diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2007-07-04 05:46:24 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2007-07-04 05:46:24 +0000 |
| commit | fcdd2de143971b0f020531479ad18f57874aef30 (patch) | |
| tree | 8bec355041d9241b90822a13548ca2ec45a9a884 /src/lib/gssapi/krb5/k5unseal.c | |
| parent | e0845c95210ca7cf4a03be23b034a2f29fc078c6 (diff) | |
| download | krb5-fcdd2de143971b0f020531479ad18f57874aef30.tar.gz krb5-fcdd2de143971b0f020531479ad18f57874aef30.tar.xz krb5-fcdd2de143971b0f020531479ad18f57874aef30.zip | |
gss krb5 mech enhanced error messages
Save detailed error messages (usually from the krb5 library) in
per-thread storage, mapping each error code to the most recently
produced message for it. Return the message from display_status.
Currently not implemented for a few cases where the krb5 mechanism
returns a minor status code of 0, or another value different from the
libkrb5 error code.
Other functions are available to store a generic string or formatted
message, but aren't used much at present.
Tested with these errors in context establishment:
* missing ccache (libkrb5 shows pathname if FILE: type)
* missing keytab (libkrb5 shows pathname if FILE: type)
* server principal unknown (libkrb5 shows server principal)
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19672 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi/krb5/k5unseal.c')
| -rw-r--r-- | src/lib/gssapi/krb5/k5unseal.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c index 8c999868ef..72afb45763 100644 --- a/src/lib/gssapi/krb5/k5unseal.c +++ b/src/lib/gssapi/krb5/k5unseal.c @@ -1,5 +1,5 @@ /* - * Copyright 2001 by the Massachusetts Institute of Technology. + * Copyright 2001, 2007 by the Massachusetts Institute of Technology. * Copyright 1993 by OpenVision Technologies, Inc. * * Permission to use, copy, modify, distribute, and sell this software @@ -493,6 +493,7 @@ kg_unseal(minor_status, context_handle, input_token_buffer, unsigned int bodysize; int err; int toktype2; + OM_uint32 ret; /* validate the context handle */ if (! kg_validate_ctx_id(context_handle)) { @@ -540,11 +541,14 @@ kg_unseal(minor_status, context_handle, input_token_buffer, } if (ctx->proto == 0) - return kg_unseal_v1(ctx->k5_context, minor_status, ctx, ptr, bodysize, - message_buffer, conf_state, qop_state, - toktype); + ret = kg_unseal_v1(ctx->k5_context, minor_status, ctx, ptr, bodysize, + message_buffer, conf_state, qop_state, + toktype); else - return gss_krb5int_unseal_token_v3(&ctx->k5_context, minor_status, ctx, - ptr, bodysize, message_buffer, - conf_state, qop_state, toktype); + ret = gss_krb5int_unseal_token_v3(&ctx->k5_context, minor_status, ctx, + ptr, bodysize, message_buffer, + conf_state, qop_state, toktype); + if (ret != 0) + save_error_info (*minor_status, ctx->k5_context); + return ret; } |