aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xlacme-accountd14
-rw-r--r--tests/accountd2
-rw-r--r--tests/accountd-remote2
3 files changed, 9 insertions, 9 deletions
diff --git a/lacme-accountd b/lacme-accountd
index d4521f9..d8c96b0 100755
--- a/lacme-accountd
+++ b/lacme-accountd
@@ -233,20 +233,20 @@ sub conn($$$) {
while (defined (my $data = $in->getline())) {
$data =~ s/\r\n\z// or panic();
- my ($protected, $payload) = split(/\./, $data, 2);
- unless (defined $protected and $protected =~ /\A[A-Za-z0-9\-_]+\z/) {
- info("[$id] >>> Error: Malformed protected data, refusing to sign!");
+ my ($header, $payload) = split(/\./, $data, 2);
+ unless (defined $header and $header =~ /\A[A-Za-z0-9\-_]+\z/) {
+ info("[$id] >>> Error: Refusing to sign request: Malformed protected header");
last;
}
unless (defined $payload and $payload =~ /\A[A-Za-z0-9\-_]*\z/) {
# POST-as-GET yields an empty payload
- info("[$id] >>> Error: Malformed payload data, refusing to sign!");
+ info("[$id] >>> Error: Refusing to sign request: Malformed payload");
last;
}
- logmsg(noquiet => "[$id] >>> Incoming signature request for ",
- "base64url(", decode_base64url($protected), ") . ",
- "base64url(", decode_base64url($payload), ")");
+ logmsg(noquiet => "[$id] >>> OK signing request: ",
+ "header=base64url(", decode_base64url($header), "); ",
+ "playload=base64url(", decode_base64url($payload), ")");
my $sig = $SIGN->($data);
$out->printflush( encode_base64url($sig), "\r\n" ) or warn "print: $!";
diff --git a/tests/accountd b/tests/accountd
index c82a05d..9acb33f 100644
--- a/tests/accountd
+++ b/tests/accountd
@@ -81,6 +81,6 @@ grep -Fq "Starting lacme Account Key Manager at /home/lacme-account/S.lacme" ~la
grep -Fq "[0] >>> Accepted new connection" ~lacme-account/.local/share/lacme/accountd.log
grep -Fq "[1] >>> Accepted new connection" ~lacme-account/.local/share/lacme/accountd.log
grep -Fq "Shutting down and closing lacme Account Key Manager" ~lacme-account/.local/share/lacme/accountd.log
-grep -F ">>> Incoming signature request for " ~lacme-account/.local/share/lacme/accountd.log
+grep -F ">>> OK signing request:" ~lacme-account/.local/share/lacme/accountd.log
# vim: set filetype=sh :
diff --git a/tests/accountd-remote b/tests/accountd-remote
index 05850c2..9e7f812 100644
--- a/tests/accountd-remote
+++ b/tests/accountd-remote
@@ -50,6 +50,6 @@ lacme newOrder
test /etc/lacme/simpletest.rsa.crt -nt /etc/lacme/simpletest.rsa.key
# ensure signature requests are logged
-grep -F ">>> Incoming signature request for " ~lacme-account/.local/share/lacme/accountd.log
+grep -F ">>> OK signing request:" ~lacme-account/.local/share/lacme/accountd.log
# vim: set filetype=sh :