mirror of
https://github.com/Yubico/yubikey-val.git
synced 2025-03-03 18:29:18 +01:00
Add tls and protocol variables to request log.
This commit is contained in:
parent
8a18cfea68
commit
28c64e64fb
@ -150,8 +150,10 @@ function otp2ksmurls ($otp, $client)
|
||||
* %low%
|
||||
* %high%
|
||||
* %use%
|
||||
* %tls%
|
||||
* %protocol%
|
||||
*
|
||||
* If a value is malformed or not available,
|
||||
* a dash '-' is written instead.
|
||||
*/
|
||||
//$baseParams['__YKVAL_VERIFY_LOGFORMAT__'] = '[%time_start%] [%ip%] [%client%] [%public_id%] [%otp%] [%status%] [%time_taken%] [%nonce%] [%signed%] [%counter%] [%low%] [%high%] [%use%]';
|
||||
//$baseParams['__YKVAL_VERIFY_LOGFORMAT__'] = '[%time_start%] [%ip%] [%tls%] [%protocol%] [%client%] [%public_id%] [%otp%] [%status%] [%time_taken%] [%nonce%] [%signed%] [%counter%] [%low%] [%high%] [%use%]';
|
||||
|
@ -46,6 +46,8 @@ class LogVerify
|
||||
'low' => NULL,
|
||||
'high' => NULL,
|
||||
'use' => NULL,
|
||||
'tls' => NULL,
|
||||
'protocol' => NULL,
|
||||
);
|
||||
|
||||
/**
|
||||
@ -118,7 +120,7 @@ class LogVerify
|
||||
/**
|
||||
* Sanitize untrusted values from clients before writing them to syslog.
|
||||
*
|
||||
* P.S. signed, status, time_start are assumed safe,
|
||||
* P.S. signed, status, time_start, tls are assumed safe,
|
||||
* since they are set internally.
|
||||
*
|
||||
* @return array sanitized $this->fields
|
||||
@ -162,6 +164,11 @@ class LogVerify
|
||||
if (preg_match('/^[a-zA-Z0-9]{16,40}$/', $a['nonce']) !== 1)
|
||||
$a['nonce'] = '-';
|
||||
|
||||
if (is_float($a['protocol']) === TRUE)
|
||||
$a['protocol'] = sprintf('%.1f', $a['protocol']);
|
||||
else
|
||||
$a['protocol'] = '-';
|
||||
|
||||
$start = explode(' ', $a['time_start']);
|
||||
$start_msec = $start[0];
|
||||
$start_sec = $start[1];
|
||||
|
@ -57,6 +57,7 @@ $myLog->addField('ip', $ipaddr);
|
||||
|
||||
$myLog->request = new LogVerify();
|
||||
$myLog->request->set('ip', $ipaddr);
|
||||
$myLog->request->set('tls', ($https ? 'tls' : '-'));
|
||||
$myLog->request->set('time_start', $time_start);
|
||||
unset($time_start);
|
||||
|
||||
@ -91,6 +92,7 @@ else
|
||||
$protocol_version = 1.0;
|
||||
}
|
||||
|
||||
$myLog->request->set('protocol', $protocol_version);
|
||||
$myLog->log(LOG_DEBUG, "found protocol version $protocol_version");
|
||||
|
||||
/**
|
||||
|
Loading…
x
Reference in New Issue
Block a user