commit 388b556835c09605cdbaff557ebb6a5efc19fb0c
parent 05f43f4c98279058f35a7753ab7e03d57fae5b0f
Author: sin <sin@2f30.org>
Date: Tue, 21 Mar 2017 23:36:56 +0000
Revamp logging
Diffstat:
12 files changed, 118 insertions(+), 48 deletions(-)
diff --git a/auth.c b/auth.c
@@ -27,10 +27,10 @@ challenge(int netfd)
for (;;) {
ret = poll(pfd, 1, AUTHTIMEO * 1000);
if (ret < 0) {
- logwarn("poll failed");
+ logwarn("poll");
return -1;
} else if (ret == 0) {
- logwarn("challenge-response timed out");
+ logwarnx("challenge-response timed out");
return -1;
}
@@ -64,10 +64,10 @@ response(int netfd)
for (;;) {
ret = poll(pfd, 1, AUTHTIMEO * 1000);
if (ret < 0) {
- logwarn("poll failed");
+ logwarn("poll");
return -1;
} else if (ret == 0) {
- logwarn("challenge-response timed out");
+ logwarnx("challenge-response timed out");
return -1;
}
diff --git a/client.c b/client.c
@@ -21,7 +21,7 @@ clientconnect(char *host, char *port)
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
if ((ret = getaddrinfo(host, port, &hints, &ai))) {
- logwarn("getaddrinfo: %s", gai_strerror(ret));
+ logwarnx("getaddrinfo: %s", gai_strerror(ret));
return -1;
}
@@ -39,7 +39,7 @@ clientconnect(char *host, char *port)
}
freeaddrinfo(ai);
if (!p) {
- logwarn("failed to connect to %s:%s", host, port);
+ logwarnx("failed to connect to %s:%s", host, port);
return -1;
}
@@ -49,7 +49,7 @@ clientconnect(char *host, char *port)
if (response(netfd) < 0 || challenge(netfd) < 0) {
close(netfd);
- logwarn("challenge-response failed");
+ logwarnx("challenge-response failed");
return -1;
}
return netfd;
diff --git a/crypto.c b/crypto.c
@@ -38,7 +38,7 @@ setcipher(char *name)
return;
}
}
- logerr("unknown cipher: %s", name);
+ fatalx("unknown cipher: %s", name);
}
void
@@ -46,7 +46,7 @@ derivekey(char *pw)
{
if (!PKCS5_PBKDF2_HMAC_SHA1(pw, strlen(pw), NULL, 0, NROUNDS,
EVP_AEAD_key_length(aead), key))
- logerr("PKCS5_PBKDF2_HMAC_SHA1 failed");
+ fatalx("PKCS5_PBKDF2_HMAC_SHA1 failed");
}
void
@@ -56,7 +56,7 @@ cryptoinit(void)
EVP_AEAD_DEFAULT_TAG_LENGTH, NULL) ||
!EVP_AEAD_CTX_init(&dctx, aead, key, EVP_AEAD_key_length(aead),
EVP_AEAD_DEFAULT_TAG_LENGTH, NULL))
- logerr("EVP_AEAD_CTX_init failed");
+ fatalx("EVP_AEAD_CTX_init failed");
}
size_t
diff --git a/dev_bsd.c b/dev_bsd.c
@@ -28,20 +28,20 @@ devopen(char *ifname)
snprintf(dev, sizeof(dev), "/dev/%s", basename(ifname));
if ((fd = open(dev, O_RDWR)) < 0)
- logerr("failed to open %s", dev);
+ fatal("open %s", dev);
if (ioctl(fd, TUNGIFINFO, &ti) < 0)
- logerr("failed to set TUNGIFINFO on %s", dev);
+ fatal("TUNGIFINFO %s", dev);
if (devtype == TUNDEV)
ti.mtu = MAXPAYLOADLEN;
else
ti.mtu = MAXPAYLOADLEN - 14; /* make room for ethernet header */
if (ioctl(fd, TUNSIFINFO, &ti) < 0)
- logerr("failed to set TUNSIFINFO on %s", dev);
+ fatal("TUNSIFINFO %s", dev);
if (devtype == TUNDEV) {
#if defined(TUNSIFHEAD)
int one = 1;
if (ioctl(fd, TUNSIFHEAD, &one) < 0)
- logerr("failed to set TUNSIFHEAD on %s", dev);
+ fatal("TUNSIFHEAD %s", dev);
#endif
}
return fd;
diff --git a/dev_linux.c b/dev_linux.c
@@ -18,24 +18,24 @@ devopen(char *ifname)
int fd, s;
if ((fd = open("/dev/net/tun", O_RDWR)) < 0)
- logerr("failed to open %s", "/dev/net/tun");
+ fatal("open %s", "/dev/net/tun");
memset(&ifr, 0, sizeof(ifr));
ifr.ifr_flags = (devtype == TUNDEV ? IFF_TUN : IFF_TAP) | IFF_NO_PI;
strncpy(ifr.ifr_name, ifname, IF_NAMESIZE);
ifr.ifr_name[IF_NAMESIZE - 1] = '\0';
if (ioctl(fd, TUNSETIFF, &ifr) < 0)
- logerr("failed to set TUNSETIFF on %s", ifname);
+ fatal("TUNSETIFF %s", ifname);
/* dummy socket so we can manipulate the params */
if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0)
- logerr("failed to create socket");
+ fatal("socket");
if (devtype == TUNDEV)
ifr.ifr_mtu = MAXPAYLOADLEN;
else
ifr.ifr_mtu = MAXPAYLOADLEN - 14; /* make room for ethernet header */
if (ioctl(s, SIOCSIFMTU, &ifr) < 0)
- logerr("failed to set MTU on %s", ifname);
+ fatal("SIOCSIFMTU %s", ifname);
close(s);
return fd;
diff --git a/log.c b/log.c
@@ -1,14 +1,18 @@
+#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include <syslog.h>
#include "stun.h"
+int debug;
+
static char *progname;
static void
-logmsg(int priority, char *msg, va_list ap)
+vlog(int priority, char *msg, va_list ap)
{
if (debug) {
fprintf(stderr, "%s: ", progname);
@@ -30,30 +34,89 @@ loginit(char *prog)
void
logdbg(char *msg, ...)
{
+ char buf[512];
va_list ap;
va_start(ap, msg);
- logmsg(LOG_DAEMON | LOG_DEBUG, msg, ap);
+ snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(errno));
+ vlog(LOG_DAEMON | LOG_DEBUG, buf, ap);
+ va_end(ap);
+}
+
+void
+logdbgx(char *msg, ...)
+{
+ va_list ap;
+
+ va_start(ap, msg);
+ vlog(LOG_DAEMON | LOG_DEBUG, msg, ap);
va_end(ap);
}
void
logwarn(char *msg, ...)
{
+ char buf[512];
va_list ap;
va_start(ap, msg);
- logmsg(LOG_DAEMON | LOG_WARNING, msg, ap);
+ snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(errno));
+ vlog(LOG_DAEMON | LOG_WARNING, buf, ap);
+ va_end(ap);
+}
+
+void
+logwarnx(char *msg, ...)
+{
+ va_list ap;
+
+ va_start(ap, msg);
+ vlog(LOG_DAEMON | LOG_WARNING, msg, ap);
va_end(ap);
}
void
logerr(char *msg, ...)
{
+ char buf[512];
+ va_list ap;
+
+ va_start(ap, msg);
+ snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(errno));
+ vlog(LOG_DAEMON | LOG_ERR, buf, ap);
+ va_end(ap);
+}
+
+void
+logerrx(char *msg, ...)
+{
+ va_list ap;
+
+ va_start(ap, msg);
+ vlog(LOG_DAEMON | LOG_ERR, msg, ap);
+ va_end(ap);
+}
+
+void
+fatal(char *msg, ...)
+{
+ char buf[512];
+ va_list ap;
+
+ va_start(ap, msg);
+ snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(errno));
+ vlog(LOG_DAEMON | LOG_ERR, buf, ap);
+ va_end(ap);
+ exit(1);
+}
+
+void
+fatalx(char *msg, ...)
+{
va_list ap;
va_start(ap, msg);
- logmsg(LOG_DAEMON | LOG_ERR, msg, ap);
+ vlog(LOG_DAEMON | LOG_ERR, msg, ap);
va_end(ap);
exit(1);
}
diff --git a/netpkt.c b/netpkt.c
@@ -49,7 +49,7 @@ netwrite(int fd, unsigned char *pt, size_t ptlen, size_t *outlen)
int n, total = 0;
if (buflen > maxbuflen) {
- logerr("packet is too large");
+ logerrx("packet is too large");
return PKTFAILED;
}
@@ -58,7 +58,7 @@ netwrite(int fd, unsigned char *pt, size_t ptlen, size_t *outlen)
if (!cryptoseal(&wbuf[noncelen + HDRLEN], outlen,
ptlen + taglen, wbuf, noncelen,
pt, ptlen, &wbuf[noncelen], HDRLEN)) {
- logwarn("cryptoseal failed");
+ logwarnx("cryptoseal failed");
return -1;
}
*outlen = ptlen;
@@ -86,7 +86,7 @@ netread(int fd, unsigned char *pt, size_t ptlen, size_t *outlen)
int n, ctlen;
if (buflen > maxbuflen) {
- logerr("packet is too large");
+ logerrx("packet is too large");
return PKTFAILED;
}
@@ -146,7 +146,7 @@ netread(int fd, unsigned char *pt, size_t ptlen, size_t *outlen)
&rbuf[noncelen + HDRLEN],
rbuftotal - noncelen - HDRLEN,
&rbuf[noncelen], HDRLEN)) {
- logwarn("cryptoopen failed");
+ logwarnx("cryptoopen failed");
return PKTPARTIAL;
}
return PKTCOMPLETE;
@@ -178,8 +178,8 @@ netinit(void)
taglen = cryptotaglen();
maxbuflen = noncelen + HDRLEN + MAXPAYLOADLEN + taglen;
if (!(wbuf = malloc(maxbuflen)))
- logerr("oom");
+ fatal("malloc");
if (!(rbuf = malloc(maxbuflen)))
- logerr("oom");
+ fatal("malloc");
netreset();
}
diff --git a/server.c b/server.c
@@ -25,7 +25,7 @@ serverinit(char *host, char *port)
hints.ai_flags = AI_PASSIVE;
if ((ret = getaddrinfo(host, port, &hints, &ai))) {
- logwarn("getaddrinfo: %s", gai_strerror(ret));
+ logwarnx("getaddrinfo: %s", gai_strerror(ret));
return -1;
}
@@ -48,7 +48,7 @@ serverinit(char *host, char *port)
break;
}
if (!p)
- logerr("failed to bind socket");
+ logerrx("failed to bind socket");
freeaddrinfo(ai);
return listenfd;
}
@@ -63,7 +63,7 @@ serveraccept(int listenfd)
(socklen_t []){sizeof(remote)});
if (netfd < 0) {
if (errno != ECONNABORTED)
- logwarn("accept failed");
+ logwarn("accept");
return -1;
}
@@ -73,7 +73,7 @@ serveraccept(int listenfd)
if (challenge(netfd) < 0 || response(netfd) < 0) {
close(netfd);
- logwarn("challenge-response failed");
+ logwarnx("challenge-response failed");
return -1;
}
return netfd;
diff --git a/stun.c b/stun.c
@@ -57,7 +57,6 @@ char *port = DEFPORT;
char *cipher = DEFCIPHER;
int devtype = TUNDEV;
int aftype = AF_INET;
-int debug;
int sflag;
void
@@ -129,7 +128,7 @@ main(int argc, char *argv[])
/* disable core dumps as memory contains the pre-shared key */
rlim.rlim_cur = rlim.rlim_max = 0;
if (setrlimit(RLIMIT_CORE, &rlim) < 0)
- logerr("failed to disable core dumps");
+ fatalx("failed to disable core dumps");
signal(SIGPIPE, SIG_IGN);
if (!debug)
@@ -140,7 +139,7 @@ main(int argc, char *argv[])
/* initialize crypto engine */
if (!(pw = getenv("STUNPW")))
- logerr("STUNPW is not set");
+ fatalx("STUNPW is not set");
setcipher(cipher);
derivekey(pw);
cryptoinit();
@@ -154,15 +153,15 @@ main(int argc, char *argv[])
listenfd = serverinit(bindaddr, port);
revokeprivs(user);
if (mypledge("stdio inet", NULL) < 0)
- logerr("pledge failed");
+ fatal("pledge");
for (;;) {
if ((netfd = serveraccept(listenfd)) < 0) {
netreset();
continue;
}
- logdbg("client %s is ready", peer_ntop(netfd));
+ logdbgx("client %s is ready", peer_ntop(netfd));
tunnel(netfd, devfd);
- logdbg("client %s disconnected", peer_ntop(netfd));
+ logdbgx("client %s disconnected", peer_ntop(netfd));
close(netfd);
netreset();
}
@@ -170,16 +169,16 @@ main(int argc, char *argv[])
/* invoked as client */
revokeprivs(user);
if (mypledge("stdio dns inet", NULL) < 0)
- logerr("pledge failed");
+ fatal("pledge");
for (;;) {
if ((netfd = clientconnect(host, port)) < 0) {
netreset();
sleep(RECONNECTTIMEO);
continue;
}
- logdbg("connected to %s", peer_ntop(netfd));
+ logdbgx("connected to %s", peer_ntop(netfd));
tunnel(netfd, devfd);
- logdbg("disconnected from %s", peer_ntop(netfd));
+ logdbgx("disconnected from %s", peer_ntop(netfd));
close(netfd);
netreset();
sleep(RECONNECTTIMEO);
diff --git a/stun.h b/stun.h
@@ -23,6 +23,9 @@ enum {
TAPDEV
};
+/* log.c */
+extern int debug;
+
/* stun.c */
extern int devtype;
extern int aftype;
@@ -57,8 +60,13 @@ int devread(int, unsigned char *, int);
/* log.c */
void loginit(char *);
void logdbg(char *, ...);
+void logdbgx(char *, ...);
void logwarn(char *, ...);
+void logwarnx(char *, ...);
void logerr(char *, ...);
+void logerrx(char *, ...);
+void fatal(char *, ...);
+void fatalx(char *, ...);
/* netpkt.c */
int netwrite(int, unsigned char *, size_t, size_t *);
diff --git a/tunnel.c b/tunnel.c
@@ -16,7 +16,7 @@ tunnel(int netfd, int devfd)
pfd[1].events = POLLIN;
for (;;) {
if (poll(pfd, 2, -1) < 0) {
- logwarn("poll failed");
+ logwarn("poll");
return -1;
}
diff --git a/util.c b/util.c
@@ -58,11 +58,11 @@ revokeprivs(char *user)
struct passwd *pw;
if (!(pw = getpwnam(user)))
- logerr("no %s user", user);
+ fatalx("no %s user", user);
if (setgroups(1, &pw->pw_gid) < 0 ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0 ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0)
- logerr("failed to revoke privs");
+ fatalx("failed to revoke privs");
}
int
@@ -89,10 +89,10 @@ saddr_ntop(struct sockaddr *sa, socklen_t salen)
port, sizeof(port),
NI_NUMERICHOST | NI_NUMERICSERV))) {
if (ret == EAI_SYSTEM) {
- logwarn("getnameinfo failed");
+ logwarnx("getnameinfo failed");
return NULL;
} else {
- logwarn("getnameinfo: %s", gai_strerror(ret));
+ logwarnx("getnameinfo: %s", gai_strerror(ret));
return NULL;
}
}
@@ -107,7 +107,7 @@ peer_ntop(int fd)
socklen_t sslen = sizeof(ss);
if (getpeername(fd, (struct sockaddr *)&ss, &sslen) < 0) {
- logwarn("getpeername failed");
+ logwarn("getpeername");
return NULL;
}
return saddr_ntop((struct sockaddr *)&ss, sslen);
@@ -124,7 +124,7 @@ ipversion(unsigned char *pkt)
case 6:
return AF_INET6;
default:
- logwarn("unknown protocol version: %d", (int)ip->ip_v);
+ logwarnx("unknown protocol version: %d", (int)ip->ip_v);
break;
}
return -1;
