diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2012-04-04 06:33:11 -0700 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-04-05 15:21:34 -0700 |
| commit | c87a579a23b27e65ae956bc42cf0a247f2ca0baf (patch) | |
| tree | 71756a8a898322d4e55d96e820e07d9ab5d55fce /src/util | |
| parent | 4ddfec6b995d6673dad93cf3dd849550dde1594c (diff) | |
| download | sssd-c87a579a23b27e65ae956bc42cf0a247f2ca0baf.tar.gz sssd-c87a579a23b27e65ae956bc42cf0a247f2ca0baf.tar.xz sssd-c87a579a23b27e65ae956bc42cf0a247f2ca0baf.zip | |
Clean up log messages about keytab_name
There were many places where we were printing (null) to the logs
because a NULL keytab name tells libkrb5 to use its configured
default instead of a particular path. This patch should clean up
all uses of this to print "default" in the logs.
https://fedorahosted.org/sssd/ticket/1288
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/sss_krb5.c | 30 | ||||
| -rw-r--r-- | src/util/sss_krb5.h | 2 |
2 files changed, 21 insertions, 11 deletions
diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c index 73bd5b8e9..a38a0c1bd 100644 --- a/src/util/sss_krb5.c +++ b/src/util/sss_krb5.c @@ -78,8 +78,10 @@ errno_t select_principal_from_keytab(TALLOC_CTX *mem_ctx, kerr = krb5_kt_default(krb_ctx, &keytab); } if (kerr) { - DEBUG(0, ("Failed to read keytab file: %s\n", - sss_krb5_get_error_message(krb_ctx, kerr))); + DEBUG(SSSDBG_FATAL_FAILURE, + ("Failed to read keytab [%s]: %s\n", + KEYTAB_CLEAN_NAME, + sss_krb5_get_error_message(krb_ctx, kerr))); ret = EFAULT; goto done; } @@ -231,8 +233,10 @@ int sss_krb5_verify_keytab(const char *principal, } if (krberr) { - DEBUG(0, ("Failed to read keytab file: %s\n", - sss_krb5_get_error_message(context, krberr))); + DEBUG(SSSDBG_FATAL_FAILURE, + ("Failed to read keytab file: %s\n", + KEYTAB_CLEAN_NAME, + sss_krb5_get_error_message(context, krberr))); ret = EFAULT; goto done; } @@ -309,11 +313,13 @@ int sss_krb5_verify_keytab_ex(const char *principal, const char *keytab_name, krberr = krb5_kt_start_seq_get(context, keytab, &cursor); if (krberr) { - DEBUG(0, ("Cannot read keytab [%s].\n", keytab_name)); + DEBUG(SSSDBG_FATAL_FAILURE, + ("Cannot read keytab [%s].\n", KEYTAB_CLEAN_NAME)); sss_log(SSS_LOG_ERR, "Error reading keytab file [%s]: [%d][%s]. " - "Unable to create GSSAPI-encrypted LDAP connection.", - keytab_name, krberr, + "Unable to create GSSAPI-encrypted LDAP " + "connection.", + KEYTAB_CLEAN_NAME, krberr, sss_krb5_get_error_message(context, krberr)); return EIO; @@ -344,17 +350,19 @@ int sss_krb5_verify_keytab_ex(const char *principal, const char *keytab_name, if (krberr) { DEBUG(0, ("Could not close keytab.\n")); sss_log(SSS_LOG_ERR, "Could not close keytab file [%s].", - keytab_name); + KEYTAB_CLEAN_NAME); return EIO; } if (!found) { - DEBUG(0, ("Principal [%s] not found in keytab [%s]\n", - principal, keytab_name ? keytab_name : "default")); + DEBUG(SSSDBG_FATAL_FAILURE, + ("Principal [%s] not found in keytab [%s]\n", + principal, + KEYTAB_CLEAN_NAME)); sss_log(SSS_LOG_ERR, "Error processing keytab file [%s]: " "Principal [%s] was not found. " "Unable to create GSSAPI-encrypted LDAP connection.", - keytab_name, principal); + KEYTAB_CLEAN_NAME, principal); return EFAULT; } diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h index 52e6c5d48..50c4b696f 100644 --- a/src/util/sss_krb5.h +++ b/src/util/sss_krb5.h @@ -34,6 +34,8 @@ #include "util/util.h" +#define KEYTAB_CLEAN_NAME keytab_name ? keytab_name : "default" + const char * KRB5_CALLCONV sss_krb5_get_error_message (krb5_context, krb5_error_code); |