]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7011c2c)
Trace log on k5tls load failure 718/head
authorGreg Hudson <ghudson@mit.edu>
Wed, 17 Jan 2018 23:31:43 +0000 (18:31 -0500)
committerGreg Hudson <ghudson@mit.edu>
Mon, 22 Jan 2018 16:55:14 +0000 (11:55 -0500)
If sendto_kdc fails to establish an MS-KKDCP connection because the
k5tls module cannot be loaded, output a trace log before closing the
connection.  Reported by Jochen Hein.

ticket: 8634 (new)

src/include/k5-trace.h patch | blob | blame | history
src/lib/krb5/os/sendto_kdc.c patch | blob | blame | history

diff --git a/src/include/k5-trace.h b/src/include/k5-trace.h
index 390a8b7d6fc7fbc4a5d14557d1fc48398094b116..27c9d1464e633efbe3abd821168190e620c42906 100644 (file)
--- a/src/include/k5-trace.h
+++ b/src/include/k5-trace.h
@@ -364,6 +364,8 @@ void krb5int_trace(krb5_context context, const char *fmt, ...);
 #define TRACE_SENDTO_KDC(c, len, rlm, master, tcp)                     \
     TRACE(c, "Sending request ({int} bytes) to {data}{str}{str}", len,  \
           rlm, (master) ? " (master)" : "", (tcp) ? " (tcp only)" : "")
+#define TRACE_SENDTO_KDC_K5TLS_LOAD_ERROR(c, ret)       \
+    TRACE(c, "Error loading k5tls module: {kerr}", ret)
 #define TRACE_SENDTO_KDC_MASTER(c, master)                              \
     TRACE(c, "Response was{str} from master KDC", (master) ? "" : " not")
 #define TRACE_SENDTO_KDC_RESOLVING(c, hostname)         \
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index e8bc0ad6e2f5dd8796ab4de917ac3a0829a34900..80c08f6f3d874764c8985aeea68b4323f1de8a0d 100644 (file)
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -151,6 +151,7 @@ static krb5_error_code
 init_tls_vtable(krb5_context context)
 {
     krb5_plugin_initvt_fn initfn;
+    krb5_error_code ret;
 
     if (context->tls != NULL)
         return 0;
@@ -161,8 +162,11 @@ init_tls_vtable(krb5_context context)
 
     /* Attempt to load the module; just let it stay nulled out on failure. */
     k5_plugin_register_dyn(context, PLUGIN_INTERFACE_TLS, "k5tls", "tls");
-    if (k5_plugin_load(context, PLUGIN_INTERFACE_TLS, "k5tls", &initfn) == 0)
+    ret = k5_plugin_load(context, PLUGIN_INTERFACE_TLS, "k5tls", &initfn);
+    if (!ret)
         (*initfn)(context, 0, 0, (krb5_plugin_vtable)context->tls);
+    else
+        TRACE_SENDTO_KDC_K5TLS_LOAD_ERROR(context, ret);
 
     return 0;
 }
Mirror of https://github.com/krb5/krb5.git