diff options
| author | Will Fiveash <will.fiveash@oracle.com> | 2016-07-19 19:20:51 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2016-07-22 11:37:27 -0400 |
| commit | bd2c2a02e22c609b3c7e9f92d6634e151d14e478 (patch) | |
| tree | 12c4083274948ca1d48cd9b096c7f4fd5f62709b /src/include/k5-trace.h | |
| parent | de92d6c5af514b88dc4fd36768b4ff05273ed184 (diff) | |
| download | krb5-bd2c2a02e22c609b3c7e9f92d6634e151d14e478.zip krb5-bd2c2a02e22c609b3c7e9f92d6634e151d14e478.tar.gz krb5-bd2c2a02e22c609b3c7e9f92d6634e151d14e478.tar.bz2 | |
Better handle failures to resolve client keytab
In krb5_gss_acquire_cred(), treat failure to resolve the client keytab
similarly to a client keytab which resolves but does not exist or has
no entries. The client keytab could fail to resolve if its name
contains %{username} and the current process is acting on behalf of
the NSS system.
[ghudson@mit.edu: rewrote commit message; changed tracing call to use
a macro; cleared error message when ignoring krb5_kt_client_default()
error; added test case]
ticket: 8462 (new)
Diffstat (limited to 'src/include/k5-trace.h')
| -rw-r--r-- | src/include/k5-trace.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/include/k5-trace.h b/src/include/k5-trace.h index a0aa85a..045f102 100644 --- a/src/include/k5-trace.h +++ b/src/include/k5-trace.h @@ -180,6 +180,9 @@ void krb5int_trace(krb5_context context, const char *fmt, ...); #define TRACE_GIC_PWD_MASTER(c) \ TRACE(c, "Retrying AS request with master KDC") +#define TRACE_GSS_CLIENT_KEYTAB_FAIL(c, ret) \ + TRACE(c, "Unable to resolve default client keytab: {kerr}", ret) + #define TRACE_ENCTYPE_LIST_UNKNOWN(c, profvar, name) \ TRACE(c, "Unrecognized enctype name in {str}: {str}", profvar, name) |