diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c index 29d2a253847..d9fea8241a5 100644 --- a/source4/kdc/db-glue.c +++ b/source4/kdc/db-glue.c @@ -102,7 +102,7 @@ static void auth_sam_trigger_repl_secret(TALLOC_CTX *mem_ctx, "dreplsrv", &ndr_table_irpc); if (irpc_handle == NULL) { - DEBUG(1,(__location__ ": Unable to get binding handle for dreplsrv\n")); + DBG_WARNING("Unable to get binding handle for dreplsrv\n"); TALLOC_FREE(tmp_ctx); return; } @@ -2034,7 +2034,7 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context, /* Must have found a cleartext or MD4 password */ if (num_keys == 0) { - DEBUG(1,(__location__ ": no usable key found\n")); + DBG_WARNING("no usable key found\n"); krb5_clear_error_message(context); ret = SDB_ERR_NOENTRY; goto out; @@ -2647,18 +2647,18 @@ static krb5_error_code samba_kdc_lookup_server(krb5_context context, DSDB_SEARCH_SHOW_EXTENDED_DN | DSDB_SEARCH_NO_GLOBAL_CATALOG, "%s", filter); if (lret == LDB_ERR_NO_SUCH_OBJECT) { - DEBUG(10, ("Failed to find an entry for %s filter:%s\n", - name1, filter)); + DBG_DEBUG("Failed to find an entry for %s filter:%s\n", + name1, filter); return SDB_ERR_NOENTRY; } if (lret == LDB_ERR_CONSTRAINT_VIOLATION) { - DEBUG(10, ("Failed to find unique entry for %s filter:%s\n", - name1, filter)); + DBG_DEBUG("Failed to find unique entry for %s filter:%s\n", + name1, filter); return SDB_ERR_NOENTRY; } if (lret != LDB_SUCCESS) { - DEBUG(0, ("Failed single search for %s - %s\n", - name1, ldb_errstring(kdc_db_ctx->samdb))); + DBG_ERR("Failed single search for %s - %s\n", + name1, ldb_errstring(kdc_db_ctx->samdb)); return SDB_ERR_NOENTRY; } return 0; @@ -3274,8 +3274,8 @@ samba_kdc_check_s4u2proxy(krb5_context context, " krb5_unparse_name() failed!"); return ret; } - DEBUG(10,("samba_kdc_check_s4u2proxy: client[%s] for target[%s]\n", - client_dn, tmp)); + DBG_DEBUG("client[%s] for target[%s]\n", + client_dn, tmp); target_principal_name = talloc_strdup(mem_ctx, tmp); SAFE_FREE(tmp); @@ -3315,8 +3315,8 @@ samba_kdc_check_s4u2proxy(krb5_context context, goto bad_option; } - DEBUG(10,("samba_kdc_check_s4u2proxy: client[%s] allowed target[%s]\n", - client_dn, target_principal_name)); + DBG_DEBUG("client[%s] allowed target[%s]\n", + client_dn, target_principal_name); talloc_free(mem_ctx); return 0; @@ -3550,7 +3550,7 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte NULL, 0); if (kdc_db_ctx->samdb == NULL) { - DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot open samdb for KDC backend!\n")); + DBG_WARNING("Cannot open samdb for KDC backend!\n"); talloc_free(kdc_db_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -3558,8 +3558,8 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte /* Find out our own krbtgt kvno */ ldb_ret = samdb_rodc(kdc_db_ctx->samdb, &kdc_db_ctx->rodc); if (ldb_ret != LDB_SUCCESS) { - DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine if we are an RODC in KDC backend: %s\n", - ldb_errstring(kdc_db_ctx->samdb))); + DBG_WARNING("Cannot determine if we are an RODC in KDC backend: %s\n", + ldb_errstring(kdc_db_ctx->samdb)); talloc_free(kdc_db_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -3569,8 +3569,8 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte struct ldb_dn *account_dn; struct ldb_dn *server_dn = samdb_server_dn(kdc_db_ctx->samdb, kdc_db_ctx); if (!server_dn) { - DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine server DN in KDC backend: %s\n", - ldb_errstring(kdc_db_ctx->samdb))); + DBG_WARNING("Cannot determine server DN in KDC backend: %s\n", + ldb_errstring(kdc_db_ctx->samdb)); talloc_free(kdc_db_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -3578,8 +3578,8 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte ldb_ret = samdb_reference_dn(kdc_db_ctx->samdb, kdc_db_ctx, server_dn, "serverReference", &account_dn); if (ldb_ret != LDB_SUCCESS) { - DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine server account in KDC backend: %s\n", - ldb_errstring(kdc_db_ctx->samdb))); + DBG_WARNING("Cannot determine server account in KDC backend: %s\n", + ldb_errstring(kdc_db_ctx->samdb)); talloc_free(kdc_db_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -3588,8 +3588,8 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte "msDS-KrbTgtLink", &kdc_db_ctx->krbtgt_dn); talloc_free(account_dn); if (ldb_ret != LDB_SUCCESS) { - DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot determine RODC krbtgt account in KDC backend: %s\n", - ldb_errstring(kdc_db_ctx->samdb))); + DBG_WARNING("Cannot determine RODC krbtgt account in KDC backend: %s\n", + ldb_errstring(kdc_db_ctx->samdb)); talloc_free(kdc_db_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -3600,18 +3600,18 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte DSDB_SEARCH_NO_GLOBAL_CATALOG, "(&(objectClass=user)(msDS-SecondaryKrbTgtNumber=*))"); if (ldb_ret != LDB_SUCCESS) { - DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot read krbtgt account %s in KDC backend to get msDS-SecondaryKrbTgtNumber: %s: %s\n", - ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn), - ldb_errstring(kdc_db_ctx->samdb), - ldb_strerror(ldb_ret))); + DBG_WARNING("Cannot read krbtgt account %s in KDC backend to get msDS-SecondaryKrbTgtNumber: %s: %s\n", + ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn), + ldb_errstring(kdc_db_ctx->samdb), + ldb_strerror(ldb_ret)); talloc_free(kdc_db_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } my_krbtgt_number = ldb_msg_find_attr_as_int(msg, "msDS-SecondaryKrbTgtNumber", -1); if (my_krbtgt_number == -1) { - DEBUG(1, ("samba_kdc_setup_db_ctx: Cannot read msDS-SecondaryKrbTgtNumber from krbtgt account %s in KDC backend: got %d\n", - ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn), - my_krbtgt_number)); + DBG_WARNING("Cannot read msDS-SecondaryKrbTgtNumber from krbtgt account %s in KDC backend: got %d\n", + ldb_dn_get_linearized(kdc_db_ctx->krbtgt_dn), + my_krbtgt_number); talloc_free(kdc_db_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -3628,7 +3628,7 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte "(&(objectClass=user)(samAccountName=krbtgt))"); if (ldb_ret != LDB_SUCCESS) { - DEBUG(1, ("samba_kdc_setup_db_ctx: could not find own KRBTGT in DB: %s\n", ldb_errstring(kdc_db_ctx->samdb))); + DBG_WARNING("could not find own KRBTGT in DB: %s\n", ldb_errstring(kdc_db_ctx->samdb)); talloc_free(kdc_db_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c index 2a5981daf2e..efe2f5316d9 100644 --- a/source4/kdc/hdb-samba4.c +++ b/source4/kdc/hdb-samba4.c @@ -405,7 +405,7 @@ static void reset_bad_password_netlogon(TALLOC_CTX *mem_ctx, &ndr_table_winbind); if (irpc_handle == NULL) { - DEBUG(0, ("No winbind_server running!\n")); + DBG_ERR("No winbind_server running!\n"); return; } diff --git a/source4/kdc/kdc-proxy.c b/source4/kdc/kdc-proxy.c index bf14ccbb8b4..2b63b071d6b 100644 --- a/source4/kdc/kdc-proxy.c +++ b/source4/kdc/kdc-proxy.c @@ -51,7 +51,7 @@ static WERROR kdc_proxy_get_writeable_dcs(struct kdc_server *kdc, TALLOC_CTX *me if (count == 0) { /* we don't have any DCs to replicate with. Very strange for a RODC */ - DEBUG(1,(__location__ ": No replication sources for RODC in KDC proxy\n")); + DBG_WARNING("No replication sources for RODC in KDC proxy\n"); talloc_free(reps); return WERR_DS_DRA_NO_REPLICA; } @@ -190,8 +190,8 @@ static void kdc_udp_proxy_resolve_done(struct composite_context *csubreq) status = resolve_name_recv(csubreq, state, &state->proxy.ip); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("Unable to resolve proxy[%s] - %s\n", - state->proxy.name.name, nt_errstr(status))); + DBG_ERR("Unable to resolve proxy[%s] - %s\n", + state->proxy.name.name, nt_errstr(status)); kdc_udp_next_proxy(req); return; } @@ -450,8 +450,8 @@ static void kdc_tcp_proxy_resolve_done(struct composite_context *csubreq) status = resolve_name_recv(csubreq, state, &state->proxy.ip); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("Unable to resolve proxy[%s] - %s\n", - state->proxy.name.name, nt_errstr(status))); + DBG_ERR("Unable to resolve proxy[%s] - %s\n", + state->proxy.name.name, nt_errstr(status)); kdc_tcp_next_proxy(req); return; } diff --git a/source4/kdc/kdc-server.c b/source4/kdc/kdc-server.c index 08d1ff46f77..98d5ab34533 100644 --- a/source4/kdc/kdc-server.c +++ b/source4/kdc/kdc-server.c @@ -132,9 +132,9 @@ static void kdc_udp_call_loop(struct tevent_req *subreq) call->in.data = buf; call->in.length = len; - DEBUG(10,("Received krb5 UDP packet of length %zu from %s\n", - call->in.length, - tsocket_address_string(call->src, call))); + DBG_DEBUG("Received krb5 UDP packet of length %zu from %s\n", + call->in.length, + tsocket_address_string(call->src, call)); /* Call krb5 */ ret = sock->kdc_socket->process(sock->kdc_socket->kdc, @@ -153,7 +153,7 @@ static void kdc_udp_call_loop(struct tevent_req *subreq) uint16_t port; if (!sock->kdc_socket->kdc->am_rodc) { - DEBUG(0,("kdc_udp_call_loop: proxying requested when not RODC\n")); + DBG_ERR("proxying requested when not RODC\n"); talloc_free(call); goto done; } @@ -281,9 +281,9 @@ static void kdc_tcp_call_loop(struct tevent_req *subreq) return; } - DEBUG(10,("Received krb5 TCP packet of length %zu from %s\n", - call->in.length, - tsocket_address_string(kdc_conn->conn->remote_address, call))); + DBG_DEBUG("Received krb5 TCP packet of length %zu from %s\n", + call->in.length, + tsocket_address_string(kdc_conn->conn->remote_address, call)); /* skip length header */ call->in.data +=4; @@ -584,8 +584,8 @@ NTSTATUS kdc_add_socket(struct kdc_server *kdc, kdc_socket, kdc->task->process_context); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("Failed to bind to %s:%u TCP - %s\n", - address, port, nt_errstr(status))); + DBG_ERR("Failed to bind to %s:%u TCP - %s\n", + address, port, nt_errstr(status)); talloc_free(kdc_socket); return status; } @@ -602,8 +602,8 @@ NTSTATUS kdc_add_socket(struct kdc_server *kdc, &kdc_udp_socket->dgram); if (ret != 0) { status = map_nt_error_from_unix_common(errno); - DEBUG(0,("Failed to bind to %s:%u UDP - %s\n", - address, port, nt_errstr(status))); + DBG_ERR("Failed to bind to %s:%u UDP - %s\n", + address, port, nt_errstr(status)); return status; } diff --git a/source4/kdc/kdc-service-mit.c b/source4/kdc/kdc-service-mit.c index d8ed1e19986..5b1240cd84b 100644 --- a/source4/kdc/kdc-service-mit.c +++ b/source4/kdc/kdc-service-mit.c @@ -222,7 +222,7 @@ NTSTATUS mitkdc_task_init(struct task_server *task) #endif NULL); if (subreq == NULL) { - DEBUG(0, ("Failed to start MIT KDC as child daemon\n")); + DBG_ERR("Failed to start MIT KDC as child daemon\n"); task_server_terminate(task, "Failed to startup mitkdc task", @@ -232,7 +232,7 @@ NTSTATUS mitkdc_task_init(struct task_server *task) tevent_req_set_callback(subreq, mitkdc_server_done, task); - DEBUG(5,("Started krb5kdc process\n")); + DBG_INFO("Started krb5kdc process\n"); status = samba_setup_mit_kdc_irpc(task); if (!NT_STATUS_IS_OK(status)) { @@ -241,7 +241,7 @@ NTSTATUS mitkdc_task_init(struct task_server *task) true); } - DEBUG(5,("Started irpc service for kdc_server\n")); + DBG_INFO("Started irpc service for kdc_server\n"); kdc = talloc_zero(task, struct kdc_server); if (kdc == NULL) { @@ -342,7 +342,7 @@ NTSTATUS mitkdc_task_init(struct task_server *task) return status; } - DEBUG(5,("Started kpasswd service for kdc_server\n")); + DBG_INFO("Started kpasswd service for kdc_server\n"); return NT_STATUS_OK; } @@ -360,10 +360,10 @@ static void mitkdc_server_done(struct tevent_req *subreq) ret = samba_runcmd_recv(subreq, &sys_errno); if (ret != 0) { - DEBUG(0, ("The MIT KDC daemon died with exit status %d\n", - sys_errno)); + DBG_ERR("The MIT KDC daemon died with exit status %d\n", + sys_errno); } else { - DEBUG(0,("The MIT KDC daemon exited normally\n")); + DBG_ERR("The MIT KDC daemon exited normally\n"); } task_server_terminate(task, "mitkdc child process exited", true); diff --git a/source4/kdc/kpasswd_glue.c b/source4/kdc/kpasswd_glue.c index b8ae40029b7..df7668f4b34 100644 --- a/source4/kdc/kpasswd_glue.c +++ b/source4/kdc/kpasswd_glue.c @@ -62,10 +62,10 @@ NTSTATUS samdb_kpasswd_change_password(TALLOC_CTX *mem_ctx, return NT_STATUS_ACCESS_DENIED; } - DEBUG(3, ("Changing password of %s\\%s (%s)\n", - session_info->info->domain_name, - session_info->info->account_name, - dom_sid_string(mem_ctx, &session_info->security_token->sids[PRIMARY_USER_SID_INDEX]))); + DBG_NOTICE("Changing password of %s\\%s (%s)\n", + session_info->info->domain_name, + session_info->info->account_name, + dom_sid_string(mem_ctx, &session_info->security_token->sids[PRIMARY_USER_SID_INDEX])); /* Performs the password change */ status = samdb_set_password_sid(samdb, diff --git a/source4/kdc/mit_kdc_irpc.c b/source4/kdc/mit_kdc_irpc.c index 677e3ab6a23..9e82d6801b7 100644 --- a/source4/kdc/mit_kdc_irpc.c +++ b/source4/kdc/mit_kdc_irpc.c @@ -104,8 +104,8 @@ static NTSTATUS netr_samlogon_generic_logon(struct irpc_message *msg, lpcfg_realm(mki_ctx->task->lp_ctx), NULL); if (code != 0) { - DEBUG(0, ("Failed to create krbtgt@%s principal!\n", - lpcfg_realm(mki_ctx->task->lp_ctx))); + DBG_ERR("Failed to create krbtgt@%s principal!\n", + lpcfg_realm(mki_ctx->task->lp_ctx)); return NT_STATUS_NO_MEMORY; } @@ -118,8 +118,8 @@ static NTSTATUS netr_samlogon_generic_logon(struct irpc_message *msg, &sentry); krb5_free_principal(mki_ctx->krb5_context, principal); if (code != 0) { - DEBUG(0, ("Failed to fetch krbtgt@%s principal entry!\n", - lpcfg_realm(mki_ctx->task->lp_ctx))); + DBG_ERR("Failed to fetch krbtgt@%s principal entry!\n", + lpcfg_realm(mki_ctx->task->lp_ctx)); return NT_STATUS_LOGON_FAILURE; } diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c index f24bdfcf2c7..55c6daa1c46 100644 --- a/source4/kdc/mit_samba.c +++ b/source4/kdc/mit_samba.c @@ -1081,7 +1081,7 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx, krb5_error_code code = 0; #ifdef DEBUG_PASSWORD - DEBUG(1,("mit_samba_kpasswd_change_password called with: %s\n", pwd)); + DBG_WARNING("mit_samba_kpasswd_change_password called with: %s\n", pwd); #endif tmp_ctx = talloc_named(ctx, 0, "mit_samba_kpasswd_change_password"); @@ -1093,8 +1093,8 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx, p->msg, &user_info_dc); if (!NT_STATUS_IS_OK(status)) { - DEBUG(1,("samba_kdc_get_user_info_from_db failed: %s\n", - nt_errstr(status))); + DBG_WARNING("samba_kdc_get_user_info_from_db failed: %s\n", + nt_errstr(status)); talloc_free(tmp_ctx); return EINVAL; } @@ -1107,8 +1107,8 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx, &ctx->session_info); if (!NT_STATUS_IS_OK(status)) { - DEBUG(1,("auth_generate_session_info failed: %s\n", - nt_errstr(status))); + DBG_WARNING("auth_generate_session_info failed: %s\n", + nt_errstr(status)); talloc_free(tmp_ctx); return EINVAL; } @@ -1118,7 +1118,7 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx, if (!convert_string_talloc(tmp_ctx, CH_UTF8, CH_UTF16, pwd, strlen(pwd), &password.data, &password.length)) { - DEBUG(1,("convert_string_talloc failed\n")); + DBG_WARNING("convert_string_talloc failed\n"); talloc_free(tmp_ctx); return EINVAL; } @@ -1133,8 +1133,8 @@ int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx, &error_string, &result); if (!NT_STATUS_IS_OK(status)) { - DEBUG(1,("samdb_kpasswd_change_password failed: %s\n", - nt_errstr(status))); + DBG_WARNING("samdb_kpasswd_change_password failed: %s\n", + nt_errstr(status)); code = KADM5_PASS_Q_GENERIC; krb5_set_error_message(ctx->context, code, "%s", error_string); goto out; diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 288fe2c0500..28380e29c14 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -85,8 +85,8 @@ NTSTATUS samba_get_logon_info_pac_blob(TALLOC_CTX *mem_ctx, &info3, resource_groups); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(1, ("Getting Samba info failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("Getting Samba info failed: %s\n", + nt_errstr(nt_status)); return nt_status; } @@ -122,8 +122,8 @@ NTSTATUS samba_get_logon_info_pac_blob(TALLOC_CTX *mem_ctx, (ndr_push_flags_fn_t)ndr_push_PAC_INFO); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(1, ("PAC_LOGON_INFO (presig) push failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("PAC_LOGON_INFO (presig) push failed: %s\n", + nt_errstr(nt_status)); return nt_status; } @@ -155,8 +155,8 @@ NTSTATUS samba_get_requester_sid_pac_blob(TALLOC_CTX *mem_ctx, (ndr_push_flags_fn_t)ndr_push_PAC_INFO); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(1, ("PAC_REQUESTER_SID (presig) push failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("PAC_REQUESTER_SID (presig) push failed: %s\n", + nt_errstr(nt_status)); return nt_status; } } @@ -201,8 +201,8 @@ NTSTATUS samba_get_upn_info_pac_blob(TALLOC_CTX *mem_ctx, (ndr_push_flags_fn_t)ndr_push_PAC_INFO); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(1, ("PAC UPN_DNS_INFO (presig) push failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("PAC UPN_DNS_INFO (presig) push failed: %s\n", + nt_errstr(nt_status)); return nt_status; } @@ -236,8 +236,8 @@ NTSTATUS samba_get_pac_attrs_blob(TALLOC_CTX *mem_ctx, (ndr_push_flags_fn_t)ndr_push_PAC_INFO); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(1, ("PAC ATTRIBUTES_INFO (presig) push failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("PAC ATTRIBUTES_INFO (presig) push failed: %s\n", + nt_errstr(nt_status)); return nt_status; } @@ -298,7 +298,7 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx, } } if (lm_hash != NULL) { - DEBUG(5, ("Passing LM password hash through credentials set\n")); + DBG_INFO("Passing LM password hash through credentials set\n"); ntlm_secpkg.flags |= PAC_CREDENTIAL_NTLM_HAS_LM_HASH; ntlm_secpkg.lm_password = *lm_hash; ZERO_STRUCTP(lm_hash); @@ -313,7 +313,7 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx, } } if (nt_hash != NULL) { - DEBUG(5, ("Passing NT password hash through credentials set\n")); + DBG_INFO("Passing NT password hash through credentials set\n"); ntlm_secpkg.flags |= PAC_CREDENTIAL_NTLM_HAS_NT_HASH; ntlm_secpkg.nt_password = *nt_hash; ZERO_STRUCTP(nt_hash); @@ -335,13 +335,13 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx, ZERO_STRUCT(ntlm_secpkg); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(1, ("PAC_CREDENTIAL_NTLM_SECPKG (presig) push failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("PAC_CREDENTIAL_NTLM_SECPKG (presig) push failed: %s\n", + nt_errstr(nt_status)); return nt_status; } - DEBUG(10, ("NTLM credential BLOB (len %zu) for user\n", - ntlm_blob.length)); + DBG_DEBUG("NTLM credential BLOB (len %zu) for user\n", + ntlm_blob.length); dump_data_pw("PAC_CREDENTIAL_NTLM_SECPKG", ntlm_blob.data, ntlm_blob.length); @@ -371,13 +371,13 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx, data_blob_clear(&ntlm_blob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(1, ("PAC_CREDENTIAL_DATA_NDR (presig) push failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("PAC_CREDENTIAL_DATA_NDR (presig) push failed: %s\n", + nt_errstr(nt_status)); return nt_status; } - DEBUG(10, ("Created credential BLOB (len %zu) for user\n", - cred_blob->length)); + DBG_DEBUG("Created credential BLOB (len %zu) for user\n", + cred_blob->length); dump_data_pw("PAC_CREDENTIAL_DATA_NDR", cred_blob->data, cred_blob->length); @@ -406,20 +406,20 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context, &cred_crypto); if (ret != 0) { krb5err = krb5_get_error_message(context, ret); - DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err)); + DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err); krb5_free_error_message(context, krb5err); return ret; } ret = krb5_crypto_getenctype(context, cred_crypto, &cred_enctype); if (ret != 0) { - DEBUG(1, ("Failed getting crypto type for key\n")); + DBG_WARNING("Failed getting crypto type for key\n"); krb5_crypto_destroy(context, cred_crypto); return ret; } - DEBUG(10, ("Plain cred_ndr_blob (len %zu)\n", - cred_ndr_blob->length)); + DBG_DEBUG("Plain cred_ndr_blob (len %zu)\n", + cred_ndr_blob->length); dump_data_pw("PAC_CREDENTIAL_DATA_NDR", cred_ndr_blob->data, cred_ndr_blob->length); @@ -430,7 +430,7 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context, krb5_crypto_destroy(context, cred_crypto); if (ret != 0) { krb5err = krb5_get_error_message(context, ret); - DEBUG(1, ("Failed crypt of cred data: %s\n", krb5err)); + DBG_WARNING("Failed crypt of cred data: %s\n", krb5err); krb5_free_error_message(context, krb5err); return ret; } @@ -448,13 +448,13 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context, krb5_data_free(&cred_ndr_crypt); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(1, ("PAC_CREDENTIAL_INFO (presig) push failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("PAC_CREDENTIAL_INFO (presig) push failed: %s\n", + nt_errstr(nt_status)); return KRB5KDC_ERR_SVC_UNAVAILABLE; } - DEBUG(10, ("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n", - cred_info_blob->length, pac_cred_info.encryption_type)); + DBG_DEBUG("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n", + cred_info_blob->length, pac_cred_info.encryption_type); dump_data_pw("PAC_CREDENTIAL_INFO", cred_info_blob->data, cred_info_blob->length); @@ -485,15 +485,15 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context, &cred_key); if (code != 0) { krb5err = krb5_get_error_message(context, code); - DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err)); + DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err); krb5_free_error_message(context, krb5err); return code; } cred_enctype = krb5_k_key_enctype(context, cred_key); - DEBUG(10, ("Plain cred_ndr_blob (len %zu)\n", - cred_ndr_blob->length)); + DBG_DEBUG("Plain cred_ndr_blob (len %zu)\n", + cred_ndr_blob->length); dump_data_pw("PAC_CREDENTIAL_DATA_NDR", cred_ndr_blob->data, cred_ndr_blob->length); @@ -509,7 +509,7 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context, &enc_len); if (code != 0) { krb5err = krb5_get_error_message(context, code); - DEBUG(1, ("Failed initializing cred data crypto: %s\n", krb5err)); + DBG_WARNING("Failed initializing cred data crypto: %s\n", krb5err); krb5_free_error_message(context, krb5err); return code; } @@ -532,7 +532,7 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context, krb5_k_free_key(context, cred_key); if (code != 0) { krb5err = krb5_get_error_message(context, code); - DEBUG(1, ("Failed crypt of cred data: %s\n", krb5err)); + DBG_WARNING("Failed crypt of cred data: %s\n", krb5err); krb5_free_error_message(context, krb5err); return code; } @@ -546,13 +546,13 @@ krb5_error_code samba_kdc_encrypt_pac_credentials(krb5_context context, TALLOC_FREE(pac_cred_info.encrypted_data.data); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(1, ("PAC_CREDENTIAL_INFO (presig) push failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("PAC_CREDENTIAL_INFO (presig) push failed: %s\n", + nt_errstr(nt_status)); return KRB5KDC_ERR_SVC_UNAVAILABLE; } - DEBUG(10, ("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n", - cred_info_blob->length, pac_cred_info.encryption_type)); + DBG_DEBUG("Encrypted credential BLOB (len %zu) with alg %"PRId32"\n", + cred_info_blob->length, pac_cred_info.encryption_type); dump_data_pw("PAC_CREDENTIAL_INFO", cred_info_blob->data, cred_info_blob->length); @@ -771,7 +771,7 @@ int samba_client_requested_pac(krb5_context context, smb_krb5_free_data_contents(context, &k5pac_attrs_in); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(0,("can't parse the PAC ATTRIBUTES_INFO: %s\n", nt_errstr(nt_status))); + DBG_ERR("can't parse the PAC ATTRIBUTES_INFO: %s\n", nt_errstr(nt_status)); return EINVAL; } @@ -1054,8 +1054,8 @@ NTSTATUS samba_kdc_get_upn_info_blob(TALLOC_CTX *mem_ctx, user_info_dc, upn_blob); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Building PAC UPN INFO failed: %s\n", - nt_errstr(nt_status))); + DBG_ERR("Building PAC UPN INFO failed: %s\n", + nt_errstr(nt_status)); return nt_status; } @@ -1363,7 +1363,7 @@ static NTSTATUS samba_kdc_update_delegation_info_blob(TALLOC_CTX *mem_ctx, if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { smb_krb5_free_data_contents(context, &old_data); nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status))); + DBG_ERR("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)); talloc_free(tmp_ctx); return nt_status; } @@ -1403,7 +1403,7 @@ static NTSTATUS samba_kdc_update_delegation_info_blob(TALLOC_CTX *mem_ctx, if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { smb_krb5_free_data_contents(context, &old_data); nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status))); + DBG_ERR("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)); talloc_free(tmp_ctx); return nt_status; } @@ -1501,7 +1501,7 @@ static krb5_error_code samba_get_requester_sid(TALLOC_CTX *mem_ctx, smb_krb5_free_data_contents(context, &k5pac_requester_sid_in); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); - DEBUG(0,("can't parse the PAC REQUESTER_SID: %s\n", nt_errstr(nt_status))); + DBG_ERR("can't parse the PAC REQUESTER_SID: %s\n", nt_errstr(nt_status)); talloc_free(tmp_ctx); return EINVAL; } @@ -2080,8 +2080,8 @@ static krb5_error_code samba_kdc_get_device_info_blob(TALLOC_CTX *mem_ctx, &info3, &resource_groups); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(1, ("Getting Samba info failed: %s\n", - nt_errstr(nt_status))); + DBG_WARNING("Getting Samba info failed: %s\n", + nt_errstr(nt_status)); talloc_free(frame); return nt_status_to_krb5(nt_status); } diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c index 4e9dff4af79..d470c298f78 100644 --- a/source4/kdc/wdc-samba4.c +++ b/source4/kdc/wdc-samba4.c @@ -369,7 +369,7 @@ static krb5_error_code samba_wdc_verify_pac2(astgs_request_t r, NULL, &key->key); if (ret != 0) { - DEBUG(1, ("PAC KDC signature failed to verify\n")); + DBG_WARNING("PAC KDC signature failed to verify\n"); goto out; } @@ -580,7 +580,7 @@ static krb5_error_code samba_wdc_verify_pac(void *priv, astgs_request_t r, &ctype, &rodc_id); if (ret != 0) { - DEBUG(1, ("Failed to get PAC checksum info\n")); + DBG_WARNING("Failed to get PAC checksum info\n"); return ret; }