logger: add cipher suite

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino 2024-11-13 18:33:07 +01:00
parent 618723c457
commit 0f073a40fd
No known key found for this signature in database
GPG key ID: 935D2952DEC4EECF
2 changed files with 30 additions and 12 deletions

View file

@ -15,6 +15,7 @@
package logger package logger
import ( import (
"crypto/tls"
"fmt" "fmt"
"net" "net"
"net/http" "net/http"
@ -50,8 +51,10 @@ func NewStructuredLogger(logger *zerolog.Logger) func(next http.Handler) http.Ha
// NewLogEntry creates a new log entry for an HTTP request // NewLogEntry creates a new log entry for an HTTP request
func (l *StructuredLogger) NewLogEntry(r *http.Request) middleware.LogEntry { func (l *StructuredLogger) NewLogEntry(r *http.Request) middleware.LogEntry {
scheme := "http" scheme := "http"
cipherSuite := ""
if r.TLS != nil { if r.TLS != nil {
scheme = "https" scheme = "https"
cipherSuite = tls.CipherSuiteName(r.TLS.CipherSuite)
} }
fields := map[string]any{ fields := map[string]any{
@ -60,7 +63,9 @@ func (l *StructuredLogger) NewLogEntry(r *http.Request) middleware.LogEntry {
"proto": r.Proto, "proto": r.Proto,
"method": r.Method, "method": r.Method,
"user_agent": r.UserAgent(), "user_agent": r.UserAgent(),
"uri": fmt.Sprintf("%s://%s%s", scheme, r.Host, r.RequestURI)} "uri": fmt.Sprintf("%s://%s%s", scheme, r.Host, r.RequestURI),
"cipher_suite": cipherSuite,
}
reqID := middleware.GetReqID(r.Context()) reqID := middleware.GetReqID(r.Context())
if reqID != "" { if reqID != "" {

View file

@ -34,6 +34,7 @@ import (
"github.com/go-chi/chi/v5/middleware" "github.com/go-chi/chi/v5/middleware"
"github.com/rs/cors" "github.com/rs/cors"
"github.com/rs/xid" "github.com/rs/xid"
"github.com/rs/zerolog"
"github.com/sftpgo/sdk/plugin/notifier" "github.com/sftpgo/sdk/plugin/notifier"
"github.com/drakkan/sftpgo/v2/internal/common" "github.com/drakkan/sftpgo/v2/internal/common"
@ -390,15 +391,19 @@ func (s *webDavServer) checkRemoteAddress(r *http.Request) string {
func writeLog(r *http.Request, status int, err error) { func writeLog(r *http.Request, status int, err error) {
scheme := "http" scheme := "http"
cipherSuite := ""
if r.TLS != nil { if r.TLS != nil {
scheme = "https" scheme = "https"
cipherSuite = tls.CipherSuiteName(r.TLS.CipherSuite)
} }
fields := map[string]any{ fields := map[string]any{
"remote_addr": r.RemoteAddr, "remote_addr": r.RemoteAddr,
"proto": r.Proto, "proto": r.Proto,
"method": r.Method, "method": r.Method,
"user_agent": r.UserAgent(), "user_agent": r.UserAgent(),
"uri": fmt.Sprintf("%s://%s%s", scheme, r.Host, r.RequestURI)} "uri": fmt.Sprintf("%s://%s%s", scheme, r.Host, r.RequestURI),
"cipher_suite": cipherSuite,
}
if reqID, ok := r.Context().Value(requestIDKey).(string); ok { if reqID, ok := r.Context().Value(requestIDKey).(string); ok {
fields["request_id"] = reqID fields["request_id"] = reqID
} }
@ -417,7 +422,15 @@ func writeLog(r *http.Request, status int, err error) {
if status != 0 { if status != 0 {
fields["resp_status"] = status fields["resp_status"] = status
} }
logger.GetLogger().Info(). var ev *zerolog.Event
if status >= http.StatusInternalServerError {
ev = logger.GetLogger().Error()
} else if status >= http.StatusBadRequest {
ev = logger.GetLogger().Warn()
} else {
ev = logger.GetLogger().Debug()
}
ev.
Timestamp(). Timestamp().
Str("sender", logSender). Str("sender", logSender).
Fields(fields). Fields(fields).