better krb5 error handling (thanks andrewb!)

(This used to be commit fd3a3daef3b8f7140e7006d30d23d739ac3aad2f)

diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c
index 51b6e6e8cf7f85a785ed16f6e6fc402c015a3bac..5fef97c5713026757f5df9ab8d8761fb6d48671a 100644 (file)
--- a/source3/libsmb/clikrb5.c
+++ b/source3/libsmb/clikrb5.c
@@ -48,15 +48,22 @@ static krb5_error_code krb5_mk_req2(krb5_context context,
        
        /* obtain ticket & session key */
        memset((char *)&creds, 0, sizeof(creds));
-       if ((retval = krb5_copy_principal(context, server, &creds.server)))
+       if ((retval = krb5_copy_principal(context, server, &creds.server))) {
+               DEBUG(1,("krb5_copy_principal failed (%s)\n", 
+                        error_message(retval)));
                goto cleanup_princ;
+       }
        
-       if ((retval = krb5_cc_get_principal(context, ccache, &creds.client)))
+       if ((retval = krb5_cc_get_principal(context, ccache, &creds.client))) {
+               DEBUG(1,("krb5_cc_get_principal failed (%s)\n", 
+                        error_message(retval)));
                goto cleanup_creds;
+       }
 
        if ((retval = krb5_get_credentials(context, 0,
                                           ccache, &creds, &credsp))) {
-               DEBUG(1,("krb5_get_credentials failed (%d)\n", retval));
+               DEBUG(1,("krb5_get_credentials failed (%s)\n", 
+                        error_message(retval)));
                goto cleanup_creds;
        }
 
@@ -64,7 +71,8 @@ static krb5_error_code krb5_mk_req2(krb5_context context,
        retval = krb5_mk_req_extended(context, auth_context, ap_req_options, 
                                      &in_data, credsp, outbuf);
        if (retval) {
-               DEBUG(1,("krb5_mk_req_extended failed (%d)\n", retval));
+               DEBUG(1,("krb5_mk_req_extended failed (%s)\n", 
+                        error_message(retval)));
        }
        
        krb5_free_creds(context, credsp);
@@ -92,12 +100,14 @@ DATA_BLOB krb5_get_ticket(char *service, char *realm)
 
        retval = krb5_init_context(&context);
        if (retval) {
-               DEBUG(1,("krb5_init_context failed\n"));
+               DEBUG(1,("krb5_init_context failed (%s)\n", 
+                        error_message(retval)));
                goto failed;
        }
 
        if ((retval = krb5_cc_default(context, &ccdef))) {
-               DEBUG(1,("krb5_cc_default failed\n"));
+               DEBUG(1,("krb5_cc_default failed (%s)\n",
+                        error_message(retval)));
                goto failed;
        }
 
@@ -106,7 +116,6 @@ DATA_BLOB krb5_get_ticket(char *service, char *realm)
                                   0, 
                                   service, realm,
                                   ccdef, &packet))) {
-               DEBUG(1,("krb5_mk_req2 failed\n"));
                goto failed;
        }
 

diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 678156b528e5ebb95a4c96040a0b795c5f0ac748..2eea6fa28113b8cb885ade65aaee7a3483634ad5 100644 (file)
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -163,7 +163,7 @@ static int negprot_spnego(char *p, uint8 cryptkey[8])
        DATA_BLOB blob;
        extern pstring global_myname;
        uint8 guid[16];
-       const char *OIDs[] = {OID_NTLMSSP, 
+       const char *OIDs[] = {OID_NTLMSSP,
                              OID_KERBEROS5_OLD,
                              NULL};
        char *principle;

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 0202a247cdc40e020d00b768cc30ed2d18d3739c..c8bf2a4f94fd29e20e4b74f5baee98fbc7f76013 100644 (file)
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -62,12 +62,14 @@ static int reply_spnego_kerberos(connection_struct *conn,
 
        ret = krb5_init_context(&context);
        if (ret) {
+               DEBUG(1,("krb5_init_context failed (%s)\n", error_message(ret)));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
        ret = krb5_build_principal(context, &server, strlen(realm),
                                   realm, service, NULL);
        if (ret) {
+               DEBUG(1,("krb5_build_principal failed (%s)\n", error_message(ret)));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
@@ -76,12 +78,15 @@ static int reply_spnego_kerberos(connection_struct *conn,
 
        if ((ret = krb5_rd_req(context, &auth_context, &packet, 
                                       server, keytab, NULL, &tkt))) {
-               DEBUG(3,("krb5_rd_req failed with code %08x\n", ret));
+               DEBUG(3,("krb5_rd_req failed (%s)\n", 
+                        error_message(ret)));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
        if ((ret = krb5_unparse_name(context, tkt->enc_part2->client,
                                     &client))) {
+               DEBUG(3,("krb5_unparse_name failed (%s)\n", 
+                        error_message(ret)));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }