goto errout;
} else if (c_nprincs != 1) {
status = "CLIENT_NOT_FOUND";
-#ifdef KRBCONF_VAGUE_ERRORS
- errcode = KRB5KRB_ERR_GENERIC;
-#else
- errcode = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN;
-#endif
+ if (vague_errors)
+ errcode = KRB5KRB_ERR_GENERIC;
+ else
+ errcode = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN;
goto errout;
}
}
update_client = 1;
status = "PREAUTH_FAILED";
-#ifdef KRBCONF_VAGUE_ERRORS
- errcode = KRB5KRB_ERR_GENERIC;
-#endif
+ if (vague_errors)
+ errcode = KRB5KRB_ERR_GENERIC;
goto errout;
}
}
extern char **db_args;
extern krb5_int32 max_dgram_reply_size; /* maximum datagram size */
+extern const int vague_errors;
+
extern volatile int signal_requests_exit;
extern volatile int signal_requests_hup;
#endif /* __KRB5_KDC_EXTERN__ */
krb5_deltat rc_lifetime; /* See kdc_initialize_rcache() */
#endif
+#ifdef KRBCONF_VAGUE_ERRORS
+const int vague_errors = 1;
+#else
+const int vague_errors = 0;
+#endif
+
#ifdef USE_RCACHE
/*
* initialize the replay cache.
/* The client must not be expired */
if (client.expiration && client.expiration < kdc_time) {
*status = "CLIENT EXPIRED";
-#ifdef KRBCONF_VAGUE_ERRORS
- return(KRB_ERR_GENERIC);
-#else
- return(KDC_ERR_NAME_EXP);
-#endif
+ if (vague_errors)
+ return(KRB_ERR_GENERIC);
+ else
+ return(KDC_ERR_NAME_EXP);
}
/* The client's password must not be expired, unless the server is
if (client.pw_expiration && client.pw_expiration < kdc_time &&
!isflagset(server.attributes, KRB5_KDB_PWCHANGE_SERVICE)) {
*status = "CLIENT KEY EXPIRED";
-#ifdef KRBCONF_VAGUE_ERRORS
- return(KRB_ERR_GENERIC);
-#else
- return(KDC_ERR_KEY_EXP);
-#endif
+ if (vague_errors)
+ return(KRB_ERR_GENERIC);
+ else
+ return(KDC_ERR_KEY_EXP);
}
/* The server must not be expired */