From 407deb17968dfb1256f4be9950c2162d3c430cd1 Mon Sep 17 00:00:00 2001
From: core <core@coredoes.dev>
Date: Sat, 29 Jul 2023 19:36:32 -0400
Subject: [PATCH] clean up dnclient endpoint debug logging

---
 trifid-api/src/codegen/mod.rs        |  6 +-----
 trifid-api/src/routes/v1/dnclient.rs | 10 ++--------
 2 files changed, 3 insertions(+), 13 deletions(-)

diff --git a/trifid-api/src/codegen/mod.rs b/trifid-api/src/codegen/mod.rs
index 1b8df99..683cbae 100644
--- a/trifid-api/src/codegen/mod.rs
+++ b/trifid-api/src/codegen/mod.rs
@@ -16,7 +16,7 @@ use crate::keystore::keystore_init;
 use crate::AppState;
 use ed25519_dalek::SigningKey;
 use ipnet::Ipv4Net;
-use log::{debug, error};
+use log::{error};
 use sea_orm::{ColumnTrait, Condition, EntityTrait, QueryFilter};
 use serde_yaml::{Mapping, Value};
 use trifid_api_entities::entity::{
@@ -47,10 +47,6 @@ pub async fn generate_config(
     _data: &Data<AppState>,
     info: &CodegenRequiredInfo,
 ) -> Result<(NebulaConfig, NebulaCertificate), Box<dyn Error>> {
-    debug!(
-        "chk: deserialize CA cert {:x?}",
-        hex::decode(&info.ca.cert)?
-    );
     // decode the CA data
     let ca_cert = deserialize_nebula_certificate_from_pem(&hex::decode(&info.ca.cert)?)?;
 
diff --git a/trifid-api/src/routes/v1/dnclient.rs b/trifid-api/src/routes/v1/dnclient.rs
index 7e5a482..65b8314 100644
--- a/trifid-api/src/routes/v1/dnclient.rs
+++ b/trifid-api/src/routes/v1/dnclient.rs
@@ -11,7 +11,7 @@ use dnapi_rs::message::{
     SignedResponseWrapper,
 };
 use ed25519_dalek::{Signature, Signer, Verifier, VerifyingKey};
-use log::{debug, error};
+use log::{error, warn};
 use std::clone::Clone;
 use trifid_pki::cert::{deserialize_ed25519_public, deserialize_x25519_public};
 use trifid_pki::x25519_dalek::PublicKey;
@@ -48,8 +48,6 @@ pub async fn dnclient(
         }
     };
 
-    debug!("{}", host);
-
     let host_in_ks = keystore.hosts.iter_mut().find(|u| &u.id == host);
     let host_in_ks = match host_in_ks {
         Some(host) => host,
@@ -98,7 +96,7 @@ pub async fn dnclient(
             .is_err()
     {
         // Be intentionally vague as the message is invalid.
-        debug!("! invalid signature");
+        warn!("! invalid signature from {}", host);
         return HttpResponse::Unauthorized().json(vec![APIError {
             code: "ERR_HOST_ERROR".to_string(),
             message: "The host does not exist or you do not have permission to access it."
@@ -110,8 +108,6 @@ pub async fn dnclient(
     // Sig OK
     // Decode the message from base64
 
-    debug!("{}", req.message);
-
     let msg_raw = match base64::engine::general_purpose::STANDARD.decode(&req.message) {
         Ok(msg) => msg,
         Err(e) => {
@@ -126,8 +122,6 @@ pub async fn dnclient(
 
     // Decode it into RequestWrapper
 
-    debug!("{:?}", String::from_utf8(msg_raw.clone()));
-
     let req_w: RequestWrapper = match serde_json::from_slice(&msg_raw) {
         Ok(msg) => msg,
         Err(e) => {