Provide better error messages for libkafs
This commit is contained in:
@@ -191,6 +191,20 @@ get_cred(struct kafs_data *data, const char *name, const char *inst,
|
||||
return ret;
|
||||
}
|
||||
|
||||
static const char *
|
||||
get_error(struct kafs_data *data, int error)
|
||||
{
|
||||
struct krb5_kafs_data *d = data->data;
|
||||
return krb5_get_error_message(d->context, error);
|
||||
}
|
||||
|
||||
static void
|
||||
free_error(struct kafs_data *data, const char *str)
|
||||
{
|
||||
struct krb5_kafs_data *d = data->data;
|
||||
krb5_free_error_message(d->context, str);
|
||||
}
|
||||
|
||||
static krb5_error_code
|
||||
afslog_uid_int(struct kafs_data *data, const char *cell, const char *rh,
|
||||
uid_t uid, const char *homedir)
|
||||
@@ -250,6 +264,8 @@ krb5_afslog_uid_home(krb5_context context,
|
||||
kd.afslog_uid = afslog_uid_int;
|
||||
kd.get_cred = get_cred;
|
||||
kd.get_realm = get_realm;
|
||||
kd.get_error = get_error;
|
||||
kd.free_error = free_error;
|
||||
kd.data = &d;
|
||||
if (context == NULL) {
|
||||
ret = krb5_init_context(&d.context);
|
||||
@@ -313,6 +329,8 @@ krb5_realm_of_cell(const char *cell, char **realm)
|
||||
|
||||
kd.name = "krb5";
|
||||
kd.get_realm = get_realm;
|
||||
kd.get_error = get_error;
|
||||
kd.free_error = free_error;
|
||||
return _kafs_realm_of_cell(&kd, cell, realm);
|
||||
}
|
||||
|
||||
|
@@ -378,11 +378,14 @@ _kafs_try_get_cred(struct kafs_data *data, const char *user, const char *cell,
|
||||
|
||||
ret = (*data->get_cred)(data, user, cell, realm, uid, kt);
|
||||
if (kafs_verbose) {
|
||||
const char *estr = (*data->get_error)(data, ret);
|
||||
char *str;
|
||||
asprintf(&str, "%s tried afs%s%s@%s -> %d",
|
||||
data->name, cell[0] == '\0' ? "" : "/",
|
||||
cell, realm, ret);
|
||||
asprintf(&str, "%s tried afs%s%s@%s -> %s (%d)",
|
||||
data->name, cell ? "/" : "",
|
||||
cell ? cell : "", realm, estr ? estr : "unknown", ret);
|
||||
(*kafs_verbose)(kafs_verbose_ctx, str);
|
||||
if (estr)
|
||||
(*data->free_error)(data, estr);
|
||||
free(str);
|
||||
}
|
||||
|
||||
@@ -431,7 +434,7 @@ _kafs_get_cred(struct kafs_data *data,
|
||||
cell, realm_hint, uid, kt);
|
||||
if (ret == 0) return 0;
|
||||
ret = _kafs_try_get_cred(data, AUTH_SUPERUSER,
|
||||
"", realm_hint, uid, kt);
|
||||
NULL, realm_hint, uid, kt);
|
||||
if (ret == 0) return 0;
|
||||
}
|
||||
|
||||
@@ -452,7 +455,7 @@ _kafs_get_cred(struct kafs_data *data,
|
||||
*/
|
||||
if (strcmp(CELL, realm) == 0) {
|
||||
ret = _kafs_try_get_cred(data, AUTH_SUPERUSER,
|
||||
"", realm, uid, kt);
|
||||
NULL, realm, uid, kt);
|
||||
if (ret == 0) return 0;
|
||||
}
|
||||
|
||||
@@ -463,7 +466,7 @@ _kafs_get_cred(struct kafs_data *data,
|
||||
* Try afs.cell@CELL.
|
||||
*/
|
||||
ret = _kafs_try_get_cred(data, AUTH_SUPERUSER,
|
||||
"", CELL, uid, kt);
|
||||
NULL, CELL, uid, kt);
|
||||
if (ret == 0) return 0;
|
||||
ret = _kafs_try_get_cred(data, AUTH_SUPERUSER,
|
||||
cell, CELL, uid, kt);
|
||||
@@ -482,7 +485,7 @@ _kafs_get_cred(struct kafs_data *data,
|
||||
cell, vl_realm, uid, kt);
|
||||
if (ret)
|
||||
ret = _kafs_try_get_cred(data, AUTH_SUPERUSER,
|
||||
"", vl_realm, uid, kt);
|
||||
NULL, vl_realm, uid, kt);
|
||||
free(vl_realm);
|
||||
if (ret == 0) return 0;
|
||||
}
|
||||
|
@@ -123,6 +123,8 @@ struct kafs_data {
|
||||
afslog_uid_func_t afslog_uid;
|
||||
get_cred_func_t get_cred;
|
||||
get_realm_func_t get_realm;
|
||||
const char *(*get_error)(struct kafs_data *, int);
|
||||
void (*free_error)(struct kafs_data *, const char *);
|
||||
void *data;
|
||||
};
|
||||
|
||||
|
Reference in New Issue
Block a user