diff --git a/ykval-common.php b/ykval-common.php index 1449646..f9e69bf 100644 --- a/ykval-common.php +++ b/ykval-common.php @@ -1,5 +1,7 @@ log(LOG_EMERG, $str); die($str . "\n"); } @@ -66,7 +74,8 @@ function debug() { $str .= $msg . " "; } } - error_log($str); + global $ykval_common_log; + $ykval_common_log->log(LOG_DEBUG, $str); } // Return eg. 2008-11-21T06:11:55Z0711 diff --git a/ykval-db.php b/ykval-db.php index f31cd45..e37b85b 100644 --- a/ykval-db.php +++ b/ykval-db.php @@ -39,6 +39,9 @@ * @link http://www.yubico.com/ * @link http://code.google.com/p/yubikey-timedelta-server-php/ */ + +require_once('ykval-log.php'); + class Db { @@ -59,6 +62,8 @@ class Db $this->db_username=$db_username; $this->db_password=$db_password; $this->db_options=$db_options; + + $this->myLog=new Log('ykval-db'); } /** * function to convert Db timestamps to unixtime(s) @@ -120,8 +125,7 @@ class Db try { $this->dbh = new PDO($this->db_dsn, $this->db_username, $this->db_password, $this->db_options); } catch (PDOException $e) { - error_log("hej hopp"); - error_log("Database error: " . $e->getMessage()); + $this->myLog->log(LOG_CRIT, "Database error: " . $e->getMessage()); $this->dbh=Null; return false; } @@ -132,14 +136,14 @@ class Db if($this->dbh) { $this->result = $this->dbh->query($query); if (! $this->result){ - error_log('Database error: ' . print_r($this->dbh->errorInfo(), true)); - error_log('Query was: ' . $query); + $this->myLog->log(LOG_ERR, 'Database error: ' . print_r($this->dbh->errorInfo(), true)); + $this->myLog->log(LOG_INFO, 'Query was: ' . $query); return false; } if ($returnresult) return $this->result; else return true; } else { - error_log('No database connection'); + $this->myLog->log(LOG_CRIT, 'No database connection'); return false; } } @@ -217,7 +221,7 @@ class Db // Insert UPDATE statement at beginning $query = "UPDATE " . $table . " SET " . $query; - error_log("query is " . $query); + $this->myLog->log(LOG_INFO, "query is " . $query); return $this->query($query, false); } @@ -306,7 +310,7 @@ or false on failure. } if ($rev==1) $query.= " ORDER BY id DESC"; if ($nr!=null) $query.= " LIMIT " . $nr; - // error_log('query is ' .$query); + $result = $this->query($query, true); if (!$result) return false; @@ -349,7 +353,7 @@ or false on failure. } if ($rev==1) $query.= " ORDER BY id DESC"; if ($nr!=null) $query.= " LIMIT " . $nr; - error_log("delete query is " . $query); + $this->myLog->log(LOG_INFO, "delete query is " . $query); return $this->query($query, false); } diff --git a/ykval-queue.php b/ykval-queue.php index 2b6c037..2a8e4fc 100755 --- a/ykval-queue.php +++ b/ykval-queue.php @@ -3,6 +3,7 @@ require_once 'ykval-synclib.php'; require_once 'ykval-config.php'; +require_once 'ykval-log.php'; require_once "System/Daemon.php"; $appname="ykval-queue"; @@ -36,7 +37,7 @@ if ($argc==2 && strcmp($argv[1], "help")==0) { System_Daemon::start(); // Spawn Deamon! /* Application start */ -$sl = new SyncLib(); +$sl = new SyncLib('queue-synclib'); # Loop forever and resync @@ -47,7 +48,6 @@ while ($res==0) { $res=sleep($baseParams['__YKVAL_SYNC_INTERVAL__']); } -error_log("Stopping " . $appname); System_Daemon::stop(); ?> \ No newline at end of file diff --git a/ykval-sync.php b/ykval-sync.php index 832c0c4..251e373 100644 --- a/ykval-sync.php +++ b/ykval-sync.php @@ -7,9 +7,11 @@ $apiKey = ''; header("content-type: text/plain"); -debug("Request: " . $_SERVER['QUERY_STRING']); +$myLog = new Log('ykval-sync'); +$myLog->log(LOG_INFO, "Request: " . $_SERVER['QUERY_STRING']); + +$sync = new SyncLib('ykval-sync:synclib'); -$sync = new SyncLib('ykval-sync'); if (! $sync->isConnected()) { sendResp(S_BACKEND_ERROR, $apiKey); exit; @@ -19,17 +21,18 @@ if (! $sync->isConnected()) { # Verify that request comes from valid server # -$sync->log('notice', 'remote request ip is ' . $_SERVER['REMOTE_ADDR']); +$myLog->log(LOG_INFO, 'remote request ip is ' . $_SERVER['REMOTE_ADDR']); $allowed=False; foreach ($baseParams['__YKVAL_ALLOWED_SYNC_POOL__'] as $server) { - $sync->log('notice', 'checking against ip ' . $server); + $myLog->log(LOG_DEBUG, 'checking against ip ' . $server); if ($_SERVER['REMOTE_ADDR'] == $server) { - $sync->log('notice', 'server ' . $server . ' is allowed'); + $myLog->log(LOG_DEBUG, 'server ' . $server . ' is allowed'); $allowed=True; break; } } if (!$allowed) { + $myLog->log(LOG_NOTICE, 'Operation not allowed from IP ' . $_SERVER['REMOTE_ADDR']); sendResp(S_OPERATION_NOT_ALLOWED, $apiKey); exit; } @@ -51,18 +54,18 @@ $syncParams=array('modified'=>Null, # Extract values from HTTP request # -$tmp_log = "ykval-sync received "; +$tmp_log = "Received "; foreach ($syncParams as $param=>$value) { $value = getHttpVal($param, Null); if ($value==Null) { - debug("ykval-sync recevied request with parameter[s] missing"); + $myLog->log(LOG_NOTICE, "Recevied request with parameter[s] missing"); sendResp(S_MISSING_PARAMETER, ''); exit; } $syncParams[$param]=$value; $local_log .= "$param=$value "; } -debug($tmp_log); +$myLog->log(LOG_INFO, $tmp_log); # # Get local counter data @@ -71,13 +74,13 @@ debug($tmp_log); $yk_publicname = $syncParams['yk_publicname']; $localParams = $sync->getLocalParams($yk_publicname); if (!$localParams) { - debug('Invalid Yubikey ' . $yk_publicname); + $myLog->log(LOG_NOTICE, 'Invalid Yubikey ' . $yk_publicname); sendResp(S_BACKEND_ERROR, $apiKey); exit; } if ($localParams['active'] != 1) { - debug('De-activated Yubikey ' . $yk_publicname); + $myLog->log(LOG_NOTICE, 'De-activated Yubikey ' . $yk_publicname); sendResp(S_BAD_OTP, $apiKey); exit; } @@ -94,8 +97,8 @@ $sync->updateDbCounters($syncParams); if ($sync->countersHigherThan($localParams, $syncParams)) { /* sync counters are lower than local counters */ - $sync->log('warning', 'Remote server out of sync. Local params ' , $localParams); - $sync->log('warning', 'Remote server out of sync. Sync params ' , $syncParams); + $myLog->log(LOG_WARNING, 'Remote server out of sync. Local params ' , $localParams); + $myLog->log(LOG_WARNING, 'Remote server out of sync. Sync params ' , $syncParams); } if ($sync->countersEqual($localParams, $syncParams)) { @@ -103,16 +106,16 @@ if ($sync->countersEqual($localParams, $syncParams)) { if ($syncParams['modified']==$localParams['modified']) { /* sync modified is equal to local modified. Sync request is unnessecarily sent, we log a "light" warning */ - $sync->log('warning', 'Sync request unnessecarily sent'); + $myLog->log(LOG_WARNING, 'Sync request unnessecarily sent'); } else { /* sync modified is not equal to local modified. We have an OTP replay attempt somewhere in the system */ - $sync->log('warning', 'Replayed OTP attempt. Modified differs. Local ', $localParams); - $sync->log('warning', 'Replayed OTP attempt. Modified differs. Sync ', $syncParams); + $myLog->log(LOG_WARNING, 'Replayed OTP attempt. Modified differs. Local ', $localParams); + $myLog->log(LOG_WARNING, 'Replayed OTP attempt. Modified differs. Sync ', $syncParams); } if ($syncParams['nonce']!=$localParams['nonce']) { - $sync->log('warning', 'Replayed OTP attempt. Nonce differs. Local ', $localParams); - $sync->log('warning', 'Replayed OTP attempt. Nonce differs. Sync ', $syncParams); + $myLog->log(LOG_WARNING, 'Replayed OTP attempt. Nonce differs. Local ', $localParams); + $myLog->log(LOG_WARNING, 'Replayed OTP attempt. Nonce differs. Sync ', $syncParams); } } diff --git a/ykval-synclib.php b/ykval-synclib.php index 4e17635..d385dcc 100644 --- a/ykval-synclib.php +++ b/ykval-synclib.php @@ -3,6 +3,7 @@ require_once 'ykval-config.php'; require_once 'ykval-common.php'; require_once 'ykval-db.php'; +require_once 'ykval-log.php'; class SyncLib { @@ -11,7 +12,7 @@ class SyncLib function __construct($logname='ykval-synclib') { - $this->logname=$logname; + $this->myLog = new Log($logname); global $baseParams; $this->syncServers = $baseParams['__YKVAL_SYNC_POOL__']; @@ -125,9 +126,9 @@ class SyncLib else return 0; } - public function log($level, $msg, $params=NULL) + public function log($priority, $msg, $params=NULL) { - $logMsg=$this->logname . ':' . $level . ':' . $msg; + $logMsg=$msg; if ($params) $logMsg .= ' modified=' . $params['modified'] . ' nonce=' . $params['nonce'] . ' yk_publicname=' . $params['yk_publicname'] . @@ -135,15 +136,16 @@ class SyncLib ' yk_use=' . $params['yk_use'] . ' yk_high=' . $params['yk_high'] . ' yk_low=' . $params['yk_low']; - error_log($logMsg); + if ($this->myLog) $this->myLog->log($priority, $logMsg); + else error_log("Warning: myLog uninitialized in ykval-synclib.php. Message is " . $logMsg); } function getLocalParams($yk_publicname) { - $this->log("notice", "searching for " . $yk_publicname . " (" . $yk_publicname . ") in local db"); + $this->log(LOG_NOTICE, "searching for yk_publicname " . $yk_publicname . " in local db"); $res = $this->db->findBy('yubikeys', 'yk_publicname', $yk_publicname,1); if (!$res) { - $this->log('notice', 'Discovered new identity ' . $yk_publicname); + $this->log(LOG_NOTICE, 'Discovered new identity ' . $yk_publicname); $this->db->save('yubikeys', array('yk_publicname'=>$yk_publicname, 'active'=>1, 'yk_counter'=>0, @@ -163,10 +165,10 @@ class SyncLib 'yk_high'=>$res['yk_high'], 'yk_low'=>$res['yk_low']); - $this->log("notice", "counter found in db ", $localParams); + $this->log(LOG_NOTICE, "counter found in db ", $localParams); return $localParams; } else { - $this->log('notice', 'params for identity ' . $yk_publicname . ' not found in database'); + $this->log(LOG_NOTICE, 'params for identity ' . $yk_publicname . ' not found in database'); return false; } } @@ -207,11 +209,11 @@ class SyncLib 'nonce'=>$params['nonce']), $condition)) { - error_log("ykval-synclib:critical: failed to update internal DB with new counters"); + $this->log(LOG_CRIT, 'failed to update internal DB with new counters'); return false; } else { - if ($this->db->rowCount()>0) $this->log("notice", "updated database ", $params); - else $this->log('notice', 'database not updated', $params); + if ($this->db->rowCount()>0) $this->log(LOG_NOTICE, "updated database ", $params); + else $this->log(LOG_NOTICE, 'database not updated', $params); return true; } } else return false; @@ -241,9 +243,9 @@ class SyncLib preg_match('/url=(.*)\?/', $answer, $out); $server=$out[1]; - debug("deleting server=" . $server); - debug("modified=" . $this->otpParams['modified']); - debug("random_key=" . $this->random_key); + $this->log(LOG_DEBUG, "deleting server=" . $server . + " modified=" . $this->otpParams['modified'] . + " random_key=" . $this->random_key); $this->db->deleteByMultiple('queue', array("modified"=>$this->otpParams['modified'], "random_key"=>$this->random_key, @@ -252,19 +254,19 @@ class SyncLib public function reSync($older_than=60, $timeout) { - $this->log('notice', 'starting resync'); + $this->log(LOG_NOTICE, 'starting resync'); /* Loop over all unique servers in queue */ $queued_limit=time()-$older_than; $res=$this->db->customQuery("select distinct server from queue WHERE queued < " . $queued_limit . " or queued is null"); - error_log("found " . $res->rowCount() . " unique servers"); + $this->log(LOG_NOTICE, "found " . $res->rowCount() . " unique servers"); foreach ($res as $my_server) { - error_log("Sending queue request to server on server " . $my_server['server']); + $this->log(LOG_INFO, "Sending queue request to server on server " . $my_server['server']); $res=$this->db->customQuery("select * from queue WHERE (queued < " . $queued_limit . " or queued is null) and server='" . $my_server['server'] . "'"); - error_log("found " . $res->rowCount() . " queue entries"); + $this->log(LOG_INFO, "found " . $res->rowCount() . " queue entries"); while ($entry=$res->fetch(PDO::FETCH_ASSOC)) { - $this->log('notice', "server=" . $entry['server'] . " , info=" . $entry['info']); + $this->log(LOG_NOTICE, "server=" . $entry['server'] . " , info=" . $entry['info']); $url=$entry['server'] . "?otp=" . $entry['otp'] . "&modified=" . $entry['modified'] . @@ -272,7 +274,7 @@ class SyncLib /* Send out sync request */ - $this->log('notice', 'url is ' . $url); + $this->log(LOG_NOTICE, 'url is ' . $url); $ch = curl_init($url); curl_setopt($ch, CURLOPT_USERAGENT, "YK-VAL"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); @@ -283,13 +285,13 @@ class SyncLib curl_close($ch); if ($response==False) { - $this->log('warning', 'Timeout. Stopping queue resync for server ' . $my_server['server']); + $this->log(LOG_WARNING, 'Timeout. Stopping queue resync for server ' . $my_server['server']); break; } if (preg_match("/status=OK/", $response)) { $resParams=$this->parseParamsFromMultiLineString($response); - $this->log("notice", "response contains ", $resParams); + $this->log(LOG_NOTICE, "response contains ", $resParams); /* Update database counters */ $this->updateDbCounters($resParams); @@ -305,16 +307,16 @@ class SyncLib last counters (indicating that remote server wasn't synced) */ if ($this->countersHigherThan($localParams, $resParams)) { - $this->log("warning", "queued:Remote server out of sync, local counters ", $localParams); - $this->log("warning", "queued:Remote server out of sync, remote counters ", $resParams); + $this->log(LOG_WARNING, "queued:Remote server out of sync, local counters ", $localParams); + $this->log(LOG_WARNING, "queued:Remote server out of sync, remote counters ", $resParams); } /* If received sync response have higher counters than locally saved last counters (indicating that local server wasn't synced) */ if ($this->countersHigherThan($resParams, $localParams)) { - $this->log("warning", "queued:Local server out of sync, local counters ", $localParams); - $this->log("warning", "queued:Local server out of sync, remote counters ", $resParams); + $this->log(LOG_WARNING, "queued:Local server out of sync, local counters ", $localParams); + $this->log(LOG_WARNING, "queued:Local server out of sync, remote counters ", $resParams); } if ($this->countersHigherThan($resParams, $otpParams) || @@ -325,12 +327,12 @@ class SyncLib (indicating REPLAYED_OTP) */ - $this->log("warning", "queued:replayed OTP, remote counters " , $resParams); - $this->log("warning", "queued:replayed OTP, otp counters", $otpParams); + $this->log(LOG_WARNING, "queued:replayed OTP, remote counters " , $resParams); + $this->log(LOG_WARNING, "queued:replayed OTP, otp counters", $otpParams); } /* Deletion */ - $this->log('notice', 'deleting queue entry with id=' . $entry['id']); + $this->log(LOG_NOTICE, 'deleting queue entry with id=' . $entry['id']); $this->db->deleteByMultiple('queue', array('id'=>$entry['id'])); } @@ -360,7 +362,7 @@ class SyncLib $ans_arr=$this->retrieveURLasync($urls, $ans_req, $timeout); if (!is_array($ans_arr)) { - $this->log('warning', 'No responses from validation server pool'); + $this->log(LOG_WARNING, 'No responses from validation server pool'); $ans_arr=array(); } @@ -374,8 +376,8 @@ class SyncLib foreach ($ans_arr as $answer){ /* Parse out parameters from each response */ $resParams=$this->parseParamsFromMultiLineString($answer); - $this->log("notice", "local db contains ", $localParams); - $this->log("notice", "response contains ", $resParams); + $this->log(LOG_NOTICE, "local db contains ", $localParams); + $this->log(LOG_NOTICE, "response contains ", $resParams); /* Update internal DB (conditional) */ @@ -388,16 +390,16 @@ class SyncLib (indicating that remote server wasn't synced) */ if ($this->countersHigherThan($localParams, $resParams)) { - $this->log("warning", "Remote server out of sync, local counters ", $localParams); - $this->log("warning", "Remote server out of sync, remote counters ", $resParams); + $this->log(LOG_WARNING, "Remote server out of sync, local counters ", $localParams); + $this->log(LOG_WARNING, "Remote server out of sync, remote counters ", $resParams); } /* If received sync response have higher counters than local db (indicating that local server wasn't synced) */ if ($this->countersHigherThan($resParams, $localParams)) { - $this->log("warning", "Local server out of sync, local counters ", $localParams); - $this->log("warning", "Local server out of sync, remote counters ", $resParams); + $this->log(LOG_WARNING, "Local server out of sync, local counters ", $localParams); + $this->log(LOG_WARNING, "Local server out of sync, remote counters ", $resParams); } if ($this->countersHigherThan($resParams, $this->otpParams) || @@ -408,8 +410,8 @@ class SyncLib (indicating REPLAYED_OTP) */ - $this->log("warning", "replayed OTP, remote counters " , $resParams); - $this->log("warning", "replayed OTP, otp counters", $this->otpParams); + $this->log(LOG_WARNING, "replayed OTP, remote counters " , $resParams); + $this->log(LOG_WARNING, "replayed OTP, otp counters", $this->otpParams); } else { /* The answer is ok since a REPLAY was not indicated */ @@ -468,7 +470,7 @@ class SyncLib $ch = array(); foreach ($urls as $id => $url) { - error_log("url is " . $url); + $this->log(LOG_INFO, "url in retrieveURLasync is " . $url); $handle = curl_init(); curl_setopt($handle, CURLOPT_URL, $url); @@ -494,14 +496,12 @@ class SyncLib debug ("YK-KSM multi", $info); if ($info['result'] == CURL_OK) { $str = curl_multi_getcontent($info['handle']); - debug($str); if (preg_match("/status=OK/", $str)) { $error = curl_error ($info['handle']); $errno = curl_errno ($info['handle']); $cinfo = curl_getinfo ($info['handle']); debug("YK-KSM errno/error: " . $errno . "/" . $error, $cinfo); $ans_count++; - debug("found entry"); $ans_arr[]="url=" . $cinfo['url'] . "\n" . $str; } diff --git a/ykval-verify.php b/ykval-verify.php index 4d0d912..b2d3a6c 100644 --- a/ykval-verify.php +++ b/ykval-verify.php @@ -7,7 +7,8 @@ $apiKey = ''; header("content-type: text/plain"); -debug("Request: " . $_SERVER['QUERY_STRING']); +$myLog = new Log('ykval-verify'); +$myLog->log(LOG_INFO, "Request: " . $_SERVER['QUERY_STRING']); /* Detect protocol version */ if (preg_match("/\/wsapi\/([0-9]*)\.([0-9]*)\//", $_SERVER['REQUEST_URI'], $out)) { @@ -15,7 +16,7 @@ if (preg_match("/\/wsapi\/([0-9]*)\.([0-9]*)\//", $_SERVER['REQUEST_URI'], $out) } else { $protocol_version=1.0; } -debug("found protocol version " . $protocol_version); +$myLog->log(LOG_INFO, "found protocol version " . $protocol_version); /* Initialize the sync library. Strive to use this instead of custom DB requests, custom comparisons etc */ @@ -41,7 +42,7 @@ if ($protocol_version>=2.0) { /* Nonce is required from protocol 2.0 */ if(!$nonce || strlen($nonce)<16) { - debug('Protocol version >= 2.0. Nonce is missing'); + $myLog->log(LOG_NOTICE, 'Protocol version >= 2.0. Nonce is missing'); sendResp(S_MISSING_PARAMETER, $apiKey); exit; } @@ -50,23 +51,23 @@ if ($protocol_version>=2.0) { if ($protocol_version<2.0) { /* We need to create a nonce manually here */ $nonce = md5(uniqid(rand())); - debug('protocol version below 2.0. Created nonce ' . $nonce); + $myLog->log(LOG_INFO, 'protocol version below 2.0. Created nonce ' . $nonce); } //// Get Client info from DB // if ($client <= 0) { - debug('Client ID is missing'); + $myLog->log(LOG_NOTICE, 'Client ID is missing'); sendResp(S_MISSING_PARAMETER, $apiKey); exit; } $cd=$sync->getClientData($client); if(!$cd) { - debug('Invalid client id ' . $client); + $myLog->log(LOG_NOTICE, 'Invalid client id ' . $client); sendResp(S_NO_SUCH_CLIENT); exit; } -debug("Client data:", $cd); +$myLog->log(LOG_DEBUG,"Client data:", $cd); //// Check client signature // @@ -86,7 +87,7 @@ if ($h != '') { $hmac = sign($a, $apiKey); // Compare it if ($hmac != $h) { - debug('client hmac=' . $h . ', server hmac=' . $hmac); + $myLog->log(LOG_DEBUG, 'client hmac=' . $h . ', server hmac=' . $hmac); sendResp(S_BAD_SIGNATURE, $apiKey); exit; } @@ -95,12 +96,12 @@ if ($h != '') { //// Sanity check OTP // if ($otp == '') { - debug('OTP is missing'); + $myLog->log(LOG_NOTICE, 'OTP is missing'); sendResp(S_MISSING_PARAMETER, $apiKey); exit; } if (strlen($otp) <= TOKEN_LEN) { - debug('Too short OTP: ' . $otp); + $myLog->log(LOG_NOTICE, 'Too short OTP: ' . $otp); sendResp(S_BAD_OTP, $apiKey); exit; } @@ -120,7 +121,7 @@ if (!is_array($otpinfo)) { sendResp(S_BAD_OTP, $apiKey); exit; } -debug("Decrypted OTP:", $otpinfo); +$myLog->log(LOG_DEBUG, "Decrypted OTP:", $otpinfo); //// Get Yubikey from DB // @@ -128,14 +129,14 @@ $devId = substr($otp, 0, strlen ($otp) - TOKEN_LEN); $yk_publicname=$devId; $localParams = $sync->getLocalParams($yk_publicname); if (!$localParams) { - debug('Invalid Yubikey ' . $yk_publicname); + $myLog->log(LOG_NOTICE, 'Invalid Yubikey ' . $yk_publicname); sendResp(S_BACKEND_ERROR, $apiKey); exit; } -debug("Auth data:", $localParams); +$myLog->log(LOG_DEBUG, "Auth data:", $localParams); if ($localParams['active'] != 1) { - debug('De-activated Yubikey ' . $devId); + $myLog->log(LOG_NOTICE, 'De-activated Yubikey ' . $devId); sendResp(S_BAD_OTP, $apiKey); exit; } @@ -155,7 +156,7 @@ $otpParams=array('modified'=>time(), /* First check if OTP is seen with the same nonce, in such case we have an replayed request */ if ($sync->countersEqual($localParams, $otpParams) && $localParams['nonce']==$otpParams['nonce']) { - debug('Replayed request'); + $myLog->log(LOG_WARNING, 'Replayed request'); sendResp(S_REPLAYED_REQUEST, $apikey); exit; } @@ -179,7 +180,7 @@ if(!$sync->updateDbCounters($otpParams)) { /* Queue sync requests */ if (!$sync->queue($otpParams, $localParams)) { - debug("ykval-verify:critical:failed to queue sync requests"); + $myLog->log(LOG_CRIT, "ykval-verify:critical:failed to queue sync requests"); sendResp(S_BACKEND_ERROR, $apiKey); exit; } @@ -203,19 +204,19 @@ if ($req_answers>0) { $nr_valid_answers=0; $sl_success_rate=0; } -debug("ykval-verify:notice:synclevel=" . $sl . - " nr servers=" . $nr_servers . - " req answers=" . $req_answers . - " answers=" . $nr_answers . - " valid answers=" . $nr_valid_answers . - " sl success rate=" . $sl_success_rate . - " timeout=" . $timeout); +$myLog->log(LOG_INFO, "ykval-verify:notice:synclevel=" . $sl . + " nr servers=" . $nr_servers . + " req answers=" . $req_answers . + " answers=" . $nr_answers . + " valid answers=" . $nr_valid_answers . + " sl success rate=" . $sl_success_rate . + " timeout=" . $timeout); if($syncres==False) { /* sync returned false, indicating that either at least 1 answer marked OTP as invalid or there were not enough answers */ - debug("ykval-verify:notice:Sync failed"); + $myLog->log(LOG_WARNING, "ykval-verify:notice:Sync failed"); if ($nr_valid_answers!=$nr_answers) { sendResp(S_REPLAYED_OTP, $apiKey); exit; @@ -259,15 +260,15 @@ if ($sessionCounter == $seenSessionCounter && $sessionUse > $seenSessionUse) { } else { $percent = 1; } - debug("Timestamp seen=" . $seenTs . " this=" . $ts . - " delta=" . $tsDiff . ' secs=' . $tsDelta . - ' accessed=' . $lastTime .' (' . $ad['accessed'] . ') now=' - . $now . ' (' . strftime("%Y-%m-%d %H:%M:%S", $now) - . ') elapsed=' . $elapsed . - ' deviation=' . $deviation . ' secs or '. - round(100*$percent) . '%'); + $myLog->log(LOG_INFO, "Timestamp seen=" . $seenTs . " this=" . $ts . + " delta=" . $tsDiff . ' secs=' . $tsDelta . + ' accessed=' . $lastTime .' (' . $ad['accessed'] . ') now=' + . $now . ' (' . strftime("%Y-%m-%d %H:%M:%S", $now) + . ') elapsed=' . $elapsed . + ' deviation=' . $deviation . ' secs or '. + round(100*$percent) . '%'); if ($deviation > TS_ABS_TOLERANCE && $percent > TS_REL_TOLERANCE) { - debug("OTP failed phishing test"); + $myLog->log(LOG_NOTICE, "OTP failed phishing test"); if (0) { sendResp(S_DELAYED_OTP, $apiKey); exit;