68 lines
2.6 KiB
Diff
68 lines
2.6 KiB
Diff
|
From 87b54bd8448760241e7071a585f95b3e2604355a Mon Sep 17 00:00:00 2001
|
||
|
From: Sumit Bose <sbose@redhat.com>
|
||
|
Date: Fri, 15 Mar 2024 12:35:00 +0100
|
||
|
Subject: [PATCH 11/12] krb5: make prompter and pre-auth debug message less
|
||
|
irritating
|
||
|
MIME-Version: 1.0
|
||
|
Content-Type: text/plain; charset=UTF-8
|
||
|
Content-Transfer-Encoding: 8bit
|
||
|
|
||
|
Resolves: https://github.com/SSSD/sssd/issues/7152
|
||
|
|
||
|
Reviewed-by: Alejandro López <allopez@redhat.com>
|
||
|
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
|
||
|
(cherry picked from commit e26cc69341bcfd2bbc758eca30df296431c70a28)
|
||
|
---
|
||
|
src/providers/krb5/krb5_child.c | 15 +++++++++++----
|
||
|
1 file changed, 11 insertions(+), 4 deletions(-)
|
||
|
|
||
|
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
|
||
|
index 926109588..494711de9 100644
|
||
|
--- a/src/providers/krb5/krb5_child.c
|
||
|
+++ b/src/providers/krb5/krb5_child.c
|
||
|
@@ -1355,13 +1355,14 @@ static krb5_error_code sss_krb5_prompter(krb5_context context, void *data,
|
||
|
int ret;
|
||
|
size_t c;
|
||
|
struct krb5_req *kr = talloc_get_type(data, struct krb5_req);
|
||
|
+ const char *err_msg;
|
||
|
|
||
|
if (kr == NULL) {
|
||
|
return EINVAL;
|
||
|
}
|
||
|
|
||
|
DEBUG(SSSDBG_TRACE_ALL,
|
||
|
- "sss_krb5_prompter name [%s] banner [%s] num_prompts [%d] EINVAL.\n",
|
||
|
+ "sss_krb5_prompter name [%s] banner [%s] num_prompts [%d].\n",
|
||
|
name, banner, num_prompts);
|
||
|
|
||
|
if (num_prompts != 0) {
|
||
|
@@ -1370,7 +1371,12 @@ static krb5_error_code sss_krb5_prompter(krb5_context context, void *data,
|
||
|
prompts[c].prompt);
|
||
|
}
|
||
|
|
||
|
- DEBUG(SSSDBG_FUNC_DATA, "Prompter interface isn't used for password prompts by SSSD.\n");
|
||
|
+ err_msg = krb5_get_error_message(context, KRB5_LIBOS_CANTREADPWD);
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA,
|
||
|
+ "Prompter interface isn't used for prompting by SSSD."
|
||
|
+ "Returning the expected error [%ld/%s].\n",
|
||
|
+ KRB5_LIBOS_CANTREADPWD, err_msg);
|
||
|
+ krb5_free_error_message(context, err_msg);
|
||
|
return KRB5_LIBOS_CANTREADPWD;
|
||
|
}
|
||
|
|
||
|
@@ -2839,8 +2845,9 @@ static errno_t tgt_req_child(struct krb5_req *kr)
|
||
|
* should now know which authentication methods are available to
|
||
|
* update the password. */
|
||
|
DEBUG(SSSDBG_TRACE_FUNC,
|
||
|
- "krb5_get_init_creds_password returned [%d] during pre-auth, "
|
||
|
- "ignored.\n", kerr);
|
||
|
+ "krb5_get_init_creds_password returned [%d] while collecting "
|
||
|
+ "available authentication types, errors are expected "
|
||
|
+ "and ignored.\n", kerr);
|
||
|
ret = pam_add_prompting(kr);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_prompting failed.\n");
|
||
|
--
|
||
|
2.42.0
|
||
|
|