src - OpenBSD base system

diff options


context:
space:
mode:

author	Hans Insulander <hin@cvs.openbsd.org>	2001-06-22 21:14:18 +0000
committer	Hans Insulander <hin@cvs.openbsd.org>	2001-06-22 21:14:18 +0000
commit	6030de5bbb3be2acc4f5f6f1d7fcf463a2f76042 (patch)
tree	dc23cda93a42fee4c141f739988f20c5f8a87460
parent	64fdbd2f64c34d83f0839ee516a786b1838ce919 (diff)

Import of heimdal-0.3f

Lots of changes, highlights include: * change default keytab to ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab, the new keytab type that tries both of these in order (SRVTAB is also an alias for krb4:) * improve error reporting and error handling (error messages should be more detailed and more useful) * the API is closer to what MIT krb5 is using * more compatible with windows 2000 * removed some memory leaks * bug fixes

Diffstat

-rw-r--r--

kerberosV/src/admin/add.c

-rw-r--r--

kerberosV/src/admin/change.c

-rw-r--r--

kerberosV/src/admin/copy.c

-rw-r--r--

kerberosV/src/admin/get.c

-rw-r--r--

kerberosV/src/admin/ktutil.8

-rw-r--r--

kerberosV/src/admin/purge.c

-rw-r--r--

kerberosV/src/admin/remove.c

-rw-r--r--

kerberosV/src/appl/afsutil/ChangeLog

8 files changed, 231 insertions, 78 deletions

diff --git a/kerberosV/src/admin/add.c b/kerberosV/src/admin/add.c
index b2785fb76de..c7713918630 100644
--- a/kerberosV/src/admin/add.c
+++ b/kerberosV/src/admin/add.c

@@ -1,5 +1,5 @@

* (Royal Institute of Technology, Stockholm, Sweden).

@@ -33,12 +33,13 @@

#include "ktutil_locl.h"

-RCSID("$KTH: add.c,v 1.1 2000/01/02 04:41:00 assar Exp $");

+RCSID("$KTH: add.c,v 1.2 2001/05/10 15:39:15 assar Exp $");

int

kt_add(int argc, char **argv)

{

krb5_error_code ret;

+ krb5_keytab keytab;

krb5_keytab_entry entry;

char buf[128];

char *principal_string = NULL;

@@ -71,30 +72,47 @@ kt_add(int argc, char **argv)

if(getarg(args, num_args, argc, argv, &optind)) {

arg_printusage(args, num_args, "ktutil add", "");

- return 0;

+ return 1;

}

if(help_flag) {

arg_printusage(args, num_args, "ktutil add", "");

- return 0;

+ return 1;

}

+ if (keytab_string == NULL) {

+ ret = krb5_kt_default_modify_name (context, keytab_buf,

+ sizeof(keytab_buf));

+ if (ret) {

+ krb5_warn(context, ret, "krb5_kt_default_modify_name");

+ return 1;

+ }

+ keytab_string = keytab_buf;

+ }

+ ret = krb5_kt_resolve(context, keytab_string, &keytab);

+ if (ret) {

+ krb5_warn(context, ret, "resolving keytab %s", keytab_string);

+ return 1;

+ }

+ if (verbose_flag)

+ fprintf (stderr, "Using keytab %s\n", keytab_string);

+ memset(&entry, 0, sizeof(entry));

if(principal_string == NULL) {

printf("Principal: ");

if (fgets(buf, sizeof(buf), stdin) == NULL)

- return 0;

+ return 1;

buf[strcspn(buf, "\r\n")] = '\0';

principal_string = buf;

}

ret = krb5_parse_name(context, principal_string, &entry.principal);

if(ret) {

krb5_warn(context, ret, "%s", principal_string);

- return 0;

+ goto out;

}

if(enctype_string == NULL) {

printf("Encryption type: ");

- if (fgets(buf, sizeof(buf), stdin) == NULL) {

- krb5_free_principal (context, entry.principal);

- return 0;

- }

+ if (fgets(buf, sizeof(buf), stdin) == NULL)

+ goto out;

buf[strcspn(buf, "\r\n")] = '\0';

enctype_string = buf;

}

@@ -105,24 +123,19 @@ kt_add(int argc, char **argv)

enctype = t;

else {

krb5_warn(context, ret, "%s", enctype_string);

- krb5_free_principal(context, entry.principal);

- return 0;

+ goto out;

}

if(kvno == -1) {

printf("Key version: ");

- if (fgets(buf, sizeof(buf), stdin) == NULL) {

- krb5_free_principal (context, entry.principal);

- return 0;

- }

+ if (fgets(buf, sizeof(buf), stdin) == NULL)

+ goto out;

buf[strcspn(buf, "\r\n")] = '\0';

kvno = atoi(buf);

}

if(password_string == NULL && random_flag == 0) {

- if(des_read_pw_string(buf, sizeof(buf), "Password: ", 1)) {

- krb5_free_principal (context, entry.principal);

- return 0;

- }

+ if(des_read_pw_string(buf, sizeof(buf), "Password: ", 1))

+ goto out;

password_string = buf;

}

if(password_string) {

@@ -150,6 +163,8 @@ kt_add(int argc, char **argv)

ret = krb5_kt_add_entry(context, keytab, &entry);

if(ret)

krb5_warn(context, ret, "add");

+ out:

krb5_kt_free_entry(context, &entry);

+ krb5_kt_close(context, keytab);

return 0;

}

diff --git a/kerberosV/src/admin/change.c b/kerberosV/src/admin/change.c
index c69352a18fd..e1f0530867e 100644
--- a/kerberosV/src/admin/change.c
+++ b/kerberosV/src/admin/change.c

@@ -1,5 +1,5 @@

* (Royal Institute of Technology, Stockholm, Sweden).

@@ -33,10 +33,11 @@

#include "ktutil_locl.h"

-RCSID("$KTH: change.c,v 1.2 2000/06/03 12:24:03 assar Exp $");

+RCSID("$KTH: change.c,v 1.3 2001/05/10 15:40:07 assar Exp $");

static void

-change_entry (krb5_context context, krb5_keytab_entry *entry,

+change_entry (krb5_context context, krb5_keytab keytab,

+ krb5_keytab_entry *entry,

const char *realm, const char *admin_server, int server_port)

{

krb5_error_code ret;

@@ -49,7 +50,7 @@ change_entry (krb5_context context, krb5_keytab_entry *entry,

ret = krb5_unparse_name (context, entry->principal, &client_name);

if (ret) {

- krb5_warn (context, ret, "kadm5_c_init_with_skey_ctx");

+ krb5_warn (context, ret, "krb5_unparse_name");

return;

}

@@ -113,6 +114,7 @@ int

kt_change (int argc, char **argv)

{

krb5_error_code ret;

+ krb5_keytab keytab;

krb5_kt_cursor cursor;

krb5_keytab_entry entry;

char *realm = NULL;

@@ -145,21 +147,39 @@ kt_change (int argc, char **argv)

|| help_flag) {

arg_printusage(args, sizeof(args) / sizeof(args[0]),

"ktutil change", "principal...");

- return 0;

+ return 1;

}

+ if (keytab_string == NULL) {

+ ret = krb5_kt_default_modify_name (context, keytab_buf,

+ sizeof(keytab_buf));

+ if (ret) {

+ krb5_warn(context, ret, "krb5_kt_default_modify_name");

+ return 1;

+ }

+ keytab_string = keytab_buf;

+ }

+ ret = krb5_kt_resolve(context, keytab_string, &keytab);

+ if (ret) {

+ krb5_warn(context, ret, "resolving keytab %s", keytab_string);

+ return 1;

+ }

+ if (verbose_flag)

+ fprintf (stderr, "Using keytab %s\n", keytab_string);

j = 0;

max = 10;

princs = malloc (max * sizeof(*princs));

if (princs == NULL) {

krb5_warnx (context, "malloc: out of memory");

- return 1;

+ goto out;

}

ret = krb5_kt_start_seq_get(context, keytab, &cursor);

if(ret){

krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_string);

- return 1;

+ goto out;

}

while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) {

@@ -174,7 +194,8 @@ kt_change (int argc, char **argv)

continue;

if (optind == argc) {

- change_entry (context, &entry, realm, admin_server, server_port);

+ change_entry (context, keytab, &entry, realm, admin_server,

+ server_port);

done = 1;

} else {

for (i = optind; i < argc; ++i) {

@@ -186,7 +207,7 @@ kt_change (int argc, char **argv)

continue;

}

if (krb5_principal_compare (context, princ, entry.principal)) {

- change_entry (context, &entry,

+ change_entry (context, keytab, &entry,

realm, admin_server, server_port);

done = 1;

}

@@ -220,5 +241,7 @@ kt_change (int argc, char **argv)

krb5_free_principal (context, princs[j]);

free (princs);

ret = krb5_kt_end_seq_get(context, keytab, &cursor);

+ out:

+ krb5_kt_close(context, keytab);

return 0;

}

diff --git a/kerberosV/src/admin/copy.c b/kerberosV/src/admin/copy.c
index 2519a770b2d..674fdf10924 100644
--- a/kerberosV/src/admin/copy.c
+++ b/kerberosV/src/admin/copy.c

@@ -1,5 +1,5 @@

* (Royal Institute of Technology, Stockholm, Sweden).

@@ -33,7 +33,7 @@

#include "ktutil_locl.h"

-RCSID("$KTH: copy.c,v 1.5 2000/12/16 00:45:29 joda Exp $");

+RCSID("$KTH: copy.c,v 1.7 2001/05/11 00:54:01 assar Exp $");

static krb5_boolean

@@ -57,22 +57,25 @@ kt_copy_int (const char *from, const char *to)

ret = krb5_kt_resolve (context, from, &src_keytab);

if (ret) {

krb5_warn (context, ret, "resolving src keytab `%s'", from);

- return 0;

+ return 1;

}

ret = krb5_kt_resolve (context, to, &dst_keytab);

if (ret) {

krb5_kt_close (context, src_keytab);

krb5_warn (context, ret, "resolving dst keytab `%s'", to);

- return 0;

+ return 1;

}

ret = krb5_kt_start_seq_get (context, src_keytab, &cursor);

if (ret) {

krb5_warn (context, ret, "krb5_kt_start_seq_get %s", keytab_string);

- goto fail;

+ goto out;

}

+ if (verbose_flag)

+ fprintf(stderr, "copying %s to %s\n", from, to);

while((ret = krb5_kt_next_entry(context, src_keytab,

&entry, &cursor)) == 0) {

char *name_str;

@@ -121,7 +124,7 @@ kt_copy_int (const char *from, const char *to)

}

krb5_kt_end_seq_get (context, src_keytab, &cursor);

- fail:

+ out:

krb5_kt_close (context, src_keytab);

krb5_kt_close (context, dst_keytab);

return 0;

@@ -146,12 +149,12 @@ kt_copy (int argc, char **argv)

if(getarg(args, num_args, argc, argv, &optind)) {

arg_printusage(args, num_args, "ktutil copy",

"keytab-src keytab-dest");

- return 0;

+ return 1;

}

if (help_flag) {

arg_printusage(args, num_args, "ktutil copy",

"keytab-src keytab-dest");

- return 0;

+ return 1;

}

argv += optind;

@@ -160,7 +163,7 @@ kt_copy (int argc, char **argv)

if (argc != 2) {

arg_printusage(args, num_args, "ktutil copy",

"keytab-src keytab-dest");

- return 0;

+ return 1;

}

return kt_copy_int(argv[0], argv[1]);

@@ -220,7 +223,7 @@ conv(int srvconv, int argc, char **argv)

if(keytab_string != NULL)

return kt_copy_int(kt4, keytab_string);

else {

- krb5_kt_default_name(context, kt5, sizeof(kt5));

+ krb5_kt_default_modify_name(context, kt5, sizeof(kt5));

return kt_copy_int(kt4, kt5);

}

} else {

diff --git a/kerberosV/src/admin/get.c b/kerberosV/src/admin/get.c
index e3d5ee0f14a..c5112265709 100644
--- a/kerberosV/src/admin/get.c
+++ b/kerberosV/src/admin/get.c

@@ -1,5 +1,5 @@

* (Royal Institute of Technology, Stockholm, Sweden).

@@ -33,14 +33,15 @@

#include "ktutil_locl.h"

-RCSID("$KTH: get.c,v 1.16 2000/12/31 02:51:43 assar Exp $");

+RCSID("$KTH: get.c,v 1.18 2001/05/10 15:42:01 assar Exp $");

int

kt_get(int argc, char **argv)

{

- krb5_error_code ret;

+ krb5_error_code ret = 0;

+ krb5_keytab keytab;

kadm5_config_params conf;

- void *kadm_handle;

+ void *kadm_handle = NULL;

char *principal = NULL;

char *realm = NULL;

char *admin_server = NULL;

@@ -48,11 +49,16 @@ kt_get(int argc, char **argv)

int help_flag = 0;

int optind = 0;

int i, j;

+ struct getarg_strings etype_strs = {0, NULL};

+ krb5_enctype *etypes = NULL;

+ size_t netypes = 0;

struct getargs args[] = {

{ "principal", 'p', arg_string, NULL,

"admin principal", "principal"

+ { "enctypes", 'e', arg_strings, NULL,

+ "encryption types to use", "enctypes" },

{ "realm", 'r', arg_string, NULL,

"realm to use", "realm"

@@ -66,10 +72,11 @@ kt_get(int argc, char **argv)

};

args[0].value = &principal;

- args[1].value = &realm;

- args[2].value = &admin_server;

- args[3].value = &server_port;

- args[4].value = &help_flag;

+ args[1].value = &etype_strs;

+ args[2].value = &realm;

+ args[3].value = &admin_server;

+ args[4].value = &server_port;

+ args[5].value = &help_flag;

memset(&conf, 0, sizeof(conf));

@@ -77,9 +84,45 @@ kt_get(int argc, char **argv)

|| help_flag) {

arg_printusage(args, sizeof(args) / sizeof(args[0]),

"ktutil get", "principal...");

- return 0;

+ return 1;

}

+ if (keytab_string == NULL) {

+ ret = krb5_kt_default_modify_name (context, keytab_buf,

+ sizeof(keytab_buf));

+ if (ret) {

+ krb5_warn(context, ret, "krb5_kt_default_modify_name");

+ return 1;

+ }

+ keytab_string = keytab_buf;

+ }

+ ret = krb5_kt_resolve(context, keytab_string, &keytab);

+ if (ret) {

+ krb5_warn(context, ret, "resolving keytab %s", keytab_string);

+ return 1;

+ }

+ if (etype_strs.num_strings) {

+ int i;

+ etypes = malloc (etype_strs.num_strings * sizeof(*etypes));

+ if (etypes == NULL) {

+ krb5_warnx(context, "malloc failed");

+ goto out;

+ }

+ netypes = etype_strs.num_strings;

+ for(i = 0; i < netypes; i++) {

+ ret = krb5_string_to_enctype(context,

+ etype_strs.strings[i],

+ &etypes[i]);

+ if(ret) {

+ krb5_warnx(context, "unrecognized enctype: %s",

+ etype_strs.strings[i]);

+ goto out;

+ }

if(realm) {

krb5_set_default_realm(context, realm); /* XXX should be fixed

some other way */

@@ -105,10 +148,9 @@ kt_get(int argc, char **argv)

&kadm_handle);

if(ret) {

krb5_warn(context, ret, "kadm5_init_with_password");

- return 0;

+ goto out;

}

for(i = optind; i < argc; i++){

krb5_principal princ_ent;

kadm5_principal_ent_rec princ;

@@ -166,17 +208,38 @@ kt_get(int argc, char **argv)

continue;

}

for(j = 0; j < n_keys; j++) {

- entry.principal = princ_ent;

- entry.vno = princ.kvno;

- entry.keyblock = keys[j];

- entry.timestamp = time (NULL);

- ret = krb5_kt_add_entry(context, keytab, &entry);

+ int do_add = TRUE;

+ if (netypes) {

+ int i;

+ do_add = FALSE;

+ for (i = 0; i < netypes; ++i)

+ if (keys[j].keytype == etypes[i]) {

+ do_add = TRUE;

+ break;

+ }

+ if (do_add) {

+ entry.principal = princ_ent;

+ entry.vno = princ.kvno;

+ entry.keyblock = keys[j];

+ entry.timestamp = time (NULL);

+ ret = krb5_kt_add_entry(context, keytab, &entry);

+ if (ret)

+ krb5_warn(context, ret, "krb5_kt_add_entry");

+ }

krb5_free_keyblock_contents(context, &keys[j]);

}

kadm5_free_principal_ent(kadm_handle, &princ);

krb5_free_principal(context, princ_ent);

}

- kadm5_destroy(kadm_handle);

- return 0;

+ out:

+ free_getarg_strings(&etype_strs);

+ free(etypes);

+ if (kadm_handle)

+ kadm5_destroy(kadm_handle);

+ krb5_kt_close(context, keytab);

+ return ret != 0;

}

diff --git a/kerberosV/src/admin/ktutil.8 b/kerberosV/src/admin/ktutil.8
index 385f57a5b93..b1f39df6fae 100644
--- a/kerberosV/src/admin/ktutil.8
+++ b/kerberosV/src/admin/ktutil.8

@@ -1,12 +1,11 @@

-.\" $KTH: ktutil.8,v 1.9 2000/12/16 00:58:49 joda Exp $

+.\" $KTH: ktutil.8,v 1.12 2001/06/08 21:35:31 joda Exp $

.\"

.Dd December 16, 2000

.Dt KTUTIL 8

.Os HEIMDAL

.Sh NAME

.Nm ktutil

-.Nd

-manage Kerberos keytabs

+.Nd manage Kerberos keytabs

.Sh SYNOPSIS

.Nm

.Oo Fl k Ar keytab \*(Ba Xo

@@ -64,6 +63,10 @@ to

.It get Xo

.Op Fl p Ar admin principal

.Op Fl -principal= Ns Ar admin principal

+.Oo Fl e Ar enctype \*(Ba Xo

+.Fl -enctypes= Ns Ar enctype

+.Xc

+.Oc

.Op Fl r Ar realm

.Op Fl -realm= Ns Ar realm

.Op Fl a Ar admin server

diff --git a/kerberosV/src/admin/purge.c b/kerberosV/src/admin/purge.c
index 5ce51fc5607..0cc96b3c9b2 100644
--- a/kerberosV/src/admin/purge.c
+++ b/kerberosV/src/admin/purge.c

@@ -1,5 +1,5 @@

* (Royal Institute of Technology, Stockholm, Sweden).

@@ -33,7 +33,7 @@

#include "ktutil_locl.h"

-RCSID("$KTH: purge.c,v 1.3 2000/06/29 08:31:47 joda Exp $");

+RCSID("$KTH: purge.c,v 1.5 2001/05/11 00:54:01 assar Exp $");

* keep track of the highest version for every principal.

@@ -97,8 +97,9 @@ delete_list (struct e *head)

int

kt_purge(int argc, char **argv)

{

- krb5_error_code ret;

+ krb5_error_code ret = 0;

krb5_kt_cursor cursor;

+ krb5_keytab keytab;

krb5_keytab_entry entry;

int help_flag = 0;

char *age_str = "1 week";

@@ -117,26 +118,44 @@ kt_purge(int argc, char **argv)

args[i++].value = &help_flag;

if(getarg(args, num_args, argc, argv, &optind)) {

- arg_printusage(args, num_args, "ktutil remove", "");

- return 0;

+ arg_printusage(args, num_args, "ktutil purge", "");

+ return 1;

}

if(help_flag) {

- arg_printusage(args, num_args, "ktutil remove", "");

- return 0;

+ arg_printusage(args, num_args, "ktutil purge", "");

+ return 1;

}

age = parse_time(age_str, "s");

if(age < 0) {

krb5_warnx(context, "unparasable time `%s'", age_str);

- return 0;

+ return 1;

+ }

+ if (keytab_string == NULL) {

+ ret = krb5_kt_default_modify_name (context, keytab_buf,

+ sizeof(keytab_buf));

+ if (ret) {

+ krb5_warn(context, ret, "krb5_kt_default_modify_name");

+ return 1;

+ }

+ keytab_string = keytab_buf;

+ }

+ ret = krb5_kt_resolve(context, keytab_string, &keytab);

+ if (ret) {

+ krb5_warn(context, ret, "resolving keytab %s", keytab_string);

+ return 1;

}

ret = krb5_kt_start_seq_get(context, keytab, &cursor);

if(ret){

krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_string);

- return 1;

+ goto out;

}

+ if (verbose_flag)

+ fprintf (stderr, "Using keytab %s\n", keytab_string);

while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) {

add_entry (entry.principal, entry.vno, &head);

krb5_kt_free_entry(context, &entry);

@@ -148,7 +167,7 @@ kt_purge(int argc, char **argv)

ret = krb5_kt_start_seq_get(context, keytab, &cursor);

if(ret){

krb5_warn(context, ret, "krb5_kt_start_seq_get, %s", keytab_string);

- return 1;

+ goto out;

}

while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) {

@@ -178,5 +197,7 @@ kt_purge(int argc, char **argv)

delete_list (head);

- return 0;

+ out:

+ krb5_kt_close (context, keytab);

+ return ret != 0;

}

diff --git a/kerberosV/src/admin/remove.c b/kerberosV/src/admin/remove.c
index 2459032e40f..0031eb64b83 100644
--- a/kerberosV/src/admin/remove.c
+++ b/kerberosV/src/admin/remove.c

@@ -1,5 +1,5 @@

* (Royal Institute of Technology, Stockholm, Sweden).

@@ -33,13 +33,14 @@

#include "ktutil_locl.h"

-RCSID("$KTH: remove.c,v 1.1 2000/01/02 04:41:02 assar Exp $");

+RCSID("$KTH: remove.c,v 1.2 2001/05/10 15:44:58 assar Exp $");

int

kt_remove(int argc, char **argv)

{

- krb5_error_code ret;

+ krb5_error_code ret = 0;

krb5_keytab_entry entry;

+ krb5_keytab keytab;

char *principal_string = NULL;

krb5_principal principal = NULL;

int kvno = 0;

@@ -61,7 +62,7 @@ kt_remove(int argc, char **argv)

args[i++].value = &help_flag;

if(getarg(args, num_args, argc, argv, &optind)) {

arg_printusage(args, num_args, "ktutil remove", "");

- return 0;

+ return 1;

}

if(help_flag) {

arg_printusage(args, num_args, "ktutil remove", "");

@@ -71,7 +72,7 @@ kt_remove(int argc, char **argv)

ret = krb5_parse_name(context, principal_string, &principal);

if(ret) {

krb5_warn(context, ret, "%s", principal_string);

- return 0;

+ return 1;

}

if(keytype_string) {

@@ -84,7 +85,7 @@ kt_remove(int argc, char **argv)

krb5_warn(context, ret, "%s", keytype_string);

if(principal)

krb5_free_principal(context, principal);

- return 0;

+ return 1;

}

@@ -92,12 +93,32 @@ kt_remove(int argc, char **argv)

krb5_warnx(context,

"You must give at least one of "

"principal, enctype or kvno.");

- return 0;

+ return 1;

}

+ if (keytab_string == NULL) {

+ ret = krb5_kt_default_modify_name (context, keytab_buf,

+ sizeof(keytab_buf));

+ if (ret) {

+ krb5_warn(context, ret, "krb5_kt_default_modify_name");

+ return 1;

+ }

+ keytab_string = keytab_buf;

+ }

+ ret = krb5_kt_resolve(context, keytab_string, &keytab);

+ if (ret) {

+ krb5_warn(context, ret, "resolving keytab %s", keytab_string);

+ return 1;

+ }

+ if (verbose_flag)

+ fprintf (stderr, "Using keytab %s\n", keytab_string);

entry.principal = principal;

entry.keyblock.keytype = enctype;

entry.vno = kvno;

ret = krb5_kt_remove_entry(context, keytab, &entry);

+ krb5_kt_close(context, keytab);

if(ret)

krb5_warn(context, ret, "remove");

if(principal)

diff --git a/kerberosV/src/appl/afsutil/ChangeLog b/kerberosV/src/appl/afsutil/ChangeLog
index af83aef2cca..8dfd532ce2c 100644
--- a/kerberosV/src/appl/afsutil/ChangeLog
+++ b/kerberosV/src/appl/afsutil/ChangeLog

@@ -1,3 +1,7 @@

+2001-05-17 Assar Westerlund <assar@sics.se>

+ * afslog.c (main): call free_getarg_strings

2000-12-31 Assar Westerlund <assar@sics.se>

* afslog.c (main): handle krb5_init_context failure consistently