krb5 commit: Improve krb5_cccol_have_content() error messages
Greg Hudson
ghudson at mit.edu
Wed Jul 29 16:49:19 EDT 2015
https://github.com/krb5/krb5/commit/7746beda3b0312216ac3ffa18fa3179f252b15f4
commit 7746beda3b0312216ac3ffa18fa3179f252b15f4
Author: Greg Hudson <ghudson at mit.edu>
Date: Wed Jul 29 11:46:19 2015 -0400
Improve krb5_cccol_have_content() error messages
If we encounter any errors during krb5_cccol_have_content(), preserve
the message for the first one and wrap it. If we do not encounter any
errors, report the default ccache name. Based on a patch from Nico
Williams.
ticket: 8225 (new)
src/lib/krb5/ccache/cccursor.c | 54 ++++++++++++++++++++++++++++++++++------
1 files changed, 46 insertions(+), 8 deletions(-)
diff --git a/src/lib/krb5/ccache/cccursor.c b/src/lib/krb5/ccache/cccursor.c
index 021a49f..281f128 100644
--- a/src/lib/krb5/ccache/cccursor.c
+++ b/src/lib/krb5/ccache/cccursor.c
@@ -29,6 +29,7 @@
*/
#include "cc-int.h"
+#include "../krb/int-proto.h"
#include <assert.h>
@@ -219,24 +220,49 @@ krb5_cc_cache_match(krb5_context context, krb5_principal client,
return ret;
}
+/* Store the error state for code from context into errsave, but only if code
+ * indicates an error and errsave is empty. */
+static void
+save_first_error(krb5_context context, krb5_error_code code,
+ struct errinfo *errsave)
+{
+ if (code && code != KRB5_CC_END && !errsave->code)
+ k5_save_ctx_error(context, code, errsave);
+}
+
krb5_error_code KRB5_CALLCONV
krb5_cccol_have_content(krb5_context context)
{
+ krb5_error_code ret;
krb5_cccol_cursor col_cursor;
krb5_cc_cursor cache_cursor;
krb5_ccache cache;
krb5_creds creds;
krb5_boolean found = FALSE;
+ struct errinfo errsave = EMPTY_ERRINFO;
+ const char *defname;
- if (krb5_cccol_cursor_new(context, &col_cursor))
+ ret = krb5_cccol_cursor_new(context, &col_cursor);
+ save_first_error(context, ret, &errsave);
+ if (ret)
goto no_entries;
- while (!found && !krb5_cccol_cursor_next(context, col_cursor, &cache) &&
- cache != NULL) {
- if (krb5_cc_start_seq_get(context, cache, &cache_cursor))
+ while (!found) {
+ ret = krb5_cccol_cursor_next(context, col_cursor, &cache);
+ save_first_error(context, ret, &errsave);
+ if (ret || cache == NULL)
+ break;
+
+ ret = krb5_cc_start_seq_get(context, cache, &cache_cursor);
+ save_first_error(context, ret, &errsave);
+ if (ret)
continue;
- while (!found &&
- !krb5_cc_next_cred(context, cache, &cache_cursor, &creds)) {
+ while (!found) {
+ ret = krb5_cc_next_cred(context, cache, &cache_cursor, &creds);
+ save_first_error(context, ret, &errsave);
+ if (ret)
+ break;
+
if (!krb5_is_config_principal(context, creds.server))
found = TRUE;
krb5_free_cred_contents(context, &creds);
@@ -249,7 +275,19 @@ krb5_cccol_have_content(krb5_context context)
return 0;
no_entries:
- k5_setmsg(context, KRB5_CC_NOTFOUND,
- _("No Kerberos credentials available"));
+ if (errsave.code) {
+ /* Report the first error we encountered. */
+ ret = k5_restore_ctx_error(context, &errsave);
+ k5_wrapmsg(context, ret, KRB5_CC_NOTFOUND,
+ _("No Kerberos credentials available"));
+ } else {
+ /* Report the default cache name. */
+ defname = krb5_cc_default_name(context);
+ if (defname != NULL) {
+ k5_setmsg(context, KRB5_CC_NOTFOUND,
+ _("No Kerberos credentials available "
+ "(default cache: %s)"), defname);
+ }
+ }
return KRB5_CC_NOTFOUND;
}
More information about the cvs-krb5
mailing list