From a9c8fdfc939813eafceeecf3ec694608868d8000 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 27 Jun 2012 19:42:43 -0400
Subject: KRB5: Some logging enhancements for krb5_child

---
 src/providers/krb5/krb5_child.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'src')

diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index c434c97ff..091538fb6 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -751,6 +751,7 @@ static krb5_error_code validate_tgt(struct krb5_req *kr)
     if (kerr != 0) {
         DEBUG(1, ("internal error parsing principal name, "
                   "not verifying TGT.\n"));
+        KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
         goto done;
     }
 
@@ -867,6 +868,10 @@ static krb5_error_code get_and_save_tgt(struct krb5_req *kr,
         KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
         DEBUG(1, ("Failed to set expire callback, continue without.\n"));
     }
+
+    DEBUG(SSSDBG_TRACE_FUNC,
+          ("Attempting kinit for realm [%s]\n",
+                  kr->princ->realm.data));
     kerr = krb5_get_init_creds_password(kr->ctx, kr->creds, kr->princ,
                                         password, sss_krb5_prompter, kr, 0,
                                         NULL, kr->options);
@@ -967,6 +972,9 @@ static errno_t changepw_child(int fd, struct krb5_req *kr)
         prompter = NULL;
     }
 
+    DEBUG(SSSDBG_TRACE_FUNC,
+          ("Attempting kinit for realm [%s]\n",
+                  kr->princ->realm.data));
     kerr = krb5_get_init_creds_password(kr->ctx, kr->creds, kr->princ,
                                         pass_str, prompter, kr, 0,
                                         changepw_princ,
@@ -1341,6 +1349,11 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd,
     SAFEALIGN_COPY_UINT32_CHECK(&validate, buf + p, size, &p);
     kr->validate = (validate == 0) ? false : true;
     SAFEALIGN_COPY_UINT32_CHECK(offline, buf + p, size, &p);
+    SAFEALIGN_COPY_UINT32_CHECK(&len, buf + p, size, &p);
+    if ((p + len ) > size) return EINVAL;
+    kr->upn = talloc_strndup(pd, (char *)(buf + p), len);
+    if (kr->upn == NULL) return ENOMEM;
+    p += len;
 
     DEBUG(SSSDBG_CONF_SETTINGS,
           ("cmd [%d] uid [%llu] gid [%llu] validate [%s] offline [%s] "
@@ -1348,12 +1361,6 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd,
            kr->validate ? "true" : "false", offline ? "true" : "false",
            kr->upn ? kr->upn : "none"));
 
-    SAFEALIGN_COPY_UINT32_CHECK(&len, buf + p, size, &p);
-    if ((p + len ) > size) return EINVAL;
-    kr->upn = talloc_strndup(pd, (char *)(buf + p), len);
-    if (kr->upn == NULL) return ENOMEM;
-    p += len;
-
     if (pd->cmd == SSS_PAM_AUTHENTICATE ||
         pd->cmd == SSS_CMD_RENEW ||
         pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM || pd->cmd == SSS_PAM_CHAUTHTOK) {
-- 
cgit