+
+Thu Jun 8 14:46:05 EDT 1995 Paul Park (pjpark@mit.edu)
+ * admin.c, passwd.c, srv_acl.c - Supply severities for error messages.
+ * proto_serv.c, srv_net.c - Supply severities for error messages and
+ change DLOG to DPRINT.
+ * srv_main.c - Supply severities for error messages. Remove com_err
+ handling and syslog() logic for routines in libkadm.
+
Wed Jun 7 12:03:10 1995 <tytso@rsx-11.mit.edu>
* Makefile.in (CFLAGS), srv_acl.c (acl_init): Use
static krb5_db_entry admin_def_dbent;
static krb5_boolean admin_def_dbent_inited = 0;
-static const char *admin_perm_denied_fmt = "ACL entry prevents %s operation by %s";
-static const char *admin_db_write_err_fmt = "database write failed during %s operation by %s";
-static const char *admin_db_success_fmt = "%s operation for %s successfully issued by %s";
-static const char *admin_db_read_err_fmt = "database read failed during %s operation by %s";
-static const char *admin_no_cl_ident_fmt = "cannot get client identity from ticket for %s operation";
-static const char *admin_db_rename_fmt = "%s operation from %s to %s successfully issued by %s";
-static const char *admin_db_del_err_fmt = "database delete entry(%s) failed during %s operation by %s";
-static const char *admin_key_dec_err_fmt = "key decode failed for %s's key during %s operation by %s";
+static const char *admin_perm_denied_fmt = "\004ACL entry prevents %s operation by %s";
+static const char *admin_db_write_err_fmt = "\004database write failed during %s operation by %s";
+static const char *admin_db_success_fmt = "\007%s operation for %s successfully issued by %s";
+static const char *admin_db_read_err_fmt = "\004database read failed during %s operation by %s";
+static const char *admin_no_cl_ident_fmt = "\004cannot get client identity from ticket for %s operation";
+static const char *admin_db_rename_fmt = "\007%s operation from %s to %s successfully issued by %s";
+static const char *admin_db_del_err_fmt = "\004database delete entry(%s) failed during %s operation by %s";
+static const char *admin_key_dec_err_fmt = "\004key decode failed for %s's key during %s operation by %s";
static const char *admin_add_principal_text = "Add Principal";
static const char *admin_modify_principal_text = "Modify Principal";
#define KPWD_MIN_PWD_LENGTH 8
extern char *programname;
-static const char *pwd_bad_old_pwd = "incorrect old password for %s";
-static const char *pwd_perm_denied = "ACL entry prevents password change for %s";
-static const char *pwd_changed_pwd = "changed password for %s";
+static const char *pwd_bad_old_pwd = "\004incorrect old password for %s";
+static const char *pwd_perm_denied = "\004ACL entry prevents password change for %s";
+static const char *pwd_changed_pwd = "\007changed password for %s";
\f
/*
* passwd_check_princ() - Check if the principal specified in the ticket is ok
#include "adm_proto.h"
#include <setjmp.h>
-static const char *proto_addrs_msg = "%d: cannot get memory for addresses";
-static const char *proto_rcache_msg = "%d: cannot get replay cache";
-static const char *proto_ap_req_msg = "%d: error reading AP_REQ message";
-static const char *proto_auth_con_msg = "%d: cannot get authorization context";
-static const char *proto_rd_req_msg = "%d: cannot decode AP_REQ message";
-static const char *proto_mk_rep_msg = "%d: cannot generate AP_REP message";
-static const char *proto_wr_rep_msg = "%d: cannot write AP_REP message";
-static const char *proto_conn_abort_msg = "%d: connection destroyed by client";
-static const char *proto_seq_err_msg = "%d: protocol sequence violation";
-static const char *proto_rd_cmd_msg = "%d: cannot read administrative protocol command";
-static const char *proto_wr_reply_msg = "%d: cannot write administrative protocol reply";
-static const char *proto_fmt_reply_msg = "%d: cannot format administrative protocol reply";
+static const char *proto_addrs_msg = "\004%d: cannot get memory for addresses";
+static const char *proto_rcache_msg = "\004%d: cannot get replay cache";
+static const char *proto_ap_req_msg = "\004%d: error reading AP_REQ message";
+static const char *proto_auth_con_msg = "\004%d: cannot get authorization context";
+static const char *proto_rd_req_msg = "\004%d: cannot decode AP_REQ message";
+static const char *proto_mk_rep_msg = "\004%d: cannot generate AP_REP message";
+static const char *proto_wr_rep_msg = "\004%d: cannot write AP_REP message";
+static const char *proto_conn_abort_msg = "\007%d: connection destroyed by client";
+static const char *proto_seq_err_msg = "\004%d: protocol sequence violation";
+static const char *proto_rd_cmd_msg = "\004%d: cannot read administrative protocol command";
+static const char *proto_wr_reply_msg = "\004%d: cannot write administrative protocol reply";
+static const char *proto_fmt_reply_msg = "\004%d: cannot format administrative protocol reply";
extern char *programname;
static int proto_proto_timeout = -1;
}
}
else {
- DLOG(DEBUG_REQUESTS, proto_debug_level, "connection timed out");
+ DPRINT(DEBUG_REQUESTS, proto_debug_level, ("connection timed out"));
}
static const char *acl_line2long_msg = "%s: line %d too long, truncated\n";
static const char *acl_op_bad_msg = "Unrecognized ACL operation '%c' in %s\n";
static const char *acl_syn_err_msg = "%s: syntax error at line %d <%10s...>\n";
-static const char *acl_cantopen_msg = "cannot open ACL file";
+static const char *acl_cantopen_msg = "\007cannot open ACL file";
\f
/*
* acl_get_line() - Get a line from the ACL file.
\f
#include <stdio.h>
#include <sys/signal.h>
-#include <syslog.h>
#include <setjmp.h>
#include "k5-int.h"
#include "com_err.h"
-#if HAVE_STDARG_H
-#include <stdarg.h>
-#else /* HAVE_STDARG_H */
-#include <varargs.h>
-#endif /* HAVE_STDARG_H */
-
-#define KADM_MAX_ERRMSG_SIZE 1024
-#ifndef LOG_AUTH
-#define LOG_AUTH 0
-#endif /* LOG_AUTH */
+#include "adm_proto.h"
#ifdef LANGUAGES_SUPPORTED
static const char *usage_format = "%s: usage is %s [-a aclfile] [-d database] [-e enctype] [-m]\n\t[-k mkeytype] [-l langlist] [-p portnum] [-r realm] [-t timeout] [-n]\n\t[-D dbg] [-M mkeyname] [-T ktabname].\n";
static const char *extra_params = "%s extra paramters beginning with %s... \n";
static const char *daemon_err = "%s: cannot spawn and detach.\n";
static const char *no_memory_fmt = "%s: cannot allocate %d bytes for %s.\n";
-static const char *begin_op_msg = "%s starting.";
-static const char *disp_err_fmt = "dispatch error.";
-static const char *happy_exit_fmt = "terminating normally.";
+static const char *begin_op_msg = "\007%s starting.";
+static const char *disp_err_fmt = "\004dispatch error.";
+static const char *happy_exit_fmt = "\007terminating normally.";
static const char *init_error_fmt = "%s: cannot initialize %s.\n";
-static const char *unh_signal_fmt = "exiting on signal %d.";
+static const char *unh_signal_fmt = "\007exiting on signal %d.";
-static const char *messages_msg = "messages";
static const char *proto_msg = "protocol module";
static const char *net_msg = "network";
static const char *output_msg = "output";
#endif /* POSIX_SETJMP */
/* NOTREACHED */
}
-
-static void
-kadm_com_err_proc(whoami, code, format, ap)
- const char *whoami;
- long code;
- const char *format;
- va_list ap;
-{
- char *outbuf;
-
- outbuf = (char *) malloc(KADM_MAX_ERRMSG_SIZE);
- if (outbuf) {
- char *cp;
- sprintf(outbuf, "%s: ", whoami);
- if (code) {
- strcat(outbuf, error_message(code));
- strcat(outbuf, " - ");
- }
- cp = &outbuf[strlen(outbuf)];
-#if HAVE_VSPRINTF
- vsprintf(cp, format, ap);
-#else /* HAVE_VSPRINTF */
- sprintf(cp, format, ((int *) ap)[0], ((int *) ap)[1],
- ((int *) ap)[2], ((int *) ap)[3],
- ((int *) ap)[4], ((int *) ap)[5]);
-#endif /* HAVE_VSPRINTF */
-#ifndef DEBUG
- syslog(LOG_AUTH|LOG_ERR, outbuf);
-#endif /* DEBUG */
- strcat(outbuf, "\n");
- fprintf(stderr, outbuf);
- free(outbuf);
- }
- else {
- fprintf(stderr, no_memory_fmt, programname,
- KADM_MAX_ERRMSG_SIZE, messages_msg);
- }
-}
-
+\f
int
main(argc, argv)
int argc;
#endif /* DEBUG */
krb5_init_context(&kcontext);
krb5_init_ets(kcontext);
- openlog(programname, LOG_AUTH|LOG_CONS|LOG_NDELAY|LOG_PID, LOG_LOCAL6);
- (void) set_com_err_hook(kadm_com_err_proc);
+ krb5_klog_init(kcontext, "admin_server", programname, 1);
if ((signal_number =
#if POSIX_SETJMP
* We've successfully initialized here.
*/
#ifndef DEBUG
- syslog(LOG_AUTH|LOG_INFO, begin_op_msg, server_name_msg);
+ com_err(programname, 0, begin_op_msg, server_name_msg);
#endif /* DEBUG */
/*
else {
/* Received an unhandled signal */
#ifndef DEBUG
- syslog(LOG_AUTH|LOG_INFO, unh_signal_fmt, signal_number);
+ com_err(programname, 0, unh_signal_fmt, signal_number);
#endif
}
output_finish(kcontext, debug_level);
acl_finish(kcontext, debug_level);
key_finish(kcontext, debug_level);
+ krb5_klog_close(kcontext);
krb5_xfree(kcontext);
exit(error);
}
/*
* Error messages.
*/
-static const char *net_waiterr_msg = "child wait failed - cannot reap children";
+static const char *net_waiterr_msg = "\004child wait failed - cannot reap children";
static const char *net_def_realm_fmt = "%s: cannot get default realm (%s).\n";
static const char *net_no_mem_fmt = "%s: cannot get memory.\n";
static const char *net_parse_srv_fmt = "%s: cannot parse server name %s (%s).\n";
static const char *net_soerr_fmt = "%s: cannot set socket options (%s).\n";
static const char *net_binderr_fmt = "%s: cannot bind to network address (%s).\n";
-static const char *net_select_fmt = "select failed";
-static const char *net_cl_disp_fmt = "client dispatch failed";
-static const char *net_not_ready_fmt = "select error - no socket to read";
+static const char *net_select_fmt = "\004select failed";
+static const char *net_cl_disp_fmt = "\004client dispatch failed";
+static const char *net_not_ready_fmt = "\004select error - no socket to read";
static const char *net_dispatch_msg = "network dispatch";
static int net_debug_level = 0;
#endif /* !USE_PTHREADS */
/* Receive connections on the socket */
- DLOG(DEBUG_OPERATION, net_debug_level, "listening on socket");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("listening on socket"));
if (
#if POSIX_SETJMP
sigsetjmp(shutdown_jmp, 1) == 0
}
else
kret = EINTR;
- DLOG(DEBUG_OPERATION, net_debug_level, "listen done");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("listen done"));
while (kret == 0) {
/*
#endif /* POSIX_SETJMP */
) {
readfds = mask;
- DLOG(DEBUG_OPERATION, net_debug_level, "doing select");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("doing select"));
if ((nready = select(net_listen_socket+1,
&readfds,
(fd_set *) NULL,
(fd_set *) NULL,
(struct timeval *) NULL)) == 0) {
- DLOG(DEBUG_OPERATION, net_debug_level, "nobody ready");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("nobody ready"));
continue; /* Nobody ready */
}
int conn_sock;
addrlen = sizeof(client_addr);
- DLOG(DEBUG_OPERATION, net_debug_level,
- "accept connection");
+ DPRINT(DEBUG_OPERATION, net_debug_level,
+ ("accept connection"));
while (((conn_sock = accept(net_listen_socket,
(struct sockaddr *) &client_addr,
&addrlen)) < 0) &&
kret = errno;
break;
}
- DLOG(DEBUG_OPERATION, net_debug_level,
- "accepted connection");
+ DPRINT(DEBUG_OPERATION, net_debug_level,
+ ("accepted connection"));
kret = net_dispatch_client(kcontext,
net_listen_socket,
conn_sock,
com_err(net_dispatch_msg, kret, net_cl_disp_fmt);
continue;
}
- DLOG(DEBUG_OPERATION, net_debug_level, "dispatch done");
+ DPRINT(DEBUG_OPERATION, net_debug_level, ("dispatch done"));
}
else {
com_err(net_dispatch_msg, 0, net_not_ready_fmt);
}
}
else {
- DLOG(DEBUG_OPERATION, net_debug_level,
- "dispatch interrupted by SIGTERM");
+ DPRINT(DEBUG_OPERATION, net_debug_level,
+ ("dispatch interrupted by SIGTERM"));
kret = 0;
break;
}
+Thu Jun 8 14:52:40 EDT 1995 Paul Park (pjpark@mit.edu)
+ * Makefile.in - Add libkadm.
+ * dispatch.c, do_as_req.c, do_tgs_req.c, kdc_util.c, kerberos_v4.c
+ main.c - Include adm_proto.h and change syslog calls to
+ calls to krb5_klog_syslog.
+
Fri May 26 17:50:39 EDT 1995 Paul Park (pjpark@mit.edu)
* Makefile.in - Define KDBDEPLIB.
DBMLIB=
KDBLIB=$(TOPLIBD)/libkdb5.a
KDBDEPLIB=$(TOPLIBD)/libkdb5.a
+KADMLIB=$(TOPLIBD)/libkadm.a
+KADMDEPLIB=$(TOPLIBD)/libkadm.a
KLIB = $(TOPLIBD)/libkrb5.a $(KRB4_LIB) $(TOPLIBD)/libcrypto.a $(COMERRLIB) $(DBMLIB)
DEPKLIB = $(TOPLIBD)/libkrb5.a $(TOPLIBD)/libcrypto.a $(COMERRLIB) $(DBMLIB)
kdc5_err.o: kdc5_err.h
-krb5kdc: $(OBJS) $(KDBDEPLIB) $(DEPKLIB)
- $(LD) $(CFLAGS) -o krb5kdc $(OBJS) $(KDBLIB) $(KLIB) $(LIBS)
+krb5kdc: $(OBJS) $(KDBDEPLIB) $(DEPKLIB) $(KADMDEPLIB)
+ $(LD) $(CFLAGS) -o krb5kdc $(OBJS) $(KDBLIB) $(KADMLIB) $(KLIB) $(LIBS)
install::
$(INSTALL_PROGRAM) krb5kdc ${DESTDIR}$(SERVER_BINDIR)/krb5kdc
#include <syslog.h>
#include "kdc_util.h"
#include "extern.h"
+#include "adm_proto.h"
krb5_error_code
dispatch(pkt, from, is_secondary, response)
/* try the replay lookaside buffer */
if (kdc_check_lookaside(pkt, response)) {
/* a hit! */
- syslog(LOG_INFO, "DISPATCH: replay found and re-transmitted");
+ krb5_klog_syslog(LOG_INFO, "DISPATCH: replay found and re-transmitted");
return 0;
}
/* try TGS_REQ first; they are more common! */
#include "kdc_util.h"
#include "policy.h"
#include "extern.h"
+#include "adm_proto.h"
static krb5_error_code prepare_error_as PROTOTYPE((krb5_kdc_req *,
int,
retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context,enckey,&tmpkey);
if (retval) {
- syslog( LOG_ERR, "AS_REQ: Unable to extract client key: %s",
+ krb5_klog_syslog( LOG_ERR, "AS_REQ: Unable to extract client key: %s",
error_message(retval));
return retval;
}
enckey = &(client->alt_key);
/* Extract client key/alt_key from master key */
if (retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context,enckey,&tmpkey)) {
- syslog( LOG_ERR, "AS_REQ: Unable to extract client alt_key: %s",
+ krb5_klog_syslog( LOG_ERR, "AS_REQ: Unable to extract client alt_key: %s",
error_message(retval));
return retval;
}
return(prepare_error_as(request, KDC_ERR_C_PRINCIPAL_UNKNOWN,
response));
if (retval = krb5_unparse_name(kdc_context, request->client, &cname)) {
- syslog(LOG_INFO, "AS_REQ: %s while unparsing client name",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing client name",
error_message(retval));
return(prepare_error_as(request, KDC_ERR_C_PRINCIPAL_UNKNOWN,
response));
}
if (retval = krb5_unparse_name(kdc_context, request->server, &sname)) {
free(cname);
- syslog(LOG_INFO, "AS_REQ: %s while unparsing server name",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing server name",
error_message(retval));
return(prepare_error_as(request, KDC_ERR_S_PRINCIPAL_UNKNOWN,
response));
}
if (retval = krb5_timeofday(kdc_context, &kdc_time)) {
- syslog(LOG_INFO, "AS_REQ: TIME_OF_DAY: host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: TIME_OF_DAY: host %s, %s for %s",
fromstring, cname, sname);
goto errout;
}
status = "UNKNOWN REASON";
if (retval = validate_as_request(request, client, server,
kdc_time, &status)) {
- syslog(LOG_INFO, "AS_REQ: %s: host %s, %s for %s", status,
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s: host %s, %s for %s", status,
fromstring, cname, sname);
retval = prepare_error_as(request, retval, response);
goto errout;
if (i == request->netypes) {
/* unsupported etype */
- syslog(LOG_INFO, "AS_REQ: BAD ENCRYPTION TYPE: host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: BAD ENCRYPTION TYPE: host %s, %s for %s",
fromstring, cname, sname);
retval = prepare_error_as(request, KDC_ERR_ETYPE_NOSUPP, response);
goto errout;
krb5_csarray[useetype]->random_sequence,
&session_key)) {
/* random key failed */
- syslog(LOG_INFO, "AS_REQ: RANDOM KEY FAILED: host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: RANDOM KEY FAILED: host %s, %s for %s",
fromstring, cname, sname);
goto errout;
}
}
krb5_db_put_principal(kdc_context, &client, &one);
#endif
- syslog(LOG_INFO, "AS_REQ: PREAUTH FAILED: host %s, %s for %s (%s)",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: PREAUTH FAILED: host %s, %s for %s (%s)",
fromstring, cname, sname, error_message(retval));
#ifdef KRBCONF_VAGUE_ERRORS
retval = prepare_error_as(request, KRB_ERR_GENERIC, response);
if TKT_FLG_PRE_AUTH is set allow it. */
if (!pwreq || !(enc_tkt_reply.flags & TKT_FLG_PRE_AUTH)){
- syslog(LOG_INFO, "AS_REQ: Needed HW preauth: host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: Needed HW preauth: host %s, %s for %s",
fromstring, cname, sname);
retval = prepare_error_as(request, KRB_ERR_GENERIC, response);
goto errout;
krb5_xfree(encrypting_key.contents);
if (retval) {
- syslog(LOG_INFO, "AS_REQ: ENCODE_KDC_REP: host %s, %s for %s (%s)",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: ENCODE_KDC_REP: host %s, %s for %s (%s)",
fromstring, cname, sname, error_message(retval));
goto errout;
}
free(reply.enc_part.ciphertext.data);
if (is_secondary)
- syslog(LOG_INFO, "AS_REQ; ISSUE: authtime %d, host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ; ISSUE: authtime %d, host %s, %s for %s",
authtime, fromstring, cname, sname);
else
- syslog(LOG_INFO, "AS_REQ: ISSUE: authtime %d, host %s, %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: ISSUE: authtime %d, host %s, %s for %s",
authtime, fromstring, cname, sname);
errout:
char *cname = 0, *sname = 0;
if (retval = krb5_unparse_name(kdc_context, request->client, &cname))
- syslog(LOG_INFO, "AS_REQ: %s while unparsing client name for error",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing client name for error",
error_message(retval));
if (retval = krb5_unparse_name(kdc_context, request->server, &sname))
- syslog(LOG_INFO, "AS_REQ: %s while unparsing server name for error",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing server name for error",
error_message(retval));
- syslog(LOG_INFO, "AS_REQ: %s while processing request from %s for %s",
+ krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while processing request from %s for %s",
error_message(error+KRB5KDC_ERR_NONE),
cname ? cname : "UNKNOWN CLIENT", sname ? sname : "UNKNOWN SERVER");
#include "kdc_util.h"
#include "policy.h"
#include "extern.h"
+#include "adm_proto.h"
static void find_alternate_tgs PROTOTYPE((krb5_kdc_req *,
nprincs = 1;
if (retval = krb5_db_get_principal(kdc_context, request->server, &server,
&nprincs, &more)) {
- syslog(LOG_INFO,
+ krb5_klog_syslog(LOG_INFO,
"TGS_REQ: GET_PRINCIPAL: authtime %d, host %s, %s for %s (%s)",
authtime, fromstring, cname, sname, error_message(retval));
nprincs = 0;
request->second_ticket[st_idx]->enc_part2->client)) {
if (retval = krb5_unparse_name(kdc_context, request->second_ticket[st_idx]->enc_part2->client, &tmp))
tmp = 0;
- syslog(LOG_INFO, "TGS_REQ: 2ND_TKT_MISMATCH: authtime %d, host %s, %s for %s, 2nd tkt client %s",
+ krb5_klog_syslog(LOG_INFO, "TGS_REQ: 2ND_TKT_MISMATCH: authtime %d, host %s, %s for %s, 2nd tkt client %s",
authtime, fromstring, cname, sname,
tmp ? tmp : "<unknown>");
goto cleanup;
cleanup:
if (status)
- syslog(LOG_INFO, "TGS_REQ%c %s: authtime %d, host %s, %s for %s%s%s",
+ krb5_klog_syslog(LOG_INFO, "TGS_REQ%c %s: authtime %d, host %s, %s for %s%s%s",
secondary_ch, status, authtime, fromstring,
cname ? cname : "<unknown client>",
sname ? sname : "<unknown server>",
krb5_free_principal(kdc_context, request->server);
request->server = tmpprinc;
if (krb5_unparse_name(kdc_context, request->server, &sname)) {
- syslog(LOG_INFO,
+ krb5_klog_syslog(LOG_INFO,
"TGS_REQ: issuing alternate <un-unparseable> TGT");
} else {
- syslog(LOG_INFO,
+ krb5_klog_syslog(LOG_INFO,
"TGS_REQ: issuing TGT %s", sname);
free(sname);
}
#include "extern.h"
#include <stdio.h>
#include <syslog.h>
+#include "adm_proto.h"
/*
* concatenate first two authdata arrays, returning an allocated replacement.
if (isflagset(apreq->ap_options, AP_OPTS_USE_SESSION_KEY) ||
isflagset(apreq->ap_options, AP_OPTS_MUTUAL_REQUIRED)) {
- syslog(LOG_INFO, "TGS_REQ: SESSION KEY or MUTUAL");
+ krb5_klog_syslog(LOG_INFO, "TGS_REQ: SESSION KEY or MUTUAL");
retval = KRB5KDC_ERR_POLICY;
goto cleanup;
}
if (tkt_realm->length == tgs_realm->length &&
!memcmp(tkt_realm->data, tgs_realm->data, tgs_realm->length)) {
/* someone in a foreign realm claiming to be local */
- syslog(LOG_INFO, "PROCESS_TGS: failed lineage check");
+ krb5_klog_syslog(LOG_INFO, "PROCESS_TGS: failed lineage check");
retval = KRB5KDC_ERR_POLICY;
goto cleanup_authenticator;
}
krb5_db_free_principal(kdc_context, &server, nprincs);
if (!krb5_unparse_name(kdc_context, ticket->server, &sname)) {
- syslog(LOG_ERR, "TGS_REQ: UNKNOWN SERVER: server='%s'",
+ krb5_klog_syslog(LOG_ERR, "TGS_REQ: UNKNOWN SERVER: server='%s'",
sname);
free(sname);
}
#ifdef KRB4
#include "k5-int.h"
+#include "adm_proto.h"
#ifdef HAVE_STDARG_H
#include <stdarg.h>
case L_APPL_REQ:
strcpy(log_text, "PROCESS_V4:");
vsprintf(log_text+strlen(log_text), format, pvar);
- syslog(logpri, log_text);
+ krb5_klog_syslog(logpri, log_text);
/* ignore the other types... */
}
va_end(pvar);
#include <errno.h>
#include "com_err.h"
-/* for STDC, com_err gets varargs/stdarg */
-#ifndef __STDC__
-#include <varargs.h>
-#endif
-
#include "k5-int.h"
#include "kdc_util.h"
#include "extern.h"
#include "kdc5_err.h"
+#include "adm_proto.h"
static int nofork = 0;
-static void
-kdc_com_err_proc(whoami, code, format, pvar)
- const char *whoami;
- long code;
- const char *format;
- va_list pvar;
-{
- /* XXX need some way to do this better... */
-#ifndef __STDC__
- extern int vfprintf();
-#endif
-
- char syslogbuf[10240], tmpbuf[10240];
-
- memset(syslogbuf, 0, sizeof(syslogbuf));
- memset(tmpbuf, 0, sizeof(tmpbuf));
-
- if (whoami) {
- fputs(whoami, stderr);
- fputs(": ", stderr);
- }
-
- if (code) {
- sprintf(tmpbuf, error_message(code));
- strcat(syslogbuf, tmpbuf);
- strcat(syslogbuf, " ");
- }
-
- if (format) {
- vsprintf(tmpbuf, format, pvar);
- strcat(syslogbuf, tmpbuf);
- }
-
- fprintf(stderr, syslogbuf);
- putc('\n', stderr);
- putc('\r', stderr); /* should do this only on a tty in raw mode */
- fflush(stderr);
-
- syslog(LOG_ERR, "%s", syslogbuf);
-
- return;
-}
-
-void
-setup_com_err()
-{
- krb5_init_ets(kdc_context);
- initialize_kdc5_error_table();
- (void) set_com_err_hook(kdc_com_err_proc);
- return;
-}
-
krb5_sigtype
request_exit()
{
argv[0] = strrchr(argv[0], '/')+1;
krb5_init_context(&kdc_context);
-
- setup_com_err();
-
- openlog(argv[0], LOG_CONS|LOG_NDELAY|LOG_PID, LOG_LOCAL6); /* XXX */
+ krb5_init_ets(kdc_context);
+ krb5_klog_init(kdc_context, "kdc", argv[0], 1);
process_args(argc, argv); /* includes reading master key */
finish_args(argv[0]);
return 1;
}
- syslog(LOG_INFO, "commencing operation");
+ krb5_klog_syslog(LOG_INFO, "commencing operation");
if (retval = listen_and_process(argv[0])){
com_err(argv[0], retval, "while processing network requests");
errout++;
com_err(argv[0], retval, "while closing database");
errout++;
}
- syslog(LOG_INFO, "shutting down");
+ krb5_klog_syslog(LOG_INFO, "shutting down");
+ krb5_klog_close(kdc_context);
finish_args(argv[0]);
return errout;
}
projects / krb5.git / commitdiff