From: Timo Sirainen Date: Thu, 9 Apr 2020 19:50:26 +0000 (+0300) Subject: *-login: Use e_error() instead of client_log_err() X-Git-Tag: 2.3.11.2~219 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6142e25ea47507fba03da2ff01386974b08e2036;p=thirdparty%2Fdovecot%2Fcore.git *-login: Use e_error() instead of client_log_err() --- diff --git a/src/imap-login/imap-proxy.c b/src/imap-login/imap-proxy.c index 3aed94dd09..3ff25c725d 100644 --- a/src/imap-login/imap-proxy.c +++ b/src/imap-login/imap-proxy.c @@ -80,8 +80,8 @@ static int proxy_write_starttls(struct imap_client *client, string_t *str) if ((ssl_flags & PROXY_SSL_FLAG_STARTTLS) != 0) { if (client->proxy_backend_capability != NULL && !str_array_icase_find(t_strsplit(client->proxy_backend_capability, " "), "STARTTLS")) { - client_log_err(&client->common, - "proxy: Remote doesn't support STARTTLS"); + e_error(client->common.event, + "proxy: Remote doesn't support STARTTLS"); return -1; } str_append(str, "S STARTTLS\r\n"); @@ -120,7 +120,7 @@ static int proxy_write_login(struct imap_client *client, string_t *str) /* logging in normally - use LOGIN command */ if (client->proxy_logindisabled && login_proxy_get_ssl_flags(client->common.login_proxy) == 0) { - client_log_err(&client->common, + e_error(client->common.event, "proxy: Remote advertised LOGINDISABLED and SSL/TLS not enabled"); return -1; } @@ -150,9 +150,9 @@ static int proxy_write_login(struct imap_client *client, string_t *str) if (client->proxy_sasl_ir) { if (dsasl_client_output(client->common.proxy_sasl_client, &output, &len, &error) < 0) { - client_log_err(&client->common, t_strdup_printf( + e_error(client->common.event, "proxy: SASL mechanism %s init failed: %s", - mech_name, error)); + mech_name, error); return -1; } str_append_c(str, ' '); @@ -175,9 +175,9 @@ static int proxy_input_banner(struct imap_client *client, int ret; if (!str_begins(line, "* OK ")) { - client_log_err(&client->common, t_strdup_printf( + e_error(client->common.event, "proxy: Remote returned invalid banner: %s", - str_sanitize(line, 160))); + str_sanitize(line, 160)); return -1; } @@ -283,7 +283,7 @@ int imap_proxy_parse_line(struct client *client, const char *line) str = t_str_new(128); if (line[1] != ' ' || base64_decode(line+2, strlen(line+2), NULL, str) < 0) { - client_log_err(client, + e_error(client->event, "proxy: Server sent invalid base64 data in AUTHENTICATE response"); client_proxy_failed(client, TRUE); return -1; @@ -295,9 +295,9 @@ int imap_proxy_parse_line(struct client *client, const char *line) &data, &data_len, &error); } if (ret < 0) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Server sent invalid authentication data: %s", - error)); + error); client_proxy_failed(client, TRUE); return -1; } @@ -316,9 +316,9 @@ int imap_proxy_parse_line(struct client *client, const char *line) if (!str_begins(line, "S OK ")) { /* STARTTLS failed */ - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Remote STARTTLS failed: %s", - str_sanitize(line + 5, 160))); + str_sanitize(line + 5, 160)); client_proxy_failed(client, TRUE); return -1; } @@ -434,9 +434,9 @@ int imap_proxy_parse_line(struct client *client, const char *line) return 0; } else { /* tagged reply, shouldn't happen. */ - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Unexpected input, ignoring: %s", - str_sanitize(line, 160))); + str_sanitize(line, 160)); return 0; } } diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c index 89d122e992..70e717d037 100644 --- a/src/login-common/client-common-auth.c +++ b/src/login-common/client-common-auth.c @@ -350,21 +350,20 @@ static void proxy_input(struct client *client) switch (i_stream_read(input)) { case -2: - client_log_err(client, "proxy: Remote input buffer full"); + e_error(client->event, "proxy: Remote input buffer full"); client_proxy_failed(client, TRUE); return; case -1: line = i_stream_next_line(input); duration = ioloop_time - client->created; - client_log_err(client, t_strdup_printf( - "proxy: Remote %s:%u disconnected: %s " + e_error(client->event, "proxy: Remote %s:%u disconnected: %s " "(state=%s, duration=%us)%s", login_proxy_get_host(client->login_proxy), login_proxy_get_port(client->login_proxy), io_stream_get_disconnect_reason(input, NULL), client_proxy_get_state(client), duration, line == NULL ? "" : t_strdup_printf( - " - BUG: line not read: %s", line))); + " - BUG: line not read: %s", line)); client_proxy_failed(client, TRUE); return; } @@ -394,12 +393,12 @@ static int proxy_start(struct client *client, client->v.proxy_reset(client); if (reply->password == NULL) { - client_log_err(client, "proxy: password not given"); + e_error(client->event, "proxy: password not given"); client_proxy_error(client, PROXY_FAILURE_MSG); return -1; } if (reply->host == NULL || *reply->host == '\0') { - client_log_err(client, "proxy: host not given"); + e_error(client->event, "proxy: host not given"); client_proxy_error(client, PROXY_FAILURE_MSG); return -1; } @@ -407,9 +406,9 @@ static int proxy_start(struct client *client, if (reply->proxy_mech != NULL) { sasl_mech = dsasl_client_mech_find(reply->proxy_mech); if (sasl_mech == NULL) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Unsupported SASL mechanism %s", - reply->proxy_mech)); + reply->proxy_mech); client_proxy_error(client, PROXY_FAILURE_MSG); return -1; } @@ -427,7 +426,7 @@ static int proxy_start(struct client *client, } if (login_proxy_is_ourself(client, reply->host, reply->port, reply->destuser)) { - client_log_err(client, "Proxying loops to itself"); + e_error(client->event, "Proxying loops to itself"); client_proxy_error(client, PROXY_FAILURE_MSG); return -1; } diff --git a/src/login-common/client-common.c b/src/login-common/client-common.c index e99d684e52..f0d8412ca4 100644 --- a/src/login-common/client-common.c +++ b/src/login-common/client-common.c @@ -97,7 +97,7 @@ static void client_idle_disconnect_timeout(struct client *client) user_reason = "Timeout while finishing login."; destroy_reason = t_strdup_printf( "Timeout while finishing login (waited %u secs)", secs); - client_log_err(client, destroy_reason); + e_error(client->event, "%s", destroy_reason); } else if (client->auth_request != NULL) { user_reason = "Disconnected for inactivity during authentication."; @@ -112,7 +112,7 @@ static void client_idle_disconnect_timeout(struct client *client) login_proxy_get_host(client->login_proxy), login_proxy_get_port(client->login_proxy), client_proxy_get_state(client), secs); - client_log_err(client, destroy_reason); + e_error(client->event, "%s", destroy_reason); } else { user_reason = "Disconnected for inactivity."; destroy_reason = "Disconnected: Inactivity"; @@ -509,15 +509,15 @@ int client_init_ssl(struct client *client) command. */ ssl_set.allow_invalid_cert = TRUE; if (ssl_iostream_server_context_cache_get(&ssl_set, &ssl_ctx, &error) < 0) { - client_log_err(client, t_strdup_printf( - "Failed to initialize SSL server context: %s", error)); + e_error(client->event, + "Failed to initialize SSL server context: %s", error); return -1; } if (io_stream_create_ssl_server(ssl_ctx, &ssl_set, &client->input, &client->output, &client->ssl_iostream, &error) < 0) { - client_log_err(client, t_strdup_printf( - "Failed to initialize SSL connection: %s", error)); + e_error(client->event, + "Failed to initialize SSL connection: %s", error); ssl_iostream_context_unref(&ssl_ctx); return -1; } @@ -630,7 +630,7 @@ int client_get_plaintext_fd(struct client *client, int *fd_r, bool *close_fd_r) disconnects. Create a socketpair where login process is proxying on one side and the other side is sent to the post-login process. */ if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) < 0) { - client_log_err(client, t_strdup_printf("socketpair() failed: %m")); + e_error(client->event, "socketpair() failed: %m"); return -1; } fd_set_nonblock(fds[0], TRUE); diff --git a/src/login-common/login-proxy.c b/src/login-common/login-proxy.c index 6c694ed192..900e24bb94 100644 --- a/src/login-common/login-proxy.c +++ b/src/login-common/login-proxy.c @@ -204,7 +204,7 @@ proxy_log_connect_error(struct login_proxy *proxy) } str_append_c(str, ')'); - client_log_err(proxy->client, str_c(str)); + e_error(proxy->client->event, "%s", str_c(str)); } static void proxy_reconnect_timeout(struct login_proxy *proxy) @@ -284,10 +284,10 @@ static int login_proxy_connect(struct login_proxy *proxy) if (proxy->ip.family == 0 && net_addr2ip(proxy->host, &proxy->ip) < 0) { - client_log_err(proxy->client, t_strdup_printf( + e_error(proxy->client->event, "proxy(%s): BUG: host %s is not an IP " "(auth should have changed it)", - proxy->client->virtual_user, proxy->host)); + proxy->client->virtual_user, proxy->host); return -1; } @@ -300,10 +300,10 @@ static int login_proxy_connect(struct login_proxy *proxy) rec->last_failure.tv_sec - rec->last_success.tv_sec > PROXY_IMMEDIATE_FAILURE_SECS && rec->num_waiting_connections > 1) { /* the server is down. fail immediately */ - client_log_err(proxy->client, t_strdup_printf( + e_error(proxy->client->event, "proxy(%s): Host %s:%u is down", proxy->client->virtual_user, - net_ip2addr(&proxy->ip), proxy->port)); + net_ip2addr(&proxy->ip), proxy->port); return -1; } @@ -332,15 +332,15 @@ int login_proxy_new(struct client *client, i_assert(client->login_proxy == NULL); if (set->host == NULL || *set->host == '\0') { - client_log_err(client, t_strdup_printf( - "proxy(%s): host not given", client->virtual_user)); + e_error(client->event, + "proxy(%s): host not given", client->virtual_user); return -1; } if (client->proxy_ttl <= 1) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy(%s): TTL reached zero - " - "proxies appear to be looping?", client->virtual_user)); + "proxies appear to be looping?", client->virtual_user); return -1; } @@ -696,8 +696,8 @@ int login_proxy_starttls(struct login_proxy *proxy) io_remove(&proxy->server_io); if (ssl_iostream_client_context_cache_get(&ssl_set, &ssl_ctx, &error) < 0) { - client_log_err(proxy->client, t_strdup_printf( - "proxy: Failed to create SSL client context: %s", error)); + e_error(proxy->client->event, + "proxy: Failed to create SSL client context: %s", error); return -1; } @@ -706,19 +706,19 @@ int login_proxy_starttls(struct login_proxy *proxy) &proxy->server_output, &proxy->server_ssl_iostream, &error) < 0) { - client_log_err(proxy->client, t_strdup_printf( + e_error(proxy->client->event, "proxy: Failed to create SSL client to %s:%u: %s", - net_ip2addr(&proxy->ip), proxy->port, error)); + net_ip2addr(&proxy->ip), proxy->port, error); ssl_iostream_context_unref(&ssl_ctx); return -1; } ssl_iostream_context_unref(&ssl_ctx); if (ssl_iostream_handshake(proxy->server_ssl_iostream) < 0) { error = ssl_iostream_get_last_error(proxy->server_ssl_iostream); - client_log_err(proxy->client, t_strdup_printf( + e_error(proxy->client->event, "proxy: Failed to start SSL handshake to %s:%u: %s", net_ip2addr(&proxy->ip), proxy->port, - ssl_iostream_get_last_error(proxy->server_ssl_iostream))); + ssl_iostream_get_last_error(proxy->server_ssl_iostream)); return -1; } diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c index 27b90b148b..d7b6c9db65 100644 --- a/src/login-common/sasl-server.c +++ b/src/login-common/sasl-server.c @@ -472,8 +472,8 @@ void sasl_server_auth_begin(struct client *client, info.session_id = client_get_session_id(client); if (!get_cert_username(client, &info.cert_username, &error)) { - client_log_err(client, t_strdup_printf("Cannot get username " - "from certificate: %s", error)); + e_error(client->event, + "Cannot get username from certificate: %s", error); sasl_server_auth_failed(client, "Unable to validate certificate", AUTH_CLIENT_FAIL_CODE_AUTHZFAILED); diff --git a/src/pop3-login/pop3-proxy.c b/src/pop3-login/pop3-proxy.c index 817d40145a..61a1ea756f 100644 --- a/src/pop3-login/pop3-proxy.c +++ b/src/pop3-login/pop3-proxy.c @@ -87,9 +87,9 @@ static int proxy_send_login(struct pop3_client *client, struct ostream *output) str_printfa(str, "AUTH %s ", mech_name); if (dsasl_client_output(client->common.proxy_sasl_client, &sasl_output, &len, &error) < 0) { - client_log_err(&client->common, t_strdup_printf( + e_error(client->common.event, "proxy: SASL mechanism %s init failed: %s", - mech_name, error)); + mech_name, error); return -1; } if (len == 0) @@ -117,7 +117,7 @@ pop3_proxy_continue_sasl_auth(struct client *client, struct ostream *output, str = t_str_new(128); if (base64_decode(line, strlen(line), NULL, str) < 0) { - client_log_err(client, "proxy: Server sent invalid base64 data in AUTH response"); + e_error(client->event, "proxy: Server sent invalid base64 data in AUTH response"); return -1; } ret = dsasl_client_input(client->proxy_sasl_client, @@ -127,9 +127,9 @@ pop3_proxy_continue_sasl_auth(struct client *client, struct ostream *output, &data, &data_len, &error); } if (ret < 0) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Server sent invalid authentication data: %s", - error)); + error); return -1; } i_assert(ret == 0); @@ -155,9 +155,9 @@ int pop3_proxy_parse_line(struct client *client, const char *line) case POP3_PROXY_BANNER: /* this is a banner */ if (!str_begins(line, "+OK")) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Remote returned invalid banner: %s", - str_sanitize(line, 160))); + str_sanitize(line, 160)); client_proxy_failed(client, TRUE); return -1; } @@ -177,9 +177,8 @@ int pop3_proxy_parse_line(struct client *client, const char *line) return 0; case POP3_PROXY_STARTTLS: if (!str_begins(line, "+OK")) { - client_log_err(client, t_strdup_printf( - "proxy: Remote STLS failed: %s", - str_sanitize(line, 160))); + e_error(client->event, "proxy: Remote STLS failed: %s", + str_sanitize(line, 160)); client_proxy_failed(client, TRUE); return -1; } @@ -196,9 +195,9 @@ int pop3_proxy_parse_line(struct client *client, const char *line) return 1; case POP3_PROXY_XCLIENT: if (!str_begins(line, "+OK")) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Remote XCLIENT failed: %s", - str_sanitize(line, 160))); + str_sanitize(line, 160)); client_proxy_failed(client, TRUE); return -1; } diff --git a/src/submission-login/submission-proxy.c b/src/submission-login/submission-proxy.c index ea07000135..2667690590 100644 --- a/src/submission-login/submission-proxy.c +++ b/src/submission-login/submission-proxy.c @@ -101,7 +101,7 @@ proxy_send_login(struct submission_client *client, struct ostream *output) if ((client->proxy_capability & SMTP_CAPABILITY_AUTH) == 0) { /* Prevent sending credentials to a server that has login disabled; i.e., due to the lack of TLS */ - client_log_err(&client->common, "proxy: " + e_error(client->common.event, "proxy: " "Server has disabled authentication (TLS required?)"); return -1; } @@ -127,9 +127,9 @@ proxy_send_login(struct submission_client *client, struct ostream *output) str_printfa(str, "AUTH %s ", mech_name); if (dsasl_client_output(client->common.proxy_sasl_client, &sasl_output, &len, &error) < 0) { - client_log_err(&client->common, t_strdup_printf( + e_error(client->common.event, "proxy: SASL mechanism %s init failed: %s", - mech_name, error)); + mech_name, error); return -1; } if (len == 0) @@ -158,8 +158,7 @@ submission_proxy_continue_sasl_auth(struct client *client, struct ostream *outpu str = t_str_new(128); if (base64_decode(line, strlen(line), NULL, str) < 0) { - client_log_err( - client, "proxy: " + e_error(client->event, "proxy: " "Server sent invalid base64 data in AUTH response"); return -1; } @@ -170,9 +169,9 @@ submission_proxy_continue_sasl_auth(struct client *client, struct ostream *outpu &data, &data_len, &error); } if (ret < 0) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Server sent invalid authentication data: %s", - error)); + error); return -1; } i_assert(ret == 0); @@ -257,10 +256,10 @@ int submission_proxy_parse_line(struct client *client, const char *line) } if (subm_client->proxy_reply_status != 0 && subm_client->proxy_reply_status != status) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Remote returned inconsistent SMTP reply: %s " "(status != %u)", str_sanitize(line, 160), - subm_client->proxy_reply_status)); + subm_client->proxy_reply_status); client_proxy_failed(client, TRUE); return -1; } @@ -276,9 +275,9 @@ int submission_proxy_parse_line(struct client *client, const char *line) case SUBMISSION_PROXY_BANNER: /* this is a banner */ if (invalid_line || status != 220) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Remote returned invalid banner: %s", - str_sanitize(line, 160))); + str_sanitize(line, 160)); client_proxy_failed(client, TRUE); return -1; } @@ -292,9 +291,9 @@ int submission_proxy_parse_line(struct client *client, const char *line) case SUBMISSION_PROXY_EHLO: case SUBMISSION_PROXY_TLS_EHLO: if (invalid_line || (status / 100) != 2) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Remote returned invalid EHLO line: %s", - str_sanitize(line, 160))); + str_sanitize(line, 160)); client_proxy_failed(client, TRUE); return -1; } @@ -336,8 +335,7 @@ int submission_proxy_parse_line(struct client *client, const char *line) } else { if ((subm_client->proxy_capability & SMTP_CAPABILITY_STARTTLS) == 0) { - client_log_err( - client, "proxy: " + e_error(client->event, "proxy: " "Remote doesn't support STARTTLS"); return -1; } @@ -347,9 +345,9 @@ int submission_proxy_parse_line(struct client *client, const char *line) return 0; case SUBMISSION_PROXY_STARTTLS: if (invalid_line || status != 220) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Remote STARTTLS failed: %s", - str_sanitize(line, 160))); + str_sanitize(line, 160)); client_proxy_failed(client, TRUE); return -1; } @@ -370,9 +368,9 @@ int submission_proxy_parse_line(struct client *client, const char *line) return 0; case SUBMISSION_PROXY_XCLIENT: if (invalid_line || (status / 100) != 2) { - client_log_err(client, t_strdup_printf( + e_error(client->event, "proxy: Remote XCLIENT failed: %s", - str_sanitize(line, 160))); + str_sanitize(line, 160)); client_proxy_failed(client, TRUE); return -1; }