git.samba.org / metze / heimdal / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 028b7cc)
TODO: auth: For NTLM and KDC authentication, log the authentication duration
authorAndrew Bartlett <abartlet@samba.org>
Wed, 5 Sep 2018 05:41:57 +0000 (17:41 +1200)
committerStefan Metzmacher <metze@samba.org>
Wed, 29 Apr 2020 09:07:57 +0000 (11:07 +0200)
This is not a general purpose profiling solution, but these JSON logs are already being
generated and stored, so this is worth adding.

Some administrators are very keen to know how long authentication
takes, particularly due to long replication transactions in other
processes.

This complements a similar patch set to log the transaction duration.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
(Simlar to Samba commit 1bb2a1c6b3eaccf114ac3f3b5b51f57828a04996)
[metze@samba.org: improved for upstream heimdal]
Signed-off-by: Stefan Metzmacher <metze@samba.org>
kdc/kerberos5.c patch | blob | history
lib/hdb/hdb.h patch | blob | history

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index 64917f1ec49c8cabd8c05071fe60a35482f51964..d59936673b9936d57f51a95e6c95068a5607a3ea 100644 (file)
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -65,6 +65,7 @@ _kdc_audit_auth_status(astgs_request_t r,
        ret = hdb->hdb_auth_status(context,
                                   hdb,
                                   r->client,
+                                  &r->tv_start,
                                   r->addr,
                                   r->cname,
                                   auth_status,
diff --git a/lib/hdb/hdb.h b/lib/hdb/hdb.h
index 474ed20e3091bde8f9728599f6168d011e32ce3f..bd005d1b4be39c5dd97592722ed3bec0fdd696e5 100644 (file)
--- a/lib/hdb/hdb.h
+++ b/lib/hdb/hdb.h
@@ -263,8 +263,11 @@ typedef struct HDB {
      * In case the entry is locked out, the backend should set the
      * hdb_entry.flags.locked-out flag.
      */
-    krb5_error_code (*hdb_auth_status)(krb5_context, struct HDB *,
-                                      hdb_entry_ex *, struct sockaddr *from_addr,
+    krb5_error_code (*hdb_auth_status)(krb5_context,
+                                      struct HDB *,
+                                      hdb_entry_ex *,
+                                      const struct timeval *start_time,
+                                      const struct sockaddr *from_addr,
                                       const char *original_client_name,
                                       int auth_type,
                                       const char *auth_details,
Unnamed repository; edit this file to name it for gitweb.