How to use krb5_get_error_message() when context initialization failed?
Russ Allbery
rra at stanford.edu
Tue Feb 26 12:27:23 EST 2013
Petr Spacek <pspacek at redhat.com> writes:
> I tried following C code snippet and it worked, but I want to ask
> Kerberos experts to be sure that it will not blow up:
> krberr = krb5_init_context(&context);
> if (krberr)
> krb5_get_error_message(NULL, krberr);
You will get segfaults with older versions of Heimdal if you pass NULL as
the context to krb5_get_error_message, but this will work properly with
MIT Kerberos and current versions of Heimdal. You won't get much useful
in the error message, though, just a straight translation of the error
code to a static string. Unfortunately, there isn't a good way for the
Kerberos library to report a useful error (particularly since the most
common reason for krb5_init_context failing is a syntactically invalid
krb5.conf file, for which a verbose error message would be very nice).
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list