From b27026996a6f2cdb62d7d2f6b9b94be70b950d10 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Tue, 4 Jan 2022 09:04:58 +1100 Subject: [PATCH] base: s/addkv_{bool,number,object}/setkv Now heim_audit_addkv() correctly supports multiple values, the other functions that (by design) replace existing values with a single value should use the heim_audit_setkv prefix. A subsequent commit could add variants that support multiple values for non-string types. --- kdc/bx509d.c | 10 ++++---- kdc/httpkadmind.c | 4 +-- kdc/kerberos5.c | 50 ++++++++++++++++++------------------- kdc/krb5tgs.c | 8 +++--- kdc/kx509.c | 8 +++--- kdc/libkdc-exports.def | 7 +++--- kdc/process.c | 12 ++++----- kdc/version-script.map | 6 ++--- lib/base/log.c | 18 ++++++------- lib/base/version-script.map | 6 ++--- 10 files changed, 65 insertions(+), 64 deletions(-) diff --git a/kdc/bx509d.c b/kdc/bx509d.c index c6a92facb..b03664911 100644 --- a/kdc/bx509d.c +++ b/kdc/bx509d.c @@ -485,7 +485,7 @@ bad_reqv(struct bx509_request_desc *r, char *formatted = NULL; char *msg = NULL; - heim_audit_addkv_number((heim_svc_req_desc)r, "http-status-code", + heim_audit_setkv_number((heim_svc_req_desc)r, "http-status-code", http_status_code); (void) gettimeofday(&r->tv_end, NULL); if (code == ENOMEM) { @@ -669,13 +669,13 @@ bx509_param_cb(void *d, &oid); der_free_oid(&oid); } else if (strcmp(key, "csr") == 0 && val) { - heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_csr", TRUE); + heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_csr", TRUE); r->ret = 0; /* Handled upstairs */ } else if (strcmp(key, "lifetime") == 0 && val) { r->req_life = parse_time(val, "day"); } else { /* Produce error for unknown params */ - heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE); + heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE); krb5_set_error_message(r->context, r->ret = ENOTSUP, "Query parameter %s not supported", key); } @@ -1638,7 +1638,7 @@ bnegotiate(struct bx509_request_desc *r) if (ret == 0) { heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS, "target", "%s", r->target ? r->target : ""); - heim_audit_addkv_bool((heim_svc_req_desc)r, "redir", !!r->redir); + heim_audit_setkv_bool((heim_svc_req_desc)r, "redir", !!r->redir); ret = validate_token(r); } /* bnegotiate_get_target() and validate_token() call bad_req() */ @@ -1737,7 +1737,7 @@ get_tgt_param_cb(void *d, r->req_life = parse_time(val, "day"); } else { /* Produce error for unknown params */ - heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE); + heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE); krb5_set_error_message(r->context, r->ret = ENOTSUP, "Query parameter %s not supported", key); } diff --git a/kdc/httpkadmind.c b/kdc/httpkadmind.c index 47b8a1285..b578075aa 100644 --- a/kdc/httpkadmind.c +++ b/kdc/httpkadmind.c @@ -700,7 +700,7 @@ bad_reqv(kadmin_request_desc r, if (r && r->context) context = r->context; if (r && r->hcontext && r->kv) - heim_audit_addkv_number((heim_svc_req_desc)r, "http-status-code", + heim_audit_setkv_number((heim_svc_req_desc)r, "http-status-code", http_status_code); (void) gettimeofday(&r->tv_end, NULL); if (code == ENOMEM) { @@ -1046,7 +1046,7 @@ param_cb(void *d, #endif } else { /* Produce error for unknown params */ - heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE); + heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE); krb5_set_error_message(r->context, ret = ENOTSUP, "Query parameter %s not supported", key); } diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c index 8a6cc527f..864456ba8 100644 --- a/kdc/kerberos5.c +++ b/kdc/kerberos5.c @@ -442,13 +442,13 @@ _kdc_log_timestamp(astgs_request_t r, const char *type, endtime_str[100], renewtime_str[100]; if (authtime) - _kdc_audit_addkv_number((kdc_request_t)r, "auth", authtime); + _kdc_audit_setkv_number((kdc_request_t)r, "auth", authtime); if (starttime && *starttime) - _kdc_audit_addkv_number((kdc_request_t)r, "start", *starttime); + _kdc_audit_setkv_number((kdc_request_t)r, "start", *starttime); if (endtime) - _kdc_audit_addkv_number((kdc_request_t)r, "end", endtime); + _kdc_audit_setkv_number((kdc_request_t)r, "end", endtime); if (renew_till && *renew_till) - _kdc_audit_addkv_number((kdc_request_t)r, "renew", *renew_till); + _kdc_audit_setkv_number((kdc_request_t)r, "renew", *renew_till); krb5_format_time(r->context, authtime, authtime_str, sizeof(authtime_str), TRUE); @@ -488,7 +488,7 @@ pa_pkinit_validate(astgs_request_t r, const PA_DATA *pa) ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; _kdc_r_log(r, 4, "Failed to decode PKINIT PA-DATA -- %s", r->cname); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_PKINIT_FAILED); goto out; } @@ -500,7 +500,7 @@ pa_pkinit_validate(astgs_request_t r, const PA_DATA *pa) if (ret) { _kdc_set_e_text(r, "PKINIT certificate not allowed to " "impersonate principal"); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_PKINIT_NOT_AUTHORIZED); goto out; } @@ -520,7 +520,7 @@ pa_pkinit_validate(astgs_request_t r, const PA_DATA *pa) ret = _kdc_add_initial_verified_cas(r->context, r->config, pkp, &r->et); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_PKINIT_SUCCEEDED); out: @@ -553,7 +553,7 @@ pa_gss_validate(astgs_request_t r, const PA_DATA *pa) if (ret) { _kdc_set_e_text(r, "GSS-API client not allowed to " "impersonate principal"); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_GSS_PA_NOT_AUTHORIZED); goto out; } @@ -562,7 +562,7 @@ pa_gss_validate(astgs_request_t r, const PA_DATA *pa) _kdc_r_log(r, 4, "GSS pre-authentication succeeded -- %s using %s", r->cname, client_name); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_GSS_PA_SUCCEEDED); ret = _kdc_gss_mk_composite_name_ad(r, gcp); @@ -576,7 +576,7 @@ pa_gss_validate(astgs_request_t r, const PA_DATA *pa) if (ret) { if (ret != KRB5_KDC_ERR_MORE_PREAUTH_DATA_REQUIRED) { _kdc_set_e_text(r, "Failed to build GSS pre-authentication reply"); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_GSS_PA_FAILED); } @@ -640,7 +640,7 @@ pa_enc_chal_validate(astgs_request_t r, const PA_DATA *pa) ret = KRB5KDC_ERR_CLIENT_REVOKED; kdc_log(r->context, r->config, 0, "Client (%s) is locked out", r->cname); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_CLIENT_LOCKED_OUT); return ret; } @@ -767,13 +767,13 @@ pa_enc_chal_validate(astgs_request_t r, const PA_DATA *pa) /* * Success */ - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_LTK_PREAUTH_SUCCEEDED); goto out; } if (invalidPassword) { - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_LTK_PREAUTH_FAILED); ret = KRB5KDC_ERR_PREAUTH_FAILED; } else { @@ -813,7 +813,7 @@ pa_enc_ts_validate(astgs_request_t r, const PA_DATA *pa) ret = KRB5KDC_ERR_CLIENT_REVOKED; kdc_log(r->context, r->config, 0, "Client (%s) is locked out", r->cname); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_CLIENT_LOCKED_OUT); return ret; } @@ -882,9 +882,9 @@ pa_enc_ts_validate(astgs_request_t r, const PA_DATA *pa) _kdc_r_log(r, 2, "Failed to decrypt PA-DATA -- %s " "(enctype %s) error %s", r->cname, str ? str : "unknown enctype", msg); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_PA_ETYPE, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_PA_ETYPE, pa_key->key.keytype); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_LTK_PREAUTH_FAILED); if(hdb_next_enctype2key(r->context, &r->client->entry, NULL, enc_data.etype, &pa_key) == 0) @@ -920,7 +920,7 @@ pa_enc_ts_validate(astgs_request_t r, const PA_DATA *pa) (unsigned)labs(kdc_time - p.patimestamp), r->context->max_skew, r->cname); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_CLIENT_TIME_SKEW); /* @@ -945,9 +945,9 @@ pa_enc_ts_validate(astgs_request_t r, const PA_DATA *pa) str = NULL; _kdc_r_log(r, 4, "ENC-TS Pre-authentication succeeded -- %s using %s", r->cname, str ? str : "unknown enctype"); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_PA_ETYPE, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_PA_ETYPE, pa_key->key.keytype); - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_LTK_PREAUTH_SUCCEEDED); ret = 0; @@ -1849,7 +1849,7 @@ generate_pac(astgs_request_t r, const Key *skey, const Key *tkey, krb5_const_principal canon_princ = NULL; r->pac_attributes = get_pac_attributes(r->context, &r->req); - _kdc_audit_addkv_number((kdc_request_t)r, "pac_attributes", + _kdc_audit_setkv_number((kdc_request_t)r, "pac_attributes", r->pac_attributes); if (!_kdc_include_pac_p(r)) @@ -2186,7 +2186,7 @@ _kdc_as_rep(astgs_request_t r) kdc_log(r->context, config, 4, "UNKNOWN -- %s: %s", r->cname, msg); krb5_free_error_message(r->context, msg); ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_CLIENT_UNKNOWN); goto out; } @@ -2263,7 +2263,7 @@ _kdc_as_rep(astgs_request_t r) krb5_boolean default_salt; if (!_kdc_audit_getkv((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT)) - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_OTHER_PREAUTH_FAILED); /* @@ -2281,7 +2281,7 @@ _kdc_as_rep(astgs_request_t r) goto out; } if (!_kdc_audit_getkv((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT)) - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_OTHER_PREAUTH_SUCCEEDED); kdc_log(r->context, config, 4, "%s pre-authentication succeeded -- %s", @@ -2376,7 +2376,7 @@ _kdc_as_rep(astgs_request_t r) r->et.flags.anonymous = 1; } - _kdc_audit_addkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, + _kdc_audit_setkv_number((kdc_request_t)r, HDB_REQUEST_KV_AUTH_EVENT, HDB_AUTH_EVENT_CLIENT_AUTHORIZED); /* @@ -2481,7 +2481,7 @@ _kdc_as_rep(astgs_request_t r) /* check for valid set of addresses */ if (!_kdc_check_addresses(r, b->addresses, r->addr)) { if (r->config->warn_ticket_addresses) { - _kdc_audit_addkv_bool((kdc_request_t)r, "wrongaddr", TRUE); + _kdc_audit_setkv_bool((kdc_request_t)r, "wrongaddr", TRUE); } else { _kdc_set_e_text(r, "Request from wrong address"); ret = KRB5KRB_AP_ERR_BADADDR; diff --git a/kdc/krb5tgs.c b/kdc/krb5tgs.c index 55f851bf2..24c0a1206 100644 --- a/kdc/krb5tgs.c +++ b/kdc/krb5tgs.c @@ -807,7 +807,7 @@ tgs_make_reply(astgs_request_t r, * is implementation dependent. */ if (r->pac && !et->flags.anonymous) { - _kdc_audit_addkv_number((kdc_request_t)r, "pac_attributes", + _kdc_audit_setkv_number((kdc_request_t)r, "pac_attributes", r->pac_attributes); /* @@ -1119,7 +1119,7 @@ next_kvno: _kdc_audit_addaddrs((kdc_request_t)r, (*ticket)->ticket.caddr, "tixaddrs"); if (r->config->warn_ticket_addresses && ret == KRB5KRB_AP_ERR_BADADDR && *ticket != NULL) { - _kdc_audit_addkv_bool((kdc_request_t)r, "wrongaddr", TRUE); + _kdc_audit_setkv_bool((kdc_request_t)r, "wrongaddr", TRUE); ret = 0; } if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY && kvno_search_tries > 0) { @@ -2343,12 +2343,12 @@ server_lookup: if (!_kdc_check_addresses(priv, tgt->caddr, from_addr)) { if (config->check_ticket_addresses) { ret = KRB5KRB_AP_ERR_BADADDR; - _kdc_audit_addkv_bool((kdc_request_t)priv, "wrongaddr", TRUE); + _kdc_audit_setkv_bool((kdc_request_t)priv, "wrongaddr", TRUE); kdc_log(context, config, 4, "Request from wrong address"); _kdc_audit_addreason((kdc_request_t)priv, "Request from wrong address"); goto out; } else if (config->warn_ticket_addresses) { - _kdc_audit_addkv_bool((kdc_request_t)priv, "wrongaddr", TRUE); + _kdc_audit_setkv_bool((kdc_request_t)priv, "wrongaddr", TRUE); } } diff --git a/kdc/kx509.c b/kdc/kx509.c index 3bd8ae8d9..26edef19c 100644 --- a/kdc/kx509.c +++ b/kdc/kx509.c @@ -668,7 +668,7 @@ check_authz(krb5_context context, ret = kdc_authorize_csr(context, reqctx->config->app, reqctx->csr, cprincipal); if (ret == 0) { - _kdc_audit_addkv_bool((kdc_request_t)reqctx, "authorized", TRUE); + _kdc_audit_setkv_bool((kdc_request_t)reqctx, "authorized", TRUE); ret = hx509_request_get_san(reqctx->csr, 0, &san_type, &s); if (ret == 0) { @@ -785,7 +785,7 @@ check_authz(krb5_context context, if (KeyUsage2int(ku) != (KeyUsage2int(ku) & KeyUsage2int(ku_allowed))) goto eacces; - _kdc_audit_addkv_bool((kdc_request_t)reqctx, "authorized", TRUE); + _kdc_audit_setkv_bool((kdc_request_t)reqctx, "authorized", TRUE); return 0; eacces: @@ -1046,9 +1046,9 @@ _kdc_do_kx509(kx509_req_context r) out: hx509_certs_free(&certs); if (ret == 0 && !is_probe) - _kdc_audit_addkv_bool((kdc_request_t)r, "cert_issued", TRUE); + _kdc_audit_setkv_bool((kdc_request_t)r, "cert_issued", TRUE); else - _kdc_audit_addkv_bool((kdc_request_t)r, "cert_issued", FALSE); + _kdc_audit_setkv_bool((kdc_request_t)r, "cert_issued", FALSE); if (r->ac) krb5_auth_con_free(r->context, r->ac); if (ticket) diff --git a/kdc/libkdc-exports.def b/kdc/libkdc-exports.def index 6fca11d38..a8775c8a7 100644 --- a/kdc/libkdc-exports.def +++ b/kdc/libkdc-exports.def @@ -17,10 +17,11 @@ EXPORTS krb5_kdc_update_time krb5_kdc_pk_initialize _kdc_audit_addkv - _kdc_audit_addkv_bool - _kdc_audit_addkv_number - _kdc_audit_addkv_object + _kdc_audit_addkv_timediff _kdc_audit_getkv + _kdc_audit_setkv_bool + _kdc_audit_setkv_number + _kdc_audit_setkv_object _kdc_audit_addreason _kdc_audit_vaddkv _kdc_audit_vaddreason diff --git a/kdc/process.c b/kdc/process.c index 307c99809..4f44877a5 100644 --- a/kdc/process.c +++ b/kdc/process.c @@ -95,21 +95,21 @@ _kdc_audit_addkv_timediff(kdc_request_t r, const char *k, } void -_kdc_audit_addkv_bool(kdc_request_t r, const char *k, krb5_boolean v) +_kdc_audit_setkv_bool(kdc_request_t r, const char *k, krb5_boolean v) { - heim_audit_addkv_bool((heim_svc_req_desc)r, k, (int)v); + heim_audit_setkv_bool((heim_svc_req_desc)r, k, (int)v); } void -_kdc_audit_addkv_number(kdc_request_t r, const char *k, int64_t v) +_kdc_audit_setkv_number(kdc_request_t r, const char *k, int64_t v) { - heim_audit_addkv_number((heim_svc_req_desc)r, k, v); + heim_audit_setkv_number((heim_svc_req_desc)r, k, v); } void -_kdc_audit_addkv_object(kdc_request_t r, const char *k, heim_object_t obj) +_kdc_audit_setkv_object(kdc_request_t r, const char *k, heim_object_t obj) { - heim_audit_addkv_object((heim_svc_req_desc)r, k, obj); + heim_audit_setkv_object((heim_svc_req_desc)r, k, obj); } heim_object_t diff --git a/kdc/version-script.map b/kdc/version-script.map index c878e4bb4..f8918ae19 100644 --- a/kdc/version-script.map +++ b/kdc/version-script.map @@ -21,9 +21,9 @@ HEIMDAL_KDC_1.0 { krb5_kdc_update_time; krb5_kdc_pk_initialize; _kdc_audit_addkv; - _kdc_audit_addkv_bool; - _kdc_audit_addkv_number; - _kdc_audit_addkv_object; + _kdc_audit_setkv_bool; + _kdc_audit_setkv_number; + _kdc_audit_setkv_object; _kdc_audit_getkv; _kdc_audit_addreason; _kdc_audit_vaddkv; diff --git a/lib/base/log.c b/lib/base/log.c index e6fd93ef0..af042a4ff 100644 --- a/lib/base/log.c +++ b/lib/base/log.c @@ -849,7 +849,7 @@ heim_audit_addkv_timediff(heim_svc_req_desc r, const char *k, } void -heim_audit_addkv_bool(heim_svc_req_desc r, const char *k, int v) +heim_audit_setkv_bool(heim_svc_req_desc r, const char *k, int v) { heim_string_t key = heim_string_create(k); heim_number_t value; @@ -857,8 +857,8 @@ heim_audit_addkv_bool(heim_svc_req_desc r, const char *k, int v) if (key == NULL) return; - heim_log(r->hcontext, r->logf, 7, "heim_audit_addkv_bool(): " - "adding kv pair %s=%s", k, v ? "true" : "false"); + heim_log(r->hcontext, r->logf, 7, "heim_audit_setkv_bool(): " + "setting kv pair %s=%s", k, v ? "true" : "false"); value = heim_bool_create(v); heim_dict_set_value(r->kv, key, value); @@ -867,7 +867,7 @@ heim_audit_addkv_bool(heim_svc_req_desc r, const char *k, int v) } void -heim_audit_addkv_number(heim_svc_req_desc r, const char *k, intptr_t v) +heim_audit_setkv_number(heim_svc_req_desc r, const char *k, intptr_t v) { heim_string_t key = heim_string_create(k); heim_number_t value; @@ -875,8 +875,8 @@ heim_audit_addkv_number(heim_svc_req_desc r, const char *k, intptr_t v) if (key == NULL) return; - heim_log(r->hcontext, r->logf, 7, "heim_audit_addkv_number(): " - "adding kv pair %s=%ld", k, v); + heim_log(r->hcontext, r->logf, 7, "heim_audit_setkv_number(): " + "setting kv pair %s=%ld", k, v); value = heim_number_create(v); heim_dict_set_value(r->kv, key, value); @@ -885,7 +885,7 @@ heim_audit_addkv_number(heim_svc_req_desc r, const char *k, intptr_t v) } void -heim_audit_addkv_object(heim_svc_req_desc r, const char *k, heim_object_t value) +heim_audit_setkv_object(heim_svc_req_desc r, const char *k, heim_object_t value) { heim_string_t key = heim_string_create(k); heim_string_t descr; @@ -894,8 +894,8 @@ heim_audit_addkv_object(heim_svc_req_desc r, const char *k, heim_object_t value) return; descr = heim_json_copy_serialize(value, 0, NULL); - heim_log(r->hcontext, r->logf, 7, "heim_audit_addkv_object(): " - "adding kv pair %s=%s", + heim_log(r->hcontext, r->logf, 7, "heim_audit_setkv_object(): " + "setting kv pair %s=%s", k, descr ? heim_string_get_utf8(descr) : ""); heim_dict_set_value(r->kv, key, value); heim_release(key); diff --git a/lib/base/version-script.map b/lib/base/version-script.map index 86b8fe9ab..162cc72c6 100644 --- a/lib/base/version-script.map +++ b/lib/base/version-script.map @@ -29,10 +29,10 @@ HEIMDAL_BASE_1.0 { heim_array_iterate_reverse_f; heim_array_set_value; heim_audit_addkv; - heim_audit_addkv_bool; - heim_audit_addkv_number; - heim_audit_addkv_object; heim_audit_addkv_timediff; + heim_audit_setkv_bool; + heim_audit_setkv_number; + heim_audit_setkv_object; heim_audit_addreason; heim_audit_getkv; heim_audit_trail;