[PATCH] gensec: Change log level for message when obtaining PAC from gss_get_name_attribute failed
Christof Schmitt
cs at samba.org
Fri Jul 1 19:04:04 UTC 2016
From f561450f92d5b614be51e11bcf52aabb1d26dcad Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Fri, 1 Jul 2016 11:52:15 -0700
Subject: [PATCH] gensec: Change log level for message when obtaining PAC from
gss_get_name_attribute failed
This is the second part for the issue from commit 8bb4fccd. A KDC that
does not return a PAC first triggers this message, then the "resorting
to local user lookup" one. Change the log level for the "obtaining PAC
via GSSAPI gss_get_name_attribute" message as well to avoid spamming the
logs during normal usage. While changing this message, also remove the
discard_const since it is no longer required.
Signed-off-by: Christof Schmitt <cs at samba.org>
---
auth/kerberos/gssapi_pac.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/auth/kerberos/gssapi_pac.c b/auth/kerberos/gssapi_pac.c
index 685d0ec..8bbd19c 100644
--- a/auth/kerberos/gssapi_pac.c
+++ b/auth/kerberos/gssapi_pac.c
@@ -112,12 +112,10 @@ NTSTATUS gssapi_obtain_pac_blob(TALLOC_CTX *mem_ctx,
&pac_buffer, &pac_display_buffer, &more);
if (gss_maj != 0) {
- DEBUG(0, ("obtaining PAC via GSSAPI gss_get_name_attribute failed: %s\n",
- gssapi_error_string(mem_ctx,
- gss_maj,
- gss_min,
- discard_const_p(struct gss_OID_desc_struct,
- gss_mech_krb5))));
+ DBG_NOTICE("obtaining PAC via GSSAPI gss_get_name_attribute "
+ "failed: %s\n", gssapi_error_string(mem_ctx,
+ gss_maj, gss_min,
+ gss_mech_krb5));
return NT_STATUS_ACCESS_DENIED;
} else if (authenticated && complete) {
/* The PAC blob is returned directly */
--
1.8.3.1
More information about the samba-technical
mailing list