diff options
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/iked/ikev2.c | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 13bf25adb31..f5c90159b48 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.231 2020/06/09 21:53:26 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.232 2020/06/15 18:37:37 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -4588,7 +4588,8 @@ ikev2_sa_initiator_dh(struct iked_sa *sa, struct iked_message *msg, if (!ibuf_length(sa->sa_dhiexchange)) { if ((sa->sa_dhiexchange = ibuf_new(NULL, dh_getlen(sa->sa_dhgroup))) == NULL) { - log_debug("%s: failed to alloc dh exchange", __func__); + log_info("%s: failed to alloc dh exchange", + SPI_SA(msg->msg_sa, __func__)); return (-1); } if (dh_create_exchange(sa->sa_dhgroup, @@ -4609,7 +4610,8 @@ ikev2_sa_initiator_dh(struct iked_sa *sa, struct iked_message *msg, } if ((ssize_t)ibuf_length(msg->msg_ke) != dh_getlen(sa->sa_dhgroup)) { - log_debug("%s: invalid dh length, size %d", __func__, + log_info("%s: invalid dh length, size %d", + SPI_SA(msg->msg_sa, __func__), dh_getlen(sa->sa_dhgroup) * 8); return (-1); } @@ -4703,7 +4705,8 @@ ikev2_sa_initiator(struct iked *env, struct iked_sa *sa, if (!ibuf_length(sa->sa_inonce)) { if ((sa->sa_inonce = ibuf_random(IKED_NONCE_SIZE)) == NULL) { - log_debug("%s: failed to get local nonce", __func__); + log_info("%s: failed to get local nonce", + SPI_SA(sa, __func__)); return (-1); } } @@ -4714,11 +4717,13 @@ ikev2_sa_initiator(struct iked *env, struct iked_sa *sa, if (!ibuf_length(sa->sa_rnonce)) { if (!ibuf_length(msg->msg_nonce)) { - log_debug("%s: invalid peer nonce", __func__); + log_info("%s: invalid peer nonce", + SPI_SA(sa, __func__)); return (-1); } if ((sa->sa_rnonce = ibuf_dup(msg->msg_nonce)) == NULL) { - log_debug("%s: failed to get peer nonce", __func__); + log_info("%s: failed to get peer nonce", + SPI_SA(sa, __func__)); return (-1); } } @@ -4771,13 +4776,14 @@ ikev2_sa_responder_dh(struct iked_kex *kex, struct iked_proposals *proposals, if (!ibuf_length(kex->kex_dhrexchange)) { if ((kex->kex_dhrexchange = ibuf_new(NULL, dh_getlen(kex->kex_dhgroup))) == NULL) { - log_debug("%s: failed to alloc dh exchange", + log_info("%s: failed to alloc dh exchange", SPI_SA(msg->msg_sa, __func__)); return (-1); } if (dh_create_exchange(kex->kex_dhgroup, kex->kex_dhrexchange->buf) == -1) { - log_debug("%s: failed to get dh exchange", __func__); + log_info("%s: failed to get dh exchange", + SPI_SA(msg->msg_sa ,__func__)); return (-1); } } @@ -4787,7 +4793,7 @@ ikev2_sa_responder_dh(struct iked_kex *kex, struct iked_proposals *proposals, ((ssize_t)ibuf_length(kex->kex_dhiexchange) != dh_getlen(kex->kex_dhgroup))) { /* XXX send notification to peer */ - log_debug("%s: invalid dh, size %d", + log_info("%s: invalid dh, size %d", SPI_SA(msg->msg_sa, __func__), dh_getlen(kex->kex_dhgroup) * 8); return (-1); |