fix: lower info-level logs to debug-level (#436)

Libraries should avoid issuing info-level logs.
We should stick to debug and trace levels.

cc @TheBestTvarynka

Author: CBenoit

crates/dpapi-web/src/transport.rs

@@ -122,7 +122,7 @@ impl Transport for WasmTransport {
                 get_session_token,
             } => {
                 let session_id = Uuid::new_v4();
-                info!("session token");
+                debug!("session token");
                 let session_token = get_session_token(session_id, destination.clone()).await?;
 
                 Self::ws_connect(proxy.clone(), session_id, session_token.as_ref()).await

crates/dpapi/src/client.rs

@@ -210,7 +210,6 @@ async fn get_key<T: Transport>(
 ) -> Result<GroupKeyEnvelope> {
     let mut connection_options = ConnectOptions::new(server, proxy)?;
 
-    // let isd_key_port = {
     let mut rpc = RpcClient::<T>::connect(
         &connection_options,
         AuthProvider::new(
@@ -225,23 +224,22 @@ async fn get_key<T: Transport>(
     )
     .await?;
 
-    info!("RPC connection has been established.");
+    debug!("RPC connection has been established");
 
     let epm_contexts = get_epm_contexts();
     let context_id = epm_contexts[0].context_id;
     let bind_ack = rpc.bind(&epm_contexts).await?;
 
-    info!("RPC bind/bind_ack finished successfully.");
+    debug!("RPC bind/bind_ack finished successfully");
 
     process_bind_result(&epm_contexts, bind_ack, context_id)?;
 
     let ept_map = get_ept_map_isd_key();
     let response = rpc.request(0, EptMap::OPNUM, ept_map.encode_vec()?).await?;
 
     let isd_key_port = process_ept_map_result(&response.try_into_response()?)?;
-    // };
 
-    info!(isd_key_port);
+    debug!(isd_key_port);
 
     connection_options.set_destination_port(isd_key_port);
 
@@ -256,13 +254,13 @@ async fn get_key<T: Transport>(
     )
     .await?;
 
-    info!("RPC connection has been established.");
+    debug!("RPC connection has been established");
 
     let isd_key_contexts = get_isd_key_key_contexts();
     let context_id = isd_key_contexts[0].context_id;
     let bind_ack = rpc.bind_authenticate(&isd_key_contexts).await?;
 
-    info!("RPC bind/bind_ack finished successfully.");
+    debug!("RPC bind/bind_ack finished successfully");
 
     process_bind_result(&isd_key_contexts, bind_ack, context_id)?;
 
@@ -284,7 +282,7 @@ async fn get_key<T: Transport>(
         .await?;
     let security_trailer = response_pdu.security_trailer.clone();
 
-    info!("RPC GetKey Request finished successfully!");
+    debug!("RPC GetKey Request finished successfully");
 
     process_get_key_result(&response_pdu.try_into_response()?, security_trailer)
 }
@@ -379,7 +377,7 @@ pub async fn n_crypt_unprotect_secret<T: Transport>(
     }))
     .await?;
 
-    info!("Successfully requested root key.");
+    debug!("Successfully requested root key");
 
     Ok(decrypt_blob(&dpapi_blob, &root_key)?.into())
 }
@@ -455,7 +453,7 @@ pub async fn n_crypt_protect_secret<T: Transport>(
     }))
     .await?;
 
-    info!("Successfully requested root key.");
+    debug!("Successfully requested root key");
 
     encrypt_blob(data.as_ref(), &root_key, descriptor)
 }

src/credssp/mod.rs

@@ -309,7 +309,7 @@ impl CredSspClient {
                 ts_request.nego_tokens = Some(output_token.remove(0).buffer);
 
                 if result.status == SecurityStatus::Ok {
-                    info!("CredSSp finished NLA stage.");
+                    debug!("CredSSP finished NLA stage");
 
                     let peer_version =
                         self.context.as_ref().unwrap().peer_version.expect(
@@ -368,7 +368,7 @@ impl CredSspClient {
                         .unwrap()
                         .encrypt_ts_credentials(self.credentials_handle.as_ref().unwrap(), self.cred_ssp_mode)?,
                 );
-                info!("tscredentials has been written");
+                debug!("tscredentials has been written");
 
                 self.state = CredSspState::Final;
 

src/kerberos/mod.rs

@@ -716,12 +716,12 @@ impl<'a> Kerberos {
 
         let as_rep = self.as_exchange(yield_point, &kdc_req_body, pa_data_options).await?;
 
-        info!("AS exchange finished successfully.");
+        debug!("AS exchange finished successfully.");
 
         self.realm = Some(as_rep.0.crealm.0.to_string());
 
         let (encryption_type, salt) = extract_encryption_params_from_as_rep(&as_rep)?;
-        info!(?encryption_type, "Negotiated encryption type");
+        debug!(?encryption_type, "Negotiated encryption type");
 
         self.encryption_params.encryption_type = Some(CipherSuite::try_from(usize::from(encryption_type))?);
 
@@ -940,7 +940,7 @@ impl<'a> Kerberos {
 
                 let as_rep = self.as_exchange(yield_point, &kdc_req_body, pa_data_options).await?;
 
-                info!("AS exchange finished successfully.");
+                debug!("AS exchange finished successfully.");
 
                 self.realm = Some(as_rep.0.crealm.0.to_string());
 
@@ -997,7 +997,7 @@ impl<'a> Kerberos {
                 let tgs_rep: KrbResult<TgsRep> = KrbResult::deserialize(&mut d)?;
                 let tgs_rep = tgs_rep?;
 
-                info!("TGS exchange finished successfully");
+                debug!("TGS exchange finished successfully");
 
                 let session_key_2 =
                     extract_session_key_from_tgs_rep(&tgs_rep, &session_key_1, &self.encryption_params)?;
@@ -1030,7 +1030,7 @@ impl<'a> Kerberos {
                     warn!("Kerberos ApReq Authenticator checksum GSS_C_DELEG_FLAG is not supported. Turning it off...");
                     flags.remove(GssFlags::GSS_C_DELEG_FLAG);
                 }
-                info!(?flags, "ApReq Authenticator checksum flags");
+                debug!(?flags, "ApReq Authenticator checksum flags");
 
                 let mut checksum_value = ChecksumValues::default();
                 checksum_value.set_flags(flags);
@@ -1056,7 +1056,7 @@ impl<'a> Kerberos {
 
                 let authenticator = generate_authenticator(authenticator_options)?;
                 let encoded_auth = picky_asn1_der::to_vec(&authenticator)?;
-                info!(encoded_ap_req_authenticator = ?encoded_auth);
+                debug!(encoded_ap_req_authenticator = ?encoded_auth);
 
                 let mut context_requirements = builder.context_requirements;
 

src/negotiate.rs

@@ -137,15 +137,15 @@ impl Negotiate {
             if is_azure_ad_domain(domain) {
                 use super::pku2u::Pku2uConfig;
 
-                info!("Negotiate: try Pku2u");
+                debug!("Negotiate: try Pku2u");
 
                 self.protocol = NegotiatedProtocol::Pku2u(Pku2u::new_client_from_config(
                     Pku2uConfig::default_client_config(self.client_computer_name.clone())?,
                 )?);
             }
 
             if let Some(host) = detect_kdc_url(&get_client_principal_realm(username, domain)) {
-                info!("Negotiate: try Kerberos");
+                debug!("Negotiate: try Kerberos");
 
                 self.protocol =
                     NegotiatedProtocol::Kerberos(Kerberos::new_client_from_config(crate::KerberosConfig {
@@ -558,7 +558,7 @@ impl<'a> Negotiate {
                 let username = crate::utils::bytes_to_utf16_string(&identity.username);
                 let host = detect_kdc_url(&get_client_principal_realm(&username, ""))
                     .ok_or_else(|| Error::new(ErrorKind::NoAuthenticatingAuthority, "can not detect KDC url"))?;
-                info!("Negotiate: try Kerberos");
+                debug!("Negotiate: try Kerberos");
 
                 let config = crate::KerberosConfig {
                     kdc_url: Some(host),