NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2004-01

PATCH: SASL Logging

From: Andreas Winkelmann (mlawinkelmann.de)
Date: Thu Jan 01 2004 - 17:49:16 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi.

I have made two changes in the Sourcecode of smtpd_sasl_glue.c:

1) SASL uses a Callback-Hook in Postfix's smtpd to send log-messages. There
are 7 LogLevels which are used by sasl. But only four are forwarded from the
CallbackHook to the Logfile. Three are suppressed. These are LOG_DEBUG,
LOG_TRACE and LOG_PASS. I added a "default:"-Rule where these messages are
forwarded with "SASL authentication misc:..." if smtpd is invoked with "-v".

Example:
postfix/smtpd[3934]: SASL authentication misc: DIGEST-MD5 server step 1
postfix/smtpd[3934]: SASL authentication misc: DIGEST-MD5 server step 2

2) SASL offers another CallBack-Hook (verifyfile) which is called before SASL
tries to open a file. There are 4 File-Types:

        conf: For example /path/to/smtpd.conf ("smtpd -v")
        plugin: All DSOs (DynamicSharedObject-Files) ("smtpd -vv")
        passwd: The Password-Storage File(s) ("smtpd -vv")
        other: All other Files ("smtpd -vv")

Example:
postfix/smtpd[28734]: SASL verifyfile conf: /usr/lib/sasl2/smtpd.conf
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libanonymous.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libcrammd5.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/liblogin.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libsasldb.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libdigestmd5.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libntlm.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libgssapiv2.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libldapdb.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libplain.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libotp.so.2
postfix/smtpd[28734]: SASL verifyfile plugin: /usr/lib/sasl2/libsql.so.2

I think this can be very useful for debugging-reasons.

--
Andreas

text/x-diff attachment: patch.sasl.logging

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]