| @@ -157,420 +157,466 @@ $NetBSD$ | | | @@ -157,420 +157,466 @@ $NetBSD$ |
157 | ret.code = kadm5_modify_principal((void *)handle, &arg->rec, | | 157 | ret.code = kadm5_modify_principal((void *)handle, &arg->rec, |
158 | arg->mask); | | 158 | arg->mask); |
159 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_principal", | | 159 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_principal", |
160 | - prime_arg, ((ret.code == 0) ? "success" : | | 160 | - prime_arg, ((ret.code == 0) ? "success" : |
161 | - error_message(ret.code)), | | 161 | - error_message(ret.code)), |
162 | - client_name.value, service_name.value, | | 162 | - client_name.value, service_name.value, |
163 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 163 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
164 | + log_done("kadm5_modify_principal", prime_arg, | | 164 | + log_done("kadm5_modify_principal", prime_arg, |
165 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 165 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
166 | + &client_name, &service_name, rqstp); | | 166 | + &client_name, &service_name, rqstp); |
167 | } | | 167 | } |
168 | free_server_handle(handle); | | 168 | free_server_handle(handle); |
169 | free(prime_arg); | | 169 | free(prime_arg); |
170 | @@ -510,17 +556,14 @@ rename_principal_1_svc(rprinc_arg *arg, | | 170 | @@ -466,12 +512,13 @@ rename_principal_1_svc(rprinc_arg *arg, |
| | | 171 | static generic_ret ret; |
| | | 172 | char *prime_arg1, |
| | | 173 | *prime_arg2; |
| | | 174 | - char prime_arg[BUFSIZ]; |
| | | 175 | gss_buffer_desc client_name, |
| | | 176 | service_name; |
| | | 177 | OM_uint32 minor_stat; |
| | | 178 | kadm5_server_handle_t handle; |
| | | 179 | restriction_t *rp; |
| | | 180 | + size_t tlen1, tlen2, clen, slen; |
| | | 181 | + char *tdots1, *tdots2, *cdots, *sdots; |
| | | 182 | |
| | | 183 | xdr_free(xdr_generic_ret, &ret); |
| | | 184 | |
| | | 185 | @@ -492,7 +539,14 @@ rename_principal_1_svc(rprinc_arg *arg, |
| | | 186 | ret.code = KADM5_BAD_PRINCIPAL; |
| | | 187 | return &ret; |
| | | 188 | } |
| | | 189 | - sprintf(prime_arg, "%s to %s", prime_arg1, prime_arg2); |
| | | 190 | + tlen1 = strlen(prime_arg1); |
| | | 191 | + trunc_name(&tlen1, &tdots1); |
| | | 192 | + tlen2 = strlen(prime_arg2); |
| | | 193 | + trunc_name(&tlen2, &tdots2); |
| | | 194 | + clen = client_name.length; |
| | | 195 | + trunc_name(&clen, &cdots); |
| | | 196 | + slen = service_name.length; |
| | | 197 | + trunc_name(&slen, &sdots); |
| | | 198 | |
| | | 199 | ret.code = KADM5_OK; |
| | | 200 | if (! CHANGEPW_SERVICE(rqstp)) { |
| | | 201 | @@ -510,17 +564,29 @@ rename_principal_1_svc(rprinc_arg *arg, |
171 | } else | | 202 | } else |
172 | ret.code = KADM5_AUTH_INSUFFICIENT; | | 203 | ret.code = KADM5_AUTH_INSUFFICIENT; |
173 | if (ret.code != KADM5_OK) { | | 204 | if (ret.code != KADM5_OK) { |
174 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_rename_principal", | | 205 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_rename_principal", |
175 | - prime_arg, client_name.value, service_name.value, | | 206 | - prime_arg, client_name.value, service_name.value, |
176 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 207 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
177 | + log_unauth("kadm5_rename_principal", prime_arg, | | 208 | + krb5_klog_syslog(LOG_NOTICE, |
178 | + &client_name, &service_name, rqstp); | | 209 | + "Unauthorized request: kadm5_rename_principal, " |
| | | 210 | + "%.*s%s to %.*s%s, " |
| | | 211 | + "client=%.*s%s, service=%.*s%s, addr=%s", |
| | | 212 | + tlen1, prime_arg1, tdots1, |
| | | 213 | + tlen2, prime_arg2, tdots2, |
| | | 214 | + clen, client_name.value, cdots, |
| | | 215 | + slen, service_name.value, sdots, |
| | | 216 | + inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
179 | } else { | | 217 | } else { |
180 | ret.code = kadm5_rename_principal((void *)handle, arg->src, | | 218 | ret.code = kadm5_rename_principal((void *)handle, arg->src, |
181 | arg->dest); | | 219 | arg->dest); |
182 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_rename_principal", | | 220 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_rename_principal", |
183 | - prime_arg, ((ret.code == 0) ? "success" : | | 221 | - prime_arg, ((ret.code == 0) ? "success" : |
184 | - error_message(ret.code)), | | 222 | - error_message(ret.code)), |
185 | - client_name.value, service_name.value, | | 223 | - client_name.value, service_name.value, |
186 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 224 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
187 | + log_done("kadm5_rename_principal", prime_arg, | | 225 | + krb5_klog_syslog(LOG_NOTICE, |
188 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 226 | + "Request: kadm5_rename_principal, " |
189 | + &client_name, &service_name, rqstp); | | 227 | + "%.*s%s to %.*s%s, %s, " |
| | | 228 | + "client=%.*s%s, service=%.*s%s, addr=%s", |
| | | 229 | + tlen1, prime_arg1, tdots1, |
| | | 230 | + tlen2, prime_arg2, tdots2, |
| | | 231 | + ((ret.code == 0) ? "success" : |
| | | 232 | + error_message(ret.code)), |
| | | 233 | + clen, client_name.value, cdots, |
| | | 234 | + slen, service_name.value, sdots, |
| | | 235 | + inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
190 | } | | 236 | } |
191 | free_server_handle(handle); | | 237 | free_server_handle(handle); |
192 | free(prime_arg1); | | 238 | free(prime_arg1); |
193 | @@ -572,9 +615,8 @@ get_principal_1_svc(gprinc_arg *arg, str | | 239 | @@ -572,9 +638,8 @@ get_principal_1_svc(gprinc_arg *arg, str |
194 | arg->princ, | | 240 | arg->princ, |
195 | NULL))) { | | 241 | NULL))) { |
196 | ret.code = KADM5_AUTH_GET; | | 242 | ret.code = KADM5_AUTH_GET; |
197 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, | | 243 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, |
198 | - prime_arg, client_name.value, service_name.value, | | 244 | - prime_arg, client_name.value, service_name.value, |
199 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 245 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
200 | + log_unauth(funcname, prime_arg, | | 246 | + log_unauth(funcname, prime_arg, |
201 | + &client_name, &service_name, rqstp); | | 247 | + &client_name, &service_name, rqstp); |
202 | } else { | | 248 | } else { |
203 | if (handle->api_version == KADM5_API_VERSION_1) { | | 249 | if (handle->api_version == KADM5_API_VERSION_1) { |
204 | ret.code = kadm5_get_principal_v1((void *)handle, | | 250 | ret.code = kadm5_get_principal_v1((void *)handle, |
205 | @@ -588,12 +630,10 @@ get_principal_1_svc(gprinc_arg *arg, str | | 251 | @@ -588,12 +653,10 @@ get_principal_1_svc(gprinc_arg *arg, str |
206 | arg->princ, &ret.rec, | | 252 | arg->princ, &ret.rec, |
207 | arg->mask); | | 253 | arg->mask); |
208 | } | | 254 | } |
209 | - | | 255 | - |
210 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, | | 256 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, |
211 | - prime_arg, | | 257 | - prime_arg, |
212 | - ((ret.code == 0) ? "success" : error_message(ret.code)), | | 258 | - ((ret.code == 0) ? "success" : error_message(ret.code)), |
213 | - client_name.value, service_name.value, | | 259 | - client_name.value, service_name.value, |
214 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 260 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
215 | + | | 261 | + |
216 | + log_done(funcname, prime_arg, | | 262 | + log_done(funcname, prime_arg, |
217 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 263 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
218 | + &client_name, &service_name, rqstp); | | 264 | + &client_name, &service_name, rqstp); |
219 | } | | 265 | } |
220 | free_server_handle(handle); | | 266 | free_server_handle(handle); |
221 | free(prime_arg); | | 267 | free(prime_arg); |
222 | @@ -638,18 +678,15 @@ get_princs_1_svc(gprincs_arg *arg, struc | | 268 | @@ -638,18 +701,15 @@ get_princs_1_svc(gprincs_arg *arg, struc |
223 | NULL, | | 269 | NULL, |
224 | NULL)) { | | 270 | NULL)) { |
225 | ret.code = KADM5_AUTH_LIST; | | 271 | ret.code = KADM5_AUTH_LIST; |
226 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_principals", | | 272 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_principals", |
227 | - prime_arg, client_name.value, service_name.value, | | 273 | - prime_arg, client_name.value, service_name.value, |
228 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 274 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
229 | + log_unauth("kadm5_get_principals", prime_arg, | | 275 | + log_unauth("kadm5_get_principals", prime_arg, |
230 | + &client_name, &service_name, rqstp); | | 276 | + &client_name, &service_name, rqstp); |
231 | } else { | | 277 | } else { |
232 | ret.code = kadm5_get_principals((void *)handle, | | 278 | ret.code = kadm5_get_principals((void *)handle, |
233 | arg->exp, &ret.princs, | | 279 | arg->exp, &ret.princs, |
234 | &ret.count); | | 280 | &ret.count); |
235 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_principals", | | 281 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_principals", |
236 | - prime_arg, | | 282 | - prime_arg, |
237 | + log_done("kadm5_get_principals", prime_arg, | | 283 | + log_done("kadm5_get_principals", prime_arg, |
238 | ((ret.code == 0) ? "success" : error_message(ret.code)), | | 284 | ((ret.code == 0) ? "success" : error_message(ret.code)), |
239 | - client_name.value, service_name.value, | | 285 | - client_name.value, service_name.value, |
240 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 286 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
241 | + &client_name, &service_name, rqstp); | | 287 | + &client_name, &service_name, rqstp); |
242 | } | | 288 | } |
243 | free_server_handle(handle); | | 289 | free_server_handle(handle); |
244 | gss_release_buffer(&minor_stat, &client_name); | | 290 | gss_release_buffer(&minor_stat, &client_name); |
245 | @@ -697,18 +734,15 @@ chpass_principal_1_svc(chpass_arg *arg, | | 291 | @@ -697,18 +757,15 @@ chpass_principal_1_svc(chpass_arg *arg, |
246 | ret.code = kadm5_chpass_principal((void *)handle, arg->princ, | | 292 | ret.code = kadm5_chpass_principal((void *)handle, arg->princ, |
247 | arg->pass); | | 293 | arg->pass); |
248 | } else { | | 294 | } else { |
249 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal", | | 295 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal", |
250 | - prime_arg, client_name.value, service_name.value, | | 296 | - prime_arg, client_name.value, service_name.value, |
251 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 297 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
252 | + log_unauth("kadm5_chpass_principal", prime_arg, | | 298 | + log_unauth("kadm5_chpass_principal", prime_arg, |
253 | + &client_name, &service_name, rqstp); | | 299 | + &client_name, &service_name, rqstp); |
254 | ret.code = KADM5_AUTH_CHANGEPW; | | 300 | ret.code = KADM5_AUTH_CHANGEPW; |
255 | } | | 301 | } |
256 | | | 302 | |
257 | if(ret.code != KADM5_AUTH_CHANGEPW) { | | 303 | if(ret.code != KADM5_AUTH_CHANGEPW) { |
258 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal", | | 304 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal", |
259 | - prime_arg, ((ret.code == 0) ? "success" : | | 305 | - prime_arg, ((ret.code == 0) ? "success" : |
260 | - error_message(ret.code)), | | 306 | - error_message(ret.code)), |
261 | - client_name.value, service_name.value, | | 307 | - client_name.value, service_name.value, |
262 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 308 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
263 | + log_done("kadm5_chpass_principal", prime_arg, | | 309 | + log_done("kadm5_chpass_principal", prime_arg, |
264 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 310 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
265 | + &client_name, &service_name, rqstp); | | 311 | + &client_name, &service_name, rqstp); |
266 | } | | 312 | } |
267 | | | 313 | |
268 | free_server_handle(handle); | | 314 | free_server_handle(handle); |
269 | @@ -764,18 +798,15 @@ chpass_principal3_1_svc(chpass3_arg *arg | | 315 | @@ -764,18 +821,15 @@ chpass_principal3_1_svc(chpass3_arg *arg |
270 | arg->ks_tuple, | | 316 | arg->ks_tuple, |
271 | arg->pass); | | 317 | arg->pass); |
272 | } else { | | 318 | } else { |
273 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal", | | 319 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal", |
274 | - prime_arg, client_name.value, service_name.value, | | 320 | - prime_arg, client_name.value, service_name.value, |
275 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 321 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
276 | + log_unauth("kadm5_chpass_principal", prime_arg, | | 322 | + log_unauth("kadm5_chpass_principal", prime_arg, |
277 | + &client_name, &service_name, rqstp); | | 323 | + &client_name, &service_name, rqstp); |
278 | ret.code = KADM5_AUTH_CHANGEPW; | | 324 | ret.code = KADM5_AUTH_CHANGEPW; |
279 | } | | 325 | } |
280 | | | 326 | |
281 | if(ret.code != KADM5_AUTH_CHANGEPW) { | | 327 | if(ret.code != KADM5_AUTH_CHANGEPW) { |
282 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal", | | 328 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal", |
283 | - prime_arg, ((ret.code == 0) ? "success" : | | 329 | - prime_arg, ((ret.code == 0) ? "success" : |
284 | - error_message(ret.code)), | | 330 | - error_message(ret.code)), |
285 | - client_name.value, service_name.value, | | 331 | - client_name.value, service_name.value, |
286 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 332 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
287 | + log_done("kadm5_chpass_principal", prime_arg, | | 333 | + log_done("kadm5_chpass_principal", prime_arg, |
288 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 334 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
289 | + &client_name, &service_name, rqstp); | | 335 | + &client_name, &service_name, rqstp); |
290 | } | | 336 | } |
291 | | | 337 | |
292 | free_server_handle(handle); | | 338 | free_server_handle(handle); |
293 | @@ -822,18 +853,15 @@ setv4key_principal_1_svc(setv4key_arg *a | | 339 | @@ -822,18 +876,15 @@ setv4key_principal_1_svc(setv4key_arg *a |
294 | ret.code = kadm5_setv4key_principal((void *)handle, arg->princ, | | 340 | ret.code = kadm5_setv4key_principal((void *)handle, arg->princ, |
295 | arg->keyblock); | | 341 | arg->keyblock); |
296 | } else { | | 342 | } else { |
297 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setv4key_principal", | | 343 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setv4key_principal", |
298 | - prime_arg, client_name.value, service_name.value, | | 344 | - prime_arg, client_name.value, service_name.value, |
299 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 345 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
300 | + log_unauth("kadm5_setv4key_principal", prime_arg, | | 346 | + log_unauth("kadm5_setv4key_principal", prime_arg, |
301 | + &client_name, &service_name, rqstp); | | 347 | + &client_name, &service_name, rqstp); |
302 | ret.code = KADM5_AUTH_SETKEY; | | 348 | ret.code = KADM5_AUTH_SETKEY; |
303 | } | | 349 | } |
304 | | | 350 | |
305 | if(ret.code != KADM5_AUTH_SETKEY) { | | 351 | if(ret.code != KADM5_AUTH_SETKEY) { |
306 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setv4key_principal", | | 352 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setv4key_principal", |
307 | - prime_arg, ((ret.code == 0) ? "success" : | | 353 | - prime_arg, ((ret.code == 0) ? "success" : |
308 | - error_message(ret.code)), | | 354 | - error_message(ret.code)), |
309 | - client_name.value, service_name.value, | | 355 | - client_name.value, service_name.value, |
310 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 356 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
311 | + log_done("kadm5_setv4key_principal", prime_arg, | | 357 | + log_done("kadm5_setv4key_principal", prime_arg, |
312 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 358 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
313 | + &client_name, &service_name, rqstp); | | 359 | + &client_name, &service_name, rqstp); |
314 | } | | 360 | } |
315 | | | 361 | |
316 | free_server_handle(handle); | | 362 | free_server_handle(handle); |
317 | @@ -880,18 +908,15 @@ setkey_principal_1_svc(setkey_arg *arg, | | 363 | @@ -880,18 +931,15 @@ setkey_principal_1_svc(setkey_arg *arg, |
318 | ret.code = kadm5_setkey_principal((void *)handle, arg->princ, | | 364 | ret.code = kadm5_setkey_principal((void *)handle, arg->princ, |
319 | arg->keyblocks, arg->n_keys); | | 365 | arg->keyblocks, arg->n_keys); |
320 | } else { | | 366 | } else { |
321 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal", | | 367 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal", |
322 | - prime_arg, client_name.value, service_name.value, | | 368 | - prime_arg, client_name.value, service_name.value, |
323 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 369 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
324 | + log_unauth("kadm5_setkey_principal", prime_arg, | | 370 | + log_unauth("kadm5_setkey_principal", prime_arg, |
325 | + &client_name, &service_name, rqstp); | | 371 | + &client_name, &service_name, rqstp); |
326 | ret.code = KADM5_AUTH_SETKEY; | | 372 | ret.code = KADM5_AUTH_SETKEY; |
327 | } | | 373 | } |
328 | | | 374 | |
329 | if(ret.code != KADM5_AUTH_SETKEY) { | | 375 | if(ret.code != KADM5_AUTH_SETKEY) { |
330 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal", | | 376 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal", |
331 | - prime_arg, ((ret.code == 0) ? "success" : | | 377 | - prime_arg, ((ret.code == 0) ? "success" : |
332 | - error_message(ret.code)), | | 378 | - error_message(ret.code)), |
333 | - client_name.value, service_name.value, | | 379 | - client_name.value, service_name.value, |
334 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 380 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
335 | + log_done("kadm5_setkey_principal", prime_arg, | | 381 | + log_done("kadm5_setkey_principal", prime_arg, |
336 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 382 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
337 | + &client_name, &service_name, rqstp); | | 383 | + &client_name, &service_name, rqstp); |
338 | } | | 384 | } |
339 | | | 385 | |
340 | free_server_handle(handle); | | 386 | free_server_handle(handle); |
341 | @@ -941,18 +966,15 @@ setkey_principal3_1_svc(setkey3_arg *arg | | 387 | @@ -941,18 +989,15 @@ setkey_principal3_1_svc(setkey3_arg *arg |
342 | arg->ks_tuple, | | 388 | arg->ks_tuple, |
343 | arg->keyblocks, arg->n_keys); | | 389 | arg->keyblocks, arg->n_keys); |
344 | } else { | | 390 | } else { |
345 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal", | | 391 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal", |
346 | - prime_arg, client_name.value, service_name.value, | | 392 | - prime_arg, client_name.value, service_name.value, |
347 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 393 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
348 | + log_unauth("kadm5_setkey_principal", prime_arg, | | 394 | + log_unauth("kadm5_setkey_principal", prime_arg, |
349 | + &client_name, &service_name, rqstp); | | 395 | + &client_name, &service_name, rqstp); |
350 | ret.code = KADM5_AUTH_SETKEY; | | 396 | ret.code = KADM5_AUTH_SETKEY; |
351 | } | | 397 | } |
352 | | | 398 | |
353 | if(ret.code != KADM5_AUTH_SETKEY) { | | 399 | if(ret.code != KADM5_AUTH_SETKEY) { |
354 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal", | | 400 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal", |
355 | - prime_arg, ((ret.code == 0) ? "success" : | | 401 | - prime_arg, ((ret.code == 0) ? "success" : |
356 | - error_message(ret.code)), | | 402 | - error_message(ret.code)), |
357 | - client_name.value, service_name.value, | | 403 | - client_name.value, service_name.value, |
358 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 404 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
359 | + log_done("kadm5_setkey_principal", prime_arg, | | 405 | + log_done("kadm5_setkey_principal", prime_arg, |
360 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 406 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
361 | + &client_name, &service_name, rqstp); | | 407 | + &client_name, &service_name, rqstp); |
362 | } | | 408 | } |
363 | | | 409 | |
364 | free_server_handle(handle); | | 410 | free_server_handle(handle); |
365 | @@ -1008,9 +1030,8 @@ chrand_principal_1_svc(chrand_arg *arg, | | 411 | @@ -1008,9 +1053,8 @@ chrand_principal_1_svc(chrand_arg *arg, |
366 | ret.code = kadm5_randkey_principal((void *)handle, arg->princ, | | 412 | ret.code = kadm5_randkey_principal((void *)handle, arg->princ, |
367 | &k, &nkeys); | | 413 | &k, &nkeys); |
368 | } else { | | 414 | } else { |
369 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, | | 415 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, |
370 | - prime_arg, client_name.value, service_name.value, | | 416 | - prime_arg, client_name.value, service_name.value, |
371 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 417 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
372 | + log_unauth(funcname, prime_arg, | | 418 | + log_unauth(funcname, prime_arg, |
373 | + &client_name, &service_name, rqstp); | | 419 | + &client_name, &service_name, rqstp); |
374 | ret.code = KADM5_AUTH_CHANGEPW; | | 420 | ret.code = KADM5_AUTH_CHANGEPW; |
375 | } | | 421 | } |
376 | | | 422 | |
377 | @@ -1025,11 +1046,9 @@ chrand_principal_1_svc(chrand_arg *arg, | | 423 | @@ -1025,11 +1069,9 @@ chrand_principal_1_svc(chrand_arg *arg, |
378 | } | | 424 | } |
379 | | | 425 | |
380 | if(ret.code != KADM5_AUTH_CHANGEPW) { | | 426 | if(ret.code != KADM5_AUTH_CHANGEPW) { |
381 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, | | 427 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, |
382 | - prime_arg, ((ret.code == 0) ? "success" : | | 428 | - prime_arg, ((ret.code == 0) ? "success" : |
383 | - error_message(ret.code)), | | 429 | - error_message(ret.code)), |
384 | - client_name.value, service_name.value, | | 430 | - client_name.value, service_name.value, |
385 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 431 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
386 | + log_done(funcname, prime_arg, | | 432 | + log_done(funcname, prime_arg, |
387 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 433 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
388 | + &client_name, &service_name, rqstp); | | 434 | + &client_name, &service_name, rqstp); |
389 | } | | 435 | } |
390 | free_server_handle(handle); | | 436 | free_server_handle(handle); |
391 | free(prime_arg); | | 437 | free(prime_arg); |
392 | @@ -1090,9 +1109,8 @@ chrand_principal3_1_svc(chrand3_arg *arg | | 438 | @@ -1090,9 +1132,8 @@ chrand_principal3_1_svc(chrand3_arg *arg |
393 | arg->ks_tuple, | | 439 | arg->ks_tuple, |
394 | &k, &nkeys); | | 440 | &k, &nkeys); |
395 | } else { | | 441 | } else { |
396 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, | | 442 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, |
397 | - prime_arg, client_name.value, service_name.value, | | 443 | - prime_arg, client_name.value, service_name.value, |
398 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 444 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
399 | + log_unauth(funcname, prime_arg, | | 445 | + log_unauth(funcname, prime_arg, |
400 | + &client_name, &service_name, rqstp); | | 446 | + &client_name, &service_name, rqstp); |
401 | ret.code = KADM5_AUTH_CHANGEPW; | | 447 | ret.code = KADM5_AUTH_CHANGEPW; |
402 | } | | 448 | } |
403 | | | 449 | |
404 | @@ -1107,11 +1125,9 @@ chrand_principal3_1_svc(chrand3_arg *arg | | 450 | @@ -1107,11 +1148,9 @@ chrand_principal3_1_svc(chrand3_arg *arg |
405 | } | | 451 | } |
406 | | | 452 | |
407 | if(ret.code != KADM5_AUTH_CHANGEPW) { | | 453 | if(ret.code != KADM5_AUTH_CHANGEPW) { |
408 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, | | 454 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, |
409 | - prime_arg, ((ret.code == 0) ? "success" : | | 455 | - prime_arg, ((ret.code == 0) ? "success" : |
410 | - error_message(ret.code)), | | 456 | - error_message(ret.code)), |
411 | - client_name.value, service_name.value, | | 457 | - client_name.value, service_name.value, |
412 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 458 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
413 | + log_done(funcname, prime_arg, | | 459 | + log_done(funcname, prime_arg, |
414 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 460 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
415 | + &client_name, &service_name, rqstp); | | 461 | + &client_name, &service_name, rqstp); |
416 | } | | 462 | } |
417 | free_server_handle(handle); | | 463 | free_server_handle(handle); |
418 | free(prime_arg); | | 464 | free(prime_arg); |
419 | @@ -1152,18 +1168,15 @@ create_policy_1_svc(cpol_arg *arg, struc | | 465 | @@ -1152,18 +1191,15 @@ create_policy_1_svc(cpol_arg *arg, struc |
420 | rqst2name(rqstp), | | 466 | rqst2name(rqstp), |
421 | ACL_ADD, NULL, NULL)) { | | 467 | ACL_ADD, NULL, NULL)) { |
422 | ret.code = KADM5_AUTH_ADD; | | 468 | ret.code = KADM5_AUTH_ADD; |
423 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_policy", | | 469 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_policy", |
424 | - prime_arg, client_name.value, service_name.value, | | 470 | - prime_arg, client_name.value, service_name.value, |
425 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 471 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
426 | - | | 472 | - |
427 | + log_unauth("kadm5_create_policy", prime_arg, | | 473 | + log_unauth("kadm5_create_policy", prime_arg, |
428 | + &client_name, &service_name, rqstp); | | 474 | + &client_name, &service_name, rqstp); |
429 | } else { | | 475 | } else { |
430 | ret.code = kadm5_create_policy((void *)handle, &arg->rec, | | 476 | ret.code = kadm5_create_policy((void *)handle, &arg->rec, |
431 | arg->mask); | | 477 | arg->mask); |
432 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_policy", | | 478 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_policy", |
433 | - ((prime_arg == NULL) ? "(null)" : prime_arg), | | 479 | - ((prime_arg == NULL) ? "(null)" : prime_arg), |
434 | - ((ret.code == 0) ? "success" : error_message(ret.code)), | | 480 | - ((ret.code == 0) ? "success" : error_message(ret.code)), |
435 | - client_name.value, service_name.value, | | 481 | - client_name.value, service_name.value, |
436 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 482 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
437 | + log_done("kadm5_create_policy", | | 483 | + log_done("kadm5_create_policy", |
438 | + ((prime_arg == NULL) ? "(null)" : prime_arg), | | 484 | + ((prime_arg == NULL) ? "(null)" : prime_arg), |
439 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 485 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
440 | + &client_name, &service_name, rqstp); | | 486 | + &client_name, &service_name, rqstp); |
441 | } | | 487 | } |
442 | free_server_handle(handle); | | 488 | free_server_handle(handle); |
443 | gss_release_buffer(&minor_stat, &client_name); | | 489 | gss_release_buffer(&minor_stat, &client_name); |
444 | @@ -1202,17 +1215,15 @@ delete_policy_1_svc(dpol_arg *arg, struc | | 490 | @@ -1202,17 +1238,15 @@ delete_policy_1_svc(dpol_arg *arg, struc |
445 | if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, | | 491 | if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, |
446 | rqst2name(rqstp), | | 492 | rqst2name(rqstp), |
447 | ACL_DELETE, NULL, NULL)) { | | 493 | ACL_DELETE, NULL, NULL)) { |
448 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_policy", | | 494 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_policy", |
449 | - prime_arg, client_name.value, service_name.value, | | 495 | - prime_arg, client_name.value, service_name.value, |
450 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 496 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
451 | + log_unauth("kadm5_delete_policy", prime_arg, | | 497 | + log_unauth("kadm5_delete_policy", prime_arg, |
452 | + &client_name, &service_name, rqstp); | | 498 | + &client_name, &service_name, rqstp); |
453 | ret.code = KADM5_AUTH_DELETE; | | 499 | ret.code = KADM5_AUTH_DELETE; |
454 | } else { | | 500 | } else { |
455 | ret.code = kadm5_delete_policy((void *)handle, arg->name); | | 501 | ret.code = kadm5_delete_policy((void *)handle, arg->name); |
456 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_policy", | | 502 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_policy", |
457 | - ((prime_arg == NULL) ? "(null)" : prime_arg), | | 503 | - ((prime_arg == NULL) ? "(null)" : prime_arg), |
458 | - ((ret.code == 0) ? "success" : error_message(ret.code)), | | 504 | - ((ret.code == 0) ? "success" : error_message(ret.code)), |
459 | - client_name.value, service_name.value, | | 505 | - client_name.value, service_name.value, |
460 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 506 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
461 | + log_done("kadm5_delete_policy", | | 507 | + log_done("kadm5_delete_policy", |
462 | + ((prime_arg == NULL) ? "(null)" : prime_arg), | | 508 | + ((prime_arg == NULL) ? "(null)" : prime_arg), |
463 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 509 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
464 | + &client_name, &service_name, rqstp); | | 510 | + &client_name, &service_name, rqstp); |
465 | } | | 511 | } |
466 | free_server_handle(handle); | | 512 | free_server_handle(handle); |
467 | gss_release_buffer(&minor_stat, &client_name); | | 513 | gss_release_buffer(&minor_stat, &client_name); |
468 | @@ -1251,18 +1262,16 @@ modify_policy_1_svc(mpol_arg *arg, struc | | 514 | @@ -1251,18 +1285,16 @@ modify_policy_1_svc(mpol_arg *arg, struc |
469 | if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, | | 515 | if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, |
470 | rqst2name(rqstp), | | 516 | rqst2name(rqstp), |
471 | ACL_MODIFY, NULL, NULL)) { | | 517 | ACL_MODIFY, NULL, NULL)) { |
472 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_policy", | | 518 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_policy", |
473 | - prime_arg, client_name.value, service_name.value, | | 519 | - prime_arg, client_name.value, service_name.value, |
474 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 520 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
475 | + log_unauth("kadm5_modify_policy", prime_arg, | | 521 | + log_unauth("kadm5_modify_policy", prime_arg, |
476 | + &client_name, &service_name, rqstp); | | 522 | + &client_name, &service_name, rqstp); |
477 | ret.code = KADM5_AUTH_MODIFY; | | 523 | ret.code = KADM5_AUTH_MODIFY; |
478 | } else { | | 524 | } else { |
479 | ret.code = kadm5_modify_policy((void *)handle, &arg->rec, | | 525 | ret.code = kadm5_modify_policy((void *)handle, &arg->rec, |
480 | arg->mask); | | 526 | arg->mask); |
481 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_policy", | | 527 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_policy", |
482 | - ((prime_arg == NULL) ? "(null)" : prime_arg), | | 528 | - ((prime_arg == NULL) ? "(null)" : prime_arg), |
483 | - ((ret.code == 0) ? "success" : error_message(ret.code)), | | 529 | - ((ret.code == 0) ? "success" : error_message(ret.code)), |
484 | - client_name.value, service_name.value, | | 530 | - client_name.value, service_name.value, |
485 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 531 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
486 | + log_done("kadm5_modify_policy", | | 532 | + log_done("kadm5_modify_policy", |
487 | + ((prime_arg == NULL) ? "(null)" : prime_arg), | | 533 | + ((prime_arg == NULL) ? "(null)" : prime_arg), |
488 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 534 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
489 | + &client_name, &service_name, rqstp); | | 535 | + &client_name, &service_name, rqstp); |
490 | } | | 536 | } |
491 | free_server_handle(handle); | | 537 | free_server_handle(handle); |
492 | gss_release_buffer(&minor_stat, &client_name); | | 538 | gss_release_buffer(&minor_stat, &client_name); |
493 | @@ -1337,15 +1346,13 @@ get_policy_1_svc(gpol_arg *arg, struct s | | 539 | @@ -1337,15 +1369,13 @@ get_policy_1_svc(gpol_arg *arg, struct s |
494 | &ret.rec); | | 540 | &ret.rec); |
495 | } | | 541 | } |
496 | | | 542 | |
497 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, | | 543 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, |
498 | - ((prime_arg == NULL) ? "(null)" : prime_arg), | | 544 | - ((prime_arg == NULL) ? "(null)" : prime_arg), |
499 | - ((ret.code == 0) ? "success" : error_message(ret.code)), | | 545 | - ((ret.code == 0) ? "success" : error_message(ret.code)), |
500 | - client_name.value, service_name.value, | | 546 | - client_name.value, service_name.value, |
501 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 547 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
502 | + log_done(funcname, | | 548 | + log_done(funcname, |
503 | + ((prime_arg == NULL) ? "(null)" : prime_arg), | | 549 | + ((prime_arg == NULL) ? "(null)" : prime_arg), |
504 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 550 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
505 | + &client_name, &service_name, rqstp); | | 551 | + &client_name, &service_name, rqstp); |
506 | } else { | | 552 | } else { |
507 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, | | 553 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, |
508 | - prime_arg, client_name.value, service_name.value, | | 554 | - prime_arg, client_name.value, service_name.value, |
509 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 555 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
510 | + log_unauth(funcname, prime_arg, | | 556 | + log_unauth(funcname, prime_arg, |
511 | + &client_name, &service_name, rqstp); | | 557 | + &client_name, &service_name, rqstp); |
512 | } | | 558 | } |
513 | free_server_handle(handle); | | 559 | free_server_handle(handle); |
514 | gss_release_buffer(&minor_stat, &client_name); | | 560 | gss_release_buffer(&minor_stat, &client_name); |
515 | @@ -1388,18 +1395,15 @@ get_pols_1_svc(gpols_arg *arg, struct sv | | 561 | @@ -1388,18 +1418,15 @@ get_pols_1_svc(gpols_arg *arg, struct sv |
516 | rqst2name(rqstp), | | 562 | rqst2name(rqstp), |
517 | ACL_LIST, NULL, NULL)) { | | 563 | ACL_LIST, NULL, NULL)) { |
518 | ret.code = KADM5_AUTH_LIST; | | 564 | ret.code = KADM5_AUTH_LIST; |
519 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_policies", | | 565 | - krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_policies", |
520 | - prime_arg, client_name.value, service_name.value, | | 566 | - prime_arg, client_name.value, service_name.value, |
521 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 567 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
522 | + log_unauth("kadm5_get_policies", prime_arg, | | 568 | + log_unauth("kadm5_get_policies", prime_arg, |
523 | + &client_name, &service_name, rqstp); | | 569 | + &client_name, &service_name, rqstp); |
524 | } else { | | 570 | } else { |
525 | ret.code = kadm5_get_policies((void *)handle, | | 571 | ret.code = kadm5_get_policies((void *)handle, |
526 | arg->exp, &ret.pols, | | 572 | arg->exp, &ret.pols, |
527 | &ret.count); | | 573 | &ret.count); |
528 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_policies", | | 574 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_policies", |
529 | - prime_arg, | | 575 | - prime_arg, |
530 | - ((ret.code == 0) ? "success" : error_message(ret.code)), | | 576 | - ((ret.code == 0) ? "success" : error_message(ret.code)), |
531 | - client_name.value, service_name.value, | | 577 | - client_name.value, service_name.value, |
532 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 578 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
533 | + log_done("kadm5_get_policies", prime_arg, | | 579 | + log_done("kadm5_get_policies", prime_arg, |
534 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 580 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
535 | + &client_name, &service_name, rqstp); | | 581 | + &client_name, &service_name, rqstp); |
536 | } | | 582 | } |
537 | free_server_handle(handle); | | 583 | free_server_handle(handle); |
538 | gss_release_buffer(&minor_stat, &client_name); | | 584 | gss_release_buffer(&minor_stat, &client_name); |
539 | @@ -1432,11 +1436,9 @@ getprivs_ret * get_privs_1_svc(krb5_ui_4 | | 585 | @@ -1432,11 +1459,9 @@ getprivs_ret * get_privs_1_svc(krb5_ui_4 |
540 | } | | 586 | } |
541 | | | 587 | |
542 | ret.code = kadm5_get_privs((void *)handle, &ret.privs); | | 588 | ret.code = kadm5_get_privs((void *)handle, &ret.privs); |
543 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_privs", | | 589 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_privs", |
544 | - client_name.value, | | 590 | - client_name.value, |
545 | - ((ret.code == 0) ? "success" : error_message(ret.code)), | | 591 | - ((ret.code == 0) ? "success" : error_message(ret.code)), |
546 | - client_name.value, service_name.value, | | 592 | - client_name.value, service_name.value, |
547 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); | | 593 | - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); |
548 | + log_done("kadm5_get_privs", client_name.value, | | 594 | + log_done("kadm5_get_privs", client_name.value, |
549 | + ((ret.code == 0) ? "success" : error_message(ret.code)), | | 595 | + ((ret.code == 0) ? "success" : error_message(ret.code)), |
550 | + &client_name, &service_name, rqstp); | | 596 | + &client_name, &service_name, rqstp); |
551 | free_server_handle(handle); | | 597 | free_server_handle(handle); |
552 | gss_release_buffer(&minor_stat, &client_name); | | 598 | gss_release_buffer(&minor_stat, &client_name); |
553 | gss_release_buffer(&minor_stat, &service_name); | | 599 | gss_release_buffer(&minor_stat, &service_name); |
554 | @@ -1450,6 +1452,8 @@ generic_ret *init_1_svc(krb5_ui_4 *arg, | | 600 | @@ -1450,6 +1475,8 @@ generic_ret *init_1_svc(krb5_ui_4 *arg, |
555 | service_name; | | 601 | service_name; |
556 | kadm5_server_handle_t handle; | | 602 | kadm5_server_handle_t handle; |
557 | OM_uint32 minor_stat; | | 603 | OM_uint32 minor_stat; |
558 | + size_t clen, slen; | | 604 | + size_t clen, slen; |
559 | + char *cdots, *sdots; | | 605 | + char *cdots, *sdots; |
560 | | | 606 | |
561 | xdr_free(xdr_generic_ret, &ret); | | 607 | xdr_free(xdr_generic_ret, &ret); |
562 | | | 608 | |
563 | @@ -1466,12 +1470,18 @@ generic_ret *init_1_svc(krb5_ui_4 *arg, | | 609 | @@ -1466,12 +1493,18 @@ generic_ret *init_1_svc(krb5_ui_4 *arg, |
564 | return &ret; | | 610 | return &ret; |
565 | } | | 611 | } |
566 | | | 612 | |
567 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE ", flavor=%d", | | 613 | - krb5_klog_syslog(LOG_NOTICE, LOG_DONE ", flavor=%d", |
568 | + clen = client_name.length; | | 614 | + clen = client_name.length; |
569 | + trunc_name(&clen, &cdots); | | 615 | + trunc_name(&clen, &cdots); |
570 | + slen = service_name.length; | | 616 | + slen = service_name.length; |
571 | + trunc_name(&slen, &sdots); | | 617 | + trunc_name(&slen, &sdots); |
572 | + krb5_klog_syslog(LOG_NOTICE, "Request: %s, %.*s%s, %s, " | | 618 | + krb5_klog_syslog(LOG_NOTICE, "Request: %s, %.*s%s, %s, " |
573 | + "client=%.*s%s, service=%.*s%s, addr=%s, flavor=%d", | | 619 | + "client=%.*s%s, service=%.*s%s, addr=%s, flavor=%d", |
574 | (ret.api_version == KADM5_API_VERSION_1 ? | | 620 | (ret.api_version == KADM5_API_VERSION_1 ? |
575 | "kadm5_init (V1)" : "kadm5_init"), | | 621 | "kadm5_init (V1)" : "kadm5_init"), |
576 | - client_name.value, | | 622 | - client_name.value, |