From: Jeffrey Altman Date: Wed, 23 Jul 2008 15:04:26 +0000 (+0000) Subject: This patch modifies the NIM Kerberos v5 plug-in to use the X-Git-Tag: krb5-1.7-alpha1~563 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=0b4a03f2df21bfc7c00fdf6b0a8d6f5b5b77b524;p=krb5.git This patch modifies the NIM Kerberos v5 plug-in to use the krb5_get_error_message() function to look up the error string if the call to krb5_get_init_creds_password() fails. If the call to krb5_get_error_message() fails, the caller will failover to the previous method of looking up a suitable error message based on the error code. ticket: 5745 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20572 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/windows/identity/plugins/krb5/krb5funcs.c b/src/windows/identity/plugins/krb5/krb5funcs.c index 8d0de1293..efab36e5e 100644 --- a/src/windows/identity/plugins/krb5/krb5funcs.c +++ b/src/windows/identity/plugins/krb5/krb5funcs.c @@ -1357,7 +1357,8 @@ khm_krb5_kinit(krb5_context alt_ctx, DWORD addressless, DWORD publicIP, krb5_prompter_fct prompter, - void * p_data) + void * p_data, + char ** pp_error_message) { krb5_error_code code = 0; krb5_context ctx = NULL; @@ -1387,6 +1388,8 @@ khm_krb5_kinit(krb5_context alt_ctx, goto cleanup; } + pkrb5_clear_error_message(ctx); + if (ccache) { _reportf(L"Using supplied ccache name %S", ccache); code = pkrb5_cc_resolve(ctx, ccache, &cc); @@ -1523,6 +1526,18 @@ khm_krb5_kinit(krb5_context alt_ctx, if (code) goto cleanup; cleanup: + if (pp_error_message) { + const char * em; + + em = pkrb5_get_error_message(ctx, code); + if (em == NULL) { + *pp_error_message = NULL; + } else { + *pp_error_message = _strdup(em); + pkrb5_free_error_message(ctx, em); + } + } + if ( addrs ) { for ( i=0;icred_message = NULL; } + if (g_fjob.error_message) { + StringCbCopy(msg, sizeof(msg), g_fjob.error_message); + goto have_message; + } + msg[0] = L'\0'; switch(g_fjob.code) { @@ -2151,6 +2183,8 @@ k5_msg_cred_dialog(khm_int32 msg_type, } } + have_message: + if (msg[0]) { StringCbLength(msg, sizeof(msg), &cb); cb += sizeof(wchar_t); @@ -2312,11 +2346,15 @@ k5_msg_cred_dialog(khm_int32 msg_type, if(g_fjob.code != 0) { wchar_t tbuf[1024]; - DWORD suggestion; + DWORD suggestion = 0; kherr_suggestion suggest_code; - khm_err_describe(g_fjob.code, tbuf, sizeof(tbuf), - &suggestion, &suggest_code); + if (g_fjob.error_message) { + StringCbCopy(tbuf, sizeof(tbuf), g_fjob.error_message); + } else { + khm_err_describe(g_fjob.code, tbuf, sizeof(tbuf), + &suggestion, &suggest_code); + } _report_cs0(KHERR_ERROR, tbuf); if (suggestion != 0) @@ -2691,7 +2729,8 @@ k5_msg_cred_dialog(khm_int32 msg_type, d->addressless, /* addressless */ d->publicIP, /* public IP */ NULL, /* prompter */ - NULL /* prompter data */); + NULL, /* prompter data */ + NULL /* error message */); if (code) { rv = KHM_ERROR_UNKNOWN; diff --git a/src/windows/identity/plugins/krb5/krbcred.h b/src/windows/identity/plugins/krb5/krbcred.h index a194343ac..ddc745c93 100644 --- a/src/windows/identity/plugins/krb5/krbcred.h +++ b/src/windows/identity/plugins/krb5/krbcred.h @@ -171,6 +171,7 @@ typedef struct _fiber_job_t { int code; int state; int prompt_set; + wchar_t *error_message; BOOL null_password; BOOL valid_principal;