summaryrefslogtreecommitdiff
path: root/server/providers/krb5/krb5_auth.c
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2009-10-12 15:38:29 +0200
committerSimo Sorce <ssorce@redhat.com>2009-10-15 18:10:21 -0400
commitc0dfe79ba578d62a991b0a829d7e0f670a445109 (patch)
treedc109923822b41d1242a52fc980bf7f0f766b3fd /server/providers/krb5/krb5_auth.c
parentdc71edea5cda411cdce039777a2ba3b00e19ca27 (diff)
downloadsssd-c0dfe79ba578d62a991b0a829d7e0f670a445109.tar.gz
sssd-c0dfe79ba578d62a991b0a829d7e0f670a445109.tar.bz2
sssd-c0dfe79ba578d62a991b0a829d7e0f670a445109.zip
enable debugging of krb5_child
Diffstat (limited to 'server/providers/krb5/krb5_auth.c')
-rw-r--r--server/providers/krb5/krb5_auth.c101
1 files changed, 99 insertions, 2 deletions
diff --git a/server/providers/krb5/krb5_auth.c b/server/providers/krb5/krb5_auth.c
index 91f91969..4d98b931 100644
--- a/server/providers/krb5/krb5_auth.c
+++ b/server/providers/krb5/krb5_auth.c
@@ -327,6 +327,76 @@ static void wait_for_child_handler(struct tevent_context *ev,
return;
}
+static errno_t prepare_child_argv(TALLOC_CTX *mem_ctx,
+ struct krb5child_req *kr,
+ char ***_argv)
+{
+ uint_t argc = 3; /* program name, debug_level and NULL */
+ char ** argv;
+ errno_t ret = EINVAL;
+
+ /* Save the current state in case an interrupt changes it */
+ bool child_debug_to_file = debug_to_file;
+ bool child_debug_timestamps = debug_timestamps;
+
+ if (child_debug_to_file) argc++;
+ if (child_debug_timestamps) argc++;
+
+ /* program name, debug_level,
+ * debug_to_file, debug_timestamps
+ * and NULL */
+ argv = talloc_array(mem_ctx, char *, argc);
+ if (argv == NULL) {
+ DEBUG(1, ("talloc_array failed.\n"));
+ return ENOMEM;
+ }
+
+ argv[--argc] = NULL;
+
+ argv[--argc] = talloc_asprintf(argv, "--debug-level=%d",
+ debug_level);
+ if (argv[argc] == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+
+ if (child_debug_to_file) {
+ argv[--argc] = talloc_asprintf(argv, "--debug-fd=%d",
+ kr->krb5_ctx->child_debug_fd);
+ if (argv[argc] == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+ }
+
+ if (child_debug_timestamps) {
+ argv[--argc] = talloc_strdup(argv, "--debug-timestamps");
+ if (argv[argc] == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+ }
+
+ argv[--argc] = talloc_strdup(argv, KRB5_CHILD);
+ if (argv[argc] == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+
+ if (argc != 0) {
+ ret = EINVAL;
+ goto fail;
+ }
+
+ *_argv = argv;
+
+ return EOK;
+
+fail:
+ talloc_free(argv);
+ return ret;
+}
+
static errno_t fork_child(struct krb5child_req *kr)
{
int pipefd_to_child[2];
@@ -334,6 +404,7 @@ static errno_t fork_child(struct krb5child_req *kr)
pid_t pid;
int ret;
errno_t err;
+ char **argv;
ret = pipe(pipefd_from_child);
if (ret == -1) {
@@ -383,10 +454,16 @@ static errno_t fork_child(struct krb5child_req *kr)
return err;
}
- ret = execl(KRB5_CHILD, KRB5_CHILD, NULL);
+ ret = prepare_child_argv(kr, kr, &argv);
+ if (ret != EOK) {
+ DEBUG(1, ("prepare_child_argv.\n"));
+ return ret;
+ }
+
+ ret = execv(KRB5_CHILD, argv);
if (ret == -1) {
err = errno;
- DEBUG(1, ("execl failed [%d][%s].\n", errno, strerror(errno)));
+ DEBUG(1, ("execv failed [%d][%s].\n", errno, strerror(errno)));
return err;
}
} else if (pid > 0) { /* parent */
@@ -912,6 +989,8 @@ int sssm_krb5_auth_init(struct be_ctx *bectx,
int ret;
struct tevent_signal *sige;
struct stat stat_buf;
+ unsigned v;
+ FILE *debug_filep;
ctx = talloc_zero(bectx, struct krb5_ctx);
if (!ctx) {
@@ -1015,6 +1094,24 @@ int sssm_krb5_auth_init(struct be_ctx *bectx,
goto fail;
}
+ if (debug_to_file != 0) {
+ ret = open_debug_file_ex("krb5_child", &debug_filep);
+ if (ret != EOK) {
+ DEBUG(0, ("Error setting up logging (%d) [%s]\n",
+ ret, strerror(ret)));
+ goto fail;
+ }
+
+ ctx->child_debug_fd = fileno(debug_filep);
+ if (ctx->child_debug_fd == -1) {
+ DEBUG(0, ("fileno failed [%d][%s]\n", errno, strerror(errno)));
+ ret = errno;
+ goto fail;
+ }
+
+ v = fcntl(ctx->child_debug_fd, F_GETFD, 0);
+ fcntl(ctx->child_debug_fd, F_SETFD, v & ~FD_CLOEXEC);
+ }
*ops = &krb5_auth_ops;
*pvt_auth_data = ctx;