Commit 73410320 authored by Daniel Lenski's avatar Daniel Lenski

Merge branch 'more_logging_around_Trojan_script_invocation' into 'master'

more logging around Trojan script invocation (CSD/HIP/TNCC)

See merge request openconnect/openconnect!152
parents 2f0f0f0d 7083a0ac
......@@ -404,6 +404,10 @@ static int tncc_preauth(struct openconnect_info *vpninfo)
return -EINVAL;
}
vpn_progress(vpninfo, PRG_INFO,
_("Trying to run TNCC/Host Checker Trojan script '%s'.\n"),
vpninfo->csd_wrapper);
#ifdef SOCK_CLOEXEC
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, sockfd))
#endif
......
......@@ -1069,11 +1069,6 @@ static int run_csd_script(struct openconnect_info *vpninfo, char *buf, int bufle
return -EPERM;
}
#ifndef __linux__
vpn_progress(vpninfo, PRG_INFO,
_("Trying to run Linux CSD trojan script.\n"));
#endif
fname[0] = 0;
if (buflen) {
struct oc_vpn_option *opt;
......@@ -1123,6 +1118,10 @@ static int run_csd_script(struct openconnect_info *vpninfo, char *buf, int bufle
close(fd);
}
vpn_progress(vpninfo, PRG_INFO,
_("Trying to run CSD Trojan script '%s'.\n"),
vpninfo->csd_wrapper ?: fname);
child = fork();
if (child == -1) {
goto out;
......@@ -1145,6 +1144,10 @@ static int run_csd_script(struct openconnect_info *vpninfo, char *buf, int bufle
vpn_progress(vpninfo, PRG_ERR,
_("Authentication may fail. If your script is not returning zero, fix it.\n"
"Future versions of openconnect will abort on this error.\n"));
} else {
vpn_progress(vpninfo, PRG_INFO,
_("CSD script '%s' completed successfully.\n"),
vpninfo->csd_wrapper ?: fname);
}
free(vpninfo->urlpath);
......@@ -1424,7 +1427,10 @@ newgroup:
result = -EINVAL;
goto out;
}
}
} else
vpn_progress(vpninfo, PRG_INFO,
_("Fetched CSD stub for %s platform (size is %d bytes).\n"),
vpninfo->platname, buflen);
}
/* This is the CSD stub script, which we now need to run */
......
......@@ -955,6 +955,11 @@ static int run_hip_script(struct openconnect_info *vpninfo)
_("Error: Running the 'HIP Report' script on this platform is not yet implemented.\n"));
return -EPERM;
#else
vpn_progress(vpninfo, PRG_INFO,
_("Trying to run HIP Trojan script '%s'.\n"),
vpninfo->csd_wrapper);
#ifdef __linux__
if (pipe2(pipefd, O_CLOEXEC))
#endif
......@@ -993,6 +998,10 @@ static int run_hip_script(struct openconnect_info *vpninfo)
vpninfo->csd_wrapper, WEXITSTATUS(status));
ret = -EINVAL;
} else {
vpn_progress(vpninfo, PRG_INFO,
_("HIP script '%s' completed successfully (report is %d bytes).\n"),
vpninfo->csd_wrapper, report_buf->pos);
ret = check_or_submit_hip_report(vpninfo, report_buf->data);
if (ret < 0)
vpn_progress(vpninfo, PRG_ERR, _("HIP report submission failed.\n"));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment