diff --git a/ykval-common.php b/ykval-common.php index 6e7395e..88fe162 100644 --- a/ykval-common.php +++ b/ykval-common.php @@ -1,7 +1,5 @@ log(LOG_INFO, $str); + $logger->log(LOG_INFO, $str); die($str . "\n"); } @@ -122,7 +116,7 @@ function retrieveURLasync ($ident, $urls, $logger, $ans_req=1, $match="^OK", $re $ch = array(); foreach ($urls as $id => $url) { $handle = curl_init(); - $logger->log($ident . " adding URL : " . $url); + $logger->log(LOG_DEBUG, $ident . " adding URL : " . $url); curl_setopt($handle, CURLOPT_URL, $url); curl_setopt($handle, CURLOPT_USERAGENT, "YK-VAL"); curl_setopt($handle, CURLOPT_RETURNTRANSFER, 1); @@ -143,16 +137,16 @@ function retrieveURLasync ($ident, $urls, $logger, $ans_req=1, $match="^OK", $re ; while ($info = curl_multi_info_read($mh)) { - $logger->log($ident . " curl multi info : ", $info); + $logger->log(LOG_DEBUG, $ident . " curl multi info : ", $info); if ($info['result'] == CURLE_OK) { $str = curl_multi_getcontent($info['handle']); - $logger->log($ident . " curl multi content : " . $str); + $logger->log(LOG_DEBUG, $ident . " curl multi content : " . $str); if (preg_match("/".$match."/", $str)) { - $logger->log($ident . " response matches " . $match); + $logger->log(LOG_DEBUG, $ident . " response matches " . $match); $error = curl_error ($info['handle']); $errno = curl_errno ($info['handle']); $cinfo = curl_getinfo ($info['handle']); - $logger->log($ident . " errno/error: " . $errno . "/" . $error, $cinfo); + $logger->log(LOG_DEBUG, $ident . " errno/error: " . $errno . "/" . $error, $cinfo); $ans_count++; if ($returl) $ans_arr[]="url=" . $cinfo['url'] . "\n" . $str; else $ans_arr[]=$str; diff --git a/ykval-revoke.php b/ykval-revoke.php index b1496df..53551d3 100644 --- a/ykval-revoke.php +++ b/ykval-revoke.php @@ -2,24 +2,28 @@ require_once 'ykval-common.php'; require_once 'ykval-config.php'; require_once 'ykval-db.php'; +require_once 'ykval-log.php'; header("content-type: text/plain"); +$myLog = new Log('ykval-revoke'); +$myLog->addField('ip', $_SERVER['REMOTE_ADDR']); + if (!in_array ($_SERVER["REMOTE_ADDR"], $baseParams['__YKREV_IPS__'])) { - logdie("ERROR Authorization failed (logged ". $_SERVER["REMOTE_ADDR"] .")"); + logdie($myLog, "ERROR Authorization failed (logged ". $_SERVER["REMOTE_ADDR"] .")"); } # Parse input $yk = $_REQUEST["yk"]; $do = $_REQUEST["do"]; if (!$yk || !$do) { - logdie("ERROR Missing parameter"); + logdie($myLog, "ERROR Missing parameter"); } if (!preg_match("/^([cbdefghijklnrtuv]{0,16})$/", $yk)) { - logdie("ERROR Unknown yk value: $yk"); + logdie($myLog, "ERROR Unknown yk value: $yk"); } if ($do != "enable" && $do != "disable") { - logdie("ERROR Unknown do value: $do"); + logdie($myLog, "ERROR Unknown do value: $do"); } # Connect to db @@ -29,21 +33,21 @@ $db = new Db($baseParams['__YKVAL_DB_DSN__'], $baseParams['__YKVAL_DB_OPTIONS__'], 'ykval-revoke:db'); if (!$db->connect()) { - logdie("ERROR Database connect error"); + logdie($myLog, "ERROR Database connect error"); } # Check if key exists $r = $db->findBy('yubikeys', 'yk_publicname', $yk, 1); if (!$r) { - logdie("ERROR Unknown yubikey: $yk"); + logdie($myLog, "ERROR Unknown yubikey: $yk"); } # Enable/Disable the yubikey if (!$db->updateBy('yubikeys', 'yk_publicname', $yk, array('active'=>($do == "enable" ? "1" : "0")))) { - logdie("ERROR Could not $do for $yk (rows $rows)"); + logdie($myLog, "ERROR Could not $do for $yk (rows $rows)"); } # We are done -logdie("OK Processed $yk with $do"); +logdie($myLog, "OK Processed $yk with $do"); ?> diff --git a/ykval-sync.php b/ykval-sync.php index c9fe517..20545a7 100644 --- a/ykval-sync.php +++ b/ykval-sync.php @@ -169,7 +169,7 @@ if ($localParams['active'] != 1) { */ $myLog->log(LOG_WARNING, 'Received sync-request for de-activated Yubikey ' . $yk_publicname . ' - check database synchronization!!!'); - sendResp(S_BAD_OTP, $apiKey); + sendResp(S_BAD_OTP, $myLog, $apiKey); exit; }