Adding extra non error state (principal unknown)

1 files changed, 14 insertions, 3 deletions

diff --git a/kdc.go b/kdc.go
index e3cc02e..252658b 100644
--- a/kdc.go
+++ b/kdc.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"gopkg.in/jcmturner/gokrb5.v5/client"
 	"gopkg.in/jcmturner/gokrb5.v5/config"
+	"log"
 	"os/exec"
 	"strings"
 )
@@ -33,16 +34,25 @@ func checkKerberosDuplicatePw(suffix, username, password string) error {
 	err = kclient.Login()
 	if err != nil {
 		// error either means bad password or no connection etc.
-		if strings.Contains(err.Error(), "KDC_ERR_PREAUTH_REQUIRED") || strings.Contains(err.Error(), "Decrypting_Error") {
+		if containsEither(err.Error(), "KDC_ERR_PREAUTH_REQUIRED", "Decrypting_Error", "KDC_ERR_C_PRINCIPAL_UNKNOWN") {
 			// Password did not match
 			return nil
 		}
 		fmt.Println("ERROR", err)
-		return err
+		return fmt.Errorf("Error while checking %s password for duplicate, got error: %v", suffix, err)
 	}
 	return fmt.Errorf("Password already used with: %s account", suffix)
 }
 
+func containsEither(what string, substr ...string) bool {
+	for _, str := range substr {
+		if strings.Contains(what, str) {
+			return true
+		}
+	}
+	return false
+}
+
 func ChangeKerberosPw(suffix, username, new_password string) error {
 	kerberos_uid := fmt.Sprintf("%s%s", username, suffixMap[suffix])
 	// call script
@@ -56,8 +66,9 @@ func ChangeKerberosPw(suffix, username, new_password string) error {
 		fmt.Fprintf(stdin, "%s@NORDU.NET %s", kerberos_uid, new_password)
 	}()
 
-	err = cmd.Run()
+	out, err := cmd.CombinedOutput()
 	if err != nil {
+		log.Println("ERROR", "Error running change password script, got error:", err, "with script output:", string(out))
 		return fmt.Errorf("Error running change password script, got error: %v", err)
 	}