diff options
| author | Thomas Reim <reimth@gmail.com> | 2022-08-22 09:35:19 +0800 |
|---|---|---|
| committer | Ian Kent <raven@themaw.net> | 2022-08-31 08:51:22 +0800 |
| commit | ded87a8280b57f94893e3373d5084e0f5c461777 (patch) | |
| tree | 4a4729963aff24f3069c8d0447c1e74ccb2ca4b0 | |
| parent | 0a7cca6a3488a77ca0bdb2172abff66dfde0cfd4 (diff) | |
| download | autofs-ded87a8280b57f94893e3373d5084e0f5c461777.tar.gz | |
autofs-5.1.8 - internal SASL logging only in debug log mode
Cyrus SASL library is known for useless error notifications of internal
events that can and will be easily handled by the applications. By default
automounter provides a logging callback to the SASL library, which displays
annoying SASL error messages to users for internal library issues that do
not harm SASL authentication operation.
OpenLDAP only provides a logging callback to SASL library for its server
application. Client side applications won't see any internal SASL
notifcations.
Choose a compromise and provide SASL internal logging messages only if user
requests debug logging mode.
Signed-off-by: Thomas Reim <reimth@gmail.com>
Signed-off-by: Ian Kent <raven@themaw.net>
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | include/log.h | 2 | ||||
| -rw-r--r-- | lib/log.c | 10 | ||||
| -rw-r--r-- | modules/cyrus-sasl.c | 16 |
4 files changed, 27 insertions, 2 deletions
@@ -35,6 +35,7 @@ - configure: LDAP function checks ignore implicit declarations. - improve debug logging of LDAP binds. - improve debug logging of SASL binds. +- internal SASL logging only in debug log mode. 19/10/2021 autofs-5.1.8 - add xdr_exports(). diff --git a/include/log.h b/include/log.h index 3ec8f0c1..f0733000 100644 --- a/include/log.h +++ b/include/log.h @@ -37,6 +37,8 @@ extern void set_log_verbose_ap(struct autofs_point *ap); extern void set_log_debug_ap(struct autofs_point *ap); extern void set_mnt_logging(unsigned global_logopt); +extern unsigned int have_log_verbose(void); +extern unsigned int have_log_debug(void); extern int get_log_debug_level(void); extern void open_log(void); @@ -58,6 +58,16 @@ static char *prepare_attempt_prefix(const char *msg) return prefixed_msg; } +unsigned int have_log_verbose(void) +{ + return do_verbose; +} + +unsigned int have_log_debug(void) +{ + return do_debug; +} + int get_log_debug_level(void) { return debug_level; diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c index 6a95ef0c..c41f2174 100644 --- a/modules/cyrus-sasl.c +++ b/modules/cyrus-sasl.c @@ -109,6 +109,13 @@ static int getpass_func(sasl_conn_t *, void *, int, sasl_secret_t **); static int getuser_func(void *, int, const char **, unsigned *); static sasl_callback_t callbacks[] = { + { SASL_CB_USER, &getuser_func, NULL }, + { SASL_CB_AUTHNAME, &getuser_func, NULL }, + { SASL_CB_PASS, &getpass_func, NULL }, + { SASL_CB_LIST_END, NULL, NULL }, +}; + +static sasl_callback_t debug_callbacks[] = { { SASL_CB_LOG, &sasl_log_func, NULL }, { SASL_CB_USER, &getuser_func, NULL }, { SASL_CB_AUTHNAME, &getuser_func, NULL }, @@ -136,7 +143,7 @@ sasl_log_func(void *context, int level, const char *message) case SASL_LOG_DEBUG: case SASL_LOG_TRACE: case SASL_LOG_PASS: - debug(LOGOPT_NONE, "%s", message); + log_debug(LOGOPT_NONE, "libsasl2: %s", message); break; default: break; @@ -1247,6 +1254,7 @@ static void sasl_mutex_dispose(void *mutex __attribute__((unused))) */ int autofs_sasl_client_init(unsigned logopt) { + int result; sasl_set_mutex(sasl_mutex_new, sasl_mutex_lock, @@ -1254,7 +1262,11 @@ int autofs_sasl_client_init(unsigned logopt) sasl_mutex_dispose); /* Start up Cyrus SASL--only needs to be done at library load. */ - if (sasl_client_init(callbacks) != SASL_OK) { + if (have_log_debug()) + result = sasl_client_init(debug_callbacks); + else + result = sasl_client_init(callbacks); + if (result != SASL_OK) { error(logopt, "sasl_client_init failed"); return 0; } |