Update krb_server_name to document that a missing entry defaults to

'localhost'.

Improve kerberos error message.

doc/src/sgml/config.sgml

@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/config.sgml,v 1.27 2005/10/13 20:58:42 momjian Exp $
+$PostgreSQL: pgsql/doc/src/sgml/config.sgml,v 1.28 2005/10/13 22:55:19 momjian Exp $
 -->
 <chapter Id="runtime-config">
   <title>Run-time Configuration</title>
@@ -596,9 +596,8 @@ SET ENABLE_SEQSCAN TO OFF;
         <varname>krb_srvname</><literal>/</><varname>krb_server_hostname</><literal>@</>REALM.
        </para>
        <para>
-        If not set, the default is to allow any service principal matching an entry
-        in the keytab.  See <xref linkend="kerberos-auth"> for details.
-        This parameter can only be set at server start.
+        If not set, the default is <literal>localhost</>.  See <xref linkend="kerberos-auth">
+        for details.  This parameter can only be set at server start.
        </para>
       </listitem>
      </varlistentry>

src/backend/libpq/auth.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.128 2005/10/08 19:32:57 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.129 2005/10/13 22:55:19 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -162,11 +162,11 @@ pg_krb5_init(void)
 	if (retval)
 	{
 		ereport(LOG,
-				(errmsg("Kerberos sname_to_principal(\"%s\") returned error %d",
-						pg_krb_srvnam, retval)));
+				(errmsg("Kerberos sname_to_principal(\"%s\", \"%s\") returned error %d",
+						khostname ? khostname : "localhost", pg_krb_srvnam, retval)));
 		com_err("postgres", retval,
-				"while getting server principal for service \"%s\"",
-				pg_krb_srvnam);
+				"while getting server principal for server \"%s\" for service \"%s\"",
+				khostname ? khostname : "localhost", pg_krb_srvnam);
 		krb5_kt_close(pg_krb5_context, pg_krb5_keytab);
 		krb5_free_context(pg_krb5_context);
 		return STATUS_ERROR;