pkinit debugging

Kevin Coffman kwc at
Wed Jun 20 15:01:16 EDT 2007

On 6/20/07, Ken Raeburn <raeburn at> wrote:
> On Jun 20, 2007, at 11:56, Jeffrey Altman wrote:
> > Network Identity Manager has its own log which is used to collect the
> > events that are occurring as part of the credential acquisition.  It
> > would be nice if NIM could collect debugging data from the
> > get_init_creds call in general and store it into the log.  pkinit
> > should
> > support whatever that general mechanism would be.  Now that we have
> > the
> > ability to extend gic opts we could add a callback function that
> > can be
> > registered to receive log messages when such functionality is desired.
> Why only from the gic call?  We can stuff whatever we want into a
> krb5_context...

I was going to reply that we have similar debug messages in the KDC
plugin code that we might want to see as well.  It sounds like a
general function to set a debugging function and a general debugging
function that calls it might be useful.  I don't know that I'll have
time to do all that by Friday.  I'll look into it.


More information about the krbdev mailing list