6 files changed, 37 insertions, 17 deletions
diff --git a/usr/src/lib/krb5/kadm5/admin.h b/usr/src/lib/krb5/kadm5/admin.h
index d4d98c66f9..2671e8c15d 100644
--- a/usr/src/lib/krb5/kadm5/admin.h
+++ b/usr/src/lib/krb5/kadm5/admin.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -817,6 +817,10 @@ ovsec_kadm_ret_t    ovsec_kadm_get_policies(void *server_handle,
 
 #endif /* USE_KADM5_API_VERSION == 1 */
 
+#define MAXPRINCLEN 125
+
+void trunc_name(size_t *len, char **dots);
+
 krb5_chgpwd_prot _kadm5_get_kpasswd_protocol(void *server_handle);
 kadm5_ret_t	kadm5_chpass_principal_v2(void *server_handle,
 					krb5_principal princ,
diff --git a/usr/src/lib/krb5/kadm5/clnt/logger.c b/usr/src/lib/krb5/kadm5/clnt/logger.c
index 790b6f6a8f..8dcc0326bd 100644
--- a/usr/src/lib/krb5/kadm5/clnt/logger.c
+++ b/usr/src/lib/krb5/kadm5/clnt/logger.c
@@ -23,7 +23,7 @@
  */
 
 /*
- * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -45,7 +45,7 @@
 #include <stdarg.h>
 #include <libintl.h>
 
-#define	KRB5_KLOG_MAX_ERRMSG_SIZE	1024
+#define	KRB5_KLOG_MAX_ERRMSG_SIZE	2048
 #ifndef	MAXHOSTNAMELEN
 #define	MAXHOSTNAMELEN	256
 #endif	/* MAXHOSTNAMELEN */
@@ -371,8 +371,11 @@ klog_com_err_proc(whoami, code, format, ap)
 
     /* If reporting an error message, separate it. */
     if (code) {
-	strcat(outbuf, error_message(code));
-	strcat(outbuf, " - ");
+	outbuf[sizeof(outbuf) - 1] = '\0';
+
+	strncat(outbuf, error_message(code),
+		sizeof(outbuf) - 1 - strlen(outbuf));
+	strncat(outbuf, " - ", sizeof(outbuf) - 1 - strlen(outbuf));
     }
     cp = &outbuf[strlen(outbuf)];
     
@@ -417,7 +420,7 @@ klog_com_err_proc(whoami, code, format, ap)
     } 
 
     /* Now format the actual message */
-    vsprintf(cp, actual_format, ap);
+    vsnprintf(cp, sizeof (outbuf) - (cp - outbuf), actual_format, ap);
     
     /*
      * Now that we have the message formatted, perform the output to each
@@ -992,7 +995,7 @@ klog_vsyslog(priority, format, arglist)
     syslogp = &outbuf[strlen(outbuf)];
 
     /* Now format the actual message */
-    vsprintf(syslogp, format, arglist);
+    vsnprintf(syslogp, sizeof (outbuf) - (syslogp - outbuf), format, arglist);
 
     /*
      * Now that we have the message formatted, perform the output to each
diff --git a/usr/src/lib/krb5/kadm5/srv/chgpwd.c b/usr/src/lib/krb5/kadm5/srv/chgpwd.c
index 38ed07ebe5..020326fb25 100644
--- a/usr/src/lib/krb5/kadm5/srv/chgpwd.c
+++ b/usr/src/lib/krb5/kadm5/srv/chgpwd.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -67,6 +67,8 @@ process_chpw_request(krb5_context context, void *server_handle,
 	int numresult;
 	char strresult[1024];
 	char *clientstr;
+	size_t clen;
+	char *cdots;
 
 	ret = 0;
 	rep->length = 0;
@@ -379,9 +381,11 @@ process_chpw_request(krb5_context context, void *server_handle,
 	free(ptr);
 	clear.length = 0;
 
-	krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %s: %s",
+	clen = strlen(clientstr);
+	trunc_name(&clen, &cdots);
+	krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %.*s%s: %s",
 		inet_ntoa(((struct sockaddr_in *)&remote_addr)->sin_addr),
-		clientstr, ret ? error_message(ret) : "success");
+		clen, clientstr, cdots, ret ? error_message(ret) : "success");
 	krb5_free_unparsed_name(context, clientstr);
 
 	if (ret) {
diff --git a/usr/src/lib/krb5/kadm5/srv/logger.c b/usr/src/lib/krb5/kadm5/srv/logger.c
index d94083500d..55b4875b75 100644
--- a/usr/src/lib/krb5/kadm5/srv/logger.c
+++ b/usr/src/lib/krb5/kadm5/srv/logger.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -50,7 +50,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 
-#define	KRB5_KLOG_MAX_ERRMSG_SIZE	1024
+#define	KRB5_KLOG_MAX_ERRMSG_SIZE	2048
 #ifndef	MAXHOSTNAMELEN
 #define	MAXHOSTNAMELEN	256
 #endif	/* MAXHOSTNAMELEN */
@@ -380,7 +380,9 @@ klog_com_err_proc(whoami, code, format, ap)
     /* If reporting an error message, separate it. */
     if (code) {
         outbuf[sizeof(outbuf) - 1] = '\0';
-	strncat(outbuf, error_message(code), sizeof(outbuf) - 1 - strlen(outbuf));
+
+	strncat(outbuf, error_message(code),
+		sizeof(outbuf) - 1 - strlen(outbuf));
 	strncat(outbuf, " - ", sizeof(outbuf) - 1 - strlen(outbuf));
     }
     cp = &outbuf[strlen(outbuf)];
@@ -426,7 +428,7 @@ klog_com_err_proc(whoami, code, format, ap)
     } 
 
     /* Now format the actual message */
-    vsprintf(cp, actual_format, ap);
+    vsnprintf(cp, sizeof (outbuf) - (cp - outbuf), actual_format, ap);
     
     /*
      * Now that we have the message formatted, perform the output to each
@@ -995,7 +997,7 @@ klog_vsyslog(priority, format, arglist)
     syslogp = &outbuf[strlen(outbuf)];
 
     /* Now format the actual message */
-    vsprintf(syslogp, format, arglist);
+    vsnprintf(syslogp, sizeof (outbuf) - (syslogp - outbuf), format, arglist);
 
     /*
      * Now that we have the message formatted, perform the output to each
diff --git a/usr/src/lib/krb5/kadm5/srv/mapfile-vers b/usr/src/lib/krb5/kadm5/srv/mapfile-vers
index 4a92d4a409..6f697a1d59 100644
--- a/usr/src/lib/krb5/kadm5/srv/mapfile-vers
+++ b/usr/src/lib/krb5/kadm5/srv/mapfile-vers
@@ -18,8 +18,7 @@
 #
 # CDDL HEADER END
 #
-#
-# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+# Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
 # Use is subject to license terms.
 #
 # ident	"%Z%%M%	%I%	%E% SMI"
@@ -145,6 +144,7 @@ SUNWprivate_1.1 {
 	osa_free_policy_ent;
 	osa_free_princ_ent;
 	passwd_check;
+	trunc_name;
 	xdr_chpass3_arg;
 	xdr_chpass_arg;
 	xdr_chrand3_arg;
diff --git a/usr/src/lib/krb5/kadm5/srv/server_misc.c b/usr/src/lib/krb5/kadm5/srv/server_misc.c
index b2283e973b..facaf9dc82 100644
--- a/usr/src/lib/krb5/kadm5/srv/server_misc.c
+++ b/usr/src/lib/krb5/kadm5/srv/server_misc.c
@@ -205,3 +205,10 @@ passwd_check(kadm5_server_handle_t handle,
     }
     return KADM5_OK;    
 }
+
+void
+trunc_name(size_t *len, char **dots)
+{
+    *dots = *len > MAXPRINCLEN ? "..." : "";
+    *len = *len > MAXPRINCLEN ? MAXPRINCLEN : *len;
+}