interfaces/libpq/fe-auth, line 621-622:
<<snip>>
if (pg_krb5_sendauth(PQerrormsg, conn->sock,
hostname) != STATUS_OK)
{
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
libpq_gettext("Kerberos 5
authentication failed\n"));
pgunlock_thread();
return STATUS_ERROR;
}
<<snip>>
It appears that libpq overwrites the actual error message from the
kerberos libraries with a generic "Kerberos 5 authentication failed"
message (PQerrormsg is passed in just for the reason of collecting the
error msg).'
Removing the snprintf() at these lines starts producing actual error
messages, which sure are helpful when it comes to debugging...
I've hacked around enough in those parts that I can't produce a clean
patch right now, but it should be easy enough to spot and fix without,
I'd think :-) If an actual patch is needed, I can provide one soon, but
I figured I should get the mail out there first...
Please consider fixing this in both 8.1 and 8.0.2.
//Magnus
