Move many sidentd debugging messages from -d plus -l to -v so that verbose

really does what it's documented to do.  Remove a few debugging messages
that aren't actually useful.  Standardize on lowercase for the first letter
of a log message and improve the formatting of a few messages.

diff --git a/NEWS b/NEWS
index 568cf7a168c6797d62fd8f6700430dc16329650b..d48a2e52cfceb6cfc63beaada0207f5891cfdbc6 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,11 @@
                        User-Visible S/Ident Changes
 
+S/Ident 3.5 (unreleased)
+
+    Move many sidentd debugging messages from -d plus -l to -v so that
+    verbose really does what it's documented to do.  Remove a few
+    debugging messages that aren't actually useful.
+
 S/Ident 3.4 (2005-04-14)
 
     No code changes.  Removed documentation that isn't DFSG-free from the

diff --git a/responder/gssapi.c b/responder/gssapi.c
index 08a0a860f541b000b539a7b5fefe80d29547c52e..8f25939699177303cb5a2f0ac8aa761ed91f0d09 100644 (file)
--- a/responder/gssapi.c
+++ b/responder/gssapi.c
@@ -169,7 +169,7 @@ gssapi_ticket_find(struct ident_auth_data *auth_data)
                 return IDENT_SYSTEM_ERROR;
             closedir(tickets);
             if (syslog_flag)
-                syslog(LOG_INFO, "Ticket file %s for %d", filename,
+                syslog(LOG_INFO, "ticket file %s for %d", filename,
                        auth_data->uid);
             return IDENT_AUTH_OKAY;
         } else if (verbose_flag) {

diff --git a/responder/ident_auth.c b/responder/ident_auth.c
index e3e859cb769ec6adc8bed17dde93643c9231de20..e8aa9f5ae53550df2a92c49ab780e7c50731b038 100644 (file)
--- a/responder/ident_auth.c
+++ b/responder/ident_auth.c
@@ -315,14 +315,14 @@ krb_is_ticket(char *tf_name, struct ident_auth_data *auth_data)
 
     /* Can we even stat the file? */
     if (lstat(tf_name, &stat_buf) < 0) {
-        if (debug_flag && syslog_flag)
+        if (verbose_flag)
             syslog(LOG_DEBUG, "lstat error %d on %s", errno, tf_name);
         return (errno == ENOENT) ? NO_TKT_FIL : TKT_FIL_ACC;
     }
 
     /* Check ownership */
     if (stat_buf.st_uid != auth_data->uid ) {
-        if (debug_flag && syslog_flag)
+        if (verbose_flag)
             syslog(LOG_DEBUG, "UID mismatch %d : %d on %s", stat_buf.st_uid,
                    auth_data->uid, tf_name);
         return TKT_FIL_ACC;
@@ -330,7 +330,7 @@ krb_is_ticket(char *tf_name, struct ident_auth_data *auth_data)
 
     /* Check file perms for 600. */
     if ((stat_buf.st_mode & S_IRUSR) != S_IRUSR) {
-        if (debug_flag && syslog_flag)
+        if (verbose_flag)
             syslog(LOG_DEBUG, "User can't read %s", tf_name);
         return TKT_FIL_ACC;
     }
@@ -338,8 +338,8 @@ krb_is_ticket(char *tf_name, struct ident_auth_data *auth_data)
         || ((stat_buf.st_mode & S_IWGRP) == S_IWGRP)
         || ((stat_buf.st_mode & S_IROTH) == S_IROTH)
         || ((stat_buf.st_mode & S_IWOTH) == S_IWOTH)) {
-        if (syslog_flag)
-            syslog(LOG_ALERT, "Incorrect file permissions on %s : %o",
+        if (verbose_flag)
+            syslog(LOG_DEBUG, "Incorrect file permissions on %s : %o",
                    tf_name, stat_buf.st_mode);
         return TKT_FIL_ACC ;
     }
@@ -351,7 +351,7 @@ krb_is_ticket(char *tf_name, struct ident_auth_data *auth_data)
     code =  tf_init(tf_name, R_TKT_FIL);
     if (code != KSUCCESS) {
         tf_close();
-        if (debug_flag && syslog_flag)
+        if (verbose_flag)
             syslog(LOG_DEBUG, "tf_init failed %s", tf_name);
         return code;
     }
@@ -375,7 +375,7 @@ krb_is_ticket(char *tf_name, struct ident_auth_data *auth_data)
     }
     tf_close();
     if (syslog_flag)
-        syslog(LOG_INFO, "Ticket file %s : %s.%s for %d", tf_name, pname,
+        syslog(LOG_INFO, "ticket file %s: %s.%s for %d", tf_name, pname,
                pinst, auth_data->uid);
 
     return KSUCCESS;
@@ -415,7 +415,7 @@ krb_find_ticket(char *tktstring, struct ident_auth_data *auth_data)
             closedir(temp_dir);
             return IDENT_AUTH_OKAY;
         }
-        if (syslog_flag && debug_flag)
+        if (verbose_flag)
             syslog(LOG_DEBUG, "Rejected %s : %d", dp->d_name, rcode);
     }
     closedir(temp_dir);
@@ -469,7 +469,7 @@ krb_responder_start(struct ident_auth_data *auth_data)
             *p = tolower((int) *p);
     strncpy(realm, krb_realmofhost(host), REALM_SZ - 1);
     free(host);
-    if (syslog_flag && debug_flag)
+    if (verbose_flag)
         syslog(LOG_DEBUG, "Fetching ticket :%s.%s@%s:",
                IDENT_AUTH_KRB_SERVICE, instance, realm);
 
@@ -584,7 +584,7 @@ krb_responder_auth(struct ident_auth_data *auth_data)
             resp_len = 4 * (munch) + i + k - j;
 
             /* Log what we're doing for debugging purposes. */
-            if (syslog_flag && debug_flag) {
+            if (verbose_flag) {
                 syslog(LOG_DEBUG, "Data: %4.4x:%4.4x:%4.4x:%4.4x:%s",
                        htons(mutual_auth_flag),
                        htons(auth_data->remote_port),
@@ -640,7 +640,7 @@ krb_responder_auth(struct ident_auth_data *auth_data)
                 || (auth_reply.remote_port != auth_data->remote_port)
                 || (strncmp(auth_reply.auth_struct->auth_method,
                             "KERBEROS_V4", strlen("KERBEROS_V4")) != 0)) {
-                if (debug_flag && syslog_flag)
+                if (verbose_flag)
                     syslog(LOG_DEBUG, "Auth reply does not match auth_data"
                            " %d,%d : %d,%d", auth_reply.local_port,
                            auth_reply.remote_port, auth_data->local_port,
@@ -664,12 +664,12 @@ krb_responder_auth(struct ident_auth_data *auth_data)
             challenge = ntohl(challenge);
             if (challenge != kstate->challenge + 1) {
                 kstate->authstepno = -1;
-                if (debug_flag && syslog_flag)
+                if (verbose_flag)
                     syslog(LOG_DEBUG, "Challenge failed: %d:%d",
                            kstate->challenge, challenge);
                 return IDENT_MUTUAL_AUTH_FAIL;
             }
-            if (debug_flag && syslog_flag)
+            if (verbose_flag)
                 syslog(LOG_DEBUG, "Challenge succeeded: %d:%d",
                        kstate->challenge, challenge);
             return IDENT_AUTH_OKAY;

diff --git a/responder/identd.c b/responder/identd.c
index b93abcdad879ce3d31078749da4d433c1cbe0728..c9a38a7984b3d321bbd9d03cc3ee5f4605dc0718 100644 (file)
--- a/responder/identd.c
+++ b/responder/identd.c
@@ -138,7 +138,7 @@ main(int argc, char *argv[])
     faddr = sin.sin_addr;
 
     /* If we're logging, open the connection to the syslog daemon. */
-    if (syslog_flag)
+    if (syslog_flag || verbose_flag)
         openlog("sidentd", LOG_PID, LOG_DAEMON);
 
     /* Get the local Internet address.  If this fails, exit, since we have to

diff --git a/responder/parse.c b/responder/parse.c
index c28b391c267af2707e7361e44680f5d678f6e640..e94a496c23b3a6610bc14f84c706f855f153d9d6 100644 (file)
--- a/responder/parse.c
+++ b/responder/parse.c
@@ -114,6 +114,7 @@ sfgets(char *buf, int siz, FILE *fp, time_t timeout,
 
     /* Try to read. */
     p = NULL;
+    buf[0] = '\0';
     while (!feof(fp) && !ferror(fp)) {
         errno = 0;
         p = fgets(buf, siz, fp);
@@ -224,24 +225,24 @@ do_error(int e_code, struct ident_auth_data *auth_data)
         sprintf(tmp, " ERROR : %s ", ident_err_txt[show_code]);
         do_out(tmp, auth_data);
         if (syslog_flag)
-            syslog(LOG_INFO, "Error: %s", ident_err_txt[e_code]);
+            syslog(LOG_INFO, "error: %s", ident_err_txt[e_code]);
     } else {
         switch (e_code) {
         case IDENT_NO_MUTUAL_AUTH:
             if (syslog_flag)
-                syslog(LOG_INFO, "No mutual auth data");
+                syslog(LOG_INFO, "no mutual auth data");
             break;
         case IDENT_MUTUAL_AUTH_FAIL:
             if (syslog_flag)
-                syslog(LOG_INFO, "Mutual auth failed");
+                syslog(LOG_INFO, "mutual auth failed");
             break;
         case IDENT_SYSTEM_ERROR:
             if (syslog_flag)
-                syslog(LOG_INFO, "System error: %m");
+                syslog(LOG_INFO, "system error: %m");
             break;
         default:
             if (syslog_flag)
-                syslog(LOG_INFO, "Unknown error code %d", e_code);
+                syslog(LOG_INFO, "unknown error code %d", e_code);
             break;
         }
     }
@@ -270,8 +271,6 @@ parse(FILE *fp, struct in_addr *laddr, struct in_addr *faddr)
     void *ka_ptr;
     struct kernel *kinfo_ptr;
 
-    if (verbose_flag)
-        syslog(LOG_DEBUG, "In function parse");
     auth_data.local_addr = laddr;
     auth_data.remote_addr = faddr;
     auth_data.fp = fp;
@@ -280,8 +279,6 @@ parse(FILE *fp, struct in_addr *laddr, struct in_addr *faddr)
 
     /* Read query from client and parse it. */
     line_ptr = sfgets(line, 2048, fp, timeout, &auth_data);
-    if (verbose_flag)
-        syslog(LOG_DEBUG, "After sfgets line_ptr: %s", line_ptr);
     if (line_ptr == NULL)
         do_error(IDENT_SYSTEM_ERROR, &auth_data);
     rcode = parse_auth_line(line_ptr, &auth_data);
@@ -339,7 +336,7 @@ parse(FILE *fp, struct in_addr *laddr, struct in_addr *faddr)
     kinfo_ptr->remote.sin_family = AF_INET ;
     kinfo_ptr->status = -1;
 
-    /* status will be set to 0 on not found, 1 on found, and -1 on failure. */
+    /* Status will be set to 0 on not found, 1 on found, and -1 on failure. */
     for (try = 0; try < MAX_RETRY && kinfo_ptr->status < 0; try++)
         kinfo_ptr->status = ka_lookup(ka_ptr, kinfo_ptr);
     if (try >= MAX_RETRY) {