From 1db77ee6bd54011cd78c375d39523ca237fc8ed0 Mon Sep 17 00:00:00 2001
From: Lauri Kasanen <cand@gmx.com>
Date: Fri, 2 Oct 2020 14:43:19 +0300
Subject: [PATCH] Add some basicauth logging (most debug/verbose only)

---
 common/network/websocket.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/common/network/websocket.c b/common/network/websocket.c
index 868ccef..3bc3b7f 100644
--- a/common/network/websocket.c
+++ b/common/network/websocket.c
@@ -882,6 +882,7 @@ ws_ctx_t *do_handshake(int sock) {
     if ((colon = strchr(settings.basicauth, ':'))) {
         const char *hdr = strstr(handshake, "Authorization: Basic ");
         if (!hdr) {
+            handler_emsg("BasicAuth required, but client didn't send any. 401 Unauth\n");
             sprintf(response, "HTTP/1.1 401 Unauthorized\r\n"
                               "WWW-Authenticate: Basic realm=\"Websockify\"\r\n"
                               "\r\n");
@@ -893,6 +894,7 @@ ws_ctx_t *do_handshake(int sock) {
         hdr += sizeof("Authorization: Basic ") - 1;
         const char *end = strchr(hdr, '\r');
         if (!end || end - hdr > 256) {
+            handler_emsg("Client sent invalid BasicAuth, dropping connection\n");
             free_ws_ctx(ws_ctx);
             return NULL;
         }
@@ -915,6 +917,7 @@ ws_ctx_t *do_handshake(int sock) {
                 char pwbuf[4096];
                 FILE *f = fopen(settings.passwdfile, "r");
                 if (f) {
+                    handler_emsg("BasicAuth reading password from %s\n", settings.passwdfile);
                     const unsigned len = fread(pwbuf, 1, 4096, f);
                     fclose(f);
                     pwbuf[4095] = '\0';
@@ -930,6 +933,10 @@ ws_ctx_t *do_handshake(int sock) {
                     snprintf(pwbuf, 4096, "%s%s", response, encrypted);
                     pwbuf[4095] = '\0';
                     strcpy(response, pwbuf);
+                } else {
+                    fprintf(stderr, " websocket %d: Error: BasicAuth configured to read password from file %s, but the file doesn't exist\n",
+                            wsthread_handler_id,
+                            settings.passwdfile);
                 }
             } else {
                 // Client tried an empty password, just fail them
@@ -938,12 +945,14 @@ ws_ctx_t *do_handshake(int sock) {
         }
 
         if (len <= 0 || strcmp(authbuf, response)) {
+            handler_emsg("BasicAuth user/pw did not match\n");
             sprintf(response, "HTTP/1.1 401 Forbidden\r\n"
                               "\r\n");
             ws_send(ws_ctx, response, strlen(response));
             free_ws_ctx(ws_ctx);
             return NULL;
         }
+        handler_emsg("BasicAuth matched\n");
     }
 
     //handler_msg("handshake: %s\n", handshake);