[PATCH v2 3/4] autofs-5.1.8 - internal SASL logging only in debug log mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Thomas Reim <reimth@xxxxxxxxx>

Cyrus SASL library is known for useless error notifications of internal
events that can and will be easily handled by the applications. By default
automounter provides a logging callback to the SASL library, which displays
annoying SASL error messages to users for internal library issues that do
not harm SASL authentication operation.

OpenLDAP only provides a logging callback to SASL library for its server
application. Client side applications won't see any internal SASL
notifcations.

Choose a compromise and provide SASL internal logging messages only if user
requests debug logging mode.

Signed-off-by: Thomas Reim <reimth@xxxxxxxxx>
---
 include/log.h        |  2 ++
 lib/log.c            | 10 ++++++++++
 modules/cyrus-sasl.c | 16 ++++++++++++++--
 3 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/include/log.h b/include/log.h
index 3ec8f0c..f073300 100644
--- a/include/log.h
+++ b/include/log.h
@@ -37,6 +37,8 @@ extern void set_log_verbose_ap(struct autofs_point *ap);
 extern void set_log_debug_ap(struct autofs_point *ap);
 extern void set_mnt_logging(unsigned global_logopt);
 
+extern unsigned int have_log_verbose(void);
+extern unsigned int have_log_debug(void);
 extern int get_log_debug_level(void);
 
 extern void open_log(void);
diff --git a/lib/log.c b/lib/log.c
index 9567460..1c5b3da 100644
--- a/lib/log.c
+++ b/lib/log.c
@@ -58,6 +58,16 @@ static char *prepare_attempt_prefix(const char *msg)
 	return prefixed_msg;
 }
 
+unsigned int have_log_verbose(void)
+{
+	return do_verbose;
+}
+
+unsigned int have_log_debug(void)
+{
+	return do_debug;
+}
+
 int get_log_debug_level(void)
 {
 	return debug_level;
diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c
index 4806734..358813a 100644
--- a/modules/cyrus-sasl.c
+++ b/modules/cyrus-sasl.c
@@ -109,6 +109,13 @@ static int getpass_func(sasl_conn_t *, void *, int, sasl_secret_t **);
 static int getuser_func(void *, int, const char **, unsigned *);
 
 static sasl_callback_t callbacks[] = {
+	{ SASL_CB_USER, &getuser_func, NULL },
+	{ SASL_CB_AUTHNAME, &getuser_func, NULL },
+	{ SASL_CB_PASS, &getpass_func, NULL },
+	{ SASL_CB_LIST_END, NULL, NULL },
+};
+
+static sasl_callback_t debug_callbacks[] = {
 	{ SASL_CB_LOG, &sasl_log_func, NULL },
 	{ SASL_CB_USER, &getuser_func, NULL },
 	{ SASL_CB_AUTHNAME, &getuser_func, NULL },
@@ -136,7 +143,7 @@ sasl_log_func(void *context, int level, const char *message)
 	case SASL_LOG_DEBUG:
 	case SASL_LOG_TRACE:
 	case SASL_LOG_PASS:
-		debug(LOGOPT_NONE, "%s", message);
+		log_debug(LOGOPT_NONE, "libsasl2: %s", message);
 		break;
 	default:
 		break;
@@ -1090,6 +1097,7 @@ static void sasl_mutex_dispose(void *mutex __attribute__((unused)))
  */
 int autofs_sasl_client_init(unsigned logopt)
 {
+	int result;
 
 	sasl_set_mutex(sasl_mutex_new,
 		       sasl_mutex_lock,
@@ -1097,7 +1105,11 @@ int autofs_sasl_client_init(unsigned logopt)
 		       sasl_mutex_dispose);
 
 	/* Start up Cyrus SASL--only needs to be done at library load. */
-	if (sasl_client_init(callbacks) != SASL_OK) {
+	if (have_log_debug())
+		result = sasl_client_init(debug_callbacks);
+	else
+		result = sasl_client_init(callbacks);
+	if (result != SASL_OK) {
 		error(logopt, "sasl_client_init failed");
 		return 0;
 	}
-- 
2.37.1




[Index of Archives]     [Linux Filesystem Development]     [Linux Ext4]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux