[SCM] Samba Shared Repository - branch master updated

Christof Schmitt cs at samba.org
Thu Dec 20 00:32:03 UTC 2018


The branch, master has been updated
       via  357fe04bd47 s4: Add kerberos tracing
       via  0b0a22ddad0 winbindd: Add kerberos tracing
       via  5eefb0885c9 utils: Add kerberos tracing
       via  bf675938924 passdb: Add kerberos tracing
       via  9f33864770e librpc: Add kerberos tracing
       via  8887a680310 libnet: Add kerberos tracing
       via  3df7789e4b3 libads: Add kerberos tracing
       via  2cc561fbbf1 client: Add kerberos tracing
       via  5056b962241 lib: Add kerberos tracing
       via  a800baece74 Add MIT kerberos tracing capability
      from  49dc04f9f55 samba-tool: don't print backtrace on simple DNS errors

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 357fe04bd477858bb21cfb5e8a5e0efc556864d6
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:55:09 2018 +0100

    s4: Add kerberos tracing
    
    Replace kerberos context initialization from
    raw krb5_init_context() to smb_krb5_init_context_basic()
    which is adding common tracing as well.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>
    
    Autobuild-User(master): Christof Schmitt <cs at samba.org>
    Autobuild-Date(master): Thu Dec 20 01:31:17 CET 2018 on sn-devel-144

commit 0b0a22ddad0e5f1542aee6ed65efaedb08471cc5
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:46:46 2018 +0100

    winbindd: Add kerberos tracing
    
    Replace kerberos context initialization from
    raw krb5_init_context() to smb_krb5_init_context_basic()
    which is adding common tracing as well.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

commit 5eefb0885c935854fd3ddc1fcbab2c456745ee0f
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:44:24 2018 +0100

    utils: Add kerberos tracing
    
    Replace kerberos context initialization from
    raw krb5_init_context() to smb_krb5_init_context_basic()
    which is adding common tracing as well.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

commit bf67593892402fc469ecb7930795dafe273e60e7
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:41:47 2018 +0100

    passdb: Add kerberos tracing
    
    Replace kerberos context initialization from
    raw krb5_init_context() to smb_krb5_init_context_basic()
    which is adding common tracing as well.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

commit 9f33864770ee973ab35da07494c1100f628070be
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:38:44 2018 +0100

    librpc: Add kerberos tracing
    
    Replace kerberos context initialization from
    raw krb5_init_context() to smb_krb5_init_context_basic()
    which is adding common tracing as well.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

commit 8887a68031070e0d6b93f7283b7ab409977206de
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:35:42 2018 +0100

    libnet: Add kerberos tracing
    
    Replace kerberos context initialization from
    raw krb5_init_context() to smb_krb5_init_context_basic()
    which is adding common tracing as well.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

commit 3df7789e4b34f08b21d7d5d294831c795f0145d4
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:16:42 2018 +0100

    libads: Add kerberos tracing
    
    Replace kerberos context initialization from
    raw krb5_init_context() to smb_krb5_init_context_basic()
    which is adding common tracing as well.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

commit 2cc561fbbf157ce9bddb702d46f5dba1bf46311b
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:06:20 2018 +0100

    client: Add kerberos tracing
    
    Replace kerberos context initialization from
    raw krb5_init_context() to smb_krb5_init_context_basic()
    which is adding common tracing as well.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

commit 5056b9622416311535578a481af800afe8c8c729
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 11:03:33 2018 +0100

    lib: Add kerberos tracing
    
    Add krb5 tracing to samba krb5 wrapper.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

commit a800baece74fc9d3766af8432adf8efad05ed9d6
Author: Swen Schillig <swen at linux.ibm.com>
Date:   Wed Dec 5 10:29:44 2018 +0100

    Add MIT kerberos tracing capability
    
    HEIMDAL kerberos offers already tracing via a logging facility
    through smb_krb5_init_context().
    MIT kerberos offers to register a callback via krb5_set_trace_callback
    with which tracing information can be routed to a common logging facility.
    This is now integrated into smb_krb5_init_context_basic() offering
    the same functionality for both kerberos fragrances.
    
    Signed-off-by: Swen Schillig <swen at linux.ibm.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Christof Schmitt <cs at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/krb5_wrap/krb5_samba.c                | 57 ++++++++++++++++++++++++++-----
 lib/krb5_wrap/krb5_samba.h                |  2 ++
 source3/client/smbspool.c                 |  5 ++-
 source3/libads/kerberos.c                 | 17 +++++----
 source3/libads/kerberos_keytab.c          | 28 +++++++--------
 source3/libads/krb5_setpw.c               | 12 +++----
 source3/libads/sasl.c                     |  4 ++-
 source3/libnet/libnet_keytab.c            |  7 ++--
 source3/librpc/crypto/gse.c               |  8 ++---
 source3/passdb/machine_account_secrets.c  |  5 +--
 source3/utils/net_lookup.c                |  7 ++--
 source3/winbindd/winbindd_pam.c           |  6 ++--
 source4/auth/kerberos/krb5_init_context.c |  6 +---
 source4/kdc/ktutil.c                      |  6 ++--
 source4/kdc/sdb_to_kdb.c                  |  4 ++-
 15 files changed, 108 insertions(+), 66 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index b2425109d3a..840fbb10695 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -932,9 +932,10 @@ krb5_error_code smb_krb5_renew_ticket(const char *ccache_string,
 	ZERO_STRUCT(creds);
 	ZERO_STRUCT(creds_in);
 
-	initialize_krb5_error_table();
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		goto done;
 	}
 
@@ -2880,8 +2881,10 @@ char *smb_krb5_get_realm_from_hostname(TALLOC_CTX *mem_ctx,
 	krb5_error_code kerr;
 	krb5_context ctx = NULL;
 
-	initialize_krb5_error_table();
-	if (krb5_init_context(&ctx)) {
+	kerr = smb_krb5_init_context_common(&ctx);
+	if (kerr) {
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(kerr));
 		return NULL;
 	}
 
@@ -3502,11 +3505,10 @@ int ads_krb5_cli_get_ticket(TALLOC_CTX *mem_ctx,
 		ENCTYPE_NULL};
 	bool ok;
 
-	initialize_krb5_error_table();
-	retval = krb5_init_context(&context);
+	retval = smb_krb5_init_context_common(&context);
 	if (retval != 0) {
-		DBG_WARNING("krb5_init_context failed (%s)\n",
-			    error_message(retval));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(retval));
 		goto failed;
 	}
 
@@ -3571,6 +3573,45 @@ failed:
 	return retval;
 }
 
+#ifndef SAMBA4_USES_HEIMDAL /* MITKRB5 tracing callback */
+static void smb_krb5_trace_cb(krb5_context ctx,
+			      const krb5_trace_info *info,
+			      void *data)
+{
+	if (info != NULL) {
+		DBGC_DEBUG(DBGC_KERBEROS, "%s", info->message);
+	}
+}
+#endif
+
+krb5_error_code smb_krb5_init_context_common(krb5_context *_krb5_context)
+{
+	krb5_error_code ret;
+	krb5_context krb5_ctx;
+
+	initialize_krb5_error_table();
+
+	ret = krb5_init_context(&krb5_ctx);
+	if (ret) {
+		DBG_ERR("Krb5 context initialization failed (%s)\n",
+			 error_message(ret));
+		return ret;
+	}
+
+	/* The MIT Kerberos build relies on using the system krb5.conf file.
+	 * If you really want to use another file please set KRB5_CONFIG
+	 * accordingly. */
+#ifndef SAMBA4_USES_HEIMDAL
+	ret = krb5_set_trace_callback(krb5_ctx, smb_krb5_trace_cb, NULL);
+	if (ret) {
+		DBG_ERR("Failed to set MIT kerberos trace callback! (%s)\n",
+			error_message(ret));
+	}
+#endif
+	*_krb5_context = krb5_ctx;
+	return 0;
+}
+
 #else /* HAVE_KRB5 */
 /* This saves a few linking headaches */
 int ads_krb5_cli_get_ticket(TALLOC_CTX *mem_ctx,
diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index ebbcba96c08..b6ee04f60fe 100644
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -143,6 +143,8 @@ krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
 				      krb5_const_principal principal,
 				      char **unix_name);
 
+krb5_error_code smb_krb5_init_context_common(krb5_context *_krb5_context);
+
 krb5_error_code krb5_set_default_tgs_ktypes(krb5_context ctx, const krb5_enctype *enc);
 
 #if defined(HAVE_KRB5_AUTH_CON_SETKEY) && !defined(HAVE_KRB5_AUTH_CON_SETUSERUSERKEY)
diff --git a/source3/client/smbspool.c b/source3/client/smbspool.c
index 58ce6c56177..4f312a6d294 100644
--- a/source3/client/smbspool.c
+++ b/source3/client/smbspool.c
@@ -28,6 +28,7 @@
 #include "system/kerberos.h"
 #include "libsmb/libsmb.h"
 #include "lib/param/param.h"
+#include "lib/krb5_wrap/krb5_samba.h"
 
 /*
  * Starting with CUPS 1.3, Kerberos support is provided by cupsd including
@@ -516,8 +517,10 @@ static bool kerberos_ccache_is_valid(void) {
 	krb5_ccache ccache = NULL;
 	krb5_error_code code;
 
-	code = krb5_init_context(&ctx);
+	code = smb_krb5_init_context_common(&ctx);
 	if (code != 0) {
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(code));
 		return false;
 	}
 
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 43b6a1debb4..c8aa9191c7e 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -128,9 +128,12 @@ int kerberos_kinit_password_ext(const char *principal,
 
 	ZERO_STRUCT(my_creds);
 
-	initialize_krb5_error_table();
-	if ((code = krb5_init_context(&ctx)))
-		goto out;
+	code = smb_krb5_init_context_common(&ctx);
+	if (code != 0) {
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(code));
+		return code;
+	}
 
 	if (time_offset != 0) {
 		krb5_set_real_time(ctx, time(NULL) + time_offset, 0);
@@ -244,10 +247,10 @@ int ads_kdestroy(const char *cc_name)
 	krb5_context ctx = NULL;
 	krb5_ccache cc = NULL;
 
-	initialize_krb5_error_table();
-	if ((code = krb5_init_context (&ctx))) {
-		DEBUG(3, ("ads_kdestroy: kdb5_init_context failed: %s\n", 
-			error_message(code)));
+	code = smb_krb5_init_context_common(&ctx);
+	if (code != 0) {
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(code));
 		return code;
 	}
 
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 792dc999e6c..97d5535041c 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -259,11 +259,10 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc, bool update_ads)
 	TALLOC_CTX *tmpctx = NULL;
 	int i;
 
-	initialize_krb5_error_table();
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
-		DEBUG(1, (__location__ ": could not krb5_init_context: %s\n",
-			  error_message(ret)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		return -1;
 	}
 
@@ -436,11 +435,10 @@ int ads_keytab_flush(ADS_STRUCT *ads)
 	krb5_kvno kvno;
 	ADS_STATUS aderr;
 
-	initialize_krb5_error_table();
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
-		DEBUG(1, (__location__ ": could not krb5_init_context: %s\n",
-			  error_message(ret)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		return ret;
 	}
 
@@ -570,11 +568,10 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
 
 	memset(princ_s, '\0', sizeof(princ_s));
 
-	initialize_krb5_error_table();
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
-		DEBUG(1, (__location__ ": could not krb5_init_context: %s\n",
-			  error_message(ret)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		goto done;
 	}
 
@@ -774,11 +771,10 @@ int ads_keytab_list(const char *keytab_name)
 	ZERO_STRUCT(kt_entry);
 	ZERO_STRUCT(cursor);
 
-	initialize_krb5_error_table();
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
-		DEBUG(1, (__location__ ": could not krb5_init_context: %s\n",
-			  error_message(ret)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		return ret;
 	}
 
diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c
index a4a781963a3..c3c9477c4cf 100644
--- a/source3/libads/krb5_setpw.c
+++ b/source3/libads/krb5_setpw.c
@@ -69,10 +69,10 @@ ADS_STATUS ads_krb5_set_password(const char *kdc_host, const char *principal,
 	krb5_data result_code_string = { 0 };
 	krb5_data result_string = { 0 };
 
-	initialize_krb5_error_table();
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
-		DEBUG(1,("Failed to init krb5 context (%s)\n", error_message(ret)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		return ADS_ERROR_KRB5(ret);
 	}
 
@@ -177,10 +177,10 @@ static ADS_STATUS ads_krb5_chg_password(const char *kdc_host,
     krb5_data result_string = { 0 };
     smb_krb5_addresses *addr = NULL;
 
-    initialize_krb5_error_table();
-    ret = krb5_init_context(&context);
+    ret = smb_krb5_init_context_common(&context);
     if (ret) {
-	DEBUG(1,("Failed to init krb5 context (%s)\n", error_message(ret)));
+	DBG_ERR("kerberos init context failed (%s)\n",
+		error_message(ret));
 	return ADS_ERROR_KRB5(ret);
     }
 
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 7f7b790810c..010a2538206 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -366,8 +366,10 @@ static ADS_STATUS ads_init_gssapi_cred(ADS_STRUCT *ads, gss_cred_id_t *cred)
 		return ADS_SUCCESS;
 	}
 
-	kerr = krb5_init_context(&kctx);
+	kerr = smb_krb5_init_context_common(&kctx);
 	if (kerr) {
+	    DBG_ERR("kerberos init context failed (%s)\n",
+		    error_message(kerr));
 		return ADS_ERROR_KRB5(kerr);
 	}
 
diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c
index c76e7b298cf..cdf22c2ceb9 100644
--- a/source3/libnet/libnet_keytab.c
+++ b/source3/libnet/libnet_keytab.c
@@ -74,11 +74,10 @@ krb5_error_code libnet_keytab_init(TALLOC_CTX *mem_ctx,
 
 	talloc_set_destructor(r, keytab_close);
 
-	initialize_krb5_error_table();
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
-		DEBUG(1,("keytab_init: could not krb5_init_context: %s\n",
-			error_message(ret)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		return ret;
 	}
 
diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c
index 2c00ea9bbcb..9a9f4261222 100644
--- a/source3/librpc/crypto/gse.c
+++ b/source3/librpc/crypto/gse.c
@@ -206,12 +206,10 @@ static NTSTATUS gse_context_init(TALLOC_CTX *mem_ctx,
 	gse_ctx->gss_want_flags |= add_gss_c_flags;
 
 	/* Initialize Kerberos Context */
-	initialize_krb5_error_table();
-
-	k5ret = krb5_init_context(&gse_ctx->k5ctx);
+	k5ret = smb_krb5_init_context_common(&gse_ctx->k5ctx);
 	if (k5ret) {
-		DEBUG(0, ("Failed to initialize kerberos context! (%s)\n",
-			  error_message(k5ret)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(k5ret));
 		status = NT_STATUS_INTERNAL_ERROR;
 		goto err_out;
 	}
diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c
index b816b3aa7f8..dfc21f295a1 100644
--- a/source3/passdb/machine_account_secrets.c
+++ b/source3/passdb/machine_account_secrets.c
@@ -1083,9 +1083,10 @@ static int secrets_domain_info_kerberos_keys(struct secrets_domain_info1_passwor
 		goto no_kerberos;
 	}
 
-	initialize_krb5_error_table();
-	krb5_ret = krb5_init_context(&krb5_ctx);
+	krb5_ret = smb_krb5_init_context_common(&krb5_ctx);
 	if (krb5_ret != 0) {
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(krb5_ret));
 		TALLOC_FREE(keys);
 		return krb5_ret;
 	}
diff --git a/source3/utils/net_lookup.c b/source3/utils/net_lookup.c
index df047f617e7..fb9c31c4198 100644
--- a/source3/utils/net_lookup.c
+++ b/source3/utils/net_lookup.c
@@ -286,11 +286,10 @@ static int net_lookup_kdc(struct net_context *c, int argc, const char **argv)
 	int i;
 	NTSTATUS status;
 
-	initialize_krb5_error_table();
-	rc = krb5_init_context(&ctx);
+	rc = smb_krb5_init_context_common(&ctx);
 	if (rc) {
-		DEBUG(1,("krb5_init_context failed (%s)\n",
-			 error_message(rc)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(rc));
 		return -1;
 	}
 
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 83136e4be79..a82046a0040 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -2889,10 +2889,10 @@ static NTSTATUS extract_pac_vrfy_sigs(TALLOC_CTX *mem_ctx, DATA_BLOB pac_blob,
 	ZERO_STRUCT(entry);
 	ZERO_STRUCT(cursor);
 
-	k5ret = krb5_init_context(&krbctx);
+	k5ret = smb_krb5_init_context_common(&krbctx);
 	if (k5ret) {
-		DEBUG(1, ("Failed to initialize kerberos context: %s\n",
-			  error_message(k5ret)));
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(k5ret));
 		status = krb5_to_nt_status(k5ret);
 		goto out;
 	}
diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c
index 7e75d436922..fff261daa8e 100644
--- a/source4/auth/kerberos/krb5_init_context.c
+++ b/source4/auth/kerberos/krb5_init_context.c
@@ -478,12 +478,8 @@ smb_krb5_init_context_basic(TALLOC_CTX *tmp_ctx,
 #endif
 	krb5_context krb5_ctx;
 
-	initialize_krb5_error_table();
-
-	ret = krb5_init_context(&krb5_ctx);
+	ret = smb_krb5_init_context_common(&krb5_ctx);
 	if (ret) {
-		DEBUG(1,("krb5_init_context failed (%s)\n",
-			 error_message(ret)));
 		return ret;
 	}
 
diff --git a/source4/kdc/ktutil.c b/source4/kdc/ktutil.c
index bc263c5b29b..59aa1cf377f 100644
--- a/source4/kdc/ktutil.c
+++ b/source4/kdc/ktutil.c
@@ -59,10 +59,10 @@ int main (int argc, char **argv)
 
 	keytab_name = argv[1];
 
-	initialize_krb5_error_table();
-
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		smb_krb5_err(mem_ctx, context, 1, ret, "krb5_context");
 	}
 
diff --git a/source4/kdc/sdb_to_kdb.c b/source4/kdc/sdb_to_kdb.c
index 74d882738f8..1411b0f5f66 100644
--- a/source4/kdc/sdb_to_kdb.c
+++ b/source4/kdc/sdb_to_kdb.c
@@ -327,8 +327,10 @@ static int samba_kdc_kdb_entry_destructor(struct samba_kdc_entry *p)
 		entry_ex->e_data = NULL;
 	}
 
-	ret = krb5_init_context(&context);
+	ret = smb_krb5_init_context_common(&context);
 	if (ret) {
+		DBG_ERR("kerberos init context failed (%s)\n",
+			error_message(ret));
 		return ret;
 	}
 


-- 
Samba Shared Repository



More information about the samba-cvs mailing list