From 283fcccc7dc71234abcf674d76b1a56d8d6f1231 Mon Sep 17 00:00:00 2001 From: levy Date: Fri, 14 Aug 2020 14:44:38 +0800 Subject: [PATCH 01/10] feat(security): init sasl --- include/dsn/utility/error_code.h | 1 + src/runtime/security/sasl_utils.cpp | 140 ++++++++++++++++++++++++++++ src/runtime/security/sasl_utils.h | 21 +++++ 3 files changed, 162 insertions(+) create mode 100644 src/runtime/security/sasl_utils.cpp create mode 100644 src/runtime/security/sasl_utils.h diff --git a/include/dsn/utility/error_code.h b/include/dsn/utility/error_code.h index cebe2b62be..ce561c183f 100644 --- a/include/dsn/utility/error_code.h +++ b/include/dsn/utility/error_code.h @@ -121,4 +121,5 @@ DEFINE_ERR_CODE(ERR_ZOOKEEPER_OPERATION) DEFINE_ERR_CODE(ERR_CHILD_REGISTERED) DEFINE_ERR_CODE(ERR_INGESTION_FAILED) +DEFINE_ERR_CODE(ERR_SASL_INTERNAL) } // namespace dsn diff --git a/src/runtime/security/sasl_utils.cpp b/src/runtime/security/sasl_utils.cpp new file mode 100644 index 0000000000..d7db2b1b45 --- /dev/null +++ b/src/runtime/security/sasl_utils.cpp @@ -0,0 +1,140 @@ +// Copyright (c) 2017, Xiaomi, Inc. All rights reserved. +// This source code is licensed under the Apache License Version 2.0, which +// can be found in the LICENSE file in the root directory of this source tree. + +#include "sasl_utils.h" + +#include +#include +#include +#include + +namespace dsn { +namespace security { +DSN_DEFINE_string("security", sasl_plugin_path, "/usr/lib/sasl2", "path to search sasl plugins"); + +const char *logger_level_to_string(int level) +{ + switch (level) { + case SASL_LOG_NONE: + return "SASL_LOG_NONE"; + case SASL_LOG_ERR: + return "SASL_LOG_ERR"; + case SASL_LOG_FAIL: + return "SASL_LOG_FAIL"; + case SASL_LOG_WARN: + return "SASL_LOG_WARN"; + case SASL_LOG_NOTE: + return "SASL_LOG_NOTE"; + case SASL_LOG_DEBUG: + return "SASL_LOG_DEBUG"; + case SASL_LOG_TRACE: + return "SASL_LOG_TRACE"; + case SASL_LOG_PASS: + return "SASL_LOG_PASS"; + default: + return "Unkown SASL log level"; + } +} + +int sasl_simple_logger(void *context, int level, const char *msg) +{ + if (level == SASL_LOG_NONE || nullptr == msg) { + return SASL_OK; + } + + ddebug_f("sasl log info: log level = {}, message = {}", logger_level_to_string(level), msg); + return SASL_OK; +} + +int get_path(void *context, char **path) +{ + if (nullptr == path) { + return SASL_BADPARAM; + } + *path = const_cast(FLAGS_sasl_plugin_path); + return SASL_OK; +} + +int get_username(void *context, int id, const char **result, unsigned *len) +{ + if (nullptr == result) { + return SASL_BADPARAM; + } + // TODO(zlw) + //static std::string username = get_username(); + std::string username; + switch (id) { + case SASL_CB_USER: + case SASL_CB_AUTHNAME: + *result = username.c_str(); + if (len != nullptr) { + *len = username.length(); + } + return SASL_OK; + default: + dassert_f(false, "unexpected SASL callback type: {}", id); + return SASL_BADPARAM; + } +} + +sasl_callback_t client_callbacks[] = {{SASL_CB_USER, (sasl_callback_ft)&get_username, nullptr}, + {SASL_CB_GETPATH, (sasl_callback_ft)&get_path, nullptr}, + {SASL_CB_AUTHNAME, (sasl_callback_ft)&get_username, nullptr}, + {SASL_CB_LOG, (sasl_callback_ft)&sasl_simple_logger, nullptr}, + {SASL_CB_LIST_END, nullptr, nullptr}}; + +sasl_callback_t server_callbacks[] = {{SASL_CB_LOG, (sasl_callback_ft)&sasl_simple_logger, nullptr}, + {SASL_CB_GETPATH, (sasl_callback_ft)&get_path, nullptr}, + {SASL_CB_LIST_END, nullptr, nullptr}}; + +// provide mutex function for sasl +void *sasl_mutex_alloc_local() { return static_cast(new utils::ex_lock_nr); } + +void sasl_mutex_free_local(void *m) { delete static_cast(m); } + +int sasl_mutex_lock_local(void *m) +{ + static_cast(m)->lock(); + return 0; +} + +int sasl_mutex_unlock_local(void *m) +{ + static_cast(m)->unlock(); + return 0; +} + +void sasl_set_mutex_local() +{ + sasl_set_mutex(&sasl_mutex_alloc_local, + &sasl_mutex_lock_local, + &sasl_mutex_unlock_local, + &sasl_mutex_free_local); +} + +error_s sasl_init(bool is_server) +{ + sasl_set_mutex_local(); + int err = 0; + err = sasl_client_init(&client_callbacks[0]); + error_s ret = error_s::make(ERR_OK); + if (err != SASL_OK) { + ret = error_s::make(ERR_SASL_INTERNAL); + ret << "initialize sasl client failed with error: " + << sasl_errstring(err, nullptr, nullptr); + return ret; + } + if (is_server) { + err = sasl_server_init(&server_callbacks[0], "pegasus"); + if (err != SASL_OK) { + ret = error_s::make(ERR_SASL_INTERNAL); + ret << "initialize sasl server failed with error: " + << sasl_errstring(err, nullptr, nullptr); + return ret; + } + } + return ret; +} +} // namespace security +} // namespace dsn diff --git a/src/runtime/security/sasl_utils.h b/src/runtime/security/sasl_utils.h new file mode 100644 index 0000000000..179b95e0ae --- /dev/null +++ b/src/runtime/security/sasl_utils.h @@ -0,0 +1,21 @@ +// Copyright (c) 2017, Xiaomi, Inc. All rights reserved. +// This source code is licensed under the Apache License Version 2.0, which +// can be found in the LICENSE file in the root directory of this source tree. + +#pragma once + +#include "kerberos_utils.h" + +#include +#include +#include + +#include + +namespace dsn { +namespace security { +// before call sasl_init, you must call init_kerberos() +error_s sasl_init(bool is_server); + +} // namespace security +} // namespace dsn From 02d739e5084964ba7003a3a968ae1af05634bcc5 Mon Sep 17 00:00:00 2001 From: levy Date: Fri, 14 Aug 2020 15:10:15 +0800 Subject: [PATCH 02/10] refactor --- src/runtime/security/sasl_utils.cpp | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/src/runtime/security/sasl_utils.cpp b/src/runtime/security/sasl_utils.cpp index d7db2b1b45..7d79c31950 100644 --- a/src/runtime/security/sasl_utils.cpp +++ b/src/runtime/security/sasl_utils.cpp @@ -47,7 +47,7 @@ int sasl_simple_logger(void *context, int level, const char *msg) return SASL_OK; } -int get_path(void *context, char **path) +int sasl_get_path(void *context, char **path) { if (nullptr == path) { return SASL_BADPARAM; @@ -56,13 +56,13 @@ int get_path(void *context, char **path) return SASL_OK; } -int get_username(void *context, int id, const char **result, unsigned *len) +int sasl_get_username(void *context, int id, const char **result, unsigned *len) { if (nullptr == result) { return SASL_BADPARAM; } // TODO(zlw) - //static std::string username = get_username(); + // static std::string username = get_username(); std::string username; switch (id) { case SASL_CB_USER: @@ -78,14 +78,15 @@ int get_username(void *context, int id, const char **result, unsigned *len) } } -sasl_callback_t client_callbacks[] = {{SASL_CB_USER, (sasl_callback_ft)&get_username, nullptr}, - {SASL_CB_GETPATH, (sasl_callback_ft)&get_path, nullptr}, - {SASL_CB_AUTHNAME, (sasl_callback_ft)&get_username, nullptr}, - {SASL_CB_LOG, (sasl_callback_ft)&sasl_simple_logger, nullptr}, - {SASL_CB_LIST_END, nullptr, nullptr}}; +sasl_callback_t client_callbacks[] = { + {SASL_CB_USER, (sasl_callback_ft)&sasl_get_username, nullptr}, + {SASL_CB_GETPATH, (sasl_callback_ft)&sasl_get_path, nullptr}, + {SASL_CB_AUTHNAME, (sasl_callback_ft)&sasl_get_username, nullptr}, + {SASL_CB_LOG, (sasl_callback_ft)&sasl_simple_logger, nullptr}, + {SASL_CB_LIST_END, nullptr, nullptr}}; sasl_callback_t server_callbacks[] = {{SASL_CB_LOG, (sasl_callback_ft)&sasl_simple_logger, nullptr}, - {SASL_CB_GETPATH, (sasl_callback_ft)&get_path, nullptr}, + {SASL_CB_GETPATH, (sasl_callback_ft)&sasl_get_path, nullptr}, {SASL_CB_LIST_END, nullptr, nullptr}}; // provide mutex function for sasl From 41cc333cf42b0cf4ac1b10683d151cac0187f229 Mon Sep 17 00:00:00 2001 From: levy Date: Fri, 21 Aug 2020 16:03:34 +0800 Subject: [PATCH 03/10] refactor --- src/runtime/security/init.cpp | 8 +++++-- src/runtime/security/kinit_context.cpp | 11 +++++----- src/runtime/security/kinit_context.h | 1 + src/runtime/security/sasl_utils.cpp | 30 ++++++++++++++++++++------ src/runtime/security/sasl_utils.h | 30 +++++++++++++++----------- 5 files changed, 53 insertions(+), 27 deletions(-) diff --git a/src/runtime/security/init.cpp b/src/runtime/security/init.cpp index 53698557f9..c406eff9d8 100644 --- a/src/runtime/security/init.cpp +++ b/src/runtime/security/init.cpp @@ -16,6 +16,7 @@ // under the License. #include "kinit_context.h" +#include "sasl_utils.h" #include #include @@ -53,9 +54,12 @@ bool init(bool is_server) derror_f("initialize kerberos failed, with err = {}", err.description()); return false; } - ddebug("initialize kerberos succeed"); - // TODO(zlw): init sasl + err = init_sasl(is_server); + if (!err.is_ok()) { + derror_f("initialize sasl failed, with err = {}", err.description()); + return false; + } return true; } diff --git a/src/runtime/security/kinit_context.cpp b/src/runtime/security/kinit_context.cpp index 4c86fb2aed..74df7f0e58 100644 --- a/src/runtime/security/kinit_context.cpp +++ b/src/runtime/security/kinit_context.cpp @@ -71,13 +71,15 @@ error_s check_configuration() return error_s::ok(); } -class kinit_context +class kinit_context : public utils::singleton { public: kinit_context() : _opt(nullptr) {} virtual ~kinit_context(); + // implementation of 'kinit -k -t ' error_s kinit(); + const std::string username() const { return _user_name; } private: // init kerberos context @@ -310,11 +312,8 @@ error_s kinit_context::wrap_krb5_err(krb5_error_code krb5_err, const std::string return result_err; } -error_s run_kinit() -{ - static kinit_context context; - return context.kinit(); -} +error_s run_kinit() { return kinit_context::instance().kinit(); } +const std::string get_username() { return kinit_context::instance().username(); } } // namespace security } // namespace dsn diff --git a/src/runtime/security/kinit_context.h b/src/runtime/security/kinit_context.h index cb12f75682..2238e1f284 100644 --- a/src/runtime/security/kinit_context.h +++ b/src/runtime/security/kinit_context.h @@ -22,5 +22,6 @@ namespace dsn { namespace security { extern error_s run_kinit(); +extern const std::string get_username(); } // namespace security } // namespace dsn diff --git a/src/runtime/security/sasl_utils.cpp b/src/runtime/security/sasl_utils.cpp index 7d79c31950..dcf8295ac8 100644 --- a/src/runtime/security/sasl_utils.cpp +++ b/src/runtime/security/sasl_utils.cpp @@ -1,8 +1,26 @@ -// Copyright (c) 2017, Xiaomi, Inc. All rights reserved. -// This source code is licensed under the Apache License Version 2.0, which -// can be found in the LICENSE file in the root directory of this source tree. +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. #include "sasl_utils.h" +#include "kinit_context.h" + +#include +#include +#include #include #include @@ -61,9 +79,7 @@ int sasl_get_username(void *context, int id, const char **result, unsigned *len) if (nullptr == result) { return SASL_BADPARAM; } - // TODO(zlw) - // static std::string username = get_username(); - std::string username; + static const std::string username = get_username(); switch (id) { case SASL_CB_USER: case SASL_CB_AUTHNAME: @@ -114,7 +130,7 @@ void sasl_set_mutex_local() &sasl_mutex_free_local); } -error_s sasl_init(bool is_server) +error_s init_sasl(bool is_server) { sasl_set_mutex_local(); int err = 0; diff --git a/src/runtime/security/sasl_utils.h b/src/runtime/security/sasl_utils.h index 179b95e0ae..2baeb47cef 100644 --- a/src/runtime/security/sasl_utils.h +++ b/src/runtime/security/sasl_utils.h @@ -1,21 +1,27 @@ -// Copyright (c) 2017, Xiaomi, Inc. All rights reserved. -// This source code is licensed under the Apache License Version 2.0, which -// can be found in the LICENSE file in the root directory of this source tree. +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. #pragma once -#include "kerberos_utils.h" - -#include -#include -#include - #include namespace dsn { namespace security { -// before call sasl_init, you must call init_kerberos() -error_s sasl_init(bool is_server); - +// you must have already initialized kerberos before call init_sasl +error_s init_sasl(bool is_server); } // namespace security } // namespace dsn From 051d11aca1422957d1669f8c6edfe1e55903111a Mon Sep 17 00:00:00 2001 From: levy Date: Fri, 21 Aug 2020 16:16:52 +0800 Subject: [PATCH 04/10] fix --- src/runtime/security/sasl_utils.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/runtime/security/sasl_utils.cpp b/src/runtime/security/sasl_utils.cpp index dcf8295ac8..0b5c6689b8 100644 --- a/src/runtime/security/sasl_utils.cpp +++ b/src/runtime/security/sasl_utils.cpp @@ -57,7 +57,7 @@ const char *logger_level_to_string(int level) int sasl_simple_logger(void *context, int level, const char *msg) { - if (level == SASL_LOG_NONE || nullptr == msg) { + if (SASL_LOG_NONE == level || nullptr == msg) { return SASL_OK; } From 2852a916d9f431417c4e396111d3df1b63471c24 Mon Sep 17 00:00:00 2001 From: levy Date: Fri, 21 Aug 2020 18:25:43 +0800 Subject: [PATCH 05/10] fix --- include/dsn/utility/error_code.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/dsn/utility/error_code.h b/include/dsn/utility/error_code.h index 643319ec7a..61be86f868 100644 --- a/include/dsn/utility/error_code.h +++ b/include/dsn/utility/error_code.h @@ -122,5 +122,6 @@ DEFINE_ERR_CODE(ERR_CHILD_REGISTERED) DEFINE_ERR_CODE(ERR_INGESTION_FAILED) DEFINE_ERR_CODE(ERR_UNAUTHENTICATED) DEFINE_ERR_CODE(ERR_KRB5_INTERNAL) + DEFINE_ERR_CODE(ERR_SASL_INTERNAL) } // namespace dsn From fa5d186b1e572bcb6ee9c45d7d953b5bab6ac791 Mon Sep 17 00:00:00 2001 From: levy Date: Mon, 24 Aug 2020 10:32:34 +0800 Subject: [PATCH 06/10] fix --- src/runtime/security/init.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/runtime/security/init.cpp b/src/runtime/security/init.cpp index c406eff9d8..b7c7b4edc0 100644 --- a/src/runtime/security/init.cpp +++ b/src/runtime/security/init.cpp @@ -54,12 +54,14 @@ bool init(bool is_server) derror_f("initialize kerberos failed, with err = {}", err.description()); return false; } + ddebug("initialize kerberos succeed"); err = init_sasl(is_server); if (!err.is_ok()) { derror_f("initialize sasl failed, with err = {}", err.description()); return false; } + ddebug("initialize sasl succeed"); return true; } From 127b4dcedb7158126cfd972badb1a86dd128be79 Mon Sep 17 00:00:00 2001 From: levy Date: Mon, 24 Aug 2020 13:33:35 +0800 Subject: [PATCH 07/10] fix --- src/runtime/security/kinit_context.cpp | 11 +++++++---- src/runtime/security/kinit_context.h | 2 +- src/runtime/security/sasl_utils.cpp | 3 +-- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/runtime/security/kinit_context.cpp b/src/runtime/security/kinit_context.cpp index 74df7f0e58..92e64430eb 100644 --- a/src/runtime/security/kinit_context.cpp +++ b/src/runtime/security/kinit_context.cpp @@ -74,14 +74,15 @@ error_s check_configuration() class kinit_context : public utils::singleton { public: - kinit_context() : _opt(nullptr) {} - virtual ~kinit_context(); + ~kinit_context(); // implementation of 'kinit -k -t ' error_s kinit(); - const std::string username() const { return _user_name; } + const std::string &username() const { return _user_name; } private: + kinit_context() : _opt(nullptr) {} + // init kerberos context void init_krb5_ctx(); @@ -111,6 +112,8 @@ class kinit_context : public utils::singleton uint64_t _cred_expire_timestamp; std::shared_ptr _timer; + + friend class utils::singleton; }; kinit_context::~kinit_context() { krb5_get_init_creds_opt_free(_krb5_context, _opt); } @@ -314,6 +317,6 @@ error_s kinit_context::wrap_krb5_err(krb5_error_code krb5_err, const std::string error_s run_kinit() { return kinit_context::instance().kinit(); } -const std::string get_username() { return kinit_context::instance().username(); } +const std::string &get_username() { return kinit_context::instance().username(); } } // namespace security } // namespace dsn diff --git a/src/runtime/security/kinit_context.h b/src/runtime/security/kinit_context.h index 2238e1f284..6ea6f56a08 100644 --- a/src/runtime/security/kinit_context.h +++ b/src/runtime/security/kinit_context.h @@ -22,6 +22,6 @@ namespace dsn { namespace security { extern error_s run_kinit(); -extern const std::string get_username(); +extern const std::string &get_username(); } // namespace security } // namespace dsn diff --git a/src/runtime/security/sasl_utils.cpp b/src/runtime/security/sasl_utils.cpp index 0b5c6689b8..361920c102 100644 --- a/src/runtime/security/sasl_utils.cpp +++ b/src/runtime/security/sasl_utils.cpp @@ -133,8 +133,7 @@ void sasl_set_mutex_local() error_s init_sasl(bool is_server) { sasl_set_mutex_local(); - int err = 0; - err = sasl_client_init(&client_callbacks[0]); + int err = sasl_client_init(&client_callbacks[0]); error_s ret = error_s::make(ERR_OK); if (err != SASL_OK) { ret = error_s::make(ERR_SASL_INTERNAL); From 0185e389dc3ba7405baf2fc4f7f0737f43f32394 Mon Sep 17 00:00:00 2001 From: levy Date: Mon, 24 Aug 2020 17:02:52 +0800 Subject: [PATCH 08/10] fix --- src/runtime/security/sasl_utils.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/runtime/security/sasl_utils.cpp b/src/runtime/security/sasl_utils.cpp index 361920c102..ef09fd97ca 100644 --- a/src/runtime/security/sasl_utils.cpp +++ b/src/runtime/security/sasl_utils.cpp @@ -124,6 +124,7 @@ int sasl_mutex_unlock_local(void *m) void sasl_set_mutex_local() { + // sasl_set_mutex is a function in sasl_set_mutex(&sasl_mutex_alloc_local, &sasl_mutex_lock_local, &sasl_mutex_unlock_local, From 27592d8da1e7f297800b1399fef6f92314476842 Mon Sep 17 00:00:00 2001 From: levy Date: Mon, 24 Aug 2020 19:35:50 +0800 Subject: [PATCH 09/10] fix --- src/runtime/security/kinit_context.cpp | 2 +- src/runtime/security/sasl_utils.cpp | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/runtime/security/kinit_context.cpp b/src/runtime/security/kinit_context.cpp index 92e64430eb..70a5e60a9e 100644 --- a/src/runtime/security/kinit_context.cpp +++ b/src/runtime/security/kinit_context.cpp @@ -81,7 +81,7 @@ class kinit_context : public utils::singleton const std::string &username() const { return _user_name; } private: - kinit_context() : _opt(nullptr) {} + kinit_context() = default; // init kerberos context void init_krb5_ctx(); diff --git a/src/runtime/security/sasl_utils.cpp b/src/runtime/security/sasl_utils.cpp index ef09fd97ca..b5763b5f3d 100644 --- a/src/runtime/security/sasl_utils.cpp +++ b/src/runtime/security/sasl_utils.cpp @@ -133,6 +133,8 @@ void sasl_set_mutex_local() error_s init_sasl(bool is_server) { + // server is also a client to other server. + // for example: replica server is a client of meta server. sasl_set_mutex_local(); int err = sasl_client_init(&client_callbacks[0]); error_s ret = error_s::make(ERR_OK); From e45dfed4cda9cf505e2c9fca4d35b3e2903a0310 Mon Sep 17 00:00:00 2001 From: levy Date: Tue, 25 Aug 2020 14:56:32 +0800 Subject: [PATCH 10/10] fix --- src/runtime/security/sasl_utils.cpp | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/src/runtime/security/sasl_utils.cpp b/src/runtime/security/sasl_utils.cpp index b5763b5f3d..2d637b163f 100644 --- a/src/runtime/security/sasl_utils.cpp +++ b/src/runtime/security/sasl_utils.cpp @@ -31,27 +31,20 @@ namespace dsn { namespace security { DSN_DEFINE_string("security", sasl_plugin_path, "/usr/lib/sasl2", "path to search sasl plugins"); -const char *logger_level_to_string(int level) +dsn_log_level_t get_dsn_log_level(int level) { + // The log levels of LOG_LEVEL_DEBUG and LOG_LEVEL_INFORMATION are in reverse order. + // So here we should compatible with this case. switch (level) { - case SASL_LOG_NONE: - return "SASL_LOG_NONE"; case SASL_LOG_ERR: - return "SASL_LOG_ERR"; + return LOG_LEVEL_ERROR; case SASL_LOG_FAIL: - return "SASL_LOG_FAIL"; case SASL_LOG_WARN: - return "SASL_LOG_WARN"; + return LOG_LEVEL_WARNING; case SASL_LOG_NOTE: - return "SASL_LOG_NOTE"; - case SASL_LOG_DEBUG: - return "SASL_LOG_DEBUG"; - case SASL_LOG_TRACE: - return "SASL_LOG_TRACE"; - case SASL_LOG_PASS: - return "SASL_LOG_PASS"; + return LOG_LEVEL_DEBUG; default: - return "Unkown SASL log level"; + return LOG_LEVEL_INFORMATION; } } @@ -61,7 +54,7 @@ int sasl_simple_logger(void *context, int level, const char *msg) return SASL_OK; } - ddebug_f("sasl log info: log level = {}, message = {}", logger_level_to_string(level), msg); + dlog_f(get_dsn_log_level(level), "sasl log info: {}", msg); return SASL_OK; }