>From 0698670b5c6c3bceac846345255a7c5bddbe455a Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Mon, 23 Feb 2015 11:35:14 +0100
Subject: [PATCH] krb5: Add more debugging to create_ccache()

---
 src/providers/krb5/krb5_child.c | 47 ++++++++++++++++++++++++++++++++++-------
 1 file changed, 39 insertions(+), 8 deletions(-)

diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index 8b3f10d8244f483e6f99a79b01964b0018fa3ee4..f8ce1bec04e45e7cea489f838aaad7646995f5bb 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -586,16 +586,25 @@ static krb5_error_code create_ccache(char *ccname, krb5_creds *creds)
      * opened as root and contain possibly references (even open handles ?)
      * to resources we do not have or do not want to have access to */
     kerr = krb5_init_context(&kctx);
-    if (kerr) {
+    if (kerr != 0) {
+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot initialize krb5 context\n");
         KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
         return ERR_INTERNAL;
     }
 
     kerr = handle_randomized(ccname);
-    if (kerr) goto done;
+    if (kerr != 0) {
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              "Cannot create randomized ccache name: %d\n", kerr);
+        goto done;
+    }
 
     kerr = krb5_cc_resolve(kctx, ccname, &kcc);
-    if (kerr) goto done;
+    if (kerr != 0) {
+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot resolve ccname\n");
+        KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+        goto done;
+    }
 
     type = krb5_cc_get_type(kctx, kcc);
     DEBUG(SSSDBG_TRACE_ALL, "Initializing ccache of type [%s]\n", type);
@@ -603,29 +612,51 @@ static krb5_error_code create_ccache(char *ccname, krb5_creds *creds)
 #ifdef HAVE_KRB5_CC_COLLECTION
     if (krb5_cc_support_switch(kctx, type)) {
         kerr = krb5_cc_set_default_name(kctx, ccname);
-        if (kerr) goto done;
+        if (kerr != 0) {
+            DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_set_default_name failed\n");
+            KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+            goto done;
+        }
 
         kerr = krb5_cc_cache_match(kctx, creds->client, &cckcc);
         if (kerr == KRB5_CC_NOTFOUND) {
             kerr = krb5_cc_new_unique(kctx, type, NULL, &cckcc);
             switch_to_cc = true;
         }
-        if (kerr) goto done;
+        if (kerr != 0) {
+            DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_cache_match failed\n");
+            KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+            goto done;
+        }
+
         krb5_cc_close(kctx, kcc);
         kcc = cckcc;
     }
 #endif
 
     kerr = krb5_cc_initialize(kctx, kcc, creds->client);
-    if (kerr) goto done;
+    if (kerr != 0) {
+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot initialize ccname\n");
+        KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+        goto done;
+    }
 
     kerr = krb5_cc_store_cred(kctx, kcc, creds);
-    if (kerr) goto done;
+    if (kerr != 0) {
+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot store creds in ccname\n");
+        KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+        goto done;
+    }
 
 #ifdef HAVE_KRB5_CC_COLLECTION
     if (switch_to_cc) {
         kerr = krb5_cc_switch(kctx, kcc);
-        if (kerr) goto done;
+        if (kerr != 0) {
+            DEBUG(SSSDBG_CRIT_FAILURE, "Cannot switch to ccache\n");
+            KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
+            goto done;
+        }
+
     }
 #endif
 
-- 
2.1.0