Initial enhanced error message support, similar to what I sent to

krbdev except for some function renaming (krb5_free_error was already in use, so added _message to everything), and the context is allowed to be NULL (in which case we fall back to error_message() and storing no strings) to simplify some code. Low-level routines in the support library, using a private data structure; higher-level routines in libkrb5, using a krb5_context. Added error info strings to the KRB_ERR_GENERIC case in gc_via_tkt.c and the python sample service location plugin. Added code to kinit and kvno to look up and display the strings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17776 dc483132-0cff-0310-8789-dd5450dbe970
author: Ken Raeburn <raeburn@mit.edu> 2006-03-26 20:55:59 +0000
committer: Ken Raeburn <raeburn@mit.edu> 2006-03-26 20:55:59 +0000
commit: b5a541c640dfedda7480332f4838e30f0a9e1770 (patch)
tree: b5182550f1c3fb475c3b71d15f4944fbcc16c4bb /src/lib
parent: 976289e5db9426efb6aa56cf0c97b89b4e30d1b4 (diff)
download: krb5-b5a541c640dfedda7480332f4838e30f0a9e1770.tar.gz
krb5-b5a541c640dfedda7480332f4838e30f0a9e1770.tar.xz
krb5-b5a541c640dfedda7480332f4838e30f0a9e1770.zip
7 files changed, 103 insertions, 1 deletions
diff --git a/src/lib/krb5/ChangeLog b/src/lib/krb5/ChangeLog
index f7849aea51..6cfd3e644c 100644
--- a/src/lib/krb5/ChangeLog
+++ b/src/lib/krb5/ChangeLog
@@ -1,3 +1,10 @@
+2006-03-26  Ken Raeburn  <raeburn@mit.edu>
+
+	* krb5_libinit.c (krb5int_lib_init): Register callback function
+	for lower-level error-info support routines.
+	(krb5int_lib_fini): Clear the callback function.
+	* libkrb5.exports: Export new error-message functions.
+
 2005-11-14  Jeffrey Altman <jaltman@mit.edu>
 
 	* krb5_libinit.c: include k5-int.h instead of krb5.h
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index ba3211c4cf..4b5062d950 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,11 @@
+2006-03-26  Ken Raeburn  <raeburn@mit.edu>
+
+	* kerrs.c: New file.
+	* Makefile.in (SRCS, OBJS, STLIBOBJS): Add it.
+
+	* gc_via_tkt.c (krb5_get_cred_via_tkt): If the KDC returns
+	KRB_ERR_GENERIC, store the e-text field as the error message.
+
 2006-03-13  Ken Raeburn  <raeburn@mit.edu>
 
 	* Makefile.in (check-unix): Use RUN_SETUP for t_deltat.
diff --git a/src/lib/krb5/krb/Makefile.in b/src/lib/krb5/krb/Makefile.in
index 05249cabb6..2a3d09de6e 100644
--- a/src/lib/krb5/krb/Makefile.in
+++ b/src/lib/krb5/krb/Makefile.in
@@ -55,6 +55,7 @@ STLIBOBJS= \
 	init_ctx.o	\
 	init_keyblock.o \
 	kdc_rep_dc.o	\
+	kerrs.o		\
 	kfree.o		\
 	mk_cred.o	\
 	mk_error.o	\
@@ -140,7 +141,8 @@ OBJS=	$(OUTPRE)addr_comp.$(OBJEXT)	\
 	$(OUTPRE)init_ctx.$(OBJEXT)	\
 	$(OUTPRE)init_keyblock.$(OBJEXT) \
 	$(OUTPRE)kdc_rep_dc.$(OBJEXT)	\
-	$(OUTPRE)kfree.$(OBJEXT)		\
+	$(OUTPRE)kerrs.$(OBJEXT)		\
+	$(OUTPRE)kfree.$(OBJEXT)	\
 	$(OUTPRE)mk_cred.$(OBJEXT)	\
 	$(OUTPRE)mk_error.$(OBJEXT)	\
 	$(OUTPRE)mk_priv.$(OBJEXT)	\
@@ -226,6 +228,7 @@ SRCS=	$(srcdir)/addr_comp.c	\
 	$(srcdir)/init_ctx.c	\
 	$(srcdir)/init_keyblock.c \
 	$(srcdir)/kdc_rep_dc.c	\
+	$(srcdir)/kerrs.c	\
 	$(srcdir)/kfree.c	\
 	$(srcdir)/mk_cred.c	\
 	$(srcdir)/mk_error.c	\
diff --git a/src/lib/krb5/krb/gc_via_tkt.c b/src/lib/krb5/krb/gc_via_tkt.c
index 1008d1f929..a1ed6e90d2 100644
--- a/src/lib/krb5/krb/gc_via_tkt.c
+++ b/src/lib/krb5/krb/gc_via_tkt.c
@@ -171,6 +171,33 @@ krb5_get_cred_via_tkt (krb5_context context, krb5_creds *tkt,
 	    goto error_4;
 
 	retval = (krb5_error_code) err_reply->error + ERROR_TABLE_BASE_krb5;
+	if (err_reply->text.length > 0) {
+	    const char *m;
+	    switch (err_reply->error) {
+	    case KRB_ERR_GENERIC:
+		krb5_set_error_message(context, retval,
+				       "KDC returned error string: %s",
+				       err_reply->text.data);
+		break;
+	    default:
+#if 0 /* We should stop the KDC from sending back this text, because
+	 if the local language doesn't match the KDC's language, we'd
+	 just wind up printing out the error message in two languages.
+	 Well, when we get some localization.  Which is already
+	 happening in KfM.  */
+		m = error_message(retval);
+		/* Special case: MIT KDC may return this same string
+		   in the e-text field.  */
+		if (strlen (m) == err_reply->text.length-1
+		    && !strcmp(m, err_reply->text.data))
+		    break;
+		krb5_set_error_message(context, retval,
+				       "%s (KDC supplied additional data: %s)",
+				       m, err_reply->text.data);
+#endif
+		break;
+	    }
+	}
 
 	krb5_free_error(context, err_reply);
 	goto error_4;
diff --git a/src/lib/krb5/krb/kerrs.c b/src/lib/krb5/krb/kerrs.c
new file mode 100644
index 0000000000..8439e23279
--- /dev/null
+++ b/src/lib/krb5/krb/kerrs.c
@@ -0,0 +1,48 @@
+/* foo */
+#include <stdarg.h>
+#include "k5-int.h"
+
+void
+krb5_set_error_message (krb5_context ctx, krb5_error_code code,
+			const char *fmt, ...)
+{
+    va_list args;
+    if (ctx == NULL)
+	return;
+    va_start (args, fmt);
+    krb5int_vset_error (&ctx->err, code, fmt, args);
+    va_end (args);
+}
+
+void
+krb5_vset_error_message (krb5_context ctx, krb5_error_code code,
+			 const char *fmt, va_list args)
+{
+    if (ctx == NULL)
+	return;
+    krb5int_vset_error (&ctx->err, code, fmt, args);
+}
+
+char *
+krb5_get_error_message (krb5_context ctx, krb5_error_code code)
+{
+    if (ctx == NULL)
+	return error_message(code);
+    return krb5int_get_error (&ctx->err, code);
+}
+
+void
+krb5_free_error_message (krb5_context ctx, char *msg)
+{
+    if (ctx == NULL)
+	return;
+    krb5int_free_error (&ctx->err, msg);
+}
+
+void
+krb5_clear_error_message (krb5_context ctx)
+{
+    if (ctx == NULL)
+	return;
+    krb5int_clear_error (&ctx->err);
+}
diff --git a/src/lib/krb5/krb5_libinit.c b/src/lib/krb5/krb5_libinit.c
index 6771776cec..fce97ffb2e 100644
--- a/src/lib/krb5/krb5_libinit.c
+++ b/src/lib/krb5/krb5_libinit.c
@@ -31,6 +31,8 @@ int krb5int_lib_init(void)
 {
     int err;
 
+    krb5int_set_error_info_callout_fn (error_message);
+
 #ifdef SHOW_INITFINI_FUNCS
     printf("krb5int_lib_init\n");
 #endif
@@ -55,6 +57,7 @@ int krb5int_lib_init(void)
     err = k5_mutex_finish_init(&krb5int_us_time_mutex);
     if (err)
 	return err;
+
     return 0;
 }
 
@@ -98,6 +101,7 @@ void krb5int_lib_fini(void)
     remove_error_table(&et_asn1_error_table);
     remove_error_table(&et_k524_error_table);
 #endif
+    krb5int_set_error_info_callout_fn (0);
 }
 
 /* Still exists because it went into the export list on Windows.  But
diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports
index f16b45cf80..8831bf7815 100644
--- a/src/lib/krb5/libkrb5.exports
+++ b/src/lib/krb5/libkrb5.exports
@@ -726,3 +726,8 @@ profile_update_file_data
 profile_update_relation
 profile_verify_node
 profile_write_tree_file
+krb5_set_error_message
+krb5_vset_error_message
+krb5_get_error_message
+krb5_free_error_message
+krb5_clear_error_message
author	Ken Raeburn <raeburn@mit.edu>	2006-03-26 20:55:59 +0000
committer	Ken Raeburn <raeburn@mit.edu>	2006-03-26 20:55:59 +0000
commit	b5a541c640dfedda7480332f4838e30f0a9e1770 (patch)
tree	b5182550f1c3fb475c3b71d15f4944fbcc16c4bb /src/lib
parent	976289e5db9426efb6aa56cf0c97b89b4e30d1b4 (diff)
download	krb5-b5a541c640dfedda7480332f4838e30f0a9e1770.tar.gz krb5-b5a541c640dfedda7480332f4838e30f0a9e1770.tar.xz krb5-b5a541c640dfedda7480332f4838e30f0a9e1770.zip