Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add support for log priority to error logs, so syslogd prints the correct prio for error logs now

Browse Source
pull/13/head v0.5.1
Soner Tari 7 years ago
parent 179aa4fc8f
commit a1c5d05143
19 changed files with 270 additions and 242 deletions
Show Stats Download Patch File Download Diff File

12
cachemgr.c
Unescape Escape View File

@ -132,35 +132,35 @@ cachemgr_gc(void)
rv = pthread_create(&fkcrt_thr, NULL, cachemgr_gc_thread,
cachemgr_fkcrt);
if (rv) {
log_err_printf("CRITICAL: cachemgr_gc: pthread_create failed: %s\n",
log_err_level_printf(LOG_CRIT, "cachemgr_gc: pthread_create failed: %s\n",
strerror(rv));
}
rv = pthread_create(&ssess_thr, NULL, cachemgr_gc_thread,
cachemgr_ssess);
if (rv) {
log_err_printf("CRITICAL: cachemgr_gc: pthread_create failed: %s\n",
log_err_level_printf(LOG_CRIT, "cachemgr_gc: pthread_create failed: %s\n",
strerror(rv));
}
rv = pthread_create(&dsess_thr, NULL, cachemgr_gc_thread,
cachemgr_dsess);
if (rv) {
log_err_printf("CRITICAL: cachemgr_gc: pthread_create failed: %s\n",
log_err_level_printf(LOG_CRIT, "cachemgr_gc: pthread_create failed: %s\n",
strerror(rv));
}
rv = pthread_join(fkcrt_thr, NULL);
if (rv) {
log_err_printf("CRITICAL: cachemgr_gc: pthread_join failed: %s\n",
log_err_level_printf(LOG_CRIT, "cachemgr_gc: pthread_join failed: %s\n",
strerror(rv));
}
rv = pthread_join(ssess_thr, NULL);
if (rv) {
log_err_printf("CRITICAL: cachemgr_gc: pthread_join failed: %s\n",
log_err_level_printf(LOG_CRIT, "cachemgr_gc: pthread_join failed: %s\n",
strerror(rv));
}
rv = pthread_join(dsess_thr, NULL);
if (rv) {
log_err_printf("CRITICAL: cachemgr_gc: pthread_join failed: %s\n",
log_err_level_printf(LOG_CRIT, "cachemgr_gc: pthread_join failed: %s\n",
strerror(rv));
}
}

108
log.c
Unescape Escape View File

@ -77,13 +77,13 @@ static int err_shortcut_logger = 0;
static int err_mode = LOG_ERR_MODE_STDERR;
static ssize_t
log_err_writecb(UNUSED void *fh, const void *buf, size_t sz)
log_err_writecb(int level, UNUSED void *fh, const void *buf, size_t sz)
{
switch (err_mode) {
case LOG_ERR_MODE_STDERR:
return fwrite(buf, sz - 1, 1, stderr);
case LOG_ERR_MODE_SYSLOG:
syslog(LOG_ERR, "%s", (const char *)buf);
syslog(level, "%s", (const char *)buf);
return sz;
}
return -1;
@ -102,10 +102,32 @@ log_err_printf(const char *fmt, ...)
if (rv < 0)
return -1;
if (err_shortcut_logger) {
return logger_write_freebuf(err_log, NULL, 0,
return logger_write_freebuf(err_log, LOG_ERR, NULL, 0,
buf, strlen(buf) + 1);
} else {
log_err_writecb(NULL, (unsigned char*)buf, strlen(buf) + 1);
log_err_writecb(LOG_ERR, NULL, (unsigned char*)buf, strlen(buf) + 1);
free(buf);
}
return 0;
}
int
log_err_level_printf(int level, const char *fmt, ...)
{
va_list ap;
char *buf;
int rv;
va_start(ap, fmt);
rv = vasprintf(&buf, fmt, ap);
va_end(ap);
if (rv < 0)
return -1;
if (err_shortcut_logger) {
return logger_write_freebuf(err_log, level, NULL, 0,
buf, strlen(buf) + 1);
} else {
log_err_writecb(level, NULL, (unsigned char*)buf, strlen(buf) + 1);
free(buf);
}
return 0;
@ -133,9 +155,9 @@ log_dbg_write_free(void *buf, size_t sz)
return 0;
if (err_shortcut_logger) {
return logger_write_freebuf(err_log, NULL, 0, buf, sz);
return logger_write_freebuf(err_log, LOG_DEBUG, NULL, 0, buf, sz);
} else {
log_err_writecb(NULL, buf, sz);
log_err_writecb(LOG_DEBUG, NULL, buf, sz);
free(buf);
}
return 0;
@ -166,13 +188,13 @@ log_dbg_printf(const char *fmt, ...)
}
int
log_dbg_level_printf(int dbg_level, const char *fmt, ...)
log_dbg_level_printf(int level, const char *fmt, ...)
{
va_list ap;
char *buf;
int rv;
if (dbg_mode == LOG_DBG_MODE_NONE || dbg_mode < dbg_level)
if (dbg_mode == LOG_DBG_MODE_NONE || dbg_mode < level)
return 0;
va_start(ap, fmt);
@ -205,12 +227,12 @@ log_connect_preinit(const char *logfile)
{
connect_fd = open(logfile, O_WRONLY|O_APPEND|O_CREAT, DFLT_FILEMODE);
if (connect_fd == -1) {
log_err_printf("CRITICAL: Failed to open '%s' for writing: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to open '%s' for writing: %s (%i)\n",
logfile, strerror(errno), errno);
return -1;
}
if (!(connect_fn = realpath(logfile, NULL))) {
log_err_printf("CRITICAL: Failed to realpath '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to realpath '%s': %s (%i)\n",
logfile, strerror(errno), errno);
close(connect_fd);
connect_fd = -1;
@ -225,7 +247,7 @@ log_connect_reopencb(void)
close(connect_fd);
connect_fd = open(connect_fn, O_WRONLY|O_APPEND|O_CREAT, DFLT_FILEMODE);
if (connect_fd == -1) {
log_err_printf("CRITICAL: Failed to open '%s' for writing: %s\n",
log_err_level_printf(LOG_CRIT, "Failed to open '%s' for writing: %s\n",
connect_fn, strerror(errno));
free(connect_fn);
connect_fn = NULL;
@ -241,7 +263,7 @@ log_connect_reopencb(void)
* resolution that should not make any difference.
*/
static ssize_t
log_connect_writecb(UNUSED void *fh, const void *buf, size_t sz)
log_connect_writecb(UNUSED int level, UNUSED void *fh, const void *buf, size_t sz)
{
char timebuf[32];
time_t epoch;
@ -252,12 +274,12 @@ log_connect_writecb(UNUSED void *fh, const void *buf, size_t sz)
utc = gmtime(&epoch);
n = strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S UTC ", utc);
if (n == 0) {
log_err_printf("CRITICAL: Error from strftime(): buffer too small\n");
log_err_level_printf(LOG_CRIT, "Error from strftime(): buffer too small\n");
return -1;
}
if ((write(connect_fd, timebuf, n) == -1) ||
(write(connect_fd, buf, sz) == -1)) {
log_err_printf("CRITICAL: Failed to write to connect log: %s\n",
log_err_level_printf(LOG_CRIT, "CRITICAL: Failed to write to connect log: %s\n",
strerror(errno));
return -1;
}
@ -393,7 +415,7 @@ log_content_format_pathspec(const char *logspec,
size_t path_buflen = PATH_BUF_INC;
char *path_buf = malloc(path_buflen);
if (path_buf == NULL) {
log_err_printf("CRITICAL: failed to allocate path buffer\n");
log_err_level_printf(LOG_CRIT, "failed to allocate path buffer\n");
return NULL;
}
@ -512,7 +534,7 @@ log_content_format_pathspec(const char *logspec,
path_buflen += elem_len + PATH_BUF_INC;
char *newbuf = realloc(path_buf, path_buflen);
if (newbuf == NULL) {
log_err_printf("CRITICAL: failed to reallocate"
log_err_level_printf(LOG_CRIT, "failed to reallocate"
" path buffer\n");
free(path_buf);
return NULL;
@ -555,28 +577,28 @@ log_content_open(log_content_ctx_t **pctx, opts_t *opts,
char *dsthost_clean, *srchost_clean;
if (time(&epoch) == -1) {
log_err_printf("CRITICAL: Failed to get time\n");
log_err_level_printf(LOG_CRIT, "Failed to get time\n");
goto errout;
}
if ((utc = gmtime(&epoch)) == NULL) {
log_err_printf("CRITICAL: Failed to convert time: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to convert time: %s (%i)\n",
strerror(errno), errno);
goto errout;
}
if (!strftime(timebuf, sizeof(timebuf),
"%Y%m%dT%H%M%SZ", utc)) {
log_err_printf("CRITICAL: Failed to format time: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to format time: %s (%i)\n",
strerror(errno), errno);
goto errout;
}
srchost_clean = sys_ip46str_sanitize(srchost);
if (!srchost_clean) {
log_err_printf("CRITICAL: Failed to sanitize srchost\n");
log_err_level_printf(LOG_CRIT, "Failed to sanitize srchost\n");
goto errout;
}
dsthost_clean = sys_ip46str_sanitize(dsthost);
if (!dsthost_clean) {
log_err_printf("CRITICAL: Failed to sanitize dsthost\n");
log_err_level_printf(LOG_CRIT, "Failed to sanitize dsthost\n");
free(srchost_clean);
goto errout;
}
@ -584,7 +606,7 @@ log_content_open(log_content_ctx_t **pctx, opts_t *opts,
opts->contentlog, timebuf,
srchost_clean, srcport,
dsthost_clean, dstport) < 0) {
log_err_printf("CRITICAL: Failed to format filename: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to format filename: %s (%i)\n",
strerror(errno), errno);
free(srchost_clean);
free(dsthost_clean);
@ -597,12 +619,12 @@ log_content_open(log_content_ctx_t **pctx, opts_t *opts,
char *dsthost_clean, *srchost_clean;
srchost_clean = sys_ip46str_sanitize(srchost);
if (!srchost_clean) {
log_err_printf("CRITICAL: Failed to sanitize srchost\n");
log_err_level_printf(LOG_CRIT, "Failed to sanitize srchost\n");
goto errout;
}
dsthost_clean = sys_ip46str_sanitize(dsthost);
if (!dsthost_clean) {
log_err_printf("CRITICAL: Failed to sanitize dsthost\n");
log_err_level_printf(LOG_CRIT, "Failed to sanitize dsthost\n");
free(srchost_clean);
goto errout;
}
@ -646,7 +668,7 @@ log_content_submit(log_content_ctx_t *ctx, logbuf_t *lb, int is_request)
unsigned long prepflags = 0;
if (!ctx->open) {
log_err_printf("CRITICAL: log_content_submit called on closed ctx\n");
log_err_level_printf(LOG_CRIT, "log_content_submit called on closed ctx\n");
return -1;
}
@ -692,7 +714,7 @@ log_content_dir_opencb(void *fh)
if ((ctx->u.dir.fd = privsep_client_openfile(content_clisock,
ctx->u.dir.filename,
0)) == -1) {
log_err_printf("CRITICAL: Opening logdir file '%s' failed: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Opening logdir file '%s' failed: %s (%i)\n",
ctx->u.dir.filename, strerror(errno), errno);
return -1;
}
@ -712,12 +734,12 @@ log_content_dir_closecb(void *fh)
}
static ssize_t
log_content_dir_writecb(void *fh, const void *buf, size_t sz)
log_content_dir_writecb(UNUSED int level, void *fh, const void *buf, size_t sz)
{
log_content_ctx_t *ctx = fh;
if (write(ctx->u.dir.fd, buf, sz) == -1) {
log_err_printf("CRITICAL: Failed to write to content log: %s\n",
log_err_level_printf(LOG_CRIT, "Failed to write to content log: %s\n",
strerror(errno));
return -1;
}
@ -732,7 +754,7 @@ log_content_spec_opencb(void *fh)
if ((ctx->u.spec.fd = privsep_client_openfile(content_clisock,
ctx->u.spec.filename,
1)) == -1) {
log_err_printf("CRITICAL: Opening logspec file '%s' failed: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Opening logspec file '%s' failed: %s (%i)\n",
ctx->u.spec.filename, strerror(errno), errno);
return -1;
}
@ -752,12 +774,12 @@ log_content_spec_closecb(void *fh)
}
static ssize_t
log_content_spec_writecb(void *fh, const void *buf, size_t sz)
log_content_spec_writecb(UNUSED int level, void *fh, const void *buf, size_t sz)
{
log_content_ctx_t *ctx = fh;
if (write(ctx->u.spec.fd, buf, sz) == -1) {
log_err_printf("CRITICAL: Failed to write to content log: %s\n",
log_err_level_printf(LOG_CRIT, "Failed to write to content log: %s\n",
strerror(errno));
return -1;
}
@ -773,12 +795,12 @@ log_content_file_preinit(const char *logfile)
content_file_fd = open(logfile, O_WRONLY|O_APPEND|O_CREAT,
DFLT_FILEMODE);
if (content_file_fd == -1) {
log_err_printf("CRITICAL: Failed to open '%s' for writing: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to open '%s' for writing: %s (%i)\n",
logfile, strerror(errno), errno);
return -1;
}
if (!(content_file_fn = realpath(logfile, NULL))) {
log_err_printf("CRITICAL: Failed to realpath '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to realpath '%s': %s (%i)\n",
logfile, strerror(errno), errno);
close(content_file_fd);
connect_fd = -1;
@ -807,7 +829,7 @@ log_content_file_reopencb(void)
content_file_fd = open(content_file_fn,
O_WRONLY|O_APPEND|O_CREAT, DFLT_FILEMODE);
if (content_file_fd == -1) {
log_err_printf("CRITICAL: Failed to open '%s' for writing: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to open '%s' for writing: %s (%i)\n",
content_file_fn, strerror(errno), errno);
return -1;
}
@ -838,12 +860,12 @@ log_content_file_closecb(void *fh)
}
static ssize_t
log_content_file_writecb(void *fh, const void *buf, size_t sz)
log_content_file_writecb(UNUSED int level, void *fh, const void *buf, size_t sz)
{
UNUSED log_content_ctx_t *ctx = fh;
if (write(content_file_fd, buf, sz) == -1) {
log_err_printf("CRITICAL: Failed to write to content log: %s\n",
log_err_level_printf(LOG_CRIT, "Failed to write to content log: %s\n",
strerror(errno));
return -1;
}
@ -872,7 +894,7 @@ log_content_file_prepcb(void *fh, unsigned long prepflags, logbuf_t *lb)
logbuf_size(lb));
}
if (!head) {
log_err_printf("CRITICAL: Failed to allocate memory\n");
log_err_level_printf(LOG_CRIT, "Failed to allocate memory\n");
logbuf_free(lb);
return NULL;
}
@ -881,7 +903,7 @@ log_content_file_prepcb(void *fh, unsigned long prepflags, logbuf_t *lb)
/* prepend header */
head = logbuf_new_copy(header, strlen(header), lb->fh, lb);
if (!head) {
log_err_printf("CRITICAL: Failed to allocate memory\n");
log_err_level_printf(LOG_CRIT, "Failed to allocate memory\n");
logbuf_free(lb);
return NULL;
}
@ -890,7 +912,7 @@ log_content_file_prepcb(void *fh, unsigned long prepflags, logbuf_t *lb)
/* prepend timestamp */
head = logbuf_new_alloc(32, lb->fh, lb);
if (!head) {
log_err_printf("CRITICAL: Failed to allocate memory\n");
log_err_level_printf(LOG_CRIT, "Failed to allocate memory\n");
logbuf_free(lb);
return NULL;
}
@ -922,7 +944,7 @@ log_cert_submit(const char *fn, X509 *crt)
goto errout1;
if (!(pem = ssl_x509_to_pem(crt)))
goto errout2;
if (!(lb = logbuf_new(pem, strlen(pem), NULL, NULL)))
if (!(lb = logbuf_new(0, pem, strlen(pem), NULL, NULL)))
goto errout3;
return logger_submit(cert_log, fh, 0, lb);
errout3:
@ -934,21 +956,21 @@ errout1:
}
static ssize_t
log_cert_writecb(void *fh, const void *buf, size_t sz)
log_cert_writecb(UNUSED int level, void *fh, const void *buf, size_t sz)
{
char *fn = fh;
int fd;
if ((fd = privsep_client_certfile(cert_clisock, fn)) == -1) {
if (errno != EEXIST) {
log_err_printf("CRITICAL: Failed to open '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to open '%s': %s (%i)\n",
fn, strerror(errno), errno);
return -1;
}
return sz;
}
if (write(fd, buf, sz) == -1) {
log_err_printf("CRITICAL: Failed to write to '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to write to '%s': %s (%i)\n",
fn, strerror(errno), errno);
close(fd);
return -1;

3
log.h
Unescape Escape View File

@ -34,6 +34,7 @@
#include "attrib.h"
int log_err_printf(const char *, ...) PRINTF(1,2);
int log_err_level_printf(int, const char *, ...) PRINTF(2,3);
void log_err_mode(int);
#define LOG_ERR_MODE_STDERR 0
#define LOG_ERR_MODE_SYSLOG 1
@ -59,7 +60,7 @@ extern logger_t *connect_log;
#define log_connect_print_free(s) \
logger_print_freebuf(connect_log, NULL, 0, (s))
#define log_connect_write_free(buf, sz) \
logger_write_freebuf(connect_log, NULL, 0, (buf), (sz))
logger_write_freebuf(connect_log, 0, NULL, 0, (buf), (sz))
int log_stats(const char *);

6
logbuf.c
Unescape Escape View File

@ -31,6 +31,7 @@
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <sys/syslog.h>
/*
* Dynamic log buffer with zero-copy chaining, generic void * file handle
@ -43,12 +44,13 @@
* The provided buffer will be freed by logbuf_free() if non-NULL.
*/
logbuf_t *
logbuf_new(void *buf, size_t sz, void *fh, logbuf_t *next)
logbuf_new(int level, void *buf, size_t sz, void *fh, logbuf_t *next)
{
logbuf_t *lb;
if (!(lb = malloc(sizeof(logbuf_t))))
return NULL;
lb->prio = level;
lb->buf = buf;
lb->sz = sz;
lb->fh = fh;
@ -149,7 +151,7 @@ logbuf_write_free(logbuf_t *lb, writefunc_t writefunc)
{
ssize_t rv1, rv2 = 0;
rv1 = writefunc(lb->fh, lb->buf, lb->sz);
rv1 = writefunc(lb->prio, lb->fh, lb->buf, lb->sz);
if (lb->buf) {
free(lb->buf);
}

5
logbuf.h
Unescape Escape View File

@ -34,6 +34,7 @@
#include <unistd.h>
typedef struct logbuf {
int prio;
unsigned char *buf;
ssize_t sz;
void *fh;
@ -41,9 +42,9 @@ typedef struct logbuf {
struct logbuf *next;
} logbuf_t;
typedef ssize_t (*writefunc_t)(void *, const void *, size_t);
typedef ssize_t (*writefunc_t)(int, void *, const void *, size_t);
logbuf_t * logbuf_new(void *, size_t, void *, logbuf_t *) MALLOC;
logbuf_t * logbuf_new(int, void *, size_t, void *, logbuf_t *) MALLOC;
logbuf_t * logbuf_new_alloc(size_t, void *, logbuf_t *) MALLOC;
logbuf_t * logbuf_new_copy(const void *, size_t, void *, logbuf_t *) MALLOC;
logbuf_t * logbuf_new_printf(void *, logbuf_t *, const char *, ...)

14
logger.c
Unescape Escape View File

@ -137,7 +137,7 @@ logger_reopen(logger_t *logger)
if (!logger->reopen)
return 0;
lb = logbuf_new(NULL, 0, NULL, NULL);
lb = logbuf_new(0, NULL, 0, NULL, NULL);
logbuf_ctl_set(lb, LBFLAG_REOPEN);
return thrqueue_enqueue(logger->queue, lb) ? 0 : -1;
}
@ -156,7 +156,7 @@ logger_open(logger_t *logger, void *fh)
if (!logger->open)
return 0;
lb = logbuf_new(NULL, 0, NULL, NULL);
lb = logbuf_new(0, NULL, 0, NULL, NULL);
lb->fh = fh;
logbuf_ctl_set(lb, LBFLAG_OPEN);
return thrqueue_enqueue(logger->queue, lb) ? 0 : -1;
@ -175,7 +175,7 @@ logger_close(logger_t *logger, void *fh)
if (!logger->close)
return 0;
lb = logbuf_new(NULL, 0, NULL, NULL);
lb = logbuf_new(0, NULL, 0, NULL, NULL);
lb->fh = fh;
logbuf_ctl_set(lb, LBFLAG_CLOSE);
return thrqueue_enqueue(logger->queue, lb) ? 0 : -1;
@ -286,7 +286,7 @@ logger_printf(logger_t *logger, void *fh, unsigned long prepflags,
va_list ap;
logbuf_t *lb;
lb = logbuf_new(NULL, 0, fh, NULL);
lb = logbuf_new(0, NULL, 0, fh, NULL);
if (!lb)
return -1;
va_start(ap, fmt);
@ -319,12 +319,12 @@ logger_print(logger_t *logger, void *fh, unsigned long prepflags,
return logger_submit(logger, fh, prepflags, lb);
}
int
logger_write_freebuf(logger_t *logger, void *fh, unsigned long prepflags,
logger_write_freebuf(logger_t *logger, int level, void *fh, unsigned long prepflags,
void *buf, size_t sz)
{
logbuf_t *lb;
if (!(lb = logbuf_new(buf, sz, fh, NULL)))
if (!(lb = logbuf_new(level, buf, sz, fh, NULL)))
return -1;
return logger_submit(logger, fh, prepflags, lb);
}
@ -334,7 +334,7 @@ logger_print_freebuf(logger_t *logger, void *fh, unsigned long prepflags,
{
logbuf_t *lb;
if (!(lb = logbuf_new(s, strlen(s), fh, NULL)))
if (!(lb = logbuf_new(0, s, strlen(s), fh, NULL)))
return -1;
return logger_submit(logger, fh, prepflags, lb);
}

6
logger.h
Unescape Escape View File

@ -37,7 +37,7 @@
typedef int (*logger_reopen_func_t)(void);
typedef int (*logger_open_func_t)(void *);
typedef void (*logger_close_func_t)(void *);
typedef ssize_t (*logger_write_func_t)(void *, const void *, size_t);
typedef ssize_t (*logger_write_func_t)(int, void *, const void *, size_t);
typedef logbuf_t * (*logger_prep_func_t)(void *, unsigned long, logbuf_t *);
typedef void (*logger_except_func_t)(void);
typedef struct logger logger_t;
@ -64,8 +64,8 @@ int logger_write(logger_t *, void *, unsigned long,
const void *, size_t) NONNULL(1,4) WUNRES;
int logger_print_freebuf(logger_t *, void *, unsigned long,
char *) NONNULL(1,4) WUNRES;
int logger_write_freebuf(logger_t *, void *, unsigned long,
void *, size_t) NONNULL(1,4) WUNRES;
int logger_write_freebuf(logger_t *, int, void *, unsigned long,
void *, size_t) NONNULL(1,5) WUNRES;
#endif /* !LOGGER_H */

14
main.c
Unescape Escape View File

@ -227,12 +227,12 @@ main_loadtgcrt(const char *filename, void *arg)
cert = cert_new_load(filename);
if (!cert) {
log_err_printf("CRITICAL: Failed to load cert and key from PEM file "
log_err_level_printf(LOG_CRIT, "Failed to load cert and key from PEM file "
"'%s'\n", filename);
return -1;
}
if (X509_check_private_key(cert->crt, cert->key) != 1) {
log_err_printf("CRITICAL: Cert does not match key in PEM file "
log_err_level_printf(LOG_CRIT, "Cert does not match key in PEM file "
"'%s':\n", filename);
ERR_print_errors_fp(stderr);
return -1;
@ -1196,7 +1196,7 @@ main(int argc, char *argv[])
}
if (opts->pidfile && (sys_pidf_write(pidfd) == -1)) {
log_err_printf("CRITICAL: Failed to write PID to PID file '%s': %s (%i)"
log_err_level_printf(LOG_CRIT, "Failed to write PID to PID file '%s': %s (%i)"
"\n", opts->pidfile, strerror(errno), errno);
return -1;
}
@ -1225,14 +1225,14 @@ main(int argc, char *argv[])
/* Initialize proxy before dropping privs */
proxy_ctx_t *proxy = proxy_new(opts, clisock[0]);
if (!proxy) {
log_err_printf("CRITICAL: Failed to initialize proxy.\n");
log_err_level_printf(LOG_CRIT, "Failed to initialize proxy.\n");
exit(EXIT_FAILURE);
}
/* Drop privs, chroot */
if (sys_privdrop(opts->dropuser, opts->dropgroup,
opts->jaildir) == -1) {
log_err_printf("CRITICAL: Failed to drop privileges: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to drop privileges: %s (%i)\n",
strerror(errno), errno);
exit(EXIT_FAILURE);
}
@ -1248,11 +1248,11 @@ main(int argc, char *argv[])
goto out_log_failed;
}
if (cachemgr_init() == -1) {
log_err_printf("CRITICAL: Failed to init cache manager.\n");
log_err_level_printf(LOG_CRIT, "Failed to init cache manager.\n");
goto out_cachemgr_failed;
}
if (nat_init() == -1) {
log_err_printf("CRITICAL: Failed to init NAT state table lookup.\n");
log_err_level_printf(LOG_CRIT, "Failed to init NAT state table lookup.\n");
goto out_nat_failed;
}
rv = EXIT_SUCCESS;

8
nat.c
Unescape Escape View File

@ -88,7 +88,7 @@ nat_pf_preinit(void)
{
nat_pf_fd = open("/dev/pf", O_RDONLY);
if (nat_pf_fd < 0) {
log_err_printf("CRITICAL: Error opening '/dev/pf': %s\n",
log_err_level_printf(LOG_CRIT, "Error opening '/dev/pf': %s\n",
strerror(errno));
return -1;
}
@ -102,7 +102,7 @@ nat_pf_init(void)
rv = fcntl(nat_pf_fd, F_SETFD, fcntl(nat_pf_fd, F_GETFD) | FD_CLOEXEC);
if (rv == -1) {
log_err_printf("CRITICAL: Error setting FD_CLOEXEC on '/dev/pf': %s\n",
log_err_level_printf(LOG_CRIT, "Error setting FD_CLOEXEC on '/dev/pf': %s\n",
strerror(errno));
return -1;
}
@ -121,7 +121,7 @@ nat_pf_lookup_cb(struct sockaddr *dst_addr, socklen_t *dst_addrlen,
UNUSED struct sockaddr *src_addr, UNUSED socklen_t src_addrlen)
{
if (getsockname(s, dst_addr, dst_addrlen) == -1) {
log_err_printf("CRITICAL: Error from getsockname(): %s\n",
log_err_level_printf(LOG_CRIT, "Error from getsockname(): %s\n",
strerror(errno));
return -1;
}
@ -309,7 +309,7 @@ nat_getsockname_lookup_cb(struct sockaddr *dst_addr, socklen_t *dst_addrlen,
UNUSED socklen_t src_addrlen)
{
if (getsockname(s, dst_addr, dst_addrlen) == -1) {
log_err_printf("CRITICAL: Error from getsockname(): %s\n",
log_err_level_printf(LOG_CRIT, "Error from getsockname(): %s\n",
strerror(errno));
return -1;
}

114
privsep.c
Unescape Escape View File

@ -122,7 +122,7 @@ privsep_server_signal_handler(int sig)
n = write(selfpipe_wrfd, "!", 1);
} while (n == -1 && errno == EINTR);
if (n == -1) {
log_err_printf("CRITICAL: Failed to write from signal handler: "
log_err_level_printf(LOG_CRIT, "Failed to write from signal handler: "
"%s (%i)\n", strerror(errno), errno);
/* ignore error */
}
@ -158,19 +158,19 @@ privsep_server_openfile(char *fn, int mkpath)
fn2 = strdup(fn);
if (!fn2) {
log_err_printf("CRITICAL: Could not duplicate filname: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Could not duplicate filname: %s (%i)\n",
strerror(errno), errno);
return -1;
}
filedir = dirname(fn2);
if (!filedir) {
log_err_printf("CRITICAL: Could not get dirname: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Could not get dirname: %s (%i)\n",
strerror(errno), errno);
free(fn2);
return -1;
}
if (sys_mkpath(filedir, DFLT_DIRMODE) == -1) {
log_err_printf("CRITICAL: Could not create directory '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Could not create directory '%s': %s (%i)\n",
filedir, strerror(errno), errno);
free(fn2);
return -1;
@ -180,7 +180,7 @@ privsep_server_openfile(char *fn, int mkpath)
fd = open(fn, O_WRONLY|O_APPEND|O_CREAT, DFLT_FILEMODE);
if (fd == -1) {
log_err_printf("CRITICAL: Failed to open '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to open '%s': %s (%i)\n",
fn, strerror(errno), errno);
return -1;
}
@ -206,7 +206,7 @@ privsep_server_opensock(proxyspec_t *spec)
fd = socket(spec->listen_addr.ss_family, SOCK_STREAM, IPPROTO_TCP);
if (fd == -1) {
log_err_printf("CRITICAL: Error from socket(): %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Error from socket(): %s (%i)\n",
strerror(errno), errno);
evutil_closesocket(fd);
return -1;
@ -214,7 +214,7 @@ privsep_server_opensock(proxyspec_t *spec)
rv = evutil_make_socket_nonblocking(fd);
if (rv == -1) {
log_err_printf("CRITICAL: Error making socket nonblocking: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Error making socket nonblocking: %s (%i)\n",
strerror(errno), errno);
evutil_closesocket(fd);
return -1;
@ -222,7 +222,7 @@ privsep_server_opensock(proxyspec_t *spec)
rv = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (void*)&on, sizeof(on));
if (rv == -1) {
log_err_printf("CRITICAL: Error from setsockopt(SO_KEEPALIVE): %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Error from setsockopt(SO_KEEPALIVE): %s (%i)\n",
strerror(errno), errno);
evutil_closesocket(fd);
return -1;
@ -230,14 +230,14 @@ privsep_server_opensock(proxyspec_t *spec)
rv = evutil_make_listen_socket_reuseable(fd);
if (rv == -1) {
log_err_printf("CRITICAL: Error from setsockopt(SO_REUSABLE): %s\n",
log_err_level_printf(LOG_CRIT, "Error from setsockopt(SO_REUSABLE): %s\n",
strerror(errno));
evutil_closesocket(fd);
return -1;
}
if (spec->natsocket && (spec->natsocket(fd) == -1)) {
log_err_printf("CRITICAL: Error from spec->natsocket()\n");
log_err_level_printf(LOG_CRIT, "Error from spec->natsocket()\n");
evutil_closesocket(fd);
return -1;
}
@ -245,7 +245,7 @@ privsep_server_opensock(proxyspec_t *spec)
rv = bind(fd, (struct sockaddr *)&spec->listen_addr,
spec->listen_addrlen);
if (rv == -1) {
log_err_printf("CRITICAL: Error from bind(): %s\n", strerror(errno));
log_err_level_printf(LOG_CRIT, "Error from bind(): %s\n", strerror(errno));
evutil_closesocket(fd);
return -1;
}
@ -262,7 +262,7 @@ privsep_server_opensock_child(proxyspec_t *spec)
fd = socket(spec->child_src_addr.ss_family, SOCK_STREAM, IPPROTO_TCP);
if (fd == -1) {
log_err_printf("CRITICAL: Error from socket() child_fd: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Error from socket() child_fd: %s (%i)\n",
strerror(errno), errno);
evutil_closesocket(fd);
return -1;
@ -270,7 +270,7 @@ privsep_server_opensock_child(proxyspec_t *spec)
rv = evutil_make_socket_nonblocking(fd);
if (rv == -1) {
log_err_printf("CRITICAL: Error making socket nonblocking: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Error making socket nonblocking: %s (%i)\n",
strerror(errno), errno);
evutil_closesocket(fd);
return -1;
@ -278,7 +278,7 @@ privsep_server_opensock_child(proxyspec_t *spec)
rv = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (void*)&on, sizeof(on));
if (rv == -1) {
log_err_printf("CRITICAL: Error from setsockopt(SO_KEEPALIVE): %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Error from setsockopt(SO_KEEPALIVE): %s (%i)\n",
strerror(errno), errno);
evutil_closesocket(fd);
return -1;
@ -286,7 +286,7 @@ privsep_server_opensock_child(proxyspec_t *spec)
rv = evutil_make_listen_socket_reuseable(fd);
if (rv == -1) {
log_err_printf("CRITICAL: Error from setsockopt(SO_REUSABLE) child_fd: %s\n",
log_err_level_printf(LOG_CRIT, "Error from setsockopt(SO_REUSABLE) child_fd: %s\n",
strerror(errno));
evutil_closesocket(fd);
return -1;
@ -295,7 +295,7 @@ privsep_server_opensock_child(proxyspec_t *spec)
rv = bind(fd, (struct sockaddr *)&spec->child_src_addr,
spec->child_src_addrlen);
if (rv == -1) {
log_err_printf("CRITICAL: Error from bind(): %s\n", strerror(errno));
log_err_level_printf(LOG_CRIT, "Error from bind(): %s\n", strerror(errno));
evutil_closesocket(fd);
return -1;
}
@ -320,7 +320,7 @@ privsep_server_certfile(char *fn)
fd = open(fn, O_WRONLY|O_CREAT|O_EXCL, DFLT_FILEMODE);
if (fd == -1 && errno != EEXIST) {
log_err_printf("CRITICAL: Failed to open '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to open '%s': %s (%i)\n",
fn, strerror(errno), errno);
return -1;
}
@ -345,7 +345,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
/* unfriendly EOF, leave server */
return 1;
}
log_err_printf("CRITICAL: Failed to receive msg: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to receive msg: %s (%i)\n",
strerror(errno), errno);
return -1;
}
@ -369,7 +369,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
if (n < 2) {
ans[0] = PRIVSEP_ANS_INVALID;
if (sys_sendmsgfd(srvsock, ans, 1, -1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -379,7 +379,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
*((int*)&ans[1]) = errno;
if (sys_sendmsgfd(srvsock, ans, 1 + sizeof(int),
-1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -391,7 +391,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
free(fn);
ans[0] = PRIVSEP_ANS_DENIED;
if (sys_sendmsgfd(srvsock, ans, 1, -1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -403,7 +403,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
*((int*)&ans[1]) = errno;
if (sys_sendmsgfd(srvsock, ans, 1 + sizeof(int),
-1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -413,7 +413,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
ans[0] = PRIVSEP_ANS_SUCCESS;
if (sys_sendmsgfd(srvsock, ans, 1, fd) == -1) {
close(fd);
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -430,7 +430,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
if (n != sizeof(char) + sizeof(arg)) {
ans[0] = PRIVSEP_ANS_INVALID;
if (sys_sendmsgfd(srvsock, ans, 1, -1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -440,7 +440,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
if (privsep_server_opensock_verify(opts, arg) == -1) {
ans[0] = PRIVSEP_ANS_DENIED;
if (sys_sendmsgfd(srvsock, ans, 1, -1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -451,7 +451,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
*((int*)&ans[1]) = errno;
if (sys_sendmsgfd(srvsock, ans, 1 + sizeof(int),
-1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -460,7 +460,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
ans[0] = PRIVSEP_ANS_SUCCESS;
if (sys_sendmsgfd(srvsock, ans, 1, s) == -1) {
evutil_closesocket(s);
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -477,7 +477,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
if (n != sizeof(char) + sizeof(arg)) {
ans[0] = PRIVSEP_ANS_INVALID;
if (sys_sendmsgfd(srvsock, ans, 1, -1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -489,7 +489,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
*((int*)&ans[1]) = errno;
if (sys_sendmsgfd(srvsock, ans, 1 + sizeof(int),
-1) == -1) {
log_err_printf("CRITICAL: Sending message failed child: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed child: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -498,7 +498,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
ans[0] = PRIVSEP_ANS_SUCCESS;
if (sys_sendmsgfd(srvsock, ans, 1, s) == -1) {
evutil_closesocket(s);
log_err_printf("CRITICAL: Sending message failed child: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed child: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -515,7 +515,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
if (n < 2) {
ans[0] = PRIVSEP_ANS_INVALID;
if (sys_sendmsgfd(srvsock, ans, 1, -1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -525,7 +525,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
*((int*)&ans[1]) = errno;
if (sys_sendmsgfd(srvsock, ans, 1 + sizeof(int),
-1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -537,7 +537,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
free(fn);
ans[0] = PRIVSEP_ANS_DENIED;
if (sys_sendmsgfd(srvsock, ans, 1, -1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -549,7 +549,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
*((int*)&ans[1]) = errno;
if (sys_sendmsgfd(srvsock, ans, 1 + sizeof(int),
-1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -559,7 +559,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
ans[0] = PRIVSEP_ANS_SUCCESS;
if (sys_sendmsgfd(srvsock, ans, 1, fd) == -1) {
close(fd);
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -572,7 +572,7 @@ privsep_server_handle_req(opts_t *opts, int srvsock)
default:
ans[0] = PRIVSEP_ANS_UNK_CMD;
if (sys_sendmsgfd(srvsock, ans, 1, -1) == -1) {
log_err_printf("CRITICAL: Sending message failed: %s (%i"
log_err_level_printf(LOG_CRIT, "Sending message failed: %s (%i"
")\n", strerror(errno), errno);
return -1;
}
@ -625,7 +625,7 @@ privsep_server(opts_t *opts, int sigpipe, int srvsock[], size_t nsrvsock,
#endif /* DEBUG_PRIVSEP_SERVER */
} while (rv == -1 && errno == EINTR);
if (rv == -1) {
log_err_printf("CRITICAL: Select failed: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Select failed: %s (%i)\n",
strerror(errno), errno);
return -1;
}
@ -640,7 +640,7 @@ privsep_server(opts_t *opts, int sigpipe, int srvsock[], size_t nsrvsock,
read(sigpipe, buf, sizeof(buf));
if (received_sigquit) {
if (kill(childpid, SIGQUIT) == -1) {
log_err_printf("CRITICAL: kill(%i,SIGQUIT) "
log_err_level_printf(LOG_CRIT, "kill(%i,SIGQUIT) "
"failed: %s (%i)\n",
childpid,
strerror(errno), errno);
@ -649,7 +649,7 @@ privsep_server(opts_t *opts, int sigpipe, int srvsock[], size_t nsrvsock,
}
if (received_sigterm) {
if (kill(childpid, SIGTERM) == -1) {
log_err_printf("CRITICAL: kill(%i,SIGTERM) "
log_err_level_printf(LOG_CRIT, "kill(%i,SIGTERM) "
"failed: %s (%i)\n",
childpid,
strerror(errno), errno);
@ -658,7 +658,7 @@ privsep_server(opts_t *opts, int sigpipe, int srvsock[], size_t nsrvsock,
}
if (received_sighup) {
if (kill(childpid, SIGHUP) == -1) {
log_err_printf("CRITICAL: kill(%i,SIGHUP) "
log_err_level_printf(LOG_CRIT, "kill(%i,SIGHUP) "
"failed: %s (%i)\n",
childpid,
strerror(errno), errno);
@ -667,7 +667,7 @@ privsep_server(opts_t *opts, int sigpipe, int srvsock[], size_t nsrvsock,
}
if (received_sigusr1) {
if (kill(childpid, SIGUSR1) == -1) {
log_err_printf("CRITICAL: kill(%i,SIGUSR1) "
log_err_level_printf(LOG_CRIT, "kill(%i,SIGUSR1) "
"failed: %s (%i)\n",
childpid,
strerror(errno), errno);
@ -679,7 +679,7 @@ privsep_server(opts_t *opts, int sigpipe, int srvsock[], size_t nsrvsock,
* child process receives SIGINT directly */
if (opts->detach) {
if (kill(childpid, SIGINT) == -1) {
log_err_printf("CRITICAL: kill(%i,SIGINT"
log_err_level_printf(LOG_CRIT, "kill(%i,SIGINT"
") failed: "
"%s (%i)\n",
childpid,
@ -705,7 +705,7 @@ privsep_server(opts_t *opts, int sigpipe, int srvsock[], size_t nsrvsock,
int rv = privsep_server_handle_req(opts,
srvsock[i]);
if (rv == -1) {
log_err_printf("CRITICAL: Failed to handle "
log_err_level_printf(LOG_CRIT, "Failed to handle "
"privsep req "
"on srvsock %i\n",
srvsock[i]);
@ -956,7 +956,7 @@ privsep_fork(opts_t *opts, int clisock[], size_t nclisock)
received_sigusr1 = 0;
if (pipe(selfpipev) == -1) {
log_err_printf("CRITICAL: Failed to create self-pipe: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to create self-pipe: %s (%i)\n",
strerror(errno), errno);
return -1;
}
@ -964,7 +964,7 @@ privsep_fork(opts_t *opts, int clisock[], size_t nclisock)
selfpipev[0], selfpipev[1]);
if (pipe(chldpipev) == -1) {
log_err_printf("CRITICAL: Failed to create chld-pipe: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to create chld-pipe: %s (%i)\n",
strerror(errno), errno);
return -1;
}
@ -973,7 +973,7 @@ privsep_fork(opts_t *opts, int clisock[], size_t nclisock)
for (size_t i = 0; i < nclisock; i++) {
if (socketpair(AF_UNIX, SOCK_DGRAM, 0, sockcliv[i]) == -1) {
log_err_printf("CRITICAL: Failed to create socket pair %zu: "
log_err_level_printf(LOG_CRIT, "Failed to create socket pair %zu: "
"%s (%i)\n", i, strerror(errno), errno);
return -1;
}
@ -983,7 +983,7 @@ privsep_fork(opts_t *opts, int clisock[], size_t nclisock)
pid = fork();
if (pid == -1) {
log_err_printf("CRITICAL: Failed to fork: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to fork: %s (%i)\n",
strerror(errno), errno);
close(selfpipev[0]);
close(selfpipev[1]);
@ -1030,32 +1030,32 @@ privsep_fork(opts_t *opts, int clisock[], size_t nclisock)
* here, we have a race condition; this is solved by the client
* blocking on the reading end of a pipe (chldpipev[0]). */
if (signal(SIGHUP, privsep_server_signal_handler) == SIG_ERR) {
log_err_printf("CRITICAL: Failed to install SIGHUP handler: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to install SIGHUP handler: %s (%i)\n",
strerror(errno), errno);
return -1;
}
if (signal(SIGINT, privsep_server_signal_handler) == SIG_ERR) {
log_err_printf("CRITICAL: Failed to install SIGINT handler: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to install SIGINT handler: %s (%i)\n",
strerror(errno), errno);
return -1;
}
if (signal(SIGTERM, privsep_server_signal_handler) == SIG_ERR) {
log_err_printf("CRITICAL: Failed to install SIGTERM handler: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to install SIGTERM handler: %s (%i)\n",
strerror(errno), errno);
return -1;
}
if (signal(SIGQUIT, privsep_server_signal_handler) == SIG_ERR) {
log_err_printf("CRITICAL: Failed to install SIGQUIT handler: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to install SIGQUIT handler: %s (%i)\n",
strerror(errno), errno);
return -1;
}
if (signal(SIGUSR1, privsep_server_signal_handler) == SIG_ERR) {
log_err_printf("CRITICAL: Failed to install SIGUSR1 handler: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to install SIGUSR1 handler: %s (%i)\n",
strerror(errno), errno);
return -1;
}
if (signal(SIGCHLD, privsep_server_signal_handler) == SIG_ERR) {
log_err_printf("CRITICAL: Failed to install SIGCHLD handler: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to install SIGCHLD handler: %s (%i)\n",
strerror(errno), errno);
return -1;
}
@ -1068,7 +1068,7 @@ privsep_fork(opts_t *opts, int clisock[], size_t nclisock)
for (size_t i = 0; i < nclisock; i++)
socksrv[i] = sockcliv[i][0];
if (privsep_server(opts, selfpipev[0], socksrv, nclisock, pid) == -1) {
log_err_printf("CRITICAL: Privsep server failed: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Privsep server failed: %s (%i)\n",
strerror(errno), errno);
/* fall through */
}
@ -1086,17 +1086,17 @@ privsep_fork(opts_t *opts, int clisock[], size_t nclisock)
wait(&status);
if (WIFEXITED(status)) {
if (WEXITSTATUS(status) != 0) {
log_err_printf("CRITICAL: Child proc %lld exited with status %d\n",
log_err_level_printf(LOG_CRIT, "Child proc %lld exited with status %d\n",
(long long)pid, WEXITSTATUS(status));
} else {
log_dbg_printf("Child proc %lld exited with status %d\n",
(long long)pid, WEXITSTATUS(status));
}
} else if (WIFSIGNALED(status)) {
log_err_printf("CRITICAL: Child proc %lld killed by signal %d\n",
log_err_level_printf(LOG_CRIT, "Child proc %lld killed by signal %d\n",
(long long)pid, WTERMSIG(status));
} else {
log_err_printf("CRITICAL: Child proc %lld neither exited nor killed\n",
log_err_level_printf(LOG_CRIT, "Child proc %lld neither exited nor killed\n",
(long long)pid);
}

2
proc.c
Unescape Escape View File

@ -158,7 +158,7 @@ proc_freebsd_gettcppcblist(struct xinpgen **pxig, struct xinpgen **pexig)
/* check if first and last record are from same generation */
if ((*pxig)->xig_gen != (*pexig)->xig_gen) {
log_err_printf("Warning: data inconsistent "
log_err_level_printf(LOG_WARNING, "Data inconsistent "
"(xig->xig_gen != exig->xig_gen)\n");
}

26
proxy.c
Unescape Escape View File

@ -123,7 +123,7 @@ proxy_listener_errorcb(struct evconnlistener *listener, UNUSED void *arg)
{
struct event_base *evbase = evconnlistener_get_base(listener);
int err = EVUTIL_SOCKET_ERROR();
log_err_printf("CRITICAL: Error %d on listener: %s\n", err,
log_err_level_printf(LOG_CRIT, "Error %d on listener: %s\n", err,
evutil_socket_error_to_string(err));
event_base_loopbreak(evbase);
}
@ -161,14 +161,14 @@ proxy_listener_setup(struct event_base *evbase, pxy_thrmgr_ctx_t *thrmgr,
int fd;
if ((fd = privsep_client_opensock(clisock, spec)) == -1) {
log_err_printf("CRITICAL: Error opening socket: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Error opening socket: %s (%i)\n",
strerror(errno), errno);
return NULL;
}
lctx = proxy_listener_ctx_new(thrmgr, spec, opts);
if (!lctx) {
log_err_printf("CRITICAL: Error creating listener context\n");
log_err_level_printf(LOG_CRIT, "Error creating listener context\n");
evutil_closesocket(fd);
return NULL;
}
@ -181,7 +181,7 @@ proxy_listener_setup(struct event_base *evbase, pxy_thrmgr_ctx_t *thrmgr,
lctx, LEV_OPT_CLOSE_ON_FREE, 1024, fd);
// lctx, LEV_OPT_CLOSE_ON_FREE|LEV_OPT_THREADSAFE, 1024, fd);
if (!lctx->evcl) {
log_err_printf("CRITICAL: Error creating evconnlistener: %s\n",
log_err_level_printf(LOG_CRIT, "Error creating evconnlistener: %s\n",
strerror(errno));
proxy_listener_ctx_free(lctx);
evutil_closesocket(fd);
@ -214,16 +214,16 @@ proxy_signal_cb(evutil_socket_t fd, UNUSED short what, void *arg)
break;
case SIGUSR1:
if (log_reopen() == -1) {
log_err_printf("WARNING: Failed to reopen logs\n");
log_err_level_printf(LOG_WARNING, "Failed to reopen logs\n");
} else {
log_dbg_printf("Reopened log files\n");
}
break;
case SIGPIPE:
log_err_printf("WARNING: Received SIGPIPE; ignoring.\n");
log_err_level_printf(LOG_WARNING, "Received SIGPIPE; ignoring.\n");
break;
default:
log_err_printf("WARNING: Received unexpected signal %i\n", fd);
log_err_level_printf(LOG_WARNING, "Received unexpected signal %i\n", fd);
break;
}
}
@ -269,7 +269,7 @@ proxy_new(opts_t *opts, int clisock)
ctx = malloc(sizeof(proxy_ctx_t));
if (!ctx) {
log_err_printf("CRITICAL: Error allocating memory\n");
log_err_level_printf(LOG_CRIT, "Error allocating memory\n");
goto leave0;
}
memset(ctx, 0, sizeof(proxy_ctx_t));
@ -277,7 +277,7 @@ proxy_new(opts_t *opts, int clisock)
ctx->opts = opts;
ctx->evbase = event_base_new();
if (!ctx->evbase) {
log_err_printf("CRITICAL: Error getting event base\n");
log_err_level_printf(LOG_CRIT, "Error getting event base\n");
goto leave1;
}
@ -286,14 +286,14 @@ proxy_new(opts_t *opts, int clisock)
* resolv.conf while we can still alert the user about it. */
dnsbase = evdns_base_new(ctx->evbase, 0);
if (!dnsbase) {
log_err_printf("CRITICAL: Error creating dns event base\n");
log_err_level_printf(LOG_CRIT, "Error creating dns event base\n");
goto leave1b;
}
rc = evdns_base_resolv_conf_parse(dnsbase, DNS_OPTIONS_ALL,
"/etc/resolv.conf");
evdns_base_free(dnsbase, 0);
if (rc != 0) {
log_err_printf("CRITICAL: evdns cannot parse resolv.conf: "
log_err_level_printf(LOG_CRIT, "evdns cannot parse resolv.conf: "
"%s (%d)\n",
rc == 1 ? "failed to open file" :
rc == 2 ? "failed to stat file" :
@ -312,7 +312,7 @@ proxy_new(opts_t *opts, int clisock)
ctx->thrmgr = pxy_thrmgr_new(opts);
if (!ctx->thrmgr) {
log_err_printf("CRITICAL: Error creating thread manager\n");
log_err_level_printf(LOG_CRIT, "Error creating thread manager\n");
goto leave1b;
}
@ -392,7 +392,7 @@ proxy_run(proxy_ctx_t *ctx)
}
#endif /* PURIFY */
if (pxy_thrmgr_run(ctx->thrmgr) == -1) {
log_err_printf("CRITICAL: Failed to start thread manager\n");
log_err_level_printf(LOG_CRIT, "Failed to start thread manager\n");
return;
}
if (OPTS_DEBUG(ctx->opts)) {

2
proxy.h
Unescape Escape View File

@ -31,6 +31,8 @@
#include "opts.h"
#include "attrib.h"
#include "pxythrmgr.h"
#include <sys/syslog.h>
#include <uuid.h>
typedef struct proxy_ctx proxy_ctx_t;

134
pxyconn.c
Unescape Escape View File

@ -125,7 +125,7 @@ pxy_conn_ctx_new(evutil_socket_t fd,
pxy_conn_ctx_t *ctx = malloc(sizeof(pxy_conn_ctx_t));
if (!ctx) {
log_err_printf("CRITICAL: Error allocating memory\n");
log_err_level_printf(LOG_CRIT, "Error allocating memory\n");
evutil_closesocket(fd);
return NULL;
}
@ -133,7 +133,7 @@ pxy_conn_ctx_new(evutil_socket_t fd,
ctx->uuid = malloc(sizeof(uuid_t));
if (!ctx->uuid) {
log_err_printf("CRITICAL: Error allocating memory\n");
log_err_level_printf(LOG_CRIT, "Error allocating memory\n");
evutil_closesocket(fd);
free(ctx);
return NULL;
@ -369,7 +369,7 @@ pxy_conn_ctx_free(pxy_conn_ctx_t *ctx, int by_requestor)
#endif /* DEBUG_PROXY */
if (WANT_CONTENT_LOG(ctx) && ctx->logctx) {
if (log_content_close(&ctx->logctx, by_requestor) == -1) {
log_err_printf("WARNING: Content log close failed\n");
log_err_level_printf(LOG_WARNING, "Content log close failed\n");
}
}
pxy_thrmgr_detach(ctx);
@ -542,7 +542,7 @@ pxy_debug_crt(X509 *crt)
char *fpr;
if (!(fpr = ssl_x509_fingerprint(crt, 1))) {
log_err_printf("WARNING: Error generating X509 fingerprint\n");
log_err_level_printf(LOG_WARNING, "Error generating X509 fingerprint\n");
} else {
log_dbg_printf("Fingerprint: %s\n", fpr);
free(fpr);
@ -630,13 +630,13 @@ pxy_log_connect_nonhttp(pxy_conn_ctx_t *ctx)
log_err_printf("%s", msg);
} else if (ctx->opts->statslog) {
if (log_stats(msg) == -1) {
log_err_printf("WARNING: Stats logging failed\n");
log_err_level_printf(LOG_WARNING, "Stats logging failed\n");
}
}
if (ctx->opts->connectlog) {
if (log_connect_print_free(msg) == -1) {
free(msg);
log_err_printf("WARNING: Connection logging failed\n");
log_err_level_printf(LOG_WARNING, "Connection logging failed\n");
}
} else {
free(msg);
@ -661,7 +661,7 @@ pxy_log_connect_http(pxy_conn_ctx_t *ctx)
#ifdef DEBUG_PROXY
if (ctx->passthrough) {
log_err_printf("WARNING: pxy_log_connect_http called while in "
log_err_level_printf(LOG_WARNING, "pxy_log_connect_http called while in "
"passthrough mode\n");
return;
}
@ -739,13 +739,13 @@ pxy_log_connect_http(pxy_conn_ctx_t *ctx)
log_err_printf("%s", msg);
} else if (ctx->opts->statslog) {
if (log_stats(msg) == -1) {
log_err_printf("WARNING: Stats logging failed\n");
log_err_level_printf(LOG_WARNING, "Stats logging failed\n");
}
}
if (ctx->opts->connectlog) {
if (log_connect_print_free(msg) == -1) {
free(msg);
log_err_printf("WARNING: Connection logging failed\n");
log_err_level_printf(LOG_WARNING, "Connection logging failed\n");
}
} else {
free(msg);
@ -787,7 +787,7 @@ pxy_ossl_sessnew_cb(MAYBE_UNUSED SSL *ssl, SSL_SESSION *sess)
/* Session resumption seems to fail for SSLv2 with protocol
* parsing errors, so we disable caching for SSLv2. */
if (SSL_version(ssl) == SSL2_VERSION) {
log_err_printf("WARNING: Session resumption denied to SSLv2"
log_err_level_printf(LOG_WARNING, "Session resumption denied to SSLv2"
"client.\n");
return 0;
}
@ -1014,12 +1014,12 @@ pxy_srccert_write(pxy_conn_ctx_t *ctx)
if (ctx->opts->certgen_writeall || ctx->generated_cert) {
if (pxy_srccert_write_to_gendir(ctx,
SSL_get_certificate(ctx->src.ssl), 0) == -1) {
log_err_printf("CRITICAL: Failed to write used certificate\n");
log_err_level_printf(LOG_CRIT, "Failed to write used certificate\n");
}
}
if (ctx->opts->certgen_writeall) {
if (pxy_srccert_write_to_gendir(ctx, ctx->origcrt, 1) == -1) {
log_err_printf("CRITICAL: Failed to write orig certificate\n");
log_err_level_printf(LOG_CRIT, "Failed to write orig certificate\n");
}
}
}
@ -1368,7 +1368,7 @@ pxy_bufferevent_setup(pxy_conn_ctx_t *ctx, evutil_socket_t fd, SSL *ssl)
bev = bufferevent_socket_new(ctx->evbase, fd, BEV_OPT_DEFER_CALLBACKS);
}
if (!bev) {
log_err_printf("CRITICAL: Error creating bufferevent socket\n");
log_err_level_printf(LOG_CRIT, "Error creating bufferevent socket\n");
return NULL;
}
#if LIBEVENT_VERSION_NUMBER >= 0x02010000
@ -1412,7 +1412,7 @@ pxy_bufferevent_setup_child(pxy_conn_child_ctx_t *ctx, evutil_socket_t fd, SSL *
bev = bufferevent_socket_new(ctx->parent->evbase, fd, BEV_OPT_DEFER_CALLBACKS);
}
if (!bev) {
log_err_printf("CRITICAL: Error creating bufferevent socket\n");
log_err_level_printf(LOG_CRIT, "Error creating bufferevent socket\n");
return NULL;
}
@ -1719,7 +1719,7 @@ deny:
if (log_content_submit(ctx->logctx, lb,
1/*req*/) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -1739,7 +1739,7 @@ deny:
if (log_content_submit(ctx->logctx, lb,
0/*resp*/) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -1780,7 +1780,7 @@ pxy_conn_autossl_peek_and_upgrade(pxy_conn_ctx_t *ctx)
}
ctx->srv_dst.ssl = pxy_dstssl_create(ctx);
if (!ctx->srv_dst.ssl) {
log_err_printf("CRITICAL: Error creating SSL for "
log_err_level_printf(LOG_CRIT, "Error creating SSL for "
"upgrade\n");
return 0;
}
@ -1800,7 +1800,7 @@ pxy_conn_autossl_peek_and_upgrade(pxy_conn_ctx_t *ctx)
return 0;
}
if (OPTS_DEBUG(ctx->opts)) {
log_err_printf("INFO: Replaced dst bufferevent, new "
log_err_level_printf(LOG_INFO, "Replaced dst bufferevent, new "
"one is %p\n", (void *)ctx->srv_dst.bev);
}
ctx->clienthello_search = 0;
@ -1920,7 +1920,7 @@ pxy_http_reqhdr_filter(struct evbuffer *inbuf, struct evbuffer *outbuf, struct b
if (log_content_submit(parent->logctx, lb,
1/*req*/) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -1946,7 +1946,7 @@ pxy_http_reqhdr_filter(struct evbuffer *inbuf, struct evbuffer *outbuf, struct b
if (log_content_submit(parent->logctx, lb,
(bev == ctx->src.bev)) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -2007,7 +2007,7 @@ pxy_http_resphdr_filter(struct evbuffer *inbuf, struct evbuffer *outbuf, struct
if (log_content_submit(parent->logctx, lb,
0/*resp*/) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -2033,7 +2033,7 @@ pxy_http_resphdr_filter(struct evbuffer *inbuf, struct evbuffer *outbuf, struct
if (log_content_submit(parent->logctx, lb,
(bev == ctx->src.bev)) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -2054,11 +2054,11 @@ pxy_process_response(struct evbuffer *inbuf, struct evbuffer *outbuf, struct buf
}
if (evbuffer_remove(inbuf, packet, packet_size) < 0) {
log_err_printf("ERROR: evbuffer_remove cannot drain the buffer\n");
log_err_printf("evbuffer_remove cannot drain the buffer\n");
}
if (evbuffer_add(outbuf, packet, packet_size) < 0) {
log_err_printf("ERROR: evbuffer_add failed\n");
log_err_printf("evbuffer_add failed\n");
}
#ifdef DEBUG_PROXY
@ -2072,7 +2072,7 @@ pxy_process_response(struct evbuffer *inbuf, struct evbuffer *outbuf, struct buf
memcpy(lb->buf, packet, lb->sz);
if (log_content_submit(parent->logctx, lb, (bev == ctx->src.bev)) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -2104,7 +2104,7 @@ pxy_bev_readcb(struct bufferevent *bev, void *arg)
#endif /* DEBUG_PROXY */
if (!ctx->connected) {
log_err_printf("CRITICAL: readcb called when other end not connected - "
log_err_level_printf(LOG_CRIT, "readcb called when other end not connected - "
"aborting.\n");
log_exceptcb();
return;
@ -2157,7 +2157,7 @@ pxy_bev_readcb(struct bufferevent *bev, void *arg)
}
if (evbuffer_remove(inbuf, packet, packet_size) < 0) {
log_err_printf("ERROR: evbuffer_remove cannot drain the buffer\n");
log_err_printf("evbuffer_remove cannot drain the buffer\n");
}
#ifdef DEBUG_PROXY
@ -2167,7 +2167,7 @@ pxy_bev_readcb(struct bufferevent *bev, void *arg)
// We insert our special header line to the first packet we get, e.g. right after the first \r\n
// @todo Should we look for GET/POST or Host header lines to detect the first packet?
// But there is no guarantie that they will exist, due to fragmentation.
// But there is no guarantee that they will exist, due to fragmentation.
// @attention We cannot append the ssl proxy address at the end of the packet or in between the header and the content,
// because (1) the packet may be just the first fragment split somewhere not appropriate for appending a header,
// and (2) there may not be any content.
@ -2198,7 +2198,7 @@ pxy_bev_readcb(struct bufferevent *bev, void *arg)
}
if (evbuffer_add(outbuf, packet, packet_size) < 0) {
log_err_printf("ERROR: evbuffer_add failed\n");
log_err_printf("evbuffer_add failed\n");
}
#ifdef DEBUG_PROXY
@ -2213,7 +2213,7 @@ pxy_bev_readcb(struct bufferevent *bev, void *arg)
memcpy(lb->buf, packet, lb->sz);
if (log_content_submit(ctx->logctx, lb, (bev == ctx->src.bev)) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -2250,7 +2250,7 @@ leave:
if (log_content_submit(ctx->logctx, lb,
(bev == ctx->src.bev)) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -2290,7 +2290,7 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
#endif /* DEBUG_PROXY */
if (!ctx->connected) {
log_err_printf("CRITICAL: readcb called when other end not connected - "
log_err_level_printf(LOG_CRIT, "readcb called when other end not connected - "
"aborting.\n");
log_exceptcb();
return;
@ -2333,7 +2333,7 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
}
if (evbuffer_remove(inbuf, packet, packet_size) < 0) {
log_err_printf("ERROR: evbuffer_remove cannot drain the buffer\n");
log_err_printf("evbuffer_remove cannot drain the buffer\n");
}
size_t header_len = strlen(parent->header_str);
@ -2347,7 +2347,7 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
}
if (evbuffer_add(outbuf, packet, packet_size) < 0) {
log_err_printf("ERROR: evbuffer_add failed\n");
log_err_printf("evbuffer_add failed\n");
}
#ifdef DEBUG_PROXY
@ -2362,7 +2362,7 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
memcpy(lb->buf, packet, lb->sz);
if (log_content_submit(parent->logctx, lb, (bev == ctx->src.bev)) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -2399,7 +2399,7 @@ leave:
if (log_content_submit(parent->logctx, lb,
(bev == ctx->src.bev)) == -1) {
logbuf_free(lb);
log_err_printf("WARNING: Content log "
log_err_level_printf(LOG_WARNING, "Content log "
"submission failed\n");
}
}
@ -2429,7 +2429,7 @@ pxy_conn_connect_child(pxy_conn_child_ctx_t *ctx)
pxy_conn_ctx_t *parent = ctx->parent;
if (!parent->addrlen) {
log_err_printf("CRITICAL: Child no target address; aborting connection\n");
log_err_level_printf(LOG_CRIT, "Child no target address; aborting connection\n");
evutil_closesocket(ctx->fd);
pxy_conn_free(parent, 1);
return;
@ -2438,7 +2438,7 @@ pxy_conn_connect_child(pxy_conn_child_ctx_t *ctx)
ctx->src.ssl = NULL;
ctx->src.bev = pxy_bufferevent_setup_child(ctx, ctx->fd, ctx->src.ssl);
if (!ctx->src.bev) {
log_err_printf("CRITICAL: Error creating child src\n");
log_err_level_printf(LOG_CRIT, "Error creating child src\n");
evutil_closesocket(ctx->fd);
pxy_conn_free(parent, 1);
return;
@ -2457,7 +2457,7 @@ pxy_conn_connect_child(pxy_conn_child_ctx_t *ctx)
if ((parent->spec->ssl || parent->clienthello_found) && !parent->passthrough) {
ctx->dst.ssl = pxy_dstssl_create(parent);
if (!ctx->dst.ssl) {
log_err_printf("CRITICAL: Error creating SSL\n");
log_err_level_printf(LOG_CRIT, "Error creating SSL\n");
// pxy_conn_free()>pxy_conn_free_child() will close the fd, since we have a non-NULL src.bev now
pxy_conn_free(parent, 1);
return;
@ -2478,7 +2478,7 @@ pxy_conn_connect_child(pxy_conn_child_ctx_t *ctx)
ctx->dst.bev = pxy_bufferevent_setup_child(ctx, -1, ctx->dst.ssl);
}
if (!ctx->dst.bev) {
log_err_printf("CRITICAL: Error creating bufferevent\n");
log_err_level_printf(LOG_CRIT, "Error creating bufferevent\n");
if (ctx->dst.ssl) {
SSL_free(ctx->dst.ssl);
ctx->dst.ssl = NULL;
@ -2518,7 +2518,7 @@ pxy_conn_setup_child(evutil_socket_t fd, pxy_conn_ctx_t *parent)
pxy_conn_child_ctx_t *ctx = pxy_conn_ctx_new_child(fd, parent);
if (!ctx) {
log_err_printf("CRITICAL: Error allocating memory\n");
log_err_level_printf(LOG_CRIT, "Error allocating memory\n");
evutil_closesocket(fd);
pxy_conn_free(parent, 1);
return;
@ -2630,7 +2630,7 @@ pxy_connected_enable(struct bufferevent *bev, pxy_conn_ctx_t *ctx)
ctx->src.bev = pxy_bufferevent_setup(ctx, fd, ctx->src.ssl);
}
if (!ctx->src.bev) {
log_err_printf("CRITICAL: Error creating bufferevent\n");
log_err_level_printf(LOG_CRIT, "Error creating bufferevent\n");
if (ctx->src.ssl) {
SSL_free(ctx->src.ssl);
ctx->src.ssl = NULL;
@ -2720,7 +2720,7 @@ pxy_connected_enable(struct bufferevent *bev, pxy_conn_ctx_t *ctx)
// Child evcls use the evbase of the parent thread, otherwise we would get multithreading issues.
evutil_socket_t cfd;
if ((cfd = privsep_client_opensock_child(ctx->clisock, ctx->spec)) == -1) {
log_err_printf("CRITICAL: Error opening socket: %s (%i)\n", strerror(errno), errno);
log_err_level_printf(LOG_CRIT, "Error opening socket: %s (%i)\n", strerror(errno), errno);
pxy_conn_free(ctx, 1);
return 0;
}
@ -2730,7 +2730,7 @@ pxy_connected_enable(struct bufferevent *bev, pxy_conn_ctx_t *ctx)
// @attention Do not pass NULL as user-supplied pointer
struct evconnlistener *child_evcl = evconnlistener_new(ctx->thr->evbase, proxy_listener_acceptcb_child, ctx, LEV_OPT_CLOSE_ON_FREE, 1024, ctx->child_fd);
if (!child_evcl) {
log_err_printf("CRITICAL: Error creating child evconnlistener: %s\n", strerror(errno));
log_err_level_printf(LOG_CRIT, "Error creating child evconnlistener: %s\n", strerror(errno));
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "Error creating child evconnlistener: %s, fd=%d, child_fd=%d\n", strerror(errno), fd, ctx->child_fd);
#endif /* DEBUG_PROXY */
@ -2752,7 +2752,7 @@ pxy_connected_enable(struct bufferevent *bev, pxy_conn_ctx_t *ctx)
if (getsockname(ctx->child_fd, (struct sockaddr *)&child_listener_addr, &child_listener_len) < 0) {
perror("getsockname");
log_err_printf("CRITICAL: pxy_connected_enable getsockname error=%s\n", strerror(errno));
log_err_level_printf(LOG_CRIT, "pxy_connected_enable getsockname error=%s\n", strerror(errno));
// @todo If getsockname() fails, should we really terminate the connection?
// @attention Do not close the child fd here, because child evcl exists now, hence pxy_conn_free() will close it while freeing child_evcl
pxy_conn_free(ctx, 1);
@ -2979,7 +2979,7 @@ pxy_print_ssl_error(struct bufferevent *bev, UNUSED pxy_conn_ctx_t *ctx)
#if LIBEVENT_VERSION_NUMBER >= 0x02010000
/* We have disabled notification for unclean shutdowns
* so this should not happen; log a warning. */
log_err_printf("WARNING: Spurious error from "
log_err_level_printf(LOG_WARNING, "Spurious error from "
"bufferevent (errno=0,sslerr=0)\n");
#else /* LIBEVENT_VERSION_NUMBER < 0x02010000 */
/* Older versions of libevent will report these. */
@ -3018,7 +3018,7 @@ pxy_print_ssl_error(struct bufferevent *bev, UNUSED pxy_conn_ctx_t *ctx)
}
} else {
/* real errors */
log_err_printf("ERROR: Error from bufferevent: "
log_err_printf("Error from bufferevent: "
"%i:%s %lu:%i:%s:%i:%s:%i:%s\n",
errno,
errno ? strerror(errno) : "-",
@ -3033,7 +3033,7 @@ pxy_print_ssl_error(struct bufferevent *bev, UNUSED pxy_conn_ctx_t *ctx)
sslerr ?
ERR_func_error_string(sslerr) : "-");
while ((sslerr = bufferevent_get_openssl_error(bev))) {
log_err_printf("ERROR: Additional SSL error: "
log_err_printf("Additional SSL error: "
"%lu:%i:%s:%i:%s:%i:%s\n",
sslerr,
ERR_GET_REASON(sslerr),
@ -3077,7 +3077,7 @@ pxy_bev_eventcb(struct bufferevent *bev, short events, void *arg)
void (*other_free_and_close_fd_func)(struct bufferevent *, pxy_conn_ctx_t *) = (other->bev==ctx->dst.bev) ? &bufferevent_free_and_close_fd_nonssl : &bufferevent_free_and_close_fd;
if (events & BEV_EVENT_ERROR) {
log_err_printf("ERROR: BEV_EVENT_ERROR\n");
log_err_printf("BEV_EVENT_ERROR\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "ERROR: pxy_bev_eventcb error, fd=%d\n", ctx->fd);
#endif /* DEBUG_PROXY */
@ -3120,7 +3120,7 @@ pxy_bev_eventcb(struct bufferevent *bev, short events, void *arg)
#endif /* DEBUG_PROXY */
if (bev == ctx->srv_dst.bev) {
log_err_printf("WARNING: EOF on outbound connection before connection establishment\n");
log_err_level_printf(LOG_WARNING, "EOF on outbound connection before connection establishment\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "WARNING: pxy_bev_eventcb: EOF on outbound connection before connection establishment, fd=%d\n", ctx->fd);
#endif /* DEBUG_PROXY */
@ -3145,7 +3145,7 @@ pxy_bev_eventcb(struct bufferevent *bev, short events, void *arg)
// @todo How to handle the following case?
if (!ctx->connected) {
log_err_printf("WARNING: EOF on outbound connection before connection establishment\n");
log_err_level_printf(LOG_WARNING, "EOF on outbound connection before connection establishment\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "WARNING: pxy_bev_eventcb: EOF on outbound connection before connection establishment, fd=%d\n", ctx->fd);
#endif /* DEBUG_PROXY */
@ -3239,7 +3239,7 @@ pxy_bev_eventcb_child(struct bufferevent *bev, short events, void *arg)
}
if (events & BEV_EVENT_ERROR) {
log_err_printf("ERROR: BEV_EVENT_ERROR\n");
log_err_printf("BEV_EVENT_ERROR\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "ERROR: pxy_bev_eventcb_child error, fd=%d\n", ctx->fd);
#endif /* DEBUG_PROXY */
@ -3287,7 +3287,7 @@ pxy_bev_eventcb_child(struct bufferevent *bev, short events, void *arg)
// @todo How to handle the following case?
if (!ctx->connected) {
log_err_printf("WARNING: EOF on outbound connection before connection establishment\n");
log_err_level_printf(LOG_WARNING, "EOF on outbound connection before connection establishment\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "WARNING: pxy_bev_eventcb_child: EOF on outbound connection before connection establishment, fd=%d, pfd=%d\n", ctx->fd, parent->fd);
#endif /* DEBUG_PROXY */
@ -3355,7 +3355,7 @@ pxy_conn_connect(pxy_conn_ctx_t *ctx)
log_dbg_level_printf(LOG_DBG_MODE_FINEST, "pxy_conn_connect: ENTER fd=%d\n", fd);
#endif /* DEBUG_PROXY */
if (!ctx->addrlen) {
log_err_printf("CRITICAL: No target address; aborting connection\n");
log_err_level_printf(LOG_CRIT, "No target address; aborting connection\n");
evutil_closesocket(fd);
pxy_conn_ctx_free(ctx, 1);
return;
@ -3364,7 +3364,7 @@ pxy_conn_connect(pxy_conn_ctx_t *ctx)
ctx->dst.ssl= NULL;
ctx->dst.bev = pxy_bufferevent_setup(ctx, -1, ctx->dst.ssl);
if (!ctx->dst.bev) {
log_err_printf("CRITICAL: Error creating parent dst\n");
log_err_level_printf(LOG_CRIT, "Error creating parent dst\n");
evutil_closesocket(fd);
pxy_conn_ctx_free(ctx, 1);
return;
@ -3377,7 +3377,7 @@ pxy_conn_connect(pxy_conn_ctx_t *ctx)
if (ctx->spec->ssl && !ctx->passthrough) {
ctx->srv_dst.ssl = pxy_dstssl_create(ctx);
if (!ctx->srv_dst.ssl) {
log_err_printf("CRITICAL: Error creating SSL for srv_dst\n");
log_err_level_printf(LOG_CRIT, "Error creating SSL for srv_dst\n");
pxy_conn_free(ctx, 1);
return;
}
@ -3415,7 +3415,7 @@ pxy_conn_connect(pxy_conn_ctx_t *ctx)
/* initiate connection */
if (bufferevent_socket_connect(ctx->srv_dst.bev, (struct sockaddr *)&ctx->addr, ctx->addrlen) == -1) {
log_err_printf("CRITICAL: pxy_conn_connect: bufferevent_socket_connect for srv_dst failed\n");
log_err_level_printf(LOG_CRIT, "pxy_conn_connect: bufferevent_socket_connect for srv_dst failed\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "pxy_conn_connect: bufferevent_socket_connect for srv_dst failed, fd=%d\n", fd);
#endif /* DEBUG_PROXY */
@ -3442,7 +3442,7 @@ pxy_sni_resolve_cb(int errcode, struct evutil_addrinfo *ai, void *arg)
#endif /* DEBUG_PROXY */
if (errcode) {
log_err_printf("ERROR: Cannot resolve SNI hostname '%s': %s\n",
log_err_printf("Cannot resolve SNI hostname '%s': %s\n",
ctx->sni, evutil_gai_strerror(errcode));
evutil_closesocket(ctx->fd);
pxy_conn_ctx_free(ctx, 1);
@ -3489,7 +3489,7 @@ pxy_fd_readcb(MAYBE_UNUSED evutil_socket_t fd, UNUSED short what, void *arg)
n = recv(fd, buf, sizeof(buf), MSG_PEEK);
if (n == -1) {
log_err_printf("ERROR: Error peeking on fd, aborting connection\n");
log_err_printf("Error peeking on fd, aborting connection\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "ERROR: Error peeking on fd, aborting connection, fd=%d\n", ctx->fd);
#endif /* DEBUG_PROXY */
@ -3499,7 +3499,7 @@ pxy_fd_readcb(MAYBE_UNUSED evutil_socket_t fd, UNUSED short what, void *arg)
}
if (n == 0) {
/* socket got closed while we were waiting */
log_err_printf("ERROR: Socket got closed while waiting\n");
log_err_printf("Socket got closed while waiting\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "ERROR: Socket got closed while waiting, fd=%d\n", ctx->fd);
#endif /* DEBUG_PROXY */
@ -3510,7 +3510,7 @@ pxy_fd_readcb(MAYBE_UNUSED evutil_socket_t fd, UNUSED short what, void *arg)
rv = ssl_tls_clienthello_parse(buf, n, 0, &chello, &ctx->sni);
if ((rv == 1) && !chello) {
log_err_printf("ERROR: Peeking did not yield a (truncated) "
log_err_printf("Peeking did not yield a (truncated) "
"ClientHello message, "
"aborting connection\n");
#ifdef DEBUG_PROXY
@ -3543,7 +3543,7 @@ pxy_fd_readcb(MAYBE_UNUSED evutil_socket_t fd, UNUSED short what, void *arg)
ctx->ev = event_new(ctx->evbase, fd, 0,
pxy_fd_readcb, ctx);
if (!ctx->ev) {
log_err_printf("CRITICAL: Error creating retry event, aborting connection\n");
log_err_level_printf(LOG_CRIT, "Error creating retry event, aborting connection\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "Error creating retry event, aborting connection, fd=%d\n", ctx->fd);
#endif /* DEBUG_PROXY */
@ -3612,7 +3612,7 @@ pxy_conn_setup(evutil_socket_t fd,
// Close the conn if we are out of file descriptors, or libevent will crash us
if (getdtablecount() + FD_RESERVE >= descriptor_table_size) {
errno = EMFILE;
log_err_printf("CRITICAL: Out of file descriptors\n");
log_err_level_printf(LOG_CRIT, "Out of file descriptors\n");
evutil_closesocket(fd);
return;
}
@ -3620,7 +3620,7 @@ pxy_conn_setup(evutil_socket_t fd,
/* create per connection state and attach to thread */
pxy_conn_ctx_t *ctx = pxy_conn_ctx_new(fd, thrmgr, spec, opts, clisock);
if (!ctx) {
log_err_printf("CRITICAL: Error allocating memory\n");
log_err_level_printf(LOG_CRIT, "Error allocating memory\n");
evutil_closesocket(fd);
return;
}
@ -3634,7 +3634,7 @@ pxy_conn_setup(evutil_socket_t fd,
ctx->addrlen = sizeof(struct sockaddr_storage);
if (spec->natlookup((struct sockaddr *)&ctx->addr, &ctx->addrlen,
fd, peeraddr, peeraddrlen) == -1) {
log_err_printf("ERROR: Connection not found in NAT "
log_err_printf("Connection not found in NAT "
"state table, aborting connection\n");
evutil_closesocket(fd);
pxy_conn_ctx_free(ctx, 1);
@ -3648,7 +3648,7 @@ pxy_conn_setup(evutil_socket_t fd,
/* SNI mode */
if (!ctx->spec->ssl) {
/* if this happens, the proxyspec parser is broken */
log_err_printf("ERROR: SNI mode used for non-SSL connection; "
log_err_printf("SNI mode used for non-SSL connection; "
"aborting connection\n");
evutil_closesocket(fd);
pxy_conn_ctx_free(ctx, 1);
@ -3684,7 +3684,7 @@ pxy_conn_setup(evutil_socket_t fd,
return;
memout:
log_err_printf("CRITICAL: Aborting connection setup (out of memory)!\n");
log_err_level_printf(LOG_CRIT, "Aborting connection setup (out of memory)!\n");
evutil_closesocket(fd);
pxy_conn_ctx_free(ctx, 1);
}

2
pxyconn.h
Unescape Escape View File

@ -142,7 +142,7 @@ struct pxy_conn_ctx {
// Fd of the listener event for the children
evutil_socket_t child_fd;
struct evconnlistener *child_evcl;
// SSL proxy return address: The IP:port address the children are listening to, orig client addr, and orig target addr
// SSL proxy specific info: The IP:port address the children are listening on, orig client addr, and orig target addr
char *header_str;
int sent_header;

6
pxysslshut.c
Unescape Escape View File

@ -162,7 +162,7 @@ pxy_ssl_shutdown_cb(evutil_socket_t fd, UNUSED short what, void *arg)
case SSL_ERROR_SSL:
goto complete;
default:
log_err_printf("CRITICAL: Unhandled SSL_shutdown() error %i. Closing fd\n", sslerr);
log_err_level_printf(LOG_CRIT, "Unhandled SSL_shutdown() error %i. Closing fd\n", sslerr);
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "Unhandled SSL_shutdown() error %i. Closing fd, fd=%d\n", sslerr, fd);
#endif /* DEBUG_PROXY */
@ -172,7 +172,7 @@ pxy_ssl_shutdown_cb(evutil_socket_t fd, UNUSED short what, void *arg)
retry:
if (ctx->retries++ >= 50) {
log_err_printf("WARNING: Failed to shutdown SSL connection cleanly: Max retries reached. Closing fd\n");
log_err_level_printf(LOG_WARNING, "Failed to shutdown SSL connection cleanly: Max retries reached. Closing fd\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "WARNING: Failed to shutdown SSL connection cleanly: Max retries reached. Closing fd, fd=%d\n", fd);
#endif /* DEBUG_PROXY */
@ -183,7 +183,7 @@ retry:
event_add(ctx->ev, &retry_delay);
return;
}
log_err_printf("ERROR: Failed to shutdown SSL connection cleanly: Cannot create event. Closing fd\n");
log_err_printf("Failed to shutdown SSL connection cleanly: Cannot create event. Closing fd\n");
#ifdef DEBUG_PROXY
log_dbg_level_printf(LOG_DBG_MODE_FINER, "ERROR: Failed to shutdown SSL connection cleanly: Cannot create event. Closing fd, fd=%d\n", fd);
#endif /* DEBUG_PROXY */

6
pxythrmgr.c
Unescape Escape View File

@ -100,7 +100,7 @@ pxy_thrmgr_get_thr_expired_conns(pxy_thr_ctx_t *tctx, pxy_conn_ctx_t **expired_c
dst_addr = NULL;
if (log_stats(msg) == -1) {
log_err_printf("WARNING: Stats logging failed\n");
log_err_level_printf(LOG_WARNING, "Stats logging failed\n");
}
free(msg);
@ -201,7 +201,7 @@ pxy_thrmgr_print_thr_info(pxy_thr_ctx_t *tctx)
}
if (log_stats(smsg) == -1) {
log_err_printf("WARNING: Stats logging failed\n");
log_err_level_printf(LOG_WARNING, "Stats logging failed\n");
}
free(smsg);
smsg = NULL;
@ -236,7 +236,7 @@ pxy_thrmgr_print_thr_info(pxy_thr_ctx_t *tctx)
#endif /* DEBUG_PROXY */
if (log_stats(smsg) == -1) {
log_err_printf("WARNING: Stats logging failed\n");
log_err_level_printf(LOG_WARNING, "Stats logging failed\n");
}
free(smsg);
smsg = NULL;

2
ssl.c
Unescape Escape View File

@ -376,7 +376,7 @@ ssl_init(void)
return -1;
}
#else /* PURIFY */
log_err_printf("Warning: not seeding OpenSSL RAND due to PURITY!\n");
log_err_level_printf(LOG_WARNING, "Not seeding OpenSSL RAND due to PURITY!\n");
memset(buf, 0, sizeof(buf));
while (!RAND_status()) {
RAND_seed(buf, sizeof(buf));

42
sys.c
Unescape Escape View File

@ -80,7 +80,7 @@ sys_privdrop(const char *username, const char *groupname, const char *jaildir)
if (groupname) {
errno = 0;
if (!(gr = getgrnam(groupname))) {
log_err_printf("CRITICAL: Failed to getgrnam group '%s': %s\n",
log_err_level_printf(LOG_CRIT, "Failed to getgrnam group '%s': %s\n",
groupname, strerror(errno));
goto error;
}
@ -89,7 +89,7 @@ sys_privdrop(const char *username, const char *groupname, const char *jaildir)
if (username) {
errno = 0;
if (!(pw = getpwnam(username))) {
log_err_printf("CRITICAL: Failed to getpwnam user '%s': %s\n",
log_err_level_printf(LOG_CRIT, "Failed to getpwnam user '%s': %s\n",
username, strerror(errno));
goto error;
}
@ -99,7 +99,7 @@ sys_privdrop(const char *username, const char *groupname, const char *jaildir)
}
if (initgroups(username, pw->pw_gid) == -1) {
log_err_printf("CRITICAL: Failed to initgroups user '%s': %s\n",
log_err_level_printf(LOG_CRIT, "Failed to initgroups user '%s': %s\n",
username, strerror(errno));
goto error;
}
@ -107,12 +107,12 @@ sys_privdrop(const char *username, const char *groupname, const char *jaildir)
if (jaildir) {
if (chroot(jaildir) == -1) {
log_err_printf("CRITICAL: Failed to chroot to '%s': %s\n",
log_err_level_printf(LOG_CRIT, "Failed to chroot to '%s': %s\n",
jaildir, strerror(errno));
goto error;
}
if (chdir("/") == -1) {
log_err_printf("CRITICAL: Failed to chdir to '/': %s\n",
log_err_level_printf(LOG_CRIT, "Failed to chdir to '/': %s\n",
strerror(errno));
goto error;
}
@ -120,18 +120,18 @@ sys_privdrop(const char *username, const char *groupname, const char *jaildir)
if (username) {
if (setgid(pw->pw_gid) == -1) {
log_err_printf("CRITICAL: Failed to setgid to %i: %s\n",
log_err_level_printf(LOG_CRIT, "Failed to setgid to %i: %s\n",
pw->pw_gid, strerror(errno));
goto error;
}
if (setuid(pw->pw_uid) == -1) {
log_err_printf("CRITICAL: Failed to setuid to %i: %s\n",
log_err_level_printf(LOG_CRIT, "Failed to setuid to %i: %s\n",
pw->pw_uid, strerror(errno));
goto error;
}
} else if (getuid() != geteuid()) {
if (setuid(getuid()) == -1) {
log_err_printf("CRITICAL: Failed to setuid(getuid()): %s\n",
log_err_level_printf(LOG_CRIT, "Failed to setuid(getuid()): %s\n",
strerror(errno));
goto error;
}
@ -154,7 +154,7 @@ sys_isuser(const char *username)
errno = 0;
if (!getpwnam(username)) {
if (errno != 0 && errno != ENOENT) {
log_err_printf("CRITICAL: Failed to load user '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to load user '%s': %s (%i)\n",
username, strerror(errno), errno);
}
return 0;
@ -173,7 +173,7 @@ sys_isgroup(const char *groupname)
errno = 0;
if (!getgrnam(groupname)) {
if (errno != 0 && errno != ENOENT) {
log_err_printf("CRITICAL: Failed to load group '%s': %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Failed to load group '%s': %s (%i)\n",
groupname, strerror(errno), errno);
}
return 0;
@ -191,12 +191,12 @@ sys_pidf_open(const char *fn)
int fd;
if ((fd = open(fn, O_RDWR|O_CREAT, DFLT_PIDFMODE)) == -1) {
log_err_printf("CRITICAL: Failed to open '%s': %s\n", fn,
log_err_level_printf(LOG_CRIT, "Failed to open '%s': %s\n", fn,
strerror(errno));
return -1;
}
if (flock(fd, LOCK_EX|LOCK_NB) == -1) {
log_err_printf("CRITICAL: Failed to lock '%s': %s\n", fn,
log_err_level_printf(LOG_CRIT, "Failed to lock '%s': %s\n", fn,
strerror(errno));
close(fd);
return -1;
@ -286,7 +286,7 @@ sys_user_str(uid_t uid)
} while (rv == ERANGE);
free(buf);
log_err_printf("CRITICAL: Failed to lookup uid: %s (%i)\n", strerror(rv), rv);
log_err_level_printf(LOG_CRIT, "Failed to lookup uid: %s (%i)\n", strerror(rv), rv);
return NULL;
}
@ -339,7 +339,7 @@ sys_group_str(gid_t gid)
} while (rv == ERANGE);
free(buf);
log_err_printf("CRITICAL: Failed to lookup gid: %s (%i)\n", strerror(rv), rv);
log_err_level_printf(LOG_CRIT, "Failed to lookup gid: %s (%i)\n", strerror(rv), rv);
return NULL;
}
@ -363,7 +363,7 @@ sys_sockaddr_parse(struct sockaddr_storage *addr, socklen_t *addrlen,
hints.ai_flags = EVUTIL_AI_ADDRCONFIG | flags;
rv = evutil_getaddrinfo(naddr, nport, &hints, &ai);
if (rv != 0) {
log_err_printf("CRITICAL: Cannot resolve address '%s' port '%s': %s\n",
log_err_level_printf(LOG_CRIT, "Cannot resolve address '%s' port '%s': %s\n",
naddr, nport, gai_strerror(rv));
return -1;
}
@ -392,7 +392,7 @@ sys_sockaddr_str(struct sockaddr *addr, socklen_t addrlen,
*serv = malloc(6); /* max decimal digits of short plus terminator */
if (!*serv) {
log_err_printf("CRITICAL: Cannot allocate memory\n");
log_err_level_printf(LOG_CRIT, "Cannot allocate memory\n");
return -1;
}
rv = getnameinfo(addr, addrlen,
@ -400,7 +400,7 @@ sys_sockaddr_str(struct sockaddr *addr, socklen_t addrlen,
*serv, 6,
NI_NUMERICHOST | NI_NUMERICSERV);
if (rv != 0) {
log_err_printf("CRITICAL: Cannot get nameinfo for socket address: %s\n",
log_err_level_printf(LOG_CRIT, "Cannot get nameinfo for socket address: %s\n",
gai_strerror(rv));
free(*serv);
return -1;
@ -408,7 +408,7 @@ sys_sockaddr_str(struct sockaddr *addr, socklen_t addrlen,
hostsz = strlen(tmphost) + 1; /* including terminator */
*host = malloc(hostsz);
if (!*host) {
log_err_printf("CRITICAL: Cannot allocate memory\n");
log_err_level_printf(LOG_CRIT, "Cannot allocate memory\n");
free(*serv);
return -1;
}
@ -460,7 +460,7 @@ sys_isdir(const char *path)
if (stat(path, &s) == -1) {
if (errno != ENOENT) {
log_err_printf("CRITICAL: Error stating file: %s (%i)\n",
log_err_level_printf(LOG_CRIT, "Error stating file: %s (%i)\n",
strerror(errno), errno);
}
return 0;
@ -537,7 +537,7 @@ sys_dir_eachfile(const char *dirname, sys_dir_eachfile_cb_t cb, void *arg)
tree = fts_open(paths, FTS_NOCHDIR | FTS_LOGICAL, NULL);
if (!tree) {
log_err_printf("CRITICAL: Cannot open directory '%s': %s\n",
log_err_level_printf(LOG_CRIT, "Cannot open directory '%s': %s\n",
dirname, strerror(errno));
rv = -1;
goto out1;
@ -553,7 +553,7 @@ sys_dir_eachfile(const char *dirname, sys_dir_eachfile_cb_t cb, void *arg)
}
}
if (errno) {
log_err_printf("CRITICAL: Error reading directory entry: %s\n",
log_err_level_printf(LOG_CRIT, "Error reading directory entry: %s\n",
strerror(errno));
rv = -1;
goto out2;

Write Preview
Loading…
Cancel
Save