summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPaul Park <pjpark@mit.edu>1995-06-08 19:08:06 +0000
committerPaul Park <pjpark@mit.edu>1995-06-08 19:08:06 +0000
commit914a83c4b912d161b72e80d376709c8f5ee307e3 (patch)
treec15d182455ac441d2cff22e8cea42b19772e2ee6 /src
parent2527d32669ae3694e28e660d24ceed060d284cf1 (diff)
downloadkrb5-914a83c4b912d161b72e80d376709c8f5ee307e3.tar.gz
krb5-914a83c4b912d161b72e80d376709c8f5ee307e3.tar.xz
krb5-914a83c4b912d161b72e80d376709c8f5ee307e3.zip
Update kadmind5 to use new logging routines
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5976 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r--src/kadmin/v5server/ChangeLog8
-rw-r--r--src/kadmin/v5server/admin.c16
-rw-r--r--src/kadmin/v5server/passwd.c6
-rw-r--r--src/kadmin/v5server/proto_serv.c26
-rw-r--r--src/kadmin/v5server/srv_acl.c2
-rw-r--r--src/kadmin/v5server/srv_main.c69
-rw-r--r--src/kadmin/v5server/srv_net.c30
-rw-r--r--src/kdc/ChangeLog6
-rw-r--r--src/kdc/Makefile.in6
-rw-r--r--src/kdc/dispatch.c3
-rw-r--r--src/kdc/do_as_req.c33
-rw-r--r--src/kdc/do_tgs_req.c11
-rw-r--r--src/kdc/kdc_util.c7
-rw-r--r--src/kdc/kerberos_v4.c3
-rw-r--r--src/kdc/main.c69
15 files changed, 105 insertions, 190 deletions
diff --git a/src/kadmin/v5server/ChangeLog b/src/kadmin/v5server/ChangeLog
index 0c24228d9..b5d4000e1 100644
--- a/src/kadmin/v5server/ChangeLog
+++ b/src/kadmin/v5server/ChangeLog
@@ -1,3 +1,11 @@
+
+Thu Jun 8 14:46:05 EDT 1995 Paul Park (pjpark@mit.edu)
+ * admin.c, passwd.c, srv_acl.c - Supply severities for error messages.
+ * proto_serv.c, srv_net.c - Supply severities for error messages and
+ change DLOG to DPRINT.
+ * srv_main.c - Supply severities for error messages. Remove com_err
+ handling and syslog() logic for routines in libkadm.
+
Wed Jun 7 12:03:10 1995 <tytso@rsx-11.mit.edu>
* Makefile.in (CFLAGS), srv_acl.c (acl_init): Use
diff --git a/src/kadmin/v5server/admin.c b/src/kadmin/v5server/admin.c
index d38de0aac..5a746fe72 100644
--- a/src/kadmin/v5server/admin.c
+++ b/src/kadmin/v5server/admin.c
@@ -47,14 +47,14 @@ struct inq_context {
static krb5_db_entry admin_def_dbent;
static krb5_boolean admin_def_dbent_inited = 0;
-static const char *admin_perm_denied_fmt = "ACL entry prevents %s operation by %s";
-static const char *admin_db_write_err_fmt = "database write failed during %s operation by %s";
-static const char *admin_db_success_fmt = "%s operation for %s successfully issued by %s";
-static const char *admin_db_read_err_fmt = "database read failed during %s operation by %s";
-static const char *admin_no_cl_ident_fmt = "cannot get client identity from ticket for %s operation";
-static const char *admin_db_rename_fmt = "%s operation from %s to %s successfully issued by %s";
-static const char *admin_db_del_err_fmt = "database delete entry(%s) failed during %s operation by %s";
-static const char *admin_key_dec_err_fmt = "key decode failed for %s's key during %s operation by %s";
+static const char *admin_perm_denied_fmt = "\004ACL entry prevents %s operation by %s";
+static const char *admin_db_write_err_fmt = "\004database write failed during %s operation by %s";
+static const char *admin_db_success_fmt = "\007%s operation for %s successfully issued by %s";
+static const char *admin_db_read_err_fmt = "\004database read failed during %s operation by %s";
+static const char *admin_no_cl_ident_fmt = "\004cannot get client identity from ticket for %s operation";
+static const char *admin_db_rename_fmt = "\007%s operation from %s to %s successfully issued by %s";
+static const char *admin_db_del_err_fmt = "\004database delete entry(%s) failed during %s operation by %s";
+static const char *admin_key_dec_err_fmt = "\004key decode failed for %s's key during %s operation by %s";
static const char *admin_add_principal_text = "Add Principal";
static const char *admin_modify_principal_text = "Modify Principal";
diff --git a/src/kadmin/v5server/passwd.c b/src/kadmin/v5server/passwd.c
index 83d273980..74acada6f 100644
--- a/src/kadmin/v5server/passwd.c
+++ b/src/kadmin/v5server/passwd.c
@@ -40,9 +40,9 @@
#define KPWD_MIN_PWD_LENGTH 8
extern char *programname;
-static const char *pwd_bad_old_pwd = "incorrect old password for %s";
-static const char *pwd_perm_denied = "ACL entry prevents password change for %s";
-static const char *pwd_changed_pwd = "changed password for %s";
+static const char *pwd_bad_old_pwd = "\004incorrect old password for %s";
+static const char *pwd_perm_denied = "\004ACL entry prevents password change for %s";
+static const char *pwd_changed_pwd = "\007changed password for %s";
/*
* passwd_check_princ() - Check if the principal specified in the ticket is ok
diff --git a/src/kadmin/v5server/proto_serv.c b/src/kadmin/v5server/proto_serv.c
index 73c6ce62f..0b85f59a4 100644
--- a/src/kadmin/v5server/proto_serv.c
+++ b/src/kadmin/v5server/proto_serv.c
@@ -36,18 +36,18 @@
#include "adm_proto.h"
#include <setjmp.h>
-static const char *proto_addrs_msg = "%d: cannot get memory for addresses";
-static const char *proto_rcache_msg = "%d: cannot get replay cache";
-static const char *proto_ap_req_msg = "%d: error reading AP_REQ message";
-static const char *proto_auth_con_msg = "%d: cannot get authorization context";
-static const char *proto_rd_req_msg = "%d: cannot decode AP_REQ message";
-static const char *proto_mk_rep_msg = "%d: cannot generate AP_REP message";
-static const char *proto_wr_rep_msg = "%d: cannot write AP_REP message";
-static const char *proto_conn_abort_msg = "%d: connection destroyed by client";
-static const char *proto_seq_err_msg = "%d: protocol sequence violation";
-static const char *proto_rd_cmd_msg = "%d: cannot read administrative protocol command";
-static const char *proto_wr_reply_msg = "%d: cannot write administrative protocol reply";
-static const char *proto_fmt_reply_msg = "%d: cannot format administrative protocol reply";
+static const char *proto_addrs_msg = "\004%d: cannot get memory for addresses";
+static const char *proto_rcache_msg = "\004%d: cannot get replay cache";
+static const char *proto_ap_req_msg = "\004%d: error reading AP_REQ message";
+static const char *proto_auth_con_msg = "\004%d: cannot get authorization context";
+static const char *proto_rd_req_msg = "\004%d: cannot decode AP_REQ message";
+static const char *proto_mk_rep_msg = "\004%d: cannot generate AP_REP message";
+static const char *proto_wr_rep_msg = "\004%d: cannot write AP_REP message";
+static const char *proto_conn_abort_msg = "\007%d: connection destroyed by client";
+static const char *proto_seq_err_msg = "\004%d: protocol sequence violation";
+static const char *proto_rd_cmd_msg = "\004%d: cannot read administrative protocol command";
+static const char *proto_wr_reply_msg = "\004%d: cannot write administrative protocol reply";
+static const char *proto_fmt_reply_msg = "\004%d: cannot format administrative protocol reply";
extern char *programname;
static int proto_proto_timeout = -1;
@@ -720,7 +720,7 @@ proto_serv(kcontext, my_id, cl_sock, sv_p, cl_p)
}
}
else {
- DLOG(DEBUG_REQUESTS, proto_debug_level, "connection timed out");
+ DPRINT(DEBUG_REQUESTS, proto_debug_level, ("connection timed out"));
}
diff --git a/src/kadmin/v5server/srv_acl.c b/src/kadmin/v5server/srv_acl.c
index 86948233d..4b1cf4d61 100644
--- a/src/kadmin/v5server/srv_acl.c
+++ b/src/kadmin/v5server/srv_acl.c
@@ -76,7 +76,7 @@ static const char *acl_catchall_entry = "* o";
static const char *acl_line2long_msg = "%s: line %d too long, truncated\n";
static const char *acl_op_bad_msg = "Unrecognized ACL operation '%c' in %s\n";
static const char *acl_syn_err_msg = "%s: syntax error at line %d <%10s...>\n";
-static const char *acl_cantopen_msg = "cannot open ACL file";
+static const char *acl_cantopen_msg = "\007cannot open ACL file";
/*
* acl_get_line() - Get a line from the ACL file.
diff --git a/src/kadmin/v5server/srv_main.c b/src/kadmin/v5server/srv_main.c
index 205fa927b..fe11a5f41 100644
--- a/src/kadmin/v5server/srv_main.c
+++ b/src/kadmin/v5server/srv_main.c
@@ -30,20 +30,10 @@
#include <stdio.h>
#include <sys/signal.h>
-#include <syslog.h>
#include <setjmp.h>
#include "k5-int.h"
#include "com_err.h"
-#if HAVE_STDARG_H
-#include <stdarg.h>
-#else /* HAVE_STDARG_H */
-#include <varargs.h>
-#endif /* HAVE_STDARG_H */
-
-#define KADM_MAX_ERRMSG_SIZE 1024
-#ifndef LOG_AUTH
-#define LOG_AUTH 0
-#endif /* LOG_AUTH */
+#include "adm_proto.h"
#ifdef LANGUAGES_SUPPORTED
static const char *usage_format = "%s: usage is %s [-a aclfile] [-d database] [-e enctype] [-m]\n\t[-k mkeytype] [-l langlist] [-p portnum] [-r realm] [-t timeout] [-n]\n\t[-D dbg] [-M mkeyname] [-T ktabname].\n";
@@ -56,13 +46,12 @@ static const char *fval_not_number = "%s: value (%s) specified for -%c is not nu
static const char *extra_params = "%s extra paramters beginning with %s... \n";
static const char *daemon_err = "%s: cannot spawn and detach.\n";
static const char *no_memory_fmt = "%s: cannot allocate %d bytes for %s.\n";
-static const char *begin_op_msg = "%s starting.";
-static const char *disp_err_fmt = "dispatch error.";
-static const char *happy_exit_fmt = "terminating normally.";
+static const char *begin_op_msg = "\007%s starting.";
+static const char *disp_err_fmt = "\004dispatch error.";
+static const char *happy_exit_fmt = "\007terminating normally.";
static const char *init_error_fmt = "%s: cannot initialize %s.\n";
-static const char *unh_signal_fmt = "exiting on signal %d.";
+static const char *unh_signal_fmt = "\007exiting on signal %d.";
-static const char *messages_msg = "messages";
static const char *proto_msg = "protocol module";
static const char *net_msg = "network";
static const char *output_msg = "output";
@@ -94,45 +83,7 @@ unhandled_signal(signo)
#endif /* POSIX_SETJMP */
/* NOTREACHED */
}
-
-static void
-kadm_com_err_proc(whoami, code, format, ap)
- const char *whoami;
- long code;
- const char *format;
- va_list ap;
-{
- char *outbuf;
-
- outbuf = (char *) malloc(KADM_MAX_ERRMSG_SIZE);
- if (outbuf) {
- char *cp;
- sprintf(outbuf, "%s: ", whoami);
- if (code) {
- strcat(outbuf, error_message(code));
- strcat(outbuf, " - ");
- }
- cp = &outbuf[strlen(outbuf)];
-#if HAVE_VSPRINTF
- vsprintf(cp, format, ap);
-#else /* HAVE_VSPRINTF */
- sprintf(cp, format, ((int *) ap)[0], ((int *) ap)[1],
- ((int *) ap)[2], ((int *) ap)[3],
- ((int *) ap)[4], ((int *) ap)[5]);
-#endif /* HAVE_VSPRINTF */
-#ifndef DEBUG
- syslog(LOG_AUTH|LOG_ERR, outbuf);
-#endif /* DEBUG */
- strcat(outbuf, "\n");
- fprintf(stderr, outbuf);
- free(outbuf);
- }
- else {
- fprintf(stderr, no_memory_fmt, programname,
- KADM_MAX_ERRMSG_SIZE, messages_msg);
- }
-}
-
+
int
main(argc, argv)
int argc;
@@ -280,8 +231,7 @@ main(argc, argv)
#endif /* DEBUG */
krb5_init_context(&kcontext);
krb5_init_ets(kcontext);
- openlog(programname, LOG_AUTH|LOG_CONS|LOG_NDELAY|LOG_PID, LOG_LOCAL6);
- (void) set_com_err_hook(kadm_com_err_proc);
+ krb5_klog_init(kcontext, "admin_server", programname, 1);
if ((signal_number =
#if POSIX_SETJMP
@@ -354,7 +304,7 @@ main(argc, argv)
* We've successfully initialized here.
*/
#ifndef DEBUG
- syslog(LOG_AUTH|LOG_INFO, begin_op_msg, server_name_msg);
+ com_err(programname, 0, begin_op_msg, server_name_msg);
#endif /* DEBUG */
/*
@@ -373,7 +323,7 @@ main(argc, argv)
else {
/* Received an unhandled signal */
#ifndef DEBUG
- syslog(LOG_AUTH|LOG_INFO, unh_signal_fmt, signal_number);
+ com_err(programname, 0, unh_signal_fmt, signal_number);
#endif
}
@@ -383,6 +333,7 @@ main(argc, argv)
output_finish(kcontext, debug_level);
acl_finish(kcontext, debug_level);
key_finish(kcontext, debug_level);
+ krb5_klog_close(kcontext);
krb5_xfree(kcontext);
exit(error);
}
diff --git a/src/kadmin/v5server/srv_net.c b/src/kadmin/v5server/srv_net.c
index ed4fbe431..b6fd4cab2 100644
--- a/src/kadmin/v5server/srv_net.c
+++ b/src/kadmin/v5server/srv_net.c
@@ -77,7 +77,7 @@ typedef struct _net_slave_info {
/*
* Error messages.
*/
-static const char *net_waiterr_msg = "child wait failed - cannot reap children";
+static const char *net_waiterr_msg = "\004child wait failed - cannot reap children";
static const char *net_def_realm_fmt = "%s: cannot get default realm (%s).\n";
static const char *net_no_mem_fmt = "%s: cannot get memory.\n";
static const char *net_parse_srv_fmt = "%s: cannot parse server name %s (%s).\n";
@@ -88,9 +88,9 @@ static const char *net_sockerr_fmt = "%s: cannot open network socket (%s).\n";
static const char *net_soerr_fmt = "%s: cannot set socket options (%s).\n";
static const char *net_binderr_fmt = "%s: cannot bind to network address (%s).\n";
-static const char *net_select_fmt = "select failed";
-static const char *net_cl_disp_fmt = "client dispatch failed";
-static const char *net_not_ready_fmt = "select error - no socket to read";
+static const char *net_select_fmt = "\004select failed";
+static const char *net_cl_disp_fmt = "\004client dispatch failed";
+static const char *net_not_ready_fmt = "\004select error - no socket to read";
static const char *net_dispatch_msg = "network dispatch";
static int net_debug_level = 0;
@@ -740,7 +740,7 @@ net_dispatch(kcontext)
#endif /* !USE_PTHREADS */
/* Receive connections on the socket */
- DLOG(DEBUG_OPERATION, net_debug_level, "listening on socket");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("listening on socket"));
if (
#if POSIX_SETJMP
sigsetjmp(shutdown_jmp, 1) == 0
@@ -753,7 +753,7 @@ net_dispatch(kcontext)
}
else
kret = EINTR;
- DLOG(DEBUG_OPERATION, net_debug_level, "listen done");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("listen done"));
while (kret == 0) {
/*
@@ -767,13 +767,13 @@ net_dispatch(kcontext)
#endif /* POSIX_SETJMP */
) {
readfds = mask;
- DLOG(DEBUG_OPERATION, net_debug_level, "doing select");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("doing select"));
if ((nready = select(net_listen_socket+1,
&readfds,
(fd_set *) NULL,
(fd_set *) NULL,
(struct timeval *) NULL)) == 0) {
- DLOG(DEBUG_OPERATION, net_debug_level, "nobody ready");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("nobody ready"));
continue; /* Nobody ready */
}
@@ -788,8 +788,8 @@ net_dispatch(kcontext)
int conn_sock;
addrlen = sizeof(client_addr);
- DLOG(DEBUG_OPERATION, net_debug_level,
- "accept connection");
+ DPRINT(DEBUG_OPERATION, net_debug_level,
+ ("accept connection"));
while (((conn_sock = accept(net_listen_socket,
(struct sockaddr *) &client_addr,
&addrlen)) < 0) &&
@@ -799,8 +799,8 @@ net_dispatch(kcontext)
kret = errno;
break;
}
- DLOG(DEBUG_OPERATION, net_debug_level,
- "accepted connection");
+ DPRINT(DEBUG_OPERATION, net_debug_level,
+ ("accepted connection"));
kret = net_dispatch_client(kcontext,
net_listen_socket,
conn_sock,
@@ -809,7 +809,7 @@ net_dispatch(kcontext)
com_err(net_dispatch_msg, kret, net_cl_disp_fmt);
continue;
}
- DLOG(DEBUG_OPERATION, net_debug_level, "dispatch done");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("dispatch done"));
}
else {
com_err(net_dispatch_msg, 0, net_not_ready_fmt);
@@ -817,8 +817,8 @@ net_dispatch(kcontext)
}
}
else {
- DLOG(DEBUG_OPERATION, net_debug_level,
- "dispatch interrupted by SIGTERM");
+ DPRINT(DEBUG_OPERATION, net_debug_level,
+ ("dispatch interrupted by SIGTERM"));
kret = 0;
break;
}
diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index 0b3b8f270..7c499dbb7 100644
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,4 +1,10 @@
+Thu Jun 8 14:52:40 EDT 1995 Paul Park (pjpark@mit.edu)
+ * Makefile.in - Add libkadm.
+ * dispatch.c, do_as_req.c, do_tgs_req.c, kdc_util.c, kerberos_v4.c
+ main.c - Include adm_proto.h and change syslog calls to
+ calls to krb5_klog_syslog.
+
Fri May 26 17:50:39 EDT 1995 Paul Park (pjpark@mit.edu)
* Makefile.in - Define KDBDEPLIB.
diff --git a/src/kdc/Makefile.in b/src/kdc/Makefile.in
index 1545f31fa..82fd2f3d9 100644
--- a/src/kdc/Makefile.in
+++ b/src/kdc/Makefile.in
@@ -7,6 +7,8 @@ COMERRLIB=$(BUILDTOP)/util/et/libcom_err.a
DBMLIB=
KDBLIB=$(TOPLIBD)/libkdb5.a
KDBDEPLIB=$(TOPLIBD)/libkdb5.a
+KADMLIB=$(TOPLIBD)/libkadm.a
+KADMDEPLIB=$(TOPLIBD)/libkadm.a
KLIB = $(TOPLIBD)/libkrb5.a $(KRB4_LIB) $(TOPLIBD)/libcrypto.a $(COMERRLIB) $(DBMLIB)
DEPKLIB = $(TOPLIBD)/libkrb5.a $(TOPLIBD)/libcrypto.a $(COMERRLIB) $(DBMLIB)
@@ -54,8 +56,8 @@ kdc5_err.h: kdc5_err.et
kdc5_err.o: kdc5_err.h
-krb5kdc: $(OBJS) $(KDBDEPLIB) $(DEPKLIB)
- $(LD) $(CFLAGS) -o krb5kdc $(OBJS) $(KDBLIB) $(KLIB) $(LIBS)
+krb5kdc: $(OBJS) $(KDBDEPLIB) $(DEPKLIB) $(KADMDEPLIB)
+ $(LD) $(CFLAGS) -o krb5kdc $(OBJS) $(KDBLIB) $(KADMLIB) $(KLIB) $(LIBS)
install::
$(INSTALL_PROGRAM) krb5kdc ${DESTDIR}$(SERVER_BINDIR)/krb5kdc
diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c
index 22b6cd0c0..3b132ac16 100644
--- a/src/kdc/dispatch.c
+++ b/src/kdc/dispatch.c
@@ -27,6 +27,7 @@
#include <syslog.h>
#include "kdc_util.h"
#include "extern.h"
+#include "adm_proto.h"
krb5_error_code
dispatch(pkt, from, is_secondary, response)
@@ -44,7 +45,7 @@ dispatch(pkt, from, is_secondary, response)
/* try the replay lookaside buffer */
if (kdc_check_lookaside(pkt, response)) {
/* a hit! */
- syslog(LOG_INFO, "DISPATCH: replay found and re-transmitted");
+ krb5_klog_syslog(LOG_INFO, "DISPATCH: replay found and re-transmitted");
return 0;
}
/* try TGS_REQ first; they are more common! */
diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c
index 42ceaa1bf..da76b41b3 100644
--- a/src/kdc/do_as_req.c
+++ b/src/kdc/do_as_req.c
@@ -39,6 +39,7 @@
#include "kdc_util.h"
#include "policy.h"
#include "extern.h"
+#include "adm_proto.h"
static krb5_error_code prepare_error_as PROTOTYPE((krb5_kdc_req *,
int,
@@ -71,7 +72,7 @@ check_padata (client, src_addr, padata, pa_id, flags)
retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context,enckey,&tmpkey);
if (retval) {
- syslog( LOG_ERR, "AS_REQ: Unable to extract client key: %s",
+ krb5_klog_syslog( LOG_ERR, "AS_REQ: Unable to extract client key: %s",
error_message(retval));
return retval;
}
@@ -86,7 +87,7 @@ check_padata (client, src_addr, padata, pa_id, flags)
enckey = &(client->alt_key);
/* Extract client key/alt_key from master key */
if (retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context,enckey,&tmpkey)) {
- syslog( LOG_ERR, "AS_REQ: Unable to extract client alt_key: %s",
+ krb5_klog_syslog( LOG_ERR, "AS_REQ: Unable to extract client alt_key: %s",
error_message(retval));
return retval;
}
@@ -140,14 +141,14 @@ krb5_data **response; /* filled in with a response packet */
return(prepare_error_as(request, KDC_ERR_C_PRINCIPAL_UNKNOWN,
response));
if (retval = krb5_unparse_name(kdc_context, request->client, &cname)) {
- syslog(LOG_INFO, "AS_REQ: %s while unparsing client name",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing client name",
error_message(retval));
return(prepare_error_as(request, KDC_ERR_C_PRINCIPAL_UNKNOWN,
response));
}
if (retval = krb5_unparse_name(kdc_context, request->server, &sname)) {
free(cname);
- syslog(LOG_INFO, "AS_REQ: %s while unparsing server name",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing server name",
error_message(retval));
return(prepare_error_as(request, KDC_ERR_S_PRINCIPAL_UNKNOWN,
response));
@@ -215,7 +216,7 @@ krb5_data **response; /* filled in with a response packet */
}
if (retval = krb5_timeofday(kdc_context, &kdc_time)) {
- syslog(LOG_INFO, "AS_REQ: TIME_OF_DAY: host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: TIME_OF_DAY: host %s, %s for %s",
fromstring, cname, sname);
goto errout;
}
@@ -223,7 +224,7 @@ krb5_data **response; /* filled in with a response packet */
status = "UNKNOWN REASON";
if (retval = validate_as_request(request, client, server,
kdc_time, &status)) {
- syslog(LOG_INFO, "AS_REQ: %s: host %s, %s for %s", status,
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s: host %s, %s for %s", status,
fromstring, cname, sname);
retval = prepare_error_as(request, retval, response);
goto errout;
@@ -249,7 +250,7 @@ krb5_data **response; /* filled in with a response packet */
if (i == request->netypes) {
/* unsupported etype */
- syslog(LOG_INFO, "AS_REQ: BAD ENCRYPTION TYPE: host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: BAD ENCRYPTION TYPE: host %s, %s for %s",
fromstring, cname, sname);
retval = prepare_error_as(request, KDC_ERR_ETYPE_NOSUPP, response);
goto errout;
@@ -261,7 +262,7 @@ krb5_data **response; /* filled in with a response packet */
krb5_csarray[useetype]->random_sequence,
&session_key)) {
/* random key failed */
- syslog(LOG_INFO, "AS_REQ: RANDOM KEY FAILED: host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: RANDOM KEY FAILED: host %s, %s for %s",
fromstring, cname, sname);
goto errout;
}
@@ -360,7 +361,7 @@ krb5_data **response; /* filled in with a response packet */
}
krb5_db_put_principal(kdc_context, &client, &one);
#endif
- syslog(LOG_INFO, "AS_REQ: PREAUTH FAILED: host %s, %s for %s (%s)",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: PREAUTH FAILED: host %s, %s for %s (%s)",
fromstring, cname, sname, error_message(retval));
#ifdef KRBCONF_VAGUE_ERRORS
retval = prepare_error_as(request, KRB_ERR_GENERIC, response);
@@ -395,7 +396,7 @@ krb5_data **response; /* filled in with a response packet */
if TKT_FLG_PRE_AUTH is set allow it. */
if (!pwreq || !(enc_tkt_reply.flags & TKT_FLG_PRE_AUTH)){
- syslog(LOG_INFO, "AS_REQ: Needed HW preauth: host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: Needed HW preauth: host %s, %s for %s",
fromstring, cname, sname);
retval = prepare_error_as(request, KRB_ERR_GENERIC, response);
goto errout;
@@ -490,7 +491,7 @@ krb5_data **response; /* filled in with a response packet */
krb5_xfree(encrypting_key.contents);
if (retval) {
- syslog(LOG_INFO, "AS_REQ: ENCODE_KDC_REP: host %s, %s for %s (%s)",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: ENCODE_KDC_REP: host %s, %s for %s (%s)",
fromstring, cname, sname, error_message(retval));
goto errout;
}
@@ -502,10 +503,10 @@ krb5_data **response; /* filled in with a response packet */
free(reply.enc_part.ciphertext.data);
if (is_secondary)
- syslog(LOG_INFO, "AS_REQ; ISSUE: authtime %d, host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ; ISSUE: authtime %d, host %s, %s for %s",
authtime, fromstring, cname, sname);
else
- syslog(LOG_INFO, "AS_REQ: ISSUE: authtime %d, host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: ISSUE: authtime %d, host %s, %s for %s",
authtime, fromstring, cname, sname);
errout:
@@ -542,13 +543,13 @@ krb5_data **response;
char *cname = 0, *sname = 0;
if (retval = krb5_unparse_name(kdc_context, request->client, &cname))
- syslog(LOG_INFO, "AS_REQ: %s while unparsing client name for error",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing client name for error",
error_message(retval));
if (retval = krb5_unparse_name(kdc_context, request->server, &sname))
- syslog(LOG_INFO, "AS_REQ: %s while unparsing server name for error",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing server name for error",
error_message(retval));
- syslog(LOG_INFO, "AS_REQ: %s while processing request from %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while processing request from %s for %s",
error_message(error+KRB5KDC_ERR_NONE),
cname ? cname : "UNKNOWN CLIENT", sname ? sname : "UNKNOWN SERVER");
diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index a25062f15..9aeacd7ad 100644
--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -39,6 +39,7 @@
#include "kdc_util.h"
#include "policy.h"
#include "extern.h"
+#include "adm_proto.h"
static void find_alternate_tgs PROTOTYPE((krb5_kdc_req *,
@@ -147,7 +148,7 @@ krb5_data **response; /* filled in with a response packet */
nprincs = 1;
if (retval = krb5_db_get_principal(kdc_context, request->server, &server,
&nprincs, &more)) {
- syslog(LOG_INFO,
+ krb5_klog_syslog(LOG_INFO,
"TGS_REQ: GET_PRINCIPAL: authtime %d, host %s, %s for %s (%s)",
authtime, fromstring, cname, sname, error_message(retval));
nprincs = 0;
@@ -521,7 +522,7 @@ tgt_again:
request->second_ticket[st_idx]->enc_part2->client)) {
if (retval = krb5_unparse_name(kdc_context, request->second_ticket[st_idx]->enc_part2->client, &tmp))
tmp = 0;
- syslog(LOG_INFO, "TGS_REQ: 2ND_TKT_MISMATCH: authtime %d, host %s, %s for %s, 2nd tkt client %s",
+ krb5_klog_syslog(LOG_INFO, "TGS_REQ: 2ND_TKT_MISMATCH: authtime %d, host %s, %s for %s, 2nd tkt client %s",
authtime, fromstring, cname, sname,
tmp ? tmp : "<unknown>");
goto cleanup;
@@ -617,7 +618,7 @@ tgt_again:
cleanup:
if (status)
- syslog(LOG_INFO, "TGS_REQ%c %s: authtime %d, host %s, %s for %s%s%s",
+ krb5_klog_syslog(LOG_INFO, "TGS_REQ%c %s: authtime %d, host %s, %s for %s%s%s",
secondary_ch, status, authtime, fromstring,
cname ? cname : "<unknown client>",
sname ? sname : "<unknown server>",
@@ -755,10 +756,10 @@ int *nprincs;
krb5_free_principal(kdc_context, request->server);
request->server = tmpprinc;
if (krb5_unparse_name(kdc_context, request->server, &sname)) {
- syslog(LOG_INFO,
+ krb5_klog_syslog(LOG_INFO,
"TGS_REQ: issuing alternate <un-unparseable> TGT");
} else {
- syslog(LOG_INFO,
+ krb5_klog_syslog(LOG_INFO,
"TGS_REQ: issuing TGT %s", sname);
free(sname);
}
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index ef0b402d1..b147eb96d 100644
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -29,6 +29,7 @@
#include "extern.h"
#include <stdio.h>
#include <syslog.h>
+#include "adm_proto.h"
/*
* concatenate first two authdata arrays, returning an allocated replacement.
@@ -194,7 +195,7 @@ kdc_process_tgs_req(request, from, pkt, ticket, subkey)
if (isflagset(apreq->ap_options, AP_OPTS_USE_SESSION_KEY) ||
isflagset(apreq->ap_options, AP_OPTS_MUTUAL_REQUIRED)) {
- syslog(LOG_INFO, "TGS_REQ: SESSION KEY or MUTUAL");
+ krb5_klog_syslog(LOG_INFO, "TGS_REQ: SESSION KEY or MUTUAL");
retval = KRB5KDC_ERR_POLICY;
goto cleanup;
}
@@ -263,7 +264,7 @@ kdc_process_tgs_req(request, from, pkt, ticket, subkey)
if (tkt_realm->length == tgs_realm->length &&
!memcmp(tkt_realm->data, tgs_realm->data, tgs_realm->length)) {
/* someone in a foreign realm claiming to be local */
- syslog(LOG_INFO, "PROCESS_TGS: failed lineage check");
+ krb5_klog_syslog(LOG_INFO, "PROCESS_TGS: failed lineage check");
retval = KRB5KDC_ERR_POLICY;
goto cleanup_authenticator;
}
@@ -326,7 +327,7 @@ krb5_kvno *kvno;
krb5_db_free_principal(kdc_context, &server, nprincs);
if (!krb5_unparse_name(kdc_context, ticket->server, &sname)) {
- syslog(LOG_ERR, "TGS_REQ: UNKNOWN SERVER: server='%s'",
+ krb5_klog_syslog(LOG_ERR, "TGS_REQ: UNKNOWN SERVER: server='%s'",
sname);
free(sname);
}
diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c
index 3844fd582..98562b3be 100644
--- a/src/kdc/kerberos_v4.c
+++ b/src/kdc/kerberos_v4.c
@@ -26,6 +26,7 @@
#ifdef KRB4
#include "k5-int.h"
+#include "adm_proto.h"
#ifdef HAVE_STDARG_H
#include <stdarg.h>
@@ -483,7 +484,7 @@ char * v4_klog( type, format, va_alist)
case L_APPL_REQ:
strcpy(log_text, "PROCESS_V4:");
vsprintf(log_text+strlen(log_text), format, pvar);
- syslog(logpri, log_text);
+ krb5_klog_syslog(logpri, log_text);
/* ignore the other types... */
}
va_end(pvar);
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 18106f305..848ccada4 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -29,70 +29,14 @@
#include <errno.h>
#include "com_err.h"
-/* for STDC, com_err gets varargs/stdarg */
-#ifndef __STDC__
-#include <varargs.h>
-#endif
-
#include "k5-int.h"
#include "kdc_util.h"
#include "extern.h"
#include "kdc5_err.h"
+#include "adm_proto.h"
static int nofork = 0;
-static void
-kdc_com_err_proc(whoami, code, format, pvar)
- const char *whoami;
- long code;
- const char *format;
- va_list pvar;
-{
- /* XXX need some way to do this better... */
-#ifndef __STDC__
- extern int vfprintf();
-#endif
-
- char syslogbuf[10240], tmpbuf[10240];
-
- memset(syslogbuf, 0, sizeof(syslogbuf));
- memset(tmpbuf, 0, sizeof(tmpbuf));
-
- if (whoami) {
- fputs(whoami, stderr);
- fputs(": ", stderr);
- }
-
- if (code) {
- sprintf(tmpbuf, error_message(code));
- strcat(syslogbuf, tmpbuf);
- strcat(syslogbuf, " ");
- }
-
- if (format) {
- vsprintf(tmpbuf, format, pvar);
- strcat(syslogbuf, tmpbuf);
- }
-
- fprintf(stderr, syslogbuf);
- putc('\n', stderr);
- putc('\r', stderr); /* should do this only on a tty in raw mode */
- fflush(stderr);
-
- syslog(LOG_ERR, "%s", syslogbuf);
-
- return;
-}
-
-void
-setup_com_err()
-{
- krb5_init_ets(kdc_context);
- initialize_kdc5_error_table();
- (void) set_com_err_hook(kdc_com_err_proc);
- return;
-}
-
krb5_sigtype
request_exit()
{
@@ -436,10 +380,8 @@ char *argv[];
argv[0] = strrchr(argv[0], '/')+1;
krb5_init_context(&kdc_context);
-
- setup_com_err();
-
- openlog(argv[0], LOG_CONS|LOG_NDELAY|LOG_PID, LOG_LOCAL6); /* XXX */
+ krb5_init_ets(kdc_context);
+ krb5_klog_init(kdc_context, "kdc", argv[0], 1);
process_args(argc, argv); /* includes reading master key */
@@ -460,7 +402,7 @@ char *argv[];
finish_args(argv[0]);
return 1;
}
- syslog(LOG_INFO, "commencing operation");
+ krb5_klog_syslog(LOG_INFO, "commencing operation");
if (retval = listen_and_process(argv[0])){
com_err(argv[0], retval, "while processing network requests");
errout++;
@@ -473,7 +415,8 @@ char *argv[];
com_err(argv[0], retval, "while closing database");
errout++;
}
- syslog(LOG_INFO, "shutting down");
+ krb5_klog_syslog(LOG_INFO, "shutting down");
+ krb5_klog_close(kdc_context);
finish_args(argv[0]);
return errout;
}
generated by cgit (git 2.34.1) at 2026-01-07 17:59:54 +0000