Log service princ in KDC more reliably

Under some error conditions, the KDC would log "<unknown server>" for
the service principal because service principal information is not yet
available to the logging functions.  Set the appropriate variables
earlier.

do_as_req.c: After unparsing the client, immediately unparse the
server before searching for the client principal in the KDB.

do_tgs_req.c: Save a pointer to the client-requested service
principal, to make sure it gets logged if an error happens before
search_sprinc() successfully completes.

[tlyu@mit.edu: commit message; fix TGS to catch more error cases]

ticket: 7802
target_version: 1.12.1
tags: pullup

1 files changed, 5 insertions, 0 deletions

diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index c12de2b3e6..5cfe0b64b1 100644
--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -145,6 +145,9 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
     session_key.contents = NULL;
 
     retval = decode_krb5_tgs_req(pkt, &request);
+    /* Save pointer to client-requested service principal, in case of errors
+     * before a successful call to search_sprinc(). */
+    sprinc = request->server;
     if (retval)
         return retval;
     if (request->msg_type != KRB5_TGS_REQ) {
@@ -202,6 +205,8 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
     scratch.data = (char *) pa_tgs_req->contents;
     errcode = kdc_find_fast(&request, &scratch, subkey,
                             header_ticket->enc_part2->session, state, NULL);
+    /* Reset sprinc because kdc_find_fast() can replace request. */
+    sprinc = request->server;
     if (errcode !=0) {
         status = "kdc_find_fast";
         goto cleanup;