aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2010-11-12 09:21:45 +0100
committerMatthias Andree <matthias.andree@gmx.de>2010-11-12 09:21:45 +0100
commit488c70f09ead76e1fdd38475387bd3f448def3f1 (patch)
tree74da80f7338969579352fda338c1b17bec5dc685
parentd5dcdd9b11de6a3e97b7b686b09ddb5fb33085bf (diff)
downloadfetchmail-488c70f09ead76e1fdd38475387bd3f448def3f1.tar.gz
fetchmail-488c70f09ead76e1fdd38475387bd3f448def3f1.tar.bz2
fetchmail-488c70f09ead76e1fdd38475387bd3f448def3f1.zip
Demote GSSAPI verbose/debug syslog to INFO severity.
Requested by Carlos E. R. and Derek Simkowiak via fetchmail-users@.
-rw-r--r--NEWS2
-rw-r--r--gssapi.c25
2 files changed, 15 insertions, 12 deletions
diff --git a/NEWS b/NEWS
index 8c93aa9b..01cd2c0f 100644
--- a/NEWS
+++ b/NEWS
@@ -76,6 +76,8 @@ fetchmail-6.3.19 (not yet released):
Workaround for 6.3.18: build in a separate directory, i. e:
mkdir build && cd build && ../configure --options-go-here
* Send a NOOP only after a failed STARTTLS in IMAP. (Sunil Shetye)
+* Demote GSSAPI verbose/debug syslog to INFO severity. Requested by Carlos E. R.
+ and Derek Simkowiak via the fetchmail-users@ mailing list.
# DOCUMENTATION:
* The manual page now links to IANA for GSSAPI service names.
diff --git a/gssapi.c b/gssapi.c
index f25cf6ba..716db317 100644
--- a/gssapi.c
+++ b/gssapi.c
@@ -38,7 +38,7 @@
# endif
# endif
-static void decode_subr(const char *m, uint32_t code, int type)
+static void decode_subr(const char *m, uint32_t code, int type, FILE *ostrm)
{
uint32_t maj, min, context;
gss_buffer_desc msg = GSS_C_EMPTY_BUFFER;
@@ -52,16 +52,17 @@ static void decode_subr(const char *m, uint32_t code, int type)
report(stderr, GT_("GSSAPI error in gss_display_status called from <%s>\n"), m);
break;
}
- report(stderr, GT_("GSSAPI error %s: %.*s\n"), m,
+ report(ostrm, GT_("GSSAPI error %s: %.*s\n"), m,
(int)msg.length, (char *)msg.value);
(void)gss_release_buffer(&min, &msg);
} while(context);
}
-static void decode_status(const char *m, uint32_t major, uint32_t minor)
+static void decode_status(const char *m, uint32_t major, uint32_t minor,m
+ FILE *ostrm)
{
- decode_subr(m, major, GSS_C_GSS_CODE);
- decode_subr(m, minor, GSS_C_MECH_CODE);
+ decode_subr(m, major, GSS_C_GSS_CODE, ostrm);
+ decode_subr(m, minor, GSS_C_MECH_CODE, ostrm);
}
#define GSSAUTH_P_NONE 1
@@ -85,7 +86,7 @@ static int import_name(const char *service, const char *hostname,
maj_stat = gss_import_name(&min_stat, &request_buf,
GSS_C_NT_HOSTBASED_SERVICE, target_name);
if (maj_stat != GSS_S_COMPLETE) {
- decode_status("gss_import_name", maj_stat, min_stat);
+ decode_status("gss_import_name", maj_stat, min_stat, stderr);
report(stderr, GT_("Couldn't get service name for [%s]\n"), buf1);
return PS_AUTHFAIL;
}
@@ -117,9 +118,9 @@ int check_gss_creds(const char *service, const char *hostname)
if (maj_stat != GSS_S_COMPLETE
|| (cu != GSS_C_INITIATE && cu != GSS_C_BOTH)) {
if (outlevel >= O_DEBUG) {
- decode_status("gss_inquire_cred", maj_stat, min_stat);
- report(stderr, GT_("No suitable GSSAPI credentials found. Skipping GSSAPI authentication.\n"));
- report(stderr, GT_("If you want to use GSSAPI, you need credentials first, possibly from kinit.\n"));
+ decode_status("gss_inquire_cred", maj_stat, min_stat, stdout);
+ report(stdout, GT_("No suitable GSSAPI credentials found. Skipping GSSAPI authentication.\n"));
+ report(stdout, GT_("If you want to use GSSAPI, you need credentials first, possibly from kinit.\n"));
}
return PS_AUTHFAIL;
}
@@ -185,7 +186,7 @@ int do_gssauth(int sock, const char *command, const char *service,
if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
if (outlevel >= O_VERBOSE)
- decode_status("gss_init_sec_context", maj_stat, min_stat);
+ decode_status("gss_init_sec_context", maj_stat, min_stat, stdout);
(void)gss_release_name(&min_stat, &target_name);
cancelfail:
@@ -237,7 +238,7 @@ cancelfail:
maj_stat = gss_unwrap(&min_stat, context,
&request_buf, &send_token, &cflags, &quality);
if (maj_stat != GSS_S_COMPLETE) {
- decode_status("gss_unwrap", maj_stat, min_stat);
+ decode_status("gss_unwrap", maj_stat, min_stat, stderr);
report(stderr, GT_("Couldn't unwrap security level data\n"));
gss_release_buffer(&min_stat, &send_token);
return PS_AUTHFAIL;
@@ -287,7 +288,7 @@ cancelfail:
report(stdout, GT_("Releasing GSS credentials\n"));
maj_stat = gss_delete_sec_context(&min_stat, &context, &send_token);
if (maj_stat != GSS_S_COMPLETE) {
- decode_status("gss_delete_sec_context", maj_stat, min_stat);
+ decode_status("gss_delete_sec_context", maj_stat, min_stat, stderr);
report(stderr, GT_("Error releasing credentials\n"));
return PS_AUTHFAIL;
}