Fossil SCM
Add a new category of error log messages: SQLITE_AUTH and similar.
Commit
bc8e936abf4c5fdabdaa6244e970cbc41b2d5eae8f92f2fc0fe9c6338d5e9238
Parent
da34b906edbdf73…
1 file changed
+20
-9
+20
-9
| --- src/security_audit.c | ||
| +++ src/security_audit.c | ||
| @@ -814,10 +814,11 @@ | ||
| 814 | 814 | ** |
| 815 | 815 | ** y=0x01 Show only hack attempts |
| 816 | 816 | ** y=0x02 Show only panics and assertion faults |
| 817 | 817 | ** y=0x04 Show hung backoffice processes |
| 818 | 818 | ** y=0x08 Show POST requests from a different origin |
| 819 | +** y=0x10 Show SQLITE_AUTH and similar | |
| 819 | 820 | ** y=0x40 Show other uncategorized messages |
| 820 | 821 | ** |
| 821 | 822 | ** If y is omitted or is zero, a count of the various message types is |
| 822 | 823 | ** shown. |
| 823 | 824 | */ |
| @@ -824,19 +825,20 @@ | ||
| 824 | 825 | void errorlog_page(void){ |
| 825 | 826 | i64 szFile; |
| 826 | 827 | FILE *in; |
| 827 | 828 | char *zLog; |
| 828 | 829 | const char *zType = P("y"); |
| 829 | - static const int eAllTypes = 0x4f; | |
| 830 | + static const int eAllTypes = 0x5f; | |
| 830 | 831 | long eType = 0; |
| 831 | 832 | int bOutput = 0; |
| 832 | 833 | int prevWasTime = 0; |
| 833 | 834 | int nHack = 0; |
| 834 | 835 | int nPanic = 0; |
| 835 | 836 | int nOther = 0; |
| 836 | 837 | int nHang = 0; |
| 837 | 838 | int nXPost = 0; |
| 839 | + int nAuth = 0; | |
| 838 | 840 | char z[10000]; |
| 839 | 841 | char zTime[10000]; |
| 840 | 842 | |
| 841 | 843 | login_check_credentials(); |
| 842 | 844 | if( !g.perm.Admin ){ |
| @@ -906,10 +908,13 @@ | ||
| 906 | 908 | @ <li>Hung backoffice processes |
| 907 | 909 | } |
| 908 | 910 | if( eType & 0x08 ){ |
| 909 | 911 | @ <li>POST requests from different origin |
| 910 | 912 | } |
| 913 | + if( eType & 0x10 ){ | |
| 914 | + @ <li>SQLITE_AUTH and similar errors | |
| 915 | + } | |
| 911 | 916 | if( eType & 0x40 ){ |
| 912 | 917 | @ <li>Other uncategorized messages |
| 913 | 918 | } |
| 914 | 919 | @ </ul> |
| 915 | 920 | } |
| @@ -933,10 +938,16 @@ | ||
| 933 | 938 | }else |
| 934 | 939 | if( sqlite3_strglob("warning: POST from different origin*",z)==0 ){ |
| 935 | 940 | bOutput = (eType & 0x08)!=0; |
| 936 | 941 | nXPost++; |
| 937 | 942 | }else |
| 943 | + if( sqlite3_strglob("SECURITY: authorizer blocks*",z)==0 | |
| 944 | + || sqlite3_strglob("warning: SQLITE_AUTH*",z)==0 | |
| 945 | + ){ | |
| 946 | + bOutput = (eType & 0x10)!=0; | |
| 947 | + nAuth++; | |
| 948 | + }else | |
| 938 | 949 | { |
| 939 | 950 | bOutput = (eType & 0x40)!=0; |
| 940 | 951 | nOther++; |
| 941 | 952 | } |
| 942 | 953 | if( bOutput ){ |
| @@ -958,11 +969,11 @@ | ||
| 958 | 969 | fclose(in); |
| 959 | 970 | if( eType ){ |
| 960 | 971 | @ </pre> |
| 961 | 972 | } |
| 962 | 973 | if( eType==0 ){ |
| 963 | - int nNonHack = nPanic + nHang + nOther; | |
| 974 | + int nNonHack = nPanic + nHang + nAuth + nOther; | |
| 964 | 975 | int nTotal = nNonHack + nHack + nXPost; |
| 965 | 976 | @ <p><table border="a" cellspacing="0" cellpadding="5"> |
| 966 | 977 | if( nPanic>0 ){ |
| 967 | 978 | @ <tr><td align="right">%d(nPanic)</td> |
| 968 | 979 | @ <td><a href="./errorlog?y=2">Panics</a></td> |
| @@ -971,23 +982,23 @@ | ||
| 971 | 982 | @ <tr><td align="right">%d(nHack)</td> |
| 972 | 983 | @ <td><a href="./errorlog?y=1">Hack Attempts</a></td> |
| 973 | 984 | } |
| 974 | 985 | if( nHang>0 ){ |
| 975 | 986 | @ <tr><td align="right">%d(nHang)</td> |
| 976 | - @ <td><a href="./errorlog?y=4/">Hung Backoffice</a></td> | |
| 987 | + @ <td><a href="./errorlog?y=4">Hung Backoffice</a></td> | |
| 977 | 988 | } |
| 978 | 989 | if( nXPost>0 ){ |
| 979 | 990 | @ <tr><td align="right">%d(nXPost)</td> |
| 980 | - @ <td><a href="./errorlog?y=8/">POSTs from different origin</a></td> | |
| 991 | + @ <td><a href="./errorlog?y=8">POSTs from different origin</a></td> | |
| 992 | + } | |
| 993 | + if( nAuth>0 ){ | |
| 994 | + @ <tr><td align="right">%d(nAuth)</td> | |
| 995 | + @ <td><a href="./errorlog?y=16">SQLITE_AUTH and similar</a></td> | |
| 981 | 996 | } |
| 982 | 997 | if( nOther>0 ){ |
| 983 | 998 | @ <tr><td align="right">%d(nOther)</td> |
| 984 | - @ <td><a href="./errorlog?y=64/">Other</a></td> | |
| 985 | - } | |
| 986 | - if( nHack+nXPost>0 && nNonHack>0 ){ | |
| 987 | - @ <tr><td align="right">%d(nNonHack)</td> | |
| 988 | - @ <td><a href="%R/errorlog?y=70">Other than hack attempts</a></td> | |
| 999 | + @ <td><a href="./errorlog?y=64">Other</a></td> | |
| 989 | 1000 | } |
| 990 | 1001 | @ <tr><td align="right">%d(nTotal)</td> |
| 991 | 1002 | if( nTotal>0 ){ |
| 992 | 1003 | @ <td><a href="./errorlog?y=255">All Messages</a></td> |
| 993 | 1004 | }else{ |
| 994 | 1005 |
| --- src/security_audit.c | |
| +++ src/security_audit.c | |
| @@ -814,10 +814,11 @@ | |
| 814 | ** |
| 815 | ** y=0x01 Show only hack attempts |
| 816 | ** y=0x02 Show only panics and assertion faults |
| 817 | ** y=0x04 Show hung backoffice processes |
| 818 | ** y=0x08 Show POST requests from a different origin |
| 819 | ** y=0x40 Show other uncategorized messages |
| 820 | ** |
| 821 | ** If y is omitted or is zero, a count of the various message types is |
| 822 | ** shown. |
| 823 | */ |
| @@ -824,19 +825,20 @@ | |
| 824 | void errorlog_page(void){ |
| 825 | i64 szFile; |
| 826 | FILE *in; |
| 827 | char *zLog; |
| 828 | const char *zType = P("y"); |
| 829 | static const int eAllTypes = 0x4f; |
| 830 | long eType = 0; |
| 831 | int bOutput = 0; |
| 832 | int prevWasTime = 0; |
| 833 | int nHack = 0; |
| 834 | int nPanic = 0; |
| 835 | int nOther = 0; |
| 836 | int nHang = 0; |
| 837 | int nXPost = 0; |
| 838 | char z[10000]; |
| 839 | char zTime[10000]; |
| 840 | |
| 841 | login_check_credentials(); |
| 842 | if( !g.perm.Admin ){ |
| @@ -906,10 +908,13 @@ | |
| 906 | @ <li>Hung backoffice processes |
| 907 | } |
| 908 | if( eType & 0x08 ){ |
| 909 | @ <li>POST requests from different origin |
| 910 | } |
| 911 | if( eType & 0x40 ){ |
| 912 | @ <li>Other uncategorized messages |
| 913 | } |
| 914 | @ </ul> |
| 915 | } |
| @@ -933,10 +938,16 @@ | |
| 933 | }else |
| 934 | if( sqlite3_strglob("warning: POST from different origin*",z)==0 ){ |
| 935 | bOutput = (eType & 0x08)!=0; |
| 936 | nXPost++; |
| 937 | }else |
| 938 | { |
| 939 | bOutput = (eType & 0x40)!=0; |
| 940 | nOther++; |
| 941 | } |
| 942 | if( bOutput ){ |
| @@ -958,11 +969,11 @@ | |
| 958 | fclose(in); |
| 959 | if( eType ){ |
| 960 | @ </pre> |
| 961 | } |
| 962 | if( eType==0 ){ |
| 963 | int nNonHack = nPanic + nHang + nOther; |
| 964 | int nTotal = nNonHack + nHack + nXPost; |
| 965 | @ <p><table border="a" cellspacing="0" cellpadding="5"> |
| 966 | if( nPanic>0 ){ |
| 967 | @ <tr><td align="right">%d(nPanic)</td> |
| 968 | @ <td><a href="./errorlog?y=2">Panics</a></td> |
| @@ -971,23 +982,23 @@ | |
| 971 | @ <tr><td align="right">%d(nHack)</td> |
| 972 | @ <td><a href="./errorlog?y=1">Hack Attempts</a></td> |
| 973 | } |
| 974 | if( nHang>0 ){ |
| 975 | @ <tr><td align="right">%d(nHang)</td> |
| 976 | @ <td><a href="./errorlog?y=4/">Hung Backoffice</a></td> |
| 977 | } |
| 978 | if( nXPost>0 ){ |
| 979 | @ <tr><td align="right">%d(nXPost)</td> |
| 980 | @ <td><a href="./errorlog?y=8/">POSTs from different origin</a></td> |
| 981 | } |
| 982 | if( nOther>0 ){ |
| 983 | @ <tr><td align="right">%d(nOther)</td> |
| 984 | @ <td><a href="./errorlog?y=64/">Other</a></td> |
| 985 | } |
| 986 | if( nHack+nXPost>0 && nNonHack>0 ){ |
| 987 | @ <tr><td align="right">%d(nNonHack)</td> |
| 988 | @ <td><a href="%R/errorlog?y=70">Other than hack attempts</a></td> |
| 989 | } |
| 990 | @ <tr><td align="right">%d(nTotal)</td> |
| 991 | if( nTotal>0 ){ |
| 992 | @ <td><a href="./errorlog?y=255">All Messages</a></td> |
| 993 | }else{ |
| 994 |
| --- src/security_audit.c | |
| +++ src/security_audit.c | |
| @@ -814,10 +814,11 @@ | |
| 814 | ** |
| 815 | ** y=0x01 Show only hack attempts |
| 816 | ** y=0x02 Show only panics and assertion faults |
| 817 | ** y=0x04 Show hung backoffice processes |
| 818 | ** y=0x08 Show POST requests from a different origin |
| 819 | ** y=0x10 Show SQLITE_AUTH and similar |
| 820 | ** y=0x40 Show other uncategorized messages |
| 821 | ** |
| 822 | ** If y is omitted or is zero, a count of the various message types is |
| 823 | ** shown. |
| 824 | */ |
| @@ -824,19 +825,20 @@ | |
| 825 | void errorlog_page(void){ |
| 826 | i64 szFile; |
| 827 | FILE *in; |
| 828 | char *zLog; |
| 829 | const char *zType = P("y"); |
| 830 | static const int eAllTypes = 0x5f; |
| 831 | long eType = 0; |
| 832 | int bOutput = 0; |
| 833 | int prevWasTime = 0; |
| 834 | int nHack = 0; |
| 835 | int nPanic = 0; |
| 836 | int nOther = 0; |
| 837 | int nHang = 0; |
| 838 | int nXPost = 0; |
| 839 | int nAuth = 0; |
| 840 | char z[10000]; |
| 841 | char zTime[10000]; |
| 842 | |
| 843 | login_check_credentials(); |
| 844 | if( !g.perm.Admin ){ |
| @@ -906,10 +908,13 @@ | |
| 908 | @ <li>Hung backoffice processes |
| 909 | } |
| 910 | if( eType & 0x08 ){ |
| 911 | @ <li>POST requests from different origin |
| 912 | } |
| 913 | if( eType & 0x10 ){ |
| 914 | @ <li>SQLITE_AUTH and similar errors |
| 915 | } |
| 916 | if( eType & 0x40 ){ |
| 917 | @ <li>Other uncategorized messages |
| 918 | } |
| 919 | @ </ul> |
| 920 | } |
| @@ -933,10 +938,16 @@ | |
| 938 | }else |
| 939 | if( sqlite3_strglob("warning: POST from different origin*",z)==0 ){ |
| 940 | bOutput = (eType & 0x08)!=0; |
| 941 | nXPost++; |
| 942 | }else |
| 943 | if( sqlite3_strglob("SECURITY: authorizer blocks*",z)==0 |
| 944 | || sqlite3_strglob("warning: SQLITE_AUTH*",z)==0 |
| 945 | ){ |
| 946 | bOutput = (eType & 0x10)!=0; |
| 947 | nAuth++; |
| 948 | }else |
| 949 | { |
| 950 | bOutput = (eType & 0x40)!=0; |
| 951 | nOther++; |
| 952 | } |
| 953 | if( bOutput ){ |
| @@ -958,11 +969,11 @@ | |
| 969 | fclose(in); |
| 970 | if( eType ){ |
| 971 | @ </pre> |
| 972 | } |
| 973 | if( eType==0 ){ |
| 974 | int nNonHack = nPanic + nHang + nAuth + nOther; |
| 975 | int nTotal = nNonHack + nHack + nXPost; |
| 976 | @ <p><table border="a" cellspacing="0" cellpadding="5"> |
| 977 | if( nPanic>0 ){ |
| 978 | @ <tr><td align="right">%d(nPanic)</td> |
| 979 | @ <td><a href="./errorlog?y=2">Panics</a></td> |
| @@ -971,23 +982,23 @@ | |
| 982 | @ <tr><td align="right">%d(nHack)</td> |
| 983 | @ <td><a href="./errorlog?y=1">Hack Attempts</a></td> |
| 984 | } |
| 985 | if( nHang>0 ){ |
| 986 | @ <tr><td align="right">%d(nHang)</td> |
| 987 | @ <td><a href="./errorlog?y=4">Hung Backoffice</a></td> |
| 988 | } |
| 989 | if( nXPost>0 ){ |
| 990 | @ <tr><td align="right">%d(nXPost)</td> |
| 991 | @ <td><a href="./errorlog?y=8">POSTs from different origin</a></td> |
| 992 | } |
| 993 | if( nAuth>0 ){ |
| 994 | @ <tr><td align="right">%d(nAuth)</td> |
| 995 | @ <td><a href="./errorlog?y=16">SQLITE_AUTH and similar</a></td> |
| 996 | } |
| 997 | if( nOther>0 ){ |
| 998 | @ <tr><td align="right">%d(nOther)</td> |
| 999 | @ <td><a href="./errorlog?y=64">Other</a></td> |
| 1000 | } |
| 1001 | @ <tr><td align="right">%d(nTotal)</td> |
| 1002 | if( nTotal>0 ){ |
| 1003 | @ <td><a href="./errorlog?y=255">All Messages</a></td> |
| 1004 | }else{ |
| 1005 |