diff options
| author | Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> | 2014-02-12 10:12:04 -0500 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-02-12 22:30:55 +0100 |
| commit | a3c8390d19593b1e5277d95bfb4ab206d4785150 (patch) | |
| tree | 2eb4e5432f4f79a75589c03b1513b656879ebf9c /src/providers/krb5 | |
| parent | cc026fd9ba386f2197e3217940d597dcad1a26fe (diff) | |
| download | sssd-a3c8390d19593b1e5277d95bfb4ab206d4785150.tar.gz sssd-a3c8390d19593b1e5277d95bfb4ab206d4785150.tar.xz sssd-a3c8390d19593b1e5277d95bfb4ab206d4785150.zip | |
Make DEBUG macro invocations variadic
Use a script to update DEBUG macro invocations to use it as a variadic
macro, supplying format string and its arguments directly, instead of
wrapping them in parens.
This script was used to update the code:
grep -rwl --include '*.[hc]' DEBUG . |
while read f; do
mv "$f"{,.orig}
perl -e \
'use strict;
use File::Slurp;
my $text=read_file(\*STDIN);
$text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs;
print $text;' < "$f.orig" > "$f"
rm "$f.orig"
done
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/providers/krb5')
| -rw-r--r-- | src/providers/krb5/krb5_access.c | 26 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_auth.c | 210 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_become_user.c | 30 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_child.c | 334 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_child_handler.c | 62 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_common.c | 212 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_delayed_online_authentication.c | 88 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_init.c | 28 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_init_shared.c | 18 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_renew_tgt.c | 136 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_utils.c | 186 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_wait_queue.c | 32 |
12 files changed, 681 insertions, 681 deletions
diff --git a/src/providers/krb5/krb5_access.c b/src/providers/krb5/krb5_access.c index 553635c34..e3522dacc 100644 --- a/src/providers/krb5/krb5_access.c +++ b/src/providers/krb5/krb5_access.c @@ -54,7 +54,7 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx, req = tevent_req_create(mem_ctx, &state, struct krb5_access_state); if (req == NULL) { - DEBUG(1, ("tevent_req_create failed.\n")); + DEBUG(1, "tevent_req_create failed.\n"); return NULL; } @@ -66,19 +66,19 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx, ret = krb5_setup(state, pd, krb5_ctx, &state->kr); if (ret != EOK) { - DEBUG(1, ("krb5_setup failed.\n")); + DEBUG(1, "krb5_setup failed.\n"); goto done; } if (pd->cmd != SSS_PAM_ACCT_MGMT) { - DEBUG(1, ("Unexpected pam task.\n")); + DEBUG(1, "Unexpected pam task.\n"); ret = EINVAL; goto done; } attrs = talloc_array(state, const char *, 5); if (attrs == NULL) { - DEBUG(1, ("talloc_array failed.\n")); + DEBUG(1, "talloc_array failed.\n"); ret = ENOMEM; goto done; } @@ -92,13 +92,13 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx, ret = sysdb_get_user_attr(state, be_ctx->domain, state->pd->user, attrs, &res); if (ret) { - DEBUG(5, ("sysdb search for upn of user [%s] failed.\n", pd->user)); + DEBUG(5, "sysdb search for upn of user [%s] failed.\n", pd->user); goto done; } switch (res->count) { case 0: - DEBUG(5, ("No attributes for user [%s] found.\n", pd->user)); + DEBUG(5, "No attributes for user [%s] found.\n", pd->user); ret = ENOENT; goto done; break; @@ -107,14 +107,14 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx, be_ctx->domain, pd->user, pd->domain, &state->kr->upn); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("find_or_guess_upn failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "find_or_guess_upn failed.\n"); goto done; } state->kr->uid = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_UIDNUM, 0); if (state->kr->uid == 0) { - DEBUG(4, ("UID for user [%s] not known.\n", pd->user)); + DEBUG(4, "UID for user [%s] not known.\n", pd->user); ret = ENOENT; goto done; } @@ -122,14 +122,14 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx, state->kr->gid = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_GIDNUM, 0); if (state->kr->gid == 0) { - DEBUG(4, ("GID for user [%s] not known.\n", pd->user)); + DEBUG(4, "GID for user [%s] not known.\n", pd->user); ret = ENOENT; goto done; } break; default: - DEBUG(1, ("User search for [%s] returned > 1 results!\n", pd->user)); + DEBUG(1, "User search for [%s] returned > 1 results!\n", pd->user); ret = EINVAL; goto done; break; @@ -137,7 +137,7 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx, subreq = handle_child_send(state, state->ev, state->kr); if (subreq == NULL) { - DEBUG(1, ("handle_child_send failed.\n")); + DEBUG(1, "handle_child_send failed.\n"); ret = ENOMEM; goto done; } @@ -168,12 +168,12 @@ static void krb5_access_done(struct tevent_req *subreq) ret = handle_child_recv(subreq, state, &buf, &len); talloc_free(subreq); if (ret != EOK) { - DEBUG(1, ("child failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "child failed [%d][%s].\n", ret, strerror(ret)); goto fail; } if ((size_t) len != sizeof(int32_t)) { - DEBUG(1, ("message has the wrong size.\n")); + DEBUG(1, "message has the wrong size.\n"); ret = EINVAL; goto fail; } diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index 0adf601e9..d8bc0db89 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -47,8 +47,8 @@ static errno_t safe_remove_old_ccache_file(const char *old_ccache, if ((old_ccache == new_ccache) || (old_ccache && new_ccache && (strcmp(old_ccache, new_ccache) == 0))) { - DEBUG(SSSDBG_TRACE_FUNC, ("New and old ccache file are the same, " - "none will be deleted.\n")); + DEBUG(SSSDBG_TRACE_FUNC, "New and old ccache file are the same, " + "none will be deleted.\n"); return EOK; } @@ -71,7 +71,7 @@ check_old_ccache(const char *old_ccache, struct krb5child_req *kr, case ERR_NOT_FOUND: case ENOENT: DEBUG(SSSDBG_TRACE_FUNC, - ("Saved ccache %s doesn't exist.\n", old_ccache)); + "Saved ccache %s doesn't exist.\n", old_ccache); return ENOENT; case EINVAL: /* cache found but no tgt or expired */ @@ -80,14 +80,14 @@ check_old_ccache(const char *old_ccache, struct krb5child_req *kr, break; default: DEBUG(SSSDBG_OP_FAILURE, - ("Cannot check if saved ccache %s is valid\n", - old_ccache)); + "Cannot check if saved ccache %s is valid\n", + old_ccache); return ret; } ret = check_if_uid_is_active(kr->uid, active); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("check_if_uid_is_active failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "check_if_uid_is_active failed.\n"); return ret; } @@ -108,17 +108,17 @@ static int krb5_mod_ccname(TALLOC_CTX *mem_ctx, bool in_transaction = false; if (name == NULL || ccname == NULL) { - DEBUG(1, ("Missing user or ccache name.\n")); + DEBUG(1, "Missing user or ccache name.\n"); return EINVAL; } if (mod_op != SYSDB_MOD_REP && mod_op != SYSDB_MOD_DEL) { - DEBUG(1, ("Unsupported operation [%d].\n", mod_op)); + DEBUG(1, "Unsupported operation [%d].\n", mod_op); return EINVAL; } - DEBUG(9, ("%s ccname [%s] for user [%s].\n", - mod_op == SYSDB_MOD_REP ? "Save" : "Delete", ccname, name)); + DEBUG(9, "%s ccname [%s] for user [%s].\n", + mod_op == SYSDB_MOD_REP ? "Save" : "Delete", ccname, name); tmpctx = talloc_new(mem_ctx); if (!tmpctx) { @@ -133,27 +133,27 @@ static int krb5_mod_ccname(TALLOC_CTX *mem_ctx, ret = sysdb_attrs_add_string(attrs, SYSDB_CCACHE_FILE, ccname); if (ret != EOK) { - DEBUG(1, ("sysdb_attrs_add_string failed.\n")); + DEBUG(1, "sysdb_attrs_add_string failed.\n"); goto done; } ret = sysdb_transaction_start(sysdb); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Error %d starting transaction (%s)\n", ret, strerror(ret))); + "Error %d starting transaction (%s)\n", ret, strerror(ret)); goto done; } in_transaction = true; ret = sysdb_set_user_attr(domain, name, attrs, mod_op); if (ret != EOK) { - DEBUG(6, ("Error: %d (%s)\n", ret, strerror(ret))); + DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); goto done; } ret = sysdb_transaction_commit(sysdb); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to commit transaction!\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to commit transaction!\n"); goto done; } in_transaction = false; @@ -162,7 +162,7 @@ done: if (in_transaction) { sret = sysdb_transaction_cancel(sysdb); if (sret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to cancel transaction\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to cancel transaction\n"); } } talloc_zfree(tmpctx); @@ -212,7 +212,7 @@ static struct krb5_ctx *get_krb5_ctx(struct be_req *be_req) struct krb5_ctx); break; default: - DEBUG(1, ("Unsupported PAM task.\n")); + DEBUG(1, "Unsupported PAM task.\n"); return NULL; } } @@ -235,7 +235,7 @@ errno_t krb5_setup(TALLOC_CTX *mem_ctx, struct pam_data *pd, kr = talloc_zero(mem_ctx, struct krb5child_req); if (kr == NULL) { - DEBUG(1, ("talloc failed.\n")); + DEBUG(1, "talloc failed.\n"); return ENOMEM; } kr->is_offline = false; @@ -263,7 +263,7 @@ static void krb5_auth_cache_creds(struct krb5_ctx *krb5_ctx, ret = sss_authtok_get_password(pd->authtok, &password, NULL); if (ret != EOK) { - DEBUG(0, ("Failed to get password [%d] %s\n", ret, strerror(ret))); + DEBUG(0, "Failed to get password [%d] %s\n", ret, strerror(ret)); *pam_status = PAM_SYSTEM_ERR; *dp_err = DP_ERR_OK; return; @@ -272,7 +272,7 @@ static void krb5_auth_cache_creds(struct krb5_ctx *krb5_ctx, ret = sysdb_cache_auth(domain, pd->user, password, cdb, true, NULL, NULL); if (ret != EOK) { - DEBUG(1, ("Offline authentication failed\n")); + DEBUG(1, "Offline authentication failed\n"); *pam_status = cached_login_pam_status(ret); *dp_err = DP_ERR_OK; return; @@ -281,7 +281,7 @@ static void krb5_auth_cache_creds(struct krb5_ctx *krb5_ctx, ret = add_user_to_delayed_online_authentication(krb5_ctx, pd, uid); if (ret != EOK) { /* This error is not fatal */ - DEBUG(1, ("add_user_to_delayed_online_authentication failed.\n")); + DEBUG(1, "add_user_to_delayed_online_authentication failed.\n"); } *pam_status = PAM_AUTHINFO_UNAVAIL; *dp_err = DP_ERR_OFFLINE; @@ -311,13 +311,13 @@ static errno_t krb5_auth_prepare_ccache_name(struct krb5child_req *kr, if (kr->ccname == NULL || (kr->is_offline && !kr->active_ccache && !kr->valid_tgt) || (!kr->is_offline && !kr->active_ccache && kr->pd->cmd != SSS_CMD_RENEW)) { - DEBUG(9, ("Recreating ccache file.\n")); + DEBUG(9, "Recreating ccache file.\n"); ccname_template = dp_opt_get_cstring(kr->krb5_ctx->opts, KRB5_CCNAME_TMPL); kr->ccname = expand_ccname_template(kr, kr, ccname_template, true, be_ctx->domain->case_sensitive); if (kr->ccname == NULL) { - DEBUG(1, ("expand_ccname_template failed.\n")); + DEBUG(1, "expand_ccname_template failed.\n"); return ENOMEM; } @@ -325,7 +325,7 @@ static errno_t krb5_auth_prepare_ccache_name(struct krb5child_req *kr, kr->krb5_ctx->illegal_path_re, kr->uid, kr->gid); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("ccache creation failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "ccache creation failed.\n"); return ret; } } @@ -354,18 +354,18 @@ static void krb5_auth_store_creds(struct sss_domain_info *domain, ret = sss_authtok_get_password(pd->newauthtok, &password, NULL); break; default: - DEBUG(0, ("unsupported PAM command [%d].\n", pd->cmd)); + DEBUG(0, "unsupported PAM command [%d].\n", pd->cmd); } if (ret != EOK) { - DEBUG(0, ("Failed to get password [%d] %s\n", ret, strerror(ret))); + DEBUG(0, "Failed to get password [%d] %s\n", ret, strerror(ret)); /* password caching failures are not fatal errors */ return; } if (password == NULL) { if (pd->cmd != SSS_CMD_RENEW) { - DEBUG(0, ("password not available, offline auth may not work.\n")); + DEBUG(0, "password not available, offline auth may not work.\n"); /* password caching failures are not fatal errors */ } return; @@ -373,8 +373,8 @@ static void krb5_auth_store_creds(struct sss_domain_info *domain, ret = sysdb_cache_password(domain, pd->user, password); if (ret) { - DEBUG(2, ("Failed to cache password, offline auth may not work." - " (%d)[%s]!?\n", ret, strerror(ret))); + DEBUG(2, "Failed to cache password, offline auth may not work." + " (%d)[%s]!?\n", ret, strerror(ret)); /* password caching failures are not fatal errors */ } } @@ -418,7 +418,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, req = tevent_req_create(mem_ctx, &state, struct krb5_auth_state); if (req == NULL) { - DEBUG(1, ("tevent_req_create failed.\n")); + DEBUG(1, "tevent_req_create failed.\n"); return NULL; } @@ -432,7 +432,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, ret = get_domain_or_subdomain(be_ctx, pd->domain, &state->domain); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("get_domain_or_subdomain failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "get_domain_or_subdomain failed.\n"); goto done; } @@ -447,8 +447,8 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, /* handle empty password gracefully */ if (authtok_type == SSS_AUTHTOK_TYPE_EMPTY) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Illegal zero-length authtok for user [%s]\n", - pd->user)); + "Illegal zero-length authtok for user [%s]\n", + pd->user); state->pam_status = PAM_AUTH_ERR; state->dp_err = DP_ERR_OK; ret = EOK; @@ -456,10 +456,10 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, } DEBUG(SSSDBG_CRIT_FAILURE, - ("Wrong authtok type for user [%s]. " \ + "Wrong authtok type for user [%s]. " \ "Expected [%d], got [%d]\n", pd->user, SSS_AUTHTOK_TYPE_PASSWORD, - authtok_type)); + authtok_type); state->pam_status = PAM_SYSTEM_ERR; state->dp_err = DP_ERR_FATAL; ret = EINVAL; @@ -470,7 +470,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, if (pd->priv == 1 && authtok_type != SSS_AUTHTOK_TYPE_PASSWORD) { DEBUG(SSSDBG_MINOR_FAILURE, - ("Password reset by root is not supported.\n")); + "Password reset by root is not supported.\n"); state->pam_status = PAM_PERM_DENIED; state->dp_err = DP_ERR_OK; ret = EOK; @@ -480,10 +480,10 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, case SSS_CMD_RENEW: if (authtok_type != SSS_AUTHTOK_TYPE_CCFILE) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Wrong authtok type for user [%s]. " \ + "Wrong authtok type for user [%s]. " \ "Expected [%d], got [%d]\n", pd->user, SSS_AUTHTOK_TYPE_CCFILE, - authtok_type)); + authtok_type); state->pam_status = PAM_SYSTEM_ERR; state->dp_err = DP_ERR_FATAL; ret = EINVAL; @@ -491,7 +491,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, } break; default: - DEBUG(4, ("Unexpected pam task %d.\n", pd->cmd)); + DEBUG(4, "Unexpected pam task %d.\n", pd->cmd); state->pam_status = PAM_SYSTEM_ERR; state->dp_err = DP_ERR_FATAL; ret = EINVAL; @@ -501,8 +501,8 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, if (be_is_offline(be_ctx) && (pd->cmd == SSS_PAM_CHAUTHTOK || pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM || pd->cmd == SSS_CMD_RENEW)) { - DEBUG(9, ("Password changes and ticket renewal are not possible " - "while offline.\n")); + DEBUG(9, "Password changes and ticket renewal are not possible " + "while offline.\n"); state->pam_status = PAM_AUTHINFO_UNAVAIL; state->dp_err = DP_ERR_OFFLINE; ret = EOK; @@ -525,7 +525,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, ret = krb5_setup(state, pd, krb5_ctx, &state->kr); if (ret != EOK) { - DEBUG(1, ("krb5_setup failed.\n")); + DEBUG(1, "krb5_setup failed.\n"); goto done; } kr = state->kr; @@ -533,7 +533,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, ret = sysdb_get_user_attr(state, state->domain, state->pd->user, attrs, &res); if (ret) { - DEBUG(5, ("sysdb search for upn of user [%s] failed.\n", pd->user)); + DEBUG(5, "sysdb search for upn of user [%s] failed.\n", pd->user); state->pam_status = PAM_SYSTEM_ERR; state->dp_err = DP_ERR_OK; goto done; @@ -541,14 +541,14 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, realm = dp_opt_get_cstring(krb5_ctx->opts, KRB5_REALM); if (realm == NULL) { - DEBUG(1, ("Missing Kerberos realm.\n")); + DEBUG(1, "Missing Kerberos realm.\n"); ret = ENOENT; goto done; } switch (res->count) { case 0: - DEBUG(5, ("No attributes for user [%s] found.\n", pd->user)); + DEBUG(5, "No attributes for user [%s] found.\n", pd->user); ret = ENOENT; goto done; break; @@ -558,33 +558,33 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, be_ctx->domain, pd->user, pd->domain, &kr->upn); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("find_or_guess_upn failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "find_or_guess_upn failed.\n"); goto done; } ret = compare_principal_realm(kr->upn, realm, &kr->upn_from_different_realm); if (ret != 0) { - DEBUG(SSSDBG_OP_FAILURE, ("compare_principal_realm failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "compare_principal_realm failed.\n"); goto done; } kr->homedir = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_HOMEDIR, NULL); if (kr->homedir == NULL) { - DEBUG(4, ("Home directory for user [%s] not known.\n", pd->user)); + DEBUG(4, "Home directory for user [%s] not known.\n", pd->user); } kr->uid = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_UIDNUM, 0); if (kr->uid == 0) { - DEBUG(4, ("UID for user [%s] not known.\n", pd->user)); + DEBUG(4, "UID for user [%s] not known.\n", pd->user); ret = ENOENT; goto done; } kr->gid = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_GIDNUM, 0); if (kr->gid == 0) { - DEBUG(4, ("GID for user [%s] not known.\n", pd->user)); + DEBUG(4, "GID for user [%s] not known.\n", pd->user); ret = ENOENT; goto done; } @@ -598,28 +598,28 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, &kr->valid_tgt); if (ret == ENOENT) { DEBUG(SSSDBG_FUNC_DATA, - ("Ignoring ccache attribute [%s], because it doesn't" - "exist.\n", ccache_file)); + "Ignoring ccache attribute [%s], because it doesn't" + "exist.\n", ccache_file); ccache_file = NULL; } else if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, - ("check_if_ccache_file_is_used failed.\n")); + "check_if_ccache_file_is_used failed.\n"); ccache_file = NULL; } } else { kr->active_ccache = false; kr->valid_tgt = false; - DEBUG(4, ("No ccache file for user [%s] found.\n", pd->user)); + DEBUG(4, "No ccache file for user [%s] found.\n", pd->user); } - DEBUG(9, ("Ccache_file is [%s] and is %s active and TGT is %s valid.\n", + DEBUG(9, "Ccache_file is [%s] and is %s active and TGT is %s valid.\n", ccache_file ? ccache_file : "not set", kr->active_ccache ? "" : "not", - kr->valid_tgt ? "" : "not")); + kr->valid_tgt ? "" : "not"); if (ccache_file != NULL) { kr->ccname = ccache_file; kr->old_ccname = talloc_strdup(kr, ccache_file); if (kr->old_ccname == NULL) { - DEBUG(1, ("talloc_strdup failed.\n")); + DEBUG(1, "talloc_strdup failed.\n"); ret = ENOMEM; goto done; } @@ -630,7 +630,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, break; default: - DEBUG(1, ("User search for (%s) returned > 1 results!\n", pd->user)); + DEBUG(1, "User search for (%s) returned > 1 results!\n", pd->user); ret = EINVAL; goto done; break; @@ -644,7 +644,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, state->krb5_ctx->service->name, state->kr->srv == NULL ? true : false); if (!subreq) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Failed resolver request.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed resolver request.\n"); ret = EIO; goto done; } @@ -702,7 +702,7 @@ static void krb5_auth_resolve_done(struct tevent_req *subreq) if (kr->pd->cmd == SSS_PAM_CHAUTHTOK || kr->pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) { DEBUG(SSSDBG_TRACE_FUNC, - ("No KDC suitable for password change is available\n")); + "No KDC suitable for password change is available\n"); state->pam_status = PAM_AUTHTOK_LOCK_BUSY; state->dp_err = DP_ERR_OK; ret = EOK; @@ -716,7 +716,7 @@ static void krb5_auth_resolve_done(struct tevent_req *subreq) state->krb5_ctx->kpasswd_service->name, kr->kpasswd_srv == NULL ? true : false); if (subreq == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Resolver request failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Resolver request failed.\n"); ret = EIO; goto done; } @@ -732,21 +732,21 @@ static void krb5_auth_resolve_done(struct tevent_req *subreq) } if (kr->is_offline) { - DEBUG(9, ("Preparing for offline operation.\n")); + DEBUG(9, "Preparing for offline operation.\n"); if (kr->valid_tgt || kr->active_ccache) { - DEBUG(9, ("Valid TGT available or " - "ccache file is already in use.\n")); + DEBUG(9, "Valid TGT available or " + "ccache file is already in use.\n"); kr->ccname = kr->old_ccname; msg = talloc_asprintf(kr->pd, "%s=%s", CCACHE_ENV_NAME, kr->ccname); if (msg == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); } else { ret = pam_add_response(kr->pd, SSS_PAM_ENV_ITEM, strlen(msg) + 1, (uint8_t *) msg); if (ret != EOK) { - DEBUG(1, ("pam_add_response failed.\n")); + DEBUG(1, "pam_add_response failed.\n"); } } @@ -782,7 +782,7 @@ static void krb5_auth_resolve_done(struct tevent_req *subreq) subreq = handle_child_send(state, state->ev, kr); if (subreq == NULL) { - DEBUG(1, ("handle_child_send failed.\n")); + DEBUG(1, "handle_child_send failed.\n"); ret = ENOMEM; goto done; } @@ -817,7 +817,7 @@ static void krb5_auth_done(struct tevent_req *subreq) talloc_zfree(subreq); if (ret == ETIMEDOUT) { - DEBUG(1, ("child timed out!\n")); + DEBUG(1, "child timed out!\n"); switch (pd->cmd) { case SSS_PAM_AUTHENTICATE: @@ -837,7 +837,7 @@ static void krb5_auth_done(struct tevent_req *subreq) break; } default: - DEBUG(1, ("Unexpected PAM task\n")); + DEBUG(1, "Unexpected PAM task\n"); ret = EINVAL; goto done; } @@ -848,7 +848,7 @@ static void krb5_auth_done(struct tevent_req *subreq) state->krb5_ctx->service->name, search_srv == NULL ? true : false); if (subreq == NULL) { - DEBUG(1, ("Failed resolved request.\n")); + DEBUG(1, "Failed resolved request.\n"); ret = ENOMEM; goto done; } @@ -857,7 +857,7 @@ static void krb5_auth_done(struct tevent_req *subreq) } else if (ret != EOK) { - DEBUG(1, ("child failed (%d [%s])\n", ret, strerror(ret))); + DEBUG(1, "child failed (%d [%s])\n", ret, strerror(ret)); goto done; } @@ -867,8 +867,8 @@ static void krb5_auth_done(struct tevent_req *subreq) state->be_ctx->domain->pwd_expiration_warning, &res); if (ret) { - DEBUG(SSSDBG_OP_FAILURE, ("Could not parse child response [%d]: %s\n", - ret, strerror(ret))); + DEBUG(SSSDBG_OP_FAILURE, "Could not parse child response [%d]: %s\n", + ret, strerror(ret)); goto done; } @@ -893,7 +893,7 @@ static void krb5_auth_done(struct tevent_req *subreq) talloc_free(kr->upn); kr->upn = talloc_strdup(kr, res->correct_upn); if (kr->upn == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("talloc_strdup failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "talloc_strdup failed.\n"); ret = ENOMEM; goto done; } @@ -902,14 +902,14 @@ static void krb5_auth_done(struct tevent_req *subreq) pd->user, res->correct_upn); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, - ("check_if_cached_upn_needs_update failed.\n")); + "check_if_cached_upn_needs_update failed.\n"); goto done; } } else { - DEBUG(SSSDBG_CRIT_FAILURE, ("UPN used in the request [%s] and " \ + DEBUG(SSSDBG_CRIT_FAILURE, "UPN used in the request [%s] and " \ "returned UPN [%s] differ by more " \ "than just the case.\n", - kr->upn, res->correct_upn)); + kr->upn, res->correct_upn); ret = EINVAL; goto done; } @@ -944,7 +944,7 @@ static void krb5_auth_done(struct tevent_req *subreq) state->krb5_ctx->kpasswd_service->name, state->kr->kpasswd_srv == NULL ? true : false); if (subreq == NULL) { - DEBUG(1, ("Resolver request failed.\n")); + DEBUG(1, "Resolver request failed.\n"); ret = ENOMEM; goto done; } @@ -961,7 +961,7 @@ static void krb5_auth_done(struct tevent_req *subreq) state->krb5_ctx->service->name, kr->srv == NULL ? true : false); if (subreq == NULL) { - DEBUG(1, ("Resolver request failed.\n")); + DEBUG(1, "Resolver request failed.\n"); ret = ENOMEM; goto done; } @@ -980,14 +980,14 @@ static void krb5_auth_done(struct tevent_req *subreq) ret = safe_remove_old_ccache_file(kr->old_ccname, NULL, kr->uid, kr->gid); if (ret != EOK) { - DEBUG(1, ("Failed to remove old ccache file [%s], " - "please remove it manually.\n", kr->old_ccname)); + DEBUG(1, "Failed to remove old ccache file [%s], " + "please remove it manually.\n", kr->old_ccname); } ret = krb5_delete_ccname(state, state->sysdb, state->domain, pd->user, kr->old_ccname); if (ret != EOK) { - DEBUG(1, ("krb5_delete_ccname failed.\n")); + DEBUG(1, "krb5_delete_ccname failed.\n"); } } } @@ -1052,7 +1052,7 @@ static void krb5_auth_done(struct tevent_req *subreq) * We expect that one of the messages in the received buffer contains * the name of the credential cache file. */ if (kr->ccname == NULL) { - DEBUG(1, ("Missing ccache name in child response.\n")); + DEBUG(1, "Missing ccache name in child response.\n"); ret = EINVAL; goto done; } @@ -1060,7 +1060,7 @@ static void krb5_auth_done(struct tevent_req *subreq) ret = sss_krb5_check_ccache_princ(kr->uid, kr->gid, kr->ccname, kr->upn); if (ret) { DEBUG(SSSDBG_CRIT_FAILURE, - ("No ccache for %s in %s?\n", kr->upn, kr->ccname)); + "No ccache for %s in %s?\n", kr->upn, kr->ccname); goto done; } @@ -1069,15 +1069,15 @@ static void krb5_auth_done(struct tevent_req *subreq) kr->uid, kr->gid); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, - ("Failed to remove old ccache file [%s], " - "please remove it manually.\n", kr->old_ccname)); + "Failed to remove old ccache file [%s], " + "please remove it manually.\n", kr->old_ccname); } } ret = krb5_save_ccname(state, state->sysdb, state->domain, pd->user, kr->ccname); if (ret) { - DEBUG(1, ("krb5_save_ccname failed.\n")); + DEBUG(1, "krb5_save_ccname failed.\n"); goto done; } renew_interval_str = dp_opt_get_string(kr->krb5_ctx->opts, @@ -1086,7 +1086,7 @@ static void krb5_auth_done(struct tevent_req *subreq) ret = krb5_string_to_deltat(renew_interval_str, &renew_interval_delta); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, - ("Reading krb5_renew_interval failed.\n")); + "Reading krb5_renew_interval failed.\n"); renew_interval_delta = 0; } renew_interval_time = renew_interval_delta; @@ -1097,12 +1097,12 @@ static void krb5_auth_done(struct tevent_req *subreq) pd->cmd == SSS_PAM_CHAUTHTOK) && (res->tgtt.renew_till > res->tgtt.endtime) && (kr->ccname != NULL)) { - DEBUG(7, ("Adding [%s] for automatic renewal.\n", kr->ccname)); + DEBUG(7, "Adding [%s] for automatic renewal.\n", kr->ccname); ret = add_tgt_to_renew_table(kr->krb5_ctx, kr->ccname, &(res->tgtt), pd, kr->upn); if (ret != EOK) { - DEBUG(1, ("add_tgt_to_renew_table failed, " - "automatic renewal not possible.\n")); + DEBUG(1, "add_tgt_to_renew_table failed, " + "automatic renewal not possible.\n"); } } @@ -1115,7 +1115,7 @@ static void krb5_auth_done(struct tevent_req *subreq) state->pd, state->kr->uid, &state->pam_status, &state->dp_err); } else { - DEBUG(4, ("Backend is marked offline, retry later!\n")); + DEBUG(4, "Backend is marked offline, retry later!\n"); state->pam_status = PAM_AUTHINFO_UNAVAIL; state->dp_err = DP_ERR_OFFLINE; } @@ -1168,7 +1168,7 @@ void krb5_pam_handler(struct be_req *be_req) krb5_ctx = get_krb5_ctx(be_req); if (krb5_ctx == NULL) { - DEBUG(1, ("Kerberos context not available.\n")); + DEBUG(1, "Kerberos context not available.\n"); goto done; } @@ -1179,20 +1179,20 @@ void krb5_pam_handler(struct be_req *be_req) case SSS_PAM_CHAUTHTOK: ret = add_to_wait_queue(be_req, pd, krb5_ctx); if (ret == EOK) { - DEBUG(7, ("Request successfully added to wait queue " - "of user [%s].\n", pd->user)); + DEBUG(7, "Request successfully added to wait queue " + "of user [%s].\n", pd->user); return; } else if (ret == ENOENT) { - DEBUG(7, ("Wait queue of user [%s] is empty, " - "running request immediately.\n", pd->user)); + DEBUG(7, "Wait queue of user [%s] is empty, " + "running request immediately.\n", pd->user); } else { - DEBUG(7, ("Failed to add request to wait queue of user [%s], " - "running request immediately.\n", pd->user)); + DEBUG(7, "Failed to add request to wait queue of user [%s], " + "running request immediately.\n", pd->user); } req = krb5_auth_send(be_req, be_ctx->ev, be_ctx, pd, krb5_ctx); if (req == NULL) { - DEBUG(1, ("krb5_auth_send failed.\n")); + DEBUG(1, "krb5_auth_send failed.\n"); goto done; } @@ -1201,7 +1201,7 @@ void krb5_pam_handler(struct be_req *be_req) case SSS_PAM_ACCT_MGMT: req = krb5_access_send(be_req, be_ctx->ev, be_ctx, pd, krb5_ctx); if (req == NULL) { - DEBUG(1, ("krb5_access_send failed.\n")); + DEBUG(1, "krb5_access_send failed.\n"); goto done; } @@ -1215,7 +1215,7 @@ void krb5_pam_handler(struct be_req *be_req) goto done; break; default: - DEBUG(4, ("krb5 does not handles pam task %d.\n", pd->cmd)); + DEBUG(4, "krb5 does not handles pam task %d.\n", pd->cmd); pd->pam_status = PAM_MODULE_UNKNOWN; dp_err = DP_ERR_OK; goto done; @@ -1251,7 +1251,7 @@ void krb5_pam_handler_auth_done(struct tevent_req *req) if (krb5_ctx != NULL) { check_wait_queue(krb5_ctx, pd->user); } else { - DEBUG(1, ("Kerberos context not available.\n")); + DEBUG(1, "Kerberos context not available.\n"); } be_req_terminate(be_req, dp_err, pd->pam_status, NULL); @@ -1271,12 +1271,12 @@ static void krb5_pam_handler_access_done(struct tevent_req *req) ret = krb5_access_recv(req, &access_allowed); talloc_zfree(req); if (ret != EOK) { - DEBUG(1, ("krb5_access request failed [%d][%s]\n", ret, strerror(ret))); + DEBUG(1, "krb5_access request failed [%d][%s]\n", ret, strerror(ret)); goto done; } - DEBUG(7, ("Access %s for user [%s].\n", - access_allowed ? "allowed" : "denied", pd->user)); + DEBUG(7, "Access %s for user [%s].\n", + access_allowed ? "allowed" : "denied", pd->user); pd->pam_status = access_allowed ? PAM_SUCCESS : PAM_PERM_DENIED; dp_err = DP_ERR_OK; diff --git a/src/providers/krb5/krb5_become_user.c b/src/providers/krb5/krb5_become_user.c index 4d5346f37..6ddb35a56 100644 --- a/src/providers/krb5/krb5_become_user.c +++ b/src/providers/krb5/krb5_become_user.c @@ -32,12 +32,12 @@ errno_t become_user(uid_t uid, gid_t gid) int ret; DEBUG(SSSDBG_FUNC_DATA, - ("Trying to become user [%"SPRIuid"][%"SPRIgid"].\n", uid, gid)); + "Trying to become user [%"SPRIuid"][%"SPRIgid"].\n", uid, gid); /* skip call if we already are the requested user */ cuid = geteuid(); if (uid == cuid) { - DEBUG(SSSDBG_FUNC_DATA, ("Already user [%"SPRIuid"].\n", uid)); + DEBUG(SSSDBG_FUNC_DATA, "Already user [%"SPRIuid"].\n", uid); return EOK; } @@ -46,7 +46,7 @@ errno_t become_user(uid_t uid, gid_t gid) if (ret == -1) { ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, - ("setgroups failed [%d][%s].\n", ret, strerror(ret))); + "setgroups failed [%d][%s].\n", ret, strerror(ret)); return ret; } @@ -55,7 +55,7 @@ errno_t become_user(uid_t uid, gid_t gid) if (ret == -1) { ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, - ("setresgid failed [%d][%s].\n", ret, strerror(ret))); + "setresgid failed [%d][%s].\n", ret, strerror(ret)); return ret; } @@ -65,7 +65,7 @@ errno_t become_user(uid_t uid, gid_t gid) if (ret == -1) { ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, - ("setresuid failed [%d][%s].\n", ret, strerror(ret))); + "setresuid failed [%d][%s].\n", ret, strerror(ret)); return ret; } @@ -92,22 +92,22 @@ errno_t switch_creds(TALLOC_CTX *mem_ctx, int size; int ret; - DEBUG(SSSDBG_FUNC_DATA, ("Switch user to [%d][%d].\n", uid, gid)); + DEBUG(SSSDBG_FUNC_DATA, "Switch user to [%d][%d].\n", uid, gid); if (saved_creds) { /* save current user credentials */ size = getgroups(0, NULL); if (size == -1) { ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, ("Getgroups failed! (%d, %s)\n", - ret, strerror(ret))); + DEBUG(SSSDBG_CRIT_FAILURE, "Getgroups failed! (%d, %s)\n", + ret, strerror(ret)); goto done; } ssc = talloc_size(mem_ctx, (sizeof(struct sss_creds) + size * sizeof(gid_t))); if (!ssc) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Allocation failed!\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Allocation failed!\n"); ret = ENOMEM; goto done; } @@ -116,8 +116,8 @@ errno_t switch_creds(TALLOC_CTX *mem_ctx, size = getgroups(ssc->num_gids, ssc->gids); if (size == -1) { ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, ("Getgroups failed! (%d, %s)\n", - ret, strerror(ret))); + DEBUG(SSSDBG_CRIT_FAILURE, "Getgroups failed! (%d, %s)\n", + ret, strerror(ret)); /* free ssc immediately otherwise the code will try to restore * wrong creds */ talloc_zfree(ssc); @@ -137,7 +137,7 @@ errno_t switch_creds(TALLOC_CTX *mem_ctx, if (ret == -1) { ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, - ("setresuid failed [%d][%s].\n", ret, strerror(ret))); + "setresuid failed [%d][%s].\n", ret, strerror(ret)); goto done; } } @@ -151,7 +151,7 @@ errno_t switch_creds(TALLOC_CTX *mem_ctx, if (ret == -1) { ret = errno; DEBUG(SSSDBG_TRACE_FUNC, - ("setgroups failed [%d][%s].\n", ret, strerror(ret))); + "setgroups failed [%d][%s].\n", ret, strerror(ret)); } /* change gid now, (leaves saved gid to current, so we can restore) */ @@ -159,7 +159,7 @@ errno_t switch_creds(TALLOC_CTX *mem_ctx, if (ret == -1) { ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, - ("setresgid failed [%d][%s].\n", ret, strerror(ret))); + "setresgid failed [%d][%s].\n", ret, strerror(ret)); goto done; } @@ -169,7 +169,7 @@ errno_t switch_creds(TALLOC_CTX *mem_ctx, if (ret == -1) { ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, - ("setresuid failed [%d][%s].\n", ret, strerror(ret))); + "setresuid failed [%d][%s].\n", ret, strerror(ret)); goto done; } } diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 585922320..ed14d9411 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -100,8 +100,8 @@ static errno_t sss_send_pac(krb5_authdata **pac_authdata) ret = sss_pac_make_request(SSS_PAC_ADD_PAC_USER, &sss_data, NULL, NULL, &errnop); if (ret != NSS_STATUS_SUCCESS || errnop != 0) { - DEBUG(SSSDBG_OP_FAILURE, ("sss_pac_make_request failed [%d][%d].\n", - ret, errnop)); + DEBUG(SSSDBG_OP_FAILURE, "sss_pac_make_request failed [%d][%d].\n", + ret, errnop); return EIO; } @@ -124,14 +124,14 @@ static void sss_krb5_expire_callback_func(krb5_context context, void *data, exp_time = password_expiration - time(NULL); if (exp_time < 0 || exp_time > UINT32_MAX) { - DEBUG(1, ("Time to expire out of range.\n")); + DEBUG(1, "Time to expire out of range.\n"); return; } - DEBUG(SSSDBG_TRACE_INTERNAL, ("exp_time: [%ld]\n", exp_time)); + DEBUG(SSSDBG_TRACE_INTERNAL, "exp_time: [%ld]\n", exp_time); blob = talloc_array(kr->pd, uint32_t, 2); if (blob == NULL) { - DEBUG(1, ("talloc_size failed.\n")); + DEBUG(1, "talloc_size failed.\n"); return; } @@ -141,7 +141,7 @@ static void sss_krb5_expire_callback_func(krb5_context context, void *data, ret = pam_add_response(kr->pd, SSS_PAM_USER_INFO, 2 * sizeof(uint32_t), (uint8_t *) blob); if (ret != EOK) { - DEBUG(1, ("pam_add_response failed.\n")); + DEBUG(1, "pam_add_response failed.\n"); } return; @@ -324,7 +324,7 @@ static krb5_error_code answer_otp(krb5_context ctx, } if (chl->tokeninfo[i] == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, - ("No tokeninfos found which match our credentials.\n")); + "No tokeninfos found which match our credentials.\n"); ret = EOK; goto done; } @@ -333,7 +333,7 @@ static krb5_error_code answer_otp(krb5_context ctx, /* Don't let SSSD cache the OTP authtok since it is single-use. */ ret = pam_add_response(kr->pd, SSS_OTP, 0, NULL); if (ret != EOK) { - DEBUG(1, ("pam_add_response failed.\n")); + DEBUG(1, "pam_add_response failed.\n"); goto done; } } @@ -369,21 +369,21 @@ static krb5_error_code sss_krb5_prompter(krb5_context context, void *data, struct krb5_req *kr = talloc_get_type(data, struct krb5_req); if (num_prompts != 0) { - DEBUG(1, ("Cannot handle password prompts.\n")); + DEBUG(1, "Cannot handle password prompts.\n"); return KRB5_LIBOS_CANTREADPWD; } if (banner == NULL || *banner == '\0') { - DEBUG(5, ("Prompter called with empty banner, nothing to do.\n")); + DEBUG(5, "Prompter called with empty banner, nothing to do.\n"); return EOK; } - DEBUG(SSSDBG_FUNC_DATA, ("Prompter called with [%s].\n", banner)); + DEBUG(SSSDBG_FUNC_DATA, "Prompter called with [%s].\n", banner); ret = pam_add_response(kr->pd, SSS_PAM_TEXT_MSG, strlen(banner)+1, (const uint8_t *) banner); if (ret != EOK) { - DEBUG(1, ("pam_add_response failed.\n")); + DEBUG(1, "pam_add_response failed.\n"); } return EOK; @@ -399,13 +399,13 @@ static krb5_error_code create_empty_cred(krb5_context ctx, krb5_principal princ, cred = calloc(sizeof(krb5_creds), 1); if (cred == NULL) { - DEBUG(1, ("calloc failed.\n")); + DEBUG(1, "calloc failed.\n"); return ENOMEM; } kerr = krb5_copy_principal(ctx, princ, &cred->client); if (kerr != 0) { - DEBUG(1, ("krb5_copy_principal failed.\n")); + DEBUG(1, "krb5_copy_principal failed.\n"); goto done; } @@ -416,11 +416,11 @@ static krb5_error_code create_empty_cred(krb5_context ctx, krb5_principal princ, KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME, krb5_realm->length, krb5_realm->data, 0); if (kerr != 0) { - DEBUG(1, ("krb5_build_principal_ext failed.\n")); + DEBUG(1, "krb5_build_principal_ext failed.\n"); goto done; } - DEBUG(SSSDBG_TRACE_INTERNAL, ("Created empty krb5_creds.\n")); + DEBUG(SSSDBG_TRACE_INTERNAL, "Created empty krb5_creds.\n"); done: if (kerr != 0) { @@ -467,7 +467,7 @@ static errno_t handle_randomized(char *in) umask(old_umask); if (fd == -1) { ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, ("mkstemp(\"%s\") failed!\n", ccname)); + DEBUG(SSSDBG_CRIT_FAILURE, "mkstemp(\"%s\") failed!\n", ccname); return ret; } } @@ -509,7 +509,7 @@ static krb5_error_code create_ccache(char *ccname, krb5_creds *creds) if (kerr) goto done; type = krb5_cc_get_type(kctx, kcc); - DEBUG(SSSDBG_TRACE_ALL, ("Initializing ccache of type [%s]\n", type)); + DEBUG(SSSDBG_TRACE_ALL, "Initializing ccache of type [%s]\n", type); #ifdef HAVE_KRB5_CC_COLLECTION if (krb5_cc_support_switch(kctx, type)) { @@ -575,7 +575,7 @@ static errno_t pack_response_packet(TALLOC_CTX *mem_ctx, errno_t error, buf = talloc_array(mem_ctx, uint8_t, size); if (!buf) { - DEBUG(1, ("Insufficient memory to create message.\n")); + DEBUG(1, "Insufficient memory to create message.\n"); return ENOMEM; } @@ -587,7 +587,7 @@ static errno_t pack_response_packet(TALLOC_CTX *mem_ctx, errno_t error, safealign_memcpy(&buf[p], pdr->data, pdr->len, &p); } - DEBUG(SSSDBG_TRACE_INTERNAL, ("response packet size: [%zu]\n", p)); + DEBUG(SSSDBG_TRACE_INTERNAL, "response packet size: [%zu]\n", p); *_buf = buf; *_len = p; @@ -600,13 +600,13 @@ static errno_t k5c_attach_ccname_msg(struct krb5_req *kr) int ret; if (kr->ccname == NULL) { - DEBUG(1, ("Error obtaining ccname.\n")); + DEBUG(1, "Error obtaining ccname.\n"); return ERR_INTERNAL; } msg = talloc_asprintf(kr, "%s=%s",CCACHE_ENV_NAME, kr->ccname); if (msg == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); return ENOMEM; } @@ -626,7 +626,7 @@ static errno_t k5c_send_data(struct krb5_req *kr, int fd, errno_t error) ret = pack_response_packet(kr, error, kr->pd->resp_list, &buf, &len); if (ret != EOK) { - DEBUG(1, ("pack_response_packet failed.\n")); + DEBUG(1, "pack_response_packet failed.\n"); return ret; } @@ -635,18 +635,18 @@ static errno_t k5c_send_data(struct krb5_req *kr, int fd, errno_t error) if (written == -1) { ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, - ("write failed [%d][%s].\n", ret, strerror(ret))); + "write failed [%d][%s].\n", ret, strerror(ret)); return ret; } if (written != len) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Write error, wrote [%zu] bytes, expected [%zu]\n", - written, len)); + "Write error, wrote [%zu] bytes, expected [%zu]\n", + written, len); return EOK; } - DEBUG(SSSDBG_TRACE_ALL, ("Response sent.\n")); + DEBUG(SSSDBG_TRACE_ALL, "Response sent.\n"); return EOK; } @@ -667,13 +667,13 @@ static errno_t add_ticket_times_and_upn_to_response(struct krb5_req *kr) ret = pam_add_response(kr->pd, SSS_KRB5_INFO_TGT_LIFETIME, 4*sizeof(int64_t), (uint8_t *) t); if (ret != EOK) { - DEBUG(1, ("pack_response_packet failed.\n")); + DEBUG(1, "pack_response_packet failed.\n"); goto done; } kerr = krb5_unparse_name_ext(kr->ctx, kr->creds->client, &upn, &upn_len); if (kerr != 0) { - DEBUG(SSSDBG_OP_FAILURE, ("krb5_unparse_name failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "krb5_unparse_name failed.\n"); goto done; } @@ -681,7 +681,7 @@ static errno_t add_ticket_times_and_upn_to_response(struct krb5_req *kr) (uint8_t *) upn); krb5_free_unparsed_name(kr->ctx, upn); if (ret != EOK) { - DEBUG(1, ("pack_response_packet failed.\n")); + DEBUG(1, "pack_response_packet failed.\n"); goto done; } @@ -706,16 +706,16 @@ static krb5_error_code validate_tgt(struct krb5_req *kr) memset(&keytab, 0, sizeof(keytab)); kerr = krb5_kt_resolve(kr->ctx, kr->keytab, &keytab); if (kerr != 0) { - DEBUG(SSSDBG_CRIT_FAILURE, ("error resolving keytab [%s], " \ - "not verifying TGT.\n", kr->keytab)); + DEBUG(SSSDBG_CRIT_FAILURE, "error resolving keytab [%s], " \ + "not verifying TGT.\n", kr->keytab); return kerr; } memset(&cursor, 0, sizeof(cursor)); kerr = krb5_kt_start_seq_get(kr->ctx, keytab, &cursor); if (kerr != 0) { - DEBUG(SSSDBG_CRIT_FAILURE, ("error reading keytab [%s], " \ - "not verifying TGT.\n", kr->keytab)); + DEBUG(SSSDBG_CRIT_FAILURE, "error reading keytab [%s], " \ + "not verifying TGT.\n", kr->keytab); return kerr; } @@ -729,19 +729,19 @@ static krb5_error_code validate_tgt(struct krb5_req *kr) kerr = krb5_copy_principal(kr->ctx, entry.principal, &validation_princ); if (kerr != 0) { - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_copy_principal failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_copy_principal failed.\n"); goto done; } kerr = sss_krb5_free_keytab_entry_contents(kr->ctx, &entry); if (kerr != 0) { - DEBUG(SSSDBG_MINOR_FAILURE, ("Failed to free keytab entry.\n")); + DEBUG(SSSDBG_MINOR_FAILURE, "Failed to free keytab entry.\n"); } memset(&entry, 0, sizeof(entry)); if (krb5_realm_compare(kr->ctx, validation_princ, kr->creds->client)) { DEBUG(SSSDBG_TRACE_INTERNAL, - ("Found keytab entry with the realm of the credential.\n")); + "Found keytab entry with the realm of the credential.\n"); realm_entry_found = true; break; } @@ -749,8 +749,8 @@ static krb5_error_code validate_tgt(struct krb5_req *kr) if (!realm_entry_found) { DEBUG(SSSDBG_TRACE_INTERNAL, - ("Keytab entry with the realm of the credential not found " - "in keytab. Using the last entry.\n")); + "Keytab entry with the realm of the credential not found " + "in keytab. Using the last entry.\n"); } /* Close the keytab here. Even though we're using cursors, the file @@ -759,15 +759,15 @@ static krb5_error_code validate_tgt(struct krb5_req *kr) * cursor, creating a leak. */ kerr = krb5_kt_end_seq_get(kr->ctx, keytab, &cursor); if (kerr != 0) { - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_kt_end_seq_get failed, " \ - "not verifying TGT.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_kt_end_seq_get failed, " \ + "not verifying TGT.\n"); goto done; } /* check if we got any errors from krb5_kt_next_entry */ if (kt_err != 0 && kt_err != KRB5_KT_END) { - DEBUG(SSSDBG_CRIT_FAILURE, ("error reading keytab [%s], " \ - "not verifying TGT.\n", kr->keytab)); + DEBUG(SSSDBG_CRIT_FAILURE, "error reading keytab [%s], " \ + "not verifying TGT.\n", kr->keytab); goto done; } @@ -775,8 +775,8 @@ static krb5_error_code validate_tgt(struct krb5_req *kr) principal = NULL; kerr = krb5_unparse_name(kr->ctx, validation_princ, &principal); if (kerr != 0) { - DEBUG(SSSDBG_CRIT_FAILURE, ("internal error parsing principal name, " - "not verifying TGT.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "internal error parsing principal name, " + "not verifying TGT.\n"); KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); goto done; } @@ -787,11 +787,11 @@ static krb5_error_code validate_tgt(struct krb5_req *kr) &validation_ccache, &opt); if (kerr == 0) { - DEBUG(SSSDBG_TRACE_FUNC, ("TGT verified using key for [%s].\n", - principal)); + DEBUG(SSSDBG_TRACE_FUNC, "TGT verified using key for [%s].\n", + principal); } else { - DEBUG(SSSDBG_CRIT_FAILURE ,("TGT failed verification using key " \ - "for [%s].\n", principal)); + DEBUG(SSSDBG_CRIT_FAILURE ,"TGT failed verification using key " \ + "for [%s].\n", principal); goto done; } @@ -801,9 +801,9 @@ static krb5_error_code validate_tgt(struct krb5_req *kr) kerr = sss_extract_pac(kr->ctx, validation_ccache, validation_princ, kr->creds->client, keytab, &pac_authdata); if (kerr != 0) { - DEBUG(SSSDBG_OP_FAILURE, ("sss_extract_and_send_pac failed, group " \ + DEBUG(SSSDBG_OP_FAILURE, "sss_extract_and_send_pac failed, group " \ "membership for user with principal [%s] " \ - "might not be correct.\n", kr->name)); + "might not be correct.\n", kr->name); kerr = 0; goto done; } @@ -811,9 +811,9 @@ static krb5_error_code validate_tgt(struct krb5_req *kr) kerr = sss_send_pac(pac_authdata); krb5_free_authdata(kr->ctx, pac_authdata); if (kerr != 0) { - DEBUG(SSSDBG_OP_FAILURE, ("sss_send_pac failed, group " \ + DEBUG(SSSDBG_OP_FAILURE, "sss_send_pac failed, group " \ "membership for user with principal [%s] " \ - "might not be correct.\n", kr->name)); + "might not be correct.\n", kr->name); kerr = 0; } } @@ -824,7 +824,7 @@ done: } if (krb5_kt_close(kr->ctx, keytab) != 0) { - DEBUG(SSSDBG_MINOR_FAILURE, ("krb5_kt_close failed")); + DEBUG(SSSDBG_MINOR_FAILURE, "krb5_kt_close failed"); } if (validation_princ != NULL) { krb5_free_principal(kr->ctx, validation_princ); @@ -846,8 +846,8 @@ static void krb5_set_canonicalize(krb5_get_init_creds_opt *opts) if (tmp_str != NULL && strcasecmp(tmp_str, "true") == 0) { canonicalize = 1; } - DEBUG(SSSDBG_CONF_SETTINGS, ("%s is set to [%s]\n", - SSSD_KRB5_CANONICALIZE, tmp_str ? tmp_str : "not set")); + DEBUG(SSSDBG_CONF_SETTINGS, "%s is set to [%s]\n", + SSSD_KRB5_CANONICALIZE, tmp_str ? tmp_str : "not set"); sss_krb5_get_init_creds_opt_set_canonicalize(opts, canonicalize); } @@ -903,13 +903,13 @@ static krb5_error_code get_and_save_tgt(struct krb5_req *kr, kr); if (kerr != 0) { KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); - DEBUG(1, ("Failed to set expire callback, continue without.\n")); + DEBUG(1, "Failed to set expire callback, continue without.\n"); } sss_krb5_princ_realm(kr->ctx, kr->princ, &realm_name, &realm_length); DEBUG(SSSDBG_TRACE_FUNC, - ("Attempting kinit for realm [%s]\n",realm_name)); + "Attempting kinit for realm [%s]\n",realm_name); kerr = krb5_get_init_creds_password(kr->ctx, kr->creds, kr->princ, discard_const(password), sss_krb5_prompter, kr, 0, @@ -927,7 +927,7 @@ static krb5_error_code get_and_save_tgt(struct krb5_req *kr, } } else { - DEBUG(SSSDBG_CONF_SETTINGS, ("TGT validation is disabled.\n")); + DEBUG(SSSDBG_CONF_SETTINGS, "TGT validation is disabled.\n"); } if (kr->validate || kr->fast_ccname != NULL) { @@ -936,7 +936,7 @@ static krb5_error_code get_and_save_tgt(struct krb5_req *kr, * ccache I/O operations with user privileges. */ kerr = become_user(kr->uid, kr->gid); if (kerr != 0) { - DEBUG(1, ("become_user failed.\n")); + DEBUG(1, "become_user failed.\n"); return kerr; } } @@ -961,7 +961,7 @@ static krb5_error_code get_and_save_tgt(struct krb5_req *kr, kerr = add_ticket_times_and_upn_to_response(kr); if (kerr != 0) { - DEBUG(1, ("add_ticket_times_and_upn_to_response failed.\n")); + DEBUG(1, "add_ticket_times_and_upn_to_response failed.\n"); } kerr = 0; @@ -1028,12 +1028,12 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim) size_t msg_len; uint8_t *msg; - DEBUG(SSSDBG_TRACE_LIBS, ("Password change operation\n")); + DEBUG(SSSDBG_TRACE_LIBS, "Password change operation\n"); ret = sss_authtok_get_password(kr->pd->authtok, &password, NULL); if (ret != EOK) { - DEBUG(1, ("Failed to fetch current password [%d] %s.\n", - ret, strerror(ret))); + DEBUG(1, "Failed to fetch current password [%d] %s.\n", + ret, strerror(ret)); return ERR_NO_CREDS; } @@ -1044,14 +1044,14 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim) kerr = get_changepw_options(kr->ctx, &chagepw_options); if (kerr != 0) { - DEBUG(SSSDBG_OP_FAILURE, ("get_changepw_options failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "get_changepw_options failed.\n"); return kerr; } sss_krb5_princ_realm(kr->ctx, kr->princ, &realm_name, &realm_length); DEBUG(SSSDBG_TRACE_FUNC, - ("Attempting kinit for realm [%s]\n",realm_name)); + "Attempting kinit for realm [%s]\n",realm_name); kerr = krb5_get_init_creds_password(kr->ctx, kr->creds, kr->princ, discard_const(password), prompter, kr, 0, @@ -1063,13 +1063,13 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim) &msg_len, &msg); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, - ("pack_user_info_chpass_error failed.\n")); + "pack_user_info_chpass_error failed.\n"); } else { ret = pam_add_response(kr->pd, SSS_PAM_USER_INFO, msg_len, msg); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, - ("pam_add_response failed.\n")); + "pam_add_response failed.\n"); } } return kerr; @@ -1079,16 +1079,16 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim) if (prelim) { DEBUG(SSSDBG_TRACE_LIBS, - ("Initial authentication for change password operation " - "successful.\n")); + "Initial authentication for change password operation " + "successful.\n"); krb5_free_cred_contents(kr->ctx, kr->creds); return EOK; } ret = sss_authtok_get_password(kr->pd->newauthtok, &newpassword, NULL); if (ret != EOK) { - DEBUG(1, ("Failed to fetch new password [%d] %s.\n", - ret, strerror(ret))); + DEBUG(1, "Failed to fetch new password [%d] %s.\n", + ret, strerror(ret)); return ERR_NO_CREDS; } @@ -1108,29 +1108,29 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim) } if (result_code_string.length > 0) { - DEBUG(1, ("krb5_change_password failed [%d][%.*s].\n", result_code, - result_code_string.length, result_code_string.data)); + DEBUG(1, "krb5_change_password failed [%d][%.*s].\n", result_code, + result_code_string.length, result_code_string.data); user_error_message = talloc_strndup(kr->pd, result_code_string.data, result_code_string.length); if (user_error_message == NULL) { - DEBUG(1, ("talloc_strndup failed.\n")); + DEBUG(1, "talloc_strndup failed.\n"); } } if (result_string.length > 0 && result_string.data[0] != '\0') { - DEBUG(1, ("krb5_change_password failed [%d][%.*s].\n", result_code, - result_string.length, result_string.data)); + DEBUG(1, "krb5_change_password failed [%d][%.*s].\n", result_code, + result_string.length, result_string.data); talloc_free(user_error_message); user_error_message = talloc_strndup(kr->pd, result_string.data, result_string.length); if (user_error_message == NULL) { - DEBUG(1, ("talloc_strndup failed.\n")); + DEBUG(1, "talloc_strndup failed.\n"); } } else if (result_code == KRB5_KPASSWD_SOFTERROR) { user_error_message = talloc_strdup(kr->pd, "Please make sure the " "password meets the complexity constraints."); if (user_error_message == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strndup failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strndup failed.\n"); } } @@ -1138,12 +1138,12 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim) ret = pack_user_info_chpass_error(kr->pd, user_error_message, &user_resp_len, &user_resp); if (ret != EOK) { - DEBUG(1, ("pack_user_info_chpass_error failed.\n")); + DEBUG(1, "pack_user_info_chpass_error failed.\n"); } else { ret = pam_add_response(kr->pd, SSS_PAM_USER_INFO, user_resp_len, user_resp); if (ret != EOK) { - DEBUG(1, ("pack_response_packet failed.\n")); + DEBUG(1, "pack_response_packet failed.\n"); } } } @@ -1170,7 +1170,7 @@ static errno_t tgt_req_child(struct krb5_req *kr) krb5_error_code kerr; int ret; - DEBUG(SSSDBG_TRACE_LIBS, ("Attempting to get a TGT\n")); + DEBUG(SSSDBG_TRACE_LIBS, "Attempting to get a TGT\n"); ret = sss_authtok_get_password(kr->pd->authtok, &password, NULL); switch (ret) { @@ -1178,12 +1178,12 @@ static errno_t tgt_req_child(struct krb5_req *kr) break; case EACCES: - DEBUG(SSSDBG_OP_FAILURE, ("Invalid authtok type\n")); + DEBUG(SSSDBG_OP_FAILURE, "Invalid authtok type\n"); return ERR_INVALID_CRED_TYPE; break; default: - DEBUG(SSSDBG_OP_FAILURE, ("No credentials available\n")); + DEBUG(SSSDBG_OP_FAILURE, "No credentials available\n"); return ERR_NO_CREDS; break; } @@ -1202,18 +1202,18 @@ static errno_t tgt_req_child(struct krb5_req *kr) KRB5KDC_ERR_KEY_EXP regardless if the supplied password is correct or not. In general the password can still be used to get a changepw ticket. So we validate the password by trying to get a changepw ticket. */ - DEBUG(SSSDBG_TRACE_LIBS, ("Password was expired\n")); + DEBUG(SSSDBG_TRACE_LIBS, "Password was expired\n"); kerr = sss_krb5_get_init_creds_opt_set_expire_callback(kr->ctx, kr->options, NULL, NULL); if (kerr != 0) { KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); - DEBUG(1, ("Failed to unset expire callback, continue ...\n")); + DEBUG(1, "Failed to unset expire callback, continue ...\n"); } kerr = get_changepw_options(kr->ctx, &chagepw_options); if (kerr != 0) { - DEBUG(SSSDBG_OP_FAILURE, ("get_changepw_options failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "get_changepw_options failed.\n"); return kerr; } @@ -1242,24 +1242,24 @@ static errno_t kuserok_child(struct krb5_req *kr) krb5_boolean access_allowed; krb5_error_code kerr; - DEBUG(SSSDBG_TRACE_LIBS, ("Verifying if principal can log in as user\n")); + DEBUG(SSSDBG_TRACE_LIBS, "Verifying if principal can log in as user\n"); /* krb5_kuserok tries to verify that kr->pd->user is a locally known * account, so we have to unset _SSS_LOOPS to make getpwnam() work. */ if (unsetenv("_SSS_LOOPS") != 0) { - DEBUG(1, ("Failed to unset _SSS_LOOPS, " - "krb5_kuserok will most certainly fail.\n")); + DEBUG(1, "Failed to unset _SSS_LOOPS, " + "krb5_kuserok will most certainly fail.\n"); } kerr = krb5_set_default_realm(kr->ctx, kr->realm); if (kerr != 0) { - DEBUG(1, ("krb5_set_default_realm failed, " - "krb5_kuserok may fail.\n")); + DEBUG(1, "krb5_set_default_realm failed, " + "krb5_kuserok may fail.\n"); } access_allowed = krb5_kuserok(kr->ctx, kr->princ, kr->pd->user); DEBUG(SSSDBG_TRACE_LIBS, - ("Access was %s\n", access_allowed ? "allowed" : "denied")); + "Access was %s\n", access_allowed ? "allowed" : "denied"); if (access_allowed) { return EOK; @@ -1275,13 +1275,13 @@ static errno_t renew_tgt_child(struct krb5_req *kr) krb5_error_code kerr; int ret; - DEBUG(SSSDBG_TRACE_LIBS, ("Renewing a ticket\n")); + DEBUG(SSSDBG_TRACE_LIBS, "Renewing a ticket\n"); ret = sss_authtok_get_ccfile(kr->pd->authtok, &ccname, NULL); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, - ("Unsupported authtok type for TGT renewal [%d].\n", - sss_authtok_get_type(kr->pd->authtok))); + "Unsupported authtok type for TGT renewal [%d].\n", + sss_authtok_get_type(kr->pd->authtok)); return ERR_INVALID_CRED_TYPE; } @@ -1304,7 +1304,7 @@ static errno_t renew_tgt_child(struct krb5_req *kr) } } else { - DEBUG(SSSDBG_CONF_SETTINGS, ("TGT validation is disabled.\n")); + DEBUG(SSSDBG_CONF_SETTINGS, "TGT validation is disabled.\n"); } if (kr->validate || kr->fast_ccname != NULL) { @@ -1313,7 +1313,7 @@ static errno_t renew_tgt_child(struct krb5_req *kr) * ccache I/O operations with user privileges. */ kerr = become_user(kr->uid, kr->gid); if (kerr != 0) { - DEBUG(1, ("become_user failed.\n")); + DEBUG(1, "become_user failed.\n"); goto done; } } @@ -1332,7 +1332,7 @@ static errno_t renew_tgt_child(struct krb5_req *kr) kerr = add_ticket_times_and_upn_to_response(kr); if (kerr != 0) { - DEBUG(1, ("add_ticket_times_and_upn_to_response failed.\n")); + DEBUG(1, "add_ticket_times_and_upn_to_response failed.\n"); } kerr = k5c_attach_ccname_msg(kr); @@ -1352,7 +1352,7 @@ static errno_t create_empty_ccache(struct krb5_req *kr) krb5_creds *creds = NULL; krb5_error_code kerr; - DEBUG(SSSDBG_TRACE_LIBS, ("Creating empty ccache\n")); + DEBUG(SSSDBG_TRACE_LIBS, "Creating empty ccache\n"); kerr = create_empty_cred(kr->ctx, kr->princ, &creds); if (kerr == 0) { @@ -1412,13 +1412,13 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd; errno_t ret; - DEBUG(SSSDBG_TRACE_LIBS, ("total buffer size: [%zu]\n", size)); + DEBUG(SSSDBG_TRACE_LIBS, "total buffer size: [%zu]\n", size); if (!offline || !kr) return EINVAL; pd = create_pam_data(kr); if (pd == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero failed.\n"); return ENOMEM; } kr->pd = pd; @@ -1440,12 +1440,12 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, p += len; DEBUG(SSSDBG_CONF_SETTINGS, - ("cmd [%d] uid [%llu] gid [%llu] validate [%s] " + "cmd [%d] uid [%llu] gid [%llu] validate [%s] " "enterprise principal [%s] offline [%s] UPN [%s]\n", pd->cmd, (unsigned long long) kr->uid, (unsigned long long) kr->gid, kr->validate ? "true" : "false", kr->use_enterprise_princ ? "true" : "false", - *offline ? "true" : "false", kr->upn ? kr->upn : "none")); + *offline ? "true" : "false", kr->upn ? kr->upn : "none"); if (pd->cmd == SSS_PAM_AUTHENTICATE || pd->cmd == SSS_CMD_RENEW || @@ -1467,8 +1467,8 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, return ret; } - DEBUG(SSSDBG_CONF_SETTINGS, ("ccname: [%s] keytab: [%s]\n", - kr->ccname, kr->keytab)); + DEBUG(SSSDBG_CONF_SETTINGS, "ccname: [%s] keytab: [%s]\n", + kr->ccname, kr->keytab); } else { kr->ccname = NULL; kr->keytab = NULL; @@ -1490,7 +1490,7 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, pd->user = talloc_strndup(pd, (char *)(buf + p), len); if (pd->user == NULL) return ENOMEM; p += len; - DEBUG(SSSDBG_CONF_SETTINGS, ("user: [%s]\n", pd->user)); + DEBUG(SSSDBG_CONF_SETTINGS, "user: [%s]\n", pd->user); } else { pd->user = NULL; } @@ -1534,7 +1534,7 @@ static krb5_error_code get_tgt_times(krb5_context ctx, const char *ccname, krberr = krb5_cc_resolve(ctx, ccname, &ccache); if (krberr != 0) { - DEBUG(1, ("krb5_cc_resolve failed.\n")); + DEBUG(1, "krb5_cc_resolve failed.\n"); goto done; } @@ -1546,7 +1546,7 @@ static krb5_error_code get_tgt_times(krb5_context ctx, const char *ccname, krberr = krb5_cc_retrieve_cred(ctx, ccache, 0, &mcred, &cred); if (krberr != 0) { - DEBUG(1, ("krb5_cc_retrieve_cred failed.\n")); + DEBUG(1, "krb5_cc_retrieve_cred failed.\n"); krberr = 0; goto done; } @@ -1586,13 +1586,13 @@ static krb5_error_code check_fast_ccache(TALLOC_CTX *mem_ctx, tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(1, ("talloc_new failed.\n")); + DEBUG(1, "talloc_new failed.\n"); return ENOMEM; } ccname = talloc_asprintf(tmp_ctx, "FILE:%s/fast_ccache_%s", DB_PATH, realm); if (ccname == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); kerr = ENOMEM; goto done; } @@ -1604,30 +1604,30 @@ static krb5_error_code check_fast_ccache(TALLOC_CTX *mem_ctx, } if (kerr) { DEBUG(SSSDBG_FATAL_FAILURE, - ("Failed to read keytab file [%s]: %s\n", + "Failed to read keytab file [%s]: %s\n", KEYTAB_CLEAN_NAME, - sss_krb5_get_error_message(ctx, kerr))); + sss_krb5_get_error_message(ctx, kerr)); goto done; } kerr = find_principal_in_keytab(ctx, keytab, primary, realm, &client_princ); if (kerr != 0) { DEBUG(SSSDBG_MINOR_FAILURE, - ("find_principal_in_keytab failed for principal %s@%s.\n", - primary, realm)); + "find_principal_in_keytab failed for principal %s@%s.\n", + primary, realm); goto done; } server_name = talloc_asprintf(tmp_ctx, "krbtgt/%s@%s", realm, realm); if (server_name == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); kerr = ENOMEM; goto done; } kerr = krb5_parse_name(ctx, server_name, &server_princ); if (kerr != 0) { - DEBUG(1, ("krb5_parse_name failed.\n")); + DEBUG(1, "krb5_parse_name failed.\n"); goto done; } @@ -1635,14 +1635,14 @@ static krb5_error_code check_fast_ccache(TALLOC_CTX *mem_ctx, kerr = get_tgt_times(ctx, ccname, server_princ, client_princ, &tgtt); if (kerr == 0) { if (tgtt.endtime > time(NULL)) { - DEBUG(5, ("FAST TGT is still valid.\n")); + DEBUG(5, "FAST TGT is still valid.\n"); goto done; } } kerr = get_and_save_tgt_with_keytab(ctx, client_princ, keytab, ccname); if (kerr != 0) { - DEBUG(1, ("get_and_save_tgt_with_keytab failed.\n")); + DEBUG(1, "get_and_save_tgt_with_keytab failed.\n"); goto done; } @@ -1680,13 +1680,13 @@ static errno_t k5c_recv_data(struct krb5_req *kr, int fd, uint32_t *offline) ret = errno; ret = (ret == 0) ? EINVAL: ret; DEBUG(SSSDBG_CRIT_FAILURE, - ("read failed [%d][%s].\n", ret, strerror(ret))); + "read failed [%d][%s].\n", ret, strerror(ret)); return ret; } ret = unpack_buffer(buf, len, kr, offline); if (ret != EOK) { - DEBUG(1, ("unpack_buffer failed.\n")); + DEBUG(1, "unpack_buffer failed.\n"); } return ret; @@ -1701,35 +1701,35 @@ static int k5c_setup_fast(struct krb5_req *kr, char *lifetime_str, bool demand) krb5_error_code kerr; char *tmp_str; - DEBUG(SSSDBG_CONF_SETTINGS, ("%s is set to [%s]\n", - SSSD_KRB5_LIFETIME, lifetime_str)); + DEBUG(SSSDBG_CONF_SETTINGS, "%s is set to [%s]\n", + SSSD_KRB5_LIFETIME, lifetime_str); tmp_str = getenv(SSSD_KRB5_FAST_PRINCIPAL); if (tmp_str) { - DEBUG(SSSDBG_CONF_SETTINGS, ("%s is set to [%s]\n", - SSSD_KRB5_FAST_PRINCIPAL, tmp_str)); + DEBUG(SSSDBG_CONF_SETTINGS, "%s is set to [%s]\n", + SSSD_KRB5_FAST_PRINCIPAL, tmp_str); kerr = krb5_parse_name(kr->ctx, tmp_str, &fast_princ_struct); if (kerr) { - DEBUG(1, ("krb5_parse_name failed.\n")); + DEBUG(1, "krb5_parse_name failed.\n"); return kerr; } kerr = sss_krb5_unparse_name_flags(kr->ctx, fast_princ_struct, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &tmp_str); if (kerr) { - DEBUG(1, ("sss_krb5_unparse_name_flags failed.\n")); + DEBUG(1, "sss_krb5_unparse_name_flags failed.\n"); return kerr; } fast_principal = talloc_strdup(kr, tmp_str); if (!fast_principal) { - DEBUG(1, ("talloc_strdup failed.\n")); + DEBUG(1, "talloc_strdup failed.\n"); return KRB5KRB_ERR_GENERIC; } free(tmp_str); realm_data = krb5_princ_realm(kr->ctx, fast_princ_struct); fast_principal_realm = talloc_asprintf(kr, "%.*s", realm_data->length, realm_data->data); if (!fast_principal_realm) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); return ENOMEM; } } else { @@ -1740,7 +1740,7 @@ static int k5c_setup_fast(struct krb5_req *kr, char *lifetime_str, bool demand) kerr = check_fast_ccache(kr, kr->ctx, fast_principal, fast_principal_realm, kr->keytab, &kr->fast_ccname); if (kerr != 0) { - DEBUG(1, ("check_fast_ccache failed.\n")); + DEBUG(1, "check_fast_ccache failed.\n"); KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); return kerr; } @@ -1749,8 +1749,8 @@ static int k5c_setup_fast(struct krb5_req *kr, char *lifetime_str, bool demand) kr->options, kr->fast_ccname); if (kerr != 0) { - DEBUG(1, ("sss_krb5_get_init_creds_opt_set_fast_ccache_name " - "failed.\n")); + DEBUG(1, "sss_krb5_get_init_creds_opt_set_fast_ccache_name " + "failed.\n"); KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); return kerr; } @@ -1760,8 +1760,8 @@ static int k5c_setup_fast(struct krb5_req *kr, char *lifetime_str, bool demand) kr->options, SSS_KRB5_FAST_REQUIRED); if (kerr != 0) { - DEBUG(1, ("sss_krb5_get_init_creds_opt_set_fast_flags " - "failed.\n")); + DEBUG(1, "sss_krb5_get_init_creds_opt_set_fast_flags " + "failed.\n"); KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); return kerr; } @@ -1781,7 +1781,7 @@ static int k5c_setup(struct krb5_req *kr, uint32_t offline) kr->realm = getenv(SSSD_KRB5_REALM); if (kr->realm == NULL) { DEBUG(SSSDBG_MINOR_FAILURE, - ("Cannot read [%s] from environment.\n", SSSD_KRB5_REALM)); + "Cannot read [%s] from environment.\n", SSSD_KRB5_REALM); } kerr = krb5_init_context(&kr->ctx); @@ -1809,7 +1809,7 @@ static int k5c_setup(struct krb5_req *kr, uint32_t offline) if (kr->use_enterprise_princ) { kerr = krb5_set_default_realm(kr->ctx, kr->realm); if (kerr != 0) { - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_set_default_realm failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_set_default_realm failed.\n"); } } @@ -1828,7 +1828,7 @@ static int k5c_setup(struct krb5_req *kr, uint32_t offline) kr->creds = calloc(1, sizeof(krb5_creds)); if (kr->creds == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); return ENOMEM; } @@ -1856,35 +1856,35 @@ static int k5c_setup(struct krb5_req *kr, uint32_t offline) lifetime_str = getenv(SSSD_KRB5_RENEWABLE_LIFETIME); if (lifetime_str == NULL) { - DEBUG(SSSDBG_CONF_SETTINGS, ("Cannot read [%s] from environment.\n", - SSSD_KRB5_RENEWABLE_LIFETIME)); + DEBUG(SSSDBG_CONF_SETTINGS, "Cannot read [%s] from environment.\n", + SSSD_KRB5_RENEWABLE_LIFETIME); } else { kerr = krb5_string_to_deltat(lifetime_str, &lifetime); if (kerr != 0) { - DEBUG(1, ("krb5_string_to_deltat failed for [%s].\n", - lifetime_str)); + DEBUG(1, "krb5_string_to_deltat failed for [%s].\n", + lifetime_str); KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); return kerr; } - DEBUG(SSSDBG_CONF_SETTINGS, ("%s is set to [%s]\n", - SSSD_KRB5_RENEWABLE_LIFETIME, lifetime_str)); + DEBUG(SSSDBG_CONF_SETTINGS, "%s is set to [%s]\n", + SSSD_KRB5_RENEWABLE_LIFETIME, lifetime_str); krb5_get_init_creds_opt_set_renew_life(kr->options, lifetime); } lifetime_str = getenv(SSSD_KRB5_LIFETIME); if (lifetime_str == NULL) { - DEBUG(SSSDBG_CONF_SETTINGS, ("Cannot read [%s] from environment.\n", - SSSD_KRB5_LIFETIME)); + DEBUG(SSSDBG_CONF_SETTINGS, "Cannot read [%s] from environment.\n", + SSSD_KRB5_LIFETIME); } else { kerr = krb5_string_to_deltat(lifetime_str, &lifetime); if (kerr != 0) { - DEBUG(1, ("krb5_string_to_deltat failed for [%s].\n", - lifetime_str)); + DEBUG(1, "krb5_string_to_deltat failed for [%s].\n", + lifetime_str); KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr); return kerr; } DEBUG(SSSDBG_CONF_SETTINGS, - ("%s is set to [%s]\n", SSSD_KRB5_LIFETIME, lifetime_str)); + "%s is set to [%s]\n", SSSD_KRB5_LIFETIME, lifetime_str); krb5_get_init_creds_opt_set_tkt_life(kr->options, lifetime); } @@ -1893,15 +1893,15 @@ static int k5c_setup(struct krb5_req *kr, uint32_t offline) use_fast_str = getenv(SSSD_KRB5_USE_FAST); if (use_fast_str == NULL || strcasecmp(use_fast_str, "never") == 0) { - DEBUG(SSSDBG_CONF_SETTINGS, ("Not using FAST.\n")); + DEBUG(SSSDBG_CONF_SETTINGS, "Not using FAST.\n"); } else if (strcasecmp(use_fast_str, "try") == 0) { kerr = k5c_setup_fast(kr, lifetime_str, false); } else if (strcasecmp(use_fast_str, "demand") == 0) { kerr = k5c_setup_fast(kr, lifetime_str, true); } else { DEBUG(SSSDBG_CRIT_FAILURE, - ("Unsupported value [%s] for krb5_use_fast.\n", - use_fast_str)); + "Unsupported value [%s] for krb5_use_fast.\n", + use_fast_str); return EINVAL; } } @@ -1962,13 +1962,13 @@ int main(int argc, const char *argv[]) kr = talloc_zero(NULL, struct krb5_req); if (kr == NULL) { - DEBUG(1, ("talloc failed.\n")); + DEBUG(1, "talloc failed.\n"); exit(-1); } debug_prg_name = talloc_asprintf(kr, "[sssd[krb5_child[%d]]]", getpid()); if (!debug_prg_name) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_asprintf failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_asprintf failed.\n"); ret = ENOMEM; goto done; } @@ -1976,11 +1976,11 @@ int main(int argc, const char *argv[]) if (debug_fd != -1) { ret = set_debug_file_from_fd(debug_fd); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("set_debug_file_from_fd failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "set_debug_file_from_fd failed.\n"); } } - DEBUG(SSSDBG_TRACE_FUNC, ("krb5_child started.\n")); + DEBUG(SSSDBG_TRACE_FUNC, "krb5_child started.\n"); ret = k5c_recv_data(kr, STDIN_FILENO, &offline); if (ret != EOK) { @@ -1991,7 +1991,7 @@ int main(int argc, const char *argv[]) ret = k5c_setup(kr, offline); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_child_setup failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_child_setup failed.\n"); goto done; } @@ -1999,53 +1999,53 @@ int main(int argc, const char *argv[]) case SSS_PAM_AUTHENTICATE: /* If we are offline, we need to create an empty ccache file */ if (offline) { - DEBUG(SSSDBG_TRACE_FUNC, ("Will perform offline auth\n")); + DEBUG(SSSDBG_TRACE_FUNC, "Will perform offline auth\n"); ret = create_empty_ccache(kr); } else { - DEBUG(SSSDBG_TRACE_FUNC, ("Will perform online auth\n")); + DEBUG(SSSDBG_TRACE_FUNC, "Will perform online auth\n"); ret = tgt_req_child(kr); } break; case SSS_PAM_CHAUTHTOK: - DEBUG(SSSDBG_TRACE_FUNC, ("Will perform password change\n")); + DEBUG(SSSDBG_TRACE_FUNC, "Will perform password change\n"); ret = changepw_child(kr, false); break; case SSS_PAM_CHAUTHTOK_PRELIM: - DEBUG(SSSDBG_TRACE_FUNC, ("Will perform password change checks\n")); + DEBUG(SSSDBG_TRACE_FUNC, "Will perform password change checks\n"); ret = changepw_child(kr, true); break; case SSS_PAM_ACCT_MGMT: - DEBUG(SSSDBG_TRACE_FUNC, ("Will perform account management\n")); + DEBUG(SSSDBG_TRACE_FUNC, "Will perform account management\n"); ret = kuserok_child(kr); break; case SSS_CMD_RENEW: if (offline) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Cannot renew TGT while offline\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Cannot renew TGT while offline\n"); ret = KRB5_KDC_UNREACH; goto done; } - DEBUG(SSSDBG_TRACE_FUNC, ("Will perform ticket renewal\n")); + DEBUG(SSSDBG_TRACE_FUNC, "Will perform ticket renewal\n"); ret = renew_tgt_child(kr); break; default: - DEBUG(1, ("PAM command [%d] not supported.\n", kr->pd->cmd)); + DEBUG(1, "PAM command [%d] not supported.\n", kr->pd->cmd); ret = EINVAL; goto done; } ret = k5c_send_data(kr, STDOUT_FILENO, ret); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to send reply\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to send reply\n"); } done: krb5_cleanup(kr); talloc_free(kr); if (ret == EOK) { - DEBUG(SSSDBG_TRACE_FUNC, ("krb5_child completed successfully\n")); + DEBUG(SSSDBG_TRACE_FUNC, "krb5_child completed successfully\n"); exit(0); } else { - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_child failed!\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_child failed!\n"); exit(-1); } } diff --git a/src/providers/krb5/krb5_child_handler.c b/src/providers/krb5/krb5_child_handler.c index bf3562f9d..ff97e0841 100644 --- a/src/providers/krb5/krb5_child_handler.c +++ b/src/providers/krb5/krb5_child_handler.c @@ -69,7 +69,7 @@ static int child_io_destructor(void *ptr) io->write_to_child_fd = -1; if (ret != EOK) { ret = errno; - DEBUG(1, ("close failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "close failed [%d][%s].\n", ret, strerror(ret)); } } @@ -78,7 +78,7 @@ static int child_io_destructor(void *ptr) io->read_from_child_fd = -1; if (ret != EOK) { ret = errno; - DEBUG(1, ("close failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "close failed [%d][%s].\n", ret, strerror(ret)); } } @@ -136,7 +136,7 @@ static errno_t create_send_buffer(struct krb5child_req *kr, keytab = dp_opt_get_cstring(kr->krb5_ctx->opts, KRB5_KEYTAB); if (keytab == NULL) { - DEBUG(1, ("Missing keytab option.\n")); + DEBUG(1, "Missing keytab option.\n"); return EINVAL; } @@ -164,7 +164,7 @@ static errno_t create_send_buffer(struct krb5child_req *kr, buf = talloc(kr, struct io_buffer); if (buf == NULL) { - DEBUG(1, ("talloc failed.\n")); + DEBUG(1, "talloc failed.\n"); return ENOMEM; } @@ -190,7 +190,7 @@ static errno_t create_send_buffer(struct krb5child_req *kr, buf->data = talloc_size(kr, buf->size); if (buf->data == NULL) { - DEBUG(1, ("talloc_size failed.\n")); + DEBUG(1, "talloc_size failed.\n"); talloc_free(buf); return ENOMEM; } @@ -255,13 +255,13 @@ static void krb5_child_timeout(struct tevent_context *ev, } DEBUG(SSSDBG_IMPORTANT_INFO, - ("Timeout for child [%d] reached. In case KDC is distant or network " + "Timeout for child [%d] reached. In case KDC is distant or network " "is slow you may consider increasing value of krb5_auth_timeout.\n", - state->child_pid)); + state->child_pid); ret = kill(state->child_pid, SIGKILL); if (ret == -1) { - DEBUG(1, ("kill failed [%d][%s].\n", errno, strerror(errno))); + DEBUG(1, "kill failed [%d][%s].\n", errno, strerror(errno)); } tevent_req_error(req, ETIMEDOUT); @@ -280,7 +280,7 @@ static errno_t activate_child_timeout_handler(struct tevent_req *req, state->timeout_handler = tevent_add_timer(ev, state, tv, krb5_child_timeout, req); if (state->timeout_handler == NULL) { - DEBUG(1, ("tevent_add_timer failed.\n")); + DEBUG(1, "tevent_add_timer failed.\n"); return ENOMEM; } @@ -300,13 +300,13 @@ static errno_t fork_child(struct tevent_req *req) ret = pipe(pipefd_from_child); if (ret == -1) { err = errno; - DEBUG(1, ("pipe failed [%d][%s].\n", errno, strerror(errno))); + DEBUG(1, "pipe failed [%d][%s].\n", errno, strerror(errno)); return err; } ret = pipe(pipefd_to_child); if (ret == -1) { err = errno; - DEBUG(1, ("pipe failed [%d][%s].\n", errno, strerror(errno))); + DEBUG(1, "pipe failed [%d][%s].\n", errno, strerror(errno)); return err; } @@ -316,7 +316,7 @@ static errno_t fork_child(struct tevent_req *req) if (state->kr->run_as_user) { ret = become_user(state->kr->uid, state->kr->gid); if (ret != EOK) { - DEBUG(1, ("become_user failed.\n")); + DEBUG(1, "become_user failed.\n"); return ret; } } @@ -325,8 +325,8 @@ static errno_t fork_child(struct tevent_req *req) pipefd_to_child, pipefd_from_child, KRB5_CHILD, state->kr->krb5_ctx->child_debug_fd); if (err != EOK) { - DEBUG(1, ("Could not exec KRB5 child: [%d][%s].\n", - err, strerror(err))); + DEBUG(1, "Could not exec KRB5 child: [%d][%s].\n", + err, strerror(err)); return err; } } else if (pid > 0) { /* parent */ @@ -340,19 +340,19 @@ static errno_t fork_child(struct tevent_req *req) ret = child_handler_setup(state->ev, pid, NULL, NULL, NULL); if (ret != EOK) { - DEBUG(1, ("Could not set up child signal handler\n")); + DEBUG(1, "Could not set up child signal handler\n"); return ret; } err = activate_child_timeout_handler(req, state->ev, dp_opt_get_int(state->kr->krb5_ctx->opts, KRB5_AUTH_TIMEOUT)); if (err != EOK) { - DEBUG(1, ("activate_child_timeout_handler failed.\n")); + DEBUG(1, "activate_child_timeout_handler failed.\n"); } } else { /* error */ err = errno; - DEBUG(1, ("fork failed [%d][%s].\n", errno, strerror(errno))); + DEBUG(1, "fork failed [%d][%s].\n", errno, strerror(errno)); return err; } @@ -385,7 +385,7 @@ struct tevent_req *handle_child_send(TALLOC_CTX *mem_ctx, state->io = talloc(state, struct io); if (state->io == NULL) { - DEBUG(1, ("talloc failed.\n")); + DEBUG(1, "talloc failed.\n"); ret = ENOMEM; goto fail; } @@ -395,13 +395,13 @@ struct tevent_req *handle_child_send(TALLOC_CTX *mem_ctx, ret = create_send_buffer(kr, &buf); if (ret != EOK) { - DEBUG(1, ("create_send_buffer failed.\n")); + DEBUG(1, "create_send_buffer failed.\n"); goto fail; } ret = fork_child(req); if (ret != EOK) { - DEBUG(1, ("fork_child failed.\n")); + DEBUG(1, "fork_child failed.\n"); goto fail; } @@ -509,7 +509,7 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, bool otp = false; if ((size_t) len < sizeof(int32_t)) { - DEBUG(SSSDBG_CRIT_FAILURE, ("message too short.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "message too short.\n"); return EINVAL; } @@ -537,12 +537,12 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, SAFEALIGN_COPY_INT32(&msg_type, buf+p, &p); SAFEALIGN_COPY_INT32(&msg_len, buf+p, &p); - DEBUG(SSSDBG_TRACE_LIBS, ("child response [%d][%d][%d].\n", - msg_status, msg_type, msg_len)); + DEBUG(SSSDBG_TRACE_LIBS, "child response [%d][%d][%d].\n", + msg_status, msg_type, msg_len); if ((p + msg_len) > len) { - DEBUG(SSSDBG_CRIT_FAILURE, ("message format error [%zu] > [%zd].\n", - p+msg_len, len)); + DEBUG(SSSDBG_CRIT_FAILURE, "message format error [%zu] > [%zd].\n", + p+msg_len, len); return EINVAL; } @@ -568,8 +568,8 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, tgtt.endtime = int64_to_time_t(time_data); SAFEALIGN_COPY_INT64(&time_data, buf+p+3*sizeof(int64_t), NULL); tgtt.renew_till = int64_to_time_t(time_data); - DEBUG(SSSDBG_TRACE_LIBS, ("TGT times are [%ld][%ld][%ld][%ld].\n", - tgtt.authtime, tgtt.starttime, tgtt.endtime, tgtt.renew_till)); + DEBUG(SSSDBG_TRACE_LIBS, "TGT times are [%ld][%ld][%ld][%ld].\n", + tgtt.authtime, tgtt.starttime, tgtt.endtime, tgtt.renew_till); } if (msg_type == SSS_KRB5_INFO_UPN) { @@ -598,7 +598,7 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, ret = pam_add_response(pd, msg_type, msg_len, &buf[p]); if (ret != EOK) { /* This is not a fatal error */ - DEBUG(SSSDBG_CRIT_FAILURE, ("pam_add_response failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n"); } } @@ -606,7 +606,7 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, if ((p < len) && (p + 2*sizeof(int32_t) > len)) { DEBUG(SSSDBG_CRIT_FAILURE, - ("The remainder of the message is too short.\n")); + "The remainder of the message is too short.\n"); return EINVAL; } } @@ -621,7 +621,7 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, if (ccname) { res->ccname = talloc_strndup(res, ccname, ccname_len); if (res->ccname == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strndup failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strndup failed.\n"); talloc_free(res); return ENOMEM; } @@ -630,7 +630,7 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, if (upn != NULL) { res->correct_upn = talloc_strndup(res, upn, upn_len); if (res->correct_upn == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strndup failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strndup failed.\n"); talloc_free(res); return ENOMEM; } diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c index d1d26ee71..92df01ed9 100644 --- a/src/providers/krb5/krb5_common.c +++ b/src/providers/krb5/krb5_common.c @@ -48,28 +48,28 @@ errno_t check_and_export_lifetime(struct dp_option *opts, const int opt_id, str = dp_opt_get_string(opts, opt_id); if (str == NULL || *str == '\0') { - DEBUG(5, ("No lifetime configured.\n")); + DEBUG(5, "No lifetime configured.\n"); return EOK; } if (isdigit(str[strlen(str)-1])) { str = talloc_asprintf(opts, "%ss", str); if (str == NULL) { - DEBUG(1, ("talloc_asprintf failed\n")); + DEBUG(1, "talloc_asprintf failed\n"); return ENOMEM; } free_str = true; ret = dp_opt_set_string(opts, opt_id, str); if (ret != EOK) { - DEBUG(1, ("dp_opt_set_string failed\n")); + DEBUG(1, "dp_opt_set_string failed\n"); goto done; } } ret = krb5_string_to_deltat(str, &lifetime); if (ret != 0) { - DEBUG(1, ("Invalid value [%s] for a lifetime.\n", str)); + DEBUG(1, "Invalid value [%s] for a lifetime.\n", str); ret = EINVAL; goto done; } @@ -77,7 +77,7 @@ errno_t check_and_export_lifetime(struct dp_option *opts, const int opt_id, ret = setenv(env_name, str, 1); if (ret != EOK) { ret = errno; - DEBUG(2, ("setenv [%s] failed.\n", env_name)); + DEBUG(2, "setenv [%s] failed.\n", env_name); goto done; } @@ -136,9 +136,9 @@ static errno_t sss_get_system_ccname_template(TALLOC_CTX *mem_ctx, char **ccname) { DEBUG(SSSDBG_CONF_SETTINGS, - ("Your kerberos library does not support the default_ccache_name " + "Your kerberos library does not support the default_ccache_name " "option or the profile library. Please use krb5_ccname_template " - "in sssd.conf if you want to change the default\n")); + "in sssd.conf if you want to change the default\n"); *ccname = NULL; return ERR_NOT_FOUND; } @@ -151,9 +151,9 @@ static void sss_check_cc_template(const char *cc_template) template_len = strlen(cc_template); if (template_len >= 6 && strcmp(cc_template + (template_len - 6), "XXXXXX") != 0) { - DEBUG(SSSDBG_CONF_SETTINGS, ("ccache file name template [%s] doesn't " + DEBUG(SSSDBG_CONF_SETTINGS, "ccache file name template [%s] doesn't " "contain randomizing characters (XXXXXX), file might not " - "be rewritable\n", cc_template)); + "be rewritable\n", cc_template); } } @@ -179,7 +179,7 @@ errno_t check_and_export_options(struct dp_option *opts, if (realm == NULL) { ret = dp_opt_set_string(opts, KRB5_REALM, dom->name); if (ret != EOK) { - DEBUG(1, ("dp_opt_set_string failed.\n")); + DEBUG(1, "dp_opt_set_string failed.\n"); goto done; } realm = dom->name; @@ -187,23 +187,23 @@ errno_t check_and_export_options(struct dp_option *opts, ret = setenv(SSSD_KRB5_REALM, realm, 1); if (ret != EOK) { - DEBUG(2, ("setenv %s failed, authentication might fail.\n", - SSSD_KRB5_REALM)); + DEBUG(2, "setenv %s failed, authentication might fail.\n", + SSSD_KRB5_REALM); } ret = check_and_export_lifetime(opts, KRB5_RENEWABLE_LIFETIME, SSSD_KRB5_RENEWABLE_LIFETIME); if (ret != EOK) { - DEBUG(1, ("Failed to check value of krb5_renewable_lifetime. [%d][%s]\n", - ret, strerror(ret))); + DEBUG(1, "Failed to check value of krb5_renewable_lifetime. [%d][%s]\n", + ret, strerror(ret)); goto done; } ret = check_and_export_lifetime(opts, KRB5_LIFETIME, SSSD_KRB5_LIFETIME); if (ret != EOK) { - DEBUG(1, ("Failed to check value of krb5_lifetime. [%d][%s]\n", - ret, strerror(ret))); + DEBUG(1, "Failed to check value of krb5_lifetime. [%d][%s]\n", + ret, strerror(ret)); goto done; } @@ -212,20 +212,20 @@ errno_t check_and_export_options(struct dp_option *opts, if (use_fast_str != NULL) { ret = check_fast(use_fast_str, &krb5_ctx->use_fast); if (ret != EOK) { - DEBUG(1, ("check_fast failed.\n")); + DEBUG(1, "check_fast failed.\n"); goto done; } if (krb5_ctx->use_fast) { ret = setenv(SSSD_KRB5_USE_FAST, use_fast_str, 1); if (ret != EOK) { - DEBUG(2, ("setenv [%s] failed.\n", SSSD_KRB5_USE_FAST)); + DEBUG(2, "setenv [%s] failed.\n", SSSD_KRB5_USE_FAST); } else { fast_principal = dp_opt_get_string(opts, KRB5_FAST_PRINCIPAL); if (fast_principal != NULL) { ret = setenv(SSSD_KRB5_FAST_PRINCIPAL, fast_principal, 1); if (ret != EOK) { - DEBUG(2, ("setenv [%s] failed.\n", SSSD_KRB5_FAST_PRINCIPAL)); + DEBUG(2, "setenv [%s] failed.\n", SSSD_KRB5_FAST_PRINCIPAL); } } } @@ -243,26 +243,26 @@ errno_t check_and_export_options(struct dp_option *opts, ret = setenv(SSSD_KRB5_CANONICALIZE, "false", 1); } if (ret != EOK) { - DEBUG(2, ("setenv [%s] failed.\n", SSSD_KRB5_CANONICALIZE)); + DEBUG(2, "setenv [%s] failed.\n", SSSD_KRB5_CANONICALIZE); } dummy = dp_opt_get_cstring(opts, KRB5_KDC); if (dummy == NULL) { - DEBUG(SSSDBG_CONF_SETTINGS, ("No KDC explicitly configured, using defaults.\n")); + DEBUG(SSSDBG_CONF_SETTINGS, "No KDC explicitly configured, using defaults.\n"); } dummy = dp_opt_get_cstring(opts, KRB5_KPASSWD); if (dummy == NULL) { - DEBUG(SSSDBG_CONF_SETTINGS, ("No kpasswd server explicitly configured, " - "using the KDC or defaults.\n")); + DEBUG(SSSDBG_CONF_SETTINGS, "No kpasswd server explicitly configured, " + "using the KDC or defaults.\n"); } ccname = dp_opt_get_string(opts, KRB5_CCNAME_TMPL); if (ccname != NULL) { DEBUG(SSSDBG_CONF_SETTINGS, - ("The credential ccache name template has been explicitly set " + "The credential ccache name template has been explicitly set " "in sssd.conf, it is recommended to set default_ccache_name " - "in krb5.conf instead so that a system default is used\n")); + "in krb5.conf instead so that a system default is used\n"); ccname = talloc_strdup(tmp_ctx, ccname); if (!ccname) { ret = ENOMEM; @@ -285,22 +285,22 @@ errno_t check_and_export_options(struct dp_option *opts, /* set back in opts */ ret = dp_opt_set_string(opts, KRB5_CCNAME_TMPL, ccname); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("dp_opt_set_string failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "dp_opt_set_string failed.\n"); goto done; } } if ((ccname[0] == '/') || (strncmp(ccname, "FILE:", 5) == 0)) { - DEBUG(SSSDBG_CONF_SETTINGS, ("ccache is of type FILE\n")); + DEBUG(SSSDBG_CONF_SETTINGS, "ccache is of type FILE\n"); /* warn if the file type (which is usally created in a sticky bit * laden directory) does not have randomizing chracters */ sss_check_cc_template(ccname); if (ccname[0] == '/') { /* /path/to/cc prepend FILE: */ - DEBUG(SSSDBG_CONF_SETTINGS, ("The ccname template was " + DEBUG(SSSDBG_CONF_SETTINGS, "The ccname template was " "missing an explicit type, but is an absolute " - "path specifier. Assuming FILE:\n")); + "path specifier. Assuming FILE:\n"); ccname = talloc_asprintf(tmp_ctx, "FILE:%s", ccname); if (!ccname) { @@ -310,7 +310,7 @@ errno_t check_and_export_options(struct dp_option *opts, ret = dp_opt_set_string(opts, KRB5_CCNAME_TMPL, ccname); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("dp_opt_set_string failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "dp_opt_set_string failed.\n"); goto done; } } @@ -331,11 +331,11 @@ errno_t krb5_try_kdcip(struct confdb_ctx *cdb, const char *conf_path, krb5_servers = dp_opt_get_string(opts, opt_id); if (krb5_servers == NULL) { - DEBUG(4, ("No KDC found in configuration, trying legacy option\n")); + DEBUG(4, "No KDC found in configuration, trying legacy option\n"); ret = confdb_get_string(cdb, NULL, conf_path, "krb5_kdcip", NULL, &krb5_servers); if (ret != EOK) { - DEBUG(1, ("confdb_get_string failed.\n")); + DEBUG(1, "confdb_get_string failed.\n"); return ret; } @@ -343,19 +343,19 @@ errno_t krb5_try_kdcip(struct confdb_ctx *cdb, const char *conf_path, { ret = dp_opt_set_string(opts, opt_id, krb5_servers); if (ret != EOK) { - DEBUG(1, ("dp_opt_set_string failed.\n")); + DEBUG(1, "dp_opt_set_string failed.\n"); talloc_free(krb5_servers); return ret; } DEBUG(SSSDBG_CONF_SETTINGS, - ("Set krb5 server [%s] based on legacy krb5_kdcip option\n", - krb5_servers)); + "Set krb5 server [%s] based on legacy krb5_kdcip option\n", + krb5_servers); DEBUG(SSSDBG_FATAL_FAILURE, - ("Your configuration uses the deprecated option " + "Your configuration uses the deprecated option " "'krb5_kdcip' to specify the KDC. Please change the " "configuration to use the 'krb5_server' option " - "instead.\n")); + "instead.\n"); talloc_free(krb5_servers); } } @@ -371,14 +371,14 @@ errno_t krb5_get_options(TALLOC_CTX *memctx, struct confdb_ctx *cdb, opts = talloc_zero(memctx, struct dp_option); if (opts == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); return ENOMEM; } ret = dp_get_options(opts, cdb, conf_path, default_krb5_opts, KRB5_OPTS, &opts); if (ret != EOK) { - DEBUG(1, ("dp_get_options failed.\n")); + DEBUG(1, "dp_get_options failed.\n"); goto done; } @@ -386,7 +386,7 @@ errno_t krb5_get_options(TALLOC_CTX *memctx, struct confdb_ctx *cdb, /* FIXME - this can be removed in a future version */ ret = krb5_try_kdcip(cdb, conf_path, opts, KRB5_KDC); if (ret != EOK) { - DEBUG(1, ("sss_krb5_try_kdcip failed.\n")); + DEBUG(1, "sss_krb5_try_kdcip failed.\n"); goto done; } @@ -416,7 +416,7 @@ errno_t write_krb5info_file(const char *realm, const char *server, if (realm == NULL || *realm == '\0' || server == NULL || *server == '\0' || service == NULL || service == '\0') { - DEBUG(1, ("Missing or empty realm, server or service.\n")); + DEBUG(1, "Missing or empty realm, server or service.\n"); return EINVAL; } @@ -425,7 +425,7 @@ errno_t write_krb5info_file(const char *realm, const char *server, } else if (strcmp(service, SSS_KRB5KPASSWD_FO_SRV) == 0) { name_tmpl = KPASSWDINFO_TMPL; } else { - DEBUG(1, ("Unsupported service [%s]\n.", service)); + DEBUG(1, "Unsupported service [%s]\n.", service); return EINVAL; } @@ -433,20 +433,20 @@ errno_t write_krb5info_file(const char *realm, const char *server, tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(1, ("talloc_new failed.\n")); + DEBUG(1, "talloc_new failed.\n"); return ENOMEM; } tmp_name = talloc_asprintf(tmp_ctx, PUBCONF_PATH"/.krb5info_dummy_XXXXXX"); if (tmp_name == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); ret = ENOMEM; goto done; } krb5info_name = talloc_asprintf(tmp_ctx, name_tmpl, realm); if (krb5info_name == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); ret = ENOMEM; goto done; } @@ -456,7 +456,7 @@ errno_t write_krb5info_file(const char *realm, const char *server, umask(old_umask); if (fd == -1) { ret = errno; - DEBUG(1, ("mkstemp failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "mkstemp failed [%d][%s].\n", ret, strerror(ret)); goto done; } @@ -465,14 +465,14 @@ errno_t write_krb5info_file(const char *realm, const char *server, if (written == -1) { ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, - ("write failed [%d][%s].\n", ret, strerror(ret))); + "write failed [%d][%s].\n", ret, strerror(ret)); goto done; } if (written != server_len) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Write error, wrote [%zd] bytes, expected [%zu]\n", - written, server_len)); + "Write error, wrote [%zd] bytes, expected [%zu]\n", + written, server_len); ret = EIO; goto done; } @@ -480,21 +480,21 @@ errno_t write_krb5info_file(const char *realm, const char *server, ret = fchmod(fd, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); if (ret == -1) { ret = errno; - DEBUG(1, ("fchmod failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "fchmod failed [%d][%s].\n", ret, strerror(ret)); goto done; } ret = close(fd); if (ret == -1) { ret = errno; - DEBUG(1, ("close failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "close failed [%d][%s].\n", ret, strerror(ret)); goto done; } ret = rename(tmp_name, krb5info_name); if (ret == -1) { ret = errno; - DEBUG(1, ("rename failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "rename failed [%d][%s].\n", ret, strerror(ret)); goto done; } @@ -514,28 +514,28 @@ static void krb5_resolve_callback(void *private_data, struct fo_server *server) tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(1, ("talloc_new failed\n")); + DEBUG(1, "talloc_new failed\n"); return; } krb5_service = talloc_get_type(private_data, struct krb5_service); if (!krb5_service) { - DEBUG(1, ("FATAL: Bad private_data\n")); + DEBUG(1, "FATAL: Bad private_data\n"); talloc_free(tmp_ctx); return; } srvaddr = fo_get_server_hostent(server); if (!srvaddr) { - DEBUG(1, ("FATAL: No hostent available for server (%s)\n", - fo_get_server_str_name(server))); + DEBUG(1, "FATAL: No hostent available for server (%s)\n", + fo_get_server_str_name(server)); talloc_free(tmp_ctx); return; } address = resolv_get_string_address(tmp_ctx, srvaddr); if (address == NULL) { - DEBUG(1, ("resolv_get_string_address failed.\n")); + DEBUG(1, "resolv_get_string_address failed.\n"); talloc_free(tmp_ctx); return; } @@ -544,7 +544,7 @@ static void krb5_resolve_callback(void *private_data, struct fo_server *server) srvaddr->family, address); if (safe_address == NULL) { - DEBUG(1, ("sss_escape_ip_address failed.\n")); + DEBUG(1, "sss_escape_ip_address failed.\n"); talloc_free(tmp_ctx); return; } @@ -553,7 +553,7 @@ static void krb5_resolve_callback(void *private_data, struct fo_server *server) safe_address = talloc_asprintf_append(safe_address, ":%d", fo_get_server_port(server)); if (safe_address == NULL) { - DEBUG(1, ("talloc_asprintf_append failed.\n")); + DEBUG(1, "talloc_asprintf_append failed.\n"); talloc_free(tmp_ctx); return; } @@ -561,7 +561,7 @@ static void krb5_resolve_callback(void *private_data, struct fo_server *server) ret = write_krb5info_file(krb5_service->realm, safe_address, krb5_service->name); if (ret != EOK) { - DEBUG(2, ("write_krb5info_file failed, authentication might fail.\n")); + DEBUG(2, "write_krb5info_file failed, authentication might fail.\n"); } } @@ -592,7 +592,7 @@ static errno_t _krb5_servers_init(struct be_ctx *ctx, ret = split_on_separator(tmp_ctx, servers, ',', true, true, &list, NULL); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to parse server list!\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to parse server list!\n"); goto done; } @@ -607,20 +607,20 @@ static errno_t _krb5_servers_init(struct be_ctx *ctx, if (be_fo_is_srv_identifier(server_spec)) { if (!primary) { DEBUG(SSSDBG_MINOR_FAILURE, - ("Failed to add server [%s] to failover service: " + "Failed to add server [%s] to failover service: " "SRV resolution only allowed for primary servers!\n", - list[i])); + list[i]); continue; } ret = be_fo_add_srv_server(ctx, service_name, service_name, NULL, BE_FO_PROTO_UDP, true, NULL); if (ret) { - DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to add server\n")); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to add server\n"); goto done; } - DEBUG(SSSDBG_TRACE_FUNC, ("Added service lookup\n")); + DEBUG(SSSDBG_TRACE_FUNC, "Added service lookup\n"); continue; } @@ -641,34 +641,34 @@ static errno_t _krb5_servers_init(struct be_ctx *ctx, port = strtol(port_str, &endptr, 10); if (errno != 0) { ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, ("strtol failed on [%s]: [%d][%s].\n", port_str, - ret, strerror(ret))); + DEBUG(SSSDBG_CRIT_FAILURE, "strtol failed on [%s]: [%d][%s].\n", port_str, + ret, strerror(ret)); goto done; } if (*endptr != '\0') { - DEBUG(SSSDBG_CRIT_FAILURE, ("Found additional characters [%s] in port number " - "[%s].\n", endptr, port_str)); + DEBUG(SSSDBG_CRIT_FAILURE, "Found additional characters [%s] in port number " + "[%s].\n", endptr, port_str); ret = EINVAL; goto done; } if (port < 1 || port > 65535) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Illegal port number [%ld].\n", port)); + DEBUG(SSSDBG_CRIT_FAILURE, "Illegal port number [%ld].\n", port); ret = EINVAL; goto done; } } else if (isalpha(*port_str)) { servent = getservbyname(port_str, NULL); if (servent == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("getservbyname cannot find service [%s].\n", - port_str)); + DEBUG(SSSDBG_CRIT_FAILURE, "getservbyname cannot find service [%s].\n", + port_str); ret = EINVAL; goto done; } port = servent->s_port; } else { - DEBUG(SSSDBG_CRIT_FAILURE, ("Unsupported port specifier in [%s].\n", list[i])); + DEBUG(SSSDBG_CRIT_FAILURE, "Unsupported port specifier in [%s].\n", list[i]); ret = EINVAL; goto done; } @@ -684,11 +684,11 @@ static errno_t _krb5_servers_init(struct be_ctx *ctx, ret = be_fo_add_server(ctx, service_name, server_spec, (int) port, list[i], primary); if (ret && ret != EEXIST) { - DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to add server\n")); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to add server\n"); goto done; } - DEBUG(SSSDBG_TRACE_FUNC, ("Added Server %s\n", list[i])); + DEBUG(SSSDBG_TRACE_FUNC, "Added Server %s\n", list[i]); } done: @@ -740,7 +740,7 @@ int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, ret = be_fo_add_service(ctx, service_name, krb5_user_data_cmp); if (ret != EOK) { - DEBUG(1, ("Failed to create failover service!\n")); + DEBUG(1, "Failed to create failover service!\n"); goto done; } @@ -760,7 +760,7 @@ int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, if (!primary_servers) { DEBUG(SSSDBG_CONF_SETTINGS, - ("No primary servers defined, using service discovery\n")); + "No primary servers defined, using service discovery\n"); primary_servers = BE_SRV_IDENTIFIER; } @@ -780,7 +780,7 @@ int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, ret = be_fo_service_add_callback(memctx, ctx, service_name, krb5_resolve_callback, service); if (ret != EOK) { - DEBUG(1, ("Failed to add failover callback!\n")); + DEBUG(1, "Failed to add failover callback!\n"); goto done; } @@ -803,7 +803,7 @@ errno_t remove_krb5_info_files(TALLOC_CTX *mem_ctx, const char *realm) file = talloc_asprintf(mem_ctx, KDCINFO_TMPL, realm); if(file == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); return ENOMEM; } @@ -811,13 +811,13 @@ errno_t remove_krb5_info_files(TALLOC_CTX *mem_ctx, const char *realm) ret = unlink(file); if (ret == -1) { err = errno; - DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file, - err, strerror(err))); + DEBUG(5, "Could not remove [%s], [%d][%s]\n", file, + err, strerror(err)); } file = talloc_asprintf(mem_ctx, KPASSWDINFO_TMPL, realm); if(file == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); return ENOMEM; } @@ -825,8 +825,8 @@ errno_t remove_krb5_info_files(TALLOC_CTX *mem_ctx, const char *realm) ret = unlink(file); if (ret == -1) { err = errno; - DEBUG(5, ("Could not remove [%s], [%d][%s]\n", file, - err, strerror(err))); + DEBUG(5, "Could not remove [%s], [%d][%s]\n", file, + err, strerror(err)); } return EOK; @@ -842,31 +842,31 @@ void remove_krb5_info_files_callback(void *pvt) ret = be_fo_run_callbacks_at_next_request(ctx->be_ctx, ctx->kdc_service_name); if (ret != EOK) { - DEBUG(1, ("be_fo_run_callbacks_at_next_request failed, " + DEBUG(1, "be_fo_run_callbacks_at_next_request failed, " "krb5 info files will not be removed, because " - "it is unclear if they will be recreated properly.\n")); + "it is unclear if they will be recreated properly.\n"); return; } if (ctx->kpasswd_service_name != NULL) { ret = be_fo_run_callbacks_at_next_request(ctx->be_ctx, ctx->kpasswd_service_name); if (ret != EOK) { - DEBUG(1, ("be_fo_run_callbacks_at_next_request failed, " + DEBUG(1, "be_fo_run_callbacks_at_next_request failed, " "krb5 info files will not be removed, because " - "it is unclear if they will be recreated properly.\n")); + "it is unclear if they will be recreated properly.\n"); return; } } tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(1, ("talloc_new failed, cannot remove krb5 info files.\n")); + DEBUG(1, "talloc_new failed, cannot remove krb5 info files.\n"); return; } ret = remove_krb5_info_files(tmp_ctx, ctx->realm); if (ret != EOK) { - DEBUG(1, ("remove_krb5_info_files failed.\n")); + DEBUG(1, "remove_krb5_info_files failed.\n"); } talloc_zfree(tmp_ctx); @@ -884,7 +884,7 @@ void krb5_finalize(struct tevent_context *ev, ret = remove_krb5_info_files(se, realm); if (ret != EOK) { - DEBUG(1, ("remove_krb5_info_files failed.\n")); + DEBUG(1, "remove_krb5_info_files failed.\n"); } orderly_shutdown(0); @@ -898,26 +898,26 @@ errno_t krb5_install_offline_callback(struct be_ctx *be_ctx, const char *krb5_realm; if (krb5_ctx->service == NULL || krb5_ctx->service->name == NULL) { - DEBUG(1, ("Missing KDC service name!\n")); + DEBUG(1, "Missing KDC service name!\n"); return EINVAL; } ctx = talloc_zero(krb5_ctx, struct remove_info_files_ctx); if (ctx == NULL) { - DEBUG(1, ("talloc_zfree failed.\n")); + DEBUG(1, "talloc_zfree failed.\n"); return ENOMEM; } krb5_realm = dp_opt_get_cstring(krb5_ctx->opts, KRB5_REALM); if (krb5_realm == NULL) { - DEBUG(1, ("Missing krb5_realm option!\n")); + DEBUG(1, "Missing krb5_realm option!\n"); ret = EINVAL; goto done; } ctx->realm = talloc_strdup(ctx, krb5_realm); if (ctx->realm == NULL) { - DEBUG(1, ("talloc_strdup failed!\n")); + DEBUG(1, "talloc_strdup failed!\n"); ret = ENOMEM; goto done; } @@ -933,7 +933,7 @@ errno_t krb5_install_offline_callback(struct be_ctx *be_ctx, ret = be_add_offline_cb(ctx, be_ctx, remove_krb5_info_files_callback, ctx, NULL); if (ret != EOK) { - DEBUG(1, ("be_add_offline_cb failed.\n")); + DEBUG(1, "be_add_offline_cb failed.\n"); goto done; } @@ -958,20 +958,20 @@ errno_t krb5_install_sigterm_handler(struct tevent_context *ev, krb5_realm = dp_opt_get_cstring(krb5_ctx->opts, KRB5_REALM); if (krb5_realm == NULL) { - DEBUG(1, ("Missing krb5_realm option!\n")); + DEBUG(1, "Missing krb5_realm option!\n"); return EINVAL; } sig_realm = talloc_strdup(krb5_ctx, krb5_realm); if (sig_realm == NULL) { - DEBUG(1, ("talloc_strdup failed!\n")); + DEBUG(1, "talloc_strdup failed!\n"); return ENOMEM; } sige = tevent_add_signal(ev, krb5_ctx, SIGTERM, SA_SIGINFO, krb5_finalize, sig_realm); if (sige == NULL) { - DEBUG(1, ("tevent_add_signal failed.\n")); + DEBUG(1, "tevent_add_signal failed.\n"); talloc_free(sig_realm); return ENOMEM; } @@ -994,7 +994,7 @@ errno_t krb5_get_simple_upn(TALLOC_CTX *mem_ctx, struct krb5_ctx *krb5_ctx, tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_new failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new failed.\n"); return ENOMEM; } @@ -1002,14 +1002,14 @@ errno_t krb5_get_simple_upn(TALLOC_CTX *mem_ctx, struct krb5_ctx *krb5_ctx, strcasecmp(dom->name, user_dom) != 0) { uc_dom = get_uppercase_realm(tmp_ctx, user_dom); if (uc_dom == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("get_uppercase_realm failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "get_uppercase_realm failed.\n"); ret = ENOMEM; goto done; } } else { realm = dp_opt_get_cstring(krb5_ctx->opts, KRB5_REALM); if (realm == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("Missing Kerberos realm.\n")); + DEBUG(SSSDBG_OP_FAILURE, "Missing Kerberos realm.\n"); ret = ENOMEM; goto done; } @@ -1021,8 +1021,8 @@ errno_t krb5_get_simple_upn(TALLOC_CTX *mem_ctx, struct krb5_ctx *krb5_ctx, ret = sss_parse_name(tmp_ctx, dom->names, username, &domname, &name); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, - ("Could not parse [%s] into name and " - "domain components, login might fail\n", username)); + "Could not parse [%s] into name and " + "domain components, login might fail\n", username); name = discard_const(username); } @@ -1030,12 +1030,12 @@ errno_t krb5_get_simple_upn(TALLOC_CTX *mem_ctx, struct krb5_ctx *krb5_ctx, upn = talloc_asprintf(tmp_ctx, "%s@%s", name, realm != NULL ? realm : uc_dom); if (upn == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); ret = ENOMEM; goto done; } - DEBUG(9, ("Using simple UPN [%s].\n", upn)); + DEBUG(9, "Using simple UPN [%s].\n", upn); *_upn = talloc_steal(mem_ctx, upn); ret = EOK; diff --git a/src/providers/krb5/krb5_delayed_online_authentication.c b/src/providers/krb5/krb5_delayed_online_authentication.c index 3518cb7d1..1d7f083a3 100644 --- a/src/providers/krb5/krb5_delayed_online_authentication.c +++ b/src/providers/krb5/krb5_delayed_online_authentication.c @@ -80,7 +80,7 @@ static void authenticate_user(struct tevent_context *ev, keysize = keyctl_read_alloc(pd->key_serial, (void **)&password); if (keysize == -1) { ret = errno; - DEBUG(1, ("keyctl_read failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "keyctl_read failed [%d][%s].\n", ret, strerror(ret)); return; } @@ -88,22 +88,22 @@ static void authenticate_user(struct tevent_context *ev, safezero(password, keysize); free(password); if (ret) { - DEBUG(1, ("failed to set password in auth token [%d][%s].\n", - ret, strerror(ret))); + DEBUG(1, "failed to set password in auth token [%d][%s].\n", + ret, strerror(ret)); return; } keyrevoke = keyctl_revoke(pd->key_serial); if (keyrevoke == -1) { ret = errno; - DEBUG(1, ("keyctl_revoke failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "keyctl_revoke failed [%d][%s].\n", ret, strerror(ret)); } #endif req = krb5_auth_send(auth_data, ev, auth_data->be_ctx, auth_data->pd, auth_data->krb5_ctx); if (req == NULL) { - DEBUG(1, ("krb5_auth_send failed.\n")); + DEBUG(1, "krb5_auth_send failed.\n"); talloc_free(auth_data); return; } @@ -121,14 +121,14 @@ static void authenticate_user_done(struct tevent_req *req) { ret = krb5_auth_recv(req, &pam_status, &dp_err); talloc_free(req); if (ret) { - DEBUG(1, ("krb5_auth request failed.\n")); + DEBUG(1, "krb5_auth request failed.\n"); } else { if (pam_status == PAM_SUCCESS) { - DEBUG(4, ("Successfully authenticated user [%s].\n", - auth_data->pd->user)); + DEBUG(4, "Successfully authenticated user [%s].\n", + auth_data->pd->user); } else { - DEBUG(1, ("Failed to authenticate user [%s].\n", - auth_data->pd->user)); + DEBUG(1, "Failed to authenticate user [%s].\n", + auth_data->pd->user); } } @@ -150,13 +150,13 @@ static errno_t authenticate_stored_users( ret = get_uid_table(deferred_auth_ctx, &uid_table); if (ret != HASH_SUCCESS) { - DEBUG(1, ("get_uid_table failed.\n")); + DEBUG(1, "get_uid_table failed.\n"); return ret; } iter = new_hash_iter_context(deferred_auth_ctx->user_table); if (iter == NULL) { - DEBUG(1, ("new_hash_iter_context failed.\n")); + DEBUG(1, "new_hash_iter_context failed.\n"); return EINVAL; } @@ -168,13 +168,13 @@ static errno_t authenticate_stored_users( ret = hash_lookup(uid_table, &key, &value); if (ret == HASH_SUCCESS) { - DEBUG(1, ("User [%s] is still logged in, " - "trying online authentication.\n", pd->user)); + DEBUG(1, "User [%s] is still logged in, " + "trying online authentication.\n", pd->user); auth_data = talloc_zero(deferred_auth_ctx->be_ctx, struct auth_data); if (auth_data == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); } else { auth_data->pd = talloc_steal(auth_data, pd); auth_data->krb5_ctx = deferred_auth_ctx->krb5_ctx; @@ -184,20 +184,20 @@ static errno_t authenticate_stored_users( auth_data, tevent_timeval_current(), authenticate_user, auth_data); if (te == NULL) { - DEBUG(1, ("tevent_add_timer failed.\n")); + DEBUG(1, "tevent_add_timer failed.\n"); } } } else { - DEBUG(1, ("User [%s] is not logged in anymore, " - "discarding online authentication.\n", pd->user)); + DEBUG(1, "User [%s] is not logged in anymore, " + "discarding online authentication.\n", pd->user); talloc_free(pd); } ret = hash_delete(deferred_auth_ctx->user_table, &entry->key); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_delete failed [%s].\n", - hash_error_string(ret))); + DEBUG(1, "hash_delete failed [%s].\n", + hash_error_string(ret)); } } @@ -213,15 +213,15 @@ static void delayed_online_authentication_callback(void *private_data) int ret; if (deferred_auth_ctx->user_table == NULL) { - DEBUG(1, ("Delayed online authentication activated, " - "but user table does not exists.\n")); + DEBUG(1, "Delayed online authentication activated, " + "but user table does not exists.\n"); return; } - DEBUG(5, ("Backend is online, starting delayed online authentication.\n")); + DEBUG(5, "Backend is online, starting delayed online authentication.\n"); ret = authenticate_stored_users(deferred_auth_ctx); if (ret != EOK) { - DEBUG(1, ("authenticate_stored_users failed.\n")); + DEBUG(1, "authenticate_stored_users failed.\n"); } return; @@ -237,23 +237,23 @@ errno_t add_user_to_delayed_online_authentication(struct krb5_ctx *krb5_ctx, struct pam_data *new_pd; if (krb5_ctx->deferred_auth_ctx == NULL) { - DEBUG(1, ("Missing context for delayed online authentication.\n")); + DEBUG(1, "Missing context for delayed online authentication.\n"); return EINVAL; } if (krb5_ctx->deferred_auth_ctx->user_table == NULL) { - DEBUG(1, ("user_table not available.\n")); + DEBUG(1, "user_table not available.\n"); return EINVAL; } if (sss_authtok_get_type(pd->authtok) != SSS_AUTHTOK_TYPE_PASSWORD) { - DEBUG(1, ("Invalid authtok for user [%s].\n", pd->user)); + DEBUG(1, "Invalid authtok for user [%s].\n", pd->user); return EINVAL; } ret = copy_pam_data(krb5_ctx->deferred_auth_ctx, pd, &new_pd); if (ret != EOK) { - DEBUG(1, ("copy_pam_data failed\n")); + DEBUG(1, "copy_pam_data failed\n"); return ENOMEM; } @@ -264,7 +264,7 @@ errno_t add_user_to_delayed_online_authentication(struct krb5_ctx *krb5_ctx, ret = sss_authtok_get_password(new_pd->authtok, &password, &len); if (ret) { - DEBUG(1, ("Failed to get password [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "Failed to get password [%d][%s].\n", ret, strerror(ret)); sss_authtok_set_empty(new_pd->authtok); talloc_free(new_pd); return ret; @@ -274,14 +274,14 @@ errno_t add_user_to_delayed_online_authentication(struct krb5_ctx *krb5_ctx, KEY_SPEC_SESSION_KEYRING); if (new_pd->key_serial == -1) { ret = errno; - DEBUG(1, ("add_key failed [%d][%s].\n", ret, strerror(ret))); + DEBUG(1, "add_key failed [%d][%s].\n", ret, strerror(ret)); sss_authtok_set_empty(new_pd->authtok); talloc_free(new_pd); return ret; } DEBUG(SSSDBG_TRACE_ALL, - ("Saved authtok of user [%s] with serial [%"SPRIkey_ser"].\n", - new_pd->user, new_pd->key_serial)); + "Saved authtok of user [%s] with serial [%"SPRIkey_ser"].\n", + new_pd->user, new_pd->key_serial); sss_authtok_set_empty(new_pd->authtok); #endif @@ -293,15 +293,15 @@ errno_t add_user_to_delayed_online_authentication(struct krb5_ctx *krb5_ctx, ret = hash_enter(krb5_ctx->deferred_auth_ctx->user_table, &key, &value); if (ret != HASH_SUCCESS) { - DEBUG(1, ("Cannot add user [%s] to table [%s], " + DEBUG(1, "Cannot add user [%s] to table [%s], " "delayed online authentication not possible.\n", - pd->user, hash_error_string(ret))); + pd->user, hash_error_string(ret)); talloc_free(new_pd); return ENOMEM; } - DEBUG(9, ("Added user [%s] successfully to " - "delayed online authentication.\n", pd->user)); + DEBUG(9, "Added user [%s] successfully to " + "delayed online authentication.\n", pd->user); return EOK; } @@ -316,24 +316,24 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx, ret = get_uid_table(krb5_ctx, &tmp_table); if (ret != EOK) { if (ret == ENOSYS) { - DEBUG(0, ("Delayed online auth was requested " - "on an unsupported system.\n")); + DEBUG(0, "Delayed online auth was requested " + "on an unsupported system.\n"); } else { - DEBUG(0, ("Delayed online auth was requested " - "but initialisation failed.\n")); + DEBUG(0, "Delayed online auth was requested " + "but initialisation failed.\n"); } return ret; } ret = hash_destroy(tmp_table); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_destroy failed [%s].\n", hash_error_string(ret))); + DEBUG(1, "hash_destroy failed [%s].\n", hash_error_string(ret)); return EFAULT; } krb5_ctx->deferred_auth_ctx = talloc_zero(krb5_ctx, struct deferred_auth_ctx); if (krb5_ctx->deferred_auth_ctx == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); return ENOMEM; } @@ -343,7 +343,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx, krb5_ctx->deferred_auth_ctx, NULL, NULL); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_create_ex failed [%s]\n", hash_error_string(ret))); + DEBUG(1, "hash_create_ex failed [%s]\n", hash_error_string(ret)); ret = ENOMEM; goto fail; } @@ -356,7 +356,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx, delayed_online_authentication_callback, krb5_ctx->deferred_auth_ctx, NULL); if (ret != EOK) { - DEBUG(1, ("be_add_online_cb failed.\n")); + DEBUG(1, "be_add_online_cb failed.\n"); goto fail; } diff --git a/src/providers/krb5/krb5_init.c b/src/providers/krb5/krb5_init.c index 91f701a18..71a97c10c 100644 --- a/src/providers/krb5/krb5_init.c +++ b/src/providers/krb5/krb5_init.c @@ -72,13 +72,13 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, if (krb5_options == NULL) { krb5_options = talloc_zero(bectx, struct krb5_options); if (krb5_options == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); return ENOMEM; } ret = krb5_get_options(krb5_options, bectx->cdb, bectx->conf_path, &krb5_options->opts); if (ret != EOK) { - DEBUG(1, ("krb5_get_options failed.\n")); + DEBUG(1, "krb5_get_options failed.\n"); return ret; } } @@ -91,7 +91,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, ctx = talloc_zero(bectx, struct krb5_ctx); if (!ctx) { - DEBUG(1, ("talloc failed.\n")); + DEBUG(1, "talloc failed.\n"); return ENOMEM; } krb5_options->auth_ctx = ctx; @@ -105,7 +105,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, krb5_realm = dp_opt_get_string(ctx->opts, KRB5_REALM); if (krb5_realm == NULL) { - DEBUG(0, ("Missing krb5_realm option!\n")); + DEBUG(0, "Missing krb5_realm option!\n"); return EINVAL; } @@ -116,7 +116,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, KRB5_USE_KDCINFO), &ctx->service); if (ret != EOK) { - DEBUG(0, ("Failed to init KRB5 failover service!\n")); + DEBUG(0, "Failed to init KRB5 failover service!\n"); return ret; } @@ -124,15 +124,15 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, krb5_backup_kpasswd_servers = dp_opt_get_string(ctx->opts, KRB5_BACKUP_KPASSWD); if (krb5_kpasswd_servers == NULL && krb5_backup_kpasswd_servers != NULL) { - DEBUG(SSSDBG_CONF_SETTINGS, ("kpasswd server wasn't specified but " - "backup kpasswd given. Using it as primary\n")); + DEBUG(SSSDBG_CONF_SETTINGS, "kpasswd server wasn't specified but " + "backup kpasswd given. Using it as primary\n"); krb5_kpasswd_servers = krb5_backup_kpasswd_servers; krb5_backup_kpasswd_servers = NULL; } if (krb5_kpasswd_servers == NULL && krb5_servers != NULL) { - DEBUG(0, ("Missing krb5_kpasswd option and KDC set explicitly, " - "will use KDC for pasword change operations!\n")); + DEBUG(0, "Missing krb5_kpasswd option and KDC set explicitly, " + "will use KDC for pasword change operations!\n"); ctx->kpasswd_service = NULL; } else { ret = krb5_service_init(ctx, bectx, @@ -142,7 +142,7 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, KRB5_USE_KDCINFO), &ctx->kpasswd_service); if (ret != EOK) { - DEBUG(0, ("Failed to init KRB5KPASSWD failover service!\n")); + DEBUG(0, "Failed to init KRB5KPASSWD failover service!\n"); return ret; } } @@ -151,16 +151,16 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, ret = krb5_child_init(ctx, bectx); if (ret != EOK) { DEBUG(SSSDBG_FATAL_FAILURE, - ("Could not initialize krb5_child settings: [%s]\n", - strerror(ret))); + "Could not initialize krb5_child settings: [%s]\n", + strerror(ret)); goto fail; } ctx->illegal_path_re = pcre_compile2(ILLEGAL_PATH_PATTERN, 0, &errval, &errstr, &errpos, NULL); if (ctx->illegal_path_re == NULL) { - DEBUG(1, ("Invalid Regular Expression pattern at position %d. " - "(Error: %d [%s])\n", errpos, errval, errstr)); + DEBUG(1, "Invalid Regular Expression pattern at position %d. " + "(Error: %d [%s])\n", errpos, errval, errstr); ret = EFAULT; goto fail; } diff --git a/src/providers/krb5/krb5_init_shared.c b/src/providers/krb5/krb5_init_shared.c index 4573d75d2..619237b9f 100644 --- a/src/providers/krb5/krb5_init_shared.c +++ b/src/providers/krb5/krb5_init_shared.c @@ -39,7 +39,7 @@ errno_t krb5_child_init(struct krb5_ctx *krb5_auth_ctx, ret = init_delayed_online_authentication(krb5_auth_ctx, bectx, bectx->ev); if (ret != EOK) { - DEBUG(1, ("init_delayed_online_authentication failed.\n")); + DEBUG(1, "init_delayed_online_authentication failed.\n"); goto done; } } @@ -49,7 +49,7 @@ errno_t krb5_child_init(struct krb5_ctx *krb5_auth_ctx, ret = krb5_string_to_deltat(renew_interval_str, &renew_interval_delta); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, - ("Reading krb5_renew_interval failed.\n")); + "Reading krb5_renew_interval failed.\n"); renew_interval_delta = 0; } renew_intv = renew_interval_delta; @@ -58,7 +58,7 @@ errno_t krb5_child_init(struct krb5_ctx *krb5_auth_ctx, if (renew_intv > 0) { ret = init_renew_tgt(krb5_auth_ctx, bectx, bectx->ev, renew_intv); if (ret != EOK) { - DEBUG(1, ("init_renew_tgt failed.\n")); + DEBUG(1, "init_renew_tgt failed.\n"); goto done; } } @@ -66,33 +66,33 @@ errno_t krb5_child_init(struct krb5_ctx *krb5_auth_ctx, ret = check_and_export_options(krb5_auth_ctx->opts, bectx->domain, krb5_auth_ctx); if (ret != EOK) { - DEBUG(1, ("check_and_export_opts failed.\n")); + DEBUG(1, "check_and_export_opts failed.\n"); goto done; } ret = krb5_install_offline_callback(bectx, krb5_auth_ctx); if (ret != EOK) { - DEBUG(1, ("krb5_install_offline_callback failed.\n")); + DEBUG(1, "krb5_install_offline_callback failed.\n"); goto done; } ret = krb5_install_sigterm_handler(bectx->ev, krb5_auth_ctx); if (ret != EOK) { - DEBUG(1, ("krb5_install_sigterm_handler failed.\n")); + DEBUG(1, "krb5_install_sigterm_handler failed.\n"); goto done; } if (debug_to_file != 0) { ret = open_debug_file_ex(KRB5_CHILD_LOG_FILE, &debug_filep, false); if (ret != EOK) { - DEBUG(0, ("Error setting up logging (%d) [%s]\n", - ret, strerror(ret))); + DEBUG(0, "Error setting up logging (%d) [%s]\n", + ret, strerror(ret)); goto done; } krb5_auth_ctx->child_debug_fd = fileno(debug_filep); if (krb5_auth_ctx->child_debug_fd == -1) { - DEBUG(0, ("fileno failed [%d][%s]\n", errno, strerror(errno))); + DEBUG(0, "fileno failed [%d][%s]\n", errno, strerror(errno)); ret = errno; goto done; } diff --git a/src/providers/krb5/krb5_renew_tgt.c b/src/providers/krb5/krb5_renew_tgt.c index 5d5a25b87..2577d98ca 100644 --- a/src/providers/krb5/krb5_renew_tgt.c +++ b/src/providers/krb5/krb5_renew_tgt.c @@ -68,7 +68,7 @@ static void renew_tgt(struct tevent_context *ev, struct tevent_timer *te, req = krb5_auth_send(auth_data, ev, auth_data->be_ctx, auth_data->pd, auth_data->krb5_ctx); if (req == NULL) { - DEBUG(1, ("krb5_auth_send failed.\n")); + DEBUG(1, "krb5_auth_send failed.\n"); /* Give back the pam data to the renewal item to be able to retry at the next * time the renewals re run. */ auth_data->renew_data->pd = talloc_steal(auth_data->renew_data, @@ -92,17 +92,17 @@ static void renew_tgt_done(struct tevent_req *req) ret = krb5_auth_recv(req, &pam_status, &dp_err); talloc_free(req); if (ret) { - DEBUG(1, ("krb5_auth request failed.\n")); + DEBUG(1, "krb5_auth request failed.\n"); if (auth_data->renew_data != NULL) { - DEBUG(5, ("Giving back pam data.\n")); + DEBUG(5, "Giving back pam data.\n"); auth_data->renew_data->pd = talloc_steal(auth_data->renew_data, auth_data->pd); } } else { switch (pam_status) { case PAM_SUCCESS: - DEBUG(4, ("Successfully renewed TGT for user [%s].\n", - auth_data->pd->user)); + DEBUG(4, "Successfully renewed TGT for user [%s].\n", + auth_data->pd->user); /* In general a successful renewal will update the renewal item and free the * old data. But if the TGT has reached the end of his renewable lifetime it * will not be put into the list of renewable tickets again. In this case the @@ -114,33 +114,33 @@ static void renew_tgt_done(struct tevent_req *req) if (value.type == HASH_VALUE_PTR && auth_data->renew_data == talloc_get_type(value.ptr, struct renew_data)) { - DEBUG(5, ("New TGT was not added for renewal, " + DEBUG(5, "New TGT was not added for renewal, " "removing list entry for user [%s].\n", - auth_data->pd->user)); + auth_data->pd->user); ret = hash_delete(auth_data->table, &auth_data->key); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_delete failed.\n")); + DEBUG(1, "hash_delete failed.\n"); } } } break; case PAM_AUTHINFO_UNAVAIL: case PAM_AUTHTOK_LOCK_BUSY: - DEBUG(4, ("Cannot renewed TGT for user [%s] while offline, " + DEBUG(4, "Cannot renewed TGT for user [%s] while offline, " "will retry later.\n", - auth_data->pd->user)); + auth_data->pd->user); if (auth_data->renew_data != NULL) { - DEBUG(5, ("Giving back pam data.\n")); + DEBUG(5, "Giving back pam data.\n"); auth_data->renew_data->pd = talloc_steal(auth_data->renew_data, auth_data->pd); } break; default: - DEBUG(1, ("Failed to renew TGT for user [%s].\n", - auth_data->pd->user)); + DEBUG(1, "Failed to renew TGT for user [%s].\n", + auth_data->pd->user); ret = hash_delete(auth_data->table, &auth_data->key); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_delete failed.\n")); + DEBUG(1, "hash_delete failed.\n"); } } } @@ -161,7 +161,7 @@ static errno_t renew_all_tgts(struct renew_tgt_ctx *renew_tgt_ctx) ret = hash_entries(renew_tgt_ctx->tgt_table, &count, &entries); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_entries failed.\n")); + DEBUG(1, "hash_entries failed.\n"); return ENOMEM; } @@ -169,14 +169,14 @@ static errno_t renew_all_tgts(struct renew_tgt_ctx *renew_tgt_ctx) for (c = 0; c < count; c++) { renew_data = talloc_get_type(entries[c].value.ptr, struct renew_data); - DEBUG(9, ("Checking [%s] for renewal at [%.24s].\n", renew_data->ccfile, - ctime(&renew_data->start_renew_at))); + DEBUG(9, "Checking [%s] for renewal at [%.24s].\n", renew_data->ccfile, + ctime(&renew_data->start_renew_at)); /* If renew_data->pd == NULL a renewal request for this data is * currently running so we skip it. */ if (renew_data->start_renew_at < now && renew_data->pd != NULL) { auth_data = talloc_zero(renew_tgt_ctx, struct auth_data); if (auth_data == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); } else { /* We need to steal the pam_data here, because a successful renewal of the * ticket might add a new renewal item to the list with the same key (upn). @@ -196,22 +196,22 @@ static errno_t renew_all_tgts(struct renew_tgt_ctx *renew_tgt_ctx) auth_data->key.str = talloc_strdup(auth_data, entries[c].key.str); if (auth_data->key.str == NULL) { - DEBUG(1, ("talloc_strdup failed.\n")); + DEBUG(1, "talloc_strdup failed.\n"); } else { te = tevent_add_timer(renew_tgt_ctx->ev, auth_data, tevent_timeval_current(), renew_tgt, auth_data); if (te == NULL) { - DEBUG(1, ("tevent_add_timer failed.\n")); + DEBUG(1, "tevent_add_timer failed.\n"); } } } if (auth_data == NULL || te == NULL) { - DEBUG(1, ("Failed to renew TGT in [%s].\n", renew_data->ccfile)); + DEBUG(1, "Failed to renew TGT in [%s].\n", renew_data->ccfile); ret = hash_delete(renew_tgt_ctx->tgt_table, &entries[c].key); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_delete failed.\n")); + DEBUG(1, "hash_delete failed.\n"); } } } @@ -259,25 +259,25 @@ static void renew_handler(struct renew_tgt_ctx *renew_tgt_ctx) int ret; if (be_is_offline(renew_tgt_ctx->be_ctx)) { - DEBUG(4, ("Offline, disable renew timer.\n")); + DEBUG(4, "Offline, disable renew timer.\n"); return; } ret = renew_all_tgts(renew_tgt_ctx); if (ret != EOK) { - DEBUG(1, ("renew_all_tgts failed. " - "Disabling automatic TGT renewal\n")); + DEBUG(1, "renew_all_tgts failed. " + "Disabling automatic TGT renewal\n"); sss_log(SSS_LOG_ERR, "Disabling automatic TGT renewal."); talloc_zfree(renew_tgt_ctx); return; } if (renew_tgt_ctx->te != NULL) { - DEBUG(7, ("There is an active renewal timer, doing nothing.\n")); + DEBUG(7, "There is an active renewal timer, doing nothing.\n"); return; } - DEBUG(7, ("Adding new renew timer.\n")); + DEBUG(7, "Adding new renew timer.\n"); next = tevent_timeval_current_ofs(renew_tgt_ctx->timer_interval, 0); @@ -285,7 +285,7 @@ static void renew_handler(struct renew_tgt_ctx *renew_tgt_ctx) next, renew_tgt_timer_handler, renew_tgt_ctx); if (renew_tgt_ctx->te == NULL) { - DEBUG(1, ("tevent_add_timer failed.\n")); + DEBUG(1, "tevent_add_timer failed.\n"); sss_log(SSS_LOG_ERR, "Disabling automatic TGT renewal."); talloc_zfree(renew_tgt_ctx); } @@ -303,7 +303,7 @@ static void renew_del_cb(hash_entry_t *entry, hash_destroy_enum type, void *pvt) return; } - DEBUG(1, ("Unexpected value type [%d].\n", entry->value.type)); + DEBUG(1, "Unexpected value type [%d].\n", entry->value.type); } static errno_t check_ccache_file(struct renew_tgt_ctx *renew_tgt_ctx, @@ -318,10 +318,10 @@ static errno_t check_ccache_file(struct renew_tgt_ctx *renew_tgt_ctx, const char *filename; if (ccache_file == NULL || upn == NULL || user_name == NULL) { - DEBUG(6, ("Missing one of the needed attributes: [%s][%s][%s].\n", + DEBUG(6, "Missing one of the needed attributes: [%s][%s][%s].\n", ccache_file == NULL ? "cache file missing" : ccache_file, upn == NULL ? "principal missing" : upn, - user_name == NULL ? "user name missing" : user_name)); + user_name == NULL ? "user name missing" : user_name); return EINVAL; } @@ -339,12 +339,12 @@ static errno_t check_ccache_file(struct renew_tgt_ctx *renew_tgt_ctx, return ret; } - DEBUG(9, ("Found ccache file [%s].\n", ccache_file)); + DEBUG(9, "Found ccache file [%s].\n", ccache_file); memset(&tgtt, 0, sizeof(tgtt)); ret = get_ccache_file_data(ccache_file, upn, &tgtt); if (ret != EOK) { - DEBUG(1, ("get_ccache_file_data failed.\n")); + DEBUG(1, "get_ccache_file_data failed.\n"); return ret; } @@ -354,15 +354,15 @@ static errno_t check_ccache_file(struct renew_tgt_ctx *renew_tgt_ctx, now = time(NULL); if (tgtt.renew_till > tgtt.endtime && tgtt.renew_till > now && tgtt.endtime > now) { - DEBUG(7, ("Adding [%s] for automatic renewal.\n", ccache_file)); + DEBUG(7, "Adding [%s] for automatic renewal.\n", ccache_file); ret = add_tgt_to_renew_table(renew_tgt_ctx->krb5_ctx, ccache_file, &tgtt, &pd, upn); if (ret != EOK) { - DEBUG(1, ("add_tgt_to_renew_table failed, " - "automatic renewal not possible.\n")); + DEBUG(1, "add_tgt_to_renew_table failed, " + "automatic renewal not possible.\n"); } } else { - DEBUG(9, ("TGT in [%s] for [%s] is too old.\n", ccache_file, upn)); + DEBUG(9, "TGT in [%s] for [%s] is too old.\n", ccache_file, upn); } return EOK; @@ -388,13 +388,13 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(1, ("talloc_new failed.\n")); + DEBUG(1, "talloc_new failed.\n"); return ENOMEM; } base_dn = sysdb_base_dn(renew_tgt_ctx->be_ctx->domain->sysdb, tmp_ctx); if (base_dn == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("sysdb_base_dn failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "sysdb_base_dn failed.\n"); ret = ENOMEM; goto done; } @@ -403,23 +403,23 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) LDB_SCOPE_SUBTREE, ccache_filter, ccache_attrs, &msgs_count, &msgs); if (ret != EOK) { - DEBUG(1, ("sysdb_search_entry failed.\n")); + DEBUG(1, "sysdb_search_entry failed.\n"); goto done; } if (msgs_count == 0) { - DEBUG(9, ("No entries with ccache file found in cache.\n")); + DEBUG(9, "No entries with ccache file found in cache.\n"); ret = EOK; goto done; } DEBUG(SSSDBG_TRACE_ALL, - ("Found [%zu] entries with ccache file in cache.\n", msgs_count)); + "Found [%zu] entries with ccache file in cache.\n", msgs_count); for (c = 0; c < msgs_count; c++) { user_name = ldb_msg_find_attr_as_string(msgs[c], SYSDB_NAME, NULL); if (user_name == NULL) { - DEBUG(1, ("No user name found, this is a severe error, " - "but we ignore it here.\n")); + DEBUG(1, "No user name found, this is a severe error, " + "but we ignore it here.\n"); continue; } @@ -429,15 +429,15 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) user_dom_val = ldb_dn_get_component_val(msgs[c]->dn, 2); if (user_dom_val == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("Invalid user DN [%s].\n", - ldb_dn_get_linearized(msgs[c]->dn))); + DEBUG(SSSDBG_OP_FAILURE, "Invalid user DN [%s].\n", + ldb_dn_get_linearized(msgs[c]->dn)); ret = EINVAL; goto done; } user_dom = talloc_strndup(tmp_ctx, (char *) user_dom_val->data, user_dom_val->length); if (user_dom == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("talloc_strndup failed,\n")); + DEBUG(SSSDBG_OP_FAILURE, "talloc_strndup failed,\n"); ret = ENOMEM; goto done; } @@ -446,7 +446,7 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) renew_tgt_ctx->be_ctx->domain, user_name, user_dom, &upn); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("find_or_guess_upn failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "find_or_guess_upn failed.\n"); goto done; } @@ -455,7 +455,7 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) ret = check_ccache_file(renew_tgt_ctx, ccache_file, upn, user_name); if (ret != EOK) { - DEBUG(5, ("Failed to check ccache file [%s].\n", ccache_file)); + DEBUG(5, "Failed to check ccache file [%s].\n", ccache_file); } } @@ -475,7 +475,7 @@ errno_t init_renew_tgt(struct krb5_ctx *krb5_ctx, struct be_ctx *be_ctx, krb5_ctx->renew_tgt_ctx = talloc_zero(krb5_ctx, struct renew_tgt_ctx); if (krb5_ctx->renew_tgt_ctx == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); return ENOMEM; } @@ -483,7 +483,7 @@ errno_t init_renew_tgt(struct krb5_ctx *krb5_ctx, struct be_ctx *be_ctx, &krb5_ctx->renew_tgt_ctx->tgt_table, 0, 0, 0, 0, renew_del_cb, NULL); if (ret != EOK) { - DEBUG(1, ("sss_hash_create failed.\n")); + DEBUG(1, "sss_hash_create failed.\n"); goto fail; } @@ -494,7 +494,7 @@ errno_t init_renew_tgt(struct krb5_ctx *krb5_ctx, struct be_ctx *be_ctx, ret = check_ccache_files(krb5_ctx->renew_tgt_ctx); if (ret != EOK) { - DEBUG(1, ("Failed to read ccache files, continuing ...\n")); + DEBUG(1, "Failed to read ccache files, continuing ...\n"); } next = tevent_timeval_current_ofs(krb5_ctx->renew_tgt_ctx->timer_interval, @@ -503,26 +503,26 @@ errno_t init_renew_tgt(struct krb5_ctx *krb5_ctx, struct be_ctx *be_ctx, next, renew_tgt_timer_handler, krb5_ctx->renew_tgt_ctx); if (krb5_ctx->renew_tgt_ctx->te == NULL) { - DEBUG(1, ("tevent_add_timer failed.\n")); + DEBUG(1, "tevent_add_timer failed.\n"); ret = ENOMEM; goto fail; } - DEBUG(7, ("Adding offline callback to remove renewal timer.\n")); + DEBUG(7, "Adding offline callback to remove renewal timer.\n"); ret = be_add_offline_cb(krb5_ctx->renew_tgt_ctx, be_ctx, renew_tgt_offline_callback, krb5_ctx->renew_tgt_ctx, NULL); if (ret != EOK) { - DEBUG(1, ("Failed to add offline callback.\n")); + DEBUG(1, "Failed to add offline callback.\n"); goto fail; } - DEBUG(7, ("Adding renewal task to online callbacks.\n")); + DEBUG(7, "Adding renewal task to online callbacks.\n"); ret = be_add_online_cb(krb5_ctx->renew_tgt_ctx, be_ctx, renew_tgt_online_callback, krb5_ctx->renew_tgt_ctx, NULL); if (ret != EOK) { - DEBUG(1, ("Failed to add renewal task to online callbacks.\n")); + DEBUG(1, "Failed to add renewal task to online callbacks.\n"); goto fail; } @@ -543,19 +543,19 @@ errno_t add_tgt_to_renew_table(struct krb5_ctx *krb5_ctx, const char *ccfile, struct renew_data *renew_data = NULL; if (krb5_ctx->renew_tgt_ctx == NULL) { - DEBUG(7 ,("Renew context not initialized, " - "automatic renewal not available.\n")); + DEBUG(7 ,"Renew context not initialized, " + "automatic renewal not available.\n"); return EOK; } if (pd->cmd != SSS_PAM_AUTHENTICATE && pd->cmd != SSS_CMD_RENEW && pd->cmd != SSS_PAM_CHAUTHTOK) { - DEBUG(1, ("Unexpected pam task [%d].\n", pd->cmd)); + DEBUG(1, "Unexpected pam task [%d].\n", pd->cmd); return EINVAL; } if (upn == NULL) { - DEBUG(1, ("Missing user principal name.\n")); + DEBUG(1, "Missing user principal name.\n"); return EINVAL; } @@ -566,7 +566,7 @@ errno_t add_tgt_to_renew_table(struct krb5_ctx *krb5_ctx, const char *ccfile, renew_data = talloc_zero(krb5_ctx->renew_tgt_ctx, struct renew_data); if (renew_data == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); ret = ENOMEM; goto done; } @@ -574,7 +574,7 @@ errno_t add_tgt_to_renew_table(struct krb5_ctx *krb5_ctx, const char *ccfile, if (ccfile[0] == '/') { renew_data->ccfile = talloc_asprintf(renew_data, "FILE:%s", ccfile); if (renew_data->ccfile == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); ret = ENOMEM; goto done; } @@ -589,7 +589,7 @@ errno_t add_tgt_to_renew_table(struct krb5_ctx *krb5_ctx, const char *ccfile, ret = copy_pam_data(renew_data, pd, &renew_data->pd); if (ret != EOK) { - DEBUG(1, ("copy_pam_data failed.\n")); + DEBUG(1, "copy_pam_data failed.\n"); goto done; } @@ -597,7 +597,7 @@ errno_t add_tgt_to_renew_table(struct krb5_ctx *krb5_ctx, const char *ccfile, ret = sss_authtok_set_ccfile(renew_data->pd->authtok, renew_data->ccfile, 0); if (ret) { - DEBUG(1, ("Failed to store ccfile in auth token.\n")); + DEBUG(1, "Failed to store ccfile in auth token.\n"); goto done; } @@ -608,13 +608,13 @@ errno_t add_tgt_to_renew_table(struct krb5_ctx *krb5_ctx, const char *ccfile, ret = hash_enter(krb5_ctx->renew_tgt_ctx->tgt_table, &key, &value); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_enter failed.\n")); + DEBUG(1, "hash_enter failed.\n"); ret = EFAULT; goto done; } - DEBUG(7, ("Added [%s] for renewal at [%.24s].\n", renew_data->ccfile, - ctime(&renew_data->start_renew_at))); + DEBUG(7, "Added [%s] for renewal at [%.24s].\n", renew_data->ccfile, + ctime(&renew_data->start_renew_at)); ret = EOK; diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c index 47c2dd5b8..ad880de92 100644 --- a/src/providers/krb5/krb5_utils.c +++ b/src/providers/krb5/krb5_utils.c @@ -59,7 +59,7 @@ errno_t find_or_guess_upn(TALLOC_CTX *mem_ctx, struct ldb_message *msg, ret = krb5_get_simple_upn(mem_ctx, krb5_ctx, dom, user, user_dom, _upn); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("krb5_get_simple_upn failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "krb5_get_simple_upn failed.\n"); return ret; } @@ -67,7 +67,7 @@ done: if (ret == EOK && upn != NULL) { *_upn = talloc_strdup(mem_ctx, upn); if (*_upn == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("talloc_strdup failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "talloc_strdup failed.\n"); return ENOMEM; } } @@ -96,19 +96,19 @@ errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb, tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("talloc_new failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n"); return ENOMEM; } ret = sysdb_get_user_attr(tmp_ctx, domain, user, attrs, &res); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("sysdb_get_user_attr failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "sysdb_get_user_attr failed.\n"); goto done; } if (res->count != 1) { - DEBUG(SSSDBG_OP_FAILURE, ("[%d] user objects for name [%s] found, " \ - "expected 1.\n", res->count, user)); + DEBUG(SSSDBG_OP_FAILURE, "[%d] user objects for name [%s] found, " \ + "expected 1.\n", res->count, user); ret = EINVAL; goto done; } @@ -116,8 +116,8 @@ errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb, cached_upn = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_UPN, NULL); if (cached_upn != NULL && strcmp(cached_upn, upn) == 0) { - DEBUG(SSSDBG_TRACE_ALL, ("Cached UPN and new one match, " - "nothing to do.\n")); + DEBUG(SSSDBG_TRACE_ALL, "Cached UPN and new one match, " + "nothing to do.\n"); ret = EOK; goto done; } @@ -128,35 +128,35 @@ errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb, if (cached_canonical_upn != NULL && strcmp(cached_canonical_upn, upn) == 0) { - DEBUG(SSSDBG_TRACE_ALL, ("Cached canonical UPN and new one match, " - "nothing to do.\n")); + DEBUG(SSSDBG_TRACE_ALL, "Cached canonical UPN and new one match, " + "nothing to do.\n"); ret = EOK; goto done; } - DEBUG(SSSDBG_TRACE_LIBS, ("Replacing canonical UPN [%s] with [%s] " \ + DEBUG(SSSDBG_TRACE_LIBS, "Replacing canonical UPN [%s] with [%s] " \ "for user [%s].\n", cached_canonical_upn == NULL ? "empty" : cached_canonical_upn, - upn, user)); + upn, user); new_attrs = sysdb_new_attrs(tmp_ctx); if (new_attrs == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("sysdb_new_attrs failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "sysdb_new_attrs failed.\n"); ret = ENOMEM; goto done; } ret = sysdb_attrs_add_string(new_attrs, SYSDB_CANONICAL_UPN, upn); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("sysdb_attrs_add_string failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "sysdb_attrs_add_string failed.\n"); goto done; } ret = sysdb_transaction_start(sysdb); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, - ("Error %d starting transaction (%s)\n", ret, strerror(ret))); + "Error %d starting transaction (%s)\n", ret, strerror(ret)); goto done; } in_transaction = true; @@ -165,14 +165,14 @@ errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb, cached_canonical_upn == NULL ? SYSDB_MOD_ADD : SYSDB_MOD_REP); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("sysdb_set_entry_attr failed [%d][%s].\n", - ret, strerror(ret))); + DEBUG(SSSDBG_OP_FAILURE, "sysdb_set_entry_attr failed [%d][%s].\n", + ret, strerror(ret)); goto done; } ret = sysdb_transaction_commit(sysdb); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, ("Failed to commit transaction!\n")); + DEBUG(SSSDBG_OP_FAILURE, "Failed to commit transaction!\n"); goto done; } in_transaction = false; @@ -183,7 +183,7 @@ done: if (in_transaction) { sret = sysdb_transaction_cancel(sysdb); if (sret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to cancel transaction\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to cancel transaction\n"); } } @@ -218,7 +218,7 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, bool rerun; if (template == NULL) { - DEBUG(1, ("Missing template.\n")); + DEBUG(1, "Missing template.\n"); return NULL; } @@ -227,13 +227,13 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, copy = talloc_strdup(tmp_ctx, template); if (copy == NULL) { - DEBUG(1, ("talloc_strdup failed.\n")); + DEBUG(1, "talloc_strdup failed.\n"); goto done; } result = talloc_strdup(tmp_ctx, ""); if (result == NULL) { - DEBUG(1, ("talloc_strdup failed.\n")); + DEBUG(1, "talloc_strdup failed.\n"); goto done; } @@ -242,7 +242,7 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, *n = '\0'; n++; if ( *n == '\0' ) { - DEBUG(1, ("format error, single %% at the end of the template.\n")); + DEBUG(1, "format error, single %% at the end of the template.\n"); goto done; } @@ -253,15 +253,15 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, switch (action) { case 'u': if (kr->pd->user == NULL) { - DEBUG(1, ("Cannot expand user name template " - "because user name is empty.\n")); + DEBUG(1, "Cannot expand user name template " + "because user name is empty.\n"); goto done; } name = sss_get_cased_name(tmp_ctx, kr->pd->user, case_sensitive); if (!name) { DEBUG(SSSDBG_CRIT_FAILURE, - ("sss_get_cased_name failed\n")); + "sss_get_cased_name failed\n"); goto done; } @@ -270,8 +270,8 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, break; case 'U': if (kr->uid <= 0) { - DEBUG(1, ("Cannot expand uid template " - "because uid is invalid.\n")); + DEBUG(1, "Cannot expand uid template " + "because uid is invalid.\n"); goto done; } result = talloc_asprintf_append(result, "%s%"SPRIuid, p, @@ -279,8 +279,8 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, break; case 'p': if (kr->upn == NULL) { - DEBUG(1, ("Cannot expand user principal name template " - "because upn is empty.\n")); + DEBUG(1, "Cannot expand user principal name template " + "because upn is empty.\n"); goto done; } result = talloc_asprintf_append(result, "%s%s", p, kr->upn); @@ -291,15 +291,15 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, case 'r': dummy = dp_opt_get_string(kr->krb5_ctx->opts, KRB5_REALM); if (dummy == NULL) { - DEBUG(1, ("Missing kerberos realm.\n")); + DEBUG(1, "Missing kerberos realm.\n"); goto done; } result = talloc_asprintf_append(result, "%s%s", p, dummy); break; case 'h': if (kr->homedir == NULL) { - DEBUG(1, ("Cannot expand home directory template " - "because the path is not available.\n")); + DEBUG(1, "Cannot expand home directory template " + "because the path is not available.\n"); goto done; } result = talloc_asprintf_append(result, "%s%s", p, kr->homedir); @@ -309,32 +309,32 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, cache_dir_tmpl = dp_opt_get_string(kr->krb5_ctx->opts, KRB5_CCACHEDIR); if (cache_dir_tmpl == NULL) { - DEBUG(1, ("Missing credential cache directory.\n")); + DEBUG(1, "Missing credential cache directory.\n"); goto done; } dummy = expand_ccname_template(tmp_ctx, kr, cache_dir_tmpl, false, case_sensitive); if (dummy == NULL) { - DEBUG(1, ("Expanding credential cache directory " - "template failed.\n")); + DEBUG(1, "Expanding credential cache directory " + "template failed.\n"); goto done; } result = talloc_asprintf_append(result, "%s%s", p, dummy); talloc_zfree(dummy); } else { - DEBUG(1, ("'%%d' is not allowed in this template.\n")); + DEBUG(1, "'%%d' is not allowed in this template.\n"); goto done; } break; case 'P': if (!file_mode) { - DEBUG(1, ("'%%P' is not allowed in this template.\n")); + DEBUG(1, "'%%P' is not allowed in this template.\n"); goto done; } if (kr->pd->cli_pid == 0) { - DEBUG(1, ("Cannot expand PID template " - "because PID is not available.\n")); + DEBUG(1, "Cannot expand PID template " + "because PID is not available.\n"); goto done; } result = talloc_asprintf_append(result, "%s%d", p, @@ -371,10 +371,10 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, name = n; n = strchr(name, '}'); if (!n) { - DEBUG(SSSDBG_CRIT_FAILURE, ( + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid substitution sequence in cache " "template. Missing closing '}' in [%s].\n", - template)); + template); goto done; } result = talloc_asprintf_append(result, "%s%%%.*s", p, @@ -382,13 +382,13 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, } break; default: - DEBUG(1, ("format error, unknown template [%%%c].\n", *n)); + DEBUG(1, "format error, unknown template [%%%c].\n", *n); goto done; } } if (result == NULL) { - DEBUG(1, ("talloc_asprintf_append failed.\n")); + DEBUG(1, "talloc_asprintf_append failed.\n"); goto done; } @@ -397,7 +397,7 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, result = talloc_asprintf_append(result, "%s", p); if (result == NULL) { - DEBUG(1, ("talloc_asprintf_append failed.\n")); + DEBUG(1, "talloc_asprintf_append failed.\n"); goto done; } @@ -413,24 +413,24 @@ static errno_t check_parent_stat(struct stat *parent_stat, if (!((parent_stat->st_uid == 0 && parent_stat->st_gid == 0) || parent_stat->st_uid == uid)) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Private directory can only be created below a directory " + "Private directory can only be created below a directory " "belonging to root or to [%"SPRIuid"][%"SPRIgid"].\n", - uid, gid)); + uid, gid); return EINVAL; } if (parent_stat->st_uid == uid) { if (!(parent_stat->st_mode & S_IXUSR)) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Parent directory does not have the search bit set for " - "the owner.\n")); + "Parent directory does not have the search bit set for " + "the owner.\n"); return EINVAL; } } else { if (!(parent_stat->st_mode & S_IXOTH)) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Parent directory does not have the search bit set for " - "others.\n")); + "Parent directory does not have the search bit set for " + "others.\n"); return EINVAL; } } @@ -458,7 +458,7 @@ static errno_t find_ccdir_parent_data(TALLOC_CTX *mem_ctx, if (ret == EOK) { if ( !S_ISDIR(parent_stat->st_mode) ) { DEBUG(SSSDBG_MINOR_FAILURE, - ("[%s] is not a directory.\n", ccdirname)); + "[%s] is not a directory.\n", ccdirname); return EINVAL; } return EOK; @@ -466,8 +466,8 @@ static errno_t find_ccdir_parent_data(TALLOC_CTX *mem_ctx, if (errno != ENOENT) { ret = errno; DEBUG(SSSDBG_MINOR_FAILURE, - ("stat for [%s] failed: [%d][%s].\n", ccdirname, ret, - strerror(ret))); + "stat for [%s] failed: [%d][%s].\n", ccdirname, ret, + strerror(ret)); return ret; } } @@ -475,14 +475,14 @@ static errno_t find_ccdir_parent_data(TALLOC_CTX *mem_ctx, li = talloc_zero(mem_ctx, struct string_list); if (li == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, - ("talloc_zero failed.\n")); + "talloc_zero failed.\n"); return ENOMEM; } li->s = talloc_strdup(li, ccdirname); if (li->s == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, - ("talloc_strdup failed.\n")); + "talloc_strdup failed.\n"); return ENOMEM; } @@ -491,7 +491,7 @@ static errno_t find_ccdir_parent_data(TALLOC_CTX *mem_ctx, parent = talloc_strdup(mem_ctx, ccdirname); if (parent == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, - ("talloc_strdup failed.\n")); + "talloc_strdup failed.\n"); return ENOMEM; } @@ -502,8 +502,8 @@ static errno_t find_ccdir_parent_data(TALLOC_CTX *mem_ctx, end = strrchr(parent, '/'); if (end == NULL || end == parent) { DEBUG(SSSDBG_MINOR_FAILURE, - ("Cannot find parent directory of [%s], / is not allowed.\n", - ccdirname)); + "Cannot find parent directory of [%s], / is not allowed.\n", + ccdirname); ret = EINVAL; goto done; } @@ -526,16 +526,16 @@ check_ccache_re(const char *filename, pcre *illegal_re) 0, 0, NULL, 0); if (ret == 0) { DEBUG(SSSDBG_OP_FAILURE, - ("Illegal pattern in ccache directory name [%s].\n", filename)); + "Illegal pattern in ccache directory name [%s].\n", filename); return EINVAL; } else if (ret == PCRE_ERROR_NOMATCH) { DEBUG(SSSDBG_TRACE_LIBS, - ("Ccache directory name [%s] does not contain " - "illegal patterns.\n", filename)); + "Ccache directory name [%s] does not contain " + "illegal patterns.\n", filename); return EOK; } - DEBUG(SSSDBG_CRIT_FAILURE, ("pcre_exec failed [%d].\n", ret)); + DEBUG(SSSDBG_CRIT_FAILURE, "pcre_exec failed [%d].\n", ret); return EFAULT; } @@ -554,13 +554,13 @@ create_ccache_dir(const char *ccdirname, pcre *illegal_re, tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, - ("talloc_new failed.\n")); + "talloc_new failed.\n"); return ENOMEM; } if (*ccdirname != '/') { DEBUG(SSSDBG_MINOR_FAILURE, - ("Only absolute paths are allowed, not [%s] .\n", ccdirname)); + "Only absolute paths are allowed, not [%s] .\n", ccdirname); ret = EINVAL; goto done; } @@ -576,20 +576,20 @@ create_ccache_dir(const char *ccdirname, pcre *illegal_re, &missing_parents); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, - ("find_ccdir_parent_data failed.\n")); + "find_ccdir_parent_data failed.\n"); goto done; } ret = check_parent_stat(&parent_stat, uid, gid); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, - ("check_parent_stat failed for directory [%s].\n", ccdirname)); + "check_parent_stat failed for directory [%s].\n", ccdirname); goto done; } DLIST_FOR_EACH(li, missing_parents) { DEBUG(SSSDBG_TRACE_INTERNAL, - ("Creating directory [%s].\n", li->s)); + "Creating directory [%s].\n", li->s); new_dir_mode = 0700; old_umask = umask(0000); @@ -598,15 +598,15 @@ create_ccache_dir(const char *ccdirname, pcre *illegal_re, if (ret != EOK) { ret = errno; DEBUG(SSSDBG_MINOR_FAILURE, - ("mkdir [%s] failed: [%d][%s].\n", li->s, ret, - strerror(ret))); + "mkdir [%s] failed: [%d][%s].\n", li->s, ret, + strerror(ret)); goto done; } ret = chown(li->s, uid, gid); if (ret != EOK) { ret = errno; DEBUG(SSSDBG_MINOR_FAILURE, - ("chown failed [%d][%s].\n", ret, strerror(ret))); + "chown failed [%d][%s].\n", ret, strerror(ret)); goto done; } } @@ -634,14 +634,14 @@ errno_t get_ccache_file_data(const char *ccache_file, const char *client_name, kerr = krb5_init_context(&ctx); if (kerr != 0) { - DEBUG(1, ("krb5_init_context failed.\n")); + DEBUG(1, "krb5_init_context failed.\n"); goto done; } kerr = krb5_parse_name(ctx, client_name, &client_princ); if (kerr != 0) { KRB5_DEBUG(SSSDBG_OP_FAILURE, ctx, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_parse_name failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_parse_name failed.\n"); goto done; } @@ -652,7 +652,7 @@ errno_t get_ccache_file_data(const char *ccache_file, const char *client_name, realm_length, realm_name); if (server_name == NULL) { kerr = KRB5_CC_NOMEM; - DEBUG(1, ("talloc_asprintf failed.\n")); + DEBUG(1, "talloc_asprintf failed.\n"); goto done; } @@ -660,14 +660,14 @@ errno_t get_ccache_file_data(const char *ccache_file, const char *client_name, talloc_free(server_name); if (kerr != 0) { KRB5_DEBUG(SSSDBG_OP_FAILURE, ctx, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_parse_name failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_parse_name failed.\n"); goto done; } kerr = krb5_cc_resolve(ctx, ccache_file, &cc); if (kerr != 0) { KRB5_DEBUG(SSSDBG_OP_FAILURE, ctx, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_cc_resolve failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_resolve failed.\n"); goto done; } @@ -680,7 +680,7 @@ errno_t get_ccache_file_data(const char *ccache_file, const char *client_name, kerr = krb5_cc_retrieve_cred(ctx, cc, 0, &mcred, &cred); if (kerr != 0) { KRB5_DEBUG(SSSDBG_OP_FAILURE, ctx, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_cc_retrieve_cred failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_retrieve_cred failed.\n"); goto done; } @@ -694,7 +694,7 @@ errno_t get_ccache_file_data(const char *ccache_file, const char *client_name, kerr = krb5_cc_close(ctx, cc); if (kerr != 0) { KRB5_DEBUG(SSSDBG_OP_FAILURE, ctx, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_cc_close failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_close failed.\n"); goto done; } cc = NULL; @@ -751,7 +751,7 @@ errno_t sss_krb5_precreate_ccache(const char *ccname, pcre *illegal_re, ccdirname = talloc_strdup(tmp_ctx, filename); if (ccdirname == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strdup failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strdup failed.\n"); ret = ENOMEM; goto done; } @@ -762,8 +762,8 @@ errno_t sss_krb5_precreate_ccache(const char *ccname, pcre *illegal_re, do { end = strrchr(ccdirname, '/'); if (end == NULL || end == ccdirname) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Cannot find parent directory of [%s], " - "/ is not allowed.\n", ccdirname)); + DEBUG(SSSDBG_CRIT_FAILURE, "Cannot find parent directory of [%s], " + "/ is not allowed.\n", ccdirname); ret = EINVAL; goto done; } @@ -823,12 +823,12 @@ static errno_t sss_open_ccache_as_user(TALLOC_CTX *mem_ctx, kerr = krb5_cc_resolve(cc->context, ccname, &cc->ccache); if (kerr == KRB5_FCC_NOFILE || cc->ccache == NULL) { - DEBUG(SSSDBG_TRACE_FUNC, ("ccache %s is missing or empty\n", ccname)); + DEBUG(SSSDBG_TRACE_FUNC, "ccache %s is missing or empty\n", ccname); ret = ERR_NOT_FOUND; goto done; } else if (kerr != 0) { KRB5_DEBUG(SSSDBG_OP_FAILURE, cc->context, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_cc_resolve failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_resolve failed.\n"); ret = ERR_INTERNAL; goto done; } @@ -852,7 +852,7 @@ static errno_t sss_destroy_ccache(struct sss_krb5_ccache *cc) kerr = krb5_cc_destroy(cc->context, cc->ccache); if (kerr) { KRB5_DEBUG(SSSDBG_OP_FAILURE, cc->context, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_cc_destroy failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_destroy failed.\n"); ret = EIO; } else { ret = EOK; @@ -872,7 +872,7 @@ errno_t sss_krb5_cc_destroy(const char *ccname, uid_t uid, gid_t gid) tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("talloc_new failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n"); return ENOMEM; } @@ -904,7 +904,7 @@ errno_t sss_krb5_check_ccache_princ(uid_t uid, gid_t gid, tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("talloc_new failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n"); return ENOMEM; } @@ -916,12 +916,12 @@ errno_t sss_krb5_check_ccache_princ(uid_t uid, gid_t gid, cc_type = krb5_cc_get_type(cc->context, cc->ccache); DEBUG(SSSDBG_TRACE_INTERNAL, - ("Searching for [%s] in cache of type [%s]\n", principal, cc_type)); + "Searching for [%s] in cache of type [%s]\n", principal, cc_type); kerr = krb5_parse_name(cc->context, principal, &kprinc); if (kerr != 0) { KRB5_DEBUG(SSSDBG_OP_FAILURE, cc->context, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_parse_name failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_parse_name failed.\n"); ret = ERR_INTERNAL; goto done; } @@ -929,7 +929,7 @@ errno_t sss_krb5_check_ccache_princ(uid_t uid, gid_t gid, kerr = krb5_cc_get_principal(cc->context, cc->ccache, &ccprinc); if (kerr != 0) { KRB5_DEBUG(SSSDBG_OP_FAILURE, cc->context, kerr); - DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_cc_get_principal failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "krb5_cc_get_principal failed.\n"); } if (ccprinc) { @@ -1021,7 +1021,7 @@ errno_t sss_krb5_cc_verify_ccache(const char *ccname, uid_t uid, gid_t gid, tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_new failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new failed.\n"); return ENOMEM; } @@ -1032,7 +1032,7 @@ errno_t sss_krb5_cc_verify_ccache(const char *ccname, uid_t uid, gid_t gid, tgt_name = talloc_asprintf(tmp_ctx, "krbtgt/%s@%s", realm, realm); if (!tgt_name) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_new failed.\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new failed.\n"); ret = ENOMEM; goto done; } @@ -1061,7 +1061,7 @@ errno_t sss_krb5_cc_verify_ccache(const char *ccname, uid_t uid, gid_t gid, KRB5_TC_MATCH_TIMES, &mcred, &cred); if (kerr) { if (kerr == KRB5_CC_NOTFOUND || kerr == KRB5_FCC_NOFILE) { - DEBUG(SSSDBG_TRACE_INTERNAL, ("TGT not found or expired.\n")); + DEBUG(SSSDBG_TRACE_INTERNAL, "TGT not found or expired.\n"); ret = EINVAL; } else { KRB5_DEBUG(SSSDBG_CRIT_FAILURE, cc->context, kerr); @@ -1087,7 +1087,7 @@ errno_t get_domain_or_subdomain(struct be_ctx *be_ctx, strcasecmp(domain_name, be_ctx->domain->name) != 0) { *dom = find_subdomain_by_name(be_ctx->domain, domain_name, true); if (*dom == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("find_subdomain_by_name failed.\n")); + DEBUG(SSSDBG_OP_FAILURE, "find_subdomain_by_name failed.\n"); return ENOMEM; } } else { diff --git a/src/providers/krb5/krb5_wait_queue.c b/src/providers/krb5/krb5_wait_queue.c index 8b7b9a376..23a6081b8 100644 --- a/src/providers/krb5/krb5_wait_queue.c +++ b/src/providers/krb5/krb5_wait_queue.c @@ -47,7 +47,7 @@ static void wait_queue_auth(struct tevent_context *ev, struct tevent_timer *te, req = krb5_auth_send(qe->be_req, be_ctx->ev, be_ctx, qe->pd, qe->krb5_ctx); if (req == NULL) { - DEBUG(1, ("krb5_auth_send failed.\n")); + DEBUG(1, "krb5_auth_send failed.\n"); } else { tevent_req_set_callback(req, krb5_pam_handler_auth_done, qe->be_req); } @@ -66,7 +66,7 @@ static void wait_queue_del_cb(hash_entry_t *entry, hash_destroy_enum type, return; } - DEBUG(1, ("Unexpected value type [%d].\n", entry->value.type)); + DEBUG(1, "Unexpected value type [%d].\n", entry->value.type); } errno_t add_to_wait_queue(struct be_req *be_req, struct pam_data *pd, @@ -83,7 +83,7 @@ errno_t add_to_wait_queue(struct be_req *be_req, struct pam_data *pd, &krb5_ctx->wait_queue_hash, 0, 0, 0, 0, wait_queue_del_cb, NULL); if (ret != EOK) { - DEBUG(1, ("sss_hash_create failed")); + DEBUG(1, "sss_hash_create failed"); return ret; } } @@ -95,7 +95,7 @@ errno_t add_to_wait_queue(struct be_req *be_req, struct pam_data *pd, switch (ret) { case HASH_SUCCESS: if (value.type != HASH_VALUE_PTR) { - DEBUG(1, ("Unexpected hash value type.\n")); + DEBUG(1, "Unexpected hash value type.\n"); return EINVAL; } @@ -103,7 +103,7 @@ errno_t add_to_wait_queue(struct be_req *be_req, struct pam_data *pd, queue_entry = talloc_zero(head, struct queue_entry); if (queue_entry == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); return ENOMEM; } @@ -118,21 +118,21 @@ errno_t add_to_wait_queue(struct be_req *be_req, struct pam_data *pd, value.type = HASH_VALUE_PTR; head = talloc_zero(krb5_ctx->wait_queue_hash, struct queue_entry); if (head == NULL) { - DEBUG(1, ("talloc_zero failed.\n")); + DEBUG(1, "talloc_zero failed.\n"); return ENOMEM; } value.ptr = head; ret = hash_enter(krb5_ctx->wait_queue_hash, &key, &value); if (ret != HASH_SUCCESS) { - DEBUG(1, ("hash_enter failed.\n")); + DEBUG(1, "hash_enter failed.\n"); talloc_free(head); return EIO; } break; default: - DEBUG(1, ("hash_lookup failed.\n")); + DEBUG(1, "hash_lookup failed.\n"); return EIO; } @@ -154,7 +154,7 @@ void check_wait_queue(struct krb5_ctx *krb5_ctx, char *username) struct be_ctx *be_ctx; if (krb5_ctx->wait_queue_hash == NULL) { - DEBUG(1, ("No wait queue available.\n")); + DEBUG(1, "No wait queue available.\n"); return; } @@ -166,14 +166,14 @@ void check_wait_queue(struct krb5_ctx *krb5_ctx, char *username) switch (ret) { case HASH_SUCCESS: if (value.type != HASH_VALUE_PTR) { - DEBUG(1, ("Unexpected hash value type.\n")); + DEBUG(1, "Unexpected hash value type.\n"); return; } head = talloc_get_type(value.ptr, struct queue_entry); if (head->next == NULL) { - DEBUG(7, ("Wait queue for user [%s] is empty.\n", username)); + DEBUG(7, "Wait queue for user [%s] is empty.\n", username); } else { queue_entry = head->next; @@ -184,7 +184,7 @@ void check_wait_queue(struct krb5_ctx *krb5_ctx, char *username) tevent_timeval_current(), wait_queue_auth, queue_entry); if (te == NULL) { - DEBUG(1, ("tevent_add_timer failed.\n")); + DEBUG(1, "tevent_add_timer failed.\n"); } else { return; } @@ -192,16 +192,16 @@ void check_wait_queue(struct krb5_ctx *krb5_ctx, char *username) ret = hash_delete(krb5_ctx->wait_queue_hash, &key); if (ret != HASH_SUCCESS) { - DEBUG(1, ("Failed to remove wait queue for user [%s].\n", - username)); + DEBUG(1, "Failed to remove wait queue for user [%s].\n", + username); } break; case HASH_ERROR_KEY_NOT_FOUND: - DEBUG(1, ("No wait queue for user [%s] found.\n", username)); + DEBUG(1, "No wait queue for user [%s] found.\n", username); break; default: - DEBUG(1, ("hash_lookup failed.\n")); + DEBUG(1, "hash_lookup failed.\n"); } return; |