"dreplsrv",
&ndr_table_irpc);
if (irpc_handle == NULL) {
- DEBUG(1,(__location__ ": Unable to get binding handle for dreplsrv\n"));
+ DBG_WARNING("Unable to get binding handle for dreplsrv\n");
TALLOC_FREE(tmp_ctx);
return;
}
/* Must have found a cleartext or MD4 password */
if (num_keys == 0) {
- DEBUG(1,(__location__ ": no usable key found\n"));
+ DBG_WARNING("no usable key found\n");
krb5_clear_error_message(context);
ret = SDB_ERR_NOENTRY;
goto out;
DSDB_SEARCH_SHOW_EXTENDED_DN | DSDB_SEARCH_NO_GLOBAL_CATALOG,
"%s", filter);
if (lret == LDB_ERR_NO_SUCH_OBJECT) {
- DEBUG(10, ("Failed to find an entry for %s filter:%s\n",
- name1, filter));
+ DBG_DEBUG("Failed to find an entry for %s filter:%s\n",
+ name1, filter);
return SDB_ERR_NOENTRY;
}
if (lret == LDB_ERR_CONSTRAINT_VIOLATION) {
- DEBUG(10, ("Failed to find unique entry for %s filter:%s\n",
- name1, filter));
+ DBG_DEBUG("Failed to find unique entry for %s filter:%s\n",
+ name1, filter);
return SDB_ERR_NOENTRY;
}
if (lret != LDB_SUCCESS) {
- DEBUG(0, ("Failed single search for %s - %s\n",
- name1, ldb_errstring(kdc_db_ctx->samdb)));
+ DBG_ERR("Failed single search for %s - %s\n",
+ name1, ldb_errstring(kdc_db_ctx->samdb));
return SDB_ERR_NOENTRY;
}
return 0;
" krb5_unparse_name() failed!");
return ret;
}
- DEBUG(10,("samba_kdc_check_s4u2proxy: client[%s] for target[%s]\n",
- client_dn, tmp));
+ DBG_DEBUG("client[%s] for target[%s]\n",
+ client_dn, tmp);
target_principal_name = talloc_strdup(mem_ctx, tmp);
SAFE_FREE(tmp);
goto bad_option;
}
- DEBUG(10,("samba_kdc_check_s4u2proxy: client[%s] allowed target[%s]\n",
- client_dn, target_principal_name));
+ DBG_DEBUG("client[%s] allowed target[%s]\n",
+ client_dn, target_principal_name);
talloc_free(mem_ctx);
return 0;
NULL,
0);
if (kdc_db_ctx->samdb == NULL) {
- DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot open samdb for KDC backend!\n"));
+ DBG_WARNING("Cannot open samdb for KDC backend!\n");
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
/* Find out our own krbtgt kvno */
ldb_ret = samdb_rodc(kdc_db_ctx->samdb, &kdc_db_ctx->rodc);
if (ldb_ret != LDB_SUCCESS) {
- DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine if we are an RODC in KDC backend: %s\n",
- ldb_errstring(kdc_db_ctx->samdb)));
+ DBG_WARNING("Cannot determine if we are an RODC in KDC backend: %s\n",
+ ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
struct ldb_dn *account_dn;
struct ldb_dn *server_dn = samdb_server_dn(kdc_db_ctx->samdb, kdc_db_ctx);
if (!server_dn) {
- DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine server DN in KDC backend: %s\n",
- ldb_errstring(kdc_db_ctx->samdb)));
+ DBG_WARNING("Cannot determine server DN in KDC backend: %s\n",
+ ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
ldb_ret = samdb_reference_dn(kdc_db_ctx->samdb, kdc_db_ctx, server_dn,
"serverReference", &account_dn);
if (ldb_ret != LDB_SUCCESS) {
- DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine server account in KDC backend: %s\n",
- ldb_errstring(kdc_db_ctx->samdb)));
+ DBG_WARNING("Cannot determine server account in KDC backend: %s\n",
+ ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
"msDS-KrbTgtLink", &kdc_db_ctx->krbtgt_dn);
talloc_free(account_dn);
if (ldb_ret != LDB_SUCCESS) {
- DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine RODC krbtgt account in KDC backend: %s\n",
- ldb_errstring(kdc_db_ctx->samdb)));
+ DBG_WARNING("Cannot determine RODC krbtgt account in KDC backend: %s\n",
+ ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
DSDB_SEARCH_NO_GLOBAL_CATALOG,
"(&(objectClass=user)(msDS-SecondaryKrbTgtNumber=*))");
if (ldb_ret != LDB_SUCCESS) {
- DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot read krbtgt account %s in KDC backend to get msDS-SecondaryKrbTgtNumber: %s: %s\n",
- ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn),
- ldb_errstring(kdc_db_ctx->samdb),
- ldb_strerror(ldb_ret)));
+ DBG_WARNING("Cannot read krbtgt account %s in KDC backend to get msDS-SecondaryKrbTgtNumber: %s: %s\n",
+ ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn),
+ ldb_errstring(kdc_db_ctx->samdb),
+ ldb_strerror(ldb_ret));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
my_krbtgt_number = ldb_msg_find_attr_as_int(msg, "msDS-SecondaryKrbTgtNumber", -1);
if (my_krbtgt_number == -1) {
- DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot read msDS-SecondaryKrbTgtNumber from krbtgt account %s in KDC backend: got %d\n",
- ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn),
- my_krbtgt_number));
+ DBG_WARNING("Cannot read msDS-SecondaryKrbTgtNumber from krbtgt account %s in KDC backend: got %d\n",
+ ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn),
+ my_krbtgt_number);
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
"(&(objectClass=user)(samAccountName=krbtgt))");
if (ldb_ret != LDB_SUCCESS) {
- DEBUG(1, ("samba_kdc_setup_db_ctx: could not find own KRBTGT in DB: %s\n", ldb_errstring(kdc_db_ctx->samdb)));
+ DBG_WARNING("could not find own KRBTGT in DB: %s\n", ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
&ndr_table_winbind);
if (irpc_handle == NULL) {
- DEBUG(0, ("No winbind_server running!\n"));
+ DBG_ERR("No winbind_server running!\n");
return;
}
if (count == 0) {
/* we don't have any DCs to replicate with. Very
strange for a RODC */
- DEBUG(1,(__location__ ": No replication sources for RODC in KDC proxy\n"));
+ DBG_WARNING("No replication sources for RODC in KDC proxy\n");
talloc_free(reps);
return WERR_DS_DRA_NO_REPLICA;
}
status = resolve_name_recv(csubreq, state, &state->proxy.ip);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("Unable to resolve proxy[%s] - %s\n",
- state->proxy.name.name, nt_errstr(status)));
+ DBG_ERR("Unable to resolve proxy[%s] - %s\n",
+ state->proxy.name.name, nt_errstr(status));
kdc_udp_next_proxy(req);
return;
}
status = resolve_name_recv(csubreq, state, &state->proxy.ip);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("Unable to resolve proxy[%s] - %s\n",
- state->proxy.name.name, nt_errstr(status)));
+ DBG_ERR("Unable to resolve proxy[%s] - %s\n",
+ state->proxy.name.name, nt_errstr(status));
kdc_tcp_next_proxy(req);
return;
}
call->in.data = buf;
call->in.length = len;
- DEBUG(10,("Received krb5 UDP packet of length %zu from %s\n",
- call->in.length,
- tsocket_address_string(call->src, call)));
+ DBG_DEBUG("Received krb5 UDP packet of length %zu from %s\n",
+ call->in.length,
+ tsocket_address_string(call->src, call));
/* Call krb5 */
ret = sock->kdc_socket->process(sock->kdc_socket->kdc,
uint16_t port;
if (!sock->kdc_socket->kdc->am_rodc) {
- DEBUG(0,("kdc_udp_call_loop: proxying requested when not RODC\n"));
+ DBG_ERR("proxying requested when not RODC\n");
talloc_free(call);
goto done;
}
return;
}
- DEBUG(10,("Received krb5 TCP packet of length %zu from %s\n",
- call->in.length,
- tsocket_address_string(kdc_conn->conn->remote_address, call)));
+ DBG_DEBUG("Received krb5 TCP packet of length %zu from %s\n",
+ call->in.length,
+ tsocket_address_string(kdc_conn->conn->remote_address, call));
/* skip length header */
call->in.data +=4;
kdc_socket,
kdc->task->process_context);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("Failed to bind to %s:%u TCP - %s\n",
- address, port, nt_errstr(status)));
+ DBG_ERR("Failed to bind to %s:%u TCP - %s\n",
+ address, port, nt_errstr(status));
talloc_free(kdc_socket);
return status;
}
&kdc_udp_socket->dgram);
if (ret != 0) {
status = map_nt_error_from_unix_common(errno);
- DEBUG(0,("Failed to bind to %s:%u UDP - %s\n",
- address, port, nt_errstr(status)));
+ DBG_ERR("Failed to bind to %s:%u UDP - %s\n",
+ address, port, nt_errstr(status));
return status;
}
#endif
NULL);
if (subreq == NULL) {
- DEBUG(0, ("Failed to start MIT KDC as child daemon\n"));
+ DBG_ERR("Failed to start MIT KDC as child daemon\n");
task_server_terminate(task,
"Failed to startup mitkdc task",
tevent_req_set_callback(subreq, mitkdc_server_done, task);
- DEBUG(5,("Started krb5kdc process\n"));
+ DBG_INFO("Started krb5kdc process\n");
status = samba_setup_mit_kdc_irpc(task);
if (!NT_STATUS_IS_OK(status)) {
true);
}
- DEBUG(5,("Started irpc service for kdc_server\n"));
+ DBG_INFO("Started irpc service for kdc_server\n");
kdc = talloc_zero(task, struct kdc_server);
if (kdc == NULL) {
return status;
}
- DEBUG(5,("Started kpasswd service for kdc_server\n"));
+ DBG_INFO("Started kpasswd service for kdc_server\n");
return NT_STATUS_OK;
}
ret = samba_runcmd_recv(subreq, &sys_errno);
if (ret != 0) {
- DEBUG(0, ("The MIT KDC daemon died with exit status %d\n",
- sys_errno));
+ DBG_ERR("The MIT KDC daemon died with exit status %d\n",
+ sys_errno);
} else {
- DEBUG(0,("The MIT KDC daemon exited normally\n"));
+ DBG_ERR("The MIT KDC daemon exited normally\n");
}
task_server_terminate(task, "mitkdc child process exited", true);
return NT_STATUS_ACCESS_DENIED;
}
- DEBUG(3, ("Changing password of %s\\%s (%s)\n",
- session_info->info->domain_name,
- session_info->info->account_name,
- dom_sid_string(mem_ctx, &session_info->security_token->sids[PRIMARY_USER_SID_INDEX])));
+ DBG_NOTICE("Changing password of %s\\%s (%s)\n",
+ session_info->info->domain_name,
+ session_info->info->account_name,
+ dom_sid_string(mem_ctx, &session_info->security_token->sids[PRIMARY_USER_SID_INDEX]));
/* Performs the password change */
status = samdb_set_password_sid(samdb,
lpcfg_realm(mki_ctx->task->lp_ctx),
NULL);
if (code != 0) {
- DEBUG(0, ("Failed to create krbtgt@%s principal!\n",
- lpcfg_realm(mki_ctx->task->lp_ctx)));
+ DBG_ERR("Failed to create krbtgt@%s principal!\n",
+ lpcfg_realm(mki_ctx->task->lp_ctx));
return NT_STATUS_NO_MEMORY;
}
&sentry);
krb5_free_principal(mki_ctx->krb5_context, principal);
if (code != 0) {
- DEBUG(0, ("Failed to fetch krbtgt@%s principal entry!\n",
- lpcfg_realm(mki_ctx->task->lp_ctx)));
+ DBG_ERR("Failed to fetch krbtgt@%s principal entry!\n",
+ lpcfg_realm(mki_ctx->task->lp_ctx));
return NT_STATUS_LOGON_FAILURE;
}
krb5_error_code code = 0;
#ifdef DEBUG_PASSWORD
- DEBUG(1,("mit_samba_kpasswd_change_password called with: %s\n", pwd));
+ DBG_WARNING("mit_samba_kpasswd_change_password called with: %s\n", pwd);
#endif
tmp_ctx = talloc_named(ctx, 0, "mit_samba_kpasswd_change_password");
p->msg,
&user_info_dc);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1,("samba_kdc_get_user_info_from_db failed: %s\n",
- nt_errstr(status)));
+ DBG_WARNING("samba_kdc_get_user_info_from_db failed: %s\n",
+ nt_errstr(status));
talloc_free(tmp_ctx);
return EINVAL;
}
&ctx->session_info);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1,("auth_generate_session_info failed: %s\n",
- nt_errstr(status)));
+ DBG_WARNING("auth_generate_session_info failed: %s\n",
+ nt_errstr(status));
talloc_free(tmp_ctx);
return EINVAL;
}
if (!convert_string_talloc(tmp_ctx, CH_UTF8, CH_UTF16,
pwd, strlen(pwd),
&password.data, &password.length)) {
- DEBUG(1,("convert_string_talloc failed\n"));
+ DBG_WARNING("convert_string_talloc failed\n");
talloc_free(tmp_ctx);
return EINVAL;
}
&error_string,
&result);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1,("samdb_kpasswd_change_password failed: %s\n",
- nt_errstr(status)));
+ DBG_WARNING("samdb_kpasswd_change_password failed: %s\n",
+ nt_errstr(status));
code = KADM5_PASS_Q_GENERIC;
krb5_set_error_message(ctx->context, code, "%s", error_string);
goto out;
&info3,
resource_groups);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(1, ("Getting Samba info failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("Getting Samba info failed: %s\n",
+ nt_errstr(nt_status));
return nt_status;
}
(ndr_push_flags_fn_t)ndr_push_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(1, ("PAC_LOGON_INFO (presig) push failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("PAC_LOGON_INFO (presig) push failed: %s\n",
+ nt_errstr(nt_status));
return nt_status;
}
(ndr_push_flags_fn_t)ndr_push_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(1, ("PAC_REQUESTER_SID (presig) push failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("PAC_REQUESTER_SID (presig) push failed: %s\n",
+ nt_errstr(nt_status));
return nt_status;
}
}
(ndr_push_flags_fn_t)ndr_push_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(1, ("PAC UPN_DNS_INFO (presig) push failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("PAC UPN_DNS_INFO (presig) push failed: %s\n",
+ nt_errstr(nt_status));
return nt_status;
}
(ndr_push_flags_fn_t)ndr_push_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(1, ("PAC ATTRIBUTES_INFO (presig) push failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("PAC ATTRIBUTES_INFO (presig) push failed: %s\n",
+ nt_errstr(nt_status));
return nt_status;
}
}
}
if (lm_hash != NULL) {
- DEBUG(5, ("Passing LM password hash through credentials set\n"));
+ DBG_INFO("Passing LM password hash through credentials set\n");
ntlm_secpkg.flags |= PAC_CREDENTIAL_NTLM_HAS_LM_HASH;
ntlm_secpkg.lm_password = *lm_hash;
ZERO_STRUCTP(lm_hash);
}
}
if (nt_hash != NULL) {
- DEBUG(5, ("Passing NT password hash through credentials set\n"));
+ DBG_INFO("Passing NT password hash through credentials set\n");
ntlm_secpkg.flags |= PAC_CREDENTIAL_NTLM_HAS_NT_HASH;
ntlm_secpkg.nt_password = *nt_hash;
ZERO_STRUCTP(nt_hash);
ZERO_STRUCT(ntlm_secpkg);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(1, ("PAC_CREDENTIAL_NTLM_SECPKG (presig) push failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("PAC_CREDENTIAL_NTLM_SECPKG (presig) push failed: %s\n",
+ nt_errstr(nt_status));
return nt_status;
}
- DEBUG(10, ("NTLM credential BLOB (len %zu) for user\n",
- ntlm_blob.length));
+ DBG_DEBUG("NTLM credential BLOB (len %zu) for user\n",
+ ntlm_blob.length);
dump_data_pw("PAC_CREDENTIAL_NTLM_SECPKG",
ntlm_blob.data, ntlm_blob.length);
data_blob_clear(&ntlm_blob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(1, ("PAC_CREDENTIAL_DATA_NDR (presig) push failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("PAC_CREDENTIAL_DATA_NDR (presig) push failed: %s\n",
+ nt_errstr(nt_status));
return nt_status;
}
- DEBUG(10, ("Created credential BLOB (len %zu) for user\n",
- cred_blob->length));
+ DBG_DEBUG("Created credential BLOB (len %zu) for user\n",
+ cred_blob->length);
dump_data_pw("PAC_CREDENTIAL_DATA_NDR",
cred_blob->data, cred_blob->length);
&cred_crypto);
if (ret != 0) {
krb5err = krb5_get_error_message(context, ret);
- DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err));
+ DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return ret;
}
ret = krb5_crypto_getenctype(context, cred_crypto, &cred_enctype);
if (ret != 0) {
- DEBUG(1, ("Failed getting crypto type for key\n"));
+ DBG_WARNING("Failed getting crypto type for key\n");
krb5_crypto_destroy(context, cred_crypto);
return ret;
}
- DEBUG(10, ("Plain cred_ndr_blob (len %zu)\n",
- cred_ndr_blob->length));
+ DBG_DEBUG("Plain cred_ndr_blob (len %zu)\n",
+ cred_ndr_blob->length);
dump_data_pw("PAC_CREDENTIAL_DATA_NDR",
cred_ndr_blob->data, cred_ndr_blob->length);
krb5_crypto_destroy(context, cred_crypto);
if (ret != 0) {
krb5err = krb5_get_error_message(context, ret);
- DEBUG(1, ("Failed crypt of cred data: %s\n", krb5err));
+ DBG_WARNING("Failed crypt of cred data: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return ret;
}
krb5_data_free(&cred_ndr_crypt);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(1, ("PAC_CREDENTIAL_INFO (presig) push failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("PAC_CREDENTIAL_INFO (presig) push failed: %s\n",
+ nt_errstr(nt_status));
return KRB5KDC_ERR_SVC_UNAVAILABLE;
}
- DEBUG(10, ("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n",
- cred_info_blob->length, pac_cred_info.encryption_type));
+ DBG_DEBUG("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n",
+ cred_info_blob->length, pac_cred_info.encryption_type);
dump_data_pw("PAC_CREDENTIAL_INFO",
cred_info_blob->data, cred_info_blob->length);
&cred_key);
if (code != 0) {
krb5err = krb5_get_error_message(context, code);
- DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err));
+ DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return code;
}
cred_enctype = krb5_k_key_enctype(context, cred_key);
- DEBUG(10, ("Plain cred_ndr_blob (len %zu)\n",
- cred_ndr_blob->length));
+ DBG_DEBUG("Plain cred_ndr_blob (len %zu)\n",
+ cred_ndr_blob->length);
dump_data_pw("PAC_CREDENTIAL_DATA_NDR",
cred_ndr_blob->data, cred_ndr_blob->length);
&enc_len);
if (code != 0) {
krb5err = krb5_get_error_message(context, code);
- DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err));
+ DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return code;
}
krb5_k_free_key(context, cred_key);
if (code != 0) {
krb5err = krb5_get_error_message(context, code);
- DEBUG(1, ("Failed crypt of cred data: %s\n", krb5err));
+ DBG_WARNING("Failed crypt of cred data: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return code;
}
TALLOC_FREE(pac_cred_info.encrypted_data.data);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(1, ("PAC_CREDENTIAL_INFO (presig) push failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("PAC_CREDENTIAL_INFO (presig) push failed: %s\n",
+ nt_errstr(nt_status));
return KRB5KDC_ERR_SVC_UNAVAILABLE;
}
- DEBUG(10, ("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n",
- cred_info_blob->length, pac_cred_info.encryption_type));
+ DBG_DEBUG("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n",
+ cred_info_blob->length, pac_cred_info.encryption_type);
dump_data_pw("PAC_CREDENTIAL_INFO",
cred_info_blob->data, cred_info_blob->length);
smb_krb5_free_data_contents(context, &k5pac_attrs_in);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NTSTATUS nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(0,("can't parse the PAC ATTRIBUTES_INFO: %s\n", nt_errstr(nt_status)));
+ DBG_ERR("can't parse the PAC ATTRIBUTES_INFO: %s\n", nt_errstr(nt_status));
return EINVAL;
}
user_info_dc,
upn_blob);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(0, ("Building PAC UPN INFO failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_ERR("Building PAC UPN INFO failed: %s\n",
+ nt_errstr(nt_status));
return nt_status;
}
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
smb_krb5_free_data_contents(context, &old_data);
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)));
+ DBG_ERR("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status));
talloc_free(tmp_ctx);
return nt_status;
}
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
smb_krb5_free_data_contents(context, &old_data);
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)));
+ DBG_ERR("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status));
talloc_free(tmp_ctx);
return nt_status;
}
smb_krb5_free_data_contents(context, &k5pac_requester_sid_in);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(0,("can't parse the PAC REQUESTER_SID: %s\n", nt_errstr(nt_status)));
+ DBG_ERR("can't parse the PAC REQUESTER_SID: %s\n", nt_errstr(nt_status));
talloc_free(tmp_ctx);
return EINVAL;
}
&info3,
&resource_groups);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(1, ("Getting Samba info failed: %s\n",
- nt_errstr(nt_status)));
+ DBG_WARNING("Getting Samba info failed: %s\n",
+ nt_errstr(nt_status));
talloc_free(frame);
return nt_status_to_krb5(nt_status);
}
NULL,
&key->key);
if (ret != 0) {
- DEBUG(1, ("PAC KDC signature failed to verify\n"));
+ DBG_WARNING("PAC KDC signature failed to verify\n");
goto out;
}
&ctype,
&rodc_id);
if (ret != 0) {
- DEBUG(1, ("Failed to get PAC checksum info\n"));
+ DBG_WARNING("Failed to get PAC checksum info\n");
return ret;
}
projects / thirdparty / samba.git / commitdiff
