Small auth_krb5.c patch for debugging

[Michael Bacon]

In a recent system upgrade, I experienced a weekend full of head-pounding 
hours trying to figure out why saslauthd was failing.  It turned out to be 
a silly problem with non-fully qualified domain names in the /etc/hosts 
file, but it took forever to figure this out.  Based on some google 
searches, I'm not the only one to have run into this issue.

I added a debugging code snippet to auth_krb5.c that provided the critical 
insight into what was going on, which just logs what saslauthd has decided 
as the service principal it should use.  I think it may be worth 
incorporating into the trunk.

diff -u -r1.1 auth_krb5.c
--- /tmp/T0..aWpw       Tue Mar 31 11:18:05 2009
+++ auth_krb5.c Sat Mar 14 13:14:51 2009
@@ -266,6 +266,7 @@
     krb5_keytab kt = NULL;
     char thishost[BUFSIZ];
     int result = 0;
+    char *princ_name;

     memset(&packet, 0, sizeof(packet));

@@ -274,6 +275,11 @@
        return 0;
     }

+    k5_retcode = krb5_unparse_name(context, server, &princ_name);
+    syslog(LOG_DEBUG,"k5support_verify_tgt: Principal name set to %s",
+                     princ_name);
+    free(princ_name);
+
     if (keytabname) {
        if (krb5_kt_resolve(context, keytabname, &kt)) {
            goto fini;

Michael Bacon
ITS Messaging
UNC Chapel Hill