Commit 88786ca6 authored by ale's avatar ale

Log requests

parent b7c86593
Pipeline #798 passed with stages
in 45 seconds
......@@ -4,6 +4,7 @@ import (
......@@ -96,8 +97,10 @@ func (s *KeyLookupProxy) Lookup(ctx context.Context, key string) (interface{}, b
func (s *KeyLookupProxy) lookupUserdb(ctx context.Context, username string) (interface{}, bool) {
pub := s.db.GetPublicKey(ctx, username)
if pub == nil {
log.Printf("failed userdb lookup for %s", username)
return nil, false
log.Printf("userdb lookup for %s", username)
return &userdbResponse{PublicKey: b64encode(pub)}, true
......@@ -106,6 +109,7 @@ func (s *KeyLookupProxy) lookupPassdb(ctx context.Context, username, password st
// unencrypted key from the keystore daemon.
priv, err := s.keystore.Get(ctx, s.config.Shard, username, password)
if err == nil {
log.Printf("passdb lookup for %s (from keystore)", username)
return &passdbResponse{PrivateKey: b64encode(priv)}, true
......@@ -113,12 +117,15 @@ func (s *KeyLookupProxy) lookupPassdb(ctx context.Context, username, password st
// decrypt them.
encKeys := s.db.GetPrivateKeys(ctx, username)
if len(encKeys) == 0 {
log.Printf("failed passdb lookup for %s (no keys)", username)
return nil, false
priv, err = userenckey.Decrypt(encKeys, []byte(password))
if err != nil {
log.Printf("failed passdb lookup for %s (could not decrypt key)", username)
return nil, false
log.Printf("passdb lookup for %s (decrypted)", username)
return &passdbResponse{PrivateKey: b64encode(priv)}, true
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment