1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* include/k5-trace.h */
4 * Copyright (C) 2010 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
28 * This header contains trace macro definitions, which map trace points within
29 * the code to krb5int_trace() calls with descriptive text strings.
31 * Trace logging is intended to aid power users in diagnosing configuration
32 * problems by showing what's going on behind the scenes of complex operations.
33 * Although trace logging is sometimes useful to developers, it is not intended
34 * as a replacement for a debugger, and it is not desirable to drown the user
35 * in output. Observe the following guidelines when adding trace points:
37 * - Avoid mentioning function or variable names in messages.
39 * - Try to convey what decisions are being made and what external inputs
40 * they are based on, not the process of making decisions.
42 * - It is generally not necessary to trace before returning an unrecoverable
43 * error. If an error code is unclear by itself, make it clearer with
44 * krb5_set_error_message().
46 * - Keep macros simple. Add format specifiers to krb5int_trace's formatter
47 * as necessary (and document them here) instead of transforming macro
50 * - Like printf, the trace formatter interface is not type-safe. Check your
51 * formats carefully. Cast integral arguments to the appropriate type if
52 * they do not already patch.
54 * The following specifiers are supported by the formatter (see the
55 * implementation in lib/krb5/os/trace.c for details):
57 * {int} int, in decimal
58 * {long} long, in decimal
59 * {str} const char *, display as C string
60 * {lenstr} size_t and const char *, as a counted string
61 * {hexlenstr} size_t and const char *, as hex bytes
62 * {hashlenstr} size_t and const char *, as four-character hex hash
63 * {connstate} struct conn_state *, show socket type, address, port
64 * {data} krb5_data *, display as counted string
65 * {hexdata} krb5_data *, display as hex bytes
66 * {errno} int, display as number/errorstring
67 * {kerr} krb5_error_code, display as number/errorstring
68 * {keyblock} const krb5_keyblock *, display enctype and hash of key
69 * {key} krb5_key, display enctype and hash of key
70 * {cksum} const krb5_checksum *, display cksumtype and hex checksum
71 * {princ} krb5_principal, unparse and display
72 * {ptype} krb5_int32, krb5_principal type, display name
73 * {patypes} krb5_pa_data **, display list of padata type numbers
74 * {etype} krb5_enctype, display shortest name of enctype
75 * {etypes} krb5_enctype *, display list of enctypes
76 * {ccache} krb5_ccache, display type:name
77 * {keytab} krb5_keytab, display name
78 * {creds} krb5_creds *, display clientprinc -> serverprinc
84 #ifdef DISABLE_TRACING
85 #define TRACE(ctx, ...)
88 void krb5int_trace(krb5_context context, const char *fmt, ...);
90 /* Try to optimize away argument evaluation and function call when we're not
91 * tracing, if this source file knows the internals of the context. */
93 #define TRACE(ctx, ...) \
94 do { if (ctx->trace_callback != NULL) \
95 krb5int_trace(ctx, __VA_ARGS__); } while (0)
97 #define TRACE(ctx, ...) krb5int_trace(ctx, __VA_ARGS__)
100 #endif /* DISABLE_TRACING */
102 #define TRACE_CC_DESTROY(c, cache) \
103 TRACE(c, "Destroying ccache {ccache}", cache)
104 #define TRACE_CC_GEN_NEW(c, cache) \
105 TRACE(c, "Generating new unique ccache based on {ccache}", cache)
106 #define TRACE_CC_GET_CONFIG(c, cache, princ, key, data) \
107 TRACE(c, "Read config in {ccache} for {princ}: {str}: {data}", \
108 cache, princ, key, data)
109 #define TRACE_CC_INIT(c, cache, princ) \
110 TRACE(c, "Initializing {ccache} with default princ {princ}", \
112 #define TRACE_CC_MOVE(c, src, dst) \
113 TRACE(c, "Moving contents of ccache {src} to {dst}", src, dst)
114 #define TRACE_CC_NEW_UNIQUE(c, type) \
115 TRACE(c, "Resolving unique ccache of type {str}", type)
116 #define TRACE_CC_REMOVE(c, cache, creds) \
117 TRACE(c, "Removing {creds} from {ccache}", creds, cache)
118 #define TRACE_CC_RETRIEVE(c, cache, creds, ret) \
119 TRACE(c, "Retrieving {creds} from {ccache} with result: {kerr}", \
121 #define TRACE_CC_RETRIEVE_REF(c, cache, creds, ret) \
122 TRACE(c, "Retrying {creds} with result: {kerr}", creds, ret)
123 #define TRACE_CC_SET_CONFIG(c, cache, princ, key, data) \
124 TRACE(c, "Storing config in {ccache} for {princ}: {str}: {data}", \
125 cache, princ, key, data)
126 #define TRACE_CC_STORE(c, cache, creds) \
127 TRACE(c, "Storing {creds} in {ccache}", creds, cache)
128 #define TRACE_CC_STORE_TKT(c, cache, creds) \
129 TRACE(c, "Also storing {creds} based on ticket", creds)
131 #define TRACE_CCSELECT_VTINIT_FAIL(c, ret) \
132 TRACE(c, "ccselect module failed to init vtable: {kerr}", ret)
133 #define TRACE_CCSELECT_INIT_FAIL(c, name, ret) \
134 TRACE(c, "ccselect module {str} failed to init: {kerr}", name, ret)
135 #define TRACE_CCSELECT_MODCHOICE(c, name, server, cache, princ) \
136 TRACE(c, "ccselect module {str} chose cache {ccache} with client " \
137 "principal {princ} for server principal {princ}", name, cache, \
139 #define TRACE_CCSELECT_MODNOTFOUND(c, name, server, princ) \
140 TRACE(c, "ccselect module {str} chose client principal {princ} " \
141 "for server principal {princ} but found no cache", name, princ, \
143 #define TRACE_CCSELECT_MODFAIL(c, name, ret, server) \
144 TRACE(c, "ccselect module {str} yielded error {kerr} for server " \
145 "principal {princ}", name, ret, server)
146 #define TRACE_CCSELECT_NOTFOUND(c, server) \
147 TRACE(c, "ccselect can't find appropriate cache for server " \
148 "principal {princ}", server)
149 #define TRACE_CCSELECT_DEFAULT(c, cache, server) \
150 TRACE(c, "ccselect choosing default cache {ccache} for server " \
151 "principal {princ}", cache, server)
153 #define TRACE_FAST_ARMOR_CCACHE(c, ccache_name) \
154 TRACE(c, "FAST armor ccache: {str}", ccache_name)
155 #define TRACE_FAST_ARMOR_CCACHE_KEY(c, keyblock) \
156 TRACE(c, "Armor ccache sesion key: {keyblock}", keyblock)
157 #define TRACE_FAST_ARMOR_KEY(c, keyblock) \
158 TRACE(c, "FAST armor key: {keyblock}", keyblock)
159 #define TRACE_FAST_CCACHE_CONFIG(c) \
160 TRACE(c, "Using FAST due to armor ccache negotiation result")
161 #define TRACE_FAST_DECODE(c) \
162 TRACE(c, "Decoding FAST response")
163 #define TRACE_FAST_ENCODE(c) \
164 TRACE(c, "Encoding request body and padata into FAST request")
165 #define TRACE_FAST_NEGO(c, avail) \
166 TRACE(c, "FAST negotiation: {str}available", (avail) ? "" : "un")
167 #define TRACE_FAST_PADATA_UPGRADE(c) \
168 TRACE(c, "Upgrading to FAST due to presence of PA_FX_FAST in reply")
169 #define TRACE_FAST_REPLY_KEY(c, keyblock) \
170 TRACE(c, "FAST reply key: {keyblock}", keyblock)
171 #define TRACE_FAST_REQUIRED(c) \
172 TRACE(c, "Using FAST due to KRB5_FAST_REQUIRED flag")
174 #define TRACE_GIC_PWD_CHANGED(c) \
175 TRACE(c, "Getting initial TGT with changed password")
176 #define TRACE_GIC_PWD_CHANGEPW(c, tries) \
177 TRACE(c, "Attempting password change; {int} tries remaining", tries)
178 #define TRACE_GIC_PWD_EXPIRED(c) \
179 TRACE(c, "Principal expired; getting changepw ticket")
180 #define TRACE_GIC_PWD_MASTER(c) \
181 TRACE(c, "Retrying AS request with master KDC")
183 #define TRACE_ENCTYPE_LIST_UNKNOWN(c, profvar, name) \
184 TRACE(c, "Unrecognized enctype name in {str}: {str}", profvar, name)
186 #define TRACE_INIT_CREDS(c, princ) \
187 TRACE(c, "Getting initial credentials for {princ}", princ)
188 #define TRACE_INIT_CREDS_AS_KEY_GAK(c, keyblock) \
189 TRACE(c, "AS key obtained from gak_fct: {keyblock}", keyblock)
190 #define TRACE_INIT_CREDS_AS_KEY_PREAUTH(c, keyblock) \
191 TRACE(c, "AS key determined by preauth: {keyblock}", keyblock)
192 #define TRACE_INIT_CREDS_DECRYPTED_REPLY(c, keyblock) \
193 TRACE(c, "Decrypted AS reply; session key is: {keyblock}", keyblock)
194 #define TRACE_INIT_CREDS_ERROR_REPLY(c, code) \
195 TRACE(c, "Received error from KDC: {kerr}", code)
196 #define TRACE_INIT_CREDS_GAK(c, salt, s2kparams) \
197 TRACE(c, "Getting AS key, salt \"{data}\", params \"{data}\"", \
199 #define TRACE_INIT_CREDS_KEYTAB_LOOKUP(c, etypes) \
200 TRACE(c, "Looked up etypes in keytab: {etypes}", etypes)
201 #define TRACE_INIT_CREDS_KEYTAB_LOOKUP_FAILED(c, code) \
202 TRACE(c, "Couldn't lookup etypes in keytab: {kerr}", code)
203 #define TRACE_INIT_CREDS_PREAUTH_DECRYPT_FAIL(c, code) \
204 TRACE(c, "Decrypt with preauth AS key failed: {kerr}", code)
205 #define TRACE_INIT_CREDS_RESTART_FAST(c) \
206 TRACE(c, "Restarting to upgrade to FAST")
207 #define TRACE_INIT_CREDS_RESTART_PREAUTH_FAILED(c) \
208 TRACE(c, "Restarting due to PREAUTH_FAILED from FAST negotiation")
209 #define TRACE_INIT_CREDS_REFERRAL(c, realm) \
210 TRACE(c, "Following referral to realm {data}", realm)
211 #define TRACE_INIT_CREDS_RETRY_TCP(c) \
212 TRACE(c, "Request or response is too big for UDP; retrying with TCP")
213 #define TRACE_INIT_CREDS_SALT_PRINC(c, salt) \
214 TRACE(c, "Salt derived from principal: {data}", salt)
215 #define TRACE_INIT_CREDS_SERVICE(c, service) \
216 TRACE(c, "Setting initial creds service to {str}", service)
218 #define TRACE_KT_GET_ENTRY(c, keytab, princ, vno, enctype, err) \
219 TRACE(c, "Retrieving {princ} from {keytab} (vno {int}, enctype {etype}) " \
220 "with result: {kerr}", princ, keytab, (int) vno, enctype, err)
222 #define TRACE_MK_REP(c, ctime, cusec, subkey, seqnum) \
223 TRACE(c, "Creating AP-REP, time {long}.{int}, subkey {keyblock}, " \
224 "seqnum {int}", (long) ctime, (int) cusec, subkey, (int) seqnum)
226 #define TRACE_MK_REQ(c, creds, seqnum, subkey, sesskeyblock) \
227 TRACE(c, "Creating authenticator for {creds}, seqnum {int}, " \
228 "subkey {key}, session key {keyblock}", creds, (int) seqnum, \
229 subkey, sesskeyblock)
230 #define TRACE_MK_REQ_ETYPES(c, etypes) \
231 TRACE(c, "Negotiating for enctypes in authenticator: {etypes}", etypes)
233 #define TRACE_MSPAC_VERIFY_FAIL(c, err) \
234 TRACE(c, "PAC checksum verification failed: {kerr}", err)
235 #define TRACE_MSPAC_DISCARD_UNVERF(c) \
236 TRACE(c, "Filtering out unverified MS PAC")
238 #define TRACE_PREAUTH_COOKIE(c, len, data) \
239 TRACE(c, "Received cookie: {lenstr}", (size_t) len, data)
240 #define TRACE_PREAUTH_ENC_TS_KEY_GAK(c, keyblock) \
241 TRACE(c, "AS key obtained for encrypted timestamp: {keyblock}", keyblock)
242 #define TRACE_PREAUTH_ENC_TS(c, sec, usec, plain, enc) \
243 TRACE(c, "Encrypted timestamp (for {long}.{int}): plain {hexdata}, " \
244 "encrypted {hexdata}", (long) sec, (int) usec, plain, enc)
245 #define TRACE_PREAUTH_ETYPE_INFO(c, etype, salt, s2kparams) \
246 TRACE(c, "Selected etype info: etype {etype}, salt \"{data}\", " \
247 "params \"{data}\"", etype, salt, s2kparams)
248 #define TRACE_PREAUTH_INFO_FAIL(c, patype, code) \
249 TRACE(c, "Preauth builtin info function failure, type={int}: {kerr}", \
251 #define TRACE_PREAUTH_INPUT(c, padata) \
252 TRACE(c, "Processing preauth types: {patypes}", padata)
253 #define TRACE_PREAUTH_OUTPUT(c, padata) \
254 TRACE(c, "Produced preauth for next request: {patypes}", padata)
255 #define TRACE_PREAUTH_PROCESS(c, name, patype, flags, code) \
256 TRACE(c, "Preauth module {str} ({int}) (flags={int}) returned: " \
257 "{kerr}", name, (int) patype, flags, code)
258 #define TRACE_PREAUTH_SAM_KEY_GAK(c, keyblock) \
259 TRACE(c, "AS key obtained for SAM: {keyblock}", keyblock)
260 #define TRACE_PREAUTH_SALT(c, salt, patype) \
261 TRACE(c, "Received salt \"{data}\" via padata type {int}", salt, \
263 #define TRACE_PREAUTH_SKIP(c, name, patype) \
264 TRACE(c, "Skipping previously used preauth module {str} ({int})", \
266 #define TRACE_PREAUTH_TRYAGAIN_INPUT(c, padata) \
267 TRACE(c, "Preauth tryagain input types: {patypes}", padata)
268 #define TRACE_PREAUTH_TRYAGAIN_OUTPUT(c, padata) \
269 TRACE(c, "Followup preauth for next request: {patypes}", padata)
271 #define TRACE_PROFILE_ERR(c,subsection, section, retval) \
272 TRACE(c, "Bad value of {str} from [{str}] in conf file: {kerr}", \
273 subsection, section, retval)
275 #define TRACE_RD_REP(c, ctime, cusec, subkey, seqnum) \
276 TRACE(c, "Read AP-REP, time {long}.{int}, subkey {keyblock}, " \
277 "seqnum {int}", (long) ctime, (int) cusec, subkey, (int) seqnum)
278 #define TRACE_RD_REP_DCE(c, ctime, cusec, seqnum) \
279 TRACE(c, "Read DCE-style AP-REP, time {long}.{int}, seqnum {int}", \
280 (long) ctime, (int) cusec, (int) seqnum)
282 #define TRACE_RD_REQ_DECRYPT_ANY(c, princ, keyblock) \
283 TRACE(c, "Decrypted AP-REQ with server principal {princ}: " \
284 "{keyblock}", princ, keyblock)
285 #define TRACE_RD_REQ_DECRYPT_SPECIFIC(c, princ, keyblock) \
286 TRACE(c, "Decrypted AP-REQ with specified server principal {princ}: " \
287 "{keyblock}", princ, keyblock)
288 #define TRACE_RD_REQ_NEGOTIATED_ETYPE(c, etype) \
289 TRACE(c, "Negotiated enctype based on authenticator: {etype}", \
291 #define TRACE_RD_REQ_SUBKEY(c, keyblock) \
292 TRACE(c, "Authenticator contains subkey: {keyblock}", keyblock)
293 #define TRACE_RD_REQ_TICKET(c, client, server, keyblock) \
294 TRACE(c, "AP-REQ ticket: {princ} -> {princ}, session key {keyblock}", \
295 client, server, keyblock)
297 #define TRACE_SENDTO_KDC(c, len, rlm, master, tcp) \
298 TRACE(c, "Sending request ({int} bytes) to {data}{str}{str}", len, \
299 rlm, (master) ? " (master)" : "", (tcp) ? " (tcp only)" : "")
300 #define TRACE_SENDTO_KDC_MASTER(c, master) \
301 TRACE(c, "Response was{str} from master KDC", (master) ? "" : " not")
302 #define TRACE_SENDTO_KDC_RESOLVING(c, hostname) \
303 TRACE(c, "Resolving hostname {str}", hostname)
304 #define TRACE_SENDTO_KDC_RESPONSE(c, conn) \
305 TRACE(c, "Received answer from {connstate}", conn)
306 #define TRACE_SENDTO_KDC_TCP_CONNECT(c, conn) \
307 TRACE(c, "Initiating TCP connection to {connstate}", conn)
308 #define TRACE_SENDTO_KDC_TCP_DISCONNECT(c, conn) \
309 TRACE(c, "Terminating TCP connection to {connstate}", conn)
310 #define TRACE_SENDTO_KDC_TCP_ERROR_CONNECT(c, conn, err) \
311 TRACE(c, "TCP error connecting to {connstate}: {errno}", conn, err)
312 #define TRACE_SENDTO_KDC_TCP_ERROR_RECV(c, conn, err) \
313 TRACE(c, "TCP error receiving from {connstate}: {errno}", conn, err)
314 #define TRACE_SENDTO_KDC_TCP_ERROR_RECV_LEN(c, conn, err) \
315 TRACE(c, "TCP error receiving from {connstate}: {errno}", conn, err)
316 #define TRACE_SENDTO_KDC_TCP_ERROR_SEND(c, conn, err) \
317 TRACE(c, "TCP error sending to {connstate}: {errno}", conn, err)
318 #define TRACE_SENDTO_KDC_TCP_SEND(c, conn) \
319 TRACE(c, "Sending TCP request to {connstate}", conn)
320 #define TRACE_SENDTO_KDC_UDP_ERROR_RECV(c, conn, err) \
321 TRACE(c, "UDP error receiving from {connstate}: {errno}", conn, err)
322 #define TRACE_SENDTO_KDC_UDP_ERROR_SEND_INITIAL(c, conn, err) \
323 TRACE(c, "UDP error sending to {connstate}: {errno}", conn, err)
324 #define TRACE_SENDTO_KDC_UDP_ERROR_SEND_RETRY(c, conn, err) \
325 TRACE(c, "UDP error sending to {connstate}: {errno}", conn, err)
326 #define TRACE_SENDTO_KDC_UDP_SEND_INITIAL(c, conn) \
327 TRACE(c, "Sending initial UDP request to {connstate}", conn)
328 #define TRACE_SENDTO_KDC_UDP_SEND_RETRY(c, conn) \
329 TRACE(c, "Sending retry UDP request to {connstate}", conn)
331 #define TRACE_SEND_TGS_ETYPES(c, etypes) \
332 TRACE(c, "etypes requested in TGS request: {etypes}", etypes)
333 #define TRACE_SEND_TGS_SUBKEY(c, keyblock) \
334 TRACE(c, "Generated subkey for TGS request: {keyblock}", keyblock)
336 #define TRACE_TGS_REPLY(c, client, server, keyblock) \
337 TRACE(c, "TGS reply is for {princ} -> {princ} with session key " \
338 "{keyblock}", client, server, keyblock)
339 #define TRACE_TGS_REPLY_DECODE_SESSION(c, keyblock) \
340 TRACE(c, "TGS reply didn't decode with subkey; trying session key " \
341 "({keyblock)}", keyblock)
343 #define TRACE_TKT_CREDS(c, creds, cache) \
344 TRACE(c, "Getting credentials {creds} using ccache {ccache}", \
346 #define TRACE_TKT_CREDS_ADVANCE(c, realm) \
347 TRACE(c, "Received TGT for {data}; advancing current realm", realm)
348 #define TRACE_TKT_CREDS_CACHED_INTERMEDIATE_TGT(c, tgt) \
349 TRACE(c, "Found cached TGT for intermediate realm: {creds}", tgt)
350 #define TRACE_TKT_CREDS_CACHED_SERVICE_TGT(c, tgt) \
351 TRACE(c, "Found cached TGT for service realm: {creds}", tgt)
352 #define TRACE_TKT_CREDS_CLOSER_REALM(c, realm) \
353 TRACE(c, "Trying next closer realm in path: {data}", realm)
354 #define TRACE_TKT_CREDS_COMPLETE(c, princ) \
355 TRACE(c, "Received creds for desired service {princ}", princ)
356 #define TRACE_TKT_CREDS_FALLBACK(c, realm) \
357 TRACE(c, "Local realm referral failed; trying fallback realm {data}", \
359 #define TRACE_TKT_CREDS_LOCAL_TGT(c, tgt) \
360 TRACE(c, "Starting with TGT for client realm: {creds}", tgt)
361 #define TRACE_TKT_CREDS_NON_TGT(c, princ) \
362 TRACE(c, "Received non-TGT referral response ({princ}); trying " \
363 "again without referrals", princ)
364 #define TRACE_TKT_CREDS_OFFPATH(c, realm) \
365 TRACE(c, "Received TGT for offpath realm {data}", realm)
366 #define TRACE_TKT_CREDS_REFERRAL(c, princ) \
367 TRACE(c, "Following referral TGT {princ}", princ)
368 #define TRACE_TKT_CREDS_REFERRAL_REALM(c, princ) \
369 TRACE(c, "Server has referral realm; starting with {princ}", princ)
370 #define TRACE_TKT_CREDS_RESPONSE_CODE(c, code) \
371 TRACE(c, "TGS request result: {kerr}", code)
372 #define TRACE_TKT_CREDS_RETRY_TCP(c) \
373 TRACE(c, "Request or response is too big for UDP; retrying with TCP")
374 #define TRACE_TKT_CREDS_SAME_REALM_TGT(c, realm) \
375 TRACE(c, "Received TGT referral back to same realm ({data}); trying " \
376 "again without referrals", realm)
377 #define TRACE_TKT_CREDS_SERVICE_REQ(c, princ, referral) \
378 TRACE(c, "Requesting tickets for {princ}, referrals {str}", princ, \
379 (referral) ? "on" : "off")
380 #define TRACE_TKT_CREDS_TARGET_TGT(c, princ) \
381 TRACE(c, "Received TGT for service realm: {princ}", princ)
382 #define TRACE_TKT_CREDS_TARGET_TGT_OFFPATH(c, princ) \
383 TRACE(c, "Received TGT for service realm: {princ}", princ)
384 #define TRACE_TKT_CREDS_TGT_REQ(c, next, cur) \
385 TRACE(c, "Requesting TGT {princ} using TGT {princ}", next, cur)
386 #define TRACE_TKT_CREDS_WRONG_ENCTYPE(c) \
387 TRACE(c, "Retrying TGS request with desired service ticket enctypes")
389 #define TRACE_GET_HOST_REALM(c, host) \
390 TRACE(c, "Get host realm for {str}", host)
391 #define TRACE_GET_HOST_REALM_LOCALHOST(c, localhost) \
392 TRACE(c, "Use local host {str} to get host realm", localhost)
393 #define TRACE_GET_HOST_REALM_DOMAIN_REALM_MAP(c, host) \
394 TRACE(c, "Look up {str} in the domain_realm map", host)
395 #define TRACE_GET_HOST_REALM_TEMP_REALM(c, realm) \
396 TRACE(c, "Temporary realm is {str}", realm)
397 #define TRACE_GET_HOST_REALM_RETURN(c, host, realm) \
398 TRACE(c, "Got realm {str} for host {str}", realm, host)
400 #define TRACE_GET_FALLBACK_HOST_REALM(c, host) \
401 TRACE(c, "Get fallback host realm for {str}", host)
402 #define TRACE_GET_FALLBACK_HOST_REALM_RETURN(c, host, realm) \
403 TRACE(c, "Got fallback realm {str} for host {str}", realm, host)
405 #define TRACE_CLEAN_HOSTNAME(c, host, size, localhost) \
406 TRACE(c, "Clean host {str} with local host {lenstr}", \
407 host, size, localhost)
408 #define TRACE_CLEAN_HOSTNAME_RETURN(c, host, size, localhost) \
409 TRACE(c, "Cleaned host {str} to local host {lenstr}", \
410 host, size, localhost)
412 #define TRACE_SNAME_TO_PRINCIPAL(c, host, sname, type) \
413 TRACE(c, "Convert service {str} ({ptype}) on host {str} to principal", \
415 #define TRACE_SNAME_TO_PRINCIPAL_NOCANON(c, host) \
416 TRACE(c, "Failed to canonicalize {str}; using as-is", host)
417 #define TRACE_SNAME_TO_PRINCIPAL_CANON(c, host) \
418 TRACE(c, "Remote host after forward canonicalization: {str}", host)
419 #define TRACE_SNAME_TO_PRINCIPAL_RDNS(c, host) \
420 TRACE(c, "Remote host after reverse DNS processing: {str}", host)
421 #define TRACE_SNAME_TO_PRINCIPAL_RETURN(c, princ) \
422 TRACE(c, "Got service principal {princ}", princ)
424 #define TRACE_CHECK_REPLY_SERVER_DIFFERS(c, request, reply) \
425 TRACE(c, "Reply server {princ} differs from requested {princ}", \
428 #define TRACE_GET_CRED_VIA_TKT_EXT(c, request, reply, kdcoptions) \
429 TRACE(c, "Get cred via TGT {princ} after requesting {prince} " \
430 "(canonicalize {str})", \
431 reply, request, kdcoptions & KDC_OPT_CANONICALIZE ? "on" : "off")
432 #define TRACE_GET_CRED_VIA_TKT_EXT_RETURN(c, ret) \
433 TRACE(c, "Got cred; {kerr}", ret)
435 #endif /* K5_TRACE_H */