diff options
-rw-r--r-- | src/providers/krb5/krb5_child.c | 15 | ||||
-rw-r--r-- | src/providers/ldap/ldap_child.c | 7 |
2 files changed, 19 insertions, 3 deletions
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index d2b976e2b..199ef67bb 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -126,6 +126,7 @@ static void sss_krb5_expire_callback_func(krb5_context context, void *data, DEBUG(1, ("Time to expire out of range.\n")); return; } + DEBUG(SSSDBG_TRACE_INTERNAL, ("exp_time: [%d]\n", exp_time)); blob = talloc_array(kr->pd, uint32_t, 2); if (blob == NULL) { @@ -204,6 +205,8 @@ static krb5_error_code create_empty_cred(krb5_context ctx, krb5_principal princ, goto done; } + DEBUG(SSSDBG_TRACE_INTERNAL, ("Created empty krb5_creds.\n")); + done: if (kerr != 0) { if (cred != NULL && cred->client != NULL) { @@ -323,6 +326,8 @@ static krb5_error_code create_ccache_file(krb5_context ctx, DEBUG(1, ("rename failed [%d][%s].\n", errno, strerror(errno))); } + DEBUG(SSSDBG_TRACE_LIBS, ("Created ccache file: [%s]\n", cc_file_name)); + done: if (fd != -1) { close(fd); @@ -361,7 +366,6 @@ static errno_t pack_response_packet(struct response *resp, int status, pdr = pdr->next; } - resp->buf = talloc_array(resp, uint8_t, size); if (!resp->buf) { DEBUG(1, ("Insufficient memory to create message.\n")); @@ -379,9 +383,10 @@ static errno_t pack_response_packet(struct response *resp, int status, pdr = pdr->next; } - resp->size = p; + DEBUG(SSSDBG_TRACE_INTERNAL, ("response packet size: [%d]\n", p)); + return EOK; } @@ -477,6 +482,8 @@ static errno_t sendresponse(int fd, krb5_error_code kerr, int pam_status, return EOK; } + DEBUG(SSSDBG_TRACE_ALL, ("Response sent.\n")); + return EOK; } @@ -1034,6 +1041,7 @@ static errno_t renew_tgt_child(int fd, struct krb5_req *kr) KRB5_DEBUG(1, kerr); if (kerr == KRB5_KDC_UNREACH) { status = PAM_AUTHINFO_UNAVAIL; + DEBUG(SSSDBG_TRACE_ALL, ("kdc unreachable for renewed creds.\n")); } goto done; } @@ -1122,6 +1130,8 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd, uint32_t len; uint32_t validate; + DEBUG(SSSDBG_TRACE_LIBS, ("total buffer size: [%d]\n", size)); + SAFEALIGN_COPY_UINT32_CHECK(&pd->cmd, buf + p, size, &p); SAFEALIGN_COPY_UINT32_CHECK(&kr->uid, buf + p, size, &p); SAFEALIGN_COPY_UINT32_CHECK(&kr->gid, buf + p, size, &p); @@ -1343,7 +1353,6 @@ static krb5_error_code check_fast_ccache(krb5_context ctx, const char *primary, goto done; } - kerr = 0; done: diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c index 023979044..13e12e93c 100644 --- a/src/providers/ldap/ldap_child.c +++ b/src/providers/ldap/ldap_child.c @@ -111,6 +111,8 @@ static int pack_buffer(struct response *r, int result, krb5_error_code krberr, r->size = 2 * sizeof(uint32_t) + sizeof(krb5_error_code) + len + sizeof(time_t); + DEBUG(SSSDBG_TRACE_INTERNAL, ("response size: %d\n",r->size)); + r->buf = talloc_array(r, uint8_t, r->size); if(!r->buf) { return ENOMEM; @@ -190,6 +192,8 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx, } } + DEBUG(SSSDBG_TRACE_INTERNAL, ("got realm_name: [%s]\n", realm_name)); + if (princ_str) { if (!strchr(princ_str, '@')) { full_princ = talloc_asprintf(memctx, "%s@%s", @@ -207,6 +211,8 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx, } hostname[511] = '\0'; + DEBUG(SSSDBG_TRACE_LIBS, ("got hostname: [%s]\n", hostname)); + ret = select_principal_from_keytab(memctx, hostname, realm_name, keytab_name, &full_princ, NULL, NULL); if (ret) goto done; @@ -250,6 +256,7 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx, krberr = KRB5KRB_ERR_GENERIC; goto done; } + DEBUG(SSSDBG_TRACE_INTERNAL, ("keytab ccname: [%s]\n")); krberr = krb5_cc_resolve(context, ccname, &ccache); if (krberr) { |