diff options
| author | Andreas Schneider <asn@cryptomilk.org> | 2013-07-14 12:36:59 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2013-07-14 12:36:59 +0200 |
| commit | 2c91efcc68d9a6aff9163e81df7a5024703084d4 (patch) | |
| tree | b9cadb84146bab8e7d2a27c4e153b5caf3f73bde /src/auth.c | |
| parent | 73309f19e582a712e78f54988fc51dbc5ab60bf4 (diff) | |
| download | libssh-2c91efcc68d9a6aff9163e81df7a5024703084d4.tar.gz libssh-2c91efcc68d9a6aff9163e81df7a5024703084d4.tar.xz libssh-2c91efcc68d9a6aff9163e81df7a5024703084d4.zip | |
log: Implment new logging functions.
Diffstat (limited to 'src/auth.c')
| -rw-r--r-- | src/auth.c | 65 |
1 files changed, 29 insertions, 36 deletions
@@ -70,7 +70,7 @@ static int ssh_userauth_request_service(ssh_session session) { rc = ssh_service_request(session, "ssh-userauth"); if (rc != SSH_OK) { - SSH_LOG(session, SSH_LOG_WARN, + SSH_LOG(SSH_LOG_WARN, "Failed to request \"ssh-userauth\" service"); } @@ -162,10 +162,10 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_banner){ enter_function(); banner = buffer_get_ssh_string(packet); if (banner == NULL) { - SSH_LOG(session, SSH_LOG_WARN, + SSH_LOG(SSH_LOG_WARN, "Invalid SSH_USERAUTH_BANNER packet"); } else { - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Received SSH_USERAUTH_BANNER packet"); if(session->banner != NULL) ssh_string_free(session->banner); @@ -206,12 +206,12 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure){ if (partial) { session->auth_state=SSH_AUTH_STATE_PARTIAL; - SSH_LOG(session, SSH_LOG_INFO, + SSH_LOG(SSH_LOG_INFO, "Partial success. Authentication that can continue: %s", auth_methods); } else { session->auth_state=SSH_AUTH_STATE_FAILED; - SSH_LOG(session, SSH_LOG_INFO, + SSH_LOG(SSH_LOG_INFO, "Access denied. Authentication that can continue: %s", auth_methods); ssh_set_error(session, SSH_REQUEST_DENIED, @@ -256,19 +256,19 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_success){ (void)type; (void)user; - SSH_LOG(session, SSH_LOG_DEBUG, "Authentication successful"); - SSH_LOG(session, SSH_LOG_TRACE, "Received SSH_USERAUTH_SUCCESS"); + SSH_LOG(SSH_LOG_DEBUG, "Authentication successful"); + SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_SUCCESS"); session->auth_state=SSH_AUTH_STATE_SUCCESS; session->session_state=SSH_SESSION_STATE_AUTHENTICATED; session->flags |= SSH_SESSION_FLAG_AUTHENTICATED; if(session->current_crypto && session->current_crypto->delayed_compress_out){ - SSH_LOG(session, SSH_LOG_DEBUG, "Enabling delayed compression OUT"); + SSH_LOG(SSH_LOG_DEBUG, "Enabling delayed compression OUT"); session->current_crypto->do_compress_out=1; } if(session->current_crypto && session->current_crypto->delayed_compress_in){ - SSH_LOG(session,SSH_LOG_DEBUG, "Enabling delayed compression IN"); + SSH_LOG(SSH_LOG_DEBUG, "Enabling delayed compression IN"); session->current_crypto->do_compress_in=1; } leave_function(); @@ -287,11 +287,11 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok){ int rc; enter_function(); - SSH_LOG(session, SSH_LOG_TRACE, "Received SSH_USERAUTH_PK_OK/INFO_REQUEST/GSSAPI_RESPONSE"); + SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_PK_OK/INFO_REQUEST/GSSAPI_RESPONSE"); if(session->auth_state==SSH_AUTH_STATE_KBDINT_SENT){ /* Assuming we are in keyboard-interactive context */ - SSH_LOG(session, SSH_LOG_TRACE, + SSH_LOG(SSH_LOG_TRACE, "keyboard-interactive context, assuming SSH_USERAUTH_INFO_REQUEST"); rc=ssh_packet_userauth_info_request(session,type,packet,user); #if WITH_GSSAPI @@ -300,7 +300,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok){ #endif } else { session->auth_state=SSH_AUTH_STATE_PK_OK; - SSH_LOG(session, SSH_LOG_TRACE, "Assuming SSH_USERAUTH_PK_OK"); + SSH_LOG(SSH_LOG_TRACE, "Assuming SSH_USERAUTH_PK_OK"); rc=SSH_PACKET_USED; } leave_function(); @@ -994,7 +994,7 @@ int ssh_userauth_agent(ssh_session session, state->pubkey = ssh_agent_get_first_ident(session, &state->comment); while (state->pubkey != NULL) { if(state->state == SSH_AGENT_STATE_NONE){ - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Trying identity %s", state->comment); } if(state->state == SSH_AGENT_STATE_NONE || @@ -1009,7 +1009,7 @@ int ssh_userauth_agent(ssh_session session, state->state = SSH_AGENT_STATE_PUBKEY; return rc; } else if (rc != SSH_AUTH_SUCCESS) { - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Public key of %s refused by server", state->comment); ssh_string_free_char(state->comment); ssh_key_free(state->pubkey); @@ -1018,7 +1018,7 @@ int ssh_userauth_agent(ssh_session session, continue; } - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Public key of %s accepted by server", state->comment); state->state = SSH_AGENT_STATE_AUTH; } @@ -1032,7 +1032,7 @@ int ssh_userauth_agent(ssh_session session, SAFE_FREE(session->agent_state); return rc; } else if (rc != SSH_AUTH_SUCCESS) { - SSH_LOG(session, SSH_LOG_INFO, + SSH_LOG(SSH_LOG_INFO, "Server accepted public key but refused the signature"); state->pubkey = ssh_agent_get_next_ident(session, &state->comment); state->state = SSH_AGENT_STATE_NONE; @@ -1136,7 +1136,7 @@ int ssh_userauth_publickey_auto(ssh_session session, const char *privkey_file = state->it->data; char pubkey_file[1024] = {0}; if (state->state == SSH_AUTH_AUTO_STATE_PUBKEY){ - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Trying to authenticate with %s", privkey_file); state->privkey = NULL; state->pubkey = NULL; @@ -1166,7 +1166,7 @@ int ssh_userauth_publickey_auto(ssh_session session, continue; } else if (rc == SSH_EOF) { /* If the file doesn't exist, continue */ - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Private key %s doesn't exist.", privkey_file); state->it=state->it->next; @@ -1182,8 +1182,7 @@ int ssh_userauth_publickey_auto(ssh_session session, rc = ssh_pki_export_pubkey_file(state->pubkey, pubkey_file); if (rc == SSH_ERROR) { - SSH_LOG(session, - SSH_LOG_WARN, + SSH_LOG(SSH_LOG_WARN, "Could not write public key to file: %s", pubkey_file); } @@ -1193,8 +1192,7 @@ int ssh_userauth_publickey_auto(ssh_session session, if (state->state == SSH_AUTH_AUTO_STATE_KEY_IMPORTED){ rc = ssh_userauth_try_publickey(session, username, state->pubkey); if (rc == SSH_AUTH_ERROR) { - SSH_LOG(session, - SSH_LOG_WARN, + SSH_LOG(SSH_LOG_WARN, "Public key authentication error for %s", privkey_file); ssh_key_free(state->privkey); @@ -1204,8 +1202,7 @@ int ssh_userauth_publickey_auto(ssh_session session, } else if (rc == SSH_AUTH_AGAIN){ return rc; } else if (rc != SSH_AUTH_SUCCESS) { - SSH_LOG(session, - SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Public key for %s refused by server", privkey_file); ssh_key_free(state->privkey); @@ -1240,8 +1237,7 @@ int ssh_userauth_publickey_auto(ssh_session session, /* If the file doesn't exist, continue */ ssh_key_free(state->pubkey); state->pubkey=NULL; - SSH_LOG(session, - SSH_LOG_INFO, + SSH_LOG(SSH_LOG_INFO, "Private key %s doesn't exist.", privkey_file); state->it=state->it->next; @@ -1259,8 +1255,7 @@ int ssh_userauth_publickey_auto(ssh_session session, if (rc == SSH_AUTH_ERROR) { return rc; } else if (rc == SSH_AUTH_SUCCESS) { - SSH_LOG(session, - SSH_LOG_INFO, + SSH_LOG(SSH_LOG_INFO, "Successfully authenticated using %s", privkey_file); return rc; @@ -1268,16 +1263,14 @@ int ssh_userauth_publickey_auto(ssh_session session, return rc; } - SSH_LOG(session, - SSH_LOG_WARN, + SSH_LOG(SSH_LOG_WARN, "The server accepted the public key but refused the signature"); state->it=state->it->next; state->state=SSH_AUTH_AUTO_STATE_PUBKEY; /* continue */ } } - SSH_LOG(session, - SSH_LOG_INFO, + SSH_LOG(SSH_LOG_INFO, "Tried every public key, none matched"); SAFE_FREE(session->auth_auto_state); return SSH_AUTH_DENIED; @@ -1640,7 +1633,7 @@ static int ssh_userauth_kbdint_init(ssh_session session, session->auth_state = SSH_AUTH_STATE_KBDINT_SENT; session->pending_call_state = SSH_PENDING_CALL_AUTH_KBDINT_INIT; - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Sending keyboard-interactive init request"); rc = packet_send(session); @@ -1714,7 +1707,7 @@ static int ssh_userauth_kbdint_send(ssh_session session) ssh_kbdint_free(session->kbdint); session->kbdint = NULL; - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "Sending keyboard-interactive response packet"); rc = packet_send(session); @@ -1800,7 +1793,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request) { } nprompts = ntohl(nprompts); - SSH_LOG(session, SSH_LOG_DEBUG, + SSH_LOG(SSH_LOG_DEBUG, "%d keyboard-interactive prompts", nprompts); if (nprompts > KBDINT_MAX_PROMPT) { ssh_set_error(session, SSH_FATAL, @@ -2156,7 +2149,7 @@ int ssh_userauth_gssapi(ssh_session session) { } else if (rc == SSH_ERROR) { return SSH_AUTH_ERROR; } - ssh_log(session,SSH_LOG_PROTOCOL, "Authenticating with gssapi-with-mic"); + SSH_LOG(SSH_LOG_PROTOCOL, "Authenticating with gssapi-with-mic"); session->auth_state = SSH_AUTH_STATE_NONE; session->pending_call_state = SSH_PENDING_CALL_AUTH_GSSAPI_MIC; rc = ssh_gssapi_auth_mic(session); |