inc: log_auth() is a lie

LOG_AUTH is not a level, it's a facility which can't be cherry-picked from the syslog() call. Remove it. Also stops spewing of auth message into console.

inc: log_auth() is a lie
LOG_AUTH is not a level, it's a facility which can't be cherry-picked from the syslog() call. Remove it. Also stops spewing of auth message into console.
3318c94c · Franco Fichtner · 347d5807 · 3318c94c · 3318c94c · 3318c94c
Commit 3318c94c authored Dec 21, 2014 by Franco Fichtner
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 31 deletions

auth.inc src/etc/inc/auth.inc +8 -7

util.inc src/etc/inc/util.inc +6 -19

xmlrpc.php src/www/xmlrpc.php +4 -5

No files found.
--- a/src/etc/inc/auth.inc
+++ b/src/etc/inc/auth.inc
@@ -1114,15 +1114,16 @@ function ldap_backed($username, $passwd, $authcfg) {
 	/*  that way we don't have to search twice.                      */
 	/*****************************************************************/
 	if ($debug)
-		log_auth(sprintf(gettext("Now Searching for %s in directory."), $username));
+		log_error(sprintf(gettext("Now Searching for %s in directory."), $username));
 	/* Iterate through the user containers for search */
 	foreach ($ldac_splits as $i => $ldac_split) {
 		$ldac_split = isset($authcfg['ldap_utf8']) ? utf8_encode($ldac_split) : $ldac_split;
 		$ldapfilter = isset($authcfg['ldap_utf8']) ? utf8_encode($ldapfilter) : $ldapfilter;
 		$ldapsearchbasedn = isset($authcfg['ldap_utf8']) ? utf8_encode("{$ldac_split},{$ldapbasedn}") : "{$ldac_split},{$ldapbasedn}";
 		/* Make sure we just use the first user we find */
-		if ($debug)
-			log_auth(sprintf(gettext('Now Searching in server %1$s, container %2$s with filter %3$s.'), $ldapname, utf8_decode($ldac_split), utf8_decode($ldapfilter)));
+		if ($debug) {
+			log_error(sprintf(gettext('Now Searching in server %1$s, container %2$s with filter %3$s.'), $ldapname, utf8_decode($ldac_split), utf8_decode($ldapfilter)));
+		}
 		if ($ldapscope == "one")
 			$ldapfunc = "ldap_list";
 		else
@@ -1163,7 +1164,7 @@ function ldap_backed($username, $passwd, $authcfg) {

 	if ($debug) {
 		$userdn = isset($authcfg['ldap_utf8']) ? utf8_decode($userdn) : $userdn;
-		log_auth(sprintf(gettext('Logged in successfully as %1$s via LDAP server %2$s with DN = %3$s.'), $username, $ldapname, $userdn));
+		log_error(sprintf(gettext('Logged in successfully as %1$s via LDAP server %2$s with DN = %3$s.'), $username, $ldapname, $userdn));
 	}

 	/* At this point we are bound to LDAP so the user was auth'd okay. Close connection. */
@@ -1366,8 +1367,8 @@ function session_auth() {
 			$_SESSION['Username'] = $_POST['usernamefld'];
 			$_SESSION['last_access'] = time();
 			$_SESSION['protocol'] = $config['system']['webgui']['protocol'];
-			if(! isset($config['system']['webgui']['quietlogin'])) {
-				log_auth(sprintf(gettext("Successful login for user '%1\$s' from: %2\$s"), $_POST['usernamefld'], $_SERVER['REMOTE_ADDR']));
+			if (!isset($config['system']['webgui']['quietlogin'])) {
+				log_error(sprintf(gettext("Successful login for user '%1\$s' from: %2\$s"), $_POST['usernamefld'], $_SERVER['REMOTE_ADDR']));
 			}
 			if (isset($_POST['postafterlogin']))
 				return true;
@@ -1380,7 +1381,7 @@ function session_auth() {
 		} else {
 			/* give the user an error message */
 			$_SESSION['Login_Error'] = "Username or Password incorrect";
-			log_auth("webConfigurator authentication error for '{$_POST['usernamefld']}' from {$_SERVER['REMOTE_ADDR']}");
+			log_error("webConfigurator authentication error for '{$_POST['usernamefld']}' from {$_SERVER['REMOTE_ADDR']}");
 			if(isAjax()) {
 				echo "showajaxmessage('{$_SESSION['Login_Error']}');";
 				return;

--- a/src/etc/inc/util.inc
+++ b/src/etc/inc/util.inc
@@ -1103,34 +1103,21 @@ function get_interface_list($mode = "active", $keyby = "physical", $vfaces = "")
 * RESULT
 *   null
 ******/
-function log_error($error) {
+function log_error($error)
+{
 	global $g;
+
 	$page = $_SERVER['SCRIPT_NAME'];
 	if (empty($page)) {
 		$files = get_included_files();
 		$page = basename($files[0]);
 	}
+
 	syslog(LOG_ERR, "$page: $error");
-	if ($g['debug'])
-		syslog(LOG_WARNING, var_dump(debug_backtrace()));
-	return;
-}

-/****f* util/log_auth
-* NAME
-*   log_auth   - Sends a string to syslog as LOG_AUTH facility
-* INPUTS
-*   $error     - string containing the syslog message.
-* RESULT
-*   null
-******/
-function log_auth($error) {
-	global $g;
-	$page = $_SERVER['SCRIPT_NAME'];
-	syslog(LOG_AUTH, "$page: $error");
-	if ($g['debug'])
+	if ($g['debug']) {
 		syslog(LOG_WARNING, var_dump(debug_backtrace()));
-	return;
+	}
 }

 /****f* util/exec_command

--- a/src/www/xmlrpc.php
+++ b/src/www/xmlrpc.php
 <?php
-/*
-	$Id$

-        xmlrpc.php
+/*
        Copyright (C) 2009, 2010 Scott Ullrich
        Copyright (C) 2005 Colin Smith
        All rights reserved.
@@ -84,8 +82,9 @@ $exec_php_sig = array(
 	)
 );

-function xmlrpc_authfail() {
-	log_auth("webConfigurator authentication error for 'admin' from {$_SERVER['REMOTE_ADDR']}");
+function xmlrpc_authfail()
+{
+	log_error("webConfigurator authentication error for 'admin' from {$_SERVER['REMOTE_ADDR']}");
 }

 function exec_php_xmlrpc($raw_params) {