diff options
author | Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> | 2014-02-12 10:12:59 -0500 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-02-12 22:31:02 +0100 |
commit | 83bf46f4066e3d5e838a32357c201de9bd6ecdfd (patch) | |
tree | 65f491f7661bd533398625e015f2b5e5bff3badf /src/responder/pam/pam_LOCAL_domain.c | |
parent | 45a1d9d597df977354428440aeff11c6a0a947fe (diff) | |
download | sssd-83bf46f4066e3d5e838a32357c201de9bd6ecdfd.tar.gz sssd-83bf46f4066e3d5e838a32357c201de9bd6ecdfd.tar.xz sssd-83bf46f4066e3d5e838a32357c201de9bd6ecdfd.zip |
Update DEBUG* invocations to use new levels
Use a script to update DEBUG* macro invocations, which use literal
numbers for levels, to use bitmask macros instead:
grep -rl --include '*.[hc]' DEBUG . |
while read f; do
mv "$f"{,.orig}
perl -e 'use strict;
use File::Slurp;
my @map=qw"
SSSDBG_FATAL_FAILURE
SSSDBG_CRIT_FAILURE
SSSDBG_OP_FAILURE
SSSDBG_MINOR_FAILURE
SSSDBG_CONF_SETTINGS
SSSDBG_FUNC_DATA
SSSDBG_TRACE_FUNC
SSSDBG_TRACE_LIBS
SSSDBG_TRACE_INTERNAL
SSSDBG_TRACE_ALL
";
my $text=read_file(\*STDIN);
my $repl;
$text=~s/
^
(
.*
\b
(DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM)
\s*
\(\s*
)(
[0-9]
)(
\s*,
)
(
\s*
)
(
.*
)
$
/
$repl = $1.$map[$3].$4.$5.$6,
length($repl) <= 80
? $repl
: $1.$map[$3].$4."\n".(" " x length($1)).$6
/xmge;
print $text;
' < "$f.orig" > "$f"
rm "$f.orig"
done
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/responder/pam/pam_LOCAL_domain.c')
-rw-r--r-- | src/responder/pam/pam_LOCAL_domain.c | 37 |
1 files changed, 22 insertions, 15 deletions
diff --git a/src/responder/pam/pam_LOCAL_domain.c b/src/responder/pam/pam_LOCAL_domain.c index b602259ee..4b076146c 100644 --- a/src/responder/pam/pam_LOCAL_domain.c +++ b/src/responder/pam/pam_LOCAL_domain.c @@ -31,7 +31,7 @@ #define NULL_CHECK_OR_JUMP(var, msg, ret, err, label) do { \ if (var == NULL) { \ - DEBUG(1, msg); \ + DEBUG(SSSDBG_CRIT_FAILURE, msg); \ ret = (err); \ goto label; \ } \ @@ -39,7 +39,7 @@ #define NEQ_CHECK_OR_JUMP(var, val, msg, ret, err, label) do { \ if (var != (val)) { \ - DEBUG(1, msg); \ + DEBUG(SSSDBG_CRIT_FAILURE, msg); \ ret = (err); \ goto label; \ } \ @@ -168,7 +168,7 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq) if (ret) { /* TODO: should we allow null passwords via a config option ? */ if (ret == ENOENT) { - DEBUG(1, "Empty passwords are not allowed!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Empty passwords are not allowed!\n"); } lreq->error = EINVAL; goto done; @@ -177,12 +177,12 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq) ret = s3crypt_gen_salt(lreq, &salt); NEQ_CHECK_OR_JUMP(ret, EOK, ("Salt generation failed.\n"), lreq->error, ret, done); - DEBUG(4, "Using salt [%s]\n", salt); + DEBUG(SSSDBG_CONF_SETTINGS, "Using salt [%s]\n", salt); ret = s3crypt_sha512(lreq, password, salt, &new_hash); NEQ_CHECK_OR_JUMP(ret, EOK, ("Hash generation failed.\n"), lreq->error, ret, done); - DEBUG(4, "New hash [%s]\n", new_hash); + DEBUG(SSSDBG_CONF_SETTINGS, "New hash [%s]\n", new_hash); lreq->mod_attrs = sysdb_new_attrs(lreq); NULL_CHECK_OR_JUMP(lreq->mod_attrs, ("sysdb_new_attrs failed.\n"), @@ -229,7 +229,7 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) struct pam_data *pd = preq->pd; int ret; - DEBUG(4, "LOCAL pam handler.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "LOCAL pam handler.\n"); lreq = talloc_zero(preq, struct LOCAL_request); if (!lreq) { @@ -238,7 +238,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) lreq->dbctx = preq->domain->sysdb; if (lreq->dbctx == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); talloc_free(lreq); return ENOENT; } @@ -251,18 +252,20 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) ret = sysdb_get_user_attr(lreq, preq->domain, preq->pd->user, attrs, &res); if (ret != EOK) { - DEBUG(1, "sysdb_get_user_attr failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_get_user_attr failed.\n"); talloc_free(lreq); return ret; } if (res->count < 1) { - DEBUG(4, "No user found with filter ["SYSDB_PWNAM_FILTER"]\n", + DEBUG(SSSDBG_CONF_SETTINGS, + "No user found with filter ["SYSDB_PWNAM_FILTER"]\n", pd->user, pd->user, pd->user); pd->pam_status = PAM_USER_UNKNOWN; goto done; } else if (res->count > 1) { - DEBUG(4, "More than one object found with filter ["SYSDB_PWNAM_FILTER"]\n", + DEBUG(SSSDBG_CONF_SETTINGS, + "More than one object found with filter ["SYSDB_PWNAM_FILTER"]\n", pd->user, pd->user, pd->user); lreq->error = EFAULT; goto done; @@ -270,7 +273,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) username = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_NAME, NULL); if (strcmp(username, pd->user) != 0) { - DEBUG(1, "Expected username [%s] get [%s].\n", pd->user, username); + DEBUG(SSSDBG_CRIT_FAILURE, + "Expected username [%s] get [%s].\n", pd->user, username); lreq->error = EINVAL; goto done; } @@ -285,7 +289,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) && lreq->preq->cctx->priv == 1) { /* TODO: maybe this is a candiate for an explicit audit message. */ - DEBUG(4, "allowing root to reset a password.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, + "allowing root to reset a password.\n"); break; } ret = sss_authtok_get_password(pd->authtok, &password, NULL); @@ -295,16 +300,18 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) pwdhash = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_PWD, NULL); NULL_CHECK_OR_JUMP(pwdhash, ("No password stored.\n"), lreq->error, LDB_ERR_NO_SUCH_ATTRIBUTE, done); - DEBUG(4, "user: [%s], password hash: [%s]\n", username, pwdhash); + DEBUG(SSSDBG_CONF_SETTINGS, + "user: [%s], password hash: [%s]\n", username, pwdhash); ret = s3crypt_sha512(lreq, password, pwdhash, &new_hash); NEQ_CHECK_OR_JUMP(ret, EOK, ("nss_sha512_crypt failed.\n"), lreq->error, ret, done); - DEBUG(4, "user: [%s], new hash: [%s]\n", username, new_hash); + DEBUG(SSSDBG_CONF_SETTINGS, + "user: [%s], new hash: [%s]\n", username, new_hash); if (strcmp(new_hash, pwdhash) != 0) { - DEBUG(1, "Passwords do not match.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Passwords do not match.\n"); do_failed_login(lreq); goto done; } |