Add debugging to better detect negotiation of enctype not supported by kernel
authorneilbrown <neilbrown>
Tue, 28 Mar 2006 00:51:14 +0000 (00:51 +0000)
committerneilbrown <neilbrown>
Tue, 28 Mar 2006 00:51:14 +0000 (00:51 +0000)
Print debugging message indicating the type of encryption keys being sent
down to the kernel.  This should make it easier to detect cases where
unsupported encryption types are being negotiated.
(really this time)

ChangeLog
utils/gssd/context_mit.c

index 74808aa..caa472e 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,12 @@
 2006-03-28 kwc@citi.umich.edu
+       Add debugging to better detect negotiation of enctype not supported by kernel
+       
+       Print debugging message indicating the type of encryption keys being sent
+       down to the kernel.  This should make it easier to detect cases where
+       unsupported encryption types are being negotiated.
+       (really this time)
+       
+2006-03-28 kwc@citi.umich.edu
        
        Don't close and reopen all pipes on every DNOTIFY signal.
        
index c804f3a..868eaa9 100644 (file)
@@ -185,6 +185,11 @@ prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
        if (WRITE_BYTES(&p, end, word_send_seq)) goto out_err;
        if (write_buffer(&p, end, (gss_buffer_desc*)&krb5oid)) goto out_err;
 
+       printerr(2, "prepare_krb5_rfc1964_buffer: serializing keys with "
+                "enctype %d and length %d\n",
+                lctx->rfc1964_kd.ctx_key.type,
+                lctx->rfc1964_kd.ctx_key.length);
+
        /* derive the encryption key and copy it into buffer */
        enc_key.type = lctx->rfc1964_kd.ctx_key.type;
        enc_key.length = lctx->rfc1964_kd.ctx_key.length;
@@ -339,6 +344,11 @@ serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf)
        word_seq_send = kctx->seq_send;
        if (WRITE_BYTES(&p, end, word_seq_send)) goto out_err;
        if (write_buffer(&p, end, kctx->mech_used)) goto out_err;
+
+       printerr(2, "serialize_krb5_ctx: serializing keys with "
+                "enctype %d and length %d\n",
+                kctx->enc->enctype, kctx->enc->length);
+
        if (write_keyblock(&p, end, kctx->enc)) goto out_err;
        if (write_keyblock(&p, end, kctx->seq)) goto out_err;