Merge branch 'master' of github.com:Yubico/yubikey-val-server-php

ykval-common.php

@@ -1,7 +1,5 @@
 <?php
 
-require_once('ykval-log.php');
-
 define('S_OK', 'OK');
 define('S_BAD_OTP', 'BAD_OTP');
 define('S_REPLAYED_OTP', 'REPLAYED_OTP');
@@ -22,13 +20,9 @@ define('TS_ABS_TOLERANCE', 20);
 define('TOKEN_LEN', 32);
 define('OTP_MAX_LEN', 48); // TOKEN_LEN plus public identity of 0..16
 
-global $ykval_common_log;
-$ykval_common_log = new Log('ykval-common');
-
-function logdie ($str)
+function logdie ($logger, $str)
 {
-  global $ykval_common_log;
-  $ykval_common_log->log(LOG_INFO, $str);
+  $logger->log(LOG_INFO, $str);
   die($str . "\n");
 }
 
@@ -122,7 +116,7 @@ function retrieveURLasync ($ident, $urls, $logger, $ans_req=1, $match="^OK", $re
   $ch = array();
   foreach ($urls as $id => $url) {
     $handle = curl_init();
-    $logger->log($ident . " adding URL : " . $url);
+    $logger->log(LOG_DEBUG, $ident . " adding URL : " . $url);
     curl_setopt($handle, CURLOPT_URL, $url);
     curl_setopt($handle, CURLOPT_USERAGENT, "YK-VAL");
     curl_setopt($handle, CURLOPT_RETURNTRANSFER, 1);
@@ -143,16 +137,16 @@ function retrieveURLasync ($ident, $urls, $logger, $ans_req=1, $match="^OK", $re
       ;
 
     while ($info = curl_multi_info_read($mh)) {
-      $logger->log($ident . " curl multi info : ", $info);
+      $logger->log(LOG_DEBUG, $ident . " curl multi info : ", $info);
       if ($info['result'] == CURLE_OK) {
 	$str = curl_multi_getcontent($info['handle']);
-	$logger->log($ident . " curl multi content : " . $str);
+	$logger->log(LOG_DEBUG, $ident . " curl multi content : " . $str);
 	if (preg_match("/".$match."/", $str)) {
-	  $logger->log($ident . " response matches " . $match);
+	  $logger->log(LOG_DEBUG, $ident . " response matches " . $match);
 	  $error = curl_error ($info['handle']);
 	  $errno = curl_errno ($info['handle']);
 	  $cinfo = curl_getinfo ($info['handle']);
-	  $logger->log($ident . " errno/error: " . $errno . "/" . $error, $cinfo);
+	  $logger->log(LOG_DEBUG, $ident . " errno/error: " . $errno . "/" . $error, $cinfo);
 	  $ans_count++;
 	  if ($returl) $ans_arr[]="url=" . $cinfo['url'] . "\n" . $str;
 	  else $ans_arr[]=$str;

ykval-revoke.php

@@ -2,24 +2,28 @@
 require_once 'ykval-common.php';
 require_once 'ykval-config.php';
 require_once 'ykval-db.php';
+require_once 'ykval-log.php';
 
 header("content-type: text/plain");
 
+$myLog = new Log('ykval-revoke');
+$myLog->addField('ip', $_SERVER['REMOTE_ADDR']);
+
 if (!in_array ($_SERVER["REMOTE_ADDR"], $baseParams['__YKREV_IPS__'])) {
-  logdie("ERROR Authorization failed (logged ". $_SERVER["REMOTE_ADDR"] .")");
+  logdie($myLog, "ERROR Authorization failed (logged ". $_SERVER["REMOTE_ADDR"] .")");
 }
 
 # Parse input
 $yk = $_REQUEST["yk"];
 $do = $_REQUEST["do"];
 if (!$yk || !$do) {
-  logdie("ERROR Missing parameter");
+  logdie($myLog, "ERROR Missing parameter");
 }
 if (!preg_match("/^([cbdefghijklnrtuv]{0,16})$/", $yk)) {
-  logdie("ERROR Unknown yk value: $yk");
+  logdie($myLog, "ERROR Unknown yk value: $yk");
 }
 if ($do != "enable" && $do != "disable") {
-  logdie("ERROR Unknown do value: $do");
+  logdie($myLog, "ERROR Unknown do value: $do");
 }
 
 # Connect to db
@@ -29,21 +33,21 @@ $db = new Db($baseParams['__YKVAL_DB_DSN__'],
 	     $baseParams['__YKVAL_DB_OPTIONS__'],
 	     'ykval-revoke:db');
 if (!$db->connect()) {
-  logdie("ERROR Database connect error");
+  logdie($myLog, "ERROR Database connect error");
 }
 
 # Check if key exists
 $r = $db->findBy('yubikeys', 'yk_publicname', $yk, 1);
 if (!$r) {
-  logdie("ERROR Unknown yubikey: $yk");
+  logdie($myLog, "ERROR Unknown yubikey: $yk");
 }
 
 # Enable/Disable the yubikey
 if (!$db->updateBy('yubikeys', 'yk_publicname', $yk,
 		   array('active'=>($do == "enable" ? "1" : "0")))) {
-  logdie("ERROR Could not $do for $yk (rows $rows)");
+  logdie($myLog, "ERROR Could not $do for $yk (rows $rows)");
 }
 
 # We are done
-logdie("OK Processed $yk with $do");
+logdie($myLog, "OK Processed $yk with $do");
 ?>

ykval-sync.php

@@ -169,7 +169,7 @@ if ($localParams['active'] != 1) {
    */
   $myLog->log(LOG_WARNING, 'Received sync-request for de-activated Yubikey ' . $yk_publicname .
 	      ' - check database synchronization!!!');
-  sendResp(S_BAD_OTP, $apiKey);
+  sendResp(S_BAD_OTP, $myLog, $apiKey);
   exit;
 }