base: s/addkv_{bool,number,object}/setkv
Now heim_audit_addkv() correctly supports multiple values, the other functions that (by design) replace existing values with a single value should use the heim_audit_setkv prefix. A subsequent commit could add variants that support multiple values for non-string types.
This commit is contained in:
10
kdc/bx509d.c
10
kdc/bx509d.c
@@ -485,7 +485,7 @@ bad_reqv(struct bx509_request_desc *r,
|
||||
char *formatted = NULL;
|
||||
char *msg = NULL;
|
||||
|
||||
heim_audit_addkv_number((heim_svc_req_desc)r, "http-status-code",
|
||||
heim_audit_setkv_number((heim_svc_req_desc)r, "http-status-code",
|
||||
http_status_code);
|
||||
(void) gettimeofday(&r->tv_end, NULL);
|
||||
if (code == ENOMEM) {
|
||||
@@ -669,13 +669,13 @@ bx509_param_cb(void *d,
|
||||
&oid);
|
||||
der_free_oid(&oid);
|
||||
} else if (strcmp(key, "csr") == 0 && val) {
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_csr", TRUE);
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_csr", TRUE);
|
||||
r->ret = 0; /* Handled upstairs */
|
||||
} else if (strcmp(key, "lifetime") == 0 && val) {
|
||||
r->req_life = parse_time(val, "day");
|
||||
} else {
|
||||
/* Produce error for unknown params */
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
krb5_set_error_message(r->context, r->ret = ENOTSUP,
|
||||
"Query parameter %s not supported", key);
|
||||
}
|
||||
@@ -1638,7 +1638,7 @@ bnegotiate(struct bx509_request_desc *r)
|
||||
if (ret == 0) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS, "target", "%s",
|
||||
r->target ? r->target : "<unknown>");
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, "redir", !!r->redir);
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, "redir", !!r->redir);
|
||||
ret = validate_token(r);
|
||||
}
|
||||
/* bnegotiate_get_target() and validate_token() call bad_req() */
|
||||
@@ -1737,7 +1737,7 @@ get_tgt_param_cb(void *d,
|
||||
r->req_life = parse_time(val, "day");
|
||||
} else {
|
||||
/* Produce error for unknown params */
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
krb5_set_error_message(r->context, r->ret = ENOTSUP,
|
||||
"Query parameter %s not supported", key);
|
||||
}
|
||||
|
@@ -700,7 +700,7 @@ bad_reqv(kadmin_request_desc r,
|
||||
if (r && r->context)
|
||||
context = r->context;
|
||||
if (r && r->hcontext && r->kv)
|
||||
heim_audit_addkv_number((heim_svc_req_desc)r, "http-status-code",
|
||||
heim_audit_setkv_number((heim_svc_req_desc)r, "http-status-code",
|
||||
http_status_code);
|
||||
(void) gettimeofday(&r->tv_end, NULL);
|
||||
if (code == ENOMEM) {
|
||||
@@ -1046,7 +1046,7 @@ param_cb(void *d,
|
||||
#endif
|
||||
} else {
|
||||
/* Produce error for unknown params */
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
krb5_set_error_message(r->context, ret = ENOTSUP,
|
||||
"Query parameter %s not supported", key);
|
||||
}
|
||||
|
@@ -442,13 +442,13 @@ _kdc_log_timestamp(astgs_request_t r, const char *type,
|
||||
endtime_str[100], renewtime_str[100];
|
||||
|
||||
if (authtime)
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, "auth", authtime);
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, "auth", authtime);
|
||||
if (starttime && *starttime)
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, "start", *starttime);
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, "start", *starttime);
|
||||
if (endtime)
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, "end", endtime);
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, "end", endtime);
|
||||
if (renew_till && *renew_till)
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, "renew", *renew_till);
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, "renew", *renew_till);
|
||||
|
||||
krb5_format_time(r->context, authtime,
|
||||
authtime_str, sizeof(authtime_str), TRUE);
|
||||
@@ -488,7 +488,7 @@ pa_pkinit_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
|
||||
_kdc_r_log(r, 4, "Failed to decode PKINIT PA-DATA -- %s",
|
||||
r->cname);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_PKINIT_FAILED);
|
||||
goto out;
|
||||
}
|
||||
@@ -500,7 +500,7 @@ pa_pkinit_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
if (ret) {
|
||||
_kdc_set_e_text(r, "PKINIT certificate not allowed to "
|
||||
"impersonate principal");
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_PKINIT_NOT_AUTHORIZED);
|
||||
goto out;
|
||||
}
|
||||
@@ -520,7 +520,7 @@ pa_pkinit_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
ret = _kdc_add_initial_verified_cas(r->context, r->config,
|
||||
pkp, &r->et);
|
||||
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_PKINIT_SUCCEEDED);
|
||||
|
||||
out:
|
||||
@@ -553,7 +553,7 @@ pa_gss_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
if (ret) {
|
||||
_kdc_set_e_text(r, "GSS-API client not allowed to "
|
||||
"impersonate principal");
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_GSS_PA_NOT_AUTHORIZED);
|
||||
goto out;
|
||||
}
|
||||
@@ -562,7 +562,7 @@ pa_gss_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
|
||||
_kdc_r_log(r, 4, "GSS pre-authentication succeeded -- %s using %s",
|
||||
r->cname, client_name);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_GSS_PA_SUCCEEDED);
|
||||
|
||||
ret = _kdc_gss_mk_composite_name_ad(r, gcp);
|
||||
@@ -576,7 +576,7 @@ pa_gss_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
if (ret) {
|
||||
if (ret != KRB5_KDC_ERR_MORE_PREAUTH_DATA_REQUIRED) {
|
||||
_kdc_set_e_text(r, "Failed to build GSS pre-authentication reply");
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_GSS_PA_FAILED);
|
||||
}
|
||||
|
||||
@@ -640,7 +640,7 @@ pa_enc_chal_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
ret = KRB5KDC_ERR_CLIENT_REVOKED;
|
||||
kdc_log(r->context, r->config, 0,
|
||||
"Client (%s) is locked out", r->cname);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_CLIENT_LOCKED_OUT);
|
||||
return ret;
|
||||
}
|
||||
@@ -767,13 +767,13 @@ pa_enc_chal_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
/*
|
||||
* Success
|
||||
*/
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_LTK_PREAUTH_SUCCEEDED);
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (invalidPassword) {
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_LTK_PREAUTH_FAILED);
|
||||
ret = KRB5KDC_ERR_PREAUTH_FAILED;
|
||||
} else {
|
||||
@@ -813,7 +813,7 @@ pa_enc_ts_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
ret = KRB5KDC_ERR_CLIENT_REVOKED;
|
||||
kdc_log(r->context, r->config, 0,
|
||||
"Client (%s) is locked out", r->cname);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_CLIENT_LOCKED_OUT);
|
||||
return ret;
|
||||
}
|
||||
@@ -882,9 +882,9 @@ pa_enc_ts_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
_kdc_r_log(r, 2, "Failed to decrypt PA-DATA -- %s "
|
||||
"(enctype %s) error %s",
|
||||
r->cname, str ? str : "unknown enctype", msg);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_PA_ETYPE,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_PA_ETYPE,
|
||||
pa_key->key.keytype);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_LTK_PREAUTH_FAILED);
|
||||
if(hdb_next_enctype2key(r->context, &r->client->entry, NULL,
|
||||
enc_data.etype, &pa_key) == 0)
|
||||
@@ -920,7 +920,7 @@ pa_enc_ts_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
(unsigned)labs(kdc_time - p.patimestamp),
|
||||
r->context->max_skew,
|
||||
r->cname);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_CLIENT_TIME_SKEW);
|
||||
|
||||
/*
|
||||
@@ -945,9 +945,9 @@ pa_enc_ts_validate(astgs_request_t r, const PA_DATA *pa)
|
||||
str = NULL;
|
||||
_kdc_r_log(r, 4, "ENC-TS Pre-authentication succeeded -- %s using %s",
|
||||
r->cname, str ? str : "unknown enctype");
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_PA_ETYPE,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_PA_ETYPE,
|
||||
pa_key->key.keytype);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_LTK_PREAUTH_SUCCEEDED);
|
||||
|
||||
ret = 0;
|
||||
@@ -1849,7 +1849,7 @@ generate_pac(astgs_request_t r, const Key *skey, const Key *tkey,
|
||||
krb5_const_principal canon_princ = NULL;
|
||||
|
||||
r->pac_attributes = get_pac_attributes(r->context, &r->req);
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, "pac_attributes",
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, "pac_attributes",
|
||||
r->pac_attributes);
|
||||
|
||||
if (!_kdc_include_pac_p(r))
|
||||
@@ -2186,7 +2186,7 @@ _kdc_as_rep(astgs_request_t r)
|
||||
kdc_log(r->context, config, 4, "UNKNOWN -- %s: %s", r->cname, msg);
|
||||
krb5_free_error_message(r->context, msg);
|
||||
ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN;
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_CLIENT_UNKNOWN);
|
||||
goto out;
|
||||
}
|
||||
@@ -2263,7 +2263,7 @@ _kdc_as_rep(astgs_request_t r)
|
||||
krb5_boolean default_salt;
|
||||
|
||||
if (!_kdc_audit_getkv((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT))
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_OTHER_PREAUTH_FAILED);
|
||||
|
||||
/*
|
||||
@@ -2281,7 +2281,7 @@ _kdc_as_rep(astgs_request_t r)
|
||||
goto out;
|
||||
}
|
||||
if (!_kdc_audit_getkv((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT))
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_OTHER_PREAUTH_SUCCEEDED);
|
||||
kdc_log(r->context, config, 4,
|
||||
"%s pre-authentication succeeded -- %s",
|
||||
@@ -2376,7 +2376,7 @@ _kdc_as_rep(astgs_request_t r)
|
||||
r->et.flags.anonymous = 1;
|
||||
}
|
||||
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT,
|
||||
HDB_AUTH_EVENT_CLIENT_AUTHORIZED);
|
||||
|
||||
/*
|
||||
@@ -2481,7 +2481,7 @@ _kdc_as_rep(astgs_request_t r)
|
||||
/* check for valid set of addresses */
|
||||
if (!_kdc_check_addresses(r, b->addresses, r->addr)) {
|
||||
if (r->config->warn_ticket_addresses) {
|
||||
_kdc_audit_addkv_bool((kdc_request_t)r, "wrongaddr", TRUE);
|
||||
_kdc_audit_setkv_bool((kdc_request_t)r, "wrongaddr", TRUE);
|
||||
} else {
|
||||
_kdc_set_e_text(r, "Request from wrong address");
|
||||
ret = KRB5KRB_AP_ERR_BADADDR;
|
||||
|
@@ -807,7 +807,7 @@ tgs_make_reply(astgs_request_t r,
|
||||
* is implementation dependent.
|
||||
*/
|
||||
if (r->pac && !et->flags.anonymous) {
|
||||
_kdc_audit_addkv_number((kdc_request_t)r, "pac_attributes",
|
||||
_kdc_audit_setkv_number((kdc_request_t)r, "pac_attributes",
|
||||
r->pac_attributes);
|
||||
|
||||
/*
|
||||
@@ -1119,7 +1119,7 @@ next_kvno:
|
||||
_kdc_audit_addaddrs((kdc_request_t)r, (*ticket)->ticket.caddr, "tixaddrs");
|
||||
if (r->config->warn_ticket_addresses && ret == KRB5KRB_AP_ERR_BADADDR &&
|
||||
*ticket != NULL) {
|
||||
_kdc_audit_addkv_bool((kdc_request_t)r, "wrongaddr", TRUE);
|
||||
_kdc_audit_setkv_bool((kdc_request_t)r, "wrongaddr", TRUE);
|
||||
ret = 0;
|
||||
}
|
||||
if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY && kvno_search_tries > 0) {
|
||||
@@ -2343,12 +2343,12 @@ server_lookup:
|
||||
if (!_kdc_check_addresses(priv, tgt->caddr, from_addr)) {
|
||||
if (config->check_ticket_addresses) {
|
||||
ret = KRB5KRB_AP_ERR_BADADDR;
|
||||
_kdc_audit_addkv_bool((kdc_request_t)priv, "wrongaddr", TRUE);
|
||||
_kdc_audit_setkv_bool((kdc_request_t)priv, "wrongaddr", TRUE);
|
||||
kdc_log(context, config, 4, "Request from wrong address");
|
||||
_kdc_audit_addreason((kdc_request_t)priv, "Request from wrong address");
|
||||
goto out;
|
||||
} else if (config->warn_ticket_addresses) {
|
||||
_kdc_audit_addkv_bool((kdc_request_t)priv, "wrongaddr", TRUE);
|
||||
_kdc_audit_setkv_bool((kdc_request_t)priv, "wrongaddr", TRUE);
|
||||
}
|
||||
}
|
||||
|
||||
|
@@ -668,7 +668,7 @@ check_authz(krb5_context context,
|
||||
ret = kdc_authorize_csr(context, reqctx->config->app, reqctx->csr,
|
||||
cprincipal);
|
||||
if (ret == 0) {
|
||||
_kdc_audit_addkv_bool((kdc_request_t)reqctx, "authorized", TRUE);
|
||||
_kdc_audit_setkv_bool((kdc_request_t)reqctx, "authorized", TRUE);
|
||||
|
||||
ret = hx509_request_get_san(reqctx->csr, 0, &san_type, &s);
|
||||
if (ret == 0) {
|
||||
@@ -785,7 +785,7 @@ check_authz(krb5_context context,
|
||||
if (KeyUsage2int(ku) != (KeyUsage2int(ku) & KeyUsage2int(ku_allowed)))
|
||||
goto eacces;
|
||||
|
||||
_kdc_audit_addkv_bool((kdc_request_t)reqctx, "authorized", TRUE);
|
||||
_kdc_audit_setkv_bool((kdc_request_t)reqctx, "authorized", TRUE);
|
||||
return 0;
|
||||
|
||||
eacces:
|
||||
@@ -1046,9 +1046,9 @@ _kdc_do_kx509(kx509_req_context r)
|
||||
out:
|
||||
hx509_certs_free(&certs);
|
||||
if (ret == 0 && !is_probe)
|
||||
_kdc_audit_addkv_bool((kdc_request_t)r, "cert_issued", TRUE);
|
||||
_kdc_audit_setkv_bool((kdc_request_t)r, "cert_issued", TRUE);
|
||||
else
|
||||
_kdc_audit_addkv_bool((kdc_request_t)r, "cert_issued", FALSE);
|
||||
_kdc_audit_setkv_bool((kdc_request_t)r, "cert_issued", FALSE);
|
||||
if (r->ac)
|
||||
krb5_auth_con_free(r->context, r->ac);
|
||||
if (ticket)
|
||||
|
@@ -17,10 +17,11 @@ EXPORTS
|
||||
krb5_kdc_update_time
|
||||
krb5_kdc_pk_initialize
|
||||
_kdc_audit_addkv
|
||||
_kdc_audit_addkv_bool
|
||||
_kdc_audit_addkv_number
|
||||
_kdc_audit_addkv_object
|
||||
_kdc_audit_addkv_timediff
|
||||
_kdc_audit_getkv
|
||||
_kdc_audit_setkv_bool
|
||||
_kdc_audit_setkv_number
|
||||
_kdc_audit_setkv_object
|
||||
_kdc_audit_addreason
|
||||
_kdc_audit_vaddkv
|
||||
_kdc_audit_vaddreason
|
||||
|
@@ -95,21 +95,21 @@ _kdc_audit_addkv_timediff(kdc_request_t r, const char *k,
|
||||
}
|
||||
|
||||
void
|
||||
_kdc_audit_addkv_bool(kdc_request_t r, const char *k, krb5_boolean v)
|
||||
_kdc_audit_setkv_bool(kdc_request_t r, const char *k, krb5_boolean v)
|
||||
{
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, k, (int)v);
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, k, (int)v);
|
||||
}
|
||||
|
||||
void
|
||||
_kdc_audit_addkv_number(kdc_request_t r, const char *k, int64_t v)
|
||||
_kdc_audit_setkv_number(kdc_request_t r, const char *k, int64_t v)
|
||||
{
|
||||
heim_audit_addkv_number((heim_svc_req_desc)r, k, v);
|
||||
heim_audit_setkv_number((heim_svc_req_desc)r, k, v);
|
||||
}
|
||||
|
||||
void
|
||||
_kdc_audit_addkv_object(kdc_request_t r, const char *k, heim_object_t obj)
|
||||
_kdc_audit_setkv_object(kdc_request_t r, const char *k, heim_object_t obj)
|
||||
{
|
||||
heim_audit_addkv_object((heim_svc_req_desc)r, k, obj);
|
||||
heim_audit_setkv_object((heim_svc_req_desc)r, k, obj);
|
||||
}
|
||||
|
||||
heim_object_t
|
||||
|
@@ -21,9 +21,9 @@ HEIMDAL_KDC_1.0 {
|
||||
krb5_kdc_update_time;
|
||||
krb5_kdc_pk_initialize;
|
||||
_kdc_audit_addkv;
|
||||
_kdc_audit_addkv_bool;
|
||||
_kdc_audit_addkv_number;
|
||||
_kdc_audit_addkv_object;
|
||||
_kdc_audit_setkv_bool;
|
||||
_kdc_audit_setkv_number;
|
||||
_kdc_audit_setkv_object;
|
||||
_kdc_audit_getkv;
|
||||
_kdc_audit_addreason;
|
||||
_kdc_audit_vaddkv;
|
||||
|
@@ -849,7 +849,7 @@ heim_audit_addkv_timediff(heim_svc_req_desc r, const char *k,
|
||||
}
|
||||
|
||||
void
|
||||
heim_audit_addkv_bool(heim_svc_req_desc r, const char *k, int v)
|
||||
heim_audit_setkv_bool(heim_svc_req_desc r, const char *k, int v)
|
||||
{
|
||||
heim_string_t key = heim_string_create(k);
|
||||
heim_number_t value;
|
||||
@@ -857,8 +857,8 @@ heim_audit_addkv_bool(heim_svc_req_desc r, const char *k, int v)
|
||||
if (key == NULL)
|
||||
return;
|
||||
|
||||
heim_log(r->hcontext, r->logf, 7, "heim_audit_addkv_bool(): "
|
||||
"adding kv pair %s=%s", k, v ? "true" : "false");
|
||||
heim_log(r->hcontext, r->logf, 7, "heim_audit_setkv_bool(): "
|
||||
"setting kv pair %s=%s", k, v ? "true" : "false");
|
||||
|
||||
value = heim_bool_create(v);
|
||||
heim_dict_set_value(r->kv, key, value);
|
||||
@@ -867,7 +867,7 @@ heim_audit_addkv_bool(heim_svc_req_desc r, const char *k, int v)
|
||||
}
|
||||
|
||||
void
|
||||
heim_audit_addkv_number(heim_svc_req_desc r, const char *k, intptr_t v)
|
||||
heim_audit_setkv_number(heim_svc_req_desc r, const char *k, intptr_t v)
|
||||
{
|
||||
heim_string_t key = heim_string_create(k);
|
||||
heim_number_t value;
|
||||
@@ -875,8 +875,8 @@ heim_audit_addkv_number(heim_svc_req_desc r, const char *k, intptr_t v)
|
||||
if (key == NULL)
|
||||
return;
|
||||
|
||||
heim_log(r->hcontext, r->logf, 7, "heim_audit_addkv_number(): "
|
||||
"adding kv pair %s=%ld", k, v);
|
||||
heim_log(r->hcontext, r->logf, 7, "heim_audit_setkv_number(): "
|
||||
"setting kv pair %s=%ld", k, v);
|
||||
|
||||
value = heim_number_create(v);
|
||||
heim_dict_set_value(r->kv, key, value);
|
||||
@@ -885,7 +885,7 @@ heim_audit_addkv_number(heim_svc_req_desc r, const char *k, intptr_t v)
|
||||
}
|
||||
|
||||
void
|
||||
heim_audit_addkv_object(heim_svc_req_desc r, const char *k, heim_object_t value)
|
||||
heim_audit_setkv_object(heim_svc_req_desc r, const char *k, heim_object_t value)
|
||||
{
|
||||
heim_string_t key = heim_string_create(k);
|
||||
heim_string_t descr;
|
||||
@@ -894,8 +894,8 @@ heim_audit_addkv_object(heim_svc_req_desc r, const char *k, heim_object_t value)
|
||||
return;
|
||||
|
||||
descr = heim_json_copy_serialize(value, 0, NULL);
|
||||
heim_log(r->hcontext, r->logf, 7, "heim_audit_addkv_object(): "
|
||||
"adding kv pair %s=%s",
|
||||
heim_log(r->hcontext, r->logf, 7, "heim_audit_setkv_object(): "
|
||||
"setting kv pair %s=%s",
|
||||
k, descr ? heim_string_get_utf8(descr) : "<unprintable>");
|
||||
heim_dict_set_value(r->kv, key, value);
|
||||
heim_release(key);
|
||||
|
@@ -29,10 +29,10 @@ HEIMDAL_BASE_1.0 {
|
||||
heim_array_iterate_reverse_f;
|
||||
heim_array_set_value;
|
||||
heim_audit_addkv;
|
||||
heim_audit_addkv_bool;
|
||||
heim_audit_addkv_number;
|
||||
heim_audit_addkv_object;
|
||||
heim_audit_addkv_timediff;
|
||||
heim_audit_setkv_bool;
|
||||
heim_audit_setkv_number;
|
||||
heim_audit_setkv_object;
|
||||
heim_audit_addreason;
|
||||
heim_audit_getkv;
|
||||
heim_audit_trail;
|
||||
|
Reference in New Issue
Block a user