Notes on lost extended error messages for kinit -k

[Sam Hartman]

>>>>> "ghudson" == ghudson  <ghudson at MIT.EDU> writes:

    ghudson> * Perhaps krb5int_fast_as_armor() shouldn't be clearing the error
    ghudson>   message.  My reaction to Sam's design principle was that you want to
    ghudson>   clear an error message after you've handled an error without
    ghudson>   returning it, not just any time you're beginning a non-trivial
    ghudson>   sequence of operations.  Of course, the gic_keytab fallback is a
    ghudson>   case where we're handling an error without returning it, so my
    ghudson>   interpretation of the design principle would mean we'd have to look
    ghudson>   more closely at that code.

I can see an argument that the error message should not be getting
cleared in that place, but I believe it definitely should get cleared
somewhere between the first sendto_kdc and the second.

Conceptually it's a different error and at the level where you're making
the decision you can't have confidence that the first error message is
still appropriate.  Consider the sorts of situations that could come up
if you had some fallback paths in the use_master case that returned the
same error code but did not set an error message.  With this particular
error code it's hard to imagine that being appropriate, but at an
abstract level you want the error message cleared between the
non_use_master and use_master cases.

I realize I'm not being articulate here. There's some principle running
around in my head, but I'm having trouble actually describing it.