rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-02-27 06:54:16 +01:00
Code Issues Projects Releases Wiki Activity

Corrected a few log entries

Browse Source
This commit is contained in:
Olov Danielson 2010-01-13 12:32:38 +00:00
parent 0e41f1cb53
commit bfee638917
2 changed files with 33 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ykval-sync.php
View File

@ -95,10 +95,12 @@ if ($localParams['active'] != 1) {
/* Conditional update local database */ /* Conditional update local database */
$sync->updateDbCounters($syncParams); $sync->updateDbCounters($syncParams);
$myLog->log(LOG_DEBUG, 'Local params ' , $localParams);
$myLog->log(LOG_DEBUG, 'Sync request params ' , $syncParams);
if ($sync->countersHigherThan($localParams, $syncParams)) { if ($sync->countersHigherThan($localParams, $syncParams)) {
/* sync counters are lower than local counters */ /* sync counters are lower than local counters */
$myLog->log(LOG_WARNING, 'Remote server out of sync. Local params ' , $localParams); $myLog->log(LOG_WARNING, 'Remote server out of sync.');
$myLog->log(LOG_WARNING, 'Remote server out of sync. Sync params ' , $syncParams);
} }
if ($sync->countersEqual($localParams, $syncParams)) { if ($sync->countersEqual($localParams, $syncParams)) {
@ -106,16 +108,14 @@ if ($sync->countersEqual($localParams, $syncParams)) {
if ($syncParams['modified']==$localParams['modified']) { if ($syncParams['modified']==$localParams['modified']) {
/* sync modified is equal to local modified. /* sync modified is equal to local modified.
Sync request is unnessecarily sent, we log a "light" warning */ Sync request is unnessecarily sent, we log a "light" warning */
$myLog->log(LOG_WARNING, 'Sync request unnessecarily sent'); $myLog->log(LOG_NOTICE, 'Sync request unnessecarily sent');
} else { } else {
/* sync modified is not equal to local modified. /* sync modified is not equal to local modified.
We have an OTP replay attempt somewhere in the system */ We have an OTP replay attempt somewhere in the system */
$myLog->log(LOG_WARNING, 'Replayed OTP attempt. Modified differs. Local ', $localParams); $myLog->log(LOG_WARNING, 'We might have a replay. 2 events at different times have generated the same counters');
$myLog->log(LOG_WARNING, 'Replayed OTP attempt. Modified differs. Sync ', $syncParams);
} }
if ($syncParams['nonce']!=$localParams['nonce']) { if ($syncParams['nonce']!=$localParams['nonce']) {
$myLog->log(LOG_WARNING, 'Replayed OTP attempt. Nonce differs. Local ', $localParams); $myLog->log(LOG_WARNING, 'Remote server has received a request to validate an already validated OTP');
$myLog->log(LOG_WARNING, 'Replayed OTP attempt. Nonce differs. Sync ', $syncParams);
} }
} }

55
ykval-synclib.php
View File

@ -247,12 +247,12 @@ class SyncLib
$queued_limit=time()-$older_than; $queued_limit=time()-$older_than;
$res=$this->db->customQuery("select distinct server from queue WHERE queued < " . $queued_limit . " or queued is null"); $res=$this->db->customQuery("select distinct server from queue WHERE queued < " . $queued_limit . " or queued is null");
$this->log(LOG_NOTICE, "found " . $res->rowCount() . " unique servers"); $this->log(LOG_NOTICE, "found " . $res->rowCount() . " unique servers");
foreach ($res as $my_server) { foreach ($res as $my_server) {
$this->log(LOG_INFO, "Sending queue request to server on server " . $my_server['server']); $this->log(LOG_INFO, "Sending queue request to server on server " . $my_server['server']);
$res=$this->db->customQuery("select * from queue WHERE (queued < " . $queued_limit . " or queued is null) and server='" . $my_server['server'] . "'"); $res=$this->db->customQuery("select * from queue WHERE (queued < " . $queued_limit . " or queued is null) and server='" . $my_server['server'] . "'");
$this->log(LOG_INFO, "found " . $res->rowCount() . " queue entries"); $this->log(LOG_INFO, "found " . $res->rowCount() . " queue entries");
while ($entry=$res->fetch(PDO::FETCH_ASSOC)) { while ($entry=$res->fetch(PDO::FETCH_ASSOC)) {
$this->log(LOG_NOTICE, "server=" . $entry['server'] . " , info=" . $entry['info']); $this->log(LOG_NOTICE, "server=" . $entry['server'] . " , info=" . $entry['info']);
$url=$entry['server'] . $url=$entry['server'] .
@ -260,7 +260,7 @@ class SyncLib
"&modified=" . $entry['modified'] . "&modified=" . $entry['modified'] .
"&" . $this->otpPartFromInfoString($entry['info']); "&" . $this->otpPartFromInfoString($entry['info']);
/* Send out sync request */ /* Send out sync request */
$this->log(LOG_NOTICE, 'url is ' . $url); $this->log(LOG_NOTICE, 'url is ' . $url);
$ch = curl_init($url); $ch = curl_init($url);
@ -271,34 +271,34 @@ class SyncLib
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
$response = curl_exec($ch); $response = curl_exec($ch);
curl_close($ch); curl_close($ch);
if ($response==False) { if ($response==False) {
$this->log(LOG_WARNING, 'Timeout. Stopping queue resync for server ' . $my_server['server']); $this->log(LOG_WARNING, 'Timeout. Stopping queue resync for server ' . $my_server['server']);
break; break;
} }
if (preg_match("/status=OK/", $response)) { if (preg_match("/status=OK/", $response)) {
$resParams=$this->parseParamsFromMultiLineString($response); $resParams=$this->parseParamsFromMultiLineString($response);
$this->log(LOG_NOTICE, "response contains ", $resParams); $this->log(LOG_DEBUG, "response contains ", $resParams);
/* Update database counters */ /* Update database counters */
$this->updateDbCounters($resParams); $this->updateDbCounters($resParams);
/* Retrieve info from entry info string */ /* Retrieve info from entry info string */
$localParams=$this->localParamsFromInfoString($entry['info']); $localParams=$this->localParamsFromInfoString($entry['info']);
$otpParams=$this->otpParamsFromInfoString($entry['info']); $otpParams=$this->otpParamsFromInfoString($entry['info']);
/* Check for warnings /* Check for warnings
If received sync response have lower counters than locally saved If received sync response have lower counters than locally saved
last counters (indicating that remote server wasn't synced) last counters (indicating that remote server wasn't synced)
*/ */
if ($this->countersHigherThan($localParams, $resParams)) { if ($this->countersHigherThan($localParams, $resParams)) {
$this->log(LOG_WARNING, "queued:Remote server out of sync, local counters ", $localParams); $this->log(LOG_WARNING, "queued:Remote server out of sync, local counters ", $localParams);
$this->log(LOG_WARNING, "queued:Remote server out of sync, remote counters ", $resParams); $this->log(LOG_WARNING, "queued:Remote server out of sync, remote counters ", $resParams);
} }
/* If received sync response have higher counters than locally saved /* If received sync response have higher counters than locally saved
last counters (indicating that local server wasn't synced) last counters (indicating that local server wasn't synced)
*/ */
@ -306,7 +306,7 @@ class SyncLib
$this->log(LOG_WARNING, "queued:Local server out of sync, local counters ", $localParams); $this->log(LOG_WARNING, "queued:Local server out of sync, local counters ", $localParams);
$this->log(LOG_WARNING, "queued:Local server out of sync, remote counters ", $resParams); $this->log(LOG_WARNING, "queued:Local server out of sync, remote counters ", $resParams);
} }
if ($this->countersHigherThan($resParams, $otpParams) || if ($this->countersHigherThan($resParams, $otpParams) ||
($this->countersEqual($resParams, $otpParams) && ($this->countersEqual($resParams, $otpParams) &&
$resParams['nonce']!=$otpParams['nonce'])) { $resParams['nonce']!=$otpParams['nonce'])) {
@ -315,8 +315,7 @@ class SyncLib
(indicating REPLAYED_OTP) (indicating REPLAYED_OTP)
*/ */
$this->log(LOG_WARNING, "queued:replayed OTP, remote counters " , $resParams); $this->log(LOG_WARNING, "queued:Remote server has higher or equal counters than OTP. This response would have marked the OTP as invalid. ");
$this->log(LOG_WARNING, "queued:replayed OTP, otp counters", $otpParams);
} }
/* Deletion */ /* Deletion */
@ -348,30 +347,31 @@ class SyncLib
"&modified=" . $row['modified'] . "&modified=" . $row['modified'] .
"&" . $this->otpPartFromInfoString($row['info']); "&" . $this->otpPartFromInfoString($row['info']);
} }
/* /*
Send out requests Send out requests
*/ */
$ans_arr=$this->retrieveURLasync($urls, $ans_req, $timeout); $ans_arr=$this->retrieveURLasync($urls, $ans_req, $timeout);
if (!is_array($ans_arr)) { if (!is_array($ans_arr)) {
$this->log(LOG_WARNING, 'No responses from validation server pool'); $this->log(LOG_WARNING, 'No responses from validation server pool');
$ans_arr=array(); $ans_arr=array();
} }
/* /*
Parse responses Parse responses
*/ */
$localParams = $this->localParams; $localParams = $this->localParams;
$this->answers = count($ans_arr); $this->answers = count($ans_arr);
$this->valid_answers = 0; $this->valid_answers = 0;
foreach ($ans_arr as $answer){ foreach ($ans_arr as $answer){
/* Parse out parameters from each response */ /* Parse out parameters from each response */
$resParams=$this->parseParamsFromMultiLineString($answer); $resParams=$this->parseParamsFromMultiLineString($answer);
$this->log(LOG_NOTICE, "local db contains ", $localParams); $this->log(LOG_DEBUG, "local db contains ", $localParams);
$this->log(LOG_NOTICE, "response contains ", $resParams); $this->log(LOG_DEBUG, "response contains ", $resParams);
$this->log(LOG_DEBUG, "OTP contains " , $this->otpParams);
/* Update internal DB (conditional) */ /* Update internal DB (conditional) */
$this->updateDbCounters($resParams); $this->updateDbCounters($resParams);
@ -383,16 +383,14 @@ class SyncLib
(indicating that remote server wasn't synced) (indicating that remote server wasn't synced)
*/ */
if ($this->countersHigherThan($localParams, $resParams)) { if ($this->countersHigherThan($localParams, $resParams)) {
$this->log(LOG_WARNING, "Remote server out of sync, local counters ", $localParams); $this->log(LOG_WARNING, "Remote server out of sync");
$this->log(LOG_WARNING, "Remote server out of sync, remote counters ", $resParams);
} }
/* If received sync response have higher counters than local db /* If received sync response have higher counters than local db
(indicating that local server wasn't synced) (indicating that local server wasn't synced)
*/ */
if ($this->countersHigherThan($resParams, $localParams)) { if ($this->countersHigherThan($resParams, $localParams)) {
$this->log(LOG_WARNING, "Local server out of sync, local counters ", $localParams); $this->log(LOG_WARNING, "Local server out of sync");
$this->log(LOG_WARNING, "Local server out of sync, remote counters ", $resParams);
} }
if ($this->countersHigherThan($resParams, $this->otpParams) || if ($this->countersHigherThan($resParams, $this->otpParams) ||
@ -403,21 +401,20 @@ class SyncLib
(indicating REPLAYED_OTP) (indicating REPLAYED_OTP)
*/ */
$this->log(LOG_WARNING, "replayed OTP, remote counters " , $resParams); $this->log(LOG_WARNING, "Replayed OTP");
$this->log(LOG_WARNING, "replayed OTP, otp counters", $this->otpParams);
} else { } else {
/* The answer is ok since a REPLAY was not indicated */ /* The answer is ok since a REPLAY was not indicated */
$this->valid_answers++; $this->valid_answers++;
} }
/* Delete entry from table */ /* Delete entry from table */
$this->deleteQueueEntry($answer); $this->deleteQueueEntry($answer);
} }