diff options
author | Markus Krogh <markus@nordu.net> | 2018-06-12 14:02:30 +0200 |
---|---|---|
committer | Markus Krogh <markus@nordu.net> | 2018-06-12 14:02:30 +0200 |
commit | a99d7e848af83ad6d6c19933af24a976f82b28a7 (patch) | |
tree | e9d23fa589b72fff46d5badcdd771ec833fef4ce | |
parent | b0958f35f44d9e233e453cd395e5f23f029177da (diff) |
Adding extra non error state (principal unknown)
-rw-r--r-- | kdc.go | 17 |
1 files changed, 14 insertions, 3 deletions
@@ -4,6 +4,7 @@ import ( "fmt" "gopkg.in/jcmturner/gokrb5.v5/client" "gopkg.in/jcmturner/gokrb5.v5/config" + "log" "os/exec" "strings" ) @@ -33,16 +34,25 @@ func checkKerberosDuplicatePw(suffix, username, password string) error { err = kclient.Login() if err != nil { // error either means bad password or no connection etc. - if strings.Contains(err.Error(), "KDC_ERR_PREAUTH_REQUIRED") || strings.Contains(err.Error(), "Decrypting_Error") { + if containsEither(err.Error(), "KDC_ERR_PREAUTH_REQUIRED", "Decrypting_Error", "KDC_ERR_C_PRINCIPAL_UNKNOWN") { // Password did not match return nil } fmt.Println("ERROR", err) - return err + return fmt.Errorf("Error while checking %s password for duplicate, got error: %v", suffix, err) } return fmt.Errorf("Password already used with: %s account", suffix) } +func containsEither(what string, substr ...string) bool { + for _, str := range substr { + if strings.Contains(what, str) { + return true + } + } + return false +} + func ChangeKerberosPw(suffix, username, new_password string) error { kerberos_uid := fmt.Sprintf("%s%s", username, suffixMap[suffix]) // call script @@ -56,8 +66,9 @@ func ChangeKerberosPw(suffix, username, new_password string) error { fmt.Fprintf(stdin, "%s@NORDU.NET %s", kerberos_uid, new_password) }() - err = cmd.Run() + out, err := cmd.CombinedOutput() if err != nil { + log.Println("ERROR", "Error running change password script, got error:", err, "with script output:", string(out)) return fmt.Errorf("Error running change password script, got error: %v", err) } |