1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

s4:kdc: Use newer debugging macros

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton 2023-07-21 11:44:05 +12:00 committed by Andrew Bartlett
parent 54c38cf9d9
commit 0182ddf97d
10 changed files with 117 additions and 117 deletions

View File

@ -102,7 +102,7 @@ static void auth_sam_trigger_repl_secret(TALLOC_CTX *mem_ctx,
"dreplsrv",
&ndr_table_irpc);
if (irpc_handle == NULL) {
DEBUG(1,(__location__ ": Unable to get binding handle for dreplsrv\n"));
DBG_WARNING("Unable to get binding handle for dreplsrv\n");
TALLOC_FREE(tmp_ctx);
return;
}
@ -2034,7 +2034,7 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
/* Must have found a cleartext or MD4 password */
if (num_keys == 0) {
DEBUG(1,(__location__ ": no usable key found\n"));
DBG_WARNING("no usable key found\n");
krb5_clear_error_message(context);
ret = SDB_ERR_NOENTRY;
goto out;
@ -2647,18 +2647,18 @@ static krb5_error_code samba_kdc_lookup_server(krb5_context context,
DSDB_SEARCH_SHOW_EXTENDED_DN | DSDB_SEARCH_NO_GLOBAL_CATALOG,
"%s", filter);
if (lret == LDB_ERR_NO_SUCH_OBJECT) {
DEBUG(10, ("Failed to find an entry for %s filter:%s\n",
name1, filter));
DBG_DEBUG("Failed to find an entry for %s filter:%s\n",
name1, filter);
return SDB_ERR_NOENTRY;
}
if (lret == LDB_ERR_CONSTRAINT_VIOLATION) {
DEBUG(10, ("Failed to find unique entry for %s filter:%s\n",
name1, filter));
DBG_DEBUG("Failed to find unique entry for %s filter:%s\n",
name1, filter);
return SDB_ERR_NOENTRY;
}
if (lret != LDB_SUCCESS) {
DEBUG(0, ("Failed single search for %s - %s\n",
name1, ldb_errstring(kdc_db_ctx->samdb)));
DBG_ERR("Failed single search for %s - %s\n",
name1, ldb_errstring(kdc_db_ctx->samdb));
return SDB_ERR_NOENTRY;
}
return 0;
@ -3274,8 +3274,8 @@ samba_kdc_check_s4u2proxy(krb5_context context,
" krb5_unparse_name() failed!");
return ret;
}
DEBUG(10,("samba_kdc_check_s4u2proxy: client[%s] for target[%s]\n",
client_dn, tmp));
DBG_DEBUG("client[%s] for target[%s]\n",
client_dn, tmp);
target_principal_name = talloc_strdup(mem_ctx, tmp);
SAFE_FREE(tmp);
@ -3315,8 +3315,8 @@ samba_kdc_check_s4u2proxy(krb5_context context,
goto bad_option;
}
DEBUG(10,("samba_kdc_check_s4u2proxy: client[%s] allowed target[%s]\n",
client_dn, target_principal_name));
DBG_DEBUG("client[%s] allowed target[%s]\n",
client_dn, target_principal_name);
talloc_free(mem_ctx);
return 0;
@ -3550,7 +3550,7 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
NULL,
0);
if (kdc_db_ctx->samdb == NULL) {
DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot open samdb for KDC backend!\n"));
DBG_WARNING("Cannot open samdb for KDC backend!\n");
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@ -3558,8 +3558,8 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
/* Find out our own krbtgt kvno */
ldb_ret = samdb_rodc(kdc_db_ctx->samdb, &kdc_db_ctx->rodc);
if (ldb_ret != LDB_SUCCESS) {
DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine if we are an RODC in KDC backend: %s\n",
ldb_errstring(kdc_db_ctx->samdb)));
DBG_WARNING("Cannot determine if we are an RODC in KDC backend: %s\n",
ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@ -3569,8 +3569,8 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
struct ldb_dn *account_dn;
struct ldb_dn *server_dn = samdb_server_dn(kdc_db_ctx->samdb, kdc_db_ctx);
if (!server_dn) {
DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine server DN in KDC backend: %s\n",
ldb_errstring(kdc_db_ctx->samdb)));
DBG_WARNING("Cannot determine server DN in KDC backend: %s\n",
ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@ -3578,8 +3578,8 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
ldb_ret = samdb_reference_dn(kdc_db_ctx->samdb, kdc_db_ctx, server_dn,
"serverReference", &account_dn);
if (ldb_ret != LDB_SUCCESS) {
DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine server account in KDC backend: %s\n",
ldb_errstring(kdc_db_ctx->samdb)));
DBG_WARNING("Cannot determine server account in KDC backend: %s\n",
ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@ -3588,8 +3588,8 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
"msDS-KrbTgtLink", &kdc_db_ctx->krbtgt_dn);
talloc_free(account_dn);
if (ldb_ret != LDB_SUCCESS) {
DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine RODC krbtgt account in KDC backend: %s\n",
ldb_errstring(kdc_db_ctx->samdb)));
DBG_WARNING("Cannot determine RODC krbtgt account in KDC backend: %s\n",
ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@ -3600,18 +3600,18 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
DSDB_SEARCH_NO_GLOBAL_CATALOG,
"(&(objectClass=user)(msDS-SecondaryKrbTgtNumber=*))");
if (ldb_ret != LDB_SUCCESS) {
DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot read krbtgt account %s in KDC backend to get msDS-SecondaryKrbTgtNumber: %s: %s\n",
ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn),
ldb_errstring(kdc_db_ctx->samdb),
ldb_strerror(ldb_ret)));
DBG_WARNING("Cannot read krbtgt account %s in KDC backend to get msDS-SecondaryKrbTgtNumber: %s: %s\n",
ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn),
ldb_errstring(kdc_db_ctx->samdb),
ldb_strerror(ldb_ret));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
my_krbtgt_number = ldb_msg_find_attr_as_int(msg, "msDS-SecondaryKrbTgtNumber", -1);
if (my_krbtgt_number == -1) {
DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot read msDS-SecondaryKrbTgtNumber from krbtgt account %s in KDC backend: got %d\n",
ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn),
my_krbtgt_number));
DBG_WARNING("Cannot read msDS-SecondaryKrbTgtNumber from krbtgt account %s in KDC backend: got %d\n",
ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn),
my_krbtgt_number);
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@ -3628,7 +3628,7 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
"(&(objectClass=user)(samAccountName=krbtgt))");
if (ldb_ret != LDB_SUCCESS) {
DEBUG(1, ("samba_kdc_setup_db_ctx: could not find own KRBTGT in DB: %s\n", ldb_errstring(kdc_db_ctx->samdb)));
DBG_WARNING("could not find own KRBTGT in DB: %s\n", ldb_errstring(kdc_db_ctx->samdb));
talloc_free(kdc_db_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}

View File

@ -405,7 +405,7 @@ static void reset_bad_password_netlogon(TALLOC_CTX *mem_ctx,
&ndr_table_winbind);
if (irpc_handle == NULL) {
DEBUG(0, ("No winbind_server running!\n"));
DBG_ERR("No winbind_server running!\n");
return;
}

View File

@ -51,7 +51,7 @@ static WERROR kdc_proxy_get_writeable_dcs(struct kdc_server *kdc, TALLOC_CTX *me
if (count == 0) {
/* we don't have any DCs to replicate with. Very
strange for a RODC */
DEBUG(1,(__location__ ": No replication sources for RODC in KDC proxy\n"));
DBG_WARNING("No replication sources for RODC in KDC proxy\n");
talloc_free(reps);
return WERR_DS_DRA_NO_REPLICA;
}
@ -190,8 +190,8 @@ static void kdc_udp_proxy_resolve_done(struct composite_context *csubreq)
status = resolve_name_recv(csubreq, state, &state->proxy.ip);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Unable to resolve proxy[%s] - %s\n",
state->proxy.name.name, nt_errstr(status)));
DBG_ERR("Unable to resolve proxy[%s] - %s\n",
state->proxy.name.name, nt_errstr(status));
kdc_udp_next_proxy(req);
return;
}
@ -450,8 +450,8 @@ static void kdc_tcp_proxy_resolve_done(struct composite_context *csubreq)
status = resolve_name_recv(csubreq, state, &state->proxy.ip);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Unable to resolve proxy[%s] - %s\n",
state->proxy.name.name, nt_errstr(status)));
DBG_ERR("Unable to resolve proxy[%s] - %s\n",
state->proxy.name.name, nt_errstr(status));
kdc_tcp_next_proxy(req);
return;
}

View File

@ -132,9 +132,9 @@ static void kdc_udp_call_loop(struct tevent_req *subreq)
call->in.data = buf;
call->in.length = len;
DEBUG(10,("Received krb5 UDP packet of length %zu from %s\n",
call->in.length,
tsocket_address_string(call->src, call)));
DBG_DEBUG("Received krb5 UDP packet of length %zu from %s\n",
call->in.length,
tsocket_address_string(call->src, call));
/* Call krb5 */
ret = sock->kdc_socket->process(sock->kdc_socket->kdc,
@ -153,7 +153,7 @@ static void kdc_udp_call_loop(struct tevent_req *subreq)
uint16_t port;
if (!sock->kdc_socket->kdc->am_rodc) {
DEBUG(0,("kdc_udp_call_loop: proxying requested when not RODC\n"));
DBG_ERR("proxying requested when not RODC\n");
talloc_free(call);
goto done;
}
@ -281,9 +281,9 @@ static void kdc_tcp_call_loop(struct tevent_req *subreq)
return;
}
DEBUG(10,("Received krb5 TCP packet of length %zu from %s\n",
call->in.length,
tsocket_address_string(kdc_conn->conn->remote_address, call)));
DBG_DEBUG("Received krb5 TCP packet of length %zu from %s\n",
call->in.length,
tsocket_address_string(kdc_conn->conn->remote_address, call));
/* skip length header */
call->in.data +=4;
@ -584,8 +584,8 @@ NTSTATUS kdc_add_socket(struct kdc_server *kdc,
kdc_socket,
kdc->task->process_context);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Failed to bind to %s:%u TCP - %s\n",
address, port, nt_errstr(status)));
DBG_ERR("Failed to bind to %s:%u TCP - %s\n",
address, port, nt_errstr(status));
talloc_free(kdc_socket);
return status;
}
@ -602,8 +602,8 @@ NTSTATUS kdc_add_socket(struct kdc_server *kdc,
&kdc_udp_socket->dgram);
if (ret != 0) {
status = map_nt_error_from_unix_common(errno);
DEBUG(0,("Failed to bind to %s:%u UDP - %s\n",
address, port, nt_errstr(status)));
DBG_ERR("Failed to bind to %s:%u UDP - %s\n",
address, port, nt_errstr(status));
return status;
}

View File

@ -222,7 +222,7 @@ NTSTATUS mitkdc_task_init(struct task_server *task)
#endif
NULL);
if (subreq == NULL) {
DEBUG(0, ("Failed to start MIT KDC as child daemon\n"));
DBG_ERR("Failed to start MIT KDC as child daemon\n");
task_server_terminate(task,
"Failed to startup mitkdc task",
@ -232,7 +232,7 @@ NTSTATUS mitkdc_task_init(struct task_server *task)
tevent_req_set_callback(subreq, mitkdc_server_done, task);
DEBUG(5,("Started krb5kdc process\n"));
DBG_INFO("Started krb5kdc process\n");
status = samba_setup_mit_kdc_irpc(task);
if (!NT_STATUS_IS_OK(status)) {
@ -241,7 +241,7 @@ NTSTATUS mitkdc_task_init(struct task_server *task)
true);
}
DEBUG(5,("Started irpc service for kdc_server\n"));
DBG_INFO("Started irpc service for kdc_server\n");
kdc = talloc_zero(task, struct kdc_server);
if (kdc == NULL) {
@ -342,7 +342,7 @@ NTSTATUS mitkdc_task_init(struct task_server *task)
return status;
}
DEBUG(5,("Started kpasswd service for kdc_server\n"));
DBG_INFO("Started kpasswd service for kdc_server\n");
return NT_STATUS_OK;
}
@ -360,10 +360,10 @@ static void mitkdc_server_done(struct tevent_req *subreq)
ret = samba_runcmd_recv(subreq, &sys_errno);
if (ret != 0) {
DEBUG(0, ("The MIT KDC daemon died with exit status %d\n",
sys_errno));
DBG_ERR("The MIT KDC daemon died with exit status %d\n",
sys_errno);
} else {
DEBUG(0,("The MIT KDC daemon exited normally\n"));
DBG_ERR("The MIT KDC daemon exited normally\n");
}
task_server_terminate(task, "mitkdc child process exited", true);

View File

@ -62,10 +62,10 @@ NTSTATUS samdb_kpasswd_change_password(TALLOC_CTX *mem_ctx,
return NT_STATUS_ACCESS_DENIED;
}
DEBUG(3, ("Changing password of %s\\%s (%s)\n",
session_info->info->domain_name,
session_info->info->account_name,
dom_sid_string(mem_ctx, &session_info->security_token->sids[PRIMARY_USER_SID_INDEX])));
DBG_NOTICE("Changing password of %s\\%s (%s)\n",
session_info->info->domain_name,
session_info->info->account_name,
dom_sid_string(mem_ctx, &session_info->security_token->sids[PRIMARY_USER_SID_INDEX]));
/* Performs the password change */
status = samdb_set_password_sid(samdb,

View File

@ -104,8 +104,8 @@ static NTSTATUS netr_samlogon_generic_logon(struct irpc_message *msg,
lpcfg_realm(mki_ctx->task->lp_ctx),
NULL);
if (code != 0) {
DEBUG(0, ("Failed to create krbtgt@%s principal!\n",
lpcfg_realm(mki_ctx->task->lp_ctx)));
DBG_ERR("Failed to create krbtgt@%s principal!\n",
lpcfg_realm(mki_ctx->task->lp_ctx));
return NT_STATUS_NO_MEMORY;
}
@ -118,8 +118,8 @@ static NTSTATUS netr_samlogon_generic_logon(struct irpc_message *msg,
&sentry);
krb5_free_principal(mki_ctx->krb5_context, principal);
if (code != 0) {
DEBUG(0, ("Failed to fetch krbtgt@%s principal entry!\n",
lpcfg_realm(mki_ctx->task->lp_ctx)));
DBG_ERR("Failed to fetch krbtgt@%s principal entry!\n",
lpcfg_realm(mki_ctx->task->lp_ctx));
return NT_STATUS_LOGON_FAILURE;
}

View File

@ -1081,7 +1081,7 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx,
krb5_error_code code = 0;
#ifdef DEBUG_PASSWORD
DEBUG(1,("mit_samba_kpasswd_change_password called with: %s\n", pwd));
DBG_WARNING("mit_samba_kpasswd_change_password called with: %s\n", pwd);
#endif
tmp_ctx = talloc_named(ctx, 0, "mit_samba_kpasswd_change_password");
@ -1093,8 +1093,8 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx,
p->msg,
&user_info_dc);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1,("samba_kdc_get_user_info_from_db failed: %s\n",
nt_errstr(status)));
DBG_WARNING("samba_kdc_get_user_info_from_db failed: %s\n",
nt_errstr(status));
talloc_free(tmp_ctx);
return EINVAL;
}
@ -1107,8 +1107,8 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx,
&ctx->session_info);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1,("auth_generate_session_info failed: %s\n",
nt_errstr(status)));
DBG_WARNING("auth_generate_session_info failed: %s\n",
nt_errstr(status));
talloc_free(tmp_ctx);
return EINVAL;
}
@ -1118,7 +1118,7 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx,
if (!convert_string_talloc(tmp_ctx, CH_UTF8, CH_UTF16,
pwd, strlen(pwd),
&password.data, &password.length)) {
DEBUG(1,("convert_string_talloc failed\n"));
DBG_WARNING("convert_string_talloc failed\n");
talloc_free(tmp_ctx);
return EINVAL;
}
@ -1133,8 +1133,8 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx,
&error_string,
&result);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1,("samdb_kpasswd_change_password failed: %s\n",
nt_errstr(status)));
DBG_WARNING("samdb_kpasswd_change_password failed: %s\n",
nt_errstr(status));
code = KADM5_PASS_Q_GENERIC;
krb5_set_error_message(ctx->context, code, "%s", error_string);
goto out;

View File

@ -85,8 +85,8 @@ NTSTATUS samba_get_logon_info_pac_blob(TALLOC_CTX *mem_ctx,
&info3,
resource_groups);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("Getting Samba info failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("Getting Samba info failed: %s\n",
nt_errstr(nt_status));
return nt_status;
}
@ -122,8 +122,8 @@ NTSTATUS samba_get_logon_info_pac_blob(TALLOC_CTX *mem_ctx,
(ndr_push_flags_fn_t)ndr_push_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC_LOGON_INFO (presig) push failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("PAC_LOGON_INFO (presig) push failed: %s\n",
nt_errstr(nt_status));
return nt_status;
}
@ -155,8 +155,8 @@ NTSTATUS samba_get_requester_sid_pac_blob(TALLOC_CTX *mem_ctx,
(ndr_push_flags_fn_t)ndr_push_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC_REQUESTER_SID (presig) push failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("PAC_REQUESTER_SID (presig) push failed: %s\n",
nt_errstr(nt_status));
return nt_status;
}
}
@ -201,8 +201,8 @@ NTSTATUS samba_get_upn_info_pac_blob(TALLOC_CTX *mem_ctx,
(ndr_push_flags_fn_t)ndr_push_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC UPN_DNS_INFO (presig) push failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("PAC UPN_DNS_INFO (presig) push failed: %s\n",
nt_errstr(nt_status));
return nt_status;
}
@ -236,8 +236,8 @@ NTSTATUS samba_get_pac_attrs_blob(TALLOC_CTX *mem_ctx,
(ndr_push_flags_fn_t)ndr_push_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC ATTRIBUTES_INFO (presig) push failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("PAC ATTRIBUTES_INFO (presig) push failed: %s\n",
nt_errstr(nt_status));
return nt_status;
}
@ -298,7 +298,7 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx,
}
}
if (lm_hash != NULL) {
DEBUG(5, ("Passing LM password hash through credentials set\n"));
DBG_INFO("Passing LM password hash through credentials set\n");
ntlm_secpkg.flags |= PAC_CREDENTIAL_NTLM_HAS_LM_HASH;
ntlm_secpkg.lm_password = *lm_hash;
ZERO_STRUCTP(lm_hash);
@ -313,7 +313,7 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx,
}
}
if (nt_hash != NULL) {
DEBUG(5, ("Passing NT password hash through credentials set\n"));
DBG_INFO("Passing NT password hash through credentials set\n");
ntlm_secpkg.flags |= PAC_CREDENTIAL_NTLM_HAS_NT_HASH;
ntlm_secpkg.nt_password = *nt_hash;
ZERO_STRUCTP(nt_hash);
@ -335,13 +335,13 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx,
ZERO_STRUCT(ntlm_secpkg);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC_CREDENTIAL_NTLM_SECPKG (presig) push failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("PAC_CREDENTIAL_NTLM_SECPKG (presig) push failed: %s\n",
nt_errstr(nt_status));
return nt_status;
}
DEBUG(10, ("NTLM credential BLOB (len %zu) for user\n",
ntlm_blob.length));
DBG_DEBUG("NTLM credential BLOB (len %zu) for user\n",
ntlm_blob.length);
dump_data_pw("PAC_CREDENTIAL_NTLM_SECPKG",
ntlm_blob.data, ntlm_blob.length);
@ -371,13 +371,13 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx,
data_blob_clear(&ntlm_blob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC_CREDENTIAL_DATA_NDR (presig) push failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("PAC_CREDENTIAL_DATA_NDR (presig) push failed: %s\n",
nt_errstr(nt_status));
return nt_status;
}
DEBUG(10, ("Created credential BLOB (len %zu) for user\n",
cred_blob->length));
DBG_DEBUG("Created credential BLOB (len %zu) for user\n",
cred_blob->length);
dump_data_pw("PAC_CREDENTIAL_DATA_NDR",
cred_blob->data, cred_blob->length);
@ -406,20 +406,20 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context,
&cred_crypto);
if (ret != 0) {
krb5err = krb5_get_error_message(context, ret);
DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err));
DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return ret;
}
ret = krb5_crypto_getenctype(context, cred_crypto, &cred_enctype);
if (ret != 0) {
DEBUG(1, ("Failed getting crypto type for key\n"));
DBG_WARNING("Failed getting crypto type for key\n");
krb5_crypto_destroy(context, cred_crypto);
return ret;
}
DEBUG(10, ("Plain cred_ndr_blob (len %zu)\n",
cred_ndr_blob->length));
DBG_DEBUG("Plain cred_ndr_blob (len %zu)\n",
cred_ndr_blob->length);
dump_data_pw("PAC_CREDENTIAL_DATA_NDR",
cred_ndr_blob->data, cred_ndr_blob->length);
@ -430,7 +430,7 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context,
krb5_crypto_destroy(context, cred_crypto);
if (ret != 0) {
krb5err = krb5_get_error_message(context, ret);
DEBUG(1, ("Failed crypt of cred data: %s\n", krb5err));
DBG_WARNING("Failed crypt of cred data: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return ret;
}
@ -448,13 +448,13 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context,
krb5_data_free(&cred_ndr_crypt);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC_CREDENTIAL_INFO (presig) push failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("PAC_CREDENTIAL_INFO (presig) push failed: %s\n",
nt_errstr(nt_status));
return KRB5KDC_ERR_SVC_UNAVAILABLE;
}
DEBUG(10, ("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n",
cred_info_blob->length, pac_cred_info.encryption_type));
DBG_DEBUG("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n",
cred_info_blob->length, pac_cred_info.encryption_type);
dump_data_pw("PAC_CREDENTIAL_INFO",
cred_info_blob->data, cred_info_blob->length);
@ -485,15 +485,15 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context,
&cred_key);
if (code != 0) {
krb5err = krb5_get_error_message(context, code);
DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err));
DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return code;
}
cred_enctype = krb5_k_key_enctype(context, cred_key);
DEBUG(10, ("Plain cred_ndr_blob (len %zu)\n",
cred_ndr_blob->length));
DBG_DEBUG("Plain cred_ndr_blob (len %zu)\n",
cred_ndr_blob->length);
dump_data_pw("PAC_CREDENTIAL_DATA_NDR",
cred_ndr_blob->data, cred_ndr_blob->length);
@ -509,7 +509,7 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context,
&enc_len);
if (code != 0) {
krb5err = krb5_get_error_message(context, code);
DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err));
DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return code;
}
@ -532,7 +532,7 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context,
krb5_k_free_key(context, cred_key);
if (code != 0) {
krb5err = krb5_get_error_message(context, code);
DEBUG(1, ("Failed crypt of cred data: %s\n", krb5err));
DBG_WARNING("Failed crypt of cred data: %s\n", krb5err);
krb5_free_error_message(context, krb5err);
return code;
}
@ -546,13 +546,13 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context,
TALLOC_FREE(pac_cred_info.encrypted_data.data);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC_CREDENTIAL_INFO (presig) push failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("PAC_CREDENTIAL_INFO (presig) push failed: %s\n",
nt_errstr(nt_status));
return KRB5KDC_ERR_SVC_UNAVAILABLE;
}
DEBUG(10, ("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n",
cred_info_blob->length, pac_cred_info.encryption_type));
DBG_DEBUG("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n",
cred_info_blob->length, pac_cred_info.encryption_type);
dump_data_pw("PAC_CREDENTIAL_INFO",
cred_info_blob->data, cred_info_blob->length);
@ -771,7 +771,7 @@ int samba_client_requested_pac(krb5_context context,
smb_krb5_free_data_contents(context, &k5pac_attrs_in);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NTSTATUS nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC ATTRIBUTES_INFO: %s\n", nt_errstr(nt_status)));
DBG_ERR("can't parse the PAC ATTRIBUTES_INFO: %s\n", nt_errstr(nt_status));
return EINVAL;
}
@ -1054,8 +1054,8 @@ NTSTATUS samba_kdc_get_upn_info_blob(TALLOC_CTX *mem_ctx,
user_info_dc,
upn_blob);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Building PAC UPN INFO failed: %s\n",
nt_errstr(nt_status)));
DBG_ERR("Building PAC UPN INFO failed: %s\n",
nt_errstr(nt_status));
return nt_status;
}
@ -1363,7 +1363,7 @@ static NTSTATUS samba_kdc_update_delegation_info_blob(TALLOC_CTX *mem_ctx,
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
smb_krb5_free_data_contents(context, &old_data);
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)));
DBG_ERR("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status));
talloc_free(tmp_ctx);
return nt_status;
}
@ -1403,7 +1403,7 @@ static NTSTATUS samba_kdc_update_delegation_info_blob(TALLOC_CTX *mem_ctx,
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
smb_krb5_free_data_contents(context, &old_data);
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)));
DBG_ERR("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status));
talloc_free(tmp_ctx);
return nt_status;
}
@ -1501,7 +1501,7 @@ static krb5_error_code samba_get_requester_sid(TALLOC_CTX *mem_ctx,
smb_krb5_free_data_contents(context, &k5pac_requester_sid_in);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC REQUESTER_SID: %s\n", nt_errstr(nt_status)));
DBG_ERR("can't parse the PAC REQUESTER_SID: %s\n", nt_errstr(nt_status));
talloc_free(tmp_ctx);
return EINVAL;
}
@ -2080,8 +2080,8 @@ static krb5_error_code samba_kdc_get_device_info_blob(TALLOC_CTX *mem_ctx,
&info3,
&resource_groups);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("Getting Samba info failed: %s\n",
nt_errstr(nt_status)));
DBG_WARNING("Getting Samba info failed: %s\n",
nt_errstr(nt_status));
talloc_free(frame);
return nt_status_to_krb5(nt_status);
}

View File

@ -369,7 +369,7 @@ static krb5_error_code samba_wdc_verify_pac2(astgs_request_t r,
NULL,
&key->key);
if (ret != 0) {
DEBUG(1, ("PAC KDC signature failed to verify\n"));
DBG_WARNING("PAC KDC signature failed to verify\n");
goto out;
}
@ -580,7 +580,7 @@ static krb5_error_code samba_wdc_verify_pac(void *priv, astgs_request_t r,
&ctype,
&rodc_id);
if (ret != 0) {
DEBUG(1, ("Failed to get PAC checksum info\n"));
DBG_WARNING("Failed to get PAC checksum info\n");
return ret;
}