void log_badauth_display_status_1(OM_uint32 code, int type, int rec) { OM_uint32 gssstat, minor_stat, msg_ctx; gss_buffer_desc msg; msg_ctx = 0; while (1) { gssstat = gss_display_status(&minor_stat, code, type, GSS_C_NULL_OID, &msg_ctx, &msg); if (gssstat != GSS_S_COMPLETE) { if (!rec) { log_badauth_display_status_1(gssstat,GSS_C_GSS_CODE,1); log_badauth_display_status_1(minor_stat, GSS_C_MECH_CODE, 1); } else printf("GSS-API authentication error %.*s: " "recursive failure!\n", (int) msg.length, (char *)msg.value); return; } printf(", %.*s", (int) msg.length, (char *)msg.value); (void) gss_release_buffer(&minor_stat, &msg); if (!msg_ctx) break; } }
/* Callback from GSSRPC for authentication failures */ void log_badauth(OM_uint32 major, OM_uint32 minor, SVCXPRT *xprt, char *data) { krb5_klog_syslog(LOG_NOTICE, _("Authentication attempt failed: %s, " "GSS-API error strings are:"), client_addr(xprt)); log_badauth_display_status_1(" ", major, GSS_C_GSS_CODE); log_badauth_display_status_1(" ", minor, GSS_C_MECH_CODE); krb5_klog_syslog(LOG_NOTICE, _(" GSS-API error strings complete.")); }
void log_badauth_display_status(OM_uint32 major, OM_uint32 minor) { log_badauth_display_status_1(major, GSS_C_GSS_CODE, 0); log_badauth_display_status_1(minor, GSS_C_MECH_CODE, 0); }