kdc: call HDB audit function in both AS and TGS
Call the HDB audit method, if present, in both AS and TGS, immediately prior to generating an error response to send to the clinet.
This commit is contained in:
Luke Howard
17
kdc/misc.c
17
kdc/misc.c
@@ -341,3 +341,20 @@ _kdc_include_pac_p(astgs_request_t r)
|
||||
|
||||
return !!(r->pac_attributes & (KRB5_PAC_WAS_REQUESTED | KRB5_PAC_WAS_GIVEN_IMPLICITLY));
|
||||
}
|
||||
|
||||
/*
|
||||
* Notify the HDB backend of the audited event.
|
||||
*/
|
||||
|
||||
krb5_error_code
|
||||
_kdc_hdb_audit(astgs_request_t r)
|
||||
{
|
||||
struct HDB *hdb;
|
||||
|
||||
hdb = r->clientdb ? r->clientdb : r->config->db[0];
|
||||
|
||||
if (hdb && hdb->hdb_audit)
|
||||
return hdb->hdb_audit(r->context, hdb, r->client, (hdb_request_t)r);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user