diff options
31 files changed, 708 insertions, 510 deletions
diff --git a/sbin/photurisd/Makefile b/sbin/photurisd/Makefile index 10f6db4cdae..e2c2f7c5ba5 100644 --- a/sbin/photurisd/Makefile +++ b/sbin/photurisd/Makefile @@ -12,7 +12,7 @@ SRCS= photuris_cookie_request.c photuris_cookie_response.c \ handle_spi_needed.c handle_spi_update.c\ handle_bad_cookie.c handle_resource_limit.c \ handle_verification_failure.c handle_message_reject.c \ - errlog.c config.c scheme.c schedule.c server.c \ + log.c config.c scheme.c schedule.c server.c \ buffer.c compute_secrets.c cookie.c exchange.c identity.c \ modulus.c spi.c state.c validity.c attributes.c \ photurisd.c packet.c api.c kernel.c diff --git a/sbin/photurisd/api.c b/sbin/photurisd/api.c index 3e324e17543..6ebd67e2b1f 100644 --- a/sbin/photurisd/api.c +++ b/sbin/photurisd/api.c @@ -37,7 +37,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: api.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; +static char rcsid[] = "$Id: api.c,v 1.3 2000/12/11 21:21:17 provos Exp $"; #endif #define _API_C_ @@ -55,7 +55,7 @@ static char rcsid[] = "$Id: api.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; #include "photuris.h" #include "config.h" #include "api.h" -#include "errlog.h" +#include "log.h" #include "buffer.h" #include "schedule.h" #include "server.h" @@ -80,7 +80,7 @@ process_api(int fd, int sendsock) bzero(buffer, BUFFER_SIZE); if ((sz = read(fd, buffer, BUFFER_SIZE)) == -1) - crit_error(1, "read() in process_api()"); + log_fatal("read() in process_api()"); buffer[sz >= BUFFER_SIZE ? BUFFER_SIZE -1 : sz] = 0; @@ -89,7 +89,7 @@ process_api(int fd, int sendsock) /* Set up a new state object */ if ((st = state_new()) == NULL) { - log_error(1, "state_new() in process_api()"); + log_error("state_new() in process_api()"); return; } @@ -102,7 +102,7 @@ process_api(int fd, int sendsock) continue; if (!strcmp(addresses[i], st->address)) { /* XXX Code to notify kernel of failure here */ - log_error(0, "discarded request to initiate KES with localhost"); + log_print("discarded request to initiate KES with localhost"); state_value_reset(st); free(st); return; @@ -136,7 +136,7 @@ start_exchange(int sd, struct stateob *st, char *address, int port) packet_size = PACKET_BUFFER_SIZE; if (photuris_cookie_request(st, packet_buffer, &packet_size) == -1) { - log_error(0, "photuris_cookie_request() in start_exchange() " + log_print("photuris_cookie_request() in start_exchange() " "for %s:%d", st->address, st->port); return -1; } @@ -147,7 +147,7 @@ start_exchange(int sd, struct stateob *st, char *address, int port) if (sendto(sd, packet_buffer, packet_size, 0, (struct sockaddr *) &sin, sizeof(sin)) != packet_size) { /* XXX Code to notify kernel of failure */ - log_error(1, "sendto() in start_exchange() for %s:%d", + log_error("sendto() in start_exchange() for %s:%d", st->address, st->port); return -1; } diff --git a/sbin/photurisd/compute_secrets.c b/sbin/photurisd/compute_secrets.c index 23afe98643f..d50aea6a410 100644 --- a/sbin/photurisd/compute_secrets.c +++ b/sbin/photurisd/compute_secrets.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: compute_secrets.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; +static char rcsid[] = "$Id: compute_secrets.c,v 1.3 2000/12/11 21:21:17 provos Exp $"; #endif #define _SECRETS_C_ @@ -59,7 +59,7 @@ static char rcsid[] = "$Id: compute_secrets.c,v 1.2 2000/12/11 02:16:50 provos E #include "spi.h" #include "exchange.h" #include "scheme.h" -#include "errlog.h" +#include "log.h" int privacykey(struct stateob *st, struct idxform *hash, u_int8_t *key, u_int8_t *packet, u_int16_t bytes, u_int16_t *order, int owner); @@ -74,7 +74,7 @@ compute_shared_secret(struct stateob *st, BN_CTX *ctx; if ((mod = mod_find_modgen(st->modulus, st->generator)) == NULL) { - log_error(0, "Can't find exchange information in cache in compute_shared_secret()"); + log_print("Can't find exchange information in cache in compute_shared_secret()"); return (-1); } @@ -105,7 +105,7 @@ compute_shared_secret(struct stateob *st, *sharedsize -= header; if ((*shared = calloc(*sharedsize,sizeof(u_int8_t))) == NULL) { - log_error(0, "Not enough memory for shared secret in compute_shared_secret()"); + log_print("Not enough memory for shared secret in compute_shared_secret()"); return (-1); } bcopy(buffer + header, *shared, *sharedsize); @@ -138,14 +138,14 @@ make_session_keys(struct stateob *st, struct spiob *spi) if (p[i] != AT_AH_ATTRIB && p[i] != AT_ESP_ATTRIB) { bits = get_session_key_length(p+i); if (bits == -1) { - log_error(0, "Invalid attribute choice for SPI in make_session_keys()"); + log_print("Invalid attribute choice for SPI in make_session_keys()"); return -1; } count += bits & 7 ? (bits >> 3) + 1 : bits >> 3; } } if ((*secret = calloc(count, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in make_session_keys()"); + log_error("calloc() in make_session_keys()"); return -1; } *secretsize = count; @@ -192,7 +192,7 @@ get_session_key_length(u_int8_t *attribute) attrib_t *ob; if ((ob = getattrib(*attribute)) == NULL) { - log_error(0, "Unknown attribute %d in get_session_key_length()", + log_print("Unknown attribute %d in get_session_key_length()", *attribute); return -1; } @@ -234,7 +234,7 @@ compute_session_key(struct stateob *st, u_int8_t *key, hash = get_hash(HASH_SHA1); break; default: - log_error(0, "Unkown scheme %d in compute_session_key()", + log_print("Unkown scheme %d in compute_session_key()", ntohs(*((u_int16_t *)st->scheme))); return -1; } @@ -331,7 +331,7 @@ init_privacy_key(struct stateob *st, int owner) hash = get_hash(HASH_SHA1); break; default: - log_error(0, "Unknown exchange scheme in init_privacy_key()"); + log_print("Unknown exchange scheme in init_privacy_key()"); return -1; } @@ -342,7 +342,7 @@ init_privacy_key(struct stateob *st, int owner) free(*ctx); if ((*ctx = calloc(hash->ctxsize, sizeof(char))) == NULL) { - log_error(1, "calloc() in init_privacy_key()"); + log_error("calloc() in init_privacy_key()"); return -1; } hash->Init(*ctx); @@ -381,7 +381,7 @@ compute_privacy_key(struct stateob *st, u_int8_t *key, u_int8_t *packet, hash = get_hash(HASH_SHA1); break; default: - log_error(0, "Unknown exchange scheme in compute_privacy_key()"); + log_print("Unknown exchange scheme in compute_privacy_key()"); return -1; } diff --git a/sbin/photurisd/config.c b/sbin/photurisd/config.c index d4fdd10f9f3..7f0da2808e9 100644 --- a/sbin/photurisd/config.c +++ b/sbin/photurisd/config.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: config.c,v 1.3 2000/12/11 20:32:14 provos Exp $"; +static char rcsid[] = "$Id: config.c,v 1.4 2000/12/11 21:21:17 provos Exp $"; #endif #define _CONFIG_C_ @@ -64,7 +64,7 @@ static char rcsid[] = "$Id: config.c,v 1.3 2000/12/11 20:32:14 provos Exp $"; #include "identity.h" #include "spi.h" #include "server.h" -#include "errlog.h" +#include "log.h" #include "buffer.h" #include "scheme.h" #include "api.h" @@ -87,11 +87,11 @@ open_config_file(char *file) p = config_file; if (p == NULL) - crit_error(0, "no file in open_config_file()"); + log_fatal("no file in open_config_file()"); config_fp = fopen(p, "r"); if (config_fp == (FILE *) NULL) - crit_error(1, "can't open file %s in open_config_file()", p); + log_fatal("can't open file %s in open_config_file()", p); } static void @@ -240,17 +240,17 @@ init_attributes(void) if ((p2 = strsep(&p4, ",")) == NULL || (p3 = strsep(&p4, ",")) == NULL) { - log_error(0, "Mal formated attribute definition for %s in init_attributess()", name); + log_print("Mal formated attribute definition for %s in init_attributess()", name); continue; } if ((tmpatt.id = atoi(p2)) <= 0) { - log_error(0, "Bad id %s for %s in init_attributes()", p2, name); + log_print("Bad id %s for %s in init_attributes()", p2, name); continue; } if ((tmpatt.klen = atoi(p4)) < 0) { - log_error(0, "Bad key length %s for %s in init_attributes()", p4, name); + log_print("Bad key length %s for %s in init_attributes()", p4, name); continue; } @@ -261,20 +261,20 @@ init_attributes(void) p3[i--] = 0; if ((tmpatt.type = parse_type(p3)) == -1) { - log_error(0, "Unkown attribute type %s for %s in init_attributes()", p3, name); + log_print("Unkown attribute type %s for %s in init_attributes()", p3, name); continue; } #ifdef IPSEC if ((tmpatt.type & ~AT_ID) && kernel_known_transform(tmpatt.id) == -1) { - log_error(0, "Attribute %s not supported by kernel in init_attributes()", name); + log_print("Attribute %s not supported by kernel in init_attributes()", name); continue; } #endif if ((ob = calloc(1, sizeof(attrib_t))) == NULL) - crit_error(1, "calloc() in init_attributes()"); + log_fatal("calloc() in init_attributes()"); *ob = tmpatt; putattrib(ob); @@ -286,13 +286,13 @@ init_attributes(void) } if (cfgattrib == NULL) { - log_error(0, "Unknown attribute %s in init_attributes()", + log_print("Unknown attribute %s in init_attributes()", p); continue; } if (ob == NULL && (ob = attrib_new()) == NULL) - crit_error(1, "attribute_new() in init_attributes()"); + log_fatal("attribute_new() in init_attributes()"); else def_flag = 1; @@ -305,7 +305,7 @@ init_attributes(void) if (newbuf == NULL) { if (ob->attributes != NULL) free (ob->attributes); - crit_error(1, "realloc() in init_attributes()"); + log_fatal("realloc() in init_attributes()"); } ob->attributes = newbuf; @@ -326,13 +326,13 @@ init_attributes(void) /* Get a new attribute object */ if ((ob = attrib_new()) == NULL) - crit_error(1, "attribute_new() in init_attributes()"); + log_fatal("attribute_new() in init_attributes()"); ob->netmask = inet_addr(p2); in.s_addr = inet_addr(p) & ob->netmask; if ((ob->address = calloc(strlen(inet_ntoa(in))+1, sizeof(char))) == NULL) - crit_error(1, "calloc() in init_attributes()"); + log_fatal("calloc() in init_attributes()"); strcpy(ob->address, inet_ntoa(in)); } } @@ -341,7 +341,7 @@ init_attributes(void) close_config_file(); if (!def_flag) - crit_error(0, "No default attribute list in init_attributes()"); + log_fatal("No default attribute list in init_attributes()"); cfgx_clear(); return 1; @@ -388,14 +388,14 @@ init_schemes(void) BN_set_word(generator, 2); *(u_int16_t *)buffer = htons(DH_G_2_3DES_SHA1); } else { - log_error(0, "Unknown scheme %s in init_schemes()", p2); + log_print("Unknown scheme %s in init_schemes()", p2); continue; } /* Base schemes need a modulus */ if ((scheme_bits = strtol(p, NULL, 10)) == 0 && ntohs(*(u_int16_t *)buffer) == scheme_get_ref(buffer) ) { - log_error(0, "No bits in scheme %s in init_schemes()", p2); + log_print("No bits in scheme %s in init_schemes()", p2); continue; } @@ -409,7 +409,7 @@ init_schemes(void) tmp = mod_find_generator_next(tmp, generator); } if (tmp == NULL) { - log_error(0, "Could not find %d bit modulus in init_schemes()", + log_print("Could not find %d bit modulus in init_schemes()", scheme_bits); continue; } @@ -426,7 +426,7 @@ init_schemes(void) if (newbuf == NULL) { if (global_schemes != NULL) free (global_schemes); - crit_error(1, "out of memory in init_schems()"); + log_fatal("out of memory in init_schems()"); } global_schemes = newbuf; @@ -443,14 +443,14 @@ init_schemes(void) close_config_file(); if (!gen_flag) { - log_error(0, "DH_G_2_MD5 not in config file, inserting it"); + log_print("DH_G_2_MD5 not in config file, inserting it"); BN_set_word(generator, 2); if ((tmp = mod_find_generator(generator)) == NULL) - crit_error(0, "no modulus for generator 2 in init_schemes()"); + log_fatal("no modulus for generator 2 in init_schemes()"); size = BUFFER_SIZE - 2; if (BN_bn2varpre(tmp->modulus, buffer+2, &size) == -1) - crit_error(0, "BN_bn2varpre() in init_schemes()"); + log_fatal("BN_bn2varpre() in init_schemes()"); *(u_int16_t *)buffer = htons(DH_G_2_MD5); } @@ -500,7 +500,7 @@ init_moduli(int primes) continue; if ((tmp = mod_new_modgen(m, g)) == NULL) - crit_error(0, "no memory in init_moduli()"); + log_fatal("no memory in init_moduli()"); mod_insert(tmp); @@ -552,12 +552,12 @@ init_times(void) else if (!strcmp(p, CONFIG_SPI_LIFETIME)) value = &spi_lifetime; else { - log_error(0, "unkown options %s in init_times()", p); + log_print("unkown options %s in init_times()", p); continue; } if ((i = atoi(p2)) < 1) { - log_error(0, "value %d too small in init_times()", i); + log_print("value %d too small in init_times()", i); continue; } @@ -568,11 +568,11 @@ init_times(void) /* Now some hard coded checks */ if (exchange_timeout < max_retries*retrans_timeout) - crit_error(0, "Exchange Timeout < Retransmission * Retrans. Timeout"); + log_fatal("Exchange Timeout < Retransmission * Retrans. Timeout"); if (exchange_lifetime < 2*exchange_timeout) - crit_error(0, "Exchange Lifetime < 2 * Exchange Timeout"); + log_fatal("Exchange Lifetime < 2 * Exchange Timeout"); if (spi_lifetime < 3*exchange_timeout) - crit_error(0, "SPI Lifetime < 3 * Exchange Timeout"); + log_fatal("SPI Lifetime < 3 * Exchange Timeout"); return 0; } @@ -585,17 +585,17 @@ startup_parse(struct stateob *st, char *p2) while((p=strsep(&p2, " ")) != NULL && strlen(p)) { if ((p3 = strchr(p, '=')) == NULL) { - log_error(0, "missing = in %s in startup_parse()", p); + log_print("missing = in %s in startup_parse()", p); continue; } if (strlen(++p3) == 0) { - log_error(0, "option missing after %s in startup_parse()", p); + log_print("option missing after %s in startup_parse()", p); continue; } if (!strncmp(p, OPT_DST, strlen(OPT_DST))) { hp = NULL; if (inet_addr(p3) == -1 && (hp = gethostbyname(p3)) == NULL) { - log_error(1, "invalid destination address: %s", p3); + log_error("invalid destination address: %s", p3); continue; } if (hp == NULL) @@ -608,27 +608,27 @@ startup_parse(struct stateob *st, char *p2) st->address[15] = '\0'; } else if (!strncmp(p, OPT_PORT, strlen(OPT_PORT))) { if ((st->port = atoi(p3)) == 0) { - log_error(0, "invalid port number: %s", p3); + log_print("invalid port number: %s", p3); continue; } } else if (!strncmp(p, CONFIG_EX_LIFETIME, strlen(CONFIG_EX_LIFETIME))) { if ((st->exchange_lifetime = atol(p3)) == 0) { - log_error(0, "invalid exchange lifetime: %s", p3); + log_print("invalid exchange lifetime: %s", p3); continue; } } else if (!strncmp(p, CONFIG_SPI_LIFETIME, strlen(CONFIG_SPI_LIFETIME))) { if ((st->spi_lifetime = atol(p3)) == 0) { - log_error(0, "invalid spi lifetime: %s", p3); + log_print("invalid spi lifetime: %s", p3); continue; } } else if (!strncmp(p, OPT_USER, strlen(OPT_USER))) { struct passwd *pwd; if ((st->user = strdup(p3)) == NULL) { - log_error(1, "strdup() in startup_parse()"); + log_error("strdup() in startup_parse()"); continue; } if ((pwd = getpwnam(st->user)) == NULL) { - log_error(1, "getpwnam() in startup_parse()"); + log_error("getpwnam() in startup_parse()"); free(st->user); st->user = NULL; continue; @@ -640,7 +640,7 @@ startup_parse(struct stateob *st, char *p2) else if(!strcmp(p, OPT_AUTH)) st->flags |= IPSEC_OPT_AUTH; else { - log_error(0, "Unkown options %s in startup_parse()", p); + log_print("Unkown options %s in startup_parse()", p); continue; } } @@ -652,7 +652,7 @@ void startup_end(struct stateob *st) { if (!strlen(st->address)) { - log_error(0, "no destination given in startup_end()"); + log_print("no destination given in startup_end()"); state_value_reset(st); free(st); return; @@ -676,7 +676,7 @@ startup_end(struct stateob *st) #endif if (start_exchange(global_socket, st, st->address, st->port) == -1) { - log_error(0, "start_exchange in startup_end()"); + log_print("start_exchange in startup_end()"); state_value_reset(st); free(st); } else @@ -711,7 +711,7 @@ init_startup(void) continue; if (st == NULL && ((st = state_new()) == NULL)) - crit_error(0, "state_new() in init_startup()"); + log_fatal("state_new() in init_startup()"); startup_parse(st, p2); @@ -725,7 +725,7 @@ init_startup(void) void reconfig(int sig) { - log_error(0, "Reconfiguring on SIGHUP"); + log_print("Reconfiguring on SIGHUP"); clearattrib(); /* Clear attribute id hash */ attrib_cleanup(); /* Clear list of offered attributes */ @@ -795,13 +795,13 @@ pick_scheme(u_int8_t **scheme, u_int16_t *schemesize, } if (schemep == NULL) { - log_error(0, "Found no scheme in pick_scheme()"); + log_print("Found no scheme in pick_scheme()"); return -1; } if (actsize <= 2) { if (ntohs(*(u_int16_t *)schemep) == scheme_get_ref(schemep)) { - log_error(0, "Base scheme has no modulus in pick_scheme()"); + log_print("Base scheme has no modulus in pick_scheme()"); return -1; } *(u_int16_t *)scheme_ref = htons(scheme_get_ref(schemep)); @@ -839,7 +839,7 @@ pick_scheme(u_int8_t **scheme, u_int16_t *schemesize, } if ((*scheme = calloc(asize, sizeof(u_int8_t))) == NULL) { - log_error(1, "No memory in pick_scheme()"); + log_error("No memory in pick_scheme()"); return -1; } @@ -868,7 +868,7 @@ pick_attrib(struct stateob *st, u_int8_t **attrib, u_int16_t *attribsize) int mode = 0, i, n, count, first; if ((ob = attrib_find(st->address)) == NULL) { - log_error(0, "attrib_find() in pick_attrib()"); + log_print("attrib_find() in pick_attrib()"); return -1; } @@ -896,13 +896,13 @@ pick_attrib(struct stateob *st, u_int8_t **attrib, u_int16_t *attribsize) } } if (count == 0) { - log_error(0, "no attributes in attribute list for %s in pick_attrib()", + log_print("no attributes in attribute list for %s in pick_attrib()", st->address); return -1; } if ((*attrib = calloc(count, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in in pick_attrib()"); + log_error("calloc() in in pick_attrib()"); return -1; } bcopy(buffer, *attrib, count); @@ -926,7 +926,7 @@ select_attrib(struct stateob *st, u_int8_t **attributes, u_int16_t *attribsize) attrib_t *attprop; if ((ob = attrib_find(NULL)) == NULL) { - log_error(0, "attrib_find() for default in select_attrib() in " + log_print("attrib_find() for default in select_attrib() in " "exchange to %s", st->address); return -1; } @@ -1107,12 +1107,12 @@ select_attrib(struct stateob *st, u_int8_t **attributes, u_int16_t *attribsize) } if (count == 0) { - log_error(0, "Offered and wanted list of attributes did not have a common subset in select_attrib()"); + log_print("Offered and wanted list of attributes did not have a common subset in select_attrib()"); return -1; } if ((*attributes=calloc(count,sizeof(u_int8_t))) == NULL) { - log_error(1, "Out of memory for SPI attributes (%d)", count); + log_error("Out of memory for SPI attributes (%d)", count); return -1; } *attribsize = count; diff --git a/sbin/photurisd/errlog.c b/sbin/photurisd/errlog.c deleted file mode 100644 index d84e2fd22a5..00000000000 --- a/sbin/photurisd/errlog.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> - * All rights reserved. - * - * This is partly derived from code by Angelos D. Keromytis, kermit@forthnet.gr - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Niels Provos. - * 4. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * $OpenBSD: errlog.c,v 1.3 2000/07/05 23:41:46 deraadt Exp $ - */ - -#ifndef lint -static char rcsid[] = "$Id: errlog.c,v 1.3 2000/07/05 23:41:46 deraadt Exp $"; -#endif - -#define _ERRLOG_C_ - -#include <stdio.h> -#include <stdlib.h> -#ifdef __STDC__ -#include <stdarg.h> -#else -#include <varargs.h> -#endif -#include <string.h> -#include <syslog.h> -#include <sys/types.h> -#include <errno.h> -#include "photuris.h" -#include "buffer.h" -#include "errlog.h" - -#ifdef NEED_SNPRINTF -#include "snprintf.h" -#endif - -#if defined(sun) || defined(_AIX) -extern char *sys_errlist[]; -extern int errno; -#endif - -#define LOG_SIZE 200 - -void _log_error(int flag, char *fmt, va_list ap); - -/* - * crit_error: - * log the error and exit - */ - -void -#ifdef __STDC__ -crit_error(int flag, char *fmt, ...) -#else -crit_error(flag, fmt, va_alist) - int flag; - char *fmt; - va_dcl -#endif -{ - va_list ap; -#ifdef __STDC__ - va_start(ap, fmt); -#else - va_start(ap); - fmt = va_arg (ap, char *); -#endif - _log_error(flag, fmt, ap); - va_end(ap); - exit(-1); -} - -/* - * log_error: - * log an error - */ - -void -#ifdef __STDC__ -log_error(int flag, char *fmt, ...) -#else -log_error(flag, fmt, va_alist) - int flag; - char *fmt; - va_dcl -#endif -{ - va_list ap; -#ifdef __STDC__ - va_start(ap, fmt); -#else - va_start(ap); - fmt = va_arg (ap, char *); -#endif - _log_error(flag, fmt, ap); - va_end(ap); -} - -void -_log_error(int flag, char *fmt, va_list ap) -{ - char *buffer = calloc(LOG_SIZE, sizeof(char)); - - if(buffer == NULL) - return; - - if (!daemon_mode) - sprintf(buffer, "%s: ", (flag ? "Error" : "Warning")); - else - buffer[0] = '\0'; - - vsnprintf(buffer+strlen(buffer), LOG_SIZE-1, fmt, ap); - buffer[LOG_SIZE-1] = '\0'; - - if (daemon_mode) - syslog(LOG_WARNING, "%s", buffer); - else { - fprintf(stderr, "%s", buffer); - if (flag) - fprintf(stderr, " : %s", sys_errlist[errno]); - fprintf(stderr, ".\n"); - } - free(buffer); - -} diff --git a/sbin/photurisd/exchange.c b/sbin/photurisd/exchange.c index 34ea8183702..91d753e3e66 100644 --- a/sbin/photurisd/exchange.c +++ b/sbin/photurisd/exchange.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: exchange.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; +static char rcsid[] = "$Id: exchange.c,v 1.3 2000/12/11 21:21:17 provos Exp $"; #endif #define _EXCHANGE_C_ @@ -55,7 +55,7 @@ static char rcsid[] = "$Id: exchange.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; #include "cookie.h" #include "schedule.h" #include "scheme.h" -#include "errlog.h" +#include "log.h" /* * Get the number of bits from a variable precision number @@ -212,7 +212,7 @@ exchange_make_values(struct stateob *st, BIGNUM *modulus, BIGNUM *generator) if((p = mod_new_modgen(modulus,generator)) == NULL) { BN_clear_free(generator); BN_clear_free(modulus); - log_error(1, "Not enough memory in exchange_make_values()"); + log_error("Not enough memory in exchange_make_values()"); return (-1); } mod_insert(p); @@ -231,7 +231,7 @@ exchange_make_values(struct stateob *st, BIGNUM *modulus, BIGNUM *generator) if (!BN_cmp(p->generator, tmp->generator)) { p->exchangevalue = calloc(tmp->exchangesize,sizeof(u_int8_t)); if (p->exchangevalue == NULL) { - log_error(1, "calloc() in exchange_make_values()"); + log_error("calloc() in exchange_make_values()"); return (-1); } bcopy(tmp->exchangevalue, p->exchangevalue, @@ -294,7 +294,7 @@ exchange_make_values(struct stateob *st, BIGNUM *modulus, BIGNUM *generator) p->exchangevalue = calloc(p->exchangesize, sizeof(u_int8_t)); if (p->exchangevalue == NULL) { - log_error(1, "calloc() in exchange_make_value()"); + log_error("calloc() in exchange_make_value()"); BN_clear_free(tmp); return (-1); } @@ -309,7 +309,7 @@ exchange_make_values(struct stateob *st, BIGNUM *modulus, BIGNUM *generator) st->exchangevalue = calloc(p->exchangesize, sizeof(u_int8_t)); if (st->exchangevalue == NULL) { - log_error(1, "calloc() in exchange_make_values()"); + log_error("calloc() in exchange_make_values()"); return (-1); } bcopy(p->exchangevalue, st->exchangevalue, p->exchangesize); @@ -341,7 +341,7 @@ exchange_set_generator(BIGNUM *generator, u_int8_t *scheme, u_int8_t *gen) BN_set_word(generator,5); break; default: - log_error(0, "Unsupported exchange scheme %d", + log_print("Unsupported exchange scheme %d", *((u_int16_t *)scheme)); return (-1); } diff --git a/sbin/photurisd/handle_bad_cookie.c b/sbin/photurisd/handle_bad_cookie.c index db801d0c245..18432287d97 100644 --- a/sbin/photurisd/handle_bad_cookie.c +++ b/sbin/photurisd/handle_bad_cookie.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_bad_cookie.c,v 1.1 1998/11/14 23:37:23 deraadt Exp $"; +static char rcsid[] = "$Id: handle_bad_cookie.c,v 1.2 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -50,7 +50,7 @@ static char rcsid[] = "$Id: handle_bad_cookie.c,v 1.1 1998/11/14 23:37:23 deraad #include "buffer.h" #include "packet.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" #include "server.h" #include "packet.h" #include "api.h" @@ -68,7 +68,7 @@ handle_bad_cookie(u_char *packet, int size, char *address) if ((st = state_find_cookies(address, header->icookie, header->rcookie)) == NULL) { - log_error(0, "No state for BAD_COOKIE message from %s", + log_print("No state for BAD_COOKIE message from %s", address); return -1; } @@ -77,7 +77,7 @@ handle_bad_cookie(u_char *packet, int size, char *address) (st->phase == VALUE_REQUEST || st->phase == IDENTITY_REQUEST)) || (st->phase != VALUE_REQUEST && st->phase != IDENTITY_REQUEST && st->phase != SPI_NEEDED && st->phase != SPI_UPDATE)) { - log_error(0, "Ignored BAD_COOKIE message from %s", address); + log_print("Ignored BAD_COOKIE message from %s", address); return 0; /* Nothing needs to be done */ } @@ -85,7 +85,7 @@ handle_bad_cookie(u_char *packet, int size, char *address) if (st->phase == SPI_UPDATE) { st->lifetime = time(NULL); - log_error(0, "Expired exchange on BAD_COOKIE from %s", + log_print("Expired exchange on BAD_COOKIE from %s", address); return 0; } @@ -95,7 +95,7 @@ handle_bad_cookie(u_char *packet, int size, char *address) /* Set up a new state object */ if ((newst = state_new()) == NULL) { - log_error(1, "state_new() in handle_bad_cookie()"); + log_error("state_new() in handle_bad_cookie()"); return -1; } @@ -106,7 +106,7 @@ handle_bad_cookie(u_char *packet, int size, char *address) state_value_reset(st); if (start_exchange(global_socket, newst, address, global_port) == -1) { - log_error(0, "start_exchange() in handle_bad_cookie()"); + log_print("start_exchange() in handle_bad_cookie()"); state_value_reset(st); return -1; } diff --git a/sbin/photurisd/handle_cookie_response.c b/sbin/photurisd/handle_cookie_response.c index c5e897d649b..2b20115b624 100644 --- a/sbin/photurisd/handle_cookie_response.c +++ b/sbin/photurisd/handle_cookie_response.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_cookie_response.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; +static char rcsid[] = "$Id: handle_cookie_response.c,v 1.3 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -49,7 +49,7 @@ static char rcsid[] = "$Id: handle_cookie_response.c,v 1.2 2000/12/11 02:16:50 p #include "scheme.h" #include "packet.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" #include "config.h" int @@ -82,7 +82,7 @@ handle_cookie_response(u_char *packet, int size, if (strcmp(address, st->address)) { /* XXX - is this a sane thing to do ? */ - log_error(0, "Response from multihomed host, address %s will " + log_print("Response from multihomed host, address %s will " "be changed to %s.", st->address, address); strncpy(st->address, address, 15); st->address[15] = '\0'; @@ -98,7 +98,7 @@ handle_cookie_response(u_char *packet, int size, } if (i != size - COOKIE_RESPONSE_MIN) { - log_error(0, "schemes corrupt in handle_cookie_response()"); + log_print("schemes corrupt in handle_cookie_response()"); return (-1); /* Size didn't match UDP size */ } diff --git a/sbin/photurisd/handle_identity_request.c b/sbin/photurisd/handle_identity_request.c index 3d3b1fd329d..15d0a35a6ae 100644 --- a/sbin/photurisd/handle_identity_request.c +++ b/sbin/photurisd/handle_identity_request.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_identity_request.c,v 1.2 2000/12/11 20:32:15 provos Exp $"; +static char rcsid[] = "$Id: handle_identity_request.c,v 1.3 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -51,7 +51,7 @@ static char rcsid[] = "$Id: handle_identity_request.c,v 1.2 2000/12/11 20:32:15 #include "spi.h" #include "secrets.h" #include "scheme.h" -#include "errlog.h" +#include "log.h" #include "schedule.h" #include "attributes.h" #include "md5.h" @@ -108,7 +108,7 @@ handle_identity_request(u_char *packet, int size, char *address, /* Decrypt message */ tmp = size - IDENTITY_MESSAGE_MIN; if (packet_decrypt(st, IDENTITY_MESSAGE_CHOICE(header), &tmp) == -1) { - log_error(0, "packet_decrypt() in handle_identity_request()"); + log_print("packet_decrypt() in handle_identity_request()"); goto verification_failed; } @@ -118,7 +118,7 @@ handle_identity_request(u_char *packet, int size, char *address, #endif /* Verify message structure */ if (packet_check((u_int8_t *)header, size - packet[size-1], &id_msg) == -1) { - log_error(0, "bad packet structure in handle_identity_request()"); + log_print("bad packet structure in handle_identity_request()"); return -1; } @@ -154,13 +154,13 @@ handle_identity_request(u_char *packet, int size, char *address, if (!isattribsubset(st->oSPIoattrib,st->oSPIoattribsize, attributes, attribsize)) { - log_error(0, "attributes are not a subset in handle_identity_request()"); + log_print("attributes are not a subset in handle_identity_request()"); return 0; } i = get_identity_verification_size(st, IDENTITY_MESSAGE_CHOICE(header)); if (!i || i != parts[2].size || i > sizeof(signature)) { - log_error(0, "verification size mismatch in handle_identity_request()"); + log_print("verification size mismatch in handle_identity_request()"); goto verification_failed; } @@ -169,7 +169,7 @@ handle_identity_request(u_char *packet, int size, char *address, /* Fill the state object, but only if we have not dont so before */ if (st->uSPIidentver == NULL) { if((st->uSPIidentver = calloc(i, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_identity_request()"); + log_error("calloc() in handle_identity_request()"); goto verification_failed; } bcopy(signature, st->uSPIidentver, i); @@ -179,7 +179,7 @@ handle_identity_request(u_char *packet, int size, char *address, p = IDENTITY_MESSAGE_CHOICE(header); if (st->uSPIidentchoice == NULL) { if((st->uSPIidentchoice = calloc(p[1]+2, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_identity_request()"); + log_error("calloc() in handle_identity_request()"); goto verification_failed; } bcopy(p, st->uSPIidentchoice, p[1]+2); @@ -189,7 +189,7 @@ handle_identity_request(u_char *packet, int size, char *address, p += p[1] + 2; if (st->uSPIident == NULL) { if((st->uSPIident = calloc(varpre2octets(p), sizeof(u_int8_t))) == NULL) { - log_error(1,"calloc() in handle_identity_request()"); + log_error("calloc() in handle_identity_request()"); goto verification_failed; } bcopy(p, st->uSPIident, varpre2octets(p)); @@ -197,7 +197,7 @@ handle_identity_request(u_char *packet, int size, char *address, if (st->uSPIattrib == NULL) { if((st->uSPIattrib = calloc(attribsize, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_identity_request()"); + log_error("calloc() in handle_identity_request()"); return -1; } bcopy(attributes, st->uSPIattrib, attribsize); @@ -206,7 +206,7 @@ handle_identity_request(u_char *packet, int size, char *address, if (st->oSPIident == NULL && get_secrets(st, (ID_REMOTE|ID_LOCAL)) == -1) { - log_error(0, "get_secrets() in in handle_identity_request()"); + log_print("get_secrets() in in handle_identity_request()"); goto verification_failed; } @@ -234,7 +234,7 @@ handle_identity_request(u_char *packet, int size, char *address, st->uSPIsecret = NULL; st->uSPIsecretsize = 0; verification_failed: - log_error(0, "verification failed in handle_identity_request()"); + log_print("verification failed in handle_identity_request()"); packet_size = PACKET_BUFFER_SIZE; photuris_error_message(st, packet_buffer, &packet_size, header->icookie, header->rcookie, @@ -246,7 +246,7 @@ handle_identity_request(u_char *packet, int size, char *address, /* Create SPI + choice of attributes */ if(make_spi(st, local_address, st->oSPI, &(st->olifetime), &(st->oSPIattrib), &(st->oSPIattribsize)) == -1) { - log_error(0, "make_spi() in handle_identity_request()"); + log_print("make_spi() in handle_identity_request()"); return -1; } @@ -269,11 +269,11 @@ handle_identity_request(u_char *packet, int size, char *address, if (st->oSPI[0] || st->oSPI[1] || st->oSPI[2] || st->oSPI[3]) { /* Insert Owner SPI */ if ((spi = spi_new(st->address, st->oSPI)) == NULL) { - log_error(0, "spi_new() in handle_identity_request()"); + log_print("spi_new() in handle_identity_request()"); return -1; } if ((spi->local_address = strdup(local_address)) == NULL) { - log_error(0, "strdup() in handle_identity_request()"); + log_print("strdup() in handle_identity_request()"); return -1; } bcopy(st->icookie, spi->icookie, COOKIE_SIZE); @@ -281,7 +281,7 @@ handle_identity_request(u_char *packet, int size, char *address, spi->attribsize = st->oSPIattribsize; spi->attributes = calloc(spi->attribsize, sizeof(u_int8_t)); if (spi->attributes == NULL) { - log_error(1, "calloc() in handle_identity_request()"); + log_error("calloc() in handle_identity_request()"); spi_value_reset(spi); return -1; } @@ -303,11 +303,11 @@ handle_identity_request(u_char *packet, int size, char *address, if (st->uSPI[0] || st->uSPI[1] || st->uSPI[2] || st->uSPI[3]) { /* Insert User SPI */ if ((spi = spi_new(st->address, st->uSPI)) == NULL) { - log_error(0, "spi_new() in handle_identity_request()"); + log_print("spi_new() in handle_identity_request()"); return -1; } if ((spi->local_address = strdup(local_address)) == NULL) { - log_error(1, "strdup() in handle_identity_request()"); + log_error("strdup() in handle_identity_request()"); return -1; } spi->flags |= st->flags & IPSEC_NOTIFY ? SPI_NOTIFY : 0; @@ -315,7 +315,7 @@ handle_identity_request(u_char *packet, int size, char *address, spi->attribsize = st->uSPIattribsize; spi->attributes = calloc(spi->attribsize, sizeof(u_int8_t)); if (spi->attributes == NULL) { - log_error(1, "calloc() in handle_identity_request()"); + log_error("calloc() in handle_identity_request()"); spi_value_reset(spi); return -1; } diff --git a/sbin/photurisd/handle_identity_response.c b/sbin/photurisd/handle_identity_response.c index 4378fb4de09..9b40ac97499 100644 --- a/sbin/photurisd/handle_identity_response.c +++ b/sbin/photurisd/handle_identity_response.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_identity_response.c,v 1.2 2000/12/11 20:32:15 provos Exp $"; +static char rcsid[] = "$Id: handle_identity_response.c,v 1.3 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -55,7 +55,7 @@ static char rcsid[] = "$Id: handle_identity_response.c,v 1.2 2000/12/11 20:32:15 #include "attributes.h" #include "secrets.h" #include "scheme.h" -#include "errlog.h" +#include "log.h" #include "spi.h" #ifdef IPSEC #include "kernel.h" @@ -103,7 +103,7 @@ handle_identity_response(u_char *packet, int size, char *address, /* Decrypt message */ tmp = size - IDENTITY_MESSAGE_MIN; if (packet_decrypt(st, IDENTITY_MESSAGE_CHOICE(header), &tmp) == -1) { - log_error(0, "packet_decrypt() in handle_identity_response()"); + log_print("packet_decrypt() in handle_identity_response()"); goto verification_failed; } @@ -113,13 +113,13 @@ handle_identity_response(u_char *packet, int size, char *address, #endif /* Verify message structure */ if (packet_check(packet, size - packet[size-1], &id_msg) == -1) { - log_error(0, "bad packet structure in handle_identity_response()"); + log_print("bad packet structure in handle_identity_response()"); return -1; } i = get_identity_verification_size(st, IDENTITY_MESSAGE_CHOICE(header)); if (!i || i != parts[2].size || i >sizeof(signature)) { - log_error(0, "verification size mismatch in handle_identity_response()"); + log_print("verification size mismatch in handle_identity_response()"); goto verification_failed; } bcopy(parts[2].where, signature, parts[2].size); @@ -129,41 +129,41 @@ handle_identity_response(u_char *packet, int size, char *address, if (!isattribsubset(st->oSPIoattrib,st->oSPIoattribsize, attributes, attribsize)) { - log_error(0, "attributes are not a subset in handle_identity_response()"); + log_print("attributes are not a subset in handle_identity_response()"); return 0; } /* Fill the state object */ if((st->uSPIidentver = calloc(i, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_identity_response()"); + log_error("calloc() in handle_identity_response()"); goto verification_failed; } bcopy(signature, st->uSPIidentver, i); st->uSPIidentversize = i; if((st->uSPIidentchoice = calloc(parts[0].size, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_identity_response()"); + log_error("calloc() in handle_identity_response()"); goto verification_failed; } bcopy(parts[0].where, st->uSPIidentchoice, parts[0].size); st->uSPIidentchoicesize = parts[0].size; if((st->uSPIident = calloc(parts[1].size, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_identity_response()"); + log_error("calloc() in handle_identity_response()"); goto verification_failed; } bcopy(parts[1].where, st->uSPIident, parts[1].size); if((st->uSPIattrib = calloc(attribsize, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_identity_response()"); + log_error("calloc() in handle_identity_response()"); goto verification_failed; } bcopy(attributes, st->uSPIattrib, attribsize); st->uSPIattribsize = attribsize; if (get_secrets(st, ID_REMOTE) == -1) { - log_error(0, "get_secrets() in in handle_identity_response()"); + log_print("get_secrets() in in handle_identity_response()"); goto verification_failed; } @@ -184,7 +184,7 @@ handle_identity_response(u_char *packet, int size, char *address, free(st->uSPIsecret); st->uSPIsecret = NULL; st->uSPIsecretsize = 0; verification_failed: - log_error(0, "verification failed in handle_identity_response()"); + log_print("verification failed in handle_identity_response()"); packet_size = PACKET_BUFFER_SIZE; photuris_error_message(st, packet_buffer, &packet_size, header->icookie, header->rcookie, @@ -217,11 +217,11 @@ handle_identity_response(u_char *packet, int size, char *address, if (st->oSPI[0] || st->oSPI[1] || st->oSPI[2] || st->oSPI[3]) { /* Insert Owner SPI */ if ((spi = spi_new(st->address, st->oSPI)) == NULL) { - log_error(0, "spi_new() in handle_identity_response()"); + log_print("spi_new() in handle_identity_response()"); return -1; } if ((spi->local_address = strdup(local_address)) == NULL) { - log_error(1, "strdup() in handle_identity_response()"); + log_error("strdup() in handle_identity_response()"); return -1; } bcopy(st->icookie, spi->icookie, COOKIE_SIZE); @@ -229,7 +229,7 @@ handle_identity_response(u_char *packet, int size, char *address, spi->attribsize = st->oSPIattribsize; spi->attributes = calloc(spi->attribsize, sizeof(u_int8_t)); if (spi->attributes == NULL) { - log_error(0, "calloc() in handle_identity_response()"); + log_print("calloc() in handle_identity_response()"); spi_value_reset(spi); return -1; } @@ -250,11 +250,11 @@ handle_identity_response(u_char *packet, int size, char *address, if (st->uSPI[0] || st->uSPI[1] || st->uSPI[2] || st->uSPI[3]) { /* Insert User SPI */ if ((spi = spi_new(st->address, st->uSPI)) == NULL) { - log_error(0, "spi_new() in handle_identity_response()"); + log_print("spi_new() in handle_identity_response()"); return -1; } if ((spi->local_address = strdup(local_address)) == NULL) { - log_error(1, "strdup() in handle_identity_response()"); + log_error("strdup() in handle_identity_response()"); return -1; } spi->flags |= st->flags & IPSEC_NOTIFY ? SPI_NOTIFY : 0; @@ -262,7 +262,7 @@ handle_identity_response(u_char *packet, int size, char *address, spi->attribsize = st->uSPIattribsize; spi->attributes = calloc(spi->attribsize, sizeof(u_int8_t)); if (spi->attributes == NULL) { - log_error(1, "calloc() in handle_identity_response()"); + log_error("calloc() in handle_identity_response()"); spi_value_reset(spi); return -1; } diff --git a/sbin/photurisd/handle_message_reject.c b/sbin/photurisd/handle_message_reject.c index fbb971ff504..d351fa47398 100644 --- a/sbin/photurisd/handle_message_reject.c +++ b/sbin/photurisd/handle_message_reject.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_message_reject.c,v 1.1 1998/11/14 23:37:24 deraadt Exp $"; +static char rcsid[] = "$Id: handle_message_reject.c,v 1.2 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -48,7 +48,7 @@ static char rcsid[] = "$Id: handle_message_reject.c,v 1.1 1998/11/14 23:37:24 de #include "buffer.h" #include "packet.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" int handle_message_reject(u_char *packet, int size, char *address) @@ -63,12 +63,12 @@ handle_message_reject(u_char *packet, int size, char *address) if ((st = state_find_cookies(address, header->icookie, header->rcookie)) == NULL) { - log_error(0, "No state for MESSAGE_REJECT message from %s", + log_print("No state for MESSAGE_REJECT message from %s", address); return -1; } - log_error(0, "Received MESSAGE_REJECT from %s on message type %d " + log_print("Received MESSAGE_REJECT from %s on message type %d " "offending offset %d", address, header->badtype, header->offset); return 0; diff --git a/sbin/photurisd/handle_resource_limit.c b/sbin/photurisd/handle_resource_limit.c index 90994da4154..d902f56abff 100644 --- a/sbin/photurisd/handle_resource_limit.c +++ b/sbin/photurisd/handle_resource_limit.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_resource_limit.c,v 1.1 1998/11/14 23:37:24 deraadt Exp $"; +static char rcsid[] = "$Id: handle_resource_limit.c,v 1.2 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -48,7 +48,7 @@ static char rcsid[] = "$Id: handle_resource_limit.c,v 1.1 1998/11/14 23:37:24 de #include "buffer.h" #include "packet.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" int handle_resource_limit(u_char *packet, int size, char *address) @@ -64,7 +64,7 @@ handle_resource_limit(u_char *packet, int size, char *address) counter = packet[ERROR_MESSAGE_PACKET_SIZE]; if ((st = state_find_cookies(NULL, header->icookie, NULL)) == NULL) { - log_error(0, "No state for RESOURCE_LIMIT message from %s", + log_print("No state for RESOURCE_LIMIT message from %s", address); return -1; } @@ -100,7 +100,7 @@ handle_resource_limit(u_char *packet, int size, char *address) /* XXX - we have to wait for expiring of another SPI */ break; default: - log_error(0, "Wrong phase for RESOURCE_LIMIT from %s", + log_print("Wrong phase for RESOURCE_LIMIT from %s", address); return 0; } diff --git a/sbin/photurisd/handle_spi_needed.c b/sbin/photurisd/handle_spi_needed.c index 78518c902d1..e75a4730172 100644 --- a/sbin/photurisd/handle_spi_needed.c +++ b/sbin/photurisd/handle_spi_needed.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_spi_needed.c,v 1.1 1998/11/14 23:37:24 deraadt Exp $"; +static char rcsid[] = "$Id: handle_spi_needed.c,v 1.2 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -53,7 +53,7 @@ static char rcsid[] = "$Id: handle_spi_needed.c,v 1.1 1998/11/14 23:37:24 deraad #include "secrets.h" #include "schedule.h" #include "scheme.h" -#include "errlog.h" +#include "log.h" #include "spi.h" #ifdef IPSEC #include "kernel.h" @@ -100,19 +100,19 @@ handle_spi_needed(u_char *packet, int size, char *address, /* Decrypt message */ tmp = size - SPI_NEEDED_MIN; if (packet_decrypt(st, SPI_NEEDED_VERIFICATION(header), &tmp) == -1) { - log_error(0, "packet_decrypt() in handle_spi_needed()"); + log_print("packet_decrypt() in handle_spi_needed()"); goto verification_failed; } /* Verify message structure*/ if (packet_check((u_int8_t *)header, size - packet[size-1], &spi_msg) == -1) { - log_error(0, "bad packet structure in handle_spi_update()"); + log_print("bad packet structure in handle_spi_update()"); return -1; } i = get_validity_verification_size(st); if (!i || i != parts[0].size || i > sizeof(signature)) { - log_error(0, "verification size mismatch in handle_spi_needed()"); + log_print("verification size mismatch in handle_spi_needed()"); goto verification_failed; } bcopy(parts[0].where, signature, i); @@ -122,13 +122,13 @@ handle_spi_needed(u_char *packet, int size, char *address, if (!isattribsubset(st->oSPIoattrib,st->oSPIoattribsize, attributes, attribsize)) { - log_error(0, "attributes are not a subset in handle_spi_needed()"); + log_print("attributes are not a subset in handle_spi_needed()"); return 0; } if (!verify_validity_verification(st, signature, packet, size)) { verification_failed: - log_error(0, "verification failed in handle_spi_needed()"); + log_print("verification failed in handle_spi_needed()"); packet_size = PACKET_BUFFER_SIZE; photuris_error_message(st, packet_buffer, &packet_size, header->icookie, header->rcookie, @@ -141,7 +141,7 @@ handle_spi_needed(u_char *packet, int size, char *address, free(st->uSPIoattrib); if((st->uSPIoattrib = calloc(attribsize, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_spi_needed()"); + log_error("calloc() in handle_spi_needed()"); return -1; } bcopy(attributes, st->uSPIoattrib, attribsize); @@ -159,18 +159,18 @@ handle_spi_needed(u_char *packet, int size, char *address, packet_size = PACKET_BUFFER_SIZE; if (photuris_spi_update(st, packet_buffer, &packet_size) == -1) { - log_error(0, "photuris_spi_update() in handle_spi_needed()"); + log_print("photuris_spi_update() in handle_spi_needed()"); return -1; } send_packet(); /* Insert Owner SPI */ if ((spi = spi_new(st->address, st->oSPI)) == NULL) { - log_error(0, "spi_new() in handle_spi_needed()"); + log_print("spi_new() in handle_spi_needed()"); return -1; } if ((spi->local_address = strdup(local_address)) == NULL) { - log_error(1, "strdup() in handle_spi_needed()"); + log_error("strdup() in handle_spi_needed()"); return -1; } bcopy(st->icookie, spi->icookie, COOKIE_SIZE); @@ -178,7 +178,7 @@ handle_spi_needed(u_char *packet, int size, char *address, spi->attribsize = st->oSPIattribsize; spi->attributes = calloc(spi->attribsize, sizeof(u_int8_t)); if (spi->attributes == NULL) { - log_error(1, "calloc() in handle_spi_needed()"); + log_error("calloc() in handle_spi_needed()"); spi_value_reset(spi); return -1; } diff --git a/sbin/photurisd/handle_spi_update.c b/sbin/photurisd/handle_spi_update.c index 401d8f808d0..6fc1ed8df79 100644 --- a/sbin/photurisd/handle_spi_update.c +++ b/sbin/photurisd/handle_spi_update.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_spi_update.c,v 1.3 2000/12/11 20:32:15 provos Exp $"; +static char rcsid[] = "$Id: handle_spi_update.c,v 1.4 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -53,7 +53,7 @@ static char rcsid[] = "$Id: handle_spi_update.c,v 1.3 2000/12/11 20:32:15 provos #include "secrets.h" #include "schedule.h" #include "scheme.h" -#include "errlog.h" +#include "log.h" #include "spi.h" #ifdef IPSEC #include "kernel.h" @@ -101,19 +101,19 @@ handle_spi_update(u_char *packet, int size, char *address, /* Decrypt message */ tmp = size - SPI_UPDATE_MIN; if (packet_decrypt(st, SPI_UPDATE_VERIFICATION(header), &tmp) == -1) { - log_error(0, "packet_decrypt() in handle_spi_update()"); + log_print("packet_decrypt() in handle_spi_update()"); goto verification_failed; } /* Verify message structure*/ if (packet_check((u_int8_t *)header, size - packet[size-1], &spi_msg) == -1) { - log_error(0, "bad packet structure in handle_spi_update()"); + log_print("bad packet structure in handle_spi_update()"); return -1; } i = get_validity_verification_size(st); if (!i || i != parts[0].size || i > sizeof(signature)) { - log_error(0, "verification size mismatch in handle_spi_update()"); + log_print("verification size mismatch in handle_spi_update()"); goto verification_failed; } bcopy(parts[0].where, signature, i); @@ -123,13 +123,13 @@ handle_spi_update(u_char *packet, int size, char *address, if (!isattribsubset(st->oSPIoattrib,st->oSPIoattribsize, attributes, attribsize)) { - log_error(0, "attributes are not a subset in handle_spi_update()"); + log_print("attributes are not a subset in handle_spi_update()"); return 0; } if (!verify_validity_verification(st, signature, packet, size)) { verification_failed: - log_error(0, "verification failed in handle_spi_update()"); + log_print("verification failed in handle_spi_update()"); packet_size = PACKET_BUFFER_SIZE; photuris_error_message(st, packet_buffer, &packet_size, header->icookie, header->rcookie, @@ -144,7 +144,7 @@ handle_spi_update(u_char *packet, int size, char *address, if (lifetime == 0) { /* Delete specified security association */ if ((spi = spi_find(st->address, header->SPI)) == NULL) { - log_error(0, "spi_find() in handle_spi_update()"); + log_print("spi_find() in handle_spi_update()"); return -1; } #ifdef IPSEC @@ -159,15 +159,15 @@ handle_spi_update(u_char *packet, int size, char *address, bcopy(header->SPI, st->uSPI, SPI_SIZE); if ((spi = spi_new(st->address, header->SPI)) == NULL) { - log_error(0, "spi_new() in handle_spi_update()"); + log_print("spi_new() in handle_spi_update()"); return -1; } if ((spi->local_address = strdup(local_address)) == NULL) { - log_error(1, "strdup() in handle_spi_update()"); + log_error("strdup() in handle_spi_update()"); return -1; } if((spi->attributes = calloc(attribsize, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in handle_spi_update()"); + log_error("calloc() in handle_spi_update()"); return -1; } spi->flags |= st->flags & IPSEC_NOTIFY ? SPI_NOTIFY : 0; diff --git a/sbin/photurisd/handle_value_request.c b/sbin/photurisd/handle_value_request.c index e3f5bb13088..53cc7ec4d2b 100644 --- a/sbin/photurisd/handle_value_request.c +++ b/sbin/photurisd/handle_value_request.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_value_request.c,v 1.3 2000/12/11 02:16:50 provos Exp $"; +static char rcsid[] = "$Id: handle_value_request.c,v 1.4 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -57,7 +57,7 @@ static char rcsid[] = "$Id: handle_value_request.c,v 1.3 2000/12/11 02:16:50 pro #include "exchange.h" #include "secrets.h" #include "server.h" -#include "errlog.h" +#include "log.h" int handle_value_request(u_char *packet, int size, @@ -87,7 +87,7 @@ handle_value_request(u_char *packet, int size, return -1; /* packet too small */ if (packet_check(packet, size, &vr_msg) == -1) { - log_error(0, "bad packet structure in handle_value_request()"); + log_print("bad packet structure in handle_value_request()"); return -1; } @@ -231,7 +231,7 @@ handle_value_request(u_char *packet, int size, st->texchangesize = parts[0].size; st->texchange = calloc(st->texchangesize, sizeof(u_int8_t)); if (st->texchange == NULL) { - log_error(1, "calloc() in handle_value_request()"); + log_error("calloc() in handle_value_request()"); return -1; } bcopy(parts[0].where, st->texchange, st->texchangesize); diff --git a/sbin/photurisd/handle_value_response.c b/sbin/photurisd/handle_value_response.c index 61769b4a456..b20eea6557e 100644 --- a/sbin/photurisd/handle_value_response.c +++ b/sbin/photurisd/handle_value_response.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_value_response.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; +static char rcsid[] = "$Id: handle_value_response.c,v 1.3 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdlib.h> @@ -52,7 +52,7 @@ static char rcsid[] = "$Id: handle_value_response.c,v 1.2 2000/12/11 02:16:50 pr #include "exchange.h" #include "secrets.h" #include "spi.h" -#include "errlog.h" +#include "log.h" #ifdef DEBUG #include "config.h" #endif @@ -79,7 +79,7 @@ handle_value_response(u_char *packet, int size, char *address, return -1; /* packet too small */ if (packet_check(packet, size, &vr_msg) == -1) { - log_error(0, "bad packet structure in handle_value_response()"); + log_print("bad packet structure in handle_value_response()"); return -1; } @@ -126,7 +126,7 @@ handle_value_response(u_char *packet, int size, char *address, st->texchangesize = parts[0].size; st->texchange = calloc(st->texchangesize, sizeof(u_int8_t)); if (st->texchange == NULL) { - log_error(1, "calloc() in handle_value_response()"); + log_error("calloc() in handle_value_response()"); return -1; } bcopy(parts[0].where, st->texchange, st->texchangesize); @@ -144,7 +144,7 @@ handle_value_response(u_char *packet, int size, char *address, /* Create SPI + choice of attributes */ if (make_spi(st, local_address, st->oSPI, &(st->olifetime), &(st->oSPIattrib), &(st->oSPIattribsize)) == -1) { - log_error(0, "make_spi() in handle_value_response()"); + log_print("make_spi() in handle_value_response()"); return -1; } diff --git a/sbin/photurisd/handle_verification_failure.c b/sbin/photurisd/handle_verification_failure.c index 20d93aff05d..5501046c518 100644 --- a/sbin/photurisd/handle_verification_failure.c +++ b/sbin/photurisd/handle_verification_failure.c @@ -34,7 +34,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: handle_verification_failure.c,v 1.1 1998/11/14 23:37:24 deraadt Exp $"; +static char rcsid[] = "$Id: handle_verification_failure.c,v 1.2 2000/12/11 21:21:17 provos Exp $"; #endif #include <stdio.h> @@ -48,7 +48,7 @@ static char rcsid[] = "$Id: handle_verification_failure.c,v 1.1 1998/11/14 23:37 #include "buffer.h" #include "packet.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" int handle_verification_failure(u_char *packet, int size, char *address) @@ -63,12 +63,12 @@ handle_verification_failure(u_char *packet, int size, char *address) if ((st = state_find_cookies(address, header->icookie, header->rcookie)) == NULL) { - log_error(0, "No state for VERIFICATION_FAILURE message from %s", + log_print("No state for VERIFICATION_FAILURE message from %s", address); return -1; } - log_error(0, "Received VERIFICATION_FAILURE from %s", address); + log_print("Received VERIFICATION_FAILURE from %s", address); return 0; } diff --git a/sbin/photurisd/identity.c b/sbin/photurisd/identity.c index 2135a97d3bb..9aa53a13010 100644 --- a/sbin/photurisd/identity.c +++ b/sbin/photurisd/identity.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: identity.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; +static char rcsid[] = "$Id: identity.c,v 1.3 2000/12/11 21:21:17 provos Exp $"; #endif #define _IDENTITY_C_ @@ -61,7 +61,7 @@ static char rcsid[] = "$Id: identity.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; #include "identity.h" #include "buffer.h" #include "scheme.h" -#include "errlog.h" +#include "log.h" #ifdef NEED_STRSEP #include "strsep.h" @@ -107,17 +107,17 @@ init_identities(char *name, struct identity *root) ob = &idob; if (lstat(file, &sb) == -1) { - log_error(1, "lstat() on %s in init_identities()", file); + log_error("lstat() on %s in init_identities()", file); return -1; } if (((sb.st_mode & S_IFMT) & ~S_IFREG)) { - log_error(0, "no regular file %s in init_identities()", file); + log_print("no regular file %s in init_identities()", file); return -1; } fp = fopen(file, "r"); if (fp == (FILE *) NULL) { - log_error(1, "no hash secrets file %s", file); + log_error("no hash secrets file %s", file); return -1; } @@ -148,12 +148,12 @@ init_identities(char *name, struct identity *root) type = ID_LOOKUP; p += strlen(IDENT_LOOKUP); } else { - log_error(0, "Unkown tag %s in %s", p, file); + log_print("Unkown tag %s in %s", p, file); continue; } if ((tmp = identity_new()) == NULL) { - log_error(0, "identity_new() in init_identities()"); + log_print("identity_new() in init_identities()"); continue; } @@ -176,7 +176,7 @@ init_identities(char *name, struct identity *root) if (type == ID_REMOTE) { /* Search for duplicates */ if (identity_find(idob, tmp->tag, ID_REMOTE) != NULL) { - log_error(0, "Duplicate id \"%s\" found in %s", + log_print("Duplicate id \"%s\" found in %s", tmp->tag, name != NULL ? name : "root"); identity_value_reset(tmp); continue; @@ -208,7 +208,7 @@ init_identities(char *name, struct identity *root) break; case ID_LOOKUP: if (name != NULL) { - log_error(0, "lookup in user file %s in init_identities()", + log_print("lookup in user file %s in init_identities()", name); continue; } @@ -218,7 +218,7 @@ init_identities(char *name, struct identity *root) p2[strlen(p2)-1] = 0; if ((pwd = getpwnam(p2)) == NULL) { - log_error(1, "getpwnam() in init_identities()"); + log_error("getpwnam() in init_identities()"); identity_value_reset(tmp); continue; } else { @@ -230,7 +230,7 @@ init_identities(char *name, struct identity *root) tmp->pairid = strdup(p2); if (dir == NULL) { - log_error(1, "calloc() in init_identities()"); + log_error("calloc() in init_identities()"); identity_value_reset(tmp); continue; } @@ -351,13 +351,13 @@ get_secrets(struct stateob *st, int mode) } if(strlen(remote_secret) == 0 && (mode & ID_REMOTE)) { - log_error(0, "Can't find remote secret for %s in get_secrets()", + log_print("Can't find remote secret for %s in get_secrets()", st->uSPIident+2); return -1; } if (strlen(local_ident) == 0 && (mode & (ID_LOCAL|ID_LOCALPAIR)) ) { - log_error(0, "Can't find local identity in get_secrets()"); + log_print("Can't find local identity in get_secrets()"); return -1; } @@ -412,7 +412,7 @@ choose_identity(struct stateob *st, u_int8_t *packet, u_int16_t *size, } if(attribsize == 0) { - log_error(0, "No identity choice found in offered attributes " + log_print("No identity choice found in offered attributes " "in choose_identity()"); return -1; } @@ -461,7 +461,7 @@ get_identity_verification_size(struct stateob *st, u_int8_t *choice) struct idxform *hash; if ((hash = get_hash_id(*choice)) == NULL) { - log_error(0, "Unknown identity choice: %d\n", *choice); + log_print("Unknown identity choice: %d\n", *choice); return 0; } @@ -487,7 +487,7 @@ struct idxform *get_hash(enum hashes hashtype) for (i=0; i<sizeof(idxform)/sizeof(idxform[0]); i++) if (hashtype == idxform[i].type) return &idxform[i]; - log_error(0, "Unkown hash type: %d in get_hash()", hashtype); + log_print("Unkown hash type: %d in get_hash()", hashtype); return NULL; } @@ -499,7 +499,7 @@ create_verification_key(struct stateob *st, u_int8_t *buffer, u_int16_t *size, int id = owner ? *(st->oSPIidentchoice) : *(st->uSPIidentchoice); if ((hash = get_hash_id(id)) == NULL) { - log_error(0, "Unkown identity choice %d in create_verification_key", id); + log_print("Unkown identity choice %d in create_verification_key", id); return -1; } @@ -527,7 +527,7 @@ create_identity_verification(struct stateob *st, u_int8_t *buffer, struct idxform *hash; if ((hash = get_hash_id(*(st->oSPIidentchoice))) == NULL) { - log_error(0, "Unkown identity choice %d in create_verification_key", + log_print("Unkown identity choice %d in create_verification_key", *(st->oSPIidentchoice)); return 0; } @@ -544,7 +544,7 @@ create_identity_verification(struct stateob *st, u_int8_t *buffer, st->oSPIidentver = calloc(hash_size+2,sizeof(u_int8_t)); if(st->oSPIidentver == NULL) { - log_error(1, "Not enough memory in create_identity_verification()", 0); + log_error("Not enough memory in create_identity_verification()", 0); return 0; } @@ -563,7 +563,7 @@ verify_identity_verification(struct stateob *st, u_int8_t *buffer, struct idxform *hash; if ((hash = get_hash_id(*(st->uSPIidentchoice))) == NULL) { - log_error(0, "Unkown identity choice %d in create_verification_key", + log_print("Unkown identity choice %d in create_verification_key", *(st->uSPIidentchoice)); return 0; } diff --git a/sbin/photurisd/kernel.c b/sbin/photurisd/kernel.c index 71e19885ffe..d44b7357c1f 100644 --- a/sbin/photurisd/kernel.c +++ b/sbin/photurisd/kernel.c @@ -39,7 +39,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: kernel.c,v 1.9 2000/12/11 20:32:15 provos Exp $"; +static char rcsid[] = "$Id: kernel.c,v 1.10 2000/12/11 21:21:18 provos Exp $"; #endif #include <time.h> @@ -84,20 +84,12 @@ static char rcsid[] = "$Id: kernel.c,v 1.9 2000/12/11 20:32:15 provos Exp $"; #include "buffer.h" #include "spi.h" #include "kernel.h" -#include "errlog.h" +#include "log.h" #include "server.h" #ifdef DEBUG #include "config.h" #endif -#ifdef DEBUG -time_t now; - -#define kernel_debug(x) {time(&now); printf("%.24s ", ctime(&now)); printf x;} -#else -#define kernel_debug(x) -#endif - #define SPITOINT(x) (((x)[0]<<24) + ((x)[1]<<16) + ((x)[2]<<8) + (x)[3]) #define KERNEL_XF_SET(x) kernel_xf_set(sd, buffer, BUFFER_SIZE, iov, cnt, x) @@ -209,15 +201,15 @@ int init_kernel(void) { if ((sd = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) == -1) - crit_error(1, "socket(PF_KEY) for IPSec keyengine in init_kernel()"); + log_fatal("socket(PF_KEY) for IPSec keyengine in init_kernel()"); if ((regsd = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) == -1) - crit_error(1, "socket() for PFKEY register in init_kernel()"); + log_fatal("socket() for PFKEY register in init_kernel()"); pfkey_seq = 0; pfkey_pid = getpid(); if (kernel_register(regsd) == -1) - crit_error(0, "PFKEY socket registration failed in init_kernel()"); + log_fatal("PFKEY socket registration failed in init_kernel()"); return (1); } @@ -241,13 +233,13 @@ kernel_set_socket_policy(int sd) level = IPSEC_LEVEL_BYPASS; /* Did I mention I'm privileged? */ if (setsockopt(sd, IPPROTO_IP, IP_AUTH_LEVEL, (char *)&level, sizeof (int)) == -1) - crit_error(1, "setsockopt: can not bypass ipsec authentication policy"); + log_fatal("setsockopt: can not bypass ipsec authentication policy"); if (setsockopt(sd, IPPROTO_IP, IP_ESP_TRANS_LEVEL, (char *)&level, sizeof (int)) == -1) - crit_error(1, "setsockopt: can not bypass ipsec esp transport policy"); + log_fatal("setsockopt: can not bypass ipsec esp transport policy"); if (setsockopt(sd, IPPROTO_IP, IP_ESP_NETWORK_LEVEL, (char *)&level, sizeof (int)) == -1) - crit_error(1, "setsockopt: can not bypass ipsec esp network policy"); + log_fatal("setsockopt: can not bypass ipsec esp network policy"); } int @@ -288,7 +280,7 @@ kernel_xf_read(int sd, char *buffer, int blen, int seq) } len = sres->sadb_msg_len * 8; if (len >= BUFFER_SIZE) { - log_error(0, "PFKEYV2 message len %d too big in kernel_xf_read()", len); + log_print("PFKEYV2 message len %d too big in kernel_xf_read()", len); return (0); } if (read(sd, sres, len) != len) { @@ -300,7 +292,7 @@ kernel_xf_read(int sd, char *buffer, int blen, int seq) )); if (sres->sadb_msg_errno) { - log_error(0, "kernel_xf_read: PFKEYV2 result: %s", + log_print("kernel_xf_read: PFKEYV2 result: %s", strerror(sres->sadb_msg_errno)); return (0); } @@ -321,7 +313,7 @@ kernel_register(int sd) struct iovec iov[1]; int cnt = 0; - kernel_debug(("kernel_register: fd %d\n", sd)); + LOG_DBG((LOG_KERNEL, 20, "kernel_register: fd %d", sd)); bzero(&smsg, sizeof(smsg)); @@ -337,7 +329,7 @@ kernel_register(int sd) smsg.sadb_msg_satype = SADB_SATYPE_ESP; if (!kernel_xf_set(regsd, buffer, BUFFER_SIZE, iov, cnt, smsg.sadb_msg_len*8)) { - log_error(1, "kernel_xf_set() in kernel_reserve_single_spi()"); + log_error("kernel_xf_set() in kernel_reserve_single_spi()"); return (-1); } @@ -346,7 +338,7 @@ kernel_register(int sd) smsg.sadb_msg_seq = pfkey_seq++; if (!kernel_xf_set(regsd, buffer, BUFFER_SIZE, iov, cnt, smsg.sadb_msg_len*8)) { - log_error(1, "kernel_xf_set() in kernel_reserve_single_spi()"); + log_error("kernel_xf_set() in kernel_reserve_single_spi()"); return (-1); } @@ -358,7 +350,7 @@ kernel_register(int sd) sres = (struct sadb_msg *)buffer; ssup = (struct sadb_supported *)(sres + 1); if (ssup->sadb_supported_exttype != SADB_EXT_SUPPORTED) { - log_error(0, "SADB_REGISTER did not return a SADB_EXT_SUPORTED " + log_print("SADB_REGISTER did not return a SADB_EXT_SUPORTED " "struct: %d in kernel_register()", ssup->sadb_supported_exttype); return (-1); @@ -367,7 +359,7 @@ kernel_register(int sd) len = ssup->sadb_supported_len * 8 - sizeof(*ssup); if (len != (ssup->sadb_supported_nauth + ssup->sadb_supported_nencrypt) * sizeof(struct sadb_alg)) { - log_error(0, "SADB_SUPPORTED length mismatch in kernel_register()"); + log_print("SADB_SUPPORTED length mismatch in kernel_register()"); return (-1); } @@ -386,7 +378,7 @@ kernel_reserve_spi(char *src, char *dst, int options) u_int32_t spi; int proto; - kernel_debug(("kernel_reserve_spi: %s\n", src)); + LOG_DBG((LOG_KERNEL, 40, "kernel_reserve_spi: %s", src)); if ((options & (IPSEC_OPT_ENC|IPSEC_OPT_AUTH)) != (IPSEC_OPT_ENC|IPSEC_OPT_AUTH)) { @@ -424,7 +416,8 @@ kernel_reserve_single_spi(char *srcaddress, char *dstaddress, u_int32_t spi, struct iovec iov[6]; int cnt = 0; - kernel_debug(("kernel_reserve_single_spi: %s, %08x\n", srcaddress, spi)); + LOG_DBG((LOG_KERNEL, 40, "kernel_reserve_single_spi: %s, %08x", + srcaddress, spi)); bzero(&src, sizeof(union sockaddr_union)); bzero(&dst, sizeof(union sockaddr_union)); @@ -490,14 +483,14 @@ kernel_reserve_single_spi(char *srcaddress, char *dstaddress, u_int32_t spi, /* get back SADB_EXT_SA */ if (!KERNEL_XF_SET(smsg.sadb_msg_len*8)) { - log_error(1, "kernel_xf_set() in kernel_reserve_single_spi()"); + log_error("kernel_xf_set() in kernel_reserve_single_spi()"); return (0); } sres = (struct sadb_msg *)buffer; ssa = (struct sadb_sa *)(sres + 1); if (ssa->sadb_sa_exttype != SADB_EXT_SA) { - log_error(0, "SADB_GETSPI did not return a SADB_EXT_SA struct: %d", + log_print("SADB_GETSPI did not return a SADB_EXT_SA struct: %d", ssa->sadb_sa_exttype); return (0); } @@ -522,7 +515,7 @@ kernel_ah(attrib_t *ob, struct spiob *SPI, u_int8_t *secrets, int hmac) time_t now = time(NULL); if (xf == NULL || !(xf->flags & XF_AUTH)) { - log_error(0, "%d is not an auth transform in kernel_ah()", ob->id); + log_print("%d is not an auth transform in kernel_ah()", ob->id); return (-1); } @@ -608,10 +601,10 @@ kernel_ah(attrib_t *ob, struct spiob *SPI, u_int8_t *secrets, int hmac) iov[cnt].iov_base = secrets; len += iov[cnt++].iov_len = ((ob->klen + 7) / 8) * 8; - kernel_debug(("kernel_ah: %08x\n", ntohl(sr.sadb_sa_spi))); + LOG_DBG((LOG_KERNEL, 35, "kernel_ah: %08x", ntohl(sr.sadb_sa_spi))); if (!KERNEL_XF_SET(len)) { - log_error(1, "kernel_xf_set() in kernel_ah()"); + log_error("kernel_xf_set() in kernel_ah()"); return (-1); } return ob->klen; @@ -638,7 +631,7 @@ kernel_esp(attrib_t *ob, attrib_t *ob2, struct spiob *SPI, u_int8_t *secrets) if (ob->type & AT_AUTH) { if (ob2 == NULL || ob2->type != AT_ENC) { - log_error(0, "No encryption after auth given in kernel_esp()"); + log_print("No encryption after auth given in kernel_esp()"); return (-1); } attenc = ob2; @@ -653,13 +646,13 @@ kernel_esp(attrib_t *ob, attrib_t *ob2, struct spiob *SPI, u_int8_t *secrets) sec2 = secrets + ob->klen; } } else { - log_error(0, "No encryption transform given in kernel_esp()"); + log_print("No encryption transform given in kernel_esp()"); return (-1); } xf_enc = kernel_get_transform(attenc->id); if ((xf_enc->flags & ESP_OLD) && attauth != NULL) { - log_error(0, "Old ESP does not support AH in kernel_esp()"); + log_print("Old ESP does not support AH in kernel_esp()"); return (-1); } @@ -765,10 +758,10 @@ kernel_esp(attrib_t *ob, attrib_t *ob2, struct spiob *SPI, u_int8_t *secrets) iov[cnt++].iov_len = ((attauth->klen + 7) / 8) * 8; } - kernel_debug(("kernel_esp: %08x\n", ntohl(sr.sadb_sa_spi))); + LOG_DBG((LOG_KERNEL, 35, "kernel_esp: %08x", ntohl(sr.sadb_sa_spi))); if (!KERNEL_XF_SET(sa.sadb_msg_len * 8)) { - log_error(1, "kernel_xf_set() in kernel_esp()"); + log_error("kernel_xf_set() in kernel_esp()"); return (-1); } @@ -840,10 +833,10 @@ kernel_delete_spi(char *address, u_int32_t spi, int proto) iov[cnt++].iov_len = sizeof(sr); - kernel_debug(("kernel_delete_spi: %08x\n", spi)); + LOG_DBG((LOG_KERNEL, 30, "kernel_delete_spi: %08x", spi)); if (!KERNEL_XF_SET(sa.sadb_msg_len * 8)) { - log_error(1, "kernel_xf_set() in kernel_delete_spi()"); + log_error("kernel_xf_set() in kernel_delete_spi()"); return (-1); } @@ -882,7 +875,7 @@ kernel_insert_spi(struct stateob *st, struct spiob *SPI) while (count < espsize && (atesp == NULL || atah == NULL)) { if ((attprop = getattrib(esp[count])) == NULL) { - log_error(0, "Unknown attribute %d for ESP in kernel_insert_spi()", + log_print("Unknown attribute %d for ESP in kernel_insert_spi()", esp[count]); return (-1); } @@ -894,7 +887,7 @@ kernel_insert_spi(struct stateob *st, struct spiob *SPI) count += esp[count+1]+2; } if (atesp == NULL) { - log_error(0, "No encryption attribute in ESP section for SA(%08x, %s->%s) in kernel_insert()", SPITOINT(SPI->SPI), SPI->local_address, SPI->address); + log_print("No encryption attribute in ESP section for SA(%08x, %s->%s) in kernel_insert()", SPITOINT(SPI->SPI), SPI->local_address, SPI->address); return (-1); } @@ -910,7 +903,7 @@ kernel_insert_spi(struct stateob *st, struct spiob *SPI) while (count < ahsize) { if ((attprop = getattrib(ah[count])) == NULL) { - log_error(0, "Unknown attribute %d for AH in kernel_insert_spi()", + log_print("Unknown attribute %d for AH in kernel_insert_spi()", ah[count]); return (-1); } @@ -930,7 +923,7 @@ kernel_insert_spi(struct stateob *st, struct spiob *SPI) } if (atah == NULL) { - log_error(0, "No authentication attribute in AH section for SA(%08x, %s->%s) in kernel_insert()", SPITOINT(SPI->SPI), SPI->local_address, SPI->address); + log_print("No authentication attribute in AH section for SA(%08x, %s->%s) in kernel_insert()", SPITOINT(SPI->SPI), SPI->local_address, SPI->address); return (-1); } @@ -987,12 +980,12 @@ kernel_unlink_spi(struct spiob *ospi) if (esp != NULL) { if (kernel_delete_spi(p, SPITOINT(ospi->SPI), IPPROTO_ESP) == -1) - log_error(0, "kernel_delete_spi() in kernel_unlink_spi()"); + log_print("kernel_delete_spi() in kernel_unlink_spi()"); } if (ah != NULL) { if (kernel_delete_spi(p, SPITOINT(ospi->SPI), IPPROTO_AH) == -1) - log_error(0, "kernel_delete_spi() in kernel_unlink_spi()"); + log_print("kernel_delete_spi() in kernel_unlink_spi()"); } return (1); @@ -1011,18 +1004,15 @@ kernel_handle_notify(int sd) if (!kernel_xf_read(regsd, buffer, BUFFER_SIZE, 0)) return; -#ifdef DEBUG - kernel_debug(("Got PFKEYV2 message: type %d\n", sres->sadb_msg_type)); -#endif + LOG_DBG((LOG_KERNEL, 60, "Got PFKEYV2 message: type %d", + sres->sadb_msg_type)); switch (sres->sadb_msg_type) { case SADB_EXPIRE: - log_error(0, "PFKEYV2 SA Expiration - not yet supported.\n"); + log_print("PFKEYV2 SA Expiration - not yet supported."); return; case SADB_ACQUIRE: -#ifdef DEBUG - kernel_debug(("Got Notify SA Request (SADB_ACQUIRE)\n")); -#endif + LOG_DBG((LOG_KERNEL, 60, "Got Notify SA Request (SADB_ACQUIRE)")); kernel_request_sa(sres); break; default: @@ -1053,7 +1043,7 @@ kernel_request_sa(void *em /*struct encap_msghdr *em*/) if (st == NULL) { /#* No established exchange found, start a new one *#/ if ((st = state_new()) == NULL) { - log_error(0, "state_new() failed in kernel_request_sa() for remote ip %s", + log_print("state_new() failed in kernel_request_sa() for remote ip %s", address); return (-1); } @@ -1077,7 +1067,7 @@ kernel_request_sa(void *em /*struct encap_msghdr *em*/) st->flags |= IPSEC_OPT_AUTH; /#* XXX - handling of tunnel requests missing *#/ if (start_exchange(global_socket, st, st->address, st->port) == -1) { - log_error(0, "start_exchange() in kernel_request_sa() - informing kernel of failure"); + log_print("start_exchange() in kernel_request_sa() - informing kernel of failure"); /#* Inform kernel of our failure *#/ kernel_notify_result(st, NULL, 0); state_value_reset(st); @@ -1126,5 +1116,5 @@ kernel_notify_result(struct stateob *st, struct spiob *spi, int proto) } if (!kernel_xf_set(&em)) - log_error(1, "kernel_xf_set() in kernel_notify_result()"); */ + log_error("kernel_xf_set() in kernel_notify_result()"); */ } diff --git a/sbin/photurisd/log.c b/sbin/photurisd/log.c new file mode 100644 index 00000000000..e470a62bba2 --- /dev/null +++ b/sbin/photurisd/log.c @@ -0,0 +1,307 @@ +/* $OpenBSD: log.c,v 1.1 2000/12/11 21:21:18 provos Exp $ */ +/* $EOM: log.c,v 1.30 2000/09/29 08:19:23 niklas Exp $ */ + +/* + * Copyright (c) 1998, 1999 Niklas Hallqvist. All rights reserved. + * Copyright (c) 1999, 2000 Håkan Olsson. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Ericsson Radio Systems. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * This code was written under funding by Ericsson Radio Systems. + */ + +#include <sys/time.h> +#include <errno.h> +#include <stdio.h> +#include <string.h> +#include <syslog.h> +#ifdef __STDC__ +#include <stdarg.h> +#else +#include <varargs.h> +#endif + +#include "log.h" + +static void _log_print (int, int, const char *, va_list, int, int); + +static FILE *log_output; +#ifdef USE_DEBUG +static int log_level[LOG_ENDCLASS]; +#endif + +void +log_init (void) +{ + log_output = stderr; +} + +void +log_to (FILE *f) +{ + if (!log_output && f) + closelog (); + log_output = f; + if (!f) + openlog ("isakmpd", LOG_CONS, LOG_DAEMON); +} + +FILE * +log_current (void) +{ + return log_output; +} + +static char * +_log_get_class (int error_class) +{ + /* XXX For test purposes. To be removed later on? */ + static char *class_text[] = LOG_CLASSES_TEXT; + + if (error_class < 0) + return "Dflt"; + else if (error_class >= LOG_ENDCLASS) + return "Unkn"; + else + return class_text[error_class]; +} + +static void +_log_print (int error, int syslog_level, const char *fmt, va_list ap, + int class, int level) +{ + char buffer[LOG_SIZE], nbuf[LOG_SIZE + 32]; + static const char fallback_msg[] = + "write to log file failed (errno %d), redirecting output to syslog"; + int len; + struct tm *tm; + struct timeval now; + time_t t; + + len = vsnprintf (buffer, LOG_SIZE, fmt, ap); + if (len < LOG_SIZE - 1 && error) + snprintf (buffer + len, LOG_SIZE - len, ": %s", strerror (errno)); + if (log_output) + { + gettimeofday (&now, 0); + t = now.tv_sec; + tm = localtime (&t); + if (class >= 0) + sprintf (nbuf, "%02d%02d%02d.%06ld %s %02d ", tm->tm_hour, + tm->tm_min, tm->tm_sec, now.tv_usec, _log_get_class (class), + level); + else /* LOG_PRINT (-1) or LOG_REPORT (-2) */ + sprintf (nbuf, "%02d%02d%02d.%06ld %s ", tm->tm_hour, + tm->tm_min, tm->tm_sec, now.tv_usec, + class == LOG_PRINT ? "Default" : "Report>"); + strcat (nbuf, buffer); + strcat (nbuf, "\n"); + + if (fwrite (nbuf, strlen (nbuf), 1, log_output) == 0) + { + /* Report fallback. */ + syslog (LOG_ALERT, fallback_msg, errno); + fprintf (log_output, fallback_msg, errno); + + /* + * Close log_output to prevent isakmpd from locking the file. + * We may need to explicitly close stdout to do this properly. + * XXX - Figure out how to match two FILE *'s and rewrite. + */ + if (fileno (log_output) != -1) + if (fileno (stdout) == fileno (log_output)) + fclose (stdout); + fclose (log_output); + + /* Fallback to syslog. */ + log_to (0); + + /* (Re)send current message to syslog(). */ + syslog (class == LOG_REPORT ? LOG_ALERT : syslog_level, "%s", buffer); + } + } + else + syslog (class == LOG_REPORT ? LOG_ALERT : syslog_level, "%s", buffer); +} + +#ifdef USE_DEBUG +void +#ifdef __STDC__ +log_debug (int cls, int level, const char *fmt, ...) +#else +log_debug (cls, level, fmt, va_alist) + int cls; + int level; + const char *fmt; + va_dcl +#endif +{ + va_list ap; + + /* + * If we are not debugging this class, or the level is too low, just return. + */ + if (cls >= 0 && (log_level[cls] == 0 || level > log_level[cls])) + return; +#ifdef __STDC__ + va_start (ap, fmt); +#else + va_start (ap); + fmt = va_arg (ap, const char *); +#endif + _log_print (0, LOG_DEBUG, fmt, ap, cls, level); + va_end (ap); +} + +void +log_debug_buf (int cls, int level, const char *header, const u_int8_t *buf, + size_t sz) +{ + char s[73]; + int i, j; + + /* + * If we are not debugging this class, or the level is too low, just return. + */ + if (cls >= 0 && (log_level[cls] == 0 || level > log_level[cls])) + return; + + log_debug (cls, level, "%s:", header); + for (i = j = 0; i < sz;) + { + sprintf (s + j, "%02x", buf[i++]); + j += 2; + if (i % 4 == 0) + { + if (i % 32 == 0) + { + s[j] = '\0'; + log_debug (cls, level, "%s", s); + j = 0; + } + else + s[j++] = ' '; + } + } + if (j) + { + s[j] = '\0'; + log_debug (cls, level, "%s", s); + } +} + +void +log_debug_cmd (int cls, int level) +{ + if (cls < 0 || cls >= LOG_ENDCLASS) + { + log_print ("log_debug_cmd: invalid debugging class %d", cls); + return; + } + + if (level < 0) + { + log_print ("log_debug_cmd: invalid debugging level %d for class %d", + level, cls); + return; + } + + if (level == log_level[cls]) + log_print ("log_debug_cmd: log level unchanged for class %d", cls); + else + { + log_print ("log_debug_cmd: log level changed from %d to %d for class %d", + log_level[cls], level, cls); + log_level[cls] = level; + } +} +#endif /* USE_DEBUG */ + +void +#ifdef __STDC__ +log_print (const char *fmt, ...) +#else +log_print (fmt, va_alist) + const char *fmt; + va_dcl +#endif +{ + va_list ap; + +#ifdef __STDC__ + va_start (ap, fmt); +#else + va_start (ap); + fmt = va_arg (ap, const char *); +#endif + _log_print (0, LOG_NOTICE, fmt, ap, LOG_PRINT, 0); + va_end (ap); +} + +void +#ifdef __STDC__ +log_error (const char *fmt, ...) +#else +log_error (fmt, va_alist) + const char *fmt; + va_dcl +#endif +{ + va_list ap; + +#ifdef __STDC__ + va_start (ap, fmt); +#else + va_start (ap); + fmt = va_arg (ap, const char *); +#endif + _log_print (1, LOG_ERR, fmt, ap, LOG_PRINT, 0); + va_end (ap); +} + +void +#ifdef __STDC__ +log_fatal (const char *fmt, ...) +#else +log_fatal (fmt, va_alist) + const char *fmt; + va_dcl +#endif +{ + va_list ap; + +#ifdef __STDC__ + va_start (ap, fmt); +#else + va_start (ap); + fmt = va_arg (ap, const char *); +#endif + _log_print (1, LOG_CRIT, fmt, ap, LOG_PRINT, 0); + va_end (ap); + exit (1); +} diff --git a/sbin/photurisd/errlog.h b/sbin/photurisd/log.h index e23a74343a1..2b395cad014 100644 --- a/sbin/photurisd/errlog.h +++ b/sbin/photurisd/log.h @@ -1,8 +1,8 @@ +/* $OpenBSD: log.h,v 1.1 2000/12/11 21:21:18 provos Exp $ */ +/* $EOM: log.h,v 1.19 2000/03/30 14:27:23 ho Exp $ */ + /* - * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> - * All rights reserved. - * - * This code is originally from Angelos D. Keromytis, kermit@forthnet.gr + * Copyright (c) 1998, 1999 Niklas Hallqvist. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -14,7 +14,7 @@ * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: - * This product includes software developed by Niels Provos. + * This product includes software developed by Ericsson Radio Systems. * 4. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * @@ -30,22 +30,57 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef _ERRLOG_H_ -#define _ERRLOG_H_ - -#undef EXTERN -#ifdef _ERRLOG_C_ -#define EXTERN -#else -#define EXTERN extern -#endif - -#ifdef __STDC__ -EXTERN void crit_error __P((int, char *, ...)); -EXTERN void log_error __P((int, char *, ...)); -#else -EXTERN void crit_error(); -EXTERN void log_error(); -#endif - -#endif /* _ERRLOG_H_ */ +/* + * This code was written under funding by Ericsson Radio Systems. + */ + +#ifndef _LOG_H_ +#define _LOG_H_ + +#include <sys/types.h> +#include <stdio.h> + +/* + * We cannot do the log strings dynamically sizeable as out of memory is one + * of the situations we need to report about. + */ +#define LOG_SIZE 200 + +enum log_classes { + LOG_MISC, LOG_TRANSPORT, LOG_CRYPTO, LOG_TIMER, LOG_SA, LOG_KERNEL, + LOG_ENDCLASS +}; +#define LOG_CLASSES_TEXT \ + { "Misc", "Trpt", "Cryp", "Timr", "SA ", "Kern" } + +/* + * "Class" LOG_REPORT will always be logged to the current log channel, + * regardless of level. + */ +#define LOG_PRINT -1 +#define LOG_REPORT -2 + +#ifdef USE_DEBUG + +#define LOG_DBG(x) log_debug x +#define LOG_DBG_BUF(x) log_debug_buf x + +extern void log_debug (int, int, const char *, ...); +extern void log_debug_buf (int, int, const char *, const u_int8_t *, size_t); +extern void log_debug_cmd (int, int); + +#else /* USE_DEBUG */ + +#define LOG_DBG(x) +#define LOG_DBG_BUF(x) + +#endif /* USE_DEBUG */ + +extern FILE *log_current (void); +extern void log_error (const char *, ...); +extern void log_fatal (const char *, ...); +extern void log_print (const char *, ...); +extern void log_to (FILE *); +extern void log_init (void); + +#endif /* _LOG_H_ */ diff --git a/sbin/photurisd/modulus.c b/sbin/photurisd/modulus.c index 0ab232c7983..3ecd2be45e2 100644 --- a/sbin/photurisd/modulus.c +++ b/sbin/photurisd/modulus.c @@ -43,7 +43,7 @@ #include <ssl/bn.h> #include "config.h" #include "modulus.h" -#include "errlog.h" +#include "log.h" static struct moduli_cache *modob = NULL; @@ -119,7 +119,7 @@ mod_check_prime(int iter, int tm) #endif flag = BN_is_prime(p->modulus, iter, NULL, ctx, NULL); if (!flag) - log_error(0, "found a non prime in mod_check_prime()"); + log_print("found a non prime in mod_check_prime()"); tmp = mod_find_modulus(p->modulus); while (tmp != NULL) { diff --git a/sbin/photurisd/packet.c b/sbin/photurisd/packet.c index 1e0fb74a4f4..c5a3d716c6d 100644 --- a/sbin/photurisd/packet.c +++ b/sbin/photurisd/packet.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: packet.c,v 1.1 1998/11/14 23:37:25 deraadt Exp $"; +static char rcsid[] = "$Id: packet.c,v 1.2 2000/12/11 21:21:18 provos Exp $"; #endif #define _PACKET_C_ @@ -50,7 +50,7 @@ static char rcsid[] = "$Id: packet.c,v 1.1 1998/11/14 23:37:25 deraadt Exp $"; #include "state.h" #include "photuris.h" #include "packets.h" -#include "errlog.h" +#include "log.h" #include "buffer.h" #include "config.h" #include "scheme.h" @@ -73,7 +73,7 @@ int handle_packet(int sock, char *address) i = sizeof(struct sockaddr_in); if ((size = recvfrom(sock, recv_buffer, RECV_BUFFER_SIZE, 0, (struct sockaddr *) &sin, &i)) == -1) - crit_error(1, "recvfrom() in handle_packet()"); + log_fatal("recvfrom() in handle_packet()"); header = (struct cookie_request *)recv_buffer; #ifdef DEBUG @@ -91,7 +91,7 @@ int handle_packet(int sock, char *address) ntohs(sin.sin_port), global_schemes, global_schemesize) == -1) { - log_error(0, "handle_cookie_request() in handle_packet()"); + log_print("handle_cookie_request() in handle_packet()"); return -1; } break; @@ -99,7 +99,7 @@ int handle_packet(int sock, char *address) if (handle_cookie_response(recv_buffer, size, inet_ntoa(sin.sin_addr), ntohs(sin.sin_port)) == -1) { - log_error(0, "handle_cookie_response() in handle_packet()"); + log_print("handle_cookie_response() in handle_packet()"); return -1; } break; @@ -109,7 +109,7 @@ int handle_packet(int sock, char *address) ntohs(sin.sin_port), global_schemes, global_schemesize) == -1) { - log_error(0, "handle_value_request() in handle_packet()"); + log_print("handle_value_request() in handle_packet()"); return -1; } break; @@ -117,7 +117,7 @@ int handle_packet(int sock, char *address) if (handle_value_response(recv_buffer, size, inet_ntoa(sin.sin_addr), address) == -1) { - log_error(0, "handle_value_response() in handle_packet()"); + log_print("handle_value_response() in handle_packet()"); return -1; } break; @@ -125,7 +125,7 @@ int handle_packet(int sock, char *address) if (handle_identity_request(recv_buffer, size, inet_ntoa(sin.sin_addr), address) == -1) { - log_error(0, "handle_identity_request() in handle_packet()"); + log_print("handle_identity_request() in handle_packet()"); return -1; } break; @@ -133,7 +133,7 @@ int handle_packet(int sock, char *address) if (handle_identity_response(recv_buffer, size, inet_ntoa(sin.sin_addr), address) == -1) { - log_error(0, "handle_identity_response() in handle_packet()"); + log_print("handle_identity_response() in handle_packet()"); return -1; } break; @@ -141,7 +141,7 @@ int handle_packet(int sock, char *address) if (handle_spi_update(recv_buffer, size, inet_ntoa(sin.sin_addr), address) == -1) { - log_error(0, "handle_spi_update() in handle_packet()"); + log_print("handle_spi_update() in handle_packet()"); return -1; } break; @@ -149,40 +149,40 @@ int handle_packet(int sock, char *address) if (handle_spi_needed(recv_buffer, size, inet_ntoa(sin.sin_addr), address) == -1) { - log_error(0, "handle_spi_needed() in handle_packet()"); + log_print("handle_spi_needed() in handle_packet()"); return -1; } break; case BAD_COOKIE: if (handle_bad_cookie(recv_buffer, size, inet_ntoa(sin.sin_addr)) == -1) { - log_error(0, "handle_bad_cookie() in handle_packet()"); + log_print("handle_bad_cookie() in handle_packet()"); return -1; } break; case RESOURCE_LIMIT: if (handle_resource_limit(recv_buffer, size, inet_ntoa(sin.sin_addr)) == -1) { - log_error(0, "handle_resource_limit() in handle_packet()"); + log_print("handle_resource_limit() in handle_packet()"); return -1; } break; case VERIFICATION_FAILURE: if (handle_verification_failure(recv_buffer, size, inet_ntoa(sin.sin_addr)) == -1) { - log_error(0, "handle_verification_failure() in handle_packet()"); + log_print("handle_verification_failure() in handle_packet()"); return -1; } break; case MESSAGE_REJECT: if (handle_message_reject(recv_buffer, size, inet_ntoa(sin.sin_addr)) == -1) { - log_error(0, "handle_message_reject() in handle_packet()"); + log_print("handle_message_reject() in handle_packet()"); return -1; } break; default: - log_error(0, "Unknown packet type %d in handle_packet()", + log_print("Unknown packet type %d in handle_packet()", header->type); return 0; } @@ -204,7 +204,7 @@ send_packet(void) if (sendto(global_socket, packet_buffer, packet_size, 0, (struct sockaddr *) &sin, sizeof(sin)) != packet_size) { /* XXX Code to notify kernel of failure */ - log_error(1, "sendto() in handle_packet()"); + log_error("sendto() in handle_packet()"); return; } } diff --git a/sbin/photurisd/photuris_packet_encrypt.c b/sbin/photurisd/photuris_packet_encrypt.c index 4d8f9b78f20..d4dc4323013 100644 --- a/sbin/photurisd/photuris_packet_encrypt.c +++ b/sbin/photurisd/photuris_packet_encrypt.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: photuris_packet_encrypt.c,v 1.1 1998/11/14 23:37:26 deraadt Exp $"; +static char rcsid[] = "$Id: photuris_packet_encrypt.c,v 1.2 2000/12/11 21:21:18 provos Exp $"; #endif #define _ENCRYPT_C_ @@ -52,7 +52,7 @@ static char rcsid[] = "$Id: photuris_packet_encrypt.c,v 1.1 1998/11/14 23:37:26 #include "attributes.h" #include "encrypt.h" #include "secrets.h" -#include "errlog.h" +#include "log.h" #ifdef DEBUG #include "config.h" #endif @@ -119,7 +119,7 @@ packet_encrypt(struct stateob *st, u_int8_t *payload, u_int16_t payloadlen) #endif pkey = calloc(payloadlen,sizeof(u_int8_t)); if(pkey == NULL) { - log_error(1, "Not enough memory for privacy secret"); + log_error("Not enough memory for privacy secret"); return -1; } if(compute_privacy_key(st, pkey, @@ -145,7 +145,7 @@ packet_encrypt(struct stateob *st, u_int8_t *payload, u_int16_t payloadlen) #endif pkey = calloc(payloadlen + 8, sizeof(u_int8_t)); if(pkey == NULL) { - log_error(1, "Not enough memory for privacy secret"); + log_error("Not enough memory for privacy secret"); return -1; } /* XOR Mask */ @@ -187,7 +187,7 @@ packet_encrypt(struct stateob *st, u_int8_t *payload, u_int16_t payloadlen) #endif pkey = calloc(payloadlen+24, sizeof(u_int8_t)); if(pkey == NULL) { - log_error(1, "Not enough memory for owner privacy secret"); + log_error("Not enough memory for owner privacy secret"); return -1; } /* XOR Mask */ @@ -231,7 +231,7 @@ packet_encrypt(struct stateob *st, u_int8_t *payload, u_int16_t payloadlen) key1, key2, key3, &keys[3], DES_ENCRYPT); break; default: - log_error(0, "Unknown exchange scheme: %d\n", + log_print("Unknown exchange scheme: %d\n", *((u_int16_t *)st->scheme)); return -1; } @@ -262,7 +262,7 @@ packet_decrypt(struct stateob *st, u_int8_t *payload, u_int16_t *payloadlen) #endif pkey = calloc(*payloadlen, sizeof(u_int8_t)); if(pkey == NULL) { - log_error(1, "Not enough memory for privacy secret"); + log_error("Not enough memory for privacy secret"); return -1; } if(compute_privacy_key(st, pkey, @@ -287,7 +287,7 @@ packet_decrypt(struct stateob *st, u_int8_t *payload, u_int16_t *payloadlen) #endif pkey = calloc(*payloadlen+8, sizeof(u_int8_t)); if(pkey == NULL) { - log_error(1, "Not enough memory for privacy secret"); + log_error("Not enough memory for privacy secret"); return -1; } /* XOR Mask */ @@ -328,7 +328,7 @@ packet_decrypt(struct stateob *st, u_int8_t *payload, u_int16_t *payloadlen) #endif pkey = calloc(*payloadlen + 24, sizeof(u_int8_t)); if(pkey == NULL) { - log_error(1, "Not enough memory for privacy secret"); + log_error("Not enough memory for privacy secret"); return -1; } /* XOR Mask */ @@ -371,7 +371,7 @@ packet_decrypt(struct stateob *st, u_int8_t *payload, u_int16_t *payloadlen) packet_mask(payload, *payloadlen, pkey); break; default: - log_error(0,"Unknown exchange scheme: %d\n", + log_error("Unknown exchange scheme: %d\n", *((u_int16_t *)st->scheme)); return -1; } diff --git a/sbin/photurisd/photurisd.c b/sbin/photurisd/photurisd.c index fba902f912b..58c09faff95 100644 --- a/sbin/photurisd/photurisd.c +++ b/sbin/photurisd/photurisd.c @@ -32,7 +32,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: photurisd.c,v 1.5 2000/12/11 20:32:15 provos Exp $"; +static char rcsid[] = "$Id: photurisd.c,v 1.6 2000/12/11 21:21:18 provos Exp $"; #endif #define _PHOTURIS_C_ @@ -55,7 +55,7 @@ static char rcsid[] = "$Id: photurisd.c,v 1.5 2000/12/11 20:32:15 provos Exp $"; #include "spi.h" #include "packet.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" #ifdef IPSEC #include "attributes.h" #include "kernel.h" @@ -88,15 +88,15 @@ init_vars(void) attrib_file = NULL; if ((config_file = calloc(1, sizeof(PHOTURIS_CONFIG))) == NULL) - crit_error(1, "no memory in init_vars()" ); + log_fatal("no memory in init_vars()" ); strcpy(config_file, PHOTURIS_CONFIG); if ((secret_file = calloc(1, sizeof(PHOTURIS_SECRET))) == NULL) - crit_error(1, "no memory in init_vars()" ); + log_fatal("no memory in init_vars()" ); strcpy(secret_file, PHOTURIS_SECRET); if ((attrib_file = calloc(1, sizeof(PHOTURIS_ATTRIB))) == NULL) - crit_error(1, "no memory in init_vars()"); + log_fatal("no memory in init_vars()"); strcpy(attrib_file, PHOTURIS_ATTRIB); reset_secret(); @@ -115,16 +115,32 @@ main(int argc, char **argv) { int ch; int primes = 0, ignore = 0; + int cls, level; char *dir = PHOTURIS_DIR; daemon_mode = 0; global_port = 0; - while ((ch = getopt(argc, argv, "cid:p:")) != -1) + log_init(); + + while ((ch = getopt(argc, argv, "D:cid:p:")) != -1) switch((char)ch) { case 'c': primes = 1; break; +#ifdef USE_DEBUG + case 'D': + if (sscanf(optarg, "%d=%d", &cls, &level) != 2) { + if (sscanf(optarg, "A=%d", &level) == 1) { + for (cls = 0; cls < LOG_ENDCLASS; cls++) + log_debug_cmd(cls, level); + } else + log_print("parse_args: -D argument unparseable: %s", optarg); + } + else + log_debug_cmd(cls, level); + break; +#endif /* USE_DEBUG */ case 'i': ignore = 1; break; @@ -140,7 +156,7 @@ main(int argc, char **argv) } if (chdir(dir) == -1) - crit_error(1, "chdir(\"%s\") in main()", dir); + log_fatal("chdir(\"%s\") in main()", dir); argc -= optind; diff --git a/sbin/photurisd/schedule.c b/sbin/photurisd/schedule.c index 7bbb95d6d64..c33e360ff34 100644 --- a/sbin/photurisd/schedule.c +++ b/sbin/photurisd/schedule.c @@ -35,7 +35,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: schedule.c,v 1.1 1998/11/14 23:37:28 deraadt Exp $"; +static char rcsid[] = "$Id: schedule.c,v 1.2 2000/12/11 21:21:18 provos Exp $"; #endif #define _SCHEDULE_C_ @@ -55,7 +55,7 @@ static char rcsid[] = "$Id: schedule.c,v 1.1 1998/11/14 23:37:28 deraadt Exp $"; #include "buffer.h" #include "schedule.h" #include "secrets.h" -#include "errlog.h" +#include "log.h" #include "cookie.h" #include "modulus.h" #include "api.h" @@ -86,7 +86,7 @@ schedule_insert(int type, int off, u_int8_t *cookie, u_int16_t cookie_size) #endif if ((tmp = calloc(1, sizeof(struct schedule))) == NULL) { - log_error(1, "calloc() in schedule_insert()"); + log_error("calloc() in schedule_insert()"); return; } @@ -97,7 +97,7 @@ schedule_insert(int type, int off, u_int8_t *cookie, u_int16_t cookie_size) if (cookie != NULL) { tmp->cookie = calloc(cookie_size, sizeof(u_int8_t)); if (tmp->cookie == NULL) { - log_error(1, "calloc() in schedule_insert()"); + log_error("calloc() in schedule_insert()"); free(tmp); return; } @@ -232,7 +232,7 @@ schedule_process(int sock) } else if (st->retries >= max_retries) { remove = 1; if (st->phase == COOKIE_REQUEST && st->resource == 0) { - log_error(0, "no anwser for cookie request to %s:%d", + log_print("no anwser for cookie request to %s:%d", st->address, st->port); #ifdef IPSEC if (st->flags & IPSEC_NOTIFY) @@ -243,7 +243,7 @@ schedule_process(int sock) /* Try again with updated counters */ struct stateob *newst; if ((newst = state_new()) == NULL) { - log_error(1, "state_new() in schedule_process()"); + log_error("state_new() in schedule_process()"); break; } state_copy_flags(st, newst); @@ -255,7 +255,7 @@ schedule_process(int sock) state_insert(newst); break; } else { - log_error(0, "exchange terminated, phase %d to %s:%d", + log_print("exchange terminated, phase %d to %s:%d", st->phase, st->address, st->port); break; } @@ -263,7 +263,7 @@ schedule_process(int sock) if (st->packet == NULL || st->packetlen == 0) { - log_error(0, "no packet in schedule_process()"); + log_print("no packet in schedule_process()"); remove = 1; break; } @@ -279,7 +279,7 @@ schedule_process(int sock) if (sendto(sock, st->packet, st->packetlen, 0, (struct sockaddr *) &sin, sizeof(sin)) != st->packetlen) { - log_error(1, "sendto() in schedule_process()"); + log_error("sendto() in schedule_process()"); remove = 1; break; } @@ -302,7 +302,7 @@ schedule_process(int sock) remove = 1; /* We are to create a new SPI */ if ((spi = spi_find(NULL, tmp->cookie)) == NULL) { - log_error(0, "spi_find() in schedule_process()"); + log_print("spi_find() in schedule_process()"); break; } if ((st = state_find_cookies(spi->address, spi->icookie, NULL)) == NULL) { @@ -311,7 +311,7 @@ schedule_process(int sock) * This happens always when an exchange expires but * updates are still scheduled for it. */ - log_error(0, "state_find_cookies() in schedule_process()"); + log_print("state_find_cookies() in schedule_process()"); #endif break; } @@ -319,7 +319,7 @@ schedule_process(int sock) if (st->oSPIattrib != NULL) free(st->oSPIattrib); if ((st->oSPIattrib = calloc(spi->attribsize, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in schedule_process()"); + log_error("calloc() in schedule_process()"); break; } st->oSPIattribsize = spi->attribsize; @@ -328,13 +328,13 @@ schedule_process(int sock) /* We can keep our old attributes, this is only an update */ if (make_spi(st, spi->local_address, st->oSPI, &(st->olifetime), &(st->oSPIattrib), &(st->oSPIattribsize)) == -1) { - log_error(0, "make_spi() in schedule_process()"); + log_print("make_spi() in schedule_process()"); break; } packet_size = PACKET_BUFFER_SIZE; if (photuris_spi_update(st, packet_buffer, &packet_size) == -1) { - log_error(0, "photuris_spi_update() in schedule_process()"); + log_print("photuris_spi_update() in schedule_process()"); break; } @@ -345,7 +345,7 @@ schedule_process(int sock) if (sendto(sock, packet_buffer, packet_size, 0, (struct sockaddr *) &sin, sizeof(sin)) != packet_size) { - log_error(1, "sendto() in schedule_process()"); + log_error("sendto() in schedule_process()"); break; } @@ -354,11 +354,11 @@ schedule_process(int sock) #endif /* Insert Owner SPI */ if ((nspi = spi_new(st->address, st->oSPI)) == NULL) { - log_error(1, "spi_new() in handle_spi_needed()"); + log_error("spi_new() in handle_spi_needed()"); break; } if ((nspi->local_address = strdup(spi->local_address)) == NULL) { - log_error(1, "strdup() in handle_spi_needed()"); + log_error("strdup() in handle_spi_needed()"); spi_value_reset(nspi); break; } @@ -367,7 +367,7 @@ schedule_process(int sock) nspi->attribsize = st->oSPIattribsize; nspi->attributes = calloc(nspi->attribsize, sizeof(u_int8_t)); if (nspi->attributes == NULL) { - log_error(1, "calloc() in handle_spi_needed()"); + log_error("calloc() in handle_spi_needed()"); spi_value_reset(nspi); break; } @@ -384,7 +384,7 @@ schedule_process(int sock) break; default: remove = 1; - log_error(0, "Unknown event in schedule_process()"); + log_print("Unknown event in schedule_process()"); break; } diff --git a/sbin/photurisd/scheme.c b/sbin/photurisd/scheme.c index d50904bf127..6feb090d031 100644 --- a/sbin/photurisd/scheme.c +++ b/sbin/photurisd/scheme.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: scheme.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; +static char rcsid[] = "$Id: scheme.c,v 1.3 2000/12/11 21:21:18 provos Exp $"; #endif #define _SCHEME_C_ @@ -47,7 +47,7 @@ static char rcsid[] = "$Id: scheme.c,v 1.2 2000/12/11 02:16:50 provos Exp $"; #include "attributes.h" #include "buffer.h" #include "scheme.h" -#include "errlog.h" +#include "log.h" u_int8_t * scheme_get_gen(u_int8_t *scheme) @@ -75,7 +75,7 @@ scheme_get_gen(u_int8_t *scheme) header = 2; return scheme+2+header; default: - log_error(0, "Unknown scheme in scheme_get_gen()"); + log_print("Unknown scheme in scheme_get_gen()"); return NULL; } } @@ -111,7 +111,7 @@ scheme_get_mod(u_int8_t *scheme) return scheme+2; break; default: - log_error(0, "Unknown scheme in scheme_get_mod()"); + log_print("Unknown scheme in scheme_get_mod()"); return NULL; } } @@ -143,7 +143,7 @@ scheme_get_ref(u_int8_t *scheme) case DH_G_VAR_3DES_SHA1: return DH_G_VAR_MD5; default: - log_error(0, "Unknown scheme in scheme_get_ref()"); + log_print("Unknown scheme in scheme_get_ref()"); return 0; } } diff --git a/sbin/photurisd/server.c b/sbin/photurisd/server.c index cb9f5f868f3..a14fc6f4f56 100644 --- a/sbin/photurisd/server.c +++ b/sbin/photurisd/server.c @@ -35,7 +35,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: server.c,v 1.3 2000/12/11 20:32:15 provos Exp $"; +static char rcsid[] = "$Id: server.c,v 1.4 2000/12/11 21:21:18 provos Exp $"; #endif #define _SERVER_C_ @@ -63,7 +63,7 @@ static char rcsid[] = "$Id: server.c,v 1.3 2000/12/11 20:32:15 provos Exp $"; #include "api.h" #include "packet.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" #include "buffer.h" #ifdef IPSEC #include "spi.h" @@ -89,7 +89,7 @@ init_server(void) struct servent *ser; if ((ser = getservbyname("photuris", "udp")) == (struct servent *) NULL) - crit_error(1, "getservbyname(\"photuris\") in init_server()"); + log_fatal("getservbyname(\"photuris\") in init_server()"); global_port = ser->s_port; #else @@ -98,10 +98,10 @@ init_server(void) } if ((proto = getprotobyname("udp")) == (struct protoent *) NULL) - crit_error(1, "getprotobyname() in init_server()"); + log_fatal("getprotobyname() in init_server()"); if ((global_socket = socket(PF_INET, SOCK_DGRAM, proto->p_proto)) < 0) - crit_error(1, "socket() in init_server()"); + log_fatal("socket() in init_server()"); setsockopt(global_socket, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); @@ -116,33 +116,33 @@ init_server(void) bzero(buf, 1024); if (ioctl(global_socket, SIOCGIFCONF, &ifconf) == -1) - crit_error(1, "ioctl() in init_server()"); + log_fatal("ioctl() in init_server()"); sin.sin_port = htons(global_port); sin.sin_addr.s_addr = INADDR_ANY; sin.sin_family = AF_INET; if (bind(global_socket, (struct sockaddr *)&sin, sizeof(struct sockaddr)) < 0) - crit_error(1, "bind() in init_server()"); + log_fatal("bind() in init_server()"); /* Save interfaces addresses here */ addresses = (char **) calloc(1+1, sizeof(char *)); if (addresses == (char **) NULL) - crit_error(1, "calloc() in init_server()"); + log_fatal("calloc() in init_server()"); addresses[1] = (char *) NULL; sockets = (int *) calloc(1+1, sizeof(int)); if (sockets == (int *) NULL) - crit_error(1, "calloc() in init_server()"); + log_fatal("calloc() in init_server()"); sockets[1] = -1; if (lstat(PHOTURIS_FIFO, &sb) == -1) { if (errno != ENOENT) - crit_error(1, "stat() in init_server()"); + log_fatal("stat() in init_server()"); if (mkfifo(PHOTURIS_FIFO, 0660) == -1) - crit_error(1, "mkfifo() in init_server()"); + log_fatal("mkfifo() in init_server()"); } else if (!(sb.st_mode & S_IFIFO)) - log_error(0, "%s is not a FIFO in init_server()", PHOTURIS_FIFO); + log_print("%s is not a FIFO in init_server()", PHOTURIS_FIFO); /* We listen on a named pipe */ #if defined(linux) || defined(_AIX) @@ -150,7 +150,7 @@ init_server(void) #else if ((sockets[0] = open(PHOTURIS_FIFO, O_RDONLY | O_NONBLOCK, 0)) == -1) #endif - crit_error(1, "open() in init_server()"); + log_fatal("open() in init_server()"); i = 1; /* One interface already */ #ifdef IPSEC @@ -159,7 +159,7 @@ init_server(void) if (newbuf == NULL) { if (addresses != NULL) free (addresses); - crit_error(1, "realloc() in init_server()"); + log_fatal("realloc() in init_server()"); } addresses = (char **) newbuf; @@ -169,7 +169,7 @@ init_server(void) if (newbuf == NULL) { if (sockets != NULL) free (sockets); - crit_error(1, "realloc() in init_server()"); + log_fatal("realloc() in init_server()"); } sockets = (int *) newbuf; @@ -197,27 +197,27 @@ init_server(void) if (newbuf == NULL) { if (addresses != NULL) free (addresses); - crit_error(1, "realloc() in init_server()"); + log_fatal("realloc() in init_server()"); } addresses = (char **) newbuf; addresses[i] = strdup(inet_ntoa(sin2->sin_addr)); if (addresses[i] == (char *) NULL) - crit_error(1, "strdup() in init_server()"); + log_fatal("strdup() in init_server()"); addresses[i + 1] = (char *) NULL; newbuf = realloc(sockets, (i + 2)* sizeof(int)); if (newbuf == NULL) { if (sockets != NULL) free (sockets); - crit_error(1, "realloc() in init_server()"); + log_fatal("realloc() in init_server()"); } sockets = (int *) newbuf; sockets[i+1] = -1; if ((sock = socket(PF_INET, SOCK_DGRAM, proto->p_proto)) < 0) - crit_error(1, "socket() in init_server()"); + log_fatal("socket() in init_server()"); setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); #ifdef IPSEC @@ -236,7 +236,7 @@ init_server(void) sin.sin_family = AF_INET; if (bind(sockets[i], (struct sockaddr *)&sin, sizeof(struct sockaddr)) < 0) - crit_error(1, "bind() in init_server()"); + log_fatal("bind() in init_server()"); } @@ -261,11 +261,11 @@ server(void) size = howmany(sockets[num_ifs-1], NFDBITS) * sizeof(fd_mask); normfds = (fd_set *)malloc(size); if (normfds == NULL) - crit_error(1, "malloc(%d) for fd_set", size); + log_fatal("malloc(%d) for fd_set", size); readfds = (fd_set *)malloc(size); if (readfds == NULL) - crit_error(1, "malloc(%d) for fd_set", size); + log_fatal("malloc(%d) for fd_set", size); memset((void *)normfds, 0, size); @@ -289,7 +289,7 @@ server(void) if (errno == EINTR) continue; else - crit_error(1, "select() in server()"); + log_fatal("select() in server()"); } for (i=0; i<num_ifs; i++) { @@ -312,7 +312,7 @@ server(void) MSG_PEEK, (struct sockaddr *)&sin, &d) == -1) { - log_error(1, "recvfrom() in server()"); + log_error("recvfrom() in server()"); return -1; } handle_packet(sockets[i], addresses[i]); diff --git a/sbin/photurisd/spi.c b/sbin/photurisd/spi.c index 4444d68da77..c8345d6d50a 100644 --- a/sbin/photurisd/spi.c +++ b/sbin/photurisd/spi.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: spi.c,v 1.3 2000/12/11 20:32:15 provos Exp $"; +static char rcsid[] = "$Id: spi.c,v 1.4 2000/12/11 21:21:18 provos Exp $"; #endif #define _SPI_C_ @@ -52,7 +52,7 @@ static char rcsid[] = "$Id: spi.c,v 1.3 2000/12/11 20:32:15 provos Exp $"; #include "buffer.h" #include "spi.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" #ifdef IPSEC #include "kernel.h" #endif @@ -77,7 +77,7 @@ make_spi(struct stateob *st, char *local_address, if(*attributes == NULL) { /* We are in need of attributes */ if (select_attrib(st, attributes, attribsize) == -1) { - log_error(0, "select_attrib() in make_spi()"); + log_print("select_attrib() in make_spi()"); return -1; } } diff --git a/sbin/photurisd/state.c b/sbin/photurisd/state.c index 528ef0e1a7d..f7f16b3548f 100644 --- a/sbin/photurisd/state.c +++ b/sbin/photurisd/state.c @@ -44,7 +44,7 @@ #include "photuris.h" #include "state.h" #include "schedule.h" -#include "errlog.h" +#include "log.h" static struct stateob *stateob = NULL; @@ -96,7 +96,7 @@ state_save_verification(struct stateob *st, u_int8_t *buf, u_int16_t len) free(st->verification); if ((st->verification = calloc(len, sizeof(u_int8_t))) == NULL) { - log_error(1, "calloc() in state_save_verification()"); + log_error("calloc() in state_save_verification()"); return -1; } } diff --git a/sbin/photurisd/validity.c b/sbin/photurisd/validity.c index 6e70d4ca92f..903e5fa6e7d 100644 --- a/sbin/photurisd/validity.c +++ b/sbin/photurisd/validity.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: validity.c,v 1.1 1998/11/14 23:37:30 deraadt Exp $"; +static char rcsid[] = "$Id: validity.c,v 1.2 2000/12/11 21:21:18 provos Exp $"; #endif #define _VALIDITY_C_ @@ -50,7 +50,7 @@ static char rcsid[] = "$Id: validity.c,v 1.1 1998/11/14 23:37:30 deraadt Exp $"; #include "config.h" #include "scheme.h" #include "exchange.h" -#include "errlog.h" +#include "log.h" #include "state.h" #include "attributes.h" #include "validity.h" @@ -78,7 +78,7 @@ get_validity_verification_size(struct stateob *st) case DH_G_5_3DES_SHA1: return (160/8)+2; default: - log_error(0, "validitiy.c: Unknown exchange scheme: %d\n", + log_print("validitiy.c: Unknown exchange scheme: %d\n", *((u_int16_t *)st->scheme)); return 0; } @@ -105,7 +105,7 @@ create_validity_verification(struct stateob *st, u_int8_t *buffer, hash = get_hash(HASH_SHA1); break; default: - log_error(0, "validity.c: Unknown exchange scheme: %d\n", + log_print("validity.c: Unknown exchange scheme: %d\n", *((u_int16_t *)st->scheme)); return 0; } @@ -146,7 +146,7 @@ verify_validity_verification(struct stateob *st, u_int8_t *buffer, hash = get_hash(HASH_SHA1); break; default: - log_error(0, "validity.c: Unknown exchange scheme: %d\n", + log_print("validity.c: Unknown exchange scheme: %d\n", *((u_int16_t *)st->scheme)); return 0; } |