Send back a better error-message to the client in case the password

change was rejected.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16698 ec53bebd-3082-4978-b11e-865c3cabbd6b

diff --git a/kpasswd/kpasswdd.c b/kpasswd/kpasswdd.c
index c243f571865ea3074a24e187b3156511acab83fd..e3a07412f75d40c94be55719626c65c42b37cad9 100644 (file)
--- a/kpasswd/kpasswdd.c
+++ b/kpasswd/kpasswdd.c
@@ -400,9 +400,11 @@ change (krb5_auth_context auth_context,
     krb5_free_data (context, pwd_data);
     pwd_data = NULL;
     if (ret) {
-       krb5_warn (context, ret, "kadm5_s_chpass_principal_cond");
-       reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR,
-                   "Internal error");
+       char *str = krb5_get_error_message(context, ret);
+       krb5_warnx(context, "kadm5_s_chpass_principal_cond: %s", str);
+       reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_SOFTERROR,
+                   str ? str : "Internal error");
+       krb5_free_error_string(context, str);
        goto out;
     }
     reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_SUCCESS,