| Date: | Sat, 24 Apr 2010 13:18:21 -0400 |
| From: | Jeff Blaine <jblaine@kickflop.net> |
| To: | krb5-bugs@mit.edu |
| Subject: | logging preauth (patch available) |
Is this patch wanted?
Example:
Apr 24 13:10:04 kdc.our.org krb5kdc[30257](info): PREAUTH
xxx.yy.10.113: VALID: authtime 1272127234, jblaine@MYREALM.OUR.ORG
for krbtgt/MYREALM.OUR.ORG@MYREALM.OUR.ORG
kdc/kdc_util.h
proto for new log_preauth()
kdc/kdc_util.c
new function log_preauth(), copied and modified from
existing log_as_req()
kdc/do_as_req.c
call log_preauth if the errcode from check_padata() is 0
Example:
Apr 24 13:10:04 kdc.our.org krb5kdc[30257](info): PREAUTH
xxx.yy.10.113: VALID: authtime 1272127234, jblaine@MYREALM.OUR.ORG
for krbtgt/MYREALM.OUR.ORG@MYREALM.OUR.ORG
kdc/kdc_util.h
proto for new log_preauth()
kdc/kdc_util.c
new function log_preauth(), copied and modified from
existing log_as_req()
kdc/do_as_req.c
call log_preauth if the errcode from check_padata() is 0