diff --git a/kdc/kerberos4.c b/kdc/kerberos4.c index fd49ec911..11201cb19 100644 --- a/kdc/kerberos4.c +++ b/kdc/kerberos4.c @@ -147,7 +147,7 @@ do_version4(unsigned char *buf, sp = krb5_storage_from_mem(buf, len); RCHECK(krb5_ret_int8(sp, &pvno), out); if(pvno != 4){ - kdc_log(0, "Protocol version mismatch (%d)", pvno); + kdc_log(0, "Protocol version mismatch (krb4) (%d)", pvno); make_err_reply(reply, KDC_PKT_VER, NULL); goto out; } @@ -170,7 +170,7 @@ do_version4(unsigned char *buf, snprintf (server_name, sizeof(server_name), "%s.%s@%s", sname, sinst, v4_realm); - kdc_log(0, "AS-REQ %s from %s for %s", + kdc_log(0, "AS-REQ (krb4) %s from %s for %s", client_name, from, server_name); ret = db_fetch4(name, inst, realm, &client); @@ -293,7 +293,7 @@ do_version4(unsigned char *buf, ret = krb5_425_conv_principal(context, "krbtgt", realm, v4_realm, &tgt_princ); if(ret){ - kdc_log(0, "Converting krbtgt principal: %s", + kdc_log(0, "Converting krbtgt principal (krb4): %s", krb5_get_err_text(context, ret)); make_err_reply(reply, KFAILURE, "Failed to convert v4 principal (krbtgt)"); @@ -304,7 +304,7 @@ do_version4(unsigned char *buf, if(ret){ char *s; s = kdc_log_msg(0, "Ticket-granting ticket not " - "found in database: krbtgt.%s@%s: %s", + "found in database (krb4): krbtgt.%s@%s: %s", realm, v4_realm, krb5_get_err_text(context, ret)); make_err_reply(reply, KFAILURE, s); @@ -313,7 +313,7 @@ do_version4(unsigned char *buf, } if(tgt->kvno % 256 != kvno){ - kdc_log(0, "tgs-req with old kvno %d (current %d) for " + kdc_log(0, "tgs-req (krb4) with old kvno %d (current %d) for " "krbtgt.%s@%s", kvno, tgt->kvno % 256, realm, v4_realm); make_err_reply(reply, KDC_AUTH_EXP, "old krbtgt kvno used"); @@ -322,7 +322,7 @@ do_version4(unsigned char *buf, ret = get_des_key(tgt, TRUE, FALSE, &tkey); if(ret){ - kdc_log(0, "no suitable DES key for krbtgt"); + kdc_log(0, "no suitable DES key for krbtgt (krb4)"); /* XXX */ make_err_reply(reply, KDC_NULL_KEY, "no suitable DES key for krbtgt"); @@ -359,18 +359,18 @@ do_version4(unsigned char *buf, "%s.%s@%s", sname, sinst, v4_realm); - kdc_log(0, "TGS-REQ %s.%s@%s from %s for %s", + kdc_log(0, "TGS-REQ (krb4) %s.%s@%s from %s for %s", ad.pname, ad.pinst, ad.prealm, from, server_name); if(strcmp(ad.prealm, realm)){ - kdc_log(0, "Can't hop realms %s -> %s", realm, ad.prealm); + kdc_log(0, "Can't hop realms (krb4) %s -> %s", realm, ad.prealm); make_err_reply(reply, KERB_ERR_PRINCIPAL_UNKNOWN, "Can't hop realms"); goto out2; } if(strcmp(sname, "changepw") == 0){ - kdc_log(0, "Bad request for changepw ticket"); + kdc_log(0, "Bad request for changepw ticket (krb4)"); make_err_reply(reply, KERB_ERR_PRINCIPAL_UNKNOWN, "Can't authorize password change based on TGT"); goto out2; @@ -380,7 +380,8 @@ do_version4(unsigned char *buf, ret = db_fetch4(ad.pname, ad.pinst, ad.prealm, &client); if(ret){ char *s; - s = kdc_log_msg(0, "Client not found in database: %s.%s@%s: %s", + s = kdc_log_msg(0, "Client not found in database: (krb4) " + "%s.%s@%s: %s", ad.pname, ad.pinst, ad.prealm, krb5_get_err_text(context, ret)); make_err_reply(reply, KERB_ERR_PRINCIPAL_UNKNOWN, s); @@ -392,7 +393,7 @@ do_version4(unsigned char *buf, ret = db_fetch4(sname, sinst, v4_realm, &server); if(ret){ char *s; - s = kdc_log_msg(0, "Server not found in database: %s: %s", + s = kdc_log_msg(0, "Server not found in database (krb4): %s: %s", server_name, krb5_get_err_text(context, ret)); make_err_reply(reply, KERB_ERR_PRINCIPAL_UNKNOWN, s); free(s); @@ -410,7 +411,7 @@ do_version4(unsigned char *buf, ret = get_des_key(server, TRUE, FALSE, &skey); if(ret){ - kdc_log(0, "no suitable DES key for server"); + kdc_log(0, "no suitable DES key for server (krb4)"); /* XXX */ make_err_reply(reply, KDC_NULL_KEY, "no suitable DES key for server"); @@ -462,7 +463,7 @@ do_version4(unsigned char *buf, case AUTH_MSG_ERR_REPLY: break; default: - kdc_log(0, "Unknown message type: %d from %s", + kdc_log(0, "Unknown message type (krb4): %d from %s", msg_type, from); make_err_reply(reply, KFAILURE, "Unknown message type");