handle comments at end of lines in krb5.conf (#302)

* krb5 conf ignore trailing comments
jcmturner · Jun 15, 2019 · 8ba8e51 · 8ba8e51
1 parent a0a3d30
commit 8ba8e51
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 12 deletions.
diff --git a/config/krb5conf.go b/config/krb5conf.go
@@ -119,6 +119,10 @@ func newLibDefaults() LibDefaults {
 // Parse the lines of the [libdefaults] section of the configuration into the LibDefaults struct.
 func (l *LibDefaults) parseLines(lines []string) error {
 	for _, line := range lines {
+		//Remove comments after the values
+		if idx := strings.IndexAny(line, "#;"); idx != -1 {
+			line = line[:idx]
+		}
 		line = strings.TrimSpace(line)
 		if line == "" {
 			continue
@@ -333,6 +337,10 @@ func (r *Realm) parseLines(name string, lines []string) (err error) {
 		if ignore && c > 0 && !strings.Contains(line, "{") && !strings.Contains(line, "}") {
 			continue
 		}
+		//Remove comments after the values
+		if idx := strings.IndexAny(line, "#;"); idx != -1 {
+			line = line[:idx]
+		}
 		line = strings.TrimSpace(line)
 		if line == "" {
 			continue
@@ -407,6 +415,10 @@ func parseRealms(lines []string) (realms []Realm, err error) {
 	var start int
 	var c int
 	for i, l := range lines {
+		//Remove comments after the values
+		if idx := strings.IndexAny(l, "#;"); idx != -1 {
+			l = l[:idx]
+		}
 		l = strings.TrimSpace(l)
 		if l == "" {
 			continue
@@ -454,6 +466,10 @@ type DomainRealm map[string]string
 // Parse the lines of the [domain_realm] section of the configuration and add to the mapping.
 func (d *DomainRealm) parseLines(lines []string) error {
 	for _, line := range lines {
+		//Remove comments after the values
+		if idx := strings.IndexAny(line, "#;"); idx != -1 {
+			line = line[:idx]
+		}
 		if strings.TrimSpace(line) == "" {
 			continue
 		}

diff --git a/config/krb5conf_test.go b/config/krb5conf_test.go
@@ -17,32 +17,32 @@ const (
  admin_server = FILE:/var/log/kerberos/kadmind.log
 
 [libdefaults]
- default_realm = TEST.GOKRB5
+ default_realm = TEST.GOKRB5 ; comment to be ignored
  dns_lookup_realm = false
 
  dns_lookup_kdc = false
  #dns_lookup_kdc = true
  ;dns_lookup_kdc = true
 #dns_lookup_kdc = true
 ;dns_lookup_kdc = true
- ticket_lifetime = 10h
+ ticket_lifetime = 10h ;comment to be ignored
- forwardable = yes
+ forwardable = yes #comment to be ignored
  default_keytab_name = FILE:/etc/krb5.keytab
 
  default_client_keytab_name = FILE:/home/gokrb5/client.keytab
- default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
+ default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 # comment to be ignored
 
 
 [realms]
  TEST.GOKRB5 = {
-  kdc = 10.80.88.88:88
+  kdc = 10.80.88.88:88 #comment to be ignored
-  kdc = assume.port.num
+  kdc = assume.port.num ;comment to be ignored
-  kdc = some.other.port:1234
+  kdc = some.other.port:1234 # comment to be ignored
 
   kdc = 10.80.88.88*
   kdc = 10.1.2.3.4:88
 
-  admin_server = 10.80.88.88:749
+  admin_server = 10.80.88.88:749 ; comment to be ignored
   default_domain = test.gokrb5
  }
  EXAMPLE.COM = {
@@ -58,12 +58,12 @@ const (
 
 
 [domain_realm]
- .test.gokrb5 = TEST.GOKRB5
+ .test.gokrb5 = TEST.GOKRB5 #comment to be ignored
 
- test.gokrb5 = TEST.GOKRB5
+ test.gokrb5 = TEST.GOKRB5 ;comment to be ignored
  
-  .example.com = EXAMPLE.COM
+  .example.com = EXAMPLE.COM # comment to be ignored
- hostname1.example.com = EXAMPLE.COM
+ hostname1.example.com = EXAMPLE.COM ; comment to be ignored
  hostname2.example.com = TEST.GOKRB5
  .testlowercase.org = lowercase.org