diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-11-11 14:04:30 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-10 14:32:51 +0100 |
commit | 429d51ec39193dd1681cef2c8eafd74595142a48 (patch) | |
tree | 9af51515164c6b666eecb8c72e7c757687a1b45b /src | |
parent | 76faa85577e4f715af3b61ec01f522587ca30304 (diff) | |
download | sssd-429d51ec39193dd1681cef2c8eafd74595142a48.tar.gz sssd-429d51ec39193dd1681cef2c8eafd74595142a48.tar.xz sssd-429d51ec39193dd1681cef2c8eafd74595142a48.zip |
KRB5: More debugging for create_ccache()
It was difficult to find where the problem was without advanced
techniques like strace.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/krb5/krb5_child.c | 54 |
1 files changed, 41 insertions, 13 deletions
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 8b3f10d82..6c690145d 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -556,7 +556,9 @@ static errno_t handle_randomized(char *in) umask(old_umask); if (fd == -1) { ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, "mkstemp(\"%s\") failed!\n", ccname); + DEBUG(SSSDBG_CRIT_FAILURE, + "mkstemp(\"%s\") failed [%d]: %s!\n", + ccname, ret, strerror(ret)); return ret; } } @@ -592,43 +594,73 @@ static krb5_error_code create_ccache(char *ccname, krb5_creds *creds) } kerr = handle_randomized(ccname); - if (kerr) goto done; + if (kerr) { + DEBUG(SSSDBG_CRIT_FAILURE, "handle_randomized failed: %d\n", kerr); + goto done; + } kerr = krb5_cc_resolve(kctx, ccname, &kcc); - if (kerr) goto done; + if (kerr) { + KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); + goto done; + } type = krb5_cc_get_type(kctx, kcc); DEBUG(SSSDBG_TRACE_ALL, "Initializing ccache of type [%s]\n", type); #ifdef HAVE_KRB5_CC_COLLECTION if (krb5_cc_support_switch(kctx, type)) { + DEBUG(SSSDBG_TRACE_ALL, "CC supports switch\n"); kerr = krb5_cc_set_default_name(kctx, ccname); - if (kerr) goto done; + if (kerr) { + DEBUG(SSSDBG_TRACE_ALL, "Cannot set default name!\n"); + KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); + goto done; + } kerr = krb5_cc_cache_match(kctx, creds->client, &cckcc); if (kerr == KRB5_CC_NOTFOUND) { + DEBUG(SSSDBG_TRACE_ALL, "Match not found\n"); kerr = krb5_cc_new_unique(kctx, type, NULL, &cckcc); switch_to_cc = true; } - if (kerr) goto done; + if (kerr) { + DEBUG(SSSDBG_TRACE_ALL, "krb5_cc_cache_match failed\n"); + KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); + goto done; + } krb5_cc_close(kctx, kcc); kcc = cckcc; } #endif kerr = krb5_cc_initialize(kctx, kcc, creds->client); - if (kerr) goto done; + if (kerr) { + DEBUG(SSSDBG_TRACE_ALL, "krb5_cc_initialize failed\n"); + KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); + goto done; + } kerr = krb5_cc_store_cred(kctx, kcc, creds); - if (kerr) goto done; + if (kerr) { + DEBUG(SSSDBG_TRACE_ALL, "krb5_cc_store_cred failed\n"); + KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); + goto done; + } #ifdef HAVE_KRB5_CC_COLLECTION if (switch_to_cc) { + DEBUG(SSSDBG_TRACE_ALL, "switch_to_cc\n"); kerr = krb5_cc_switch(kctx, kcc); - if (kerr) goto done; + if (kerr) { + DEBUG(SSSDBG_TRACE_ALL, "krb5_cc_switch\n"); + KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); + goto done; + } } #endif + DEBUG(SSSDBG_TRACE_ALL, "returning: %d\n", kerr); done: if (kcc) { /* FIXME: should we krb5_cc_destroy in case of error ? */ @@ -955,7 +987,6 @@ static krb5_error_code get_and_save_tgt_with_keytab(krb5_context ctx, /* Use the updated principal in the creds in case canonicalized */ kerr = create_ccache(ccname, &creds); if (kerr != 0) { - KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); goto done; } kerr = 0; @@ -1026,7 +1057,6 @@ static krb5_error_code get_and_save_tgt(struct krb5_req *kr, /* Use the updated principal in the creds in case canonicalized */ kerr = create_ccache(cc_name, kr->creds); if (kerr != 0) { - KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); goto done; } @@ -1490,9 +1520,7 @@ static errno_t create_empty_ccache(struct krb5_req *kr) kerr = 0; } - if (kerr != 0) { - KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); - } else { + if (kerr == 0) { kerr = k5c_attach_ccname_msg(kr); } |