kdc: preserve value types in auditing
Preserve integer/boolean audit values as their native types; convert to strings when logging only. This commit goes some way towards unifying the two auditing APIs.
This commit is contained in:
Luke Howard
10
kdc/bx509d.c
10
kdc/bx509d.c
@@ -485,8 +485,8 @@ bad_reqv(struct bx509_request_desc *r,
|
||||
char *formatted = NULL;
|
||||
char *msg = NULL;
|
||||
|
||||
heim_audit_addkv((heim_svc_req_desc)r, 0, "http-status-code", "%d",
|
||||
http_status_code);
|
||||
heim_audit_addkv_number((heim_svc_req_desc)r, "http-status-code",
|
||||
http_status_code);
|
||||
(void) gettimeofday(&r->tv_end, NULL);
|
||||
if (code == ENOMEM) {
|
||||
if (r->context)
|
||||
@@ -669,13 +669,13 @@ bx509_param_cb(void *d,
|
||||
&oid);
|
||||
der_free_oid(&oid);
|
||||
} else if (strcmp(key, "csr") == 0 && val) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, 0, "requested_csr", "true");
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_csr", TRUE);
|
||||
r->ret = 0; /* Handled upstairs */
|
||||
} else if (strcmp(key, "lifetime") == 0 && val) {
|
||||
r->req_life = parse_time(val, "day");
|
||||
} else {
|
||||
/* Produce error for unknown params */
|
||||
heim_audit_addkv((heim_svc_req_desc)r, 0, "requested_unknown", "true");
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
krb5_set_error_message(r->context, r->ret = ENOTSUP,
|
||||
"Query parameter %s not supported", key);
|
||||
}
|
||||
@@ -1738,7 +1738,7 @@ get_tgt_param_cb(void *d,
|
||||
r->req_life = parse_time(val, "day");
|
||||
} else {
|
||||
/* Produce error for unknown params */
|
||||
heim_audit_addkv((heim_svc_req_desc)r, 0, "requested_unknown", "true");
|
||||
heim_audit_addkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
krb5_set_error_message(r->context, r->ret = ENOTSUP,
|
||||
"Query parameter %s not supported", key);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user