diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-21 19:54:25 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-21 19:58:56 +0100 |
commit | 1bdaeae835b5c9914f9c2107efda150d643cda12 (patch) | |
tree | 77954c523f80735f4aa253975622d1ff62b4e170 | |
parent | ba6addf54cef0b1536dc87c42a41b4dc207ac884 (diff) |
accountd: Improve log message for incoming requests.
-rwxr-xr-x | lacme-accountd | 14 | ||||
-rw-r--r-- | tests/accountd | 2 | ||||
-rw-r--r-- | tests/accountd-remote | 2 |
3 files changed, 9 insertions, 9 deletions
diff --git a/lacme-accountd b/lacme-accountd index d4521f9..d8c96b0 100755 --- a/lacme-accountd +++ b/lacme-accountd @@ -233,20 +233,20 @@ sub conn($$$) { while (defined (my $data = $in->getline())) { $data =~ s/\r\n\z// or panic(); - my ($protected, $payload) = split(/\./, $data, 2); - unless (defined $protected and $protected =~ /\A[A-Za-z0-9\-_]+\z/) { - info("[$id] >>> Error: Malformed protected data, refusing to sign!"); + my ($header, $payload) = split(/\./, $data, 2); + unless (defined $header and $header =~ /\A[A-Za-z0-9\-_]+\z/) { + info("[$id] >>> Error: Refusing to sign request: Malformed protected header"); last; } unless (defined $payload and $payload =~ /\A[A-Za-z0-9\-_]*\z/) { # POST-as-GET yields an empty payload - info("[$id] >>> Error: Malformed payload data, refusing to sign!"); + info("[$id] >>> Error: Refusing to sign request: Malformed payload"); last; } - logmsg(noquiet => "[$id] >>> Incoming signature request for ", - "base64url(", decode_base64url($protected), ") . ", - "base64url(", decode_base64url($payload), ")"); + logmsg(noquiet => "[$id] >>> OK signing request: ", + "header=base64url(", decode_base64url($header), "); ", + "playload=base64url(", decode_base64url($payload), ")"); my $sig = $SIGN->($data); $out->printflush( encode_base64url($sig), "\r\n" ) or warn "print: $!"; diff --git a/tests/accountd b/tests/accountd index c82a05d..9acb33f 100644 --- a/tests/accountd +++ b/tests/accountd @@ -81,6 +81,6 @@ grep -Fq "Starting lacme Account Key Manager at /home/lacme-account/S.lacme" ~la grep -Fq "[0] >>> Accepted new connection" ~lacme-account/.local/share/lacme/accountd.log grep -Fq "[1] >>> Accepted new connection" ~lacme-account/.local/share/lacme/accountd.log grep -Fq "Shutting down and closing lacme Account Key Manager" ~lacme-account/.local/share/lacme/accountd.log -grep -F ">>> Incoming signature request for " ~lacme-account/.local/share/lacme/accountd.log +grep -F ">>> OK signing request:" ~lacme-account/.local/share/lacme/accountd.log # vim: set filetype=sh : diff --git a/tests/accountd-remote b/tests/accountd-remote index 05850c2..9e7f812 100644 --- a/tests/accountd-remote +++ b/tests/accountd-remote @@ -50,6 +50,6 @@ lacme newOrder test /etc/lacme/simpletest.rsa.crt -nt /etc/lacme/simpletest.rsa.key # ensure signature requests are logged -grep -F ">>> Incoming signature request for " ~lacme-account/.local/share/lacme/accountd.log +grep -F ">>> OK signing request:" ~lacme-account/.local/share/lacme/accountd.log # vim: set filetype=sh : |