Add tls and protocol variables to request log.

ykval-config.php

@@ -150,8 +150,10 @@ function otp2ksmurls ($otp, $client)
  *	%low%
  *	%high%
  *	%use%
+ *	%tls%
+ *	%protocol%
  *
  * If a value is malformed or not available,
  *	a dash '-' is written instead.
  */
-//$baseParams['__YKVAL_VERIFY_LOGFORMAT__'] = '[%time_start%] [%ip%] [%client%] [%public_id%] [%otp%] [%status%] [%time_taken%] [%nonce%] [%signed%] [%counter%] [%low%] [%high%] [%use%]';
+//$baseParams['__YKVAL_VERIFY_LOGFORMAT__'] = '[%time_start%] [%ip%] [%tls%] [%protocol%] [%client%] [%public_id%] [%otp%] [%status%] [%time_taken%] [%nonce%] [%signed%] [%counter%] [%low%] [%high%] [%use%]';

ykval-log-verify.php

@@ -46,6 +46,8 @@ class LogVerify
 		'low' => NULL,
 		'high' => NULL,
 		'use' => NULL,
+		'tls' => NULL,
+		'protocol' => NULL,
 	);
 
 	/**
@@ -118,7 +120,7 @@ class LogVerify
 	/**
 	 * Sanitize untrusted values from clients before writing them to syslog.
 	 *
-	 * P.S. signed, status, time_start are assumed safe,
+	 * P.S. signed, status, time_start, tls are assumed safe,
 	 *	since they are set internally.
 	 *
 	 * @return array sanitized $this->fields
@@ -162,6 +164,11 @@ class LogVerify
 		if (preg_match('/^[a-zA-Z0-9]{16,40}$/', $a['nonce']) !== 1)
 			$a['nonce'] = '-';
 
+		if (is_float($a['protocol']) === TRUE)
+			$a['protocol'] = sprintf('%.1f', $a['protocol']);
+		else
+			$a['protocol'] = '-';
+
 		$start = explode(' ', $a['time_start']);
 		$start_msec = $start[0];
 		$start_sec = $start[1];

ykval-verify.php

@@ -57,6 +57,7 @@ $myLog->addField('ip', $ipaddr);
 
 $myLog->request = new LogVerify();
 $myLog->request->set('ip', $ipaddr);
+$myLog->request->set('tls', ($https ? 'tls' : '-'));
 $myLog->request->set('time_start', $time_start);
 unset($time_start);
 
@@ -91,6 +92,7 @@ else
 	$protocol_version = 1.0;
 }
 
+$myLog->request->set('protocol', $protocol_version);
 $myLog->log(LOG_DEBUG, "found protocol version $protocol_version");
 
 /**