summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/providers/krb5/krb5_child.c15
-rw-r--r--src/providers/ldap/ldap_child.c7
2 files changed, 19 insertions, 3 deletions
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index d2b976e2b..199ef67bb 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -126,6 +126,7 @@ static void sss_krb5_expire_callback_func(krb5_context context, void *data,
DEBUG(1, ("Time to expire out of range.\n"));
return;
}
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("exp_time: [%d]\n", exp_time));
blob = talloc_array(kr->pd, uint32_t, 2);
if (blob == NULL) {
@@ -204,6 +205,8 @@ static krb5_error_code create_empty_cred(krb5_context ctx, krb5_principal princ,
goto done;
}
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("Created empty krb5_creds.\n"));
+
done:
if (kerr != 0) {
if (cred != NULL && cred->client != NULL) {
@@ -323,6 +326,8 @@ static krb5_error_code create_ccache_file(krb5_context ctx,
DEBUG(1, ("rename failed [%d][%s].\n", errno, strerror(errno)));
}
+ DEBUG(SSSDBG_TRACE_LIBS, ("Created ccache file: [%s]\n", cc_file_name));
+
done:
if (fd != -1) {
close(fd);
@@ -361,7 +366,6 @@ static errno_t pack_response_packet(struct response *resp, int status,
pdr = pdr->next;
}
-
resp->buf = talloc_array(resp, uint8_t, size);
if (!resp->buf) {
DEBUG(1, ("Insufficient memory to create message.\n"));
@@ -379,9 +383,10 @@ static errno_t pack_response_packet(struct response *resp, int status,
pdr = pdr->next;
}
-
resp->size = p;
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("response packet size: [%d]\n", p));
+
return EOK;
}
@@ -477,6 +482,8 @@ static errno_t sendresponse(int fd, krb5_error_code kerr, int pam_status,
return EOK;
}
+ DEBUG(SSSDBG_TRACE_ALL, ("Response sent.\n"));
+
return EOK;
}
@@ -1034,6 +1041,7 @@ static errno_t renew_tgt_child(int fd, struct krb5_req *kr)
KRB5_DEBUG(1, kerr);
if (kerr == KRB5_KDC_UNREACH) {
status = PAM_AUTHINFO_UNAVAIL;
+ DEBUG(SSSDBG_TRACE_ALL, ("kdc unreachable for renewed creds.\n"));
}
goto done;
}
@@ -1122,6 +1130,8 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd,
uint32_t len;
uint32_t validate;
+ DEBUG(SSSDBG_TRACE_LIBS, ("total buffer size: [%d]\n", size));
+
SAFEALIGN_COPY_UINT32_CHECK(&pd->cmd, buf + p, size, &p);
SAFEALIGN_COPY_UINT32_CHECK(&kr->uid, buf + p, size, &p);
SAFEALIGN_COPY_UINT32_CHECK(&kr->gid, buf + p, size, &p);
@@ -1343,7 +1353,6 @@ static krb5_error_code check_fast_ccache(krb5_context ctx, const char *primary,
goto done;
}
-
kerr = 0;
done:
diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c
index 023979044..13e12e93c 100644
--- a/src/providers/ldap/ldap_child.c
+++ b/src/providers/ldap/ldap_child.c
@@ -111,6 +111,8 @@ static int pack_buffer(struct response *r, int result, krb5_error_code krberr,
r->size = 2 * sizeof(uint32_t) + sizeof(krb5_error_code) +
len + sizeof(time_t);
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("response size: %d\n",r->size));
+
r->buf = talloc_array(r, uint8_t, r->size);
if(!r->buf) {
return ENOMEM;
@@ -190,6 +192,8 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
}
}
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("got realm_name: [%s]\n", realm_name));
+
if (princ_str) {
if (!strchr(princ_str, '@')) {
full_princ = talloc_asprintf(memctx, "%s@%s",
@@ -207,6 +211,8 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
}
hostname[511] = '\0';
+ DEBUG(SSSDBG_TRACE_LIBS, ("got hostname: [%s]\n", hostname));
+
ret = select_principal_from_keytab(memctx, hostname, realm_name,
keytab_name, &full_princ, NULL, NULL);
if (ret) goto done;
@@ -250,6 +256,7 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
krberr = KRB5KRB_ERR_GENERIC;
goto done;
}
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("keytab ccname: [%s]\n"));
krberr = krb5_cc_resolve(context, ccname, &ccache);
if (krberr) {