diff options
author | Andrew Tridgell <tridge@samba.org> | 2001-10-20 06:50:24 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2001-10-20 06:50:24 +0000 |
commit | 93645be91f7fd12dfee75b6f09dda6799f0ac902 (patch) | |
tree | d002cc9fe37ce3d5dd2ef207bec2bdab23c97854 | |
parent | 9884de2d3b00c560daa68930fb31cec23a0c6d44 (diff) | |
download | samba-93645be91f7fd12dfee75b6f09dda6799f0ac902.tar.gz samba-93645be91f7fd12dfee75b6f09dda6799f0ac902.tar.bz2 samba-93645be91f7fd12dfee75b6f09dda6799f0ac902.zip |
better krb5 error handling (thanks andrewb!)
(This used to be commit fd3a3daef3b8f7140e7006d30d23d739ac3aad2f)
-rw-r--r-- | source3/libsmb/clikrb5.c | 23 | ||||
-rw-r--r-- | source3/smbd/negprot.c | 2 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 7 |
3 files changed, 23 insertions, 9 deletions
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index 51b6e6e8cf..5fef97c571 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -48,15 +48,22 @@ static krb5_error_code krb5_mk_req2(krb5_context context, /* obtain ticket & session key */ memset((char *)&creds, 0, sizeof(creds)); - if ((retval = krb5_copy_principal(context, server, &creds.server))) + if ((retval = krb5_copy_principal(context, server, &creds.server))) { + DEBUG(1,("krb5_copy_principal failed (%s)\n", + error_message(retval))); goto cleanup_princ; + } - if ((retval = krb5_cc_get_principal(context, ccache, &creds.client))) + if ((retval = krb5_cc_get_principal(context, ccache, &creds.client))) { + DEBUG(1,("krb5_cc_get_principal failed (%s)\n", + error_message(retval))); goto cleanup_creds; + } if ((retval = krb5_get_credentials(context, 0, ccache, &creds, &credsp))) { - DEBUG(1,("krb5_get_credentials failed (%d)\n", retval)); + DEBUG(1,("krb5_get_credentials failed (%s)\n", + error_message(retval))); goto cleanup_creds; } @@ -64,7 +71,8 @@ static krb5_error_code krb5_mk_req2(krb5_context context, retval = krb5_mk_req_extended(context, auth_context, ap_req_options, &in_data, credsp, outbuf); if (retval) { - DEBUG(1,("krb5_mk_req_extended failed (%d)\n", retval)); + DEBUG(1,("krb5_mk_req_extended failed (%s)\n", + error_message(retval))); } krb5_free_creds(context, credsp); @@ -92,12 +100,14 @@ DATA_BLOB krb5_get_ticket(char *service, char *realm) retval = krb5_init_context(&context); if (retval) { - DEBUG(1,("krb5_init_context failed\n")); + DEBUG(1,("krb5_init_context failed (%s)\n", + error_message(retval))); goto failed; } if ((retval = krb5_cc_default(context, &ccdef))) { - DEBUG(1,("krb5_cc_default failed\n")); + DEBUG(1,("krb5_cc_default failed (%s)\n", + error_message(retval))); goto failed; } @@ -106,7 +116,6 @@ DATA_BLOB krb5_get_ticket(char *service, char *realm) 0, service, realm, ccdef, &packet))) { - DEBUG(1,("krb5_mk_req2 failed\n")); goto failed; } diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index 678156b528..2eea6fa281 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -163,7 +163,7 @@ static int negprot_spnego(char *p, uint8 cryptkey[8]) DATA_BLOB blob; extern pstring global_myname; uint8 guid[16]; - const char *OIDs[] = {OID_NTLMSSP, + const char *OIDs[] = {OID_NTLMSSP, OID_KERBEROS5_OLD, NULL}; char *principle; diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 0202a247cd..c8bf2a4f94 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -62,12 +62,14 @@ static int reply_spnego_kerberos(connection_struct *conn, ret = krb5_init_context(&context); if (ret) { + DEBUG(1,("krb5_init_context failed (%s)\n", error_message(ret))); return ERROR_NT(NT_STATUS_LOGON_FAILURE); } ret = krb5_build_principal(context, &server, strlen(realm), realm, service, NULL); if (ret) { + DEBUG(1,("krb5_build_principal failed (%s)\n", error_message(ret))); return ERROR_NT(NT_STATUS_LOGON_FAILURE); } @@ -76,12 +78,15 @@ static int reply_spnego_kerberos(connection_struct *conn, if ((ret = krb5_rd_req(context, &auth_context, &packet, server, keytab, NULL, &tkt))) { - DEBUG(3,("krb5_rd_req failed with code %08x\n", ret)); + DEBUG(3,("krb5_rd_req failed (%s)\n", + error_message(ret))); return ERROR_NT(NT_STATUS_LOGON_FAILURE); } if ((ret = krb5_unparse_name(context, tkt->enc_part2->client, &client))) { + DEBUG(3,("krb5_unparse_name failed (%s)\n", + error_message(ret))); return ERROR_NT(NT_STATUS_LOGON_FAILURE); } |