diff options
author | Steve Holme <steve_holme@hotmail.com> | 2014-12-04 21:04:01 +0000 |
---|---|---|
committer | Steve Holme <steve_holme@hotmail.com> | 2014-12-04 21:09:06 +0000 |
commit | 0fcd74b836e20a3178a8381b31a2fb4d1495c7f6 (patch) | |
tree | 159845d911c0ddf9085056ef6a9c0dbb9e3ff26b | |
parent | 1b3a398ec1844560e60e2dad63d96d061361b57d (diff) |
sasl_sspi: Added more Kerberos V5 decoding debug failure messages
-rw-r--r-- | lib/curl_sasl_sspi.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/curl_sasl_sspi.c b/lib/curl_sasl_sspi.c index aa992ce5e..99ea6cab3 100644 --- a/lib/curl_sasl_sspi.c +++ b/lib/curl_sasl_sspi.c @@ -1030,6 +1030,8 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, /* Decrypt in the inbound challenge obtaining the qop */ status = s_pSecFn->DecryptMessage(krb5->context, &input_desc, 0, &qop); if(status != SEC_E_OK) { + infof(data, "GSSAPI handshake failure (empty security message)\n"); + Curl_safefree(chlg); return CURLE_BAD_CONTENT_ENCODING; @@ -1037,6 +1039,8 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, /* Not 4 octets long so fail as per RFC4752 Section 3.1 */ if(input_buf[1].cbBuffer != 4) { + infof(data, "GSSAPI handshake failure (invalid security data)\n"); + Curl_safefree(chlg); return CURLE_BAD_CONTENT_ENCODING; @@ -1050,6 +1054,8 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, /* Extract the security layer */ sec_layer = indata & 0x000000FF; if(!(sec_layer & KERB_WRAP_NO_ENCRYPT)) { + infof(data, "GSSAPI handshake failure (invalid security layer)\n"); + Curl_safefree(chlg); return CURLE_BAD_CONTENT_ENCODING; |