Imported Upstream version 1.20.1

[platform/upstream/krb5.git] / src / kdc / kdc_log.c

diff --git a/src/kdc/kdc_log.c b/src/kdc/kdc_log.c
index 4eec503..f86e078 100644 (file)
--- a/src/kdc/kdc_log.c
+++ b/src/kdc/kdc_log.c
@@ -65,7 +65,7 @@ log_as_req(krb5_context context,
 {
     const char *fromstring = 0;
     char fromstringbuf[70];
-    char ktypestr[128];
+    char *ktypestr = NULL;
     const char *cname2 = cname ? cname : "<unknown client>";
     const char *sname2 = sname ? sname : "<unknown server>";
 
@@ -74,26 +74,29 @@ log_as_req(krb5_context context,
                            fromstringbuf, sizeof(fromstringbuf));
     if (!fromstring)
         fromstring = "<unknown>";
-    ktypes2str(ktypestr, sizeof(ktypestr),
-               request->nktypes, request->ktype);
+
+    ktypestr = ktypes2str(request->ktype, request->nktypes);
 
     if (status == NULL) {
         /* success */
-        char rep_etypestr[128];
-        rep_etypes2str(rep_etypestr, sizeof(rep_etypestr), reply);
+        char *rep_etypestr = rep_etypes2str(reply);
         krb5_klog_syslog(LOG_INFO, _("AS_REQ (%s) %s: ISSUE: authtime %u, %s, "
                                      "%s for %s"),
-                         ktypestr, fromstring, (unsigned int)authtime,
-                         rep_etypestr, cname2, sname2);
+                         ktypestr ? ktypestr : "", fromstring,
+                         (unsigned int)authtime,
+                         rep_etypestr ? rep_etypestr : "", cname2, sname2);
+        free(rep_etypestr);
     } else {
         /* fail */
         krb5_klog_syslog(LOG_INFO, _("AS_REQ (%s) %s: %s: %s for %s%s%s"),
-                         ktypestr, fromstring, status,
-                         cname2, sname2, emsg ? ", " : "", emsg ? emsg : "");
+                         ktypestr ? ktypestr : "", fromstring, status, cname2,
+                         sname2, emsg ? ", " : "", emsg ? emsg : "");
     }
     krb5_db_audit_as_req(context, request,
                          local_addr->address, remote_addr->address,
                          client, server, authtime, errcode);
+
+    free(ktypestr);
 }
 
 /*
@@ -122,10 +125,9 @@ log_tgs_req(krb5_context ctx, const krb5_fulladdr *from,
             unsigned int c_flags,
             const char *status, krb5_error_code errcode, const char *emsg)
 {
-    char ktypestr[128];
+    char *ktypestr = NULL, *rep_etypestr = NULL;
     const char *fromstring = 0;
     char fromstringbuf[70];
-    char rep_etypestr[128];
     char *cname = NULL, *sname = NULL, *altcname = NULL;
     char *logcname = NULL, *logsname = NULL, *logaltcname = NULL;
 
@@ -134,11 +136,6 @@ log_tgs_req(krb5_context ctx, const krb5_fulladdr *from,
                            fromstringbuf, sizeof(fromstringbuf));
     if (!fromstring)
         fromstring = "<unknown>";
-    ktypes2str(ktypestr, sizeof(ktypestr), request->nktypes, request->ktype);
-    if (!errcode)
-        rep_etypes2str(rep_etypestr, sizeof(rep_etypestr), reply);
-    else
-        rep_etypestr[0] = 0;
 
     unparse_and_limit(ctx, cprinc, &cname);
     logcname = (cname != NULL) ? cname : "<unknown client>";
@@ -151,10 +148,14 @@ log_tgs_req(krb5_context ctx, const krb5_fulladdr *from,
        name (useful), and doesn't log ktypestr (probably not
        important).  */
     if (errcode != KRB5KDC_ERR_SERVER_NOMATCH) {
+        ktypestr = ktypes2str(request->ktype, request->nktypes);
+        rep_etypestr = rep_etypes2str(reply);
         krb5_klog_syslog(LOG_INFO, _("TGS_REQ (%s) %s: %s: authtime %u, %s%s "
                                      "%s for %s%s%s"),
-                         ktypestr, fromstring, status, (unsigned int)authtime,
-                         rep_etypestr, !errcode ? "," : "", logcname, logsname,
+                         ktypestr ? ktypestr : "", fromstring, status,
+                         (unsigned int)authtime,
+                         rep_etypestr ? rep_etypestr : "",
+                         !errcode ? "," : "", logcname, logsname,
                          errcode ? ", " : "", errcode ? emsg : "");
         if (isflagset(c_flags, KRB5_KDB_FLAG_PROTOCOL_TRANSITION))
             krb5_klog_syslog(LOG_INFO,
@@ -171,9 +172,8 @@ log_tgs_req(krb5_context ctx, const krb5_fulladdr *from,
                          fromstring, status, (unsigned int)authtime,
                          logcname, logsname, logaltcname);
 
-    /* OpenSolaris: audit_krb5kdc_tgs_req(...)  or
-       audit_krb5kdc_tgs_req_2ndtktmm(...) */
-
+    free(rep_etypestr);
+    free(ktypestr);
     krb5_free_unparsed_name(ctx, cname);
     krb5_free_unparsed_name(ctx, sname);
     krb5_free_unparsed_name(ctx, altcname);
@@ -224,7 +224,7 @@ log_tgs_alt_tgt(krb5_context context, krb5_principal p)
     char *sname;
     if (krb5_unparse_name(context, p, &sname)) {
         krb5_klog_syslog(LOG_INFO,
-                         _("TGS_REQ: issuing alternate <un-unparseable> TGT"));
+                         _("TGS_REQ: issuing alternate <un-unparsable> TGT"));
     } else {
         limit_string(sname);
         krb5_klog_syslog(LOG_INFO, _("TGS_REQ: issuing TGT %s"), sname);