ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

introduced printf() specifiers for: 

host_t (%H)
  identification_t (%D)
  chunk pointers (%B)
  memory pointer/length (%b)
added a signaling bus:
  receives event and debug messages, sends them to its listeners
  stream_logger, sys_logger, file_logger added, listen to bus
some other tweaks here and there
This commit is contained in:
Martin Willi 2006-09-27 14:14:44 +00:00
parent f91513e333
commit 47f5027807
26 changed files with 1300 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/charon/Makefile.am
View File

@ -3,6 +3,10 @@
ipsec_PROGRAMS = charon
charon_SOURCES = \
bus/bus.c bus/bus.h \
bus/listeners/stream_logger.c bus/listeners/stream_logger.h \
bus/listeners/sys_logger.c bus/listeners/sys_logger.h \
bus/listeners/file_logger.c bus/listeners/file_logger.h \
config/connections/connection.c config/connections/connection.h \
config/connections/local_connection_store.c config/connections/local_connection_store.h config/connections/connection_store.h \
config/policies/policy.c config/policies/policy.h \

142
src/charon/bus/bus.c Normal file
View File

@ -0,0 +1,142 @@
/**
* @file bus.c
*
* @brief Implementation of bus_t.
*
*/
/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "bus.h"
typedef struct private_bus_t private_bus_t;
/**
* Private data of a bus_t object.
*/
struct private_bus_t {
/**
* Public part of a bus_t object.
*/
bus_t public;
/**
* List of registered listeners implementing the bus_t interface
*/
linked_list_t *listeners;
/**
* Thread local storage for a unique, simple thread ID
*/
pthread_key_t thread_id;
/**
* Thread local storage the threads IKE_SA
*/
pthread_key_t thread_sa;
};
/**
* Get a unique thread number for a calling thread. Since
* pthread_self returns large and ugly numbers, use this function
* for logging; these numbers are incremental starting at 1
*/
static int get_thread_number(private_bus_t *this)
{
static int current_num = 0, stored_num;
stored_num = (int)pthread_getspecific(this->thread_id);
if (stored_num == 0)
{ /* first call of current thread */
pthread_setspecific(this->thread_id, (void*)++current_num);
return current_num;
}
else
{
return stored_num;
}
}
/**
* Implementation of bus_t.add_listener.
*/
static void add_listener(private_bus_t *this, bus_listener_t *listener)
{
this->listeners->insert_last(this->listeners, (void*)listener);
}
/**
* Implementation of bus_t.set_sa.
*/
static void set_sa(private_bus_t *this, ike_sa_t *ike_sa)
{
pthread_setspecific(this->thread_sa, ike_sa);
}
/**
* Implementation of bus_t.signal.
*/
static void signal_(private_bus_t *this, signal_t signal, level_t condition,
char* format, ...)
{
iterator_t *iterator;
bus_listener_t *listener;
va_list args;
ike_sa_t *ike_sa;
int thread;
ike_sa = pthread_getspecific(this->thread_sa);
thread = get_thread_number(this);
va_start(args, format);
iterator = this->listeners->create_iterator(this->listeners, TRUE);
while (iterator->iterate(iterator, (void**)&listener))
{
listener->signal(listener, thread, ike_sa,
signal, condition, format, args);
}
iterator->destroy(iterator);
va_end(args);
}
/**
* Implementation of bus_t.destroy.
*/
static void destroy(private_bus_t *this)
{
this->listeners->destroy(this->listeners);
free(this);
}
/*
* Described in header.
*/
bus_t *bus_create()
{
private_bus_t *this = malloc_thing(private_bus_t);
this->public.add_listener = (void(*)(bus_t*,bus_listener_t*))add_listener;
this->public.set_sa = (void(*)(bus_t*,ike_sa_t*))set_sa;
this->public.signal = (void(*)(bus_t*,signal_t,level_t,char*,...))signal_;
this->public.destroy = (void(*)(bus_t*)) destroy;
this->listeners = linked_list_create();
pthread_key_create(&this->thread_id, NULL);
pthread_key_create(&this->thread_sa, NULL);
return &(this->public);
}

232
src/charon/bus/bus.h Normal file
View File

@ -0,0 +1,232 @@
/**
* @file bus.h
*
* @brief Interface of bus_t.
*
*/
/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef BUS_H_
#define BUS_H_
#include <stdarg.h>
#include <sa/ike_sa.h>
#include <sa/child_sa.h>
/**
* @brief Raise a signal for an occured event.
*
* @param sig signal_t signal description
* @param level level for the signal
* @param format printf() style format string
* @param ... printf() style agument list
*/
#define SIG(sig, level, format, ...) charon->bus->signal(charon->bus, sig, level, format, ##__VA_ARGS__)
/**
* @brief Set the IKE_SA the calling thread is using.
*
* @param ike_sa ike_sa to register, or NULL to unregister
*/
#define SIG_SA(ike_sa) charon->bus->set_sa(charon->bus, ike_sa)
/**
* @brief Log a debug message via the signal bus.
*
* @param signal signal_t signal description
* @param format printf() style format string
* @param ... printf() style agument list
*/
#define DBG1(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG1, format, ##__VA_ARGS__)
#define DBG2(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG2, format, ##__VA_ARGS__)
#define DBG3(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG3, format, ##__VA_ARGS__)
#define DBG4(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG4, format, ##__VA_ARGS__)
typedef enum signal_t signal_t;
enum signal_t {
/** an IKE_SA has been established */
SIG_IKE_UP,
/** an IKE_SA has been closed */
SIG_IKE_DOWN,
/** an IKE_SA has been rekeyed */
SIG_IKE_REKEY,
/** a CHILD_SA has been installed */
SIG_CHILD_UP,
/** a CHILD_SA has been closed */
SIG_CHILD_DOWN,
/** a CHILD_SA has been rekeyed */
SIG_CHILD_REKEY,
/** a CHILD_SA has been routed */
SIG_CHILD_ROUTE,
/** a CHILD_SA has been unrouted */
SIG_CHILD_UNROUTE,
/** a remote peer has been authenticated using RSA digital signature */
SIG_AUTH_RSA,
/** a remote peer has been authenticated using preshared keys */
SIG_AUTH_PSK,
/** debugging message printed from an IKE_SA */
SIG_DBG_IKE,
/** debugging message printed from a CHILD_SA */
SIG_DBG_CHD,
/** debugging message printed from job processing */
SIG_DBG_JOB,
/** debugging message printed from configuration backends */
SIG_DBG_CFG,
/** debugging message printed from kernel interface */
SIG_DBG_KNL,
/** debugging message printed from networking */
SIG_DBG_NET,
/** debugging message printed from message encoding/decoding */
SIG_DBG_ENC,
SIG_MAX,
};
typedef enum level_t level_t;
enum level_t {
/** Signal indicates something has failed */
LEV_FAILED,
/** Signal indicates something was successful */
LEV_SUCCESS,
/** Debug level 1, control flow messages */
LEV_DBG1,
/** Debug level 2, more detail informational messages */
LEV_DBG2,
/** Debug level 3, RAW data output */
LEV_DBG3,
/** Debug level 4, RAW data with sensitive (private) data */
LEV_DBG4,
};
typedef struct bus_listener_t bus_listener_t;
/**
* @brief Interface for registering at the signal bus.
*
* To receive signals from the bus, the client implementing the
* bus_listener_t interface registers itself at the signal bus.
*
* @ingroup bus
*/
struct bus_listener_t {
/**
* @brief Send a signal to a bus listener.
*
* A numerical identification for the thread is included, as the
* associated IKE_SA, if any. Signal specifies the type of
* the event occured, with a verbosity level. The format string specifies
* an additional informational or error message with a printf() like
* variable argument list. This is in the va_list form, as forwarding
* a "..." parameters to functions is not (cleanly) possible.
*
* @param this listener
* @param thread ID of the thread raised this signal
* @param ike_sa IKE_SA associated to the event
* @param singal kind of the signal (up, down, rekeyed, ...)
* @param level level for signal
* @param format printf() style format string
* @param args vprintf() style va_list argument list
*/
void (*signal) (bus_listener_t *this, int thread, ike_sa_t *ike_sa,
signal_t signal, level_t level, char* format, va_list args);
};
typedef struct bus_t bus_t;
/**
* @brief Signal bus which sends signals to registered listeners.
*
* The signal bus is not much more than a multiplexer. A listener interested
* in receiving event signals registers at the bus. Any signals sent to
* are delivered to all registered listeners.
*
*
* @ingroup bus
*/
struct bus_t {
/**
* @brief Register a listener to the bus.
*
* A registered listener receives all signals which are sent to the bus.
*
* @param this bus
* @param listener listener to register.
*/
void (*add_listener) (bus_t *this, bus_listener_t *listener);
/**
* @brief Set the IKE_SA the calling thread is using.
*
* To associate an received signal to an IKE_SA without passing it as
* parameter each time, the thread registers it's used IKE_SA each
* time it checked it out. Before checking it in, the thread unregisters
* the IKE_SA (by passing NULL). This IKE_SA is stored per-thread, so each
* thread has one IKE_SA registered (or not).
* There is a macro to simplify the call.
* @see SIG_SA()
*
* @param this bus
* @param ike_sa ike_sa to register, or NULL to unregister
*/
void (*set_sa) (bus_t *this, ike_sa_t *ike_sa);
/**
* @brief Send a signal to the bus.
*
* A signal may belong to an IKE_SA and a CHILD_SA. If so, these
* are supplied to the signal function. The signal specifies the type of
* the event occured. The format string specifies an additional
* informational or error message with a printf() like variable argument
* list.
* Some useful macros may be available to shorten this call.
* @see SIG(), DBG1()
*
* @param this bus
* @param singal kind of the signal (up, down, rekeyed, ...)
* @param level status level of the signal to send
* @param format printf() style format string
* @param ... printf() style argument list
*/
void (*signal) (bus_t *this, signal_t signal, level_t level, char* format, ...);
/**
* @brief Destroy the signal bus.
*
* @param this bus to destroy
*/
void (*destroy) (bus_t *this);
};
/**
* @brief Create the signal bus which multiplexes signals to its listeners.
*
* @return signal bus instance
*
* @ingroup bus
*/
bus_t *bus_create();
#endif /* BUS_H_ */

179
src/charon/bus/listeners/file_logger.c Normal file
View File

@ -0,0 +1,179 @@
/**
* @file file_logger.c
*
* @brief Implementation of file_logger_t.
*
*/
/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/* for fmemopen() */
#define _GNU_SOURCE
#include <stdio.h>
#include <string.h>
#include "file_logger.h"
#include <bus/listeners/stream_logger.h>
typedef struct private_file_logger_t private_file_logger_t;
/**
* Private data of a file_logger_t object
*/
struct private_file_logger_t {
/**
* Public data.
*/
file_logger_t public;
/**
* output file
*/
FILE *out;
/**
* Internal used stream logger that does the dirty work
*/
stream_logger_t *logger;
/**
* Memory stream used for stream_logger
*/
FILE *stream;
/**
* Underlying buffer for stream
*/
char buffer[4096];
};
/**
* Implementation of bus_listener_t.signal.
*/
static void signal_(private_file_logger_t *this, int thread, ike_sa_t* ike_sa,
signal_t signal, level_t level,
char *format, va_list args)
{
char line[512];
char *prefix;
FILE *reader;
switch (signal)
{
case SIG_IKE_UP:
case SIG_IKE_DOWN:
case SIG_IKE_REKEY:
case SIG_DBG_IKE:
prefix = "IKE";
break;
case SIG_DBG_CHD:
prefix = "CHD";
break;
case SIG_DBG_JOB:
prefix = "JOG";
break;
case SIG_DBG_CFG:
prefix = "CFG";
break;
case SIG_DBG_KNL:
prefix = "KNL";
break;
case SIG_DBG_NET:
prefix = "NET";
break;
case SIG_DBG_ENC:
prefix = "ENC";
break;
default:
prefix = "???";
break;
}
flockfile(this->stream);
/* reset memory stream */
rewind(this->stream);
memset(this->buffer, '\0', sizeof(this->buffer));
/* log to memstream */
this->logger->listener.signal(&this->logger->listener, thread, ike_sa,
signal, level, format, args);
/* flush is needed to append a '\0' */
fflush(this->stream);
/* create a reader stream that reads out line by line */
reader = fmemopen(this->buffer, sizeof(this->buffer), "r");
while (fgets(line, sizeof(line), reader))
{
if (line[0] == '\0')
{
/* abort on EOF */
break;
}
else if (line[0] != '\n')
{
fprintf(this->out, "%.2d[%s] %s", thread, prefix, line);
}
}
fclose(reader);
funlockfile(this->stream);
}
/**
* Implementation of file_logger_t.set_level.
*/
static void set_level(private_file_logger_t *this, signal_t signal, level_t max)
{
this->logger->set_level(this->logger, signal, max);
}
/**
* Implementation of file_logger_t.destroy.
*/
static void destroy(private_file_logger_t *this)
{
fclose(this->stream);
this->logger->destroy(this->logger);
free(this);
}
/*
* Described in header.
*/
file_logger_t *file_logger_create(FILE *out)
{
private_file_logger_t *this = malloc_thing(private_file_logger_t);
/* public functions */
this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
this->public.set_level = (void(*)(file_logger_t*,signal_t,level_t))set_level;
this->public.destroy = (void(*)(file_logger_t*))destroy;
/* private variables */
this->out = out;
this->stream = fmemopen(this->buffer, sizeof(this->buffer), "w");
if (this->stream == NULL)
{
/* fallback to stderr */
this->stream = stderr;
}
this->logger = stream_logger_create(this->stream);
return &this->public;
}

74
src/charon/bus/listeners/file_logger.h Normal file
View File

@ -0,0 +1,74 @@
/**
* @file file_logger.h
*
* @brief Interface of file_logger_t.
*
*/
/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef FILE_LOGGER_H_
#define FILE_LOGGER_H_
#include <bus/bus.h>
typedef struct file_logger_t file_logger_t;
/**
* @brief Logger to files which implements bus_listener_t.
*
* @b Constructors:
* - file_logger_create()
*
* @ingroup listeners
*/
struct file_logger_t {
/**
* Implements the bus_listener_t interface.
*/
bus_listener_t listener;
/**
* @brief Set the loglevel for a signal type.
*
* @param this stream_logger_t object
* @param singal type of signal
* @param level max level to log
*/
void (*set_level) (file_logger_t *this, signal_t signal, level_t level);
/**
* @brief Destroys a file_logger_t object.
*
* @param this file_logger_t object
*/
void (*destroy) (file_logger_t *this);
};
/**
* @brief Constructor to create a file_logger_t object.
*
* @param out FILE to write to
* @return file_logger_t object
*
* @ingroup listeners
*/
file_logger_t *file_logger_create(FILE *out);
#endif /* FILE_LOGGER_H_ */

141
src/charon/bus/listeners/stream_logger.c Normal file
View File

@ -0,0 +1,141 @@
/**
* @file stream_logger.c
*
* @brief Implementation of stream_logger_t.
*
*/
/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include <string.h>
#include <stdio.h>
#include <pthread.h>
#include "stream_logger.h"
typedef struct private_stream_logger_t private_stream_logger_t;
/**
* @brief Private data of a stream_logger_t object.
*/
struct private_stream_logger_t {
/**
* Public data
*/
stream_logger_t public;
/**
* Maximum level to log
*/
level_t max;
/**
* stream to write log output to
*/
FILE *out;
};
/**
* Implementation of bus_listener_t.signal.
*/
static void signal_(private_stream_logger_t *this, int thread,
ike_sa_t* ike_sa, signal_t signal, level_t level,
char *format, va_list args)
{
FILE *o = this->out;
flockfile(o);
if (level <= this->max)
{
/* then print the info */
switch (signal)
{
case SIG_IKE_UP:
{
if (level == LEV_SUCCESS)
{
fprintf(o, "established: %H[%D]...%H[%D]\n",
ike_sa->get_my_host(ike_sa), ike_sa->get_my_id(ike_sa),
ike_sa->get_other_host(ike_sa), ike_sa->get_other_id(ike_sa));
}
else
{
fprintf(o, "establishing failed: %H[%D]...%H[%D]:\n",
ike_sa->get_my_host(ike_sa), ike_sa->get_my_id(ike_sa),
ike_sa->get_other_host(ike_sa), ike_sa->get_other_id(ike_sa));
fprintf(o, " ");
vfprintf(o, format, args);
fprintf(o, "\n");
}
break;
}
case SIG_DBG_IKE:
case SIG_DBG_CHD:
case SIG_DBG_JOB:
case SIG_DBG_CFG:
case SIG_DBG_KNL:
case SIG_DBG_NET:
case SIG_DBG_ENC:
{
vfprintf(o, format, args);
fprintf(o, "\n");
break;
}
default:
break;
}
}
funlockfile(o);
}
/**
* Implementation of stream_logger_t.set_level.
*/
static void set_level(private_stream_logger_t *this, signal_t signal, level_t max)
{
this->max = max;
}
/**
* Implementation of stream_logger_t.destroy.
*/
static void destroy(private_stream_logger_t *this)
{
free(this);
}
/*
* Described in header.
*/
stream_logger_t *stream_logger_create(FILE *out)
{
private_stream_logger_t *this = malloc_thing(private_stream_logger_t);
/* public functions */
this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
this->public.set_level = (void(*)(stream_logger_t*,signal_t,level_t))set_level;
this->public.destroy = (void(*)(stream_logger_t*))destroy;
/* private variables */
this->max = LEV_DBG4;
this->out = out;
return &this->public;
}

75
src/charon/bus/listeners/stream_logger.h Normal file
View File

@ -0,0 +1,75 @@
/**
* @file stream_logger.h
*
* @brief Interface of stream_logger_t.
*
*/
/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef STREAM_LOGGER_H_
#define STREAM_LOGGER_H_
#include <stdio.h>
#include <types.h>
#include <bus/bus.h>
typedef struct stream_logger_t stream_logger_t;
/**
* @brief Logger for a file stream which implements bus_listener_t.
*
* @b Constructors:
* - stream_logger_create()
*
* @ingroup listeners
*/
struct stream_logger_t {
/**
* Implements the bus_listener_t interface.
*/
bus_listener_t listener;
/**
* @brief Set the loglevel for a signal type.
*
* @param this stream_logger_t object
* @param singal type of signal
* @param level max level to log
*/
void (*set_level) (stream_logger_t *this, signal_t signal, level_t level);
/**
* @brief Destroys a stream_logger_t object.
*
* @param this stream_logger_t object
*/
void (*destroy) (stream_logger_t *this);
};
/**
* @brief Constructor to create a stream_logger_t object.
*
* @param out output stream to log to
* @return stream_logger_t object
*
* @ingroup utils
*/
stream_logger_t *stream_logger_create(FILE *out);
#endif /* STREAM_LOGGER_H_ */

181
src/charon/bus/listeners/sys_logger.c Normal file
View File

@ -0,0 +1,181 @@
/**
* @file sys_logger.c
*
* @brief Implementation of sys_logger_t.
*
*/
/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/* for open_memstream() */
#define _GNU_SOURCE
#include <stdio.h>
#include <string.h>
#include <pthread.h>
#include "sys_logger.h"
#include <bus/listeners/stream_logger.h>
typedef struct private_sys_logger_t private_sys_logger_t;
/**
* Private data of a sys_logger_t object
*/
struct private_sys_logger_t {
/**
* Public data.
*/
sys_logger_t public;
/**
* syslog facility to use
*/
int facility;
/**
* Internal used stream logger that does the dirty work
*/
stream_logger_t *logger;
/**
* Memory stream used for stream_logger
*/
FILE *stream;
/**
* Underlying buffer for stream
*/
char buffer[4096];
};
/**
* Implementation of bus_listener_t.signal.
*/
static void signal_(private_sys_logger_t *this, int thread, ike_sa_t* ike_sa,
signal_t signal, level_t level,
char *format, va_list args)
{
char line[512];
char *prefix;
FILE *reader;
switch (signal)
{
case SIG_IKE_UP:
case SIG_IKE_DOWN:
case SIG_IKE_REKEY:
case SIG_DBG_IKE:
prefix = "IKE";
break;
case SIG_DBG_CHD:
prefix = "CHD";
break;
case SIG_DBG_JOB:
prefix = "JOG";
break;
case SIG_DBG_CFG:
prefix = "CFG";
break;
case SIG_DBG_KNL:
prefix = "KNL";
break;
case SIG_DBG_NET:
prefix = "NET";
break;
case SIG_DBG_ENC:
prefix = "ENC";
break;
default:
prefix = "???";
break;
}
flockfile(this->stream);
/* reset memory stream */
rewind(this->stream);
memset(this->buffer, '\0', sizeof(this->buffer));
/* log to memstream */
this->logger->listener.signal(&this->logger->listener, thread, ike_sa,
signal, level, format, args);
/* flush is needed to append a '\0' */
fflush(this->stream);
/* create a reader stream that reads out line by line */
reader = fmemopen(this->buffer, sizeof(this->buffer), "r");
while (fgets(line, sizeof(line), reader))
{
if (line[0] == '\0')
{
/* abort on EOF */
break;
}
else if (line[0] != '\n')
{
syslog(this->facility|LOG_INFO, "%.2d[%s] %s", thread, prefix, line);
}
}
fclose(reader);
funlockfile(this->stream);
}
/**
* Implementation of sys_logger_t.set_level.
*/
static void set_level(private_sys_logger_t *this, signal_t signal, level_t max)
{
this->logger->set_level(this->logger, signal, max);
}
/**
* Implementation of sys_logger_t.destroy.
*/
static void destroy(private_sys_logger_t *this)
{
closelog();
fclose(this->stream);
this->logger->destroy(this->logger);
free(this);
}
/*
* Described in header.
*/
sys_logger_t *sys_logger_create(int facility)
{
private_sys_logger_t *this = malloc_thing(private_sys_logger_t);
/* public functions */
this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
this->public.set_level = (void(*)(sys_logger_t*,signal_t,level_t))set_level;
this->public.destroy = (void(*)(sys_logger_t*))destroy;
/* private variables */
this->facility = facility;
this->stream = fmemopen(this->buffer, sizeof(this->buffer), "w");
if (this->stream == NULL)
{
/* fallback to stderr */
this->stream = stderr;
}
this->logger = stream_logger_create(this->stream);
return &this->public;
}

76
src/charon/bus/listeners/sys_logger.h Normal file
View File

@ -0,0 +1,76 @@
/**
* @file sys_logger.h
*
* @brief Interface of sys_logger_t.
*
*/
/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef SYS_LOGGER_H_
#define SYS_LOGGER_H_
#include <syslog.h>
#include <bus/bus.h>
typedef struct sys_logger_t sys_logger_t;
/**
* @brief Logger for syslog which implements bus_listener_t.
*
* @b Constructors:
* - sys_logger_create()
*
* @ingroup listeners
*/
struct sys_logger_t {
/**
* Implements the bus_listener_t interface.
*/
bus_listener_t listener;
/**
* @brief Set the loglevel for a signal type.
*
* @param this stream_logger_t object
* @param singal type of signal
* @param level max level to log
*/
void (*set_level) (sys_logger_t *this, signal_t signal, level_t level);
/**
* @brief Destroys a sys_logger_t object.
*
* @param this sys_logger_t object
*/
void (*destroy) (sys_logger_t *this);
};
/**
* @brief Constructor to create a sys_logger_t object.
*
* @param facility syslog facility to use
* @return sys_logger_t object
*
* @ingroup listeners
*/
sys_logger_t *sys_logger_create(int facility);
#endif /* SYS_LOGGER_H_ */

21
src/charon/config/connections/local_connection_store.c
View File

@ -74,8 +74,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
connection_t *candidate;
connection_t *found = NULL;
this->logger->log(this->logger, CONTROL|LEVEL1, "looking for connection for host pair %s...%s",
my_host->get_string(my_host), other_host->get_string(other_host));
this->logger->log(this->logger, CONTROL|LEVEL1,
"looking for connection for host pair %H...%H",
my_host, other_host);
pthread_mutex_lock(&(this->mutex));
iterator = this->connections->create_iterator(this->connections, TRUE);
@ -106,10 +107,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
}
this->logger->log(this->logger, CONTROL|LEVEL2,
"candidate connection \"%s\": %s...%s (prio=%d)",
"candidate connection \"%s\": %H...%H (prio=%d)",
candidate->get_name(candidate),
candidate_my_host->get_string(candidate_my_host),
candidate_other_host->get_string(candidate_other_host),
candidate_my_host, candidate_other_host,
prio);
if (prio > best_prio)
@ -127,10 +127,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
host_t *found_other_host = found->get_other_host(found);
this->logger->log(this->logger, CONTROL|LEVEL1,
"found matching connection \"%s\": %s...%s (prio=%d)",
"found matching connection \"%s\": %H...%H (prio=%d)",
found->get_name(found),
found_my_host->get_string(found_my_host),
found_other_host->get_string(found_other_host),
found_my_host, found_other_host,
best_prio);
/* give out a new reference to it */
@ -242,10 +241,8 @@ void log_connections(private_local_connection_store_t *this, logger_t *logger, c
host_t *my_host = current->get_my_host(current);
host_t *other_host = current->get_other_host(current);
logger->log(logger, CONTROL, " \"%s\": %s...%s",
current->get_name(current),
my_host->get_string(my_host),
other_host->get_string(other_host));
logger->log(logger, CONTROL, " \"%s\": %H...%H",
current->get_name(current), my_host, other_host);
}
}
iterator->destroy(iterator);

4
src/charon/config/credentials/local_credential_store.c
View File

@ -504,8 +504,8 @@ static bool verify(private_local_credential_store_t *this, x509_t *cert, bool *f
identification_t *subject = cert->get_subject(cert);
identification_t *issuer = cert->get_issuer(cert);
this->logger->log(this->logger, CONTROL|LEVEL1, "subject: '%s'", subject->get_string(subject));
this->logger->log(this->logger, CONTROL|LEVEL1, "issuer: '%s'", issuer->get_string(issuer));
this->logger->log(this->logger, CONTROL|LEVEL1, "subject: '%D'", subject);
this->logger->log(this->logger, CONTROL|LEVEL1, "issuer: '%D'", issuer);
ugh = cert->is_valid(cert, &until);
if (ugh != NULL)

21
src/charon/config/policies/local_policy_store.c
View File

@ -116,8 +116,8 @@ static policy_t *get_policy(private_local_policy_store_t *this,
policy_t *candidate;
policy_t *found = NULL;
this->logger->log(this->logger, CONTROL|LEVEL1, "searching policy for ID pair %s...%s",
my_id->get_string(my_id), other_id->get_string(other_id));
this->logger->log(this->logger, CONTROL|LEVEL1,
"searching policy for ID pair %D...%D", my_id, other_id);
pthread_mutex_lock(&(this->mutex));
iterator = this->policies->create_iterator(this->policies, TRUE);
@ -151,19 +151,14 @@ static policy_t *get_policy(private_local_policy_store_t *this,
{
this->logger->log(this->logger, CONTROL|LEVEL2,
"candidate '%s' inacceptable due traffic selector mismatch",
candidate->get_name(candidate),
candidate_my_id->get_string(candidate_my_id),
candidate_other_id->get_string(candidate_other_id),
prio);
candidate->get_name(candidate));
continue;
}
this->logger->log(this->logger, CONTROL|LEVEL2,
"candidate policy '%s': %s...%s (prio=%d)",
"candidate policy '%s': %D...%D (prio=%d)",
candidate->get_name(candidate),
candidate_my_id->get_string(candidate_my_id),
candidate_other_id->get_string(candidate_other_id),
prio);
candidate_my_id, candidate_other_id, prio);
if (prio > best_prio)
{
@ -180,11 +175,9 @@ static policy_t *get_policy(private_local_policy_store_t *this,
identification_t *found_other_id = found->get_other_id(found);
this->logger->log(this->logger, CONTROL,
"found matching policy '%s': %s...%s (prio=%d)",
"found matching policy '%s': %D...%D (prio=%d)",
found->get_name(found),
found_my_id->get_string(found_my_id),
found_other_id->get_string(found_other_id),
best_prio);
found_my_id, found_other_id, best_prio);
/* give out a new reference to it */
found->get_ref(found);
}

138
src/charon/daemon.c
View File

@ -67,37 +67,15 @@ struct private_daemon_t {
* The thread_id of main-thread.
*/
pthread_t main_thread_id;
/**
* Main loop function.
*
* @param this calling object
*/
void (*run) (private_daemon_t *this);
/**
* Initialize the daemon.
*
* @param this calling object
* @param strict enforce a strict crl policy
*/
void (*initialize) (private_daemon_t *this, bool strict);
/**
* Destroy the daemon.
*
* @param this calling object
*/
void (*destroy) (private_daemon_t *this);
};
/**
/**
* One and only instance of the daemon.
*/
daemon_t *charon;
/**
* Implementation of private_daemon_t.run.
* Run the daemon and handle unix signals
*/
static void run(private_daemon_t *this)
{
@ -144,7 +122,47 @@ static void run(private_daemon_t *this)
}
/**
* Implementation of daemon_t.kill.
* Clean up all daemon resources
*/
static void destroy(private_daemon_t *this)
{
/* destruction is a non trivial task, we need to follow
* a strict order to prevent threading issues!
* Kill active threads first, except the sender, as
* the killed IKE_SA want to send delete messages.
*/
/* we don't want to receive anything anymore... */
DESTROY_IF(this->public.receiver);
/* ignore all incoming user requests */
DESTROY_IF(this->public.stroke);
/* stop scheduing jobs */
DESTROY_IF(this->public.scheduler);
/* stop processing jobs */
DESTROY_IF(this->public.thread_pool);
/* shut down manager with all IKE SAs */
DESTROY_IF(this->public.ike_sa_manager);
/* all child SAs should be down now, so kill kernel interface */
DESTROY_IF(this->public.kernel_interface);
/* destroy other infrastructure */
DESTROY_IF(this->public.bus);
DESTROY_IF(this->public.outlog);
DESTROY_IF(this->public.syslog);
DESTROY_IF(this->public.job_queue);
DESTROY_IF(this->public.event_queue);
DESTROY_IF(this->public.configuration);
DESTROY_IF(this->public.credentials);
DESTROY_IF(this->public.connections);
DESTROY_IF(this->public.policies);
/* we hope the sender could send the outstanding deletes, but
* we shut down here at any cost */
DESTROY_IF(this->public.sender);
DESTROY_IF(this->public.send_queue);
DESTROY_IF(this->public.socket);
free(this);
}
/**
* Enforce daemon shutdown, with a given reason to do so.
*/
static void kill_daemon(private_daemon_t *this, char *reason)
{
@ -153,7 +171,7 @@ static void kill_daemon(private_daemon_t *this, char *reason)
if (this->main_thread_id == pthread_self())
{
/* initialization failed, terminate daemon */
this->destroy(this);
destroy(this);
unlink(PID_FILE);
exit(-1);
}
@ -167,7 +185,7 @@ static void kill_daemon(private_daemon_t *this, char *reason)
}
/**
* Implementation of private_daemon_t.initialize.
* Initialize the daemon, optional with a strict crl policy
*/
static void initialize(private_daemon_t *this, bool strict)
{
@ -182,6 +200,11 @@ static void initialize(private_daemon_t *this, bool strict)
this->public.job_queue = job_queue_create();
this->public.event_queue = event_queue_create();
this->public.send_queue = send_queue_create();
this->public.bus = bus_create();
this->public.outlog = file_logger_create(stdout);
this->public.bus->add_listener(this->public.bus, &this->public.outlog->listener);
this->public.syslog = sys_logger_create(LOG_DAEMON);
this->public.bus->add_listener(this->public.bus, &this->public.syslog->listener);
this->public.connections = (connection_store_t*)local_connection_store_create();
this->public.policies = (policy_store_t*)local_policy_store_create();
this->public.credentials = (credential_store_t*)local_credential_store_create(strict);
@ -202,42 +225,8 @@ static void initialize(private_daemon_t *this, bool strict)
}
/**
* Destory all initiated objects
* Handle SIGSEGV/SIGILL signals raised by threads
*/
static void destroy(private_daemon_t *this)
{
/* destruction is a non trivial task, we need to follow
* a strict order to prevent threading issues!
* Kill active threads first, except the sender, as
* the killed IKE_SA want to send delete messages.
*/
/* we don't want to receive anything anymore... */
DESTROY_IF(this->public.receiver);
/* ignore all incoming user requests */
DESTROY_IF(this->public.stroke);
/* stop scheduing jobs */
DESTROY_IF(this->public.scheduler);
/* stop processing jobs */
DESTROY_IF(this->public.thread_pool);
/* shut down manager with all IKE SAs */
DESTROY_IF(this->public.ike_sa_manager);
/* all child SAs should be down now, so kill kernel interface */
DESTROY_IF(this->public.kernel_interface);
/* destroy other infrastructure */
DESTROY_IF(this->public.job_queue);
DESTROY_IF(this->public.event_queue);
DESTROY_IF(this->public.configuration);
DESTROY_IF(this->public.credentials);
DESTROY_IF(this->public.connections);
DESTROY_IF(this->public.policies);
/* we hope the sender could send the outstanding deletes, but
* we shut down here at any cost */
DESTROY_IF(this->public.sender);
DESTROY_IF(this->public.send_queue);
DESTROY_IF(this->public.socket);
free(this);
}
void signal_handler(int signal)
{
void *array[20];
@ -265,9 +254,7 @@ void signal_handler(int signal)
}
/**
* @brief Create the daemon.
*
* @return created daemon_t
* Create the daemon.
*/
private_daemon_t *daemon_create(void)
{
@ -275,9 +262,6 @@ private_daemon_t *daemon_create(void)
struct sigaction action;
/* assign methods */
this->run = run;
this->destroy = destroy;
this->initialize = initialize;
this->public.kill = (void (*) (daemon_t*,char*))kill_daemon;
/* NULL members for clean destruction */
@ -296,6 +280,9 @@ private_daemon_t *daemon_create(void)
this->public.kernel_interface = NULL;
this->public.thread_pool = NULL;
this->public.stroke = NULL;
this->public.bus = NULL;
this->public.outlog = NULL;
this->public.syslog = NULL;
this->main_thread_id = pthread_self();
@ -322,6 +309,9 @@ private_daemon_t *daemon_create(void)
return this;
}
/**
* print command line usage and exit
*/
static void usage(const char *msg)
{
if (msg != NULL && *msg != '\0')
@ -396,14 +386,14 @@ int main(int argc, char *argv[])
"Starting Charon (strongSwan Version %s)", VERSION);
/* initialize daemon */
private_charon->initialize(private_charon, strict_crl_policy);
initialize(private_charon, strict_crl_policy);
/* check/setup PID file */
if (stat(PID_FILE, &stb) == 0)
{
private_charon->logger->log(private_charon->logger, ERROR,
"charon already running (\""PID_FILE"\" exists)");
private_charon->destroy(private_charon);
destroy(private_charon);
exit(-1);
}
pid_file = fopen(PID_FILE, "w");
@ -420,19 +410,17 @@ int main(int argc, char *argv[])
while (list->remove_first(list, (void**)&host) == SUCCESS)
{
private_charon->logger->log(private_charon->logger, CONTROL,
" %s", host->get_string(host));
" %H", host);
host->destroy(host);
}
list->destroy(list);
/* run daemon */
private_charon->run(private_charon);
run(private_charon);
/* normal termination, cleanup and exit */
private_charon->destroy(private_charon);
destroy(private_charon);
unlink(PID_FILE);
return 0;
}

28
src/charon/daemon.h
View File

@ -32,6 +32,9 @@
#include <threads/thread_pool.h>
#include <threads/stroke_interface.h>
#include <network/socket.h>
#include <bus/bus.h>
#include <bus/listeners/file_logger.h>
#include <bus/listeners/sys_logger.h>
#include <sa/ike_sa_manager.h>
#include <queues/send_queue.h>
#include <queues/job_queue.h>
@ -175,9 +178,17 @@
* @ingroup charon
*/
/**
* @defgroup bus bus
*
* Signaling bus and its listeners.
*
* @ingroup charon
*/
/**
* Name of the daemon.
*
*
* @ingroup charon
*/
#define DAEMON_NAME "charon"
@ -336,6 +347,21 @@ struct daemon_t {
*/
thread_pool_t *thread_pool;
/**
* The signaling bus.
*/
bus_t *bus;
/**
* A bus listener logging to stdout
*/
file_logger_t *outlog;
/**
* A bus listener logging to syslog
*/
sys_logger_t *syslog;
/**
* Kernel Interface to communicate with kernel
*/

15
src/charon/network/socket.c
View File

@ -204,9 +204,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
pkt->set_source(pkt, source);
pkt->set_destination(pkt, dest);
this->logger->log(this->logger, CONTROL|LEVEL1,
"received packet: from %s[%d] to %s[%d]",
source->get_string(source), source->get_port(source),
dest->get_string(dest), dest->get_port(dest));
"received packet: from %#H to %#H", source, dest);
data_offset = IP_LEN + UDP_LEN;
/* remove non esp marker */
if (dest->get_port(dest) == this->natt_port)
@ -297,9 +295,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
pkt->set_source(pkt, source);
pkt->set_destination(pkt, dest);
this->logger->log(this->logger, CONTROL|LEVEL1,
"received packet: from %s[%d] to %s[%d]",
source->get_string(source), source->get_port(source),
dest->get_string(dest), dest->get_port(dest));
"received packet: from %#H to %#H", source, dest);
data_offset = UDP_LEN;
/* remove non esp marker */
if (dest->get_port(dest) == this->natt_port)
@ -337,9 +333,8 @@ status_t sender(private_socket_t *this, packet_t *packet)
dst = packet->get_destination(packet);
data = packet->get_data(packet);
this->logger->log(this->logger, CONTROL|LEVEL1, "sending packet: from %s[%d] to %s[%d]",
src->get_string(src), src->get_port(src),
dst->get_string(dst), dst->get_port(dst));
this->logger->log(this->logger, CONTROL|LEVEL1,
"sending packet: from %#H to %#H", src, dst);
/* send data */
sport = src->get_port(src);
@ -575,6 +570,7 @@ static int open_send_socket(private_socket_t *this, int family, u_int16_t port)
policy.sadb_x_policy_dir = IPSEC_DIR_OUTBOUND;
policy.sadb_x_policy_reserved = 0;
policy.sadb_x_policy_id = 0;
policy.sadb_x_policy_priority = 0;
if (setsockopt(skt, ip_proto, ipsec_policy, &policy, sizeof(policy)) < 0)
{
@ -729,6 +725,7 @@ static int open_recv_socket(private_socket_t *this, int family)
policy.sadb_x_policy_dir = IPSEC_DIR_INBOUND;
policy.sadb_x_policy_reserved = 0;
policy.sadb_x_policy_id = 0;
policy.sadb_x_policy_priority = 0;
if (setsockopt(skt, ip_proto, ipsec_policy, &policy, sizeof(policy)) < 0)
{

5
src/charon/queues/jobs/delete_child_sa_job.c
View File

@ -1,8 +1,8 @@
/**
* @file delete_child_sa_job.c
*
*
* @brief Implementation of delete_child_sa_job_t.
*
*
*/
/*
@ -32,6 +32,7 @@ typedef struct private_delete_child_sa_job_t private_delete_child_sa_job_t;
*/
struct private_delete_child_sa_job_t {
/**
* Public delete_child_sa_job_t interface.
*/
delete_child_sa_job_t public;

5
src/charon/queues/jobs/incoming_packet_job.c
View File

@ -113,9 +113,8 @@ static status_t execute(private_incoming_packet_job_t *this)
message = message_create_from_packet(this->packet->clone(this->packet));
src = message->get_source(message);
dst = message->get_destination(message);
this->logger->log(this->logger, CONTROL, "received packet: from %s[%d] to %s[%d]",
src->get_string(src), src->get_port(src),
dst->get_string(dst), dst->get_port(dst));
this->logger->log(this->logger, CONTROL,
"received packet: from %#H to %#H", src, dst);
status = message->parse_header(message);
if (status != SUCCESS)

5
src/charon/queues/send_queue.c
View File

@ -111,9 +111,8 @@ static void add(private_send_queue_t *this, packet_t *packet)
src = packet->get_source(packet);
dst = packet->get_destination(packet);
this->logger->log(this->logger, CONTROL, "sending packet: from %s[%d] to %s[%d]",
src->get_string(src), src->get_port(src),
dst->get_string(dst), dst->get_port(dst));
this->logger->log(this->logger, CONTROL,
"sending packet: from %#H to %#H", src, dst);
pthread_mutex_lock(&this->mutex);
this->list->insert_last(this->list, packet);

43
src/charon/sa/authenticator.c
View File

@ -220,8 +220,9 @@ static status_t verify_auth_data (private_authenticator_t *this,
&shared_key);
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "no shared key found for '%s' and '%s'",
my_id->get_string(my_id), other_id->get_string(other_id));
this->logger->log(this->logger, ERROR,
"no shared key found for '%D' - '%D'",
my_id, other_id);
chunk_free(&shared_key);
break;
}
@ -234,7 +235,9 @@ static status_t verify_auth_data (private_authenticator_t *this,
shared_key);
chunk_free(&shared_key);
status = (auth_data.len == my_auth_data.len && memeq(auth_data.ptr, my_auth_data.ptr, my_auth_data.len))
status = (auth_data.len == my_auth_data.len &&
memeq(auth_data.ptr, my_auth_data.ptr, my_auth_data.len))
? SUCCESS : FAILED;
chunk_free(&my_auth_data);
break;
@ -248,8 +251,8 @@ static status_t verify_auth_data (private_authenticator_t *this,
if (public_key == NULL)
{
this->logger->log(this->logger, ERROR, "no RSA public key found for '%s'",
other_id->get_string(other_id));
this->logger->log(this->logger, ERROR,
"no RSA public key found for '%D'", other_id);
status = NOT_FOUND;
break;
}
@ -266,9 +269,8 @@ static status_t verify_auth_data (private_authenticator_t *this,
}
}
this->logger->log(this->logger, CONTROL, "authentication of '%s' with %s %s",
other_id->get_string(other_id),
enum_name(&auth_method_names, auth_method),
this->logger->log(this->logger, CONTROL, "authentication of '%D' with %s %s",
other_id, enum_name(&auth_method_names, auth_method),
(status == SUCCESS)? "successful":"failed");
return status;
}
@ -284,9 +286,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
identification_t *other_id,
bool initiator)
{
this->logger->log(this->logger, CONTROL, "authentication of '%s' with %s (myself)",
my_id->get_string(my_id),
enum_name(&auth_method_names, this->auth_method));
this->logger->log(this->logger, CONTROL,
"authentication of '%D' with %s (myself)",
my_id, enum_name(&auth_method_names, this->auth_method));
switch (this->auth_method)
{
@ -302,8 +304,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "no shared key found for '%s' and '%s'",
my_id->get_string(my_id), other_id->get_string(other_id));
this->logger->log(this->logger, ERROR,
"no shared key found for '%D' - '%D'",
my_id, other_id);
return status;
}
@ -330,14 +333,15 @@ static status_t compute_auth_data (private_authenticator_t *this,
rsa_public_key_t *my_pubkey;
rsa_private_key_t *my_key;
this->logger->log(this->logger, CONTROL|LEVEL1, "looking for RSA public key belonging to '%s'",
my_id->get_string(my_id));
this->logger->log(this->logger, CONTROL|LEVEL1,
"looking for RSA public key belonging to '%D'",
my_id);
my_pubkey = charon->credentials->get_rsa_public_key(charon->credentials, my_id);
if (my_pubkey == NULL)
{
this->logger->log(this->logger, ERROR, "no RSA public key found for '%s'",
my_id->get_string(my_id));
this->logger->log(this->logger, ERROR,
"no RSA public key found for '%D'", my_id);
return NOT_FOUND;
}
this->logger->log(this->logger, CONTROL|LEVEL2, "matching RSA public key found");
@ -351,8 +355,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
char buf[BUF_LEN];
chunk_to_hex(buf, BUF_LEN, my_pubkey->get_keyid(my_pubkey));
this->logger->log(this->logger, ERROR, "no RSA private key found with for %s with keyid %s",
my_id->get_string(my_id), buf);
this->logger->log(this->logger, ERROR,
"no RSA private key found with for %D with keyid %s",
my_id, buf);
return NOT_FOUND;
}
this->logger->log(this->logger, CONTROL|LEVEL2, "matching RSA private key found");

31
src/charon/sa/child_sa.c
View File

@ -296,15 +296,15 @@ static void updown(private_child_sa_t *this, bool up)
"PLUTO_CONNECTION='%s' "
"PLUTO_INTERFACE='%s' "
"PLUTO_REQID='%u' "
"PLUTO_ME='%s' "
"PLUTO_MY_ID='%s' "
"PLUTO_ME='%H' "
"PLUTO_MY_ID='%D' "
"PLUTO_MY_CLIENT='%s/%s' "
"PLUTO_MY_CLIENT_NET='%s' "
"PLUTO_MY_CLIENT_MASK='%s' "
"PLUTO_MY_PORT='%u' "
"PLUTO_MY_PROTOCOL='%u' "
"PLUTO_PEER='%s' "
"PLUTO_PEER_ID='%s' "
"PLUTO_PEER='%H' "
"PLUTO_PEER_ID='%D' "
"PLUTO_PEER_CLIENT='%s/%s' "
"PLUTO_PEER_CLIENT_NET='%s' "
"PLUTO_PEER_CLIENT_MASK='%s' "
@ -313,20 +313,20 @@ static void updown(private_child_sa_t *this, bool up)
"%s"
"%s",
up ? "up" : "down",
streq(this->me.addr->get_string(this->me.addr),
my_client) ? "-host" : "-client",
/* TODO: fix it: streq(this->me.addr->get_string(this->me.addr),
my_client) ? "-host" :*/ "-client",
this->me.addr->get_family(this->me.addr) == AF_INET ? "" : "-ipv6",
this->name,
ifname,
this->reqid,
this->me.addr->get_string(this->me.addr),
this->me.id->get_string(this->me.id),
this->me.addr,
this->me.id,
my_client, my_client_mask,
my_client, my_client_mask,
policy->my_ts->get_from_port(policy->my_ts),
policy->my_ts->get_protocol(policy->my_ts),
this->other.addr->get_string(this->other.addr),
this->other.id->get_string(this->other.id),
this->other.addr,
this->other.id,
other_client, other_client_mask,
other_client, other_client_mask,
policy->other_ts->get_from_port(policy->other_ts),
@ -548,8 +548,8 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal, prf_plus
/* send SA down to the kernel */
this->logger->log(this->logger, CONTROL|LEVEL2,
" SPI 0x%.8x, src %s dst %s",
ntohl(spi), src->get_string(src), dst->get_string(dst));
" SPI 0x%.8x, src %H dst %H",
ntohl(spi), src, dst);
status = charon->kernel_interface->add_sa(charon->kernel_interface,
src, dst,
spi, this->protocol,
@ -937,12 +937,9 @@ static status_t update_sa_hosts(private_child_sa_t *this, host_t *new_me, host_t
}
this->logger->log(this->logger, CONTROL|LEVEL1,
"updating %s SA 0x%x, from %s:%d..%s:%d to %s:%d..%s:%d",
"updating %s SA 0x%x, from %#H..#H to %#H..%#H",
mapping_find(protocol_id_m, this->protocol), ntohl(spi),
src->get_string(src), src->get_port(src),
dst->get_string(dst), dst->get_port(dst),
new_src->get_string(new_src), new_src->get_port(new_src),
new_dst->get_string(new_dst), new_dst->get_port(new_dst));
src, dst, new_src, new_dst);
status = charon->kernel_interface->update_sa(charon->kernel_interface,
dst, spi, this->protocol,

33
src/charon/sa/ike_sa.c
View File

@ -1363,11 +1363,9 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
if (state == IKE_ESTABLISHED)
{
this->time.established = time(NULL);
this->logger->log(this->logger, AUDIT, "IKE_SA established: %s[%s]...%s[%s]",
this->my_host->get_string(this->my_host),
this->my_id->get_string(this->my_id),
this->other_host->get_string(this->other_host),
this->other_id->get_string(this->other_id));
this->logger->log(this->logger, AUDIT, "IKE_SA established: %H[%D]...%H[%D]",
this->my_host, this->my_id,
this->other_host, this->other_id);
/* start DPD checks */
send_dpd(this);
}
@ -1784,11 +1782,9 @@ static status_t rekey(private_ike_sa_t *this)
rekey_ike_sa_t *rekey_ike_sa;
this->logger->log(this->logger, CONTROL,
"rekeying IKE_SA between %s[%s]..%s[%s]",
this->my_host->get_string(this->my_host),
this->my_id->get_string(this->my_id),
this->other_host->get_string(this->other_host),
this->other_id->get_string(this->other_id));
"rekeying IKE_SA between: %H[%D]...%H[%D]",
this->my_host, this->my_id,
this->other_host, this->other_id);
if (this->state != IKE_ESTABLISHED)
{
@ -1869,12 +1865,9 @@ static void log_status(private_ike_sa_t *this, logger_t *logger, char *name)
mapping_find(ike_sa_state_m, this->state),
this->ike_sa_id->get_initiator_spi(this->ike_sa_id),
this->ike_sa_id->get_responder_spi(this->ike_sa_id));
logger->log(logger, CONTROL, " \"%s\": %s[%s]...%s[%s]",
this->name,
this->my_host->get_string(this->my_host),
this->my_id->get_string(this->my_id),
this->other_host->get_string(this->other_host),
this->other_id->get_string(this->other_id));
logger->log(logger, CONTROL, " \"%s\": %H[%D]...%H[%D]",
this->name, this->my_host, this->my_id,
this->other_host, this->other_id);
iterator = this->child_sas->create_iterator(this->child_sas, TRUE);
while (iterator->has_next(iterator))
@ -1995,11 +1988,9 @@ static void destroy(private_ike_sa_t *this)
DESTROY_IF(this->prf_auth_r);
this->logger->log(this->logger, AUDIT,
"IKE_SA deleted between %s[%s]...%s[%s]",
this->my_host->get_string(this->my_host),
this->my_id->get_string(this->my_id),
this->other_host->get_string(this->other_host),
this->other_id->get_string(this->other_id));
"IKE_SA deleted between: %H[%D]...%H[%D]",
this->my_host, this->my_id,
this->other_host, this->other_id);
DESTROY_IF(this->my_host);
DESTROY_IF(this->other_host);

16
src/charon/sa/ike_sa_manager.c
View File

@ -385,9 +385,8 @@ static ike_sa_t* checkout_by_id(private_ike_sa_manager_t *this,
{
/* looks good, we take this one */
this->logger->log(this->logger, CONTROL|LEVEL1,
"found an existing IKE_SA for %s[%s]...%s[%s]",
my_host->get_string(my_host), other_host->get_string(other_host),
my_id->get_string(my_id), other_id->get_string(other_id));
"found an existing IKE_SA for %H[%D]...%H[%D]",
my_host, other_host, my_id, other_id);
entry->checked_out = TRUE;
ike_sa = entry->ike_sa;
}
@ -417,13 +416,12 @@ static ike_sa_t* checkout_by_id(private_ike_sa_manager_t *this,
/* check ike_sa out */
this->logger->log(this->logger, CONTROL|LEVEL1,
"new IKE_SA created for IDs %s - %s",
my_id->get_string(my_id), other_id->get_string(other_id));
"new IKE_SA created for IDs %D - %D", my_id, other_id);
new_ike_sa_entry->checked_out = TRUE;
ike_sa = new_ike_sa_entry->ike_sa;
}
pthread_mutex_unlock(&(this->mutex));
SIG_SA(ike_sa);
return ike_sa;
}
@ -540,6 +538,8 @@ static ike_sa_t* checkout(private_ike_sa_manager_t *this, ike_sa_id_t *ike_sa_id
}
pthread_mutex_unlock(&(this->mutex));
SIG_SA(ike_sa);
return ike_sa;
}
@ -575,6 +575,7 @@ static ike_sa_t* checkout_by_child(private_ike_sa_manager_t *this,
iterator->destroy(iterator);
pthread_mutex_unlock(&(this->mutex));
SIG_SA(ike_sa);
return ike_sa;
}
@ -679,6 +680,8 @@ static status_t checkin(private_ike_sa_manager_t *this, ike_sa_t *ike_sa)
this->logger->log(this->logger, CONTROL|LEVEL2, "%d IKE_SAs in manager now",
this->ike_sa_list->get_count(this->ike_sa_list));
pthread_mutex_unlock(&(this->mutex));
SIG_SA(NULL);
return retval;
}
@ -725,6 +728,7 @@ static status_t checkin_and_destroy(private_ike_sa_manager_t *this, ike_sa_t *ik
}
pthread_mutex_unlock(&(this->mutex));
SIG_SA(NULL);
return retval;
}

9
src/charon/sa/transactions/ike_auth.c
View File

@ -694,8 +694,8 @@ static status_t get_response(private_ike_auth_t *this, message_t *request,
if (this->policy == NULL)
{
this->logger->log(this->logger, AUDIT,
"no acceptable policy for IDs %s - %s found, deleting IKE_SA",
my_id->get_string(my_id), other_id->get_string(other_id));
"no acceptable policy for IDs %D - %D found, deleting IKE_SA",
my_id, other_id);
my_id->destroy(my_id);
other_id->destroy(other_id);
build_notify(AUTHENTICATION_FAILED, response, TRUE);
@ -939,9 +939,8 @@ static status_t conclude(private_ike_auth_t *this, message_t *response,
{
other_id->destroy(other_id);
this->logger->log(this->logger, AUDIT,
"other peer uses unacceptable ID (%s, excepted %s), deleting IKE_SA",
other_id->get_string(other_id),
configured_other_id->get_string(configured_other_id));
"other peer uses unacceptable ID (%D, excepted %D), deleting IKE_SA",
other_id, configured_other_id);
return DESTROY_ME;
}
/* update other ID. It was already set, but may contain wildcards */

4
src/charon/sa/transactions/ike_sa_init.c
View File

@ -570,8 +570,8 @@ static status_t get_response(private_ike_sa_init_t *this,
response->add_payload(response, (payload_t*)notify);
this->logger->log(this->logger, AUDIT,
"no connection for hosts %s...%s found, deleting IKE_SA",
me->get_string(me), other->get_string(other));
"no connection for hosts %H...%H found, deleting IKE_SA",
me, other);
return DESTROY_ME;
}

4
src/charon/testing/certificate_test.c
View File

@ -85,7 +85,7 @@ static char certificate_buffer[] = {
*/
void test_certificate(protected_tester_t *tester)
{
chunk_t certificate = {certificate_buffer, sizeof(certificate_buffer)};
/*chunk_t certificate = {certificate_buffer, sizeof(certificate_buffer)};
identification_t *id;
x509_t *cert;
@ -95,7 +95,7 @@ void test_certificate(protected_tester_t *tester)
id = cert->get_issuer(cert);
tester->assert_true(tester, strcmp(id->get_string(id), "C=CH, O=Linux strongSwan, CN=maeno") == 0, "issuer");
cert->destroy(cert);
/*
cert = x509_create_from_file("scripts/complex1.der");
id = cert->get_subject(cert);
printf("Subject: %s\n", id->get_string(id));

17
src/charon/threads/stroke_interface.c
View File

@ -354,9 +354,9 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg)
{
other_ca = identification_create_from_string("%any");
}
this->logger->log(this->logger, CONTROL|LEVEL2, " my ca: '%s'", my_ca->get_string(my_ca));
this->logger->log(this->logger, CONTROL|LEVEL2, " other ca:'%s'", other_ca->get_string(other_ca));
this->logger->log(this->logger, CONTROL|LEVEL2, " updown:'%s'", msg->add_conn.me.updown);
this->logger->log(this->logger, CONTROL|LEVEL1, " my ca: '%D'", my_ca);
this->logger->log(this->logger, CONTROL|LEVEL1, " other ca:'%D'", other_ca);
this->logger->log(this->logger, CONTROL|LEVEL1, " updown: '%s'", msg->add_conn.me.updown);
connection = connection_create(msg->add_conn.name,
msg->add_conn.ikev2,
@ -457,12 +457,9 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg)
/* add to global connection list */
charon->connections->add_connection(charon->connections, connection);
this->logger->log(this->logger, CONTROL, "added connection \"%s\": %s[%s]...%s[%s]",
msg->add_conn.name,
my_host->get_string(my_host),
my_id->get_string(my_id),
other_host->get_string(other_host),
other_id->get_string(other_id));
this->logger->log(this->logger, CONTROL,
"added connection \"%s\": %H[%D]...%H[%D]", msg->add_conn.name,
my_host, my_id, other_host, other_id);
/* add to global policy list */
charon->policies->add_policy(charon->policies, policy);
return;
@ -633,7 +630,7 @@ static void stroke_status(private_stroke_t *this, stroke_msg_t *msg)
while (list->remove_first(list, (void**)&host) == SUCCESS)
{
this->stroke_logger->log(this->stroke_logger, CONTROL|LEVEL1,
" %s", host->get_string(host));
" %H", host);
host->destroy(host);
}