[SSSD] [PATCH] added DEBUG messages to krb5_child and ldap_child

Thu, 31 May 2012 07:50:01 -0700 

Nick Guay submitted this patch to me directly. I'm sending it to the
list for posterity. This gets an Ack from me.

This patch fixes https://fedorahosted.org/sssd/ticket/1225

From 45a106bee8b32642e04f3ca84243c605bca10e03 Mon Sep 17 00:00:00 2001
From: Nick Guay <[email protected]>
Date: Wed, 30 May 2012 16:32:08 -0400
Subject: [PATCH] added DEBUG messages to krb5_child and ldap_child

---
 src/providers/krb5/krb5_child.c |   15 ++++++++++++---
 src/providers/ldap/ldap_child.c |    7 +++++++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index d2b976e2b288fd804538ff244956f10bdc4d787e..199ef67bb36c36d632ac6006871a55ebcf88123c 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -126,6 +126,7 @@ static void sss_krb5_expire_callback_func(krb5_context context, void *data,
         DEBUG(1, ("Time to expire out of range.\n"));
         return;
     }
+    DEBUG(SSSDBG_TRACE_INTERNAL, ("exp_time: [%d]\n", exp_time));
 
     blob = talloc_array(kr->pd, uint32_t, 2);
     if (blob == NULL) {
@@ -204,6 +205,8 @@ static krb5_error_code create_empty_cred(krb5_context ctx, krb5_principal princ,
         goto done;
     }
 
+    DEBUG(SSSDBG_TRACE_INTERNAL, ("Created empty krb5_creds.\n"));
+
 done:
     if (kerr != 0) {
         if (cred != NULL && cred->client != NULL) {
@@ -323,6 +326,8 @@ static krb5_error_code create_ccache_file(krb5_context ctx,
         DEBUG(1, ("rename failed [%d][%s].\n", errno, strerror(errno)));
     }
 
+    DEBUG(SSSDBG_TRACE_LIBS, ("Created ccache file: [%s]\n", cc_file_name));
+
 done:
     if (fd != -1) {
         close(fd);
@@ -361,7 +366,6 @@ static errno_t pack_response_packet(struct response *resp, int status,
         pdr = pdr->next;
     }
 
-
     resp->buf = talloc_array(resp, uint8_t, size);
     if (!resp->buf) {
         DEBUG(1, ("Insufficient memory to create message.\n"));
@@ -379,9 +383,10 @@ static errno_t pack_response_packet(struct response *resp, int status,
         pdr = pdr->next;
     }
 
-
     resp->size = p;
 
+    DEBUG(SSSDBG_TRACE_INTERNAL, ("response packet size: [%d]\n", p));
+
     return EOK;
 }
 
@@ -477,6 +482,8 @@ static errno_t sendresponse(int fd, krb5_error_code kerr, int pam_status,
         return EOK;
     }
 
+    DEBUG(SSSDBG_TRACE_ALL, ("Response sent.\n"));
+
     return EOK;
 }
 
@@ -1034,6 +1041,7 @@ static errno_t renew_tgt_child(int fd, struct krb5_req *kr)
         KRB5_DEBUG(1, kerr);
         if (kerr == KRB5_KDC_UNREACH) {
             status = PAM_AUTHINFO_UNAVAIL;
+            DEBUG(SSSDBG_TRACE_ALL, ("kdc unreachable for renewed creds.\n"));
         }
         goto done;
     }
@@ -1122,6 +1130,8 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, struct pam_data *pd,
     uint32_t len;
     uint32_t validate;
 
+    DEBUG(SSSDBG_TRACE_LIBS, ("total buffer size: [%d]\n", size));
+
     SAFEALIGN_COPY_UINT32_CHECK(&pd->cmd, buf + p, size, &p);
     SAFEALIGN_COPY_UINT32_CHECK(&kr->uid, buf + p, size, &p);
     SAFEALIGN_COPY_UINT32_CHECK(&kr->gid, buf + p, size, &p);
@@ -1343,7 +1353,6 @@ static krb5_error_code check_fast_ccache(krb5_context ctx, const char *primary,
         goto done;
     }
 
-
     kerr = 0;
 
 done:
diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c
index 02397904412f5a5a80b761c44e12860ea8a12b95..13e12e93c4fb28a2b4ff4eba5db8106249b446f4 100644
--- a/src/providers/ldap/ldap_child.c
+++ b/src/providers/ldap/ldap_child.c
@@ -111,6 +111,8 @@ static int pack_buffer(struct response *r, int result, krb5_error_code krberr,
     r->size = 2 * sizeof(uint32_t) + sizeof(krb5_error_code) +
               len + sizeof(time_t);
 
+    DEBUG(SSSDBG_TRACE_INTERNAL, ("response size: %d\n",r->size));
+
     r->buf = talloc_array(r, uint8_t, r->size);
     if(!r->buf) {
         return ENOMEM;
@@ -190,6 +192,8 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
         }
     }
 
+    DEBUG(SSSDBG_TRACE_INTERNAL, ("got realm_name: [%s]\n", realm_name));
+
     if (princ_str) {
         if (!strchr(princ_str, '@')) {
             full_princ = talloc_asprintf(memctx, "%s@%s",
@@ -207,6 +211,8 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
         }
         hostname[511] = '\0';
 
+        DEBUG(SSSDBG_TRACE_LIBS, ("got hostname: [%s]\n", hostname));
+
         ret = select_principal_from_keytab(memctx, hostname, realm_name,
                                            keytab_name, &full_princ, NULL, NULL);
         if (ret) goto done;
@@ -250,6 +256,7 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
         krberr = KRB5KRB_ERR_GENERIC;
         goto done;
     }
+    DEBUG(SSSDBG_TRACE_INTERNAL, ("keytab ccname: [%s]\n"));
 
     krberr = krb5_cc_resolve(context, ccname, &ccache);
     if (krberr) {
-- 
1.7.10.2

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
sssd-devel mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/sssd-devel

Reply via email to