#include <gcrypt.h>
#include <sys/select.h>
#include <arpa/inet.h>
+#include <syslog.h>
#include "util.h"
+#include "config.h"
#ifdef UNUSED
#elif defined(__GNUC__)
1); /* ask for binary results */
if (PQresultStatus(res) != PGRES_TUPLES_OK) {
- fprintf(stderr, "SELECT failed: %s", PQerrorMessage(db_conn));
+ syslog(LOG_ERR, "Failed to get shared secret for id=%s: %s",
+ id, PQerrorMessage(db_conn));
r = -1;
goto free_mem;
/* XXX Return error object */
}
if (PQntuples(res) == 0) {
+ syslog(LOG_INFO, "No such id: %s", id);
/* XXX Better handling */
- fprintf(stderr, "No such secrets: %s\n", id);
r = -1;
goto free_mem;
}
1); /* ask for binary results */
if (PQresultStatus(res) != PGRES_COMMAND_OK) {
- fprintf(stderr, "UPDATE failed: %s\n", PQerrorMessage(db_conn));
+ syslog(LOG_ERR, "UPDATE for %s failed: %s", uid,
+ PQerrorMessage(db_conn));
r = -1;
goto free_mem;
}
if (PQresultStatus(res) != PGRES_TUPLES_OK)
{
- fprintf(stderr, "SELECT failed: %s", PQerrorMessage(db_conn));
+ syslog(LOG_ERR, "Failed to get shared secret for uid=%s: %s",
+ uid, PQerrorMessage(db_conn));
r = -1;
goto free_mem;
}
id = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "id");
otp = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "otp");
h = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "h");
- fprintf(stderr, "got params: url=%s id=%s otp=%s, h=%s\n", url, id,
- otp, h);
+ syslog(LOG_DEBUG, "Got new connection with parameters: "
+ "url=%s id=%s otp=%s, h=%s\n", url, id, otp, h);
/* Do query to grab shared secret, we need this later anyway */
if (get_shared_secret(id, &shared_secret, &shared_secret_len) < 0) {
signature = sign_request(shared_secret, shared_secret_len,
NULL, status, timestamp);
send_response(conn, signature, status, NULL, timestamp);
- fprintf(stderr, "replay\n");
+ syslog(LOG_NOTICE, "Replay attempt for otp=%s, id=%s, uid=%s",
+ otp, id, uid);
goto free_mem;
}
stats.session_use = token.use;
set_data_for_uid(uid, &stats);
/* Generate response, sign it */
- fprintf(stderr, "ok request\n");
+ syslog(LOG_INFO, "OK request for otp=%s, id=%s, uid=%s",
+ otp, id, uid);
status = "OK";
signature = sign_request(shared_secret, shared_secret_len,
NULL, status, timestamp);
{
struct MHD_Daemon *d;
+ openlog("yubikeyd", LOG_PID, LOG_AUTHPRIV);
+ syslog(LOG_NOTICE, "yubikeyd version %s starting up", VERSION);
+
/* XXX connect args should go in config file */
db_conn = PQconnectdb("dbname=yubikey port=5433");
if (PQstatus(db_conn) != CONNECTION_OK) {
- fprintf(stderr, "Connection to database failed: %s",
- PQerrorMessage(db_conn));
+ syslog(LOG_ERR, "connection to database failed: %s",
+ PQerrorMessage(db_conn));
exit(1);
}
d = MHD_start_daemon(MHD_USE_DEBUG,
NULL, /* Data for default handler */
MHD_OPTION_END);
if (d == NULL) {
- fprintf(stderr, "Could not start daemon\n");
+ syslog(LOG_ERR, "could not start daemon, unsure why\n");
exit(1);
}
while (1) {
projects / yubikey-server-c / commitdiff