summaryrefslogtreecommitdiff
path: root/source4/heimdal/kdc
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal/kdc')
-rw-r--r--source4/heimdal/kdc/kerberos5.c34
1 files changed, 28 insertions, 6 deletions
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c
index a1a607329a..3577a14e5f 100644
--- a/source4/heimdal/kdc/kerberos5.c
+++ b/source4/heimdal/kdc/kerberos5.c
@@ -661,21 +661,32 @@ _kdc_check_flags(krb5_context context,
}
if (client->valid_start && *client->valid_start > kdc_time) {
+ char starttime_str[100];
+ krb5_format_time(context, *client->valid_start,
+ starttime_str, sizeof(starttime_str), TRUE);
kdc_log(context, config, 0,
- "Client not yet valid -- %s", client_name);
+ "Client not yet valid until %s -- %s",
+ starttime_str,
+ client_name);
return KRB5KDC_ERR_CLIENT_NOTYET;
}
if (client->valid_end && *client->valid_end < kdc_time) {
+ char endtime_str[100];
+ krb5_format_time(context, *client->valid_end,
+ endtime_str, sizeof(endtime_str), TRUE);
kdc_log(context, config, 0,
- "Client expired -- %s", client_name);
+ "Client expired at %s -- %s", endtime_str, client_name);
return KRB5KDC_ERR_NAME_EXP;
}
if (client->pw_end && *client->pw_end < kdc_time
&& !server->flags.change_pw) {
+ char pwend_str[100];
+ krb5_format_time(context, *client->pw_end,
+ pwend_str, sizeof(pwend_str), TRUE);
kdc_log(context, config, 0,
- "Client's key has expired -- %s", client_name);
+ "Client's key has expired at %s -- %s", pwend_str, client_name);
return KRB5KDC_ERR_KEY_EXPIRED;
}
}
@@ -702,20 +713,31 @@ _kdc_check_flags(krb5_context context,
}
if (server->valid_start && *server->valid_start > kdc_time) {
+ char starttime_str[100];
+ krb5_format_time(context, *server->valid_start,
+ starttime_str, sizeof(starttime_str), TRUE);
kdc_log(context, config, 0,
- "Server not yet valid -- %s", server_name);
+ "Server not yet valid until %s -- %s", server_name);
return KRB5KDC_ERR_SERVICE_NOTYET;
}
if (server->valid_end && *server->valid_end < kdc_time) {
+ char endtime_str[100];
+ krb5_format_time(context, *server->valid_end,
+ endtime_str, sizeof(endtime_str), TRUE);
kdc_log(context, config, 0,
- "Server expired -- %s", server_name);
+ "Server expired at %s -- %s",
+ endtime_str, server_name);
return KRB5KDC_ERR_SERVICE_EXP;
}
if (server->pw_end && *server->pw_end < kdc_time) {
+ char pwend_str[100];
+ krb5_format_time(context, *server->pw_end,
+ pwend_str, sizeof(pwend_str), TRUE);
kdc_log(context, config, 0,
- "Server's key has expired -- %s", server_name);
+ "Server's key has expired at -- %s",
+ pwend_str, server_name);
return KRB5KDC_ERR_KEY_EXPIRED;
}
}