Generate a single summary audit line for AS/TGS.

We refactor the code a bit to extend kdc_request_t which until now was only used for the AS. We make the structure extensible and start using it for the TGS as well. We leave digest and kx509 alone for the time being. We also define the concept of kv-pairs in our audit trail which allows us to define a rigorous but extensible format: type error from-addr client server key1=val1 key2=val2 ...
2019-11-18 21:34:35 +00:00
parent fb9a78223c
commit 7d353d0557
9 changed files with 670 additions and 423 deletions
--- a/kdc/kdc.h
+++ b/kdc/kdc.h
@@ -101,18 +101,14 @@ typedef struct krb5_kdc_configuration {
    const char *app;
 } krb5_kdc_configuration;

+typedef struct kdc_request_desc *kdc_request_t;
+typedef struct astgs_request_desc *astgs_request_t;
+
 struct krb5_kdc_service {
    unsigned int flags;
 #define KS_KRB5		1
 #define KS_NO_LENGTH	2
-    krb5_error_code (*process)(krb5_context context,
-			       krb5_kdc_configuration *config,
-			       krb5_data *req_buffer,
-			       krb5_data *reply,
-			       const char *from,
-			       struct sockaddr *addr,
-			       int datagram_reply,
-			       int *claim);
+    krb5_error_code (*process)(kdc_request_t *, int *claim);
 };

 #include <kdc-protos.h>