s3:libads: let ads_sasl_spnego_bind() use cli_credentials_get_unparsed_name()

We should only operate on the creds structure and
avoid using ads->auth.{user_name,realm}.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 989f970598d31db91271e0fdd31cee40a88d1691..3d0bac4c4a9de409d035c17a7acaf2a96196d871 100644 (file)
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -642,6 +642,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
        NTSTATUS nt_status;
        ADS_STATUS status;
        const char *mech = NULL;
+       const char *debug_username = NULL;
        enum credentials_use_kerberos krb5_state;
 
        status = ads_generate_service_principal(ads, &p);
@@ -655,6 +656,12 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
                goto done;
        }
 
+       debug_username = cli_credentials_get_unparsed_name(creds, frame);
+       if (debug_username == NULL) {
+               status = ADS_ERROR_SYSTEM(errno);
+               goto done;
+       }
+
        krb5_state = cli_credentials_get_kerberos_state(creds);
 
 #ifdef HAVE_KRB5
@@ -692,10 +699,9 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
                        if (!ADS_ERR_OK(status)) {
                                DBG_ERR("kinit succeeded but "
                                        "SPNEGO bind with Kerberos failed "
-                                       "for %s/%s - user[%s], realm[%s]: %s\n",
+                                       "for %s/%s - user[%s]: %s\n",
                                        p.service, p.hostname,
-                                       ads->auth.user_name,
-                                       ads->auth.realm,
+                                       debug_username,
                                        ads_errstr(status));
                        }
                }
@@ -707,11 +713,10 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
                }
 
                DBG_WARNING("SASL bind with Kerberos failed "
-                           "for %s/%s - user[%s], realm[%s]: %s, "
+                           "for %s/%s - user[%s]: %s, "
                            "try to fallback to NTLMSSP\n",
                            p.service, p.hostname,
-                           ads->auth.user_name,
-                           ads->auth.realm,
+                           debug_username,
                            ads_errstr(status));
        }
 #endif
@@ -744,10 +749,9 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
 done:
        if (!ADS_ERR_OK(status)) {
                DEBUG(1,("ads_sasl_spnego_gensec_bind(%s) failed "
-                        "for %s/%s with user[%s] realm=[%s]: %s\n", mech,
+                        "for %s/%s with user[%s]: %s\n", mech,
                          p.service, p.hostname,
-                         ads->auth.user_name,
-                         ads->auth.realm,
+                         debug_username,
                          ads_errstr(status)));
        }
        ads_free_service_principal(&p);