Index: client/client.c
===================================================================
--- client/client.c	(revision 21918)
+++ client/client.c	(working copy)
@@ -3847,6 +3847,8 @@
 	char *p;
 	int rc = 0;
 	fstring new_workgroup;
+	BOOL tar_opt = False;
+	BOOL service_opt = False;
 	struct poptOption long_options[] = {
 		POPT_AUTOHELP
 
@@ -3899,7 +3901,42 @@
 
 	in_client = True;   /* Make sure that we tell lp_load we are */
 
-	while ((opt = poptGetNextOpt(pc)) != -1) {
+	/* let's fetch the first opt, this will fetch also arg0 (program name) which we will skip
+	 * and eventually the service and the password */
+	opt = poptGetNextOpt(pc);
+
+	/* skip argv 0, (program name) */
+	poptGetArg(pc);
+
+	do {
+		/* this check is needed to insure that the -T tar option is forcibly the last one */
+		/* I see no other way to keep things sane --SSS */
+		if (tar_opt == True) {
+			d_printf("ERROR: the tar option -T MUST be the last option specified on the command line\n");
+			poptPrintUsage(pc, stderr, 0);
+			exit(-1);
+		}
+
+		/* if the service has not yet been specified lets see if it is available in the popt stack */
+		if (!service_opt && poptPeekArg(pc)) {
+			pstrcpy(service, poptGetArg(pc));
+			/* Convert any '/' characters in the service name to '\' characters */
+			string_replace(service, '/','\\');
+
+			if (count_chars(service,'\\') < 3) {
+				d_printf("\n%s: Not enough '\\' characters in service\n",service);
+				poptPrintUsage(pc, stderr, 0);
+				exit(1);
+			}
+			service_opt = True;
+		}
+
+		/* if the service has already been retrieved then check if we have also a password */
+		if (service_opt && (!cmdline_auth_info.got_pass) && poptPeekArg(pc)) {
+			pstrcpy(cmdline_auth_info.password, poptGetArg(pc));
+			cmdline_auth_info.got_pass = True;
+		}
+	
 		switch (opt) {
 		case 'M':
 			/* Messages are sent to NetBIOS name type 0x3
@@ -3954,13 +3991,9 @@
 					poptPrintUsage(pc, stderr, 0);
 					exit(1);
 				}
-				/* Now we must eat (optnum - i) options - they have
-				 * been processed by tar_parseargs().
-				 */
-				optnum -= i;
-				for (i = 0; i < optnum; i++)
-					poptGetOptArg(pc);
 			}
+			/* this must be the last option, mark we have parsed it so that we know we have */
+			tar_opt = True;
 			break;
 		case 'D':
 			pstrcpy(base_directory,poptGetOptArg(pc));
@@ -3969,10 +4002,8 @@
 			grepable=True;
 			break;
 		}
-	}
+	} while ((opt = poptGetNextOpt(pc)) != -1); 
 
-	poptGetArg(pc);
-
 	/* check for the -P option */
 
 	if ( port != 0 )
@@ -4011,23 +4042,6 @@
 	else
 		pstrcpy( calling_name, global_myname() );
 
-	if(poptPeekArg(pc)) {
-		pstrcpy(service,poptGetArg(pc));  
-		/* Convert any '/' characters in the service name to '\' characters */
-		string_replace(service, '/','\\');
-
-		if (count_chars(service,'\\') < 3) {
-			d_printf("\n%s: Not enough '\\' characters in service\n",service);
-			poptPrintUsage(pc, stderr, 0);
-			exit(1);
-		}
-	}
-
-	if (poptPeekArg(pc) && !cmdline_auth_info.got_pass) { 
-		cmdline_auth_info.got_pass = True;
-		pstrcpy(cmdline_auth_info.password,poptGetArg(pc));  
-	}
-
 	init_names();
 
 	if(new_name_resolve_order)