From Stephen.Grau@digex.com Mon Apr 21 11:11:22 2003
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by krbdev.mit.edu (8.9.3) with ESMTP
id LAA18962; Mon, 21 Apr 2003 11:11:22 -0400 (EDT)
Received: from beltg1.corp.digex.com ([164.109.120.199])
by pacific-carrier-annex.mit.edu (8.12.4/8.9.2) with ESMTP id h3LFBMla023787
for <krb5-bugs@mit.edu>; Mon, 21 Apr 2003 11:11:22 -0400 (EDT)
Received: by beltg1.corp.digex.com with Internet Mail Service (5.5.2653.19)
id <V4A7GPDB>; Mon, 21 Apr 2003 11:11:12 -0400
Message-ID: <3B220717C7B6DB41BD68E06799F033E6017CBFC3@beltm2.corp.digex.com>
From: "Grau, Stephen" <Stephen.Grau@digex.com>
To: "'krb5-bugs@mit.edu'" <krb5-bugs@mit.edu>
Subject: kinit return code bug
Date: Mon, 21 Apr 2003 11:11:11 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain;
charset="iso-8859-1"
SUNW,Sun-Blade-100
Architecture: sun4
a
KRB5_PARSE_MALFORMED error, but kinit returns with a 0 return code.
In the code, it is only returning an error code if a valid instance was
parsed and it wasn't authenticated. I think it should return an error code
if it wasn't able to get a valid instance.
This is the best I could do with the diff. This is also present in 1.2.8 and
1.3-alpha2.
echo $?
2001
+++ krb5-1.2.6/src/clients/kinit/kinit.c Fri Apr 18 17:21:24 2003
@@ -1107,7 +1107,7 @@
k5_end(&k5);
k4_end(&k4);
- if ((got_k5 && !authed_k5) || (got_k4 && !authed_k4))
+ if ((got_k5 && !authed_k5) || (got_k4 && !authed_k4) || (!got_k5 &&
!got_k4))
exit(1);
return 0;
}
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by krbdev.mit.edu (8.9.3) with ESMTP
id LAA18962; Mon, 21 Apr 2003 11:11:22 -0400 (EDT)
Received: from beltg1.corp.digex.com ([164.109.120.199])
by pacific-carrier-annex.mit.edu (8.12.4/8.9.2) with ESMTP id h3LFBMla023787
for <krb5-bugs@mit.edu>; Mon, 21 Apr 2003 11:11:22 -0400 (EDT)
Received: by beltg1.corp.digex.com with Internet Mail Service (5.5.2653.19)
id <V4A7GPDB>; Mon, 21 Apr 2003 11:11:12 -0400
Message-ID: <3B220717C7B6DB41BD68E06799F033E6017CBFC3@beltm2.corp.digex.com>
From: "Grau, Stephen" <Stephen.Grau@digex.com>
To: "'krb5-bugs@mit.edu'" <krb5-bugs@mit.edu>
Subject: kinit return code bug
Date: Mon, 21 Apr 2003 11:11:11 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain;
charset="iso-8859-1"
Show quoted text
>Submitter-Id: net
>Originator: Stephen Grau
>Organization:
n/a>Originator: Stephen Grau
>Organization:
Show quoted text
>Confidential: no
>Synopsis: kinit returns code 0 in some failure situations
>Severity: non-critical
>Priority: low
>Category: krb5-clients
>Class: sw-bug
>Release: krb5-1.2.6
>Environment:
System: SunOS olympus 5.9 Generic_112233-04 sun4u sparc>Synopsis: kinit returns code 0 in some failure situations
>Severity: non-critical
>Priority: low
>Category: krb5-clients
>Class: sw-bug
>Release: krb5-1.2.6
>Environment:
SUNW,Sun-Blade-100
Architecture: sun4
Show quoted text
>Description:
If you kinit, for example, with a slash in the realm error, you geta
KRB5_PARSE_MALFORMED error, but kinit returns with a 0 return code.
In the code, it is only returning an error code if a valid instance was
parsed and it wasn't authenticated. I think it should return an error code
if it wasn't able to get a valid instance.
This is the best I could do with the diff. This is also present in 1.2.8 and
1.3-alpha2.
Show quoted text
>How-To-Repeat:
kinit validuser@/echo $?
Show quoted text
>Fix:
--- krb5-1.2.6/src/clients/kinit/kinit.c Mon Dec 10 15:49:502001
+++ krb5-1.2.6/src/clients/kinit/kinit.c Fri Apr 18 17:21:24 2003
@@ -1107,7 +1107,7 @@
k5_end(&k5);
k4_end(&k4);
- if ((got_k5 && !authed_k5) || (got_k4 && !authed_k4))
+ if ((got_k5 && !authed_k5) || (got_k4 && !authed_k4) || (!got_k5 &&
!got_k4))
exit(1);
return 0;
}