From ae0e4a422a447590ca98e36058fe9d1d78b92c90 Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Mon, 13 Aug 2012 00:36:32 -0700 Subject: [PATCH 1/6] try to failure reason textual instead of numeric --- server-ca/chocolate.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server-ca/chocolate.py b/server-ca/chocolate.py index a8da557ff..a6ebf61a8 100755 --- a/server-ca/chocolate.py +++ b/server-ca/chocolate.py @@ -326,10 +326,11 @@ class session(object): if debug: print "%s: %s" % (self.id, msg) def die(self, r, reason, uri=None): - self.log("Session from %s died for reason %s" % (web.ctx.ip, reason)) self.kill() r.failure.cause = reason if uri: r.failure.URI = uri + self.log("Session from %s died for reason %s" % (web.ctx.ip, str(r.failure).split(":")[0].strip()) + if uri: self.log("error URI: %s" % uri) def handleclientfailure(self, m, r): if r.failure.IsInitialized(): return From 57a48d1c1d59fc544eb4a176a87fb2da3ba6345b Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Mon, 13 Aug 2012 00:38:38 -0700 Subject: [PATCH 2/6] balance parens --- server-ca/chocolate.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server-ca/chocolate.py b/server-ca/chocolate.py index a6ebf61a8..313a626b5 100755 --- a/server-ca/chocolate.py +++ b/server-ca/chocolate.py @@ -329,7 +329,7 @@ class session(object): self.kill() r.failure.cause = reason if uri: r.failure.URI = uri - self.log("Session from %s died for reason %s" % (web.ctx.ip, str(r.failure).split(":")[0].strip()) + self.log("Session from %s died for reason %s" % (web.ctx.ip, str(r.failure).split(":")[0].strip())) if uri: self.log("error URI: %s" % uri) def handleclientfailure(self, m, r): From 4847670654e526e3c927da87a7bc883ebbe50e02 Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Mon, 13 Aug 2012 00:42:06 -0700 Subject: [PATCH 3/6] even nicer logging :-) --- server-ca/chocolate.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server-ca/chocolate.py b/server-ca/chocolate.py index 313a626b5..2c8b38a6f 100755 --- a/server-ca/chocolate.py +++ b/server-ca/chocolate.py @@ -329,7 +329,8 @@ class session(object): self.kill() r.failure.cause = reason if uri: r.failure.URI = uri - self.log("Session from %s died for reason %s" % (web.ctx.ip, str(r.failure).split(":")[0].strip())) + self.log("from: %s" % web.ctx.ip) + self.log("died: %s" % str(r.failure).split(":")[1].strip()) if uri: self.log("error URI: %s" % uri) def handleclientfailure(self, m, r): From 2d1ca6bf6f110de1a907015c07afb26500a1437d Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Mon, 13 Aug 2012 00:47:48 -0700 Subject: [PATCH 4/6] show what names the cert was issued for --- server-ca/daemon.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server-ca/daemon.py b/server-ca/daemon.py index b8ee0b787..497a6b6eb 100644 --- a/server-ca/daemon.py +++ b/server-ca/daemon.py @@ -268,7 +268,7 @@ def issue(session): cert = CSR.issue(csr, names) r.hset(session, "cert", cert) if cert: # once issuing cert succeeded - if debug: print "issued for", short(session) + if debug: print "%s: issued certificate for names: %s" % (short(session), ", ".join(names)) r.hset(session, "state", "done") r.lpush("pending-done", session) # TODO: Note that we do not publish a pubsub message when @@ -322,7 +322,7 @@ for message in ps.listen(): if debug: print "expiring ancient session", short(session) r.hset(session, "live", False) else: - if debug: print "going to %s for %s" % (queue, short(session)) + # if debug: print "going to %s for %s" % (queue, short(session)) if queue == "makechallenge": makechallenge(session) elif queue == "testchallenge": testchallenge(session) elif queue == "issue": issue(session) From 41b59fbc916aed1e38f6deb935fe7ed35fdcd482 Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Mon, 13 Aug 2012 00:52:31 -0700 Subject: [PATCH 5/6] improving logging again --- server-ca/daemon.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server-ca/daemon.py b/server-ca/daemon.py index 497a6b6eb..83062f463 100644 --- a/server-ca/daemon.py +++ b/server-ca/daemon.py @@ -188,7 +188,7 @@ def testchallenge(session): failed = r.hget(challenge, "failed") == "True" # TODO: check whether this challenge is too old if not satisfied and not failed: - if debug: print "challenge", short(challenge), "being tested" + # if debug: print "challenge", short(challenge), "being tested" if challtype == 0: # DomainValidateSNI if debug: print "\tbeginning dvsni test to %s" % name dvsni_nonce = r.hget(challenge, "dvsni:nonce") @@ -221,7 +221,7 @@ def testchallenge(session): # response to an empty list of challenges (even though # the daemon that put this session on the queue should # also have implicitly guaranteed this). - if debug: print "\tall challenges satisfied, going to issue", short(session) + if debug: print "\t** All challenges satisfied; request %s GRANTED", short(session) r.hset(session, "state", "issue") r.lpush("pending-issue", session) r.publish("requests", "issue") From f212aa207cbed779aeba3d67b2f22a60c4a41ebb Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Mon, 13 Aug 2012 00:55:36 -0700 Subject: [PATCH 6/6] fix typo on format string --- server-ca/daemon.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server-ca/daemon.py b/server-ca/daemon.py index 83062f463..28c80a16b 100644 --- a/server-ca/daemon.py +++ b/server-ca/daemon.py @@ -221,7 +221,7 @@ def testchallenge(session): # response to an empty list of challenges (even though # the daemon that put this session on the queue should # also have implicitly guaranteed this). - if debug: print "\t** All challenges satisfied; request %s GRANTED", short(session) + if debug: print "\t** All challenges satisfied; request %s GRANTED" % short(session) r.hset(session, "state", "issue") r.lpush("pending-issue", session) r.publish("requests", "issue")