kdc: Improve warn_ticket_addresses feature

- Don't log "Request from wrong address (ignoring)". - Add "wrongaddr=yes" kv to final log message. - Add request and ticket addresses (up to 3) to final log message.
2021-05-12 17:54:36 -05:00
parent 8807a0aad9
commit 9ce3cbbf2a
4 changed files with 34 additions and 4 deletions
--- a/tests/kdc/check-bx509.in
+++ b/tests/kdc/check-bx509.in
@@ -589,7 +589,7 @@ ${kgetcred} -H HTTP/${server}@${R} ||
 KRB5CCNAME=$cache $gsstoken HTTP@$server | KRB5_KTNAME="$keytab" $gsstoken -r ||
    { echo "Trivial offline CA test failed (gss-token)"; exit 2; }

-grep 'Request from wrong address .ignoring' ${objdir}/messages.log ||
+grep 'REQ.*wrongaddr' ${objdir}/messages.log ||
    { echo "KDC not warning about requests from wrong address"; exit 2; }

 echo "Fetching a Negotiate token"