1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
/*
* logging.c
*
* Logging functions for pam_krb5.
*
* Logs errors and debugging messages from pam_krb5 functions. The debug
* versions only log anything if debugging was enabled; the error versions
* always log.
*/
#include "config.h"
#include <krb5.h>
#include <stdarg.h>
#include <stdio.h>
#include <syslog.h>
#include "pam_krb5.h"
/*
* Basic error logging. Log a message with LOG_NOTICE priority.
*/
void
pamk5_error(struct context *ctx, const char *fmt, ...)
{
const char *name;
char msg[256];
va_list args;
va_start(args, fmt);
vsnprintf(msg, sizeof(msg), fmt, args);
va_end(args);
name = (ctx != NULL && ctx->name != NULL) ? ctx->name : "none";
syslog(LOG_ERR, "(pam_krb5): %s: %s", name, msg);
}
/*
* Log a generic debugging message only if debug is enabled.
*/
void
pamk5_debug(struct context *ctx, struct pam_args *pargs, const char *fmt, ...)
{
const char *name;
char msg[256];
va_list args;
if (!pargs->debug)
return;
va_start(args, fmt);
vsnprintf(msg, sizeof(msg), fmt, args);
va_end(args);
name = ctx && ctx->name ? ctx->name : "none";
syslog(LOG_DEBUG, "(pam_krb5): %s: %s", name, msg);
}
/*
* Log a PAM failure if debugging is enabled.
*/
void
pamk5_debug_pam(struct context *ctx, struct pam_args *args, const char *msg,
int status)
{
pamk5_debug(ctx, args, "%s: %s", msg, pam_strerror(ctx->pamh, status));
}
/*
* Log a Kerberos v5 failure if debugging is enabled.
*/
void
pamk5_debug_krb5(struct context *ctx, struct pam_args *args, const char *msg,
int status)
{
if (ctx != NULL && ctx->context != NULL)
pamk5_debug(ctx, args, "%s: %s", msg,
pamk5_compat_get_err_text(ctx->context, status));
else
pamk5_debug(ctx, args, "%s: %s", msg, error_message(status));
}
|
