diff options
author | Jeremy Allison <jra@samba.org> | 2004-11-03 02:18:51 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:53:08 -0500 |
commit | 5ee08e89bfc695663f45952c5b7f2fac733ed064 (patch) | |
tree | db78af03ed8a725da216d3c7589d1083628a51be /source3 | |
parent | 3c5173c5f05b20e720b9b88d29e03b88ec8af146 (diff) | |
download | samba-5ee08e89bfc695663f45952c5b7f2fac733ed064.tar.gz samba-5ee08e89bfc695663f45952c5b7f2fac733ed064.tar.bz2 samba-5ee08e89bfc695663f45952c5b7f2fac733ed064.zip |
r3502: Tidy up debugging in kerberos_keytab code.
Jeremy.
(This used to be commit 82651c1b1704d90ca52be1463ee871801c607d3b)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/libads/kerberos_keytab.c | 80 |
1 files changed, 48 insertions, 32 deletions
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index 97374508ab..ec6a8c5078 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -148,7 +148,7 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc) if (ret != KRB5_KT_END && ret != ENOENT ) { DEBUG(3,("ads_keytab_add_entry: Will try to delete old keytab entries\n")); while(!krb5_kt_next_entry(context, keytab, &kt_entry, &cursor)) { - BOOL compare_ok = False; + BOOL compare_name_ok = False; ret = krb5_unparse_name(context, kt_entry.principal, &ktprinc); if (ret) { @@ -166,43 +166,59 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc) */ #ifdef HAVE_KRB5_KT_COMPARE - compare_ok = ((krb5_kt_compare(context, &kt_entry, princ, 0, 0) == True) && (kt_entry.vno != kvno - 1)); + compare_name_ok = (krb5_kt_compare(context, &kt_entry, princ, 0, 0) == True); #else - compare_ok = ((strcmp(ktprinc, princ_s) == 0) && (kt_entry.vno != kvno - 1)); + compare_name_ok = (strcmp(ktprinc, princ_s) == 0); #endif + + if (!compare_name_ok) { + DEBUG(10,("ads_keytab_add_entry: ignoring keytab entry principal %s, kvno = %d\n", + ktprinc, kt_entry.vno)); + } + krb5_free_unparsed_name(context, ktprinc); ktprinc = NULL; - if (compare_ok) { - DEBUG(3,("ads_keytab_add_entry: Found old entry for principal: %s (kvno %d) - trying to remove it.\n", - princ_s, kt_entry.vno)); - ret = krb5_kt_end_seq_get(context, keytab, &cursor); - ZERO_STRUCT(cursor); - if (ret) { - DEBUG(1,("ads_keytab_add_entry: krb5_kt_end_seq_get() failed (%s)\n", - error_message(ret))); - goto out; - } - ret = krb5_kt_remove_entry(context, keytab, &kt_entry); - if (ret) { - DEBUG(1,("ads_keytab_add_entry: krb5_kt_remove_entry failed (%s)\n", - error_message(ret))); - goto out; - } - ret = krb5_kt_start_seq_get(context, keytab, &cursor); - if (ret) { - DEBUG(1,("ads_keytab_add_entry: krb5_kt_start_seq failed (%s)\n", - error_message(ret))); - goto out; - } - ret = smb_krb5_kt_free_entry(context, &kt_entry); - ZERO_STRUCT(kt_entry); - if (ret) { - DEBUG(1,("ads_keytab_add_entry: krb5_kt_remove_entry failed (%s)\n", - error_message(ret))); - goto out; + if (compare_name_ok) { + if (kt_entry.vno == kvno - 1) { + DEBUG(5,("ads_keytab_add_entry: Saving previous (kvno %d) entry for principal: %s.\n", + kvno - 1, princ_s)); + } else { + + DEBUG(5,("ads_keytab_add_entry: Found old entry for principal: %s (kvno %d) - trying to remove it.\n", + princ_s, kt_entry.vno)); + ret = krb5_kt_end_seq_get(context, keytab, &cursor); + ZERO_STRUCT(cursor); + if (ret) { + DEBUG(1,("ads_keytab_add_entry: krb5_kt_end_seq_get() failed (%s)\n", + error_message(ret))); + goto out; + } + ret = krb5_kt_remove_entry(context, keytab, &kt_entry); + if (ret) { + DEBUG(1,("ads_keytab_add_entry: krb5_kt_remove_entry failed (%s)\n", + error_message(ret))); + goto out; + } + + DEBUG(5,("ads_keytab_add_entry: removed old entry for principal: %s (kvno %d).\n", + princ_s, kt_entry.vno)); + + ret = krb5_kt_start_seq_get(context, keytab, &cursor); + if (ret) { + DEBUG(1,("ads_keytab_add_entry: krb5_kt_start_seq failed (%s)\n", + error_message(ret))); + goto out; + } + ret = smb_krb5_kt_free_entry(context, &kt_entry); + ZERO_STRUCT(kt_entry); + if (ret) { + DEBUG(1,("ads_keytab_add_entry: krb5_kt_remove_entry failed (%s)\n", + error_message(ret))); + goto out; + } + continue; } - continue; } /* Not a match, just free this entry and continue. */ |