/* Can we even stat the file? */
if (lstat(tf_name, &stat_buf) < 0) {
- if (debug_flag && syslog_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "lstat error %d on %s", errno, tf_name);
return (errno == ENOENT) ? NO_TKT_FIL : TKT_FIL_ACC;
}
/* Check ownership */
if (stat_buf.st_uid != auth_data->uid ) {
- if (debug_flag && syslog_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "UID mismatch %d : %d on %s", stat_buf.st_uid,
auth_data->uid, tf_name);
return TKT_FIL_ACC;
/* Check file perms for 600. */
if ((stat_buf.st_mode & S_IRUSR) != S_IRUSR) {
- if (debug_flag && syslog_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "User can't read %s", tf_name);
return TKT_FIL_ACC;
}
|| ((stat_buf.st_mode & S_IWGRP) == S_IWGRP)
|| ((stat_buf.st_mode & S_IROTH) == S_IROTH)
|| ((stat_buf.st_mode & S_IWOTH) == S_IWOTH)) {
- if (syslog_flag)
- syslog(LOG_ALERT, "Incorrect file permissions on %s : %o",
+ if (verbose_flag)
+ syslog(LOG_DEBUG, "Incorrect file permissions on %s : %o",
tf_name, stat_buf.st_mode);
return TKT_FIL_ACC ;
}
code = tf_init(tf_name, R_TKT_FIL);
if (code != KSUCCESS) {
tf_close();
- if (debug_flag && syslog_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "tf_init failed %s", tf_name);
return code;
}
}
tf_close();
if (syslog_flag)
- syslog(LOG_INFO, "Ticket file %s : %s.%s for %d", tf_name, pname,
+ syslog(LOG_INFO, "ticket file %s: %s.%s for %d", tf_name, pname,
pinst, auth_data->uid);
return KSUCCESS;
closedir(temp_dir);
return IDENT_AUTH_OKAY;
}
- if (syslog_flag && debug_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "Rejected %s : %d", dp->d_name, rcode);
}
closedir(temp_dir);
*p = tolower((int) *p);
strncpy(realm, krb_realmofhost(host), REALM_SZ - 1);
free(host);
- if (syslog_flag && debug_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "Fetching ticket :%s.%s@%s:",
IDENT_AUTH_KRB_SERVICE, instance, realm);
resp_len = 4 * (munch) + i + k - j;
/* Log what we're doing for debugging purposes. */
- if (syslog_flag && debug_flag) {
+ if (verbose_flag) {
syslog(LOG_DEBUG, "Data: %4.4x:%4.4x:%4.4x:%4.4x:%s",
htons(mutual_auth_flag),
htons(auth_data->remote_port),
|| (auth_reply.remote_port != auth_data->remote_port)
|| (strncmp(auth_reply.auth_struct->auth_method,
"KERBEROS_V4", strlen("KERBEROS_V4")) != 0)) {
- if (debug_flag && syslog_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "Auth reply does not match auth_data"
" %d,%d : %d,%d", auth_reply.local_port,
auth_reply.remote_port, auth_data->local_port,
challenge = ntohl(challenge);
if (challenge != kstate->challenge + 1) {
kstate->authstepno = -1;
- if (debug_flag && syslog_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "Challenge failed: %d:%d",
kstate->challenge, challenge);
return IDENT_MUTUAL_AUTH_FAIL;
}
- if (debug_flag && syslog_flag)
+ if (verbose_flag)
syslog(LOG_DEBUG, "Challenge succeeded: %d:%d",
kstate->challenge, challenge);
return IDENT_AUTH_OKAY;
/* Try to read. */
p = NULL;
+ buf[0] = '\0';
while (!feof(fp) && !ferror(fp)) {
errno = 0;
p = fgets(buf, siz, fp);
sprintf(tmp, " ERROR : %s ", ident_err_txt[show_code]);
do_out(tmp, auth_data);
if (syslog_flag)
- syslog(LOG_INFO, "Error: %s", ident_err_txt[e_code]);
+ syslog(LOG_INFO, "error: %s", ident_err_txt[e_code]);
} else {
switch (e_code) {
case IDENT_NO_MUTUAL_AUTH:
if (syslog_flag)
- syslog(LOG_INFO, "No mutual auth data");
+ syslog(LOG_INFO, "no mutual auth data");
break;
case IDENT_MUTUAL_AUTH_FAIL:
if (syslog_flag)
- syslog(LOG_INFO, "Mutual auth failed");
+ syslog(LOG_INFO, "mutual auth failed");
break;
case IDENT_SYSTEM_ERROR:
if (syslog_flag)
- syslog(LOG_INFO, "System error: %m");
+ syslog(LOG_INFO, "system error: %m");
break;
default:
if (syslog_flag)
- syslog(LOG_INFO, "Unknown error code %d", e_code);
+ syslog(LOG_INFO, "unknown error code %d", e_code);
break;
}
}
void *ka_ptr;
struct kernel *kinfo_ptr;
- if (verbose_flag)
- syslog(LOG_DEBUG, "In function parse");
auth_data.local_addr = laddr;
auth_data.remote_addr = faddr;
auth_data.fp = fp;
/* Read query from client and parse it. */
line_ptr = sfgets(line, 2048, fp, timeout, &auth_data);
- if (verbose_flag)
- syslog(LOG_DEBUG, "After sfgets line_ptr: %s", line_ptr);
if (line_ptr == NULL)
do_error(IDENT_SYSTEM_ERROR, &auth_data);
rcode = parse_auth_line(line_ptr, &auth_data);
kinfo_ptr->remote.sin_family = AF_INET ;
kinfo_ptr->status = -1;
- /* status will be set to 0 on not found, 1 on found, and -1 on failure. */
+ /* Status will be set to 0 on not found, 1 on found, and -1 on failure. */
for (try = 0; try < MAX_RETRY && kinfo_ptr->status < 0; try++)
kinfo_ptr->status = ka_lookup(ka_ptr, kinfo_ptr);
if (try >= MAX_RETRY) {