From: Ales L. <ale...@re...> - 2013-01-15 12:30:06
|
inline(/tail) ----- Original Message ----- > From: "Zdenek Styblik" <zde...@gm...> > To: "Ales Ledvinka" <ale...@re...> ...snip... > There are two issues with your patch. The first is, as you correctly > pointed out, missing kgkey. The second one is user won't be asked > about password if, eg. '-P foo' comes in the last, because you're > setting 'querypass' variable to zero at places where you shouldn't. > Unless, of course, that's on purpose. But later about this one. ...snip... > And don't forget you must ask password/key no matter what. You know, > backwards compatibility is a two way street. A bit ironic, isn't it? > It seems to me to fix this properly, so called "backwards > compatibility" has to be broken. This seems to be related. By already changing ask twice or more to ask once regardless of used/ignored it's already changing it's interface. Though I do not expect anyone to be really using the ask more then once feature. The "do not ask" if ignored part is intentional in the very first patch is not that much conservative. I looks like a bug since no matter what the value is ignored. Similar case would be -A NONE and asking for password when the code ignores it. The password arguments are: -f -E -P -a The password is used in ipmi_main, ipmi_lanp, ipmi_user plugins/ipmi_intf.c plugins/lan/lan.c plugins/lan/auth.c The variable from main is copied to intf. There is cleanup for -A NONE in ipmi_intf. The lanp sets the intf password too from the lan set value. The user does a lot of password but nothing relevant besides another place of interactive password input. The lan checks in the auth capabilities/password presence combinations. The auth is really a comment only. So I do not really see where is the: "at places where you shouldn't" Except that was related to the above backwards compatibility and concern of misleading ignored user input. And I expect to find similar for the kgkey arguments: -k -K -y -Y |