From: Thomas Reim <reimth@xxxxxxxxx>
Cyrus SASL library is known for useless error notifications of internal
events that can and will be easily handled by the applications. By default
automounter provides a logging callback to the SASL library, which displays
annoying SASL error messages to users for internal library issues that do
not harm SASL authentication operation.
OpenLDAP only provides a logging callback to SASL library for its server
application. Client side applications won't see any internal SASL
notifcations.
Choose a compromise and provide SASL internal logging messages only if user
requests debug logging mode.
Signed-off-by: Thomas Reim <reimth@xxxxxxxxx>
---
include/log.h | 2 ++
lib/log.c | 10 ++++++++++
modules/cyrus-sasl.c | 16 ++++++++++++++--
3 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/include/log.h b/include/log.h
index 3ec8f0c..f073300 100644
--- a/include/log.h
+++ b/include/log.h
@@ -37,6 +37,8 @@ extern void set_log_verbose_ap(struct autofs_point *ap);
extern void set_log_debug_ap(struct autofs_point *ap);
extern void set_mnt_logging(unsigned global_logopt);
+extern unsigned int have_log_verbose(void);
+extern unsigned int have_log_debug(void);
extern int get_log_debug_level(void);
extern void open_log(void);
diff --git a/lib/log.c b/lib/log.c
index 9567460..1c5b3da 100644
--- a/lib/log.c
+++ b/lib/log.c
@@ -58,6 +58,16 @@ static char *prepare_attempt_prefix(const char *msg)
return prefixed_msg;
}
+unsigned int have_log_verbose(void)
+{
+ return do_verbose;
+}
+
+unsigned int have_log_debug(void)
+{
+ return do_debug;
+}
+
int get_log_debug_level(void)
{
return debug_level;
diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c
index 4806734..358813a 100644
--- a/modules/cyrus-sasl.c
+++ b/modules/cyrus-sasl.c
@@ -109,6 +109,13 @@ static int getpass_func(sasl_conn_t *, void *, int, sasl_secret_t **);
static int getuser_func(void *, int, const char **, unsigned *);
static sasl_callback_t callbacks[] = {
+ { SASL_CB_USER, &getuser_func, NULL },
+ { SASL_CB_AUTHNAME, &getuser_func, NULL },
+ { SASL_CB_PASS, &getpass_func, NULL },
+ { SASL_CB_LIST_END, NULL, NULL },
+};
+
+static sasl_callback_t debug_callbacks[] = {
{ SASL_CB_LOG, &sasl_log_func, NULL },
{ SASL_CB_USER, &getuser_func, NULL },
{ SASL_CB_AUTHNAME, &getuser_func, NULL },
@@ -136,7 +143,7 @@ sasl_log_func(void *context, int level, const char *message)
case SASL_LOG_DEBUG:
case SASL_LOG_TRACE:
case SASL_LOG_PASS:
- debug(LOGOPT_NONE, "%s", message);
+ log_debug(LOGOPT_NONE, "libsasl2: %s", message);
break;
default:
break;
@@ -1090,6 +1097,7 @@ static void sasl_mutex_dispose(void *mutex __attribute__((unused)))
*/
int autofs_sasl_client_init(unsigned logopt)
{
+ int result;
sasl_set_mutex(sasl_mutex_new,
sasl_mutex_lock,
@@ -1097,7 +1105,11 @@ int autofs_sasl_client_init(unsigned logopt)
sasl_mutex_dispose);
/* Start up Cyrus SASL--only needs to be done at library load. */
- if (sasl_client_init(callbacks) != SASL_OK) {
+ if (have_log_debug())
+ result = sasl_client_init(debug_callbacks);
+ else
+ result = sasl_client_init(callbacks);
+ if (result != SASL_OK) {
error(logopt, "sasl_client_init failed");
return 0;
}
--
2.37.1
