diff --git a/lib/krb5/keytab.c b/lib/krb5/keytab.c index 23ef5582f..7d191b6df 100644 --- a/lib/krb5/keytab.c +++ b/lib/krb5/keytab.c @@ -337,8 +337,9 @@ krb5_kt_get_entry(krb5_context context, ret = krb5_kt_start_seq_get (context, id, &cursor); if (ret) { - krb5_clear_error_string(context); - return KRB5_KT_NOTFOUND; /* XXX i.e. file not found */ + /* This is needed for krb5_verify_init_creds, but keep error + * string from previous error for the human. */ + return KRB5_KT_NOTFOUND; } entry->vno = 0; diff --git a/lib/krb5/keytab_file.c b/lib/krb5/keytab_file.c index db2bc4786..c32e63b1b 100644 --- a/lib/krb5/keytab_file.c +++ b/lib/krb5/keytab_file.c @@ -334,8 +334,8 @@ fkt_start_seq_get_int(krb5_context context, c->fd = open (d->filename, flags); if (c->fd < 0) { ret = errno; - krb5_set_error_string(context, "%s: %s", d->filename, - strerror(ret)); + krb5_set_error_string(context, "keytab %s open failed: %s", + d->filename, strerror(ret)); return ret; } ret = _krb5_xlock(context, c->fd, exclusive, d->filename); diff --git a/lib/krb5/keytab_keyfile.c b/lib/krb5/keytab_keyfile.c index 52da728f3..d2e37b216 100644 --- a/lib/krb5/keytab_keyfile.c +++ b/lib/krb5/keytab_keyfile.c @@ -197,8 +197,8 @@ akf_start_seq_get(krb5_context context, c->fd = open (d->filename, O_RDONLY|O_BINARY, 0600); if (c->fd < 0) { ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); + krb5_set_error_string(context, "keytab afs keyfil open %s failed: %s", + d->filename, strerror(ret)); return ret; } diff --git a/lib/krb5/keytab_krb4.c b/lib/krb5/keytab_krb4.c index 29ff284f0..7cd2d64db 100644 --- a/lib/krb5/keytab_krb4.c +++ b/lib/krb5/keytab_krb4.c @@ -134,14 +134,15 @@ krb4_kt_start_seq_get_int (krb5_context context, if (c->fd < 0) { ret = errno; free (ed); - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); + krb5_set_error_string(context, "keytab krb5 open %s failed: %s", + d->filename, strerror(ret)); return ret; } c->sp = krb5_storage_from_fd(c->fd); if(c->sp == NULL) { close(c->fd); free(ed); + krb5_set_error_string(context, "malloc: out of memory"); return ENOMEM; } krb5_storage_set_eof_code(c->sp, KRB5_KT_END); @@ -369,8 +370,11 @@ krb4_kt_remove_entry(krb5_context context, if(fd < 0) { memset(data.data, 0, data.length); krb5_data_free(&data); - if(errno == EACCES || errno == EROFS) + if(errno == EACCES || errno == EROFS) { + krb5_set_error_string(context, "failed to open %s for writing", + d->filename); return KRB5_KT_NOWRITE; + } return errno; } @@ -378,14 +382,16 @@ krb4_kt_remove_entry(krb5_context context, memset(data.data, 0, data.length); krb5_data_free(&data); close(fd); - krb5_set_error_string(context, "failed writing to \"%s\"", d->filename); + krb5_set_error_string(context, "failed writing to file %s", + d->filename); return errno; } memset(data.data, 0, data.length); if(fstat(fd, &st) < 0) { krb5_data_free(&data); close(fd); - krb5_set_error_string(context, "failed getting size of \"%s\"", d->filename); + krb5_set_error_string(context, "failed getting size of file %s", + d->filename); return errno; } st.st_size -= data.length; @@ -396,7 +402,8 @@ krb4_kt_remove_entry(krb5_context context, if(n <= 0) { krb5_data_free(&data); close(fd); - krb5_set_error_string(context, "failed writing to \"%s\"", d->filename); + krb5_set_error_string(context, "failed writing to file %s", + d->filename); return errno; } @@ -405,17 +412,20 @@ krb4_kt_remove_entry(krb5_context context, if(ftruncate(fd, data.length) < 0) { krb5_data_free(&data); close(fd); - krb5_set_error_string(context, "failed truncating \"%s\"", d->filename); + krb5_set_error_string(context, "failed truncating file %s", + d->filename); return errno; } krb5_data_free(&data); if(close(fd) < 0) { - krb5_set_error_string(context, "error closing \"%s\"", d->filename); + krb5_set_error_string(context, "error closing %s", + d->filename); return errno; } return 0; } else { krb5_storage_free(sp); + krb5_set_error_string(context, "Keytab entry not found"); return KRB5_KT_NOTFOUND; } }