diff options
| author | Nalin Dahyabhai <nalin@dahyabhai.net> | 2014-04-24 16:30:56 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2014-06-02 17:59:14 -0400 |
| commit | d950809ff49e3e7603594186d77135a09ab6b1b2 (patch) | |
| tree | aabcc959fcc9120277439b4911456960aac060df /src/include/k5-trace.h | |
| parent | 606e2ccc0a2546a23761f910482a55c5bf0f98ac (diff) | |
| download | krb5-d950809ff49e3e7603594186d77135a09ab6b1b2.zip krb5-d950809ff49e3e7603594186d77135a09ab6b1b2.tar.gz krb5-d950809ff49e3e7603594186d77135a09ab6b1b2.tar.bz2 | |
HTTPS transport (Microsoft KKDCPP implementation)
Add an 'HTTPS' transport type which connects to an [MS-KKDCP] proxy
server using HTTPS to communicate with a KDC. The KDC's name should
take the form of an HTTPS URL (e.g. "https://proxybox/KdcProxy").
An HTTPS connection's encryption layer can be reading and writing when
the application layer is expecting to write and read, so the HTTPS
callbacks have to handle being called multiple times.
[nalin@redhat.com: use cleanup labels, make sure we always send the
realm name, keep a copy of the URI on-hand, move most of the
conditionally-compiled sections into their own conditionally-built
functions, break out HTTPS request formatting into a helper function,
handle the MS-KKDCP length bytes, update comments to mention specific
versions of the MS-KKDCP spec, differentiate TCP and HTTP trace
messages, trace unparseable responses]
ticket: 7929
Diffstat (limited to 'src/include/k5-trace.h')
| -rw-r--r-- | src/include/k5-trace.h | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/include/k5-trace.h b/src/include/k5-trace.h index dfd34f6..f0d79f1 100644 --- a/src/include/k5-trace.h +++ b/src/include/k5-trace.h @@ -312,6 +312,9 @@ void krb5int_trace(krb5_context context, const char *fmt, ...); TRACE(c, "AP-REQ ticket: {princ} -> {princ}, session key {keyblock}", \ client, server, keyblock) +#define TRACE_SENDTO_KDC_ERROR_SET_MESSAGE(c, raddr, err) \ + TRACE(c, "Error preparing message to send to {raddr}: {errno}", \ + raddr, err) #define TRACE_SENDTO_KDC(c, len, rlm, master, tcp) \ TRACE(c, "Sending request ({int} bytes) to {data}{str}{str}", len, \ rlm, (master) ? " (master)" : "", (tcp) ? " (tcp only)" : "") @@ -321,6 +324,16 @@ void krb5int_trace(krb5_context context, const char *fmt, ...); TRACE(c, "Resolving hostname {str}", hostname) #define TRACE_SENDTO_KDC_RESPONSE(c, len, raddr) \ TRACE(c, "Received answer ({int} bytes) from {raddr}", len, raddr) +#define TRACE_SENDTO_KDC_HTTPS_ERROR_CONNECT(c, raddr) \ + TRACE(c, "HTTPS error connecting to {raddr}", raddr) +#define TRACE_SENDTO_KDC_HTTPS_ERROR_RECV(c, raddr, err) \ + TRACE(c, "HTTPS error receiving from {raddr}: {errno}", raddr, err) +#define TRACE_SENDTO_KDC_HTTPS_ERROR_SEND(c, raddr) \ + TRACE(c, "HTTPS error sending to {raddr}", raddr) +#define TRACE_SENDTO_KDC_HTTPS_SEND(c, raddr) \ + TRACE(c, "Sending HTTPS request to {raddr}", raddr) +#define TRACE_SENDTO_KDC_HTTPS_ERROR(c, errs) \ + TRACE(c, "HTTPS error: {str}", errs) #define TRACE_SENDTO_KDC_TCP_CONNECT(c, raddr) \ TRACE(c, "Initiating TCP connection to {raddr}", raddr) #define TRACE_SENDTO_KDC_TCP_DISCONNECT(c, raddr) \ |