struct sockaddr_in *raddr,
caddr_t data);
+/* auth_gssapi_log_badauth_func is IPv4-specific; this version gives the
+ * transport handle so the fd can be used to get the address. */
+typedef void (*auth_gssapi_log_badauth2_func)
+ (OM_uint32 major,
+ OM_uint32 minor,
+ SVCXPRT *xprt,
+ caddr_t data);
+
typedef void (*auth_gssapi_log_badverf_func)
(gss_name_t client,
gss_name_t server,
void svcauth_gssapi_set_log_badauth_func
(auth_gssapi_log_badauth_func func,
caddr_t data);
+void svcauth_gssapi_set_log_badauth2_func
+(auth_gssapi_log_badauth2_func func,
+ caddr_t data);
void svcauth_gssapi_set_log_badverf_func
(auth_gssapi_log_badverf_func func,
caddr_t data);
void svcauth_gss_set_log_badauth_func(auth_gssapi_log_badauth_func,
caddr_t);
+void svcauth_gss_set_log_badauth2_func(auth_gssapi_log_badauth2_func,
+ caddr_t);
void svcauth_gss_set_log_badverf_func(auth_gssapi_log_badverf_func,
caddr_t);
void svcauth_gss_set_log_miscerr_func(auth_gssapi_log_miscerr_func,
#define svcauth_gssapi_set_names gssrpc_svcauth_gssapi_set_names
#define svcauth_gssapi_unset_names gssrpc_svcauth_gssapi_unset_names
#define svcauth_gssapi_set_log_badauth_func gssrpc_svcauth_gssapi_set_log_badauth_func
+#define svcauth_gssapi_set_log_badauth2_func gssrpc_svcauth_gssapi_set_log_badauth2_func
#define svcauth_gssapi_set_log_badverf_func gssrpc_svcauth_gssapi_set_log_badverf_func
#define svcauth_gssapi_set_log_miscerr_func gssrpc_svcauth_gssapi_set_log_miscerr_func
#define svcauth_gss_set_log_badauth_func gssrpc_svcauth_gss_set_log_badauth_func
+#define svcauth_gss_set_log_badauth2_func gssrpc_svcauth_gss_set_log_badauth2_func
#define svcauth_gss_set_log_badverf_func gssrpc_svcauth_gss_set_log_badverf_func
#define svcauth_gss_set_log_miscerr_func gssrpc_svcauth_gss_set_log_miscerr_func
gssrpc_svc_unregister
gssrpc_svcauth_gss_get_principal
gssrpc_svcauth_gss_set_log_badauth_func
+gssrpc_svcauth_gss_set_log_badauth2_func
gssrpc_svcauth_gss_set_log_badverf_func
gssrpc_svcauth_gss_set_log_miscerr_func
gssrpc_svcauth_gss_set_svc_name
gssrpc_svcauth_gssapi_set_log_badauth_func
+gssrpc_svcauth_gssapi_set_log_badauth2_func
gssrpc_svcauth_gssapi_set_log_badverf_func
gssrpc_svcauth_gssapi_set_log_miscerr_func
gssrpc_svcauth_gssapi_set_names
static auth_gssapi_log_badauth_func log_badauth = NULL;
static caddr_t log_badauth_data = NULL;
+static auth_gssapi_log_badauth2_func log_badauth2 = NULL;
+static caddr_t log_badauth2_data = NULL;
static auth_gssapi_log_badverf_func log_badverf = NULL;
static caddr_t log_badverf_data = NULL;
static auth_gssapi_log_miscerr_func log_miscerr = NULL;
return (TRUE);
}
+/* Invoke log_badauth callbacks for an authentication failure. */
+static void
+badauth(OM_uint32 maj, OM_uint32 minor, SVCXPRT *xprt)
+{
+ if (log_badauth != NULL)
+ (*log_badauth)(maj, minor, &xprt->xp_raddr, log_badauth_data);
+ if (log_badauth2 != NULL)
+ (*log_badauth2)(maj, minor, xprt, log_badauth2_data);
+}
+
static bool_t
svcauth_gss_accept_sec_context(struct svc_req *rqst,
struct rpc_gss_init_res *gr)
log_status("accept_sec_context", gr->gr_major, gr->gr_minor);
if (gr->gr_major != GSS_S_COMPLETE &&
gr->gr_major != GSS_S_CONTINUE_NEEDED) {
- if (log_badauth != NULL) {
- (*log_badauth)(gr->gr_major,
- gr->gr_minor,
- &rqst->rq_xprt->xp_raddr,
- log_badauth_data);
- }
+ badauth(gr->gr_major, gr->gr_minor, rqst->rq_xprt);
gd->ctx = GSS_C_NO_CONTEXT;
goto errout;
}
log_badauth_data = data;
}
+void
+svcauth_gss_set_log_badauth2_func(auth_gssapi_log_badauth2_func func,
+ caddr_t data)
+{
+ log_badauth2 = func;
+ log_badauth2_data = data;
+}
+
/*
* Function: svcauth_gss_set_log_badverf_func
*
static auth_gssapi_log_badauth_func log_badauth = NULL;
static caddr_t log_badauth_data = NULL;
+static auth_gssapi_log_badauth2_func log_badauth2 = NULL;
+static caddr_t log_badauth2_data = NULL;
static auth_gssapi_log_badverf_func log_badverf = NULL;
static caddr_t log_badverf_data = NULL;
static auth_gssapi_log_miscerr_func log_miscerr = NULL;
static client_list *clients = NULL;
+/* Invoke log_badauth callbacks for an authentication failure. */
+static void
+badauth(OM_uint32 maj, OM_uint32 minor, SVCXPRT *xprt)
+{
+ if (log_badauth != NULL)
+ (*log_badauth)(maj, minor, &xprt->xp_raddr, log_badauth_data);
+ if (log_badauth2 != NULL)
+ (*log_badauth2)(maj, minor, xprt, log_badauth2_data);
+}
+
enum auth_stat gssrpc__svcauth_gssapi(
register struct svc_req *rqst,
register struct rpc_msg *msg,
call_res.gss_major,
call_res.gss_minor));
- if (log_badauth != NULL)
- (*log_badauth)(call_res.gss_major,
- call_res.gss_minor,
- &rqst->rq_xprt->xp_raddr,
- log_badauth_data);
+ badauth(call_res.gss_major, call_res.gss_minor, rqst->rq_xprt);
gss_release_buffer(&minor_stat, &output_token);
svc_sendreply(rqst->rq_xprt, xdr_authgssapi_init_res,
log_badauth_data = data;
}
+void
+svcauth_gssapi_set_log_badauth2_func(auth_gssapi_log_badauth2_func func,
+ caddr_t data)
+{
+ log_badauth2 = func;
+ log_badauth2_data = data;
+}
+
/*
* Function: svcauth_gssapi_set_log_badverf_func
*
projects / thirdparty / krb5.git / commitdiff
