svn rev #22219: branches/krb5-1-7/src/kdc/
tlyu@MIT.EDU
tlyu at MIT.EDU
Tue Apr 14 17:07:18 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22219
Commit By: tlyu
Log Message:
ticket: 6408
version_fixed: 1.7
pull up r22079 from trunk
------------------------------------------------------------------------
r22079 | ghudson | 2009-03-11 18:14:24 -0400 (Wed, 11 Mar 2009) | 13 lines
Changed paths:
M /trunk/src/kdc/do_tgs_req.c
M /trunk/src/kdc/kdc_preauth.c
M /trunk/src/kdc/kdc_util.h
M /trunk/src/kdc/main.c
M /trunk/src/kdc/network.c
ticket: 6408
subject: Report verbose error messages from KDC
target_version: 1.7
tags: pullup
We were losing verbose error messages when logging from the KDC because
the context passed to krb5_klog_init did not match the realm-specific
context used for most library function calls. Introduce a wrapper
function kdc_err which copies the error state from the call context
to the log context. The wrapper function also knows the program name,
which removes the need to pass argv[0] around everywhere or make up
program names.
Changed Files:
U branches/krb5-1-7/src/kdc/do_tgs_req.c
U branches/krb5-1-7/src/kdc/kdc_preauth.c
U branches/krb5-1-7/src/kdc/kdc_util.h
U branches/krb5-1-7/src/kdc/main.c
U branches/krb5-1-7/src/kdc/network.c
Modified: branches/krb5-1-7/src/kdc/do_tgs_req.c
===================================================================
--- branches/krb5-1-7/src/kdc/do_tgs_req.c 2009-04-14 21:07:15 UTC (rev 22218)
+++ branches/krb5-1-7/src/kdc/do_tgs_req.c 2009-04-14 21:07:18 UTC (rev 22219)
@@ -55,7 +55,6 @@
*/
#include "k5-int.h"
-#include "com_err.h"
#include <syslog.h>
#ifdef HAVE_NETINET_IN_H
@@ -1124,7 +1123,7 @@
free(temp_buf);
if (retval) {
/* no match found */
- com_err("krb5_get_domain_realm_mapping", retval, 0);
+ kdc_err(kdc_context, retval, 0);
goto cleanup;
}
if (realms == 0) {
Modified: branches/krb5-1-7/src/kdc/kdc_preauth.c
===================================================================
--- branches/krb5-1-7/src/kdc/kdc_preauth.c 2009-04-14 21:07:15 UTC (rev 22218)
+++ branches/krb5-1-7/src/kdc/kdc_preauth.c 2009-04-14 21:07:18 UTC (rev 22219)
@@ -1861,7 +1861,7 @@
scratch.length = in_padata->length;
if ((retval = decode_krb5_sam_response(&scratch, &sr))) {
- com_err("krb5kdc", retval,
+ kdc_err(context, retval,
"return_sam_data(): decode_krb5_sam_response failed");
goto cleanup;
}
@@ -1880,7 +1880,7 @@
if ((retval = krb5_c_decrypt(context, &psr_key, /* XXX */ 0, 0,
&tmpdata, &scratch))) {
- com_err("krb5kdc", retval,
+ kdc_err(context, retval,
"return_sam_data(): decrypt track_id failed");
free(scratch.data);
goto cleanup;
@@ -1888,7 +1888,7 @@
}
if ((retval = decode_krb5_predicted_sam_response(&scratch, &psr))) {
- com_err("krb5kdc", retval,
+ kdc_err(context, retval,
"return_sam_data(): decode_krb5_predicted_sam_response failed");
free(scratch.data);
goto cleanup;
@@ -1896,7 +1896,7 @@
/* We could use sr->sam_flags, but it may be absent or altered. */
if (psr->sam_flags & KRB5_SAM_MUST_PK_ENCRYPT_SAD) {
- com_err("krb5kdc", retval = KRB5KDC_ERR_PREAUTH_FAILED,
+ kdc_err(context, retval = KRB5KDC_ERR_PREAUTH_FAILED,
"Unsupported SAM flag must-pk-encrypt-sad");
goto cleanup;
}
@@ -1949,7 +1949,7 @@
break;
default:
- com_err("krb5kdc", retval = KRB5KDC_ERR_PREAUTH_FAILED,
+ kdc_err(context, retval = KRB5KDC_ERR_PREAUTH_FAILED,
"Unimplemented keytype for SAM key mixing");
goto cleanup;
}
@@ -2017,7 +2017,7 @@
retval = krb5_copy_principal(kdc_context, request->client, &newp);
if (retval) {
- com_err("krb5kdc", retval, "copying client name for preauth probe");
+ kdc_err(kdc_context, retval, "copying client name for preauth probe");
return retval;
}
@@ -2075,7 +2075,7 @@
if (retval) {
char *sname;
krb5_unparse_name(kdc_context, request->client, &sname);
- com_err("krb5kdc", retval,
+ kdc_err(kdc_context, retval,
"snk4 finding the enctype and key <%s>", sname);
free(sname);
return retval;
@@ -2086,7 +2086,7 @@
assoc_key, &encrypting_key,
NULL);
if (retval) {
- com_err("krb5kdc", retval,
+ kdc_err(kdc_context, retval,
"snk4 pulling out key entry");
return retval;
}
@@ -2213,13 +2213,14 @@
if (retval) {
/* random key failed */
- com_err("krb5kdc", retval,"generating random challenge for preauth");
+ kdc_err(kdc_context, retval,
+ "generating random challenge for preauth");
return retval;
}
/* now session_key has a key which we can pick bits out of */
/* we need six decimal digits. Grab 6 bytes, div 2, mod 10 each. */
if (session_key.length != 8) {
- com_err("krb5kdc", retval = KRB5KDC_ERR_ETYPE_NOSUPP,
+ kdc_err(kdc_context, retval = KRB5KDC_ERR_ETYPE_NOSUPP,
"keytype didn't match code expectations");
return retval;
}
@@ -2236,9 +2237,8 @@
encrypting_key.enctype = ENCTYPE_DES_CBC_RAW;
- if (retval) {
- com_err("krb5kdc", retval, "snk4 processing key");
- }
+ if (retval)
+ kdc_err(kdc_context, retval, "snk4 processing key");
{
krb5_data plain;
@@ -2255,7 +2255,8 @@
if ((retval = krb5_c_encrypt(kdc_context, &encrypting_key,
/* XXX */ 0, 0, &plain, &cipher))) {
- com_err("krb5kdc", retval, "snk4 response generation failed");
+ kdc_err(kdc_context, retval,
+ "snk4 response generation failed");
return retval;
}
}
@@ -2389,7 +2390,7 @@
if ((retval = decode_krb5_sam_response(&scratch, &sr))) {
scratch.data = 0;
- com_err("krb5kdc", retval, "decode_krb5_sam_response failed");
+ kdc_err(context, retval, "decode_krb5_sam_response failed");
goto cleanup;
}
@@ -2409,13 +2410,13 @@
if ((retval = krb5_c_decrypt(context, &psr_key, /* XXX */ 0, 0,
&tmpdata, &scratch))) {
- com_err("krb5kdc", retval, "decrypt track_id failed");
+ kdc_err(context, retval, "decrypt track_id failed");
goto cleanup;
}
}
if ((retval = decode_krb5_predicted_sam_response(&scratch, &psr))) {
- com_err("krb5kdc", retval,
+ kdc_err(context, retval,
"decode_krb5_predicted_sam_response failed -- replay attack?");
goto cleanup;
}
@@ -2426,7 +2427,7 @@
if ((retval = krb5_unparse_name(context, psr->client, &princ_psr)))
goto cleanup;
if (strcmp(princ_req, princ_psr) != 0) {
- com_err("krb5kdc", retval = KRB5KDC_ERR_PREAUTH_FAILED,
+ kdc_err(context, retval = KRB5KDC_ERR_PREAUTH_FAILED,
"Principal mismatch in SAM psr! -- replay attack?");
goto cleanup;
}
@@ -2444,7 +2445,7 @@
* psr's would be able to be replayed.
*/
if (timenow - psr->stime > rc_lifetime) {
- com_err("krb5kdc", retval = KRB5KDC_ERR_PREAUTH_FAILED,
+ kdc_err(context, retval = KRB5KDC_ERR_PREAUTH_FAILED,
"SAM psr came back too late! -- replay attack?");
goto cleanup;
}
@@ -2457,7 +2458,7 @@
rep.cusec = psr->susec;
retval = krb5_rc_store(kdc_context, kdc_rcache, &rep);
if (retval) {
- com_err("krb5kdc", retval, "SAM psr replay attack!");
+ kdc_err(kdc_context, retval, "SAM psr replay attack!");
goto cleanup;
}
}
@@ -2474,13 +2475,13 @@
if ((retval = krb5_c_decrypt(context, &psr->sam_key, /* XXX */ 0,
0, &sr->sam_enc_nonce_or_ts, &scratch))) {
- com_err("krb5kdc", retval, "decrypt nonce_or_ts failed");
+ kdc_err(context, retval, "decrypt nonce_or_ts failed");
goto cleanup;
}
}
if ((retval = decode_krb5_enc_sam_response_enc(&scratch, &esre))) {
- com_err("krb5kdc", retval, "decode_krb5_enc_sam_response_enc failed");
+ kdc_err(context, retval, "decode_krb5_enc_sam_response_enc failed");
goto cleanup;
}
@@ -2498,7 +2499,7 @@
cleanup:
if (retval)
- com_err("krb5kdc", retval, "sam verify failure");
+ kdc_err(context, retval, "sam verify failure");
if (scratch.data) free(scratch.data);
if (sr) free(sr);
if (psr) free(psr);
Modified: branches/krb5-1-7/src/kdc/kdc_util.h
===================================================================
--- branches/krb5-1-7/src/kdc/kdc_util.h 2009-04-14 21:07:15 UTC (rev 22218)
+++ branches/krb5-1-7/src/kdc/kdc_util.h 2009-04-14 21:07:18 UTC (rev 22219)
@@ -134,11 +134,12 @@
krb5_error_code kdc_initialize_rcache (krb5_context, char *);
krb5_error_code setup_server_realm (krb5_principal);
+void kdc_err(krb5_context call_context, errcode_t code, const char *fmt, ...);
/* network.c */
-krb5_error_code listen_and_process (const char *);
-krb5_error_code setup_network (const char *);
-krb5_error_code closedown_network (const char *);
+krb5_error_code listen_and_process (void);
+krb5_error_code setup_network (void);
+krb5_error_code closedown_network (void);
/* policy.c */
int against_local_policy_as (krb5_kdc_req *, krb5_db_entry,
Modified: branches/krb5-1-7/src/kdc/main.c
===================================================================
--- branches/krb5-1-7/src/kdc/main.c 2009-04-14 21:07:15 UTC (rev 22218)
+++ branches/krb5-1-7/src/kdc/main.c 2009-04-14 21:07:18 UTC (rev 22219)
@@ -86,7 +86,7 @@
void initialize_realms (krb5_context, int, char **);
-void finish_realms (char *);
+void finish_realms (void);
static int nofork = 0;
static int rkey_init_done = 0;
@@ -97,7 +97,32 @@
#define KRB5_KDC_MAX_REALMS 32
+static krb5_context kdc_err_context;
+static const char *kdc_progname;
+
/*
+ * We use krb5_klog_init to set up a com_err callback to log error
+ * messages. The callback also pulls the error message out of the
+ * context we pass to krb5_klog_init; however, we use realm-specific
+ * contexts for most of our krb5 library calls, so the error message
+ * isn't present in the global context. This wrapper ensures that the
+ * error message state from the call context is copied into the
+ * context known by krb5_klog. call_context can be NULL if the error
+ * code did not come from a krb5 library function.
+ */
+void
+kdc_err(krb5_context call_context, errcode_t code, const char *fmt, ...)
+{
+ va_list ap;
+
+ if (call_context)
+ krb5_copy_error_message(kdc_err_context, call_context);
+ va_start(ap, fmt);
+ com_err_va(kdc_progname, code, fmt, ap);
+ va_end(ap);
+}
+
+/*
* Find the realm entry for a given realm.
*/
kdc_realm_t *
@@ -237,10 +262,10 @@
* realm data and we should be all set to begin operation for that realm.
*/
static krb5_error_code
-init_realm(char *progname, kdc_realm_t *rdp, char *realm,
- char *def_mpname, krb5_enctype def_enctype, char *def_udp_ports,
- char *def_tcp_ports, krb5_boolean def_manual, char **db_args,
- char *no_refrls, char *host_based_srvcs)
+init_realm(kdc_realm_t *rdp, char *realm, char *def_mpname,
+ krb5_enctype def_enctype, char *def_udp_ports, char *def_tcp_ports,
+ krb5_boolean def_manual, char **db_args, char *no_refrls,
+ char *host_based_srvcs)
{
krb5_error_code kret;
krb5_boolean manual;
@@ -257,15 +282,14 @@
rdp->realm_name = realm;
kret = krb5int_init_context_kdc(&rdp->realm_context);
if (kret) {
- com_err(progname, kret, "while getting context for realm %s",
- realm);
+ kdc_err(NULL, kret, "while getting context for realm %s", realm);
goto whoops;
}
kret = krb5_read_realm_params(rdp->realm_context, rdp->realm_name,
&rparams);
if (kret) {
- com_err(progname, kret, "while reading realm parameters");
+ kdc_err(rdp->realm_context, kret, "while reading realm parameters");
goto whoops;
}
@@ -351,7 +375,7 @@
/* Set the default realm of this context */
if ((kret = krb5_set_default_realm(rdp->realm_context, realm))) {
- com_err(progname, kret, "while setting default realm to %s",
+ kdc_err(rdp->realm_context, kret, "while setting default realm to %s",
realm);
goto whoops;
}
@@ -363,7 +387,7 @@
kdb_open_flags = KRB5_KDB_OPEN_RO | KRB5_KDB_SRV_TYPE_KDC;
#endif
if ((kret = krb5_db_open(rdp->realm_context, db_args, kdb_open_flags))) {
- com_err(progname, kret,
+ kdc_err(rdp->realm_context, kret,
"while initializing database for realm %s", realm);
goto whoops;
}
@@ -372,7 +396,7 @@
if ((kret = krb5_db_setup_mkey_name(rdp->realm_context, rdp->realm_mpname,
rdp->realm_name, (char **) NULL,
&rdp->realm_mprinc))) {
- com_err(progname, kret,
+ kdc_err(rdp->realm_context, kret,
"while setting up master key name %s for realm %s",
rdp->realm_mpname, realm);
goto whoops;
@@ -385,7 +409,7 @@
rdp->realm_mkey.enctype, manual,
FALSE, rdp->realm_stash,
&mkvno, NULL, &rdp->realm_mkey))) {
- com_err(progname, kret,
+ kdc_err(rdp->realm_context, kret,
"while fetching master key %s for realm %s",
rdp->realm_mpname, realm);
goto whoops;
@@ -403,7 +427,7 @@
rdp->realm_mprinc,
IGNORE_VNO,
&rdp->realm_mkey))) {
- com_err(progname, kret,
+ kdc_err(rdp->realm_context, kret,
"while verifying master key for realm %s", realm);
goto whoops;
}
@@ -411,13 +435,13 @@
if ((kret = krb5_db_fetch_mkey_list(rdp->realm_context, rdp->realm_mprinc,
&rdp->realm_mkey, mkvno, &rdp->mkey_list))) {
- com_err(progname, kret,
+ kdc_err(rdp->realm_context, kret,
"while fetching master keys list for realm %s", realm);
goto whoops;
}
if ((kret = krb5_db_set_mkey(rdp->realm_context, &rdp->realm_mkey))) {
- com_err(progname, kret,
+ kdc_err(rdp->realm_context, kret,
"while setting master key for realm %s", realm);
goto whoops;
}
@@ -425,7 +449,7 @@
/* Set up the keytab */
if ((kret = krb5_ktkdb_resolve(rdp->realm_context, NULL,
&rdp->realm_keytab))) {
- com_err(progname, kret,
+ kdc_err(rdp->realm_context, kret,
"while resolving kdb keytab for realm %s", realm);
goto whoops;
}
@@ -434,7 +458,7 @@
if ((kret = krb5_build_principal(rdp->realm_context, &rdp->realm_tgsprinc,
strlen(realm), realm, KRB5_TGS_NAME,
realm, (char *) NULL))) {
- com_err(progname, kret,
+ kdc_err(rdp->realm_context, kret,
"while building TGS name for realm %s", realm);
goto whoops;
}
@@ -619,9 +643,8 @@
case 'r': /* realm name for db */
if (!find_realm_data(optarg, (krb5_ui_4) strlen(optarg))) {
if ((rdatap = (kdc_realm_t *) malloc(sizeof(kdc_realm_t)))) {
- if ((retval = init_realm(argv[0], rdatap, optarg,
- mkey_name, menctype,
- default_udp_ports,
+ if ((retval = init_realm(rdatap, optarg, mkey_name,
+ menctype, default_udp_ports,
default_tcp_ports, manual, db_args,
no_refrls, host_based_srvcs))) {
fprintf(stderr,"%s: cannot initialize realm %s - see log file for details\n",
@@ -722,10 +745,10 @@
exit(1);
}
if ((rdatap = (kdc_realm_t *) malloc(sizeof(kdc_realm_t)))) {
- if ((retval = init_realm(argv[0], rdatap, lrealm,
- mkey_name, menctype, default_udp_ports,
- default_tcp_ports, manual, db_args,
- no_refrls, host_based_srvcs))) {
+ if ((retval = init_realm(rdatap, lrealm, mkey_name, menctype,
+ default_udp_ports, default_tcp_ports,
+ manual, db_args, no_refrls,
+ host_based_srvcs))) {
fprintf(stderr,"%s: cannot initialize realm %s - see log file for details\n",
argv[0], lrealm);
exit(1);
@@ -765,7 +788,7 @@
}
void
-finish_realms(char *prog)
+finish_realms()
{
int i;
@@ -830,8 +853,12 @@
exit(1);
}
krb5_klog_init(kcontext, "kdc", argv[0], 1);
+ kdc_err_context = kcontext;
+ kdc_progname = argv[0];
/* N.B.: After this point, com_err sends output to the KDC log
- file, and not to stderr. */
+ file, and not to stderr. We use the kdc_err wrapper around
+ com_err to ensure that the error state exists in the context
+ known to the krb5_klog callback. */
initialize_kdc5_error_table();
@@ -847,35 +874,35 @@
retval = setup_sam();
if (retval) {
- com_err(argv[0], retval, "while initializing SAM");
- finish_realms(argv[0]);
+ kdc_err(kcontext, retval, "while initializing SAM");
+ finish_realms();
return 1;
}
- if ((retval = setup_network(argv[0]))) {
- com_err(argv[0], retval, "while initializing network");
- finish_realms(argv[0]);
+ if ((retval = setup_network())) {
+ kdc_err(kcontext, retval, "while initializing network");
+ finish_realms();
return 1;
}
if (!nofork && daemon(0, 0)) {
- com_err(argv[0], errno, "while detaching from tty");
- finish_realms(argv[0]);
+ kdc_err(kcontext, errno, "while detaching from tty");
+ finish_realms();
return 1;
}
krb5_klog_syslog(LOG_INFO, "commencing operation");
- if ((retval = listen_and_process(argv[0]))) {
- com_err(argv[0], retval, "while processing network requests");
+ if ((retval = listen_and_process())) {
+ kdc_err(kcontext, retval, "while processing network requests");
errout++;
}
- if ((retval = closedown_network(argv[0]))) {
- com_err(argv[0], retval, "while shutting down network");
+ if ((retval = closedown_network())) {
+ kdc_err(kcontext, retval, "while shutting down network");
errout++;
}
krb5_klog_syslog(LOG_INFO, "shutting down");
unload_preauth_plugins(kcontext);
unload_authdata_plugins(kcontext);
krb5_klog_close(kdc_context);
- finish_realms(argv[0]);
+ finish_realms();
if (kdc_realmlist)
free(kdc_realmlist);
#ifdef USE_RCACHE
Modified: branches/krb5-1-7/src/kdc/network.c
===================================================================
--- branches/krb5-1-7/src/kdc/network.c 2009-04-14 21:07:15 UTC (rev 22218)
+++ branches/krb5-1-7/src/kdc/network.c 2009-04-14 21:07:18 UTC (rev 22219)
@@ -27,7 +27,6 @@
*/
#include "k5-int.h"
-#include "com_err.h"
#include "kdc_util.h"
#include "extern.h"
#include "kdc5_err.h"
@@ -184,7 +183,7 @@
struct connection {
int fd;
enum conn_type type;
- void (*service)(struct connection *, const char *, int);
+ void (*service)(struct connection *, int);
union {
/* Type-specific information. */
struct {
@@ -300,7 +299,6 @@
#include "foreachaddr.h"
struct socksetup {
- const char *prog;
krb5_error_code retval;
int udp_flags;
#define UDP_DO_IPV4 1
@@ -309,7 +307,7 @@
static struct connection *
add_fd (struct socksetup *data, int sock, enum conn_type conntype,
- void (*service)(struct connection *, const char *, int))
+ void (*service)(struct connection *, int))
{
struct connection *newconn;
void *tmp;
@@ -317,21 +315,19 @@
#ifndef _WIN32
if (sock >= FD_SETSIZE) {
data->retval = EMFILE; /* XXX */
- com_err(data->prog, 0,
- "file descriptor number %d too high", sock);
+ kdc_err(NULL, 0, "file descriptor number %d too high", sock);
return 0;
}
#endif
newconn = malloc(sizeof(*newconn));
if (newconn == 0) {
data->retval = ENOMEM;
- com_err(data->prog, ENOMEM,
- "cannot allocate storage for connection info");
+ kdc_err(NULL, ENOMEM, "cannot allocate storage for connection info");
return 0;
}
if (!ADD(connections, newconn, tmp)) {
data->retval = ENOMEM;
- com_err(data->prog, ENOMEM, "cannot save socket info");
+ kdc_err(NULL, ENOMEM, "cannot save socket info");
free(newconn);
return 0;
}
@@ -343,9 +339,9 @@
return newconn;
}
-static void process_packet(struct connection *, const char *, int);
-static void accept_tcp_connection(struct connection *, const char *, int);
-static void process_tcp_connection(struct connection *, const char *, int);
+static void process_packet(struct connection *, int);
+static void accept_tcp_connection(struct connection *, int);
+static void process_tcp_connection(struct connection *, int);
static struct connection *
add_udp_fd (struct socksetup *data, int sock, int pktinfo)
@@ -409,7 +405,7 @@
sock = socket(addr->sa_family, SOCK_STREAM, 0);
if (sock == -1) {
- com_err(data->prog, errno, "Cannot create TCP server socket on %s",
+ kdc_err(NULL, errno, "Cannot create TCP server socket on %s",
paddr(addr));
return -1;
}
@@ -417,49 +413,46 @@
#ifndef _WIN32
if (sock >= FD_SETSIZE) {
close(sock);
- com_err(data->prog, 0, "TCP socket fd number %d (for %s) too high",
+ kdc_err(NULL, 0, "TCP socket fd number %d (for %s) too high",
sock, paddr(addr));
return -1;
}
#endif
if (setreuseaddr(sock, 1) < 0)
- com_err(data->prog, errno,
- "Cannot enable SO_REUSEADDR on fd %d", sock);
+ kdc_err(NULL, errno, "Cannot enable SO_REUSEADDR on fd %d", sock);
#ifdef KRB5_USE_INET6
if (addr->sa_family == AF_INET6) {
#ifdef IPV6_V6ONLY
if (setv6only(sock, 1))
- com_err(data->prog, errno, "setsockopt(%d,IPV6_V6ONLY,1) failed",
- sock);
+ kdc_err(NULL, errno, "setsockopt(%d,IPV6_V6ONLY,1) failed", sock);
else
- com_err(data->prog, 0, "setsockopt(%d,IPV6_V6ONLY,1) worked",
- sock);
+ kdc_err(NULL, 0, "setsockopt(%d,IPV6_V6ONLY,1) worked", sock);
#else
krb5_klog_syslog(LOG_INFO, "no IPV6_V6ONLY socket option support");
#endif /* IPV6_V6ONLY */
}
#endif /* KRB5_USE_INET6 */
if (bind(sock, addr, socklen(addr)) == -1) {
- com_err(data->prog, errno,
- "Cannot bind TCP server socket on %s", paddr(addr));
+ kdc_err(NULL, errno, "Cannot bind TCP server socket on %s",
+ paddr(addr));
close(sock);
return -1;
}
if (listen(sock, 5) < 0) {
- com_err(data->prog, errno, "Cannot listen on TCP server socket on %s",
+ kdc_err(NULL, errno, "Cannot listen on TCP server socket on %s",
paddr(addr));
close(sock);
return -1;
}
if (setnbio(sock)) {
- com_err(data->prog, errno,
+ kdc_err(NULL, errno,
"cannot set listening tcp socket on %s non-blocking",
paddr(addr));
close(sock);
return -1;
}
if (setnolinger(sock)) {
- com_err(data->prog, errno, "disabling SO_LINGER on TCP socket on %s",
+ kdc_err(NULL, errno, "disabling SO_LINGER on TCP socket on %s",
paddr(addr));
close(sock);
return -1;
@@ -617,7 +610,7 @@
sock = socket (addr->sa_family, SOCK_DGRAM, 0);
if (sock == -1) {
data->retval = errno;
- com_err(data->prog, data->retval,
+ kdc_err(NULL, data->retval,
"Cannot create server socket for port %d address %s",
port, haddrbuf);
return 1;
@@ -627,11 +620,10 @@
if (addr->sa_family == AF_INET6) {
#ifdef IPV6_V6ONLY
if (setv6only(sock, 1))
- com_err(data->prog, errno,
- "setsockopt(%d,IPV6_V6ONLY,1) failed", sock);
- else
- com_err(data->prog, 0, "setsockopt(%d,IPV6_V6ONLY,1) worked",
+ kdc_err(NULL, errno, "setsockopt(%d,IPV6_V6ONLY,1) failed",
sock);
+ else
+ kdc_err(NULL, 0, "setsockopt(%d,IPV6_V6ONLY,1) worked", sock);
#else
krb5_klog_syslog(LOG_INFO, "no IPV6_V6ONLY socket option support");
#endif /* IPV6_V6ONLY */
@@ -640,7 +632,7 @@
set_sa_port(addr, htons(port));
if (bind (sock, (struct sockaddr *)addr, socklen (addr)) == -1) {
data->retval = errno;
- com_err(data->prog, data->retval,
+ kdc_err(NULL, data->retval,
"Cannot bind server socket to port %d address %s",
port, haddrbuf);
close(sock);
@@ -652,7 +644,7 @@
if (pktinfo) {
r = set_pktinfo(sock, addr->sa_family);
if (r) {
- com_err(data->prog, r,
+ kdc_err(NULL, r,
"Cannot request packet info for udp socket address %s port %d",
haddrbuf, port);
close(sock);
@@ -803,8 +795,7 @@
}
}
-static void process_routing_update(struct connection *conn, const char *prog,
- int selflags)
+static void process_routing_update(struct connection *conn, int selflags)
{
int n_read;
struct rt_msghdr rtm;
@@ -893,7 +884,7 @@
extern void (*krb5int_sendtokdc_debug_handler)(const void*, size_t);
krb5_error_code
-setup_network(const char *prog)
+setup_network()
{
struct socksetup setup_data;
krb5_error_code retval;
@@ -939,7 +930,6 @@
}
}
- setup_data.prog = prog;
setup_data.retval = 0;
krb5_klog_syslog (LOG_INFO, "setting up network...");
#ifdef HAVE_STRUCT_RT_MSGHDR
@@ -959,7 +949,7 @@
setup_tcp_listener_ports(&setup_data);
krb5_klog_syslog (LOG_INFO, "set up %d sockets", n_sockets);
if (n_sockets == 0) {
- com_err(prog, 0, "no sockets set up?");
+ kdc_err(NULL, 0, "no sockets set up?");
exit (1);
}
@@ -1189,8 +1179,7 @@
return 0;
}
-static void process_packet(struct connection *conn, const char *prog,
- int selflags)
+static void process_packet(struct connection *conn, int selflags)
{
int cc;
socklen_t saddr_len, daddr_len;
@@ -1216,7 +1205,7 @@
before getting the response packet. */
&& errno != ECONNREFUSED
)
- com_err(prog, errno, "while receiving from network");
+ kdc_err(NULL, errno, "while receiving from network");
return;
}
if (!cc)
@@ -1228,7 +1217,7 @@
if (getnameinfo(ss2sa(&daddr), daddr_len, addrbuf, sizeof(addrbuf),
0, 0, NI_NUMERICHOST))
strlcpy(addrbuf, "?", sizeof(addrbuf));
- com_err(prog, 0, "pktinfo says local addr is %s", addrbuf);
+ kdc_err(NULL, 0, "pktinfo says local addr is %s", addrbuf);
}
#endif
@@ -1238,7 +1227,7 @@
init_addr(&faddr, ss2sa(&saddr));
/* this address is in net order */
if ((retval = dispatch(&request, &faddr, &response))) {
- com_err(prog, retval, "while dispatching (udp)");
+ kdc_err(NULL, retval, "while dispatching (udp)");
return;
}
if (response == NULL)
@@ -1263,12 +1252,12 @@
addr.contents, addrbuf, sizeof(addrbuf)) == 0) {
strlcpy(addrbuf, "?", sizeof(addrbuf));
}
- com_err(prog, errno, "while sending reply to %s/%d",
+ kdc_err(NULL, errno, "while sending reply to %s/%d",
addrbuf, faddr.port);
return;
}
if (cc != response->length) {
- com_err(prog, 0, "short reply write %d vs %d\n",
+ kdc_err(NULL, 0, "short reply write %d vs %d\n",
response->length, cc);
}
krb5_free_data(kdc_context, response);
@@ -1280,8 +1269,7 @@
static void kill_tcp_connection(struct connection *);
-static void accept_tcp_connection(struct connection *conn, const char *prog,
- int selflags)
+static void accept_tcp_connection(struct connection *conn, int selflags)
{
int s;
struct sockaddr_storage addr_s;
@@ -1303,7 +1291,6 @@
#endif
setnbio(s), setnolinger(s), setkeepalive(s);
- sockdata.prog = prog;
sockdata.retval = 0;
newconn = add_tcp_data_fd(&sockdata, s);
@@ -1363,7 +1350,7 @@
}
}
if (newconn->u.tcp.buffer == 0) {
- com_err(prog, errno, "allocating buffer for new TCP session from %s",
+ kdc_err(NULL, errno, "allocating buffer for new TCP session from %s",
newconn->u.tcp.addrbuf);
delete_fd(newconn);
close(s);
@@ -1447,7 +1434,7 @@
}
static void
-process_tcp_connection(struct connection *conn, const char *prog, int selflags)
+process_tcp_connection(struct connection *conn, int selflags)
{
if (selflags & SSF_WRITE) {
ssize_t nwrote;
@@ -1547,7 +1534,7 @@
err = dispatch(&request, &conn->u.tcp.faddr,
&conn->u.tcp.response);
if (err) {
- com_err(prog, err, "while dispatching (tcp)");
+ kdc_err(NULL, err, "while dispatching (tcp)");
goto kill_tcp_connection;
}
have_response:
@@ -1563,10 +1550,9 @@
kill_tcp_connection(conn);
}
-static void service_conn(struct connection *conn, const char *prog,
- int selflags)
+static void service_conn(struct connection *conn, int selflags)
{
- conn->service(conn, prog, selflags);
+ conn->service(conn, selflags);
}
/* from sendto_kdc.c */
@@ -1584,7 +1570,7 @@
}
krb5_error_code
-listen_and_process(const char *prog)
+listen_and_process()
{
int nfound;
/* This struct contains 3 fd_set objects; on some platforms, they
@@ -1616,7 +1602,7 @@
big deal. */
err = getcurtime(&sstate.end_time);
if (err) {
- com_err(prog, err, "while getting the time");
+ kdc_err(NULL, err, "while getting the time");
continue;
}
sstate.end_time.tv_sec += 3;
@@ -1627,22 +1613,22 @@
err = krb5int_cm_call_select(&sstate, &sout, &sret);
if (err) {
if (err != EINTR)
- com_err(prog, err, "while selecting for network input(1)");
+ kdc_err(NULL, err, "while selecting for network input(1)");
continue;
}
if (sret == 0 && netchanged) {
network_reconfiguration_needed = 0;
- closedown_network(prog);
- err = setup_network(prog);
+ closedown_network();
+ err = setup_network();
if (err) {
- com_err(prog, err, "while reinitializing network");
+ kdc_err(NULL, err, "while reinitializing network");
return err;
}
netchanged = 0;
}
if (sret == -1) {
if (errno != EINTR)
- com_err(prog, errno, "while selecting for network input(2)");
+ kdc_err(NULL, errno, "while selecting for network input(2)");
continue;
}
nfound = sret;
@@ -1655,7 +1641,7 @@
if (FD_ISSET(conns[i]->fd, &sout.wfds))
sflags |= SSF_WRITE, nfound--;
if (sflags)
- service_conn(conns[i], prog, sflags);
+ service_conn(conns[i], sflags);
}
}
krb5_klog_syslog(LOG_INFO, "shutdown signal received");
@@ -1663,7 +1649,7 @@
}
krb5_error_code
-closedown_network(const char *prog)
+closedown_network()
{
int i;
struct connection *conn;
More information about the cvs-krb5
mailing list