X-Git-Url: http://dolda2000.com/gitweb/?a=blobdiff_plain;f=daemon%2Fauth-krb5.c;h=6dc0368486b8442bd658880bfeb52e134df4d230;hb=62da27122178606db9029d8442b398a091c57246;hp=5409692f203c7040703a4259d3d2cafea9d25c1b;hpb=d2a3e34aad6590a6a228d367378c534ab3b89bca;p=doldaconnect.git

diff --git a/daemon/auth-krb5.c b/daemon/auth-krb5.c
index 5409692..6dc0368 100644
--- a/daemon/auth-krb5.c
+++ b/daemon/auth-krb5.c
@@ -348,7 +348,7 @@ static int krbauth(struct authhandle *auth, char *passdata)
 		    authorized = 1;
 		if(authorized)
 		{
-		    flog(LOG_INFO, "krb5 principal %s successfully authorized as %s", data->cname, data->username);
+		    flog(LOG_INFO, "krb5 principal %s successfully authorized as %s%s", data->cname, data->username, (data->creds == NULL)?"":" (with fwd creds)");
 		    return(AUTH_SUCCESS);
 		} else {
 		    flog(LOG_INFO, "krb5 principal %s not authorized as %s", data->cname, data->username);
@@ -377,7 +377,6 @@ static int krbauth(struct authhandle *auth, char *passdata)
 		krb5_free_tgt_creds(k5context, fwdcreds);
 		return(AUTH_ERR);
 	    }
-	    flog(LOG_INFO, "received forwarded credentials for %s", data->username);
 	    /* Copy only the first credential. (Change this if it becomes a problem) */
 	    ret = krb5_copy_creds(k5context, *fwdcreds, &data->creds);
 	    krb5_free_tgt_creds(k5context, fwdcreds);
@@ -420,7 +419,7 @@ static int opensess(struct authhandle *auth)
 	    flog(LOG_ERR, "could not get passwd entry for forwarded tickets (user %s): %s", data->username, strerror(errno));
 	    return(AUTH_ERR);
 	}
-	if(confgetint("auth-krb5", "usedefcc"))
+	if(!confgetint("auth-krb5", "usedefcc"))
 	{
 	    buf = sprintf2("/tmp/krb5cc_dc_%i_XXXXXX", pwent->pw_uid);
 	    if((fd = mkstemp(buf)) < 0)