On 02/23/2015 01:33 PM, Jakub Hrozek wrote:
diff --git a/src/providers/krb5/krb5_child.c
b/src/providers/krb5/krb5_child.c
index 8b3f10d8244f483e6f99a79b01964b0018fa3ee4..174597ad9f2b63f1c9981c0ecd0c203933900a6c
100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -586,16 +586,25 @@ static krb5_error_code create_ccache(char *ccname, krb5_creds
*creds)
* opened as root and contain possibly references (even open handles ?)
* to resources we do not have or do not want to have access to */
kerr = krb5_init_context(&kctx);
- if (kerr) {
+ if (kerr != 0) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "Cannot initialize krb5 context\n");
KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
return ERR_INTERNAL;
}
kerr = handle_randomized(ccname);
- if (kerr) goto done;
+ if (kerr != 0) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "Cannot create randomized ccache name: %d\n", kerr);
+ goto done;
+ }
kerr = krb5_cc_resolve(kctx, ccname, &kcc);
- if (kerr) goto done;
+ if (kerr != 0) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "Cannot resolve ccname\n");
+ KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+ goto done;
+ }
type = krb5_cc_get_type(kctx, kcc);
DEBUG(SSSDBG_TRACE_ALL, "Initializing ccache of type [%s]\n", type);
@@ -603,29 +612,54 @@ static krb5_error_code create_ccache(char *ccname, krb5_creds
*creds)
#ifdef HAVE_KRB5_CC_COLLECTION
if (krb5_cc_support_switch(kctx, type)) {
kerr = krb5_cc_set_default_name(kctx, ccname);
- if (kerr) goto done;
+ if (kerr != 0) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_set_default_name failed\n");
+ KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+ goto done;
+ }
+
2 empty lines
kerr = krb5_cc_cache_match(kctx, creds->client,
&cckcc);
if (kerr == KRB5_CC_NOTFOUND) {
kerr = krb5_cc_new_unique(kctx, type, NULL, &cckcc);
switch_to_cc = true;
}
- if (kerr) goto done;
+ if (kerr != 0) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_cache_match failed\n");
+ KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+ goto done;
+ }
+
krb5_cc_close(kctx, kcc);
kcc = cckcc;
}
#endif
kerr = krb5_cc_initialize(kctx, kcc, creds->client);
- if (kerr) goto done;
+ if (kerr != 0) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "Cannot initialize ccname\n");
+ KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+ goto done;
+ }
+
2 empty lines
kerr = krb5_cc_store_cred(kctx, kcc, creds);
- if (kerr) goto done;
+ if (kerr != 0) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "Cannot store creds in ccname\n");
+ KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+ goto done;
+ }
+
2 empty lines
#ifdef HAVE_KRB5_CC_COLLECTION
if (switch_to_cc) {
kerr = krb5_cc_switch(kctx, kcc);
- if (kerr) goto done;
+ if (kerr != 0) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "Cannot switch to ccache\n");
+ KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+ goto done;
+ }
+
}
#endif
-- 2.1.0
Your patch adds at 3 places another empty line. Is there a reason for
that? I suppose it's just a typo...