Enhance the log messages for authentication failures

cherokee/connection.c

@@ -2315,6 +2315,7 @@ cherokee_connection_check_authentication (cherokee_connection_t *conn, cherokee_
 	 */
 	ret = cherokee_header_get_known (&conn->header, header_authorization, &ptr, &len);
 	if (ret != ret_ok) {
+		LOG_ERROR_S(CHEROKEE_ERROR_CONNECTION_HEADER_AUTH);
 		goto unauthorized;
 	}
 
@@ -2330,6 +2331,7 @@ cherokee_connection_check_authentication (cherokee_connection_t *conn, cherokee_
 	 */
 	ret = get_authorization (conn, config_entry->authentication, conn->validator, ptr, len);
 	if (ret != ret_ok) {
+		LOG_ERROR_S(CHEROKEE_ERROR_CONNECTION_AUTH_GET_HEADER);
 		goto unauthorized;
 	}
 
@@ -2339,11 +2341,13 @@ cherokee_connection_check_authentication (cherokee_connection_t *conn, cherokee_
 		void *foo;
 
 		if (cherokee_buffer_is_empty (&conn->validator->user)) {
+			LOG_ERROR_S(CHEROKEE_ERROR_CONNECTION_NO_USER);
 			goto unauthorized;
 		}
 
 		ret = cherokee_avl_get (config_entry->users, &conn->validator->user, &foo);
 		if (ret != ret_ok) {
+			LOG_ERROR(CHEROKEE_ERROR_CONNECTION_NO_VALID_USER, conn->validator->user.buf);
 			goto unauthorized;
 		}
 	}
@@ -2359,6 +2363,7 @@ cherokee_connection_check_authentication (cherokee_connection_t *conn, cherokee_
 	ret = cherokee_validator_check (conn->validator, conn);
 
 	if (ret != ret_ok) {
+		LOG_ERROR_S(CHEROKEE_ERROR_CONNECTION_LOGIN_ERROR);
 		goto unauthorized;
 	}
 
@@ -2391,6 +2396,8 @@ cherokee_connection_check_ip_validation (cherokee_connection_t *conn, cherokee_c
 	}
 
 	conn->error_code = http_access_denied;
+	LOG_ERROR_S(CHEROKEE_ERROR_CONNECTION_INVALID_IP);
+
 	return ret_error;
 }
 
@@ -2435,6 +2442,7 @@ cherokee_connection_check_http_method (cherokee_connection_t *conn, cherokee_con
 		conn->header.method = http_get;
 	}
 
+	LOG_ERROR_S(CHEROKEE_ERROR_CONNECTION_HTTPD_METHOD);
 	return ret_error;
 }
 

cherokee/error_list.py

@@ -58,7 +58,7 @@
   admin = '/general#tabs_general-0')
 
 e('RRD_MKDIR_WRITE',
-  title = "Cannot create the '%s' directory",
+  title = "Could not create the '%s' directory or it doesn't have write permission",
   desc  = SYSTEM_ISSUE,
   admin = '/general#tabs_general-0')
 
@@ -964,6 +964,34 @@
 
 # cherokee/connection.c
 #
+
+e('CONNECTION_HEADER_AUTH',
+  title = "Authentication failed: could not get authentication information from the header")
+
+e('CONNECTION_AUTH_GET_HEADER',
+  title = "Authentication failed: could not parse the authentication information in the header",
+  desc  = "The authentication method in the connection does not match with the configuration.")
+
+e('CONNECTION_LOGIN_ERROR',
+  title = "Login failed: invalid password",
+  desc  = "The supplied password is invalid.")
+
+e('CONNECTION_NO_USER',
+  title = "The connection does not have a user",
+  desc  = "The connection's user field is empty.")
+
+e('CONNECTION_NO_VALID_USER',
+  title = "The connection's user (%s) is not in the fixed list, please check the configuration.",
+  desc  = BROKEN_CONFIG)
+
+e('CONNECTION_INVALID_IP',
+  title = "The connection's IP is invalid: please check IP or subnet configuration.",
+  desc  = BROKEN_CONFIG)
+
+e('CONNECTION_HTTPD_METHOD',
+  title = "The connection's HTTP method is not allowed.",
+  desc  = BROKEN_CONFIG)
+
 e('CONNECTION_AUTH',
   title = "Unknown authentication method",
   desc  = BROKEN_CONFIG)