critical
>Priority:	low
>Category:	krb5-clients
>Class:		sw-bug
>Release:	krb5-1.2.6
>Environment:
	System: SunOS olympus 5.9 Generic_112233-04 sun4u sparc
SUNW,Sun-Blade-100
Architecture: sun4

>Description:
	If you kinit, for example, with a slash in the realm error, you get
a
KRB5_PARSE_MALFORMED error, but kinit returns with a 0 return code.
In the code, it is only returning an error code if a valid instance was
parsed and it wasn't authenticated. I think it should return an error code
if it wasn't able to get a valid instance.
This is the best I could do with the diff. This is also present in 1.2.8 and
1.3-alpha2.
>How-To-Repeat:
	kinit validuser@/
	echo $?
>Fix:
	--- krb5-1.2.6/src/clients/kinit/kinit.c     Mon Dec 10 15:49:50
2001
+++ krb5-1.2.6/src/clients/kinit/kinit.c     Fri Apr 18 17:21:24 2003
@@ -1107,7 +1107,7 @@
     k5_end(&k5);
     k4_end(&k4);

-    if ((got_k5 && !authed_k5) || (got_k4 && !authed_k4))
+    if ((got_k5 && !authed_k5) || (got_k4 && !authed_k4) || (!got_k5 &&
!got_k4))
        exit(1);
     return 0;
 }