mirror of
https://git.libssh.org/projects/libssh.git
synced 2025-11-29 01:03:57 +03:00
log: Implment new logging functions.
This commit is contained in:
Andreas Schneider
65
src/auth.c
65
src/auth.c
@@ -70,7 +70,7 @@ static int ssh_userauth_request_service(ssh_session session) {
|
||||
|
||||
rc = ssh_service_request(session, "ssh-userauth");
|
||||
if (rc != SSH_OK) {
|
||||
SSH_LOG(session, SSH_LOG_WARN,
|
||||
SSH_LOG(SSH_LOG_WARN,
|
||||
"Failed to request \"ssh-userauth\" service");
|
||||
}
|
||||
|
||||
@@ -162,10 +162,10 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_banner){
|
||||
enter_function();
|
||||
banner = buffer_get_ssh_string(packet);
|
||||
if (banner == NULL) {
|
||||
SSH_LOG(session, SSH_LOG_WARN,
|
||||
SSH_LOG(SSH_LOG_WARN,
|
||||
"Invalid SSH_USERAUTH_BANNER packet");
|
||||
} else {
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Received SSH_USERAUTH_BANNER packet");
|
||||
if(session->banner != NULL)
|
||||
ssh_string_free(session->banner);
|
||||
@@ -206,12 +206,12 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure){
|
||||
|
||||
if (partial) {
|
||||
session->auth_state=SSH_AUTH_STATE_PARTIAL;
|
||||
SSH_LOG(session, SSH_LOG_INFO,
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Partial success. Authentication that can continue: %s",
|
||||
auth_methods);
|
||||
} else {
|
||||
session->auth_state=SSH_AUTH_STATE_FAILED;
|
||||
SSH_LOG(session, SSH_LOG_INFO,
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Access denied. Authentication that can continue: %s",
|
||||
auth_methods);
|
||||
ssh_set_error(session, SSH_REQUEST_DENIED,
|
||||
@@ -256,19 +256,19 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_success){
|
||||
(void)type;
|
||||
(void)user;
|
||||
|
||||
SSH_LOG(session, SSH_LOG_DEBUG, "Authentication successful");
|
||||
SSH_LOG(session, SSH_LOG_TRACE, "Received SSH_USERAUTH_SUCCESS");
|
||||
SSH_LOG(SSH_LOG_DEBUG, "Authentication successful");
|
||||
SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_SUCCESS");
|
||||
|
||||
session->auth_state=SSH_AUTH_STATE_SUCCESS;
|
||||
session->session_state=SSH_SESSION_STATE_AUTHENTICATED;
|
||||
session->flags |= SSH_SESSION_FLAG_AUTHENTICATED;
|
||||
|
||||
if(session->current_crypto && session->current_crypto->delayed_compress_out){
|
||||
SSH_LOG(session, SSH_LOG_DEBUG, "Enabling delayed compression OUT");
|
||||
SSH_LOG(SSH_LOG_DEBUG, "Enabling delayed compression OUT");
|
||||
session->current_crypto->do_compress_out=1;
|
||||
}
|
||||
if(session->current_crypto && session->current_crypto->delayed_compress_in){
|
||||
SSH_LOG(session,SSH_LOG_DEBUG, "Enabling delayed compression IN");
|
||||
SSH_LOG(SSH_LOG_DEBUG, "Enabling delayed compression IN");
|
||||
session->current_crypto->do_compress_in=1;
|
||||
}
|
||||
leave_function();
|
||||
@@ -287,11 +287,11 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok){
|
||||
int rc;
|
||||
enter_function();
|
||||
|
||||
SSH_LOG(session, SSH_LOG_TRACE, "Received SSH_USERAUTH_PK_OK/INFO_REQUEST/GSSAPI_RESPONSE");
|
||||
SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_PK_OK/INFO_REQUEST/GSSAPI_RESPONSE");
|
||||
|
||||
if(session->auth_state==SSH_AUTH_STATE_KBDINT_SENT){
|
||||
/* Assuming we are in keyboard-interactive context */
|
||||
SSH_LOG(session, SSH_LOG_TRACE,
|
||||
SSH_LOG(SSH_LOG_TRACE,
|
||||
"keyboard-interactive context, assuming SSH_USERAUTH_INFO_REQUEST");
|
||||
rc=ssh_packet_userauth_info_request(session,type,packet,user);
|
||||
#if WITH_GSSAPI
|
||||
@@ -300,7 +300,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok){
|
||||
#endif
|
||||
} else {
|
||||
session->auth_state=SSH_AUTH_STATE_PK_OK;
|
||||
SSH_LOG(session, SSH_LOG_TRACE, "Assuming SSH_USERAUTH_PK_OK");
|
||||
SSH_LOG(SSH_LOG_TRACE, "Assuming SSH_USERAUTH_PK_OK");
|
||||
rc=SSH_PACKET_USED;
|
||||
}
|
||||
leave_function();
|
||||
@@ -994,7 +994,7 @@ int ssh_userauth_agent(ssh_session session,
|
||||
state->pubkey = ssh_agent_get_first_ident(session, &state->comment);
|
||||
while (state->pubkey != NULL) {
|
||||
if(state->state == SSH_AGENT_STATE_NONE){
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Trying identity %s", state->comment);
|
||||
}
|
||||
if(state->state == SSH_AGENT_STATE_NONE ||
|
||||
@@ -1009,7 +1009,7 @@ int ssh_userauth_agent(ssh_session session,
|
||||
state->state = SSH_AGENT_STATE_PUBKEY;
|
||||
return rc;
|
||||
} else if (rc != SSH_AUTH_SUCCESS) {
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Public key of %s refused by server", state->comment);
|
||||
ssh_string_free_char(state->comment);
|
||||
ssh_key_free(state->pubkey);
|
||||
@@ -1018,7 +1018,7 @@ int ssh_userauth_agent(ssh_session session,
|
||||
continue;
|
||||
}
|
||||
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Public key of %s accepted by server", state->comment);
|
||||
state->state = SSH_AGENT_STATE_AUTH;
|
||||
}
|
||||
@@ -1032,7 +1032,7 @@ int ssh_userauth_agent(ssh_session session,
|
||||
SAFE_FREE(session->agent_state);
|
||||
return rc;
|
||||
} else if (rc != SSH_AUTH_SUCCESS) {
|
||||
SSH_LOG(session, SSH_LOG_INFO,
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Server accepted public key but refused the signature");
|
||||
state->pubkey = ssh_agent_get_next_ident(session, &state->comment);
|
||||
state->state = SSH_AGENT_STATE_NONE;
|
||||
@@ -1136,7 +1136,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
const char *privkey_file = state->it->data;
|
||||
char pubkey_file[1024] = {0};
|
||||
if (state->state == SSH_AUTH_AUTO_STATE_PUBKEY){
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Trying to authenticate with %s", privkey_file);
|
||||
state->privkey = NULL;
|
||||
state->pubkey = NULL;
|
||||
@@ -1166,7 +1166,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
continue;
|
||||
} else if (rc == SSH_EOF) {
|
||||
/* If the file doesn't exist, continue */
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Private key %s doesn't exist.",
|
||||
privkey_file);
|
||||
state->it=state->it->next;
|
||||
@@ -1182,8 +1182,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
|
||||
rc = ssh_pki_export_pubkey_file(state->pubkey, pubkey_file);
|
||||
if (rc == SSH_ERROR) {
|
||||
SSH_LOG(session,
|
||||
SSH_LOG_WARN,
|
||||
SSH_LOG(SSH_LOG_WARN,
|
||||
"Could not write public key to file: %s",
|
||||
pubkey_file);
|
||||
}
|
||||
@@ -1193,8 +1192,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
if (state->state == SSH_AUTH_AUTO_STATE_KEY_IMPORTED){
|
||||
rc = ssh_userauth_try_publickey(session, username, state->pubkey);
|
||||
if (rc == SSH_AUTH_ERROR) {
|
||||
SSH_LOG(session,
|
||||
SSH_LOG_WARN,
|
||||
SSH_LOG(SSH_LOG_WARN,
|
||||
"Public key authentication error for %s",
|
||||
privkey_file);
|
||||
ssh_key_free(state->privkey);
|
||||
@@ -1204,8 +1202,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
} else if (rc == SSH_AUTH_AGAIN){
|
||||
return rc;
|
||||
} else if (rc != SSH_AUTH_SUCCESS) {
|
||||
SSH_LOG(session,
|
||||
SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Public key for %s refused by server",
|
||||
privkey_file);
|
||||
ssh_key_free(state->privkey);
|
||||
@@ -1240,8 +1237,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
/* If the file doesn't exist, continue */
|
||||
ssh_key_free(state->pubkey);
|
||||
state->pubkey=NULL;
|
||||
SSH_LOG(session,
|
||||
SSH_LOG_INFO,
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Private key %s doesn't exist.",
|
||||
privkey_file);
|
||||
state->it=state->it->next;
|
||||
@@ -1259,8 +1255,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
if (rc == SSH_AUTH_ERROR) {
|
||||
return rc;
|
||||
} else if (rc == SSH_AUTH_SUCCESS) {
|
||||
SSH_LOG(session,
|
||||
SSH_LOG_INFO,
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Successfully authenticated using %s",
|
||||
privkey_file);
|
||||
return rc;
|
||||
@@ -1268,16 +1263,14 @@ int ssh_userauth_publickey_auto(ssh_session session,
|
||||
return rc;
|
||||
}
|
||||
|
||||
SSH_LOG(session,
|
||||
SSH_LOG_WARN,
|
||||
SSH_LOG(SSH_LOG_WARN,
|
||||
"The server accepted the public key but refused the signature");
|
||||
state->it=state->it->next;
|
||||
state->state=SSH_AUTH_AUTO_STATE_PUBKEY;
|
||||
/* continue */
|
||||
}
|
||||
}
|
||||
SSH_LOG(session,
|
||||
SSH_LOG_INFO,
|
||||
SSH_LOG(SSH_LOG_INFO,
|
||||
"Tried every public key, none matched");
|
||||
SAFE_FREE(session->auth_auto_state);
|
||||
return SSH_AUTH_DENIED;
|
||||
@@ -1640,7 +1633,7 @@ static int ssh_userauth_kbdint_init(ssh_session session,
|
||||
session->auth_state = SSH_AUTH_STATE_KBDINT_SENT;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_KBDINT_INIT;
|
||||
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Sending keyboard-interactive init request");
|
||||
|
||||
rc = packet_send(session);
|
||||
@@ -1714,7 +1707,7 @@ static int ssh_userauth_kbdint_send(ssh_session session)
|
||||
ssh_kbdint_free(session->kbdint);
|
||||
session->kbdint = NULL;
|
||||
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"Sending keyboard-interactive response packet");
|
||||
|
||||
rc = packet_send(session);
|
||||
@@ -1800,7 +1793,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request) {
|
||||
}
|
||||
|
||||
nprompts = ntohl(nprompts);
|
||||
SSH_LOG(session, SSH_LOG_DEBUG,
|
||||
SSH_LOG(SSH_LOG_DEBUG,
|
||||
"%d keyboard-interactive prompts", nprompts);
|
||||
if (nprompts > KBDINT_MAX_PROMPT) {
|
||||
ssh_set_error(session, SSH_FATAL,
|
||||
@@ -2156,7 +2149,7 @@ int ssh_userauth_gssapi(ssh_session session) {
|
||||
} else if (rc == SSH_ERROR) {
|
||||
return SSH_AUTH_ERROR;
|
||||
}
|
||||
ssh_log(session,SSH_LOG_PROTOCOL, "Authenticating with gssapi-with-mic");
|
||||
SSH_LOG(SSH_LOG_PROTOCOL, "Authenticating with gssapi-with-mic");
|
||||
session->auth_state = SSH_AUTH_STATE_NONE;
|
||||
session->pending_call_state = SSH_PENDING_CALL_AUTH_GSSAPI_MIC;
|
||||
rc = ssh_gssapi_auth_mic(session);
|
||||
|
||||
Reference in New Issue
Block a user