Merge pull request #147 from cviecco/enhance-error-logs-bad-connectio…

…ns-1 Enhance error logs bad connections 1
Symantec · May 10, 2018 · 81528a4 · 81528a4
2 parents 573f017 + df6b8f8
commit 81528a4
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 5 deletions.
diff --git a/Makefile b/Makefile
@@ -10,7 +10,7 @@ endif
 BINARY=keymaster
 
 # These are the values we want to pass for Version and BuildTime
-VERSION=1.4.2
+VERSION=1.4.3
 #BUILD_TIME=`date +%FT%T%z`
 
 # Setup the -ldflags option for go build here, interpolate the variable values

diff --git a/cmd/keymasterd/main.go b/cmd/keymasterd/main.go
@@ -1494,7 +1494,7 @@ func (state *RuntimeState) vipPushStartHandler(w http.ResponseWriter, r *http.Re
 
 		return
 	}
-	logger.Printf(" Vip push start authuser=%s", authUser)
+	logger.Debugf(0, "Vip push start authuser=%s", authUser)
 	vipPushCookie, err := r.Cookie(vipTransactionCookieName)
 	if err != nil {
 		logger.Printf("%v", err)
@@ -1864,7 +1864,7 @@ func (state *RuntimeState) u2fSignResponse(w http.ResponseWriter, r *http.Reques
 		return
 	}
 
-	logger.Printf("signResponse: %+v", signResp)
+	logger.Debugf(1, "signResponse: %+v", signResp)
 
 	profile, ok, _, err := state.LoadUserProfile(authUser)
 	if err != nil {
@@ -1904,7 +1904,7 @@ func (state *RuntimeState) u2fSignResponse(w http.ResponseWriter, r *http.Reques
 		if authErr == nil {
 			metricLogAuthOperation(getClientType(r), proto.AuthTypeU2F, true)
 
-			logger.Printf("newCounter: %d", newCounter)
+			logger.Debugf(0, "newCounter: %d", newCounter)
 			//counter = newCounter
 			u2fReg.Counter = newCounter
 			//profile.U2fAuthData[i].Counter = newCounter

diff --git a/keymaster.spec b/keymaster.spec
@@ -1,5 +1,5 @@
 Name:           keymaster
-Version:        1.4.2
+Version:        1.4.3
 Release:        1%{?dist}
 Summary:        Short term access certificate generator and client
 

diff --git a/lib/pwauth/ldap/impl.go b/lib/pwauth/ldap/impl.go
@@ -100,6 +100,9 @@ func (pa *PasswordAuthenticator) passwordAuthenticate(username string,
 		}
 	}
 	if pa.storage != nil {
+		if pa.logger != nil {
+			pa.logger.Printf("Failed to check password against LDAP servers, using local hash db")
+		}
 		ok, hash, err := pa.storage.GetSigned(username, passwordDataType)
 		if err != nil {
 			return false, nil