* server_acl.c (acl_load_acl_file): log errors via

 	krb5_klog_syslog, not fprintf and com_err [krb5-admin/238]; don't
 	coredump when an acl line is too long; handle catchall_entry ==
 	NULL

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9595 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/kadm5/srv/ChangeLog b/src/lib/kadm5/srv/ChangeLog
index fe12c178e641e5996f369ddfba8e24c2f1bac9e3..d9c5b76bd37bfcd03a0fc5917fd6a00eea0367b3 100644 (file)
--- a/src/lib/kadm5/srv/ChangeLog
+++ b/src/lib/kadm5/srv/ChangeLog
@@ -1,3 +1,10 @@
+Tue Dec  3 15:14:29 1996  Barry Jaspan  <bjaspan@mit.edu>
+
+       * server_acl.c (acl_load_acl_file): log errors via
+       krb5_klog_syslog, not fprintf and com_err [krb5-admin/238]; don't
+       coredump when an acl line is too long; handle catchall_entry ==
+       NULL
+
 Fri Nov 22 11:11:34 1996  Sam Hartman  <hartmans@mit.edu>
 
        * Makefile.in (SHLIB_LIBS): Do not link shared against -ldb [224]

diff --git a/src/lib/kadm5/srv/server_acl.c b/src/lib/kadm5/srv/server_acl.c
index 16a7f4e40209227074f4ab49d16b9dffd3adf19c..6f5c01499b58229ae8140e168e2257791cd8ca46 100644 (file)
--- a/src/lib/kadm5/srv/server_acl.c
+++ b/src/lib/kadm5/srv/server_acl.c
@@ -26,6 +26,7 @@
  * srv_acl.c - Handle Kerberos ACL related functions.
  */
 #include <stdio.h>
+#include <syslog.h>
 #include <sys/param.h>
 #include <gssapi/gssapi_generic.h>
 #include "k5-int.h"
@@ -73,10 +74,11 @@ static int acl_debug_level = 0;
  */
 static const char *acl_catchall_entry = NULL;
 
-static const char *acl_line2long_msg = "%s: line %d too long, truncated\n";
-static const char *acl_op_bad_msg = "Unrecognized ACL operation '%c' in %s\n";
-static const char *acl_syn_err_msg = "%s: syntax error at line %d <%10s...>\n";
-static const char *acl_cantopen_msg = "\007cannot open ACL file";
+static const char *acl_line2long_msg = "%s: line %d too long, truncated";
+static const char *acl_op_bad_msg = "Unrecognized ACL operation '%c' in %s";
+static const char *acl_syn_err_msg = "%s: syntax error at line %d <%10s...>";
+static const char *acl_cantopen_msg = "%s while opening ACL file %s";
+
 \f
 /*
  * acl_get_line()      - Get a line from the ACL file.
@@ -99,8 +101,9 @@ acl_get_line(fp, lnp)
 
        /* Check if we exceeded our buffer size */
        if ((i == BUFSIZ) && (!feof(fp)) && (acl_buf[i] != '\n')) {
-           fprintf(stderr, acl_line2long_msg, acl_acl_file, *lnp);
+           krb5_klog_syslog(LOG_ERR, acl_line2long_msg, acl_acl_file, *lnp);
            while (fgetc(fp) != '\n');
+           i--;
        }
                acl_buf[i] = '\0';
        if (acl_buf[0] == (char) EOF)   /* ptooey */
@@ -165,7 +168,7 @@ acl_parse_line(lp)
                    }
                }
                if (!found) {
-                   fprintf(stderr, acl_op_bad_msg, *op, lp);
+                   krb5_klog_syslog(LOG_ERR, acl_op_bad_msg, *op, lp);
                    opok = 0;
                }
            }
@@ -251,7 +254,7 @@ char tmpbuf[10];
            *aentpp = acl_parse_line(alinep);
            /* If syntax error, then fall out */
            if (!*aentpp) {
-               fprintf(stderr, acl_syn_err_msg,
+               krb5_klog_syslog(LOG_ERR, acl_syn_err_msg,
                        acl_acl_file, alineno, alinep);
                retval = 0;
                break;
@@ -275,8 +278,10 @@ char tmpbuf[10];
        }
     }
     else {
-       com_err(acl_acl_file, errno, acl_cantopen_msg);
-       if (acl_list_head = acl_parse_line(acl_catchall_entry)) {
+       krb5_klog_syslog(LOG_ERR, acl_cantopen_msg,
+                        error_message(errno), acl_acl_file);
+       if (acl_catchall_entry &&
+           (acl_list_head = acl_parse_line(acl_catchall_entry))) {
            acl_list_tail = acl_list_head;
        }
        else {