diff --git a/0001-library-add-missing-strdup.patch b/0001-library-add-missing-strdup.patch new file mode 100644 index 0000000..378bb3c --- /dev/null +++ b/0001-library-add-missing-strdup.patch @@ -0,0 +1,34 @@ +From a64cce9830c2e9c26e120f671b247ee71b45c888 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Fri, 12 Apr 2019 17:31:41 +0200 +Subject: [PATCH] library: add missing strdup + +In add_server_side_service_principals _adcli_strv_add_unique is called +which only adds a string to a list without copying to. Since the +original list will be freed later the value must be copied. + +This issue was introduce with 972f1a2f35829ed89f5353bd204683aa9ad6a2d2 +and hence + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1630187 +--- + library/adenroll.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/library/adenroll.c b/library/adenroll.c +index 1cce86a..52aa8a8 100644 +--- a/library/adenroll.c ++++ b/library/adenroll.c +@@ -1987,7 +1987,8 @@ add_server_side_service_principals (adcli_enroll *enroll) + _adcli_info ("Checking %s", spn_list[c]); + if (!_adcli_strv_has_ex (enroll->service_principals_to_remove, spn_list[c], strcasecmp)) { + enroll->service_principals = _adcli_strv_add_unique (enroll->service_principals, +- spn_list[c], &length, false); ++ strdup (spn_list[c]), ++ &length, false); + assert (enroll->service_principals != NULL); + _adcli_info (" Added %s", spn_list[c]); + } +-- +2.20.1 + diff --git a/0001-tools-properly-release-internal-data-on-error.patch b/0001-tools-properly-release-internal-data-on-error.patch deleted file mode 100644 index b78c8a4..0000000 --- a/0001-tools-properly-release-internal-data-on-error.patch +++ /dev/null @@ -1,152 +0,0 @@ -From 41fdcb1af885d99a91e27406e9343b322f67756a Mon Sep 17 00:00:00 2001 -From: Sumit Bose -Date: Thu, 28 Jun 2018 20:13:26 +0200 -Subject: [PATCH] tools: properly release internal data on error - -Resolves https://bugzilla.redhat.com/show_bug.cgi?id=1588596 ---- - tools/computer.c | 39 ++++++++++++++++++++++++++++++++++++--- - 1 file changed, 36 insertions(+), 3 deletions(-) - -diff --git a/tools/computer.c b/tools/computer.c -index 3813f0a..112340e 100644 ---- a/tools/computer.c -+++ b/tools/computer.c -@@ -415,11 +415,16 @@ adcli_tool_computer_join (adcli_conn *conn, - - if (argc == 1) - adcli_conn_set_domain_name (conn, argv[0]); -- else if (argc > 1) -+ else if (argc > 1) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (2, "extra arguments specified"); -+ } - - res = adcli_conn_connect (conn); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "couldn't connect to %s domain: %s", - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -427,6 +432,8 @@ adcli_tool_computer_join (adcli_conn *conn, - - res = adcli_enroll_join (enroll, flags); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "joining domain %s failed: %s", - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -525,12 +532,16 @@ adcli_tool_computer_update (adcli_conn *conn, - - res = adcli_enroll_load (enroll); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "couldn't lookup domain info from keytab: %s", - adcli_get_last_error ()); - } - - res = adcli_conn_connect (conn); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "couldn't connect to %s domain: %s", - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -538,6 +549,8 @@ adcli_tool_computer_update (adcli_conn *conn, - - res = adcli_enroll_update (enroll, flags); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "updating membership with domain %s failed: %s", - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -630,6 +643,8 @@ adcli_tool_computer_preset (adcli_conn *conn, - - res = adcli_conn_connect (conn); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "couldn't connect to %s domain: %s", - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -643,6 +658,8 @@ adcli_tool_computer_preset (adcli_conn *conn, - - res = adcli_enroll_join (enroll, flags); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "presetting %s in %s domain failed: %s", argv[i], - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -707,11 +724,16 @@ adcli_tool_computer_reset (adcli_conn *conn, - argc -= optind; - argv += optind; - -- if (argc != 1) -+ if (argc != 1) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (EUSAGE, "specify one host name of computer account to reset"); -+ } - - res = adcli_conn_connect (conn); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "couldn't connect to %s domain: %s", - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -722,6 +744,8 @@ adcli_tool_computer_reset (adcli_conn *conn, - - res = adcli_enroll_password (enroll, 0); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "resetting %s in %s domain failed: %s", argv[0], - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -781,19 +805,26 @@ adcli_tool_computer_delete (adcli_conn *conn, - argc -= optind; - argv += optind; - -- if (argc > 1) -+ if (argc > 1) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (EUSAGE, "specify one host name of computer account to delete"); -+ } - - adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); - - res = adcli_enroll_load (enroll); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "couldn't lookup domain info from keytab: %s", - adcli_get_last_error ()); - } - - res = adcli_conn_connect (conn); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "couldn't connect to %s domain: %s", - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); -@@ -804,6 +835,8 @@ adcli_tool_computer_delete (adcli_conn *conn, - - res = adcli_enroll_delete (enroll, 0); - if (res != ADCLI_SUCCESS) { -+ adcli_enroll_unref (enroll); -+ adcli_conn_unref (conn); - errx (-res, "deleting %s in %s domain failed: %s", argv[0], - adcli_conn_get_domain_name (conn), - adcli_get_last_error ()); --- -2.20.1 - diff --git a/0001-tools-remove-errx-from-computer-commands.patch b/0001-tools-remove-errx-from-computer-commands.patch new file mode 100644 index 0000000..71db611 --- /dev/null +++ b/0001-tools-remove-errx-from-computer-commands.patch @@ -0,0 +1,328 @@ +From fa7926c7a9d92bc7c42c610ba6f1706c635aa901 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Mon, 15 Apr 2019 17:54:27 +0200 +Subject: [PATCH 1/7] tools: remove errx from computer commands + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1588596 +--- + tools/computer.c | 166 ++++++++++++++++++++++++++++++----------------- + 1 file changed, 107 insertions(+), 59 deletions(-) + +diff --git a/tools/computer.c b/tools/computer.c +index bee695c..9cbbb28 100644 +--- a/tools/computer.c ++++ b/tools/computer.c +@@ -379,8 +379,10 @@ adcli_tool_computer_join (adcli_conn *conn, + }; + + enroll = adcli_enroll_new (conn); +- if (enroll == NULL) +- errx (-1, "unexpected memory problems"); ++ if (enroll == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) { + switch (opt) { +@@ -415,21 +417,28 @@ adcli_tool_computer_join (adcli_conn *conn, + + if (argc == 1) + adcli_conn_set_domain_name (conn, argv[0]); +- else if (argc > 1) +- errx (2, "extra arguments specified"); ++ else if (argc > 1) { ++ warnx ("extra arguments specified"); ++ adcli_enroll_unref (enroll); ++ return 2; ++ } + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + res = adcli_enroll_join (enroll, flags); + if (res != ADCLI_SUCCESS) { +- errx (-res, "joining domain %s failed: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("joining domain %s failed: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + if (details) +@@ -486,8 +495,10 @@ adcli_tool_computer_update (adcli_conn *conn, + }; + + enroll = adcli_enroll_new (conn); +- if (enroll == NULL) +- errx (-1, "unexpected memory problems"); ++ if (enroll == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) { + switch (opt) { +@@ -525,22 +536,28 @@ adcli_tool_computer_update (adcli_conn *conn, + + res = adcli_enroll_load (enroll); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't lookup domain info from keytab: %s", +- adcli_get_last_error ()); ++ warnx ("couldn't lookup domain info from keytab: %s", ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + res = adcli_enroll_update (enroll, flags); + if (res != ADCLI_SUCCESS) { +- errx (-res, "updating membership with domain %s failed: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("updating membership with domain %s failed: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + if (details) +@@ -578,8 +595,10 @@ adcli_tool_computer_testjoin (adcli_conn *conn, + }; + + enroll = adcli_enroll_new (conn); +- if (enroll == NULL) +- errx (-1, "unexpected memory problems"); ++ if (enroll == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) { + switch (opt) { +@@ -604,18 +623,18 @@ adcli_tool_computer_testjoin (adcli_conn *conn, + res = adcli_enroll_load (enroll); + if (res != ADCLI_SUCCESS) { + adcli_enroll_unref (enroll); +- adcli_conn_unref (conn); +- errx (-res, "couldn't lookup domain info from keytab: %s", +- adcli_get_last_error ()); ++ warnx ("couldn't lookup domain info from keytab: %s", ++ adcli_get_last_error ()); ++ return -res; + } + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { + adcli_enroll_unref (enroll); +- adcli_conn_unref (conn); +- errx (-res, "couldn't connect to %s domain: %s", ++ warnx ("couldn't connect to %s domain: %s", + adcli_conn_get_domain_name (conn), + adcli_get_last_error ()); ++ return -res; + } + + printf ("Sucessfully validated join to domain %s\n", +@@ -665,8 +684,10 @@ adcli_tool_computer_preset (adcli_conn *conn, + }; + + enroll = adcli_enroll_new (conn); +- if (enroll == NULL) +- errx (-1, "unexpected memory problems"); ++ if (enroll == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + flags = ADCLI_ENROLL_NO_KEYTAB; + + while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) { +@@ -694,17 +715,22 @@ adcli_tool_computer_preset (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc < 1) +- errx (EUSAGE, "specify one or more host names of computer accounts to preset"); ++ if (argc < 1) { ++ warnx ("specify one or more host names of computer accounts to preset"); ++ adcli_enroll_unref (enroll); ++ return EUSAGE; ++ } + + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + reset_password = (adcli_enroll_get_computer_password (enroll) == NULL); + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + for (i = 0; i < argc; i++) { +@@ -715,9 +741,11 @@ adcli_tool_computer_preset (adcli_conn *conn, + + res = adcli_enroll_join (enroll, flags); + if (res != ADCLI_SUCCESS) { +- errx (-res, "presetting %s in %s domain failed: %s", argv[i], +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("presetting %s in %s domain failed: %s", argv[i], ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + printf ("computer-name: %s\n", adcli_enroll_get_computer_name (enroll)); +@@ -758,8 +786,10 @@ adcli_tool_computer_reset (adcli_conn *conn, + }; + + enroll = adcli_enroll_new (conn); +- if (enroll == NULL) +- errx (-1, "unexpected memory problems"); ++ if (enroll == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) { + switch (opt) { +@@ -779,14 +809,19 @@ adcli_tool_computer_reset (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc != 1) +- errx (EUSAGE, "specify one host name of computer account to reset"); ++ if (argc != 1) { ++ warnx ("specify one host name of computer account to reset"); ++ adcli_enroll_unref (enroll); ++ return EUSAGE; ++ } + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + parse_fqdn_or_name (enroll, argv[0]); +@@ -794,9 +829,11 @@ adcli_tool_computer_reset (adcli_conn *conn, + + res = adcli_enroll_password (enroll, 0); + if (res != ADCLI_SUCCESS) { +- errx (-res, "resetting %s in %s domain failed: %s", argv[0], +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("resetting %s in %s domain failed: %s", argv[0], ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + adcli_enroll_unref (enroll); +@@ -832,8 +869,10 @@ adcli_tool_computer_delete (adcli_conn *conn, + }; + + enroll = adcli_enroll_new (conn); +- if (enroll == NULL) +- errx (-1, "unexpected memory problems"); ++ if (enroll == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) { + switch (opt) { +@@ -853,22 +892,29 @@ adcli_tool_computer_delete (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc > 1) +- errx (EUSAGE, "specify one host name of computer account to delete"); ++ if (argc > 1) { ++ warnx ("specify one host name of computer account to delete"); ++ adcli_enroll_unref (enroll); ++ return EUSAGE; ++ } + + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + + res = adcli_enroll_load (enroll); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't lookup domain info from keytab: %s", +- adcli_get_last_error ()); ++ warnx ("couldn't lookup domain info from keytab: %s", ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + if (argc == 1) +@@ -876,9 +922,11 @@ adcli_tool_computer_delete (adcli_conn *conn, + + res = adcli_enroll_delete (enroll, 0); + if (res != ADCLI_SUCCESS) { +- errx (-res, "deleting %s in %s domain failed: %s", argv[0], +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("deleting %s in %s domain failed: %s", argv[0], ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_enroll_unref (enroll); ++ return -res; + } + + adcli_enroll_unref (enroll); +-- +2.20.1 + diff --git a/0002-tools-remove-errx-from-user-and-group-commands.patch b/0002-tools-remove-errx-from-user-and-group-commands.patch new file mode 100644 index 0000000..36e5567 --- /dev/null +++ b/0002-tools-remove-errx-from-user-and-group-commands.patch @@ -0,0 +1,398 @@ +From cac0fa9df8888245399f2db187e05e31f93d1471 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Mon, 15 Apr 2019 17:56:37 +0200 +Subject: [PATCH 2/7] tools: remove errx from user and group commands + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1588596 +--- + tools/entry.c | 232 +++++++++++++++++++++++++++++++++----------------- + 1 file changed, 154 insertions(+), 78 deletions(-) + +diff --git a/tools/entry.c b/tools/entry.c +index de56586..97ec6e7 100644 +--- a/tools/entry.c ++++ b/tools/entry.c +@@ -232,21 +232,30 @@ adcli_tool_user_create (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc != 1) +- errx (2, "specify one user name to create"); ++ if (argc != 1) { ++ warnx ("specify one user name to create"); ++ adcli_attrs_free (attrs); ++ return 2; ++ } + + entry = adcli_entry_new_user (conn, argv[0]); +- if (entry == NULL) +- errx (-1, "unexpected memory problems"); ++ if (entry == NULL) { ++ warnx ("unexpected memory problems"); ++ adcli_attrs_free (attrs); ++ return -1; ++ } + adcli_entry_set_domain_ou (entry, ou); + + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ adcli_attrs_free (attrs); ++ return -res; + } + + if (has_unix_attr && !has_nis_domain) { +@@ -254,16 +263,20 @@ adcli_tool_user_create (adcli_conn *conn, + if (res != ADCLI_SUCCESS) { + adcli_entry_unref (entry); + adcli_attrs_free (attrs); +- errx (-res, "couldn't get NIS domain"); ++ warnx ("couldn't get NIS domain"); ++ return -res; + } + } + + res = adcli_entry_create (entry, attrs); + if (res != ADCLI_SUCCESS) { +- errx (-res, "creating user %s in domain %s failed: %s", +- adcli_entry_get_sam_name (entry), +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("creating user %s in domain %s failed: %s", ++ adcli_entry_get_sam_name (entry), ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ adcli_attrs_free (attrs); ++ return -res; + } + + adcli_entry_unref (entry); +@@ -317,28 +330,36 @@ adcli_tool_user_delete (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc != 1) +- errx (2, "specify one user name to delete"); ++ if (argc != 1) { ++ warnx ("specify one user name to delete"); ++ return 2; ++ } + + entry = adcli_entry_new_user (conn, argv[0]); +- if (entry == NULL) +- errx (-1, "unexpected memory problems"); ++ if (entry == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ return -res; + } + + res = adcli_entry_delete (entry); + if (res != ADCLI_SUCCESS) { +- errx (-res, "deleting user %s in domain %s failed: %s", +- adcli_entry_get_sam_name (entry), +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("deleting user %s in domain %s failed: %s", ++ adcli_entry_get_sam_name (entry), ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ return -res; + } + + adcli_entry_unref (entry); +@@ -404,29 +425,41 @@ adcli_tool_group_create (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc != 1) +- errx (2, "specify one group to create"); ++ if (argc != 1) { ++ warnx ("specify one group to create"); ++ adcli_attrs_free (attrs); ++ return 2; ++ } + + entry = adcli_entry_new_group (conn, argv[0]); +- if (entry == NULL) +- errx (-1, "unexpected memory problems"); ++ if (entry == NULL) { ++ warnx ("unexpected memory problems"); ++ adcli_attrs_free (attrs); ++ return -1; ++ } + adcli_entry_set_domain_ou (entry, ou); + + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to domain %s: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to domain %s: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ adcli_attrs_free (attrs); ++ return -res; + } + + res = adcli_entry_create (entry, attrs); + if (res != ADCLI_SUCCESS) { +- errx (-res, "creating group %s in domain %s failed: %s", +- adcli_entry_get_sam_name (entry), +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("creating group %s in domain %s failed: %s", ++ adcli_entry_get_sam_name (entry), ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ adcli_attrs_free (attrs); ++ return -res; + } + + adcli_entry_unref (entry); +@@ -480,28 +513,36 @@ adcli_tool_group_delete (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc != 1) +- errx (2, "specify one group name to delete"); ++ if (argc != 1) { ++ warnx ("specify one group name to delete"); ++ return 2; ++ } + + entry = adcli_entry_new_group (conn, argv[0]); +- if (entry == NULL) +- errx (-1, "unexpected memory problems"); ++ if (entry == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ return -res; + } + + res = adcli_entry_delete (entry); + if (res != ADCLI_SUCCESS) { +- errx (-res, "deleting group %s in domain %s failed: %s", +- adcli_entry_get_sam_name (entry), +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("deleting group %s in domain %s failed: %s", ++ adcli_entry_get_sam_name (entry), ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ return -res; + } + + adcli_entry_unref (entry); +@@ -509,7 +550,7 @@ adcli_tool_group_delete (adcli_conn *conn, + return 0; + } + +-static void ++static int + expand_user_dn_as_member (adcli_conn *conn, + adcli_attrs *attrs, + const char *user, +@@ -523,16 +564,19 @@ expand_user_dn_as_member (adcli_conn *conn, + + res = adcli_entry_load (entry); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't lookup user %s in domain %s: %s", +- user, adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't lookup user %s in domain %s: %s", ++ user, adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ return -res; + } + + dn = adcli_entry_get_dn (entry); + if (dn == NULL) { +- errx (-ADCLI_ERR_CONFIG, +- "couldn't found user %s in domain %s", +- user, adcli_conn_get_domain_name (conn)); ++ warnx ("couldn't found user %s in domain %s", ++ user, adcli_conn_get_domain_name (conn)); ++ adcli_entry_unref (entry); ++ return -ADCLI_ERR_CONFIG; + } + + if (adding) +@@ -541,6 +585,8 @@ expand_user_dn_as_member (adcli_conn *conn, + adcli_attrs_delete1 (attrs, "member", dn); + + adcli_entry_unref (entry); ++ ++ return ADCLI_SUCCESS; + } + + int +@@ -590,33 +636,48 @@ adcli_tool_member_add (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc < 2) +- errx (2, "specify a group name and a user to add"); ++ if (argc < 2) { ++ warnx ("specify a group name and a user to add"); ++ return 2; ++ } + + entry = adcli_entry_new_group (conn, argv[0]); +- if (entry == NULL) +- errx (-1, "unexpected memory problems"); ++ if (entry == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ return -res; + } + + attrs = adcli_attrs_new (); + +- for (i = 1; i < argc; i++) +- expand_user_dn_as_member (conn, attrs, argv[i], 1); ++ for (i = 1; i < argc; i++) { ++ res = expand_user_dn_as_member (conn, attrs, argv[i], 1); ++ if (res != ADCLI_SUCCESS) { ++ adcli_attrs_free (attrs); ++ adcli_entry_unref (entry); ++ return res; ++ } ++ } + + res = adcli_entry_modify (entry, attrs); + if (res != ADCLI_SUCCESS) { +- errx (-res, "adding member(s) to group %s in domain %s failed: %s", +- adcli_entry_get_sam_name (entry), +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("adding member(s) to group %s in domain %s failed: %s", ++ adcli_entry_get_sam_name (entry), ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_attrs_free (attrs); ++ adcli_entry_unref (entry); ++ return -res; + } + + adcli_attrs_free (attrs); +@@ -672,33 +733,48 @@ adcli_tool_member_remove (adcli_conn *conn, + argc -= optind; + argv += optind; + +- if (argc < 2) +- errx (2, "specify a group name and a user to remove"); ++ if (argc < 2) { ++ warnx ("specify a group name and a user to remove"); ++ return 2; ++ } + + entry = adcli_entry_new_group (conn, argv[0]); +- if (entry == NULL) +- errx (-1, "unexpected memory problems"); ++ if (entry == NULL) { ++ warnx ("unexpected memory problems"); ++ return -1; ++ } + + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + + res = adcli_conn_connect (conn); + if (res != ADCLI_SUCCESS) { +- errx (-res, "couldn't connect to %s domain: %s", +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("couldn't connect to %s domain: %s", ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_entry_unref (entry); ++ return -res; + } + + attrs = adcli_attrs_new (); + +- for (i = 1; i < argc; i++) +- expand_user_dn_as_member (conn, attrs, argv[i], 0); ++ for (i = 1; i < argc; i++) { ++ res = expand_user_dn_as_member (conn, attrs, argv[i], 0); ++ if (res != ADCLI_SUCCESS) { ++ adcli_attrs_free (attrs); ++ adcli_entry_unref (entry); ++ return res; ++ } ++ } + + res = adcli_entry_modify (entry, attrs); + if (res != ADCLI_SUCCESS) { +- errx (-res, "adding member(s) to group %s in domain %s failed: %s", +- adcli_entry_get_sam_name (entry), +- adcli_conn_get_domain_name (conn), +- adcli_get_last_error ()); ++ warnx ("adding member(s) to group %s in domain %s failed: %s", ++ adcli_entry_get_sam_name (entry), ++ adcli_conn_get_domain_name (conn), ++ adcli_get_last_error ()); ++ adcli_attrs_free (attrs); ++ adcli_entry_unref (entry); ++ return -res; + } + + adcli_attrs_free (attrs); +-- +2.20.1 + diff --git a/0003-tools-remove-errx-from-info-commands.patch b/0003-tools-remove-errx-from-info-commands.patch new file mode 100644 index 0000000..c53cf50 --- /dev/null +++ b/0003-tools-remove-errx-from-info-commands.patch @@ -0,0 +1,53 @@ +From 4794812cc98c8783921f534d20dae8b44f3826d2 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Mon, 15 Apr 2019 17:57:37 +0200 +Subject: [PATCH 3/7] tools: remove errx from info commands + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1588596 +--- + tools/info.c | 21 ++++++++++++++------- + 1 file changed, 14 insertions(+), 7 deletions(-) + +diff --git a/tools/info.c b/tools/info.c +index e7e20ad..c63e0ff 100644 +--- a/tools/info.c ++++ b/tools/info.c +@@ -162,21 +162,28 @@ adcli_tool_info (adcli_conn *unused, + + if (argc == 1) + domain = argv[0]; +- else if (argc != 0) +- errx (2, "specify one user name to create"); ++ else if (argc != 0) { ++ warnx ("specify one user name to create"); ++ return 2; ++ } + + if (server) { + adcli_disco_host (server, &disco); +- if (disco == NULL) +- errx (1, "couldn't discover domain controller: %s", server); ++ if (disco == NULL) { ++ warnx ("couldn't discover domain controller: %s", server); ++ return 1; ++ } + for_host = 1; + } else if (domain) { + adcli_disco_domain (domain, &disco); +- if (disco == NULL) +- errx (1, "couldn't discover domain: %s", domain); ++ if (disco == NULL) { ++ warnx ("couldn't discover domain: %s", domain); ++ return 1; ++ } + for_host = 0; + } else { +- errx (2, "specify a domain to discover"); ++ warnx ("specify a domain to discover"); ++ return 2; + } + + print_info (disco, for_host); +-- +2.20.1 + diff --git a/0004-tools-remove-errx-from-adcli_read_password_func.patch b/0004-tools-remove-errx-from-adcli_read_password_func.patch new file mode 100644 index 0000000..1b53d7d --- /dev/null +++ b/0004-tools-remove-errx-from-adcli_read_password_func.patch @@ -0,0 +1,42 @@ +From 251d7d0c71226afb8e51f7bc5794a7a3164f5a20 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Mon, 15 Apr 2019 17:59:17 +0200 +Subject: [PATCH 4/7] tools: remove errx from adcli_read_password_func + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1588596 +--- + tools/tools.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/tools/tools.c b/tools/tools.c +index c4e2851..bdf6d38 100644 +--- a/tools/tools.c ++++ b/tools/tools.c +@@ -247,7 +247,9 @@ adcli_read_password_func (adcli_login_type login_type, + if (res < 0) { + if (errno == EAGAIN || errno == EINTR) + continue; +- err (EFAIL, "couldn't read password from stdin"); ++ warn ("couldn't read password from stdin"); ++ free (buffer); ++ return NULL; + + } else if (res == 0) { + buffer[offset] = '\0'; +@@ -261,8 +263,11 @@ adcli_read_password_func (adcli_login_type login_type, + return buffer; + + } else { +- if (memchr (buffer + offset, 0, res)) +- errx (EUSAGE, "unsupported null character present in password"); ++ if (memchr (buffer + offset, 0, res)) { ++ warnx ("unsupported null character present in password"); ++ free (buffer); ++ return NULL; ++ } + offset += res; + } + } +-- +2.20.1 + diff --git a/0005-tools-remove-errx-from-setup_krb5_conf_directory.patch b/0005-tools-remove-errx-from-setup_krb5_conf_directory.patch new file mode 100644 index 0000000..8fd9197 --- /dev/null +++ b/0005-tools-remove-errx-from-setup_krb5_conf_directory.patch @@ -0,0 +1,63 @@ +From b8f5d995d30c17eb8bec3ac5e0777ea94f5b76c3 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Mon, 15 Apr 2019 18:00:52 +0200 +Subject: [PATCH 5/7] tools: remove errx from setup_krb5_conf_directory + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1588596 +--- + tools/tools.c | 38 ++++++++++++++++++++++++-------------- + 1 file changed, 24 insertions(+), 14 deletions(-) + +diff --git a/tools/tools.c b/tools/tools.c +index bdf6d38..fc9fa9a 100644 +--- a/tools/tools.c ++++ b/tools/tools.c +@@ -327,21 +327,31 @@ setup_krb5_conf_directory (adcli_conn *conn) + } + + if (asprintf (&directory, "%s%sadcli-krb5-XXXXXX", parent, +- (parent[0] && parent[strlen(parent) - 1] == '/') ? "" : "/") < 0) +- errx (1, "unexpected: out of memory"); +- +- if (mkdtemp (directory) == NULL) { +- errn = errno; ++ (parent[0] && parent[strlen(parent) - 1] == '/') ? "" : "/") < 0) { ++ warnx ("unexpected: out of memory"); ++ directory = NULL; /* content is undefined */ + failed = 1; +- warnx ("couldn't create temporary directory in: %s: %s", +- parent, strerror (errn)); +- } else { +- if (asprintf (&filename, "%s/krb5.conf", directory) < 0 || +- asprintf (&snippets, "%s/krb5.d", directory) < 0 || +- asprintf (&contents, "includedir %s\n%s%s\n", snippets, +- krb5_conf ? "include " : "", +- krb5_conf ? krb5_conf : "") < 0) +- errx (1, "unexpected: out of memory"); ++ } ++ ++ if (!failed) { ++ if (mkdtemp (directory) == NULL) { ++ errn = errno; ++ failed = 1; ++ warnx ("couldn't create temporary directory in: %s: %s", ++ parent, strerror (errn)); ++ } else { ++ if (asprintf (&filename, "%s/krb5.conf", directory) < 0 || ++ asprintf (&snippets, "%s/krb5.d", directory) < 0 || ++ asprintf (&contents, "includedir %s\n%s%s\n", snippets, ++ krb5_conf ? "include " : "", ++ krb5_conf ? krb5_conf : "") < 0) { ++ warnx ("unexpected: out of memory"); ++ filename = NULL; /* content is undefined */ ++ snippets = NULL; /* content is undefined */ ++ contents = NULL; /* content is undefined */ ++ failed = 1; ++ } ++ } + } + + if (!failed) { +-- +2.20.1 + diff --git a/0006-tools-entry-remove-errx-from-parse_option.patch b/0006-tools-entry-remove-errx-from-parse_option.patch new file mode 100644 index 0000000..17bb9c4 --- /dev/null +++ b/0006-tools-entry-remove-errx-from-parse_option.patch @@ -0,0 +1,175 @@ +From d9912e19e48ec482351b9c384140ad71922ec5c0 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Mon, 8 Apr 2019 17:22:00 +0200 +Subject: [PATCH 6/7] tools: entry - remove errx from parse_option + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1588596 +--- + tools/entry.c | 70 ++++++++++++++++++++++++++++++++++----------------- + 1 file changed, 47 insertions(+), 23 deletions(-) + +diff --git a/tools/entry.c b/tools/entry.c +index 97ec6e7..f361845 100644 +--- a/tools/entry.c ++++ b/tools/entry.c +@@ -81,7 +81,7 @@ static adcli_tool_desc common_usages[] = { + { 0 }, + }; + +-static void ++static int + parse_option (Option opt, + const char *optarg, + adcli_conn *conn) +@@ -93,54 +93,58 @@ parse_option (Option opt, + switch (opt) { + case opt_login_ccache: + adcli_conn_set_login_ccache_name (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_login_user: + adcli_conn_set_login_user (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_domain: + adcli_conn_set_domain_name (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_domain_realm: + adcli_conn_set_domain_realm (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_domain_controller: + adcli_conn_set_domain_controller (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_no_password: + if (stdin_password || prompt_password) { +- errx (EUSAGE, "cannot use --no-password argument with %s", +- stdin_password ? "--stdin-password" : "--prompt-password"); ++ warnx ("cannot use --no-password argument with %s", ++ stdin_password ? "--stdin-password" : "--prompt-password"); ++ return EUSAGE; + } else { + adcli_conn_set_password_func (conn, NULL, NULL, NULL); + no_password = 1; + } +- return; ++ return ADCLI_SUCCESS; + case opt_prompt_password: + if (stdin_password || no_password) { +- errx (EUSAGE, "cannot use --prompt-password argument with %s", +- stdin_password ? "--stdin-password" : "--no-password"); ++ warnx ("cannot use --prompt-password argument with %s", ++ stdin_password ? "--stdin-password" : "--no-password"); ++ return EUSAGE; + } else { + adcli_conn_set_password_func (conn, adcli_prompt_password_func, NULL, NULL); + prompt_password = 1; + } +- return; ++ return ADCLI_SUCCESS; + case opt_stdin_password: + if (prompt_password || no_password) { +- errx (EUSAGE, "cannot use --stdin-password argument with %s", +- prompt_password ? "--prompt-password" : "--no-password"); ++ warnx ("cannot use --stdin-password argument with %s", ++ prompt_password ? "--prompt-password" : "--no-password"); ++ return EUSAGE; + } else { + adcli_conn_set_password_func (conn, adcli_read_password_func, NULL, NULL); + stdin_password = 1; + } +- return; ++ return ADCLI_SUCCESS; + case opt_verbose: +- return; ++ return ADCLI_SUCCESS; + default: + assert (0 && "not reached"); + break; + } + +- errx (EUSAGE, "failure to parse option '%c'", opt); ++ warnx ("failure to parse option '%c'", opt); ++ return EUSAGE; + } + + int +@@ -224,7 +228,11 @@ adcli_tool_user_create (adcli_conn *conn, + adcli_attrs_free (attrs); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn); ++ res = parse_option ((Option)opt, optarg, conn); ++ if (res != ADCLI_SUCCESS) { ++ adcli_attrs_free (attrs); ++ return res; ++ } + break; + } + } +@@ -322,7 +330,10 @@ adcli_tool_user_delete (adcli_conn *conn, + adcli_tool_usage (options, common_usages); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn); ++ res = parse_option ((Option)opt, optarg, conn); ++ if (res != ADCLI_SUCCESS) { ++ return res; ++ } + break; + } + } +@@ -417,7 +428,11 @@ adcli_tool_group_create (adcli_conn *conn, + adcli_attrs_free (attrs); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn); ++ res = parse_option ((Option)opt, optarg, conn); ++ if (res != ADCLI_SUCCESS) { ++ adcli_attrs_free (attrs); ++ return res; ++ } + break; + } + } +@@ -505,7 +520,10 @@ adcli_tool_group_delete (adcli_conn *conn, + adcli_tool_usage (options, common_usages); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn); ++ res = parse_option ((Option)opt, optarg, conn); ++ if (res != ADCLI_SUCCESS) { ++ return res; ++ } + break; + } + } +@@ -628,7 +646,10 @@ adcli_tool_member_add (adcli_conn *conn, + adcli_tool_usage (options, common_usages); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn); ++ res = parse_option ((Option)opt, optarg, conn); ++ if (res != ADCLI_SUCCESS) { ++ return res; ++ } + break; + } + } +@@ -725,7 +746,10 @@ adcli_tool_member_remove (adcli_conn *conn, + adcli_tool_usage (options, common_usages); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn); ++ res = parse_option ((Option)opt, optarg, conn); ++ if (res != ADCLI_SUCCESS) { ++ return res; ++ } + break; + } + } +-- +2.20.1 + diff --git a/0007-tools-computer-remove-errx-from-parse_option.patch b/0007-tools-computer-remove-errx-from-parse_option.patch new file mode 100644 index 0000000..065fc9f --- /dev/null +++ b/0007-tools-computer-remove-errx-from-parse_option.patch @@ -0,0 +1,294 @@ +From f127ddef23a532cd9763190527bf79b4e47fa2ab Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Mon, 8 Apr 2019 17:33:17 +0200 +Subject: [PATCH 7/7] tools: computer - remove errx from parse_option + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1588596 +--- + tools/computer.c | 128 +++++++++++++++++++++++++++++------------------ + 1 file changed, 80 insertions(+), 48 deletions(-) + +diff --git a/tools/computer.c b/tools/computer.c +index 9cbbb28..ac8a203 100644 +--- a/tools/computer.c ++++ b/tools/computer.c +@@ -159,7 +159,7 @@ static adcli_tool_desc common_usages[] = { + { 0 }, + }; + +-static void ++static int + parse_option (Option opt, + const char *optarg, + adcli_conn *conn, +@@ -175,132 +175,139 @@ parse_option (Option opt, + switch (opt) { + case opt_login_ccache: + adcli_conn_set_login_ccache_name (conn, optarg ? optarg : ""); +- return; ++ return ADCLI_SUCCESS; + case opt_login_user: + if (adcli_conn_get_allowed_login_types (conn) & ADCLI_LOGIN_USER_ACCOUNT) { + adcli_conn_set_login_user (conn, optarg); + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + } else { +- errx (EUSAGE, "cannot set --user if --login-type not set to 'user'"); ++ warnx ("cannot set --user if --login-type not set to 'user'"); ++ return EUSAGE; + } +- return; ++ return ADCLI_SUCCESS; + case opt_login_type: + if (optarg && strcmp (optarg, "computer") == 0) { +- if (adcli_conn_get_login_user (conn) != NULL) +- errx (EUSAGE, "cannot set --login-type to 'computer' if --user is set"); +- else ++ if (adcli_conn_get_login_user (conn) != NULL) { ++ warnx ("cannot set --login-type to 'computer' if --user is set"); ++ return EUSAGE; ++ } else + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_COMPUTER_ACCOUNT); + } else if (optarg && strcmp (optarg, "user") == 0) { + adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT); + + } else { +- errx (EUSAGE, "unknown login type '%s'", optarg); ++ warnx ("unknown login type '%s'", optarg); ++ return EUSAGE; + } +- return; ++ return ADCLI_SUCCESS; + case opt_host_fqdn: + adcli_conn_set_host_fqdn (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_host_keytab: + adcli_enroll_set_keytab_name (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_computer_name: + adcli_conn_set_computer_name (conn, optarg); + adcli_enroll_set_computer_name (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_domain: + adcli_conn_set_domain_name (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_domain_realm: + adcli_conn_set_domain_realm (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_domain_controller: + adcli_conn_set_domain_controller (conn, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_domain_ou: + adcli_enroll_set_domain_ou (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_service_name: + adcli_enroll_add_service_name (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_no_password: + if (stdin_password || prompt_password) { +- errx (EUSAGE, "cannot use --no-password argument with %s", +- stdin_password ? "--stdin-password" : "--prompt-password"); ++ warnx ("cannot use --no-password argument with %s", ++ stdin_password ? "--stdin-password" : "--prompt-password"); ++ return EUSAGE; + } else { + adcli_conn_set_password_func (conn, NULL, NULL, NULL); + no_password = 1; + } +- return; ++ return ADCLI_SUCCESS; + case opt_prompt_password: + if (stdin_password || no_password) { +- errx (EUSAGE, "cannot use --prompt-password argument with %s", +- stdin_password ? "--stdin-password" : "--no-password"); ++ warnx ("cannot use --prompt-password argument with %s", ++ stdin_password ? "--stdin-password" : "--no-password"); ++ return EUSAGE; + } else { + adcli_conn_set_password_func (conn, adcli_prompt_password_func, NULL, NULL); + prompt_password = 1; + } +- return; ++ return ADCLI_SUCCESS; + case opt_stdin_password: + if (prompt_password || no_password) { +- errx (EUSAGE, "cannot use --stdin-password argument with %s", +- prompt_password ? "--prompt-password" : "--no-password"); ++ warnx ("cannot use --stdin-password argument with %s", ++ prompt_password ? "--prompt-password" : "--no-password"); ++ return EUSAGE; + } else { + adcli_conn_set_password_func (conn, adcli_read_password_func, NULL, NULL); + stdin_password = 1; + } +- return; ++ return ADCLI_SUCCESS; + case opt_os_name: + adcli_enroll_set_os_name (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_os_version: + adcli_enroll_set_os_version (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_os_service_pack: + adcli_enroll_set_os_service_pack (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_user_principal: + if (optarg && optarg[0]) + adcli_enroll_set_user_principal (enroll, optarg); + else + adcli_enroll_auto_user_principal (enroll); +- return; ++ return ADCLI_SUCCESS; + case opt_computer_password_lifetime: + errno = 0; + lifetime = strtoul (optarg, &endptr, 10); + if (errno != 0 || *endptr != '\0' || endptr == optarg) { +- errx (EUSAGE, +- "failure to parse value '%s' of option 'computer-password-lifetime'; " +- "expecting non-negative integer indicating the lifetime in days", +- optarg); ++ warnx ("failure to parse value '%s' of option 'computer-password-lifetime'; " ++ "expecting non-negative integer indicating the lifetime in days", ++ optarg); ++ return EUSAGE; + } + + adcli_enroll_set_computer_password_lifetime (enroll, lifetime); +- return; ++ return ADCLI_SUCCESS; + case opt_samba_data_tool: + errno = 0; + ret = access (optarg, X_OK); + if (ret != 0) { + ret = errno; +- errx (EUSAGE, "Failed to access tool to add Samba data: %s", strerror (ret)); ++ warnx ("Failed to access tool to add Samba data: %s", strerror (ret)); ++ return EUSAGE; + } else { + adcli_enroll_set_samba_data_tool (enroll, optarg); + } +- return; ++ return ADCLI_SUCCESS; + case opt_trusted_for_delegation: + if (strcasecmp (optarg, "true") == 0 || strcasecmp (optarg, "yes") == 0) { + adcli_enroll_set_trusted_for_delegation (enroll, true); + } else { + adcli_enroll_set_trusted_for_delegation (enroll, false); + } +- return; ++ return ADCLI_SUCCESS; + case opt_add_service_principal: + adcli_enroll_add_service_principal_to_add (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_remove_service_principal: + adcli_enroll_add_service_principal_to_remove (enroll, optarg); +- return; ++ return ADCLI_SUCCESS; + case opt_verbose: +- return; ++ return ADCLI_SUCCESS; + + /* Should be handled by caller */ + case opt_show_details: +@@ -311,7 +318,8 @@ parse_option (Option opt, + break; + } + +- errx (EUSAGE, "failure to parse option '%c'", opt); ++ warnx ("failure to parse option '%c'", opt); ++ return EUSAGE; + } + + static void +@@ -407,7 +415,11 @@ adcli_tool_computer_join (adcli_conn *conn, + adcli_enroll_unref (enroll); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn, enroll); ++ res = parse_option ((Option)opt, optarg, conn, enroll); ++ if (res != ADCLI_SUCCESS) { ++ adcli_enroll_unref (enroll); ++ return res; ++ } + break; + } + } +@@ -519,7 +531,11 @@ adcli_tool_computer_update (adcli_conn *conn, + adcli_enroll_unref (enroll); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn, enroll); ++ res = parse_option ((Option)opt, optarg, conn, enroll); ++ if (res != ADCLI_SUCCESS) { ++ adcli_enroll_unref (enroll); ++ return res; ++ } + break; + } + } +@@ -610,7 +626,11 @@ adcli_tool_computer_testjoin (adcli_conn *conn, + adcli_enroll_unref (enroll); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn, enroll); ++ res = parse_option ((Option)opt, optarg, conn, enroll); ++ if (res != ADCLI_SUCCESS) { ++ adcli_enroll_unref (enroll); ++ return res; ++ } + break; + } + } +@@ -707,7 +727,11 @@ adcli_tool_computer_preset (adcli_conn *conn, + adcli_enroll_unref (enroll); + return 2; + default: +- parse_option ((Option)opt, optarg, conn, enroll); ++ res = parse_option ((Option)opt, optarg, conn, enroll); ++ if (res != ADCLI_SUCCESS) { ++ adcli_enroll_unref (enroll); ++ return res; ++ } + break; + } + } +@@ -801,7 +825,11 @@ adcli_tool_computer_reset (adcli_conn *conn, + adcli_enroll_unref (enroll); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn, enroll); ++ res = parse_option ((Option)opt, optarg, conn, enroll); ++ if (res != ADCLI_SUCCESS) { ++ adcli_enroll_unref (enroll); ++ return res; ++ } + break; + } + } +@@ -884,7 +912,11 @@ adcli_tool_computer_delete (adcli_conn *conn, + adcli_enroll_unref (enroll); + return opt == 'h' ? 0 : 2; + default: +- parse_option ((Option)opt, optarg, conn, enroll); ++ res = parse_option ((Option)opt, optarg, conn, enroll); ++ if (res != ADCLI_SUCCESS) { ++ adcli_enroll_unref (enroll); ++ return res; ++ } + break; + } + } +-- +2.20.1 + diff --git a/adcli.spec b/adcli.spec index e935f24..d7c6dca 100644 --- a/adcli.spec +++ b/adcli.spec @@ -1,6 +1,6 @@ Name: adcli Version: 0.8.2 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Active Directory enrollment License: LGPLv2+ URL: http://cgit.freedesktop.org/realmd/adcli @@ -45,8 +45,7 @@ Patch28: 0004-Do-not-depend-on-default_realm-in-krb5.conf.patch Patch29: 0001-adutil-add-_adcli_strv_add_unique.patch Patch30: 0002-adenroll-use-_adcli_strv_add_unique-for-service-prin.patch -# rhbz#1588596 - many adcli-krb5-????? directories are created /tmp -Patch31: 0001-tools-properly-release-internal-data-on-error.patch +# Patch31 is replaced by Patch44 - Patch50 # rhbz#1642546 - adcli exports kerberos ticket with old kvno Patch32: 0001-Increment-kvno-after-password-change-with-user-creds.patch @@ -73,6 +72,18 @@ Patch41: 0004-library-make-sure-server-side-SPNs-are-preserved.patch # rhbz#1622583 - [RFE] Need an option for adcli command which will show domain join status. Patch42: 0001-Implement-adcli-testjoin.patch +# rhbz#1630187 - [RFE] adcli join should preserve SPN added by adcli preset-computer - additional patch +Patch43: 0001-library-add-missing-strdup.patch + +# rhbz#1588596 - many adcli-krb5-????? directories are created /tmp +Patch44: 0001-tools-remove-errx-from-computer-commands.patch +Patch45: 0002-tools-remove-errx-from-user-and-group-commands.patch +Patch46: 0003-tools-remove-errx-from-info-commands.patch +Patch47: 0004-tools-remove-errx-from-adcli_read_password_func.patch +Patch48: 0005-tools-remove-errx-from-setup_krb5_conf_directory.patch +Patch49: 0006-tools-entry-remove-errx-from-parse_option.patch +Patch50: 0007-tools-computer-remove-errx-from-parse_option.patch + BuildRequires: gcc BuildRequires: intltool pkgconfig BuildRequires: libtool @@ -129,6 +140,10 @@ documentation. %doc %{_datadir}/doc/adcli/* %changelog +* Tue Apr 30 2019 Sumit Bose - 0.8.2-5 +- addition patch for rhbz#1630187 and new ones for rhbz#1588596 + Resolves: rhbz#1630187, rhbz#1588596 + * Fri Mar 22 2019 Sumit Bose - 0.8.2-4 - various fixes and improvements Resolves: rhbz#1593240, rhbz#1608212, rhbz#1547014, rhbz#1547014,