From 7c0658702830ca9f4d019bbdca0d94fa657a0f17 Mon Sep 17 00:00:00 2001 From: neilbrown Date: Tue, 28 Mar 2006 00:51:14 +0000 Subject: [PATCH] Add debugging to better detect negotiation of enctype not supported by kernel Print debugging message indicating the type of encryption keys being sent down to the kernel. This should make it easier to detect cases where unsupported encryption types are being negotiated. (really this time) --- ChangeLog | 8 ++++++++ utils/gssd/context_mit.c | 10 ++++++++++ 2 files changed, 18 insertions(+) diff --git a/ChangeLog b/ChangeLog index 74808aa..caa472e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2006-03-28 kwc@citi.umich.edu + Add debugging to better detect negotiation of enctype not supported by kernel + + Print debugging message indicating the type of encryption keys being sent + down to the kernel. This should make it easier to detect cases where + unsupported encryption types are being negotiated. + (really this time) + 2006-03-28 kwc@citi.umich.edu Don't close and reopen all pipes on every DNOTIFY signal. diff --git a/utils/gssd/context_mit.c b/utils/gssd/context_mit.c index c804f3a..868eaa9 100644 --- a/utils/gssd/context_mit.c +++ b/utils/gssd/context_mit.c @@ -185,6 +185,11 @@ prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx, if (WRITE_BYTES(&p, end, word_send_seq)) goto out_err; if (write_buffer(&p, end, (gss_buffer_desc*)&krb5oid)) goto out_err; + printerr(2, "prepare_krb5_rfc1964_buffer: serializing keys with " + "enctype %d and length %d\n", + lctx->rfc1964_kd.ctx_key.type, + lctx->rfc1964_kd.ctx_key.length); + /* derive the encryption key and copy it into buffer */ enc_key.type = lctx->rfc1964_kd.ctx_key.type; enc_key.length = lctx->rfc1964_kd.ctx_key.length; @@ -339,6 +344,11 @@ serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf) word_seq_send = kctx->seq_send; if (WRITE_BYTES(&p, end, word_seq_send)) goto out_err; if (write_buffer(&p, end, kctx->mech_used)) goto out_err; + + printerr(2, "serialize_krb5_ctx: serializing keys with " + "enctype %d and length %d\n", + kctx->enc->enctype, kctx->enc->length); + if (write_keyblock(&p, end, kctx->enc)) goto out_err; if (write_keyblock(&p, end, kctx->seq)) goto out_err; -- 2.39.2