klog.krb5 -lifetime is not implemented

The klog.krb5 -lifetime option was copied from earlier versions of log and klog, which had the ability to set the krb4 token lifetime. However, the -lifetime option is not feasible the krb5 version, and so is not implemented in klog.krb5. Update the klog.krb5 man page to document the -lifetime option has no effect. Remove the code which unnecessarily checks the unused klog.krb5 -lifetime command line argument. The unused lifetime variable was discovered by Pat Riehecky using the clang scan-build static analyzer. Change-Id: I5f459ec46eaff87a69ccdf7de386a671d0944a5a Reviewed-on: https://gerrit.openafs.org/13309 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: PatRiehecky <jcpunk@gmail.com> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
2025-01-18 15:00:12 +00:00 · 2018-09-10 23:47:33 -04:00 · 2018-09-10 23:47:33 -04:00 · da699c8b81
commit da699c8b81
parent 8f314560c9
2 changed files with 2 additions and 44 deletions
--- a/doc/man-pages/pod1/klog.krb5.pod
+++ b/doc/man-pages/pod1/klog.krb5.pod
@ -60,11 +60,6 @@ the following:

 =item *

-The lifetime specified by the issuer with the B<-lifetime> argument if
-that argument was given.
-
-=item *
-
 The maximum ticket lifetime recorded for the C<afs/I<cell>> principal in
 thet Kerberos database.

@ -191,8 +186,7 @@ major problems encountered.

 =item B<-lifetime> <I<ticket lifetime>

-Requests a specific lifetime for the token.  Provide a number of hours and
-optionally minutes and seconds in the format I<hh>[B<:>I<mm>[B<:>I<ss>]].
+This option is not implemented by B<klog.krb5> and has no effect.

 =item B<-setpag>

@ -258,12 +252,6 @@ Corporation's test cell:
   % klog.krb5 -principal admin -cell test.example.com
   Password for admin@EXAMPLE.COM:

-In the following, the issuer requests a ticket lifetime of 104 hours 30
-minutes (4 days 8 hours 30 minutes).
-
-   % klog.krb5 -lifetime 104:30
-   Password for user@EXAMPLE.ORG:
-
 =head1 PRIVILEGE REQUIRED

 None
--- a/src/aklog/klog.c
+++ b/src/aklog/klog.c
@ -126,6 +126,7 @@ main(int argc, char *argv[])
    cmd_AddParm(ts, "-pipe", CMD_FLAG, CMD_OPTIONAL,
 		"read password from stdin");
    cmd_AddParm(ts, "-silent", CMD_FLAG, CMD_OPTIONAL, "silent operation");
+    /* Note: -lifetime is not implemented in this version of klog. */
    cmd_AddParm(ts, "-lifetime", CMD_SINGLE, CMD_OPTIONAL,
 		"ticket lifetime in hh[:mm[:ss]]");
    cmd_AddParm(ts, "-setpag", CMD_FLAG, CMD_OPTIONAL,
@ -358,7 +359,6 @@ CommandProc(struct cmd_syndesc *as, void *arock)
    int authtype;
 #endif
    krb5_data enc_part[1];
-    time_t lifetime;		/* requested ticket lifetime */
    krb5_prompter_fct pf = NULL;
    char *pass = 0;
    void *pa = 0;
@ -508,36 +508,6 @@ CommandProc(struct cmd_syndesc *as, void *arock)
 	pass = passwd;
    }

-    if (as->parms[aLIFETIME].items) {
-	char *life = as->parms[aLIFETIME].items->data;
-	char *sp;		/* string ptr to rest of life */
-	lifetime = 3600 * strtol(life, &sp, 0);	/* hours */
-	if (sp == life) {
-	  bad_lifetime:
-	    if (!Silent)
-		fprintf(stderr, "%s: translating '%s' to lifetime failed\n",
-			rn, life);
-	    return 1;
-	}
-	if (*sp == ':') {
-	    life = sp + 1;	/* skip the colon */
-	    lifetime += 60 * strtol(life, &sp, 0);	/* minutes */
-	    if (sp == life)
-		goto bad_lifetime;
-	    if (*sp == ':') {
-		life = sp + 1;
-		lifetime += strtol(life, &sp, 0);	/* seconds */
-		if (sp == life)
-		    goto bad_lifetime;
-		if (*sp)
-		    goto bad_lifetime;
-	    } else if (*sp)
-		goto bad_lifetime;
-	} else if (*sp)
-	    goto bad_lifetime;
-    } else
-	lifetime = 0;
-
    /* Get the password if it wasn't provided. */
    if (!pass) {
 	if (Pipe) {