diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-23 00:58:46 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-23 01:00:07 +0100 |
commit | 3a527c2159cdd23f489970f935edbccc37da1901 (patch) | |
tree | 14a1402570c050a57a34a505b74407dc55dd743f | |
parent | 2d08a72c2f6b2afb04fb5382a5f592075a0004a8 (diff) |
lacme-accountd: Refactor logging logic.
-rw-r--r-- | Changelog | 2 | ||||
-rwxr-xr-x | lacme-accountd | 27 |
2 files changed, 16 insertions, 13 deletions
@@ -1,6 +1,6 @@ lacme (0.8.1) upstream; - + lacme-accountd: improve log messages. + + lacme-accountd: improve log messages and refactor logging logic. + lacme-accountd: refuse to sign JWS with an invalid Protected Header. - lacme: in the [accountd] config, let lacme-accountd(1) do the %-expansion for 'config', not lacme(8) when building the command. diff --git a/lacme-accountd b/lacme-accountd index 47a4c32..a35ac88 100755 --- a/lacme-accountd +++ b/lacme-accountd @@ -64,18 +64,21 @@ sub usage(;$$) { usage(1) unless GetOptions(\%OPTS, qw/config=s privkey=s socket=s stdio quiet|q debug help|h/); usage(0) if $OPTS{help}; -my $LOG; +my ($LOG, $LOGLEVEL); +my ($LOG_INFO, $LOG_VERBOSE, $LOG_DEBUG) = (0,1,2); sub logmsg($@) { - my $lvl = shift // "all"; - if (defined $LOG and ($lvl ne "debug" or $OPTS{debug})) { + my $lvl = shift; + if (defined $LOG and ($lvl <= $LOGLEVEL or $lvl <= $LOG_VERBOSE)) { + # --quiet flag hides verbose-level messages from the standard + # error but we add them to the logfile nonetheless my $now = localtime; $LOG->printflush("[", $now, "] ", @_, "\n") or warn "print: $!"; } - unless (($lvl eq "debug" and !$OPTS{debug}) or ($lvl eq "noquiet" and $OPTS{quiet})) { + if ($lvl <= $LOGLEVEL) { print STDERR @_, "\n" or warn "print: $!"; } } -sub info(@) { logmsg(all => @_); } +sub info(@) { logmsg($LOG_INFO => @_); } sub error(@) { my @msg = ("Error: ", @_); info(@msg); @@ -134,7 +137,7 @@ do { print STDERR "Ignoring missing configuration file at default location $conffile\n" if $OPTS{debug}; } - $OPTS{quiet} = 0 if $OPTS{debug}; + $LOGLEVEL = $OPTS{debug} ? $LOG_DEBUG : $OPTS{quiet} ? $LOG_INFO : $LOG_VERBOSE; error("'privkey' is not specified") unless defined $OPTS{privkey}; }; @@ -214,7 +217,7 @@ unless (defined $OPTS{stdio}) { my $umask = umask(0177) // panic("umask: $!"); - logmsg(noquiet => "Starting lacme Account Key Manager at $sockname"); + logmsg($LOG_VERBOSE => "Starting lacme Account Key Manager at $sockname"); socket(my $sock, PF_UNIX, SOCK_STREAM, 0) or panic("socket: $!"); my $sockaddr = Socket::sockaddr_un($sockname) // panic(); bind($sock, $sockaddr) or panic("bind: $!"); @@ -271,7 +274,7 @@ sub conn($$$) { my $sig = eval { $SIGN->($data) }; panic($@) if $@ or !defined $sig; - logmsg(noquiet => "[$id] SIGNED ", $req); + logmsg($LOG_VERBOSE => "[$id] SIGNED ", $req); $out->printflush( encode_base64url($sig), "\r\n" ) or warn "print: $!"; } } @@ -285,9 +288,9 @@ if (defined $OPTS{stdio}) { next if $! == EINTR; # try again if accept(2) was interrupted by a signal panic("accept: $!"); }; - logmsg(noquiet => "[$count] Accepted new connection"); + logmsg($LOG_VERBOSE => "[$count] Accepted new connection"); conn($conn, $conn, $count); - logmsg(noquiet => "[$count] Connection terminated"); + logmsg($LOG_VERBOSE => "[$count] Connection terminated"); $conn->close() or warn "close: $!"; } } @@ -297,11 +300,11 @@ if (defined $OPTS{stdio}) { # END { if (defined $SOCKNAME and -S $SOCKNAME) { - logmsg(debug => "Unlinking $SOCKNAME"); + logmsg($LOG_DEBUG => "Unlinking $SOCKNAME"); unlink $SOCKNAME or info("Error: unlink($SOCKNAME): $!"); } if (defined $S) { - logmsg(noquiet => "Shutting down and closing lacme Account Key Manager"); + logmsg($LOG_VERBOSE => "Shutting down and closing lacme Account Key Manager"); shutdown($S, SHUT_RDWR) or info("Error: shutdown: $!"); close $S or info("Error: close: $!"); } |