From 1a3a4b3b242e1a045a5f08c91edd074865a85cee Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Fri, 3 Oct 2008 23:33:11 +0200 Subject: Log review (part 1) - log categories Went through all parts of the code, and reorganised log categories. The following "rules" where used for categorisation: LOG_INFO - General info, should avoid log level higher than 5 LOG_DEBUG - Using DEBUG function only log level always > 10 LOG_WARNING - When something action fails, but not as severe that the process cannot continue. Log level never > 2 LOG_ERROR - API errors, but not severe, can continue LOG_FATAL - Action failed and we cannot continue in this function. Log level always < 2 LOG_PANIC - Action failed and eurephia-auth cannot continue to work any more (program restart needed). Log level always 0 --- database/eurephiadb-driver_template.c | 114 ++++++++++++++++--------------- database/sqlite/eurephiadb-sqlite.c | 122 +++++++++++++++++----------------- eurephia.c | 4 +- eurephia_getsym.c | 2 +- eurephia_values.c | 2 +- eurephiadb_session.c | 20 +++--- eurephiafw.c | 26 ++++---- eurephiafw_helpers.c | 4 +- 8 files changed, 152 insertions(+), 142 deletions(-) diff --git a/database/eurephiadb-driver_template.c b/database/eurephiadb-driver_template.c index 005afc7..f640ee8 100644 --- a/database/eurephiadb-driver_template.c +++ b/database/eurephiadb-driver_template.c @@ -88,7 +88,7 @@ void update_attempts(eurephiaCTX *ctx, const char *blid) { " SET last_accessed = CURRENT_TIMESTAMP WHERE blid = %s", blid */ if( /* SQL COMMAND FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update openvpn_blacklist.last_accessed for blid=%s", blid); } /* FREE SQL RESULT */ @@ -136,7 +136,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) /* WORK TO DO -- Open a database connection, and save the handle in dbc->handle */ if( /* IF CONNECTION FAILED */ ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not open database '%s'", dbc->dbname); + eurephia_log(ctx, LOG_PANIC, 0, "Could not open database '%s'", dbc->dbname); free_nullsafe(dbc->dbname); free_nullsafe(dbc); return 0; @@ -186,7 +186,7 @@ void eDBdisconnect(eurephiaCTX *ctx) } dbc = ctx->dbc; - eurephia_log(ctx, LOG_INFO, 2, "Closing database '%s'", dbc->dbname); + eurephia_log(ctx, LOG_INFO, 1, "Closing database '%s'", dbc->dbname); /* WORK TO DO: Close database connection using dbc->dbhandle */ @@ -230,18 +230,18 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char // Check if we found certificate to be blacklisted or not. blid == NULL when NOT blacklisted if( blid == NULL ) { if( certid > 0 ) { - eurephia_log(ctx, LOG_INFO, 0, + eurephia_log(ctx, LOG_INFO, 0, "Found certid %i for user: %s/%s/%s", certid, org, cname, email); } else { - eurephia_log(ctx, LOG_INFO, 1, + eurephia_log(ctx, LOG_INFO, 1, "Unknown certificate for: %s/%s/%s (depth %s, digest: %s)", org, cname, email, depth, digest); } // Certificate is okay, certid contains the certificate ID } else { // If the certificate or IP is blacklisted, update status and deny access. - eurephia_log(ctx, LOG_WARNING, 1, + eurephia_log(ctx, LOG_WARNING, 0, "Attempt with BLACKLISTED certificate (certid %i)", certid); update_attempts(ctx, blid); certid = -1; @@ -284,8 +284,8 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const */ free_nullsafe(crpwd); if( /* IF NO RESULT WAS RETURNED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, - "Could not lookup user in database (certid %i, username '%s'", certid, username); + eurephia_log(ctx, LOG_FATAL, 0, + "Could not look up user in database (certid %i, username '%s'", certid, username); return 0; } @@ -298,25 +298,29 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const pwdok = atoi_nullsafe(/* GET pwdok FIELD FROM SQL RESULT */); if( blid_uname != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, "User account is BLACKLISTED (uid: %i, %s)", + eurephia_log(ctx, LOG_WARNING, 0, + "User account is BLACKLISTED (uid: %i, %s)", uid, username); uicid = -1; } else if( blid_cert != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, + eurephia_log(ctx, LOG_WARNING, 0, "User account linked with a BLACKLISTED certificate " "(uid: %i, %s) - certid: %s", uid, username, certid); uicid = -1; } else if( activated == NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, "User account is not activated (uid: %i, %s)", + eurephia_log(ctx, LOG_WARNING, 0, + "User account is not activated (uid: %i, %s)", uid, username); uicid = -1; } else if( deactivated != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, "User account is deactivated (uid: %i, %s)", + eurephia_log(ctx, LOG_WARNING, 0, + "User account is deactivated (uid: %i, %s)", uid, username); uicid = -1; } else if( pwdok != 1 ) { - eurephia_log(ctx, LOG_WARNING, 0,"Authentication failed for user '%s'. Wrong password.", + eurephia_log(ctx, LOG_WARNING, 0, + "Authentication failed for user '%s'. Wrong password.", username); uicid = -1; @@ -351,7 +355,7 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username) certid, username */ if( /* IF NO RESULT FOUND */ || /* OR WE GOT MORE THAN 1 RECORD */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not lookup userid for user '%s'", username); + eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup userid for user '%s'", username); ret = -1; } else { ret = atoi_nullsafe(/* GET uid FIELD FROM SQL RESULT */); @@ -380,14 +384,14 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) /* FREE SQL RESULT */ if( blid != NULL ) { // If we found a blacklisted record - eurephia_log(ctx, LOG_WARNING, 1, "Attempt from blacklisted %s: %s", + eurephia_log(ctx, LOG_WARNING, 0, "Attempt from blacklisted %s: %s", eDBattempt_types[type].descr, val); blacklisted = 1; // [type] is blacklisted } // Update attempt information update_attempts(ctx, blid); } else { - eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_blacklist for blacklisted %s", + eurephia_log(ctx, LOG_FATAL, 0, "Quering openvpn_blacklist for blacklisted %s failed", eDBattempt_types[type].descr); } @@ -408,15 +412,15 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) // If [type] has reached attempt limit and it is not black listed, black list it if( (atpexceed > 0) && (blid == NULL) ) { eurephia_log(ctx, LOG_WARNING, 0, - "%s got BLACKLISTED due to too many failed attempts: %s", + "%s got BLACKLISTED due to too many failed attempts: %s", eDBattempt_types[type].descr, val); /* WORK TO DO -- DO SQL "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')", eDBattempt_types[type].colname, val */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, - "Could not blacklist %s (%s)", + eurephia_log(ctx, LOG_CRITICAL, 0, + "Could not blacklist %s (%s)", eDBattempt_types[type].descr, val); } /* FREE SQL RESULT */ @@ -424,7 +428,8 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) } free_nullsafe(atpid); } else { - eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_attempts for blacklisted %s failed", + eurephia_log(ctx, LOG_CRITICAL, 0, + "Quering openvpn_attempts for blacklisted %s failed", eDBattempt_types[type].descr); } free_nullsafe(atpr); @@ -461,7 +466,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value eDBattempt_types[type].colname, value */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not look up atpid in openvpn_attempts"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not look up atpid in openvpn_attempts"); return; } @@ -487,7 +492,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value Result check comes later ... */ - } else if( id != NULL ){ + } else if( id != NULL ) { // if a attempt record exists, update it according to mode switch( mode ) { case ATTEMPT_RESET: @@ -512,7 +517,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value } if( /* IF SQL QUERY FAILED */ ) { eurephia_log(ctx, LOG_CRITICAL, 0, - "Could not update openvpn_attempts for %s = %s", + "Could not update openvpn_attempts for %s = %s", eDBattempt_types[type].colname, value); } /* FREE SQL RESULT */ @@ -528,7 +533,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value eDBattempt_types[type].colname, value */ if( /* IF SQL FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not blacklist %s: %s", eDBattempt_types[type].descr, value); } @@ -549,7 +554,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); if( skey->sessionstatus != SESSION_NEW ) { - eurephia_log(ctx, LOG_WARNING, 10, "Not a new session, will not register it again"); + eurephia_log(ctx, LOG_WARNING, 5, "Not a new session, will not register it again"); return 1; } @@ -562,7 +567,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not insert new session into openvpn_lastlog"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog"); return 0; } /* FREE SQL RESULT */ @@ -578,7 +583,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha session->sessionkey, macaddr); if( macaddr == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "No MAC address was given to save"); + eurephia_log(ctx, LOG_FATAL, 0, "No MAC address was given to save"); return 0; } @@ -588,7 +593,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha session->sessionkey, macaddr */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Failed to log new MAC address for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Failed to log new MAC address for session"); return 0; } /* FREE SQL RESULT */ @@ -599,14 +604,14 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha " WHERE sessionkey = '%q' AND sessionstatus = 1", macaddr, session->sessionkey); */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with new MAC address for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new MAC address for session"); return 0; } /* FREE SQL RESULT */ // Save the MAC address in the session values register - needed for the destroy session if( eDBset_session_value(ctx, session, "macaddr", macaddr) == 0 ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not save MAC address into session variables"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not save MAC address into session variables"); return 0; } @@ -615,7 +620,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha // Register the user as logged out -int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, +int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, const char *bytes_sent, const char *bytes_received, const char *duration) { DEBUG(ctx, 10, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", @@ -630,7 +635,8 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, atoi_nullsafe(duration), skey->sessionke */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with logout information (%s)", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not update lastlog with logout information (%s)", skey->sessionkey); return 0; } @@ -648,7 +654,7 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { DEBUG(ctx, 10, "eDBget_sessionkey(ctx, '%s')", sessionseed); if( sessionseed == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBget_sessionkey: No session seed given - cannot locate sessionkey"); return NULL; } @@ -662,7 +668,8 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { sessionseed */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not retrieve sessionkey from openvpn_sessionkeys (%s)", sessionseed); return NULL; } @@ -689,7 +696,7 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) { macaddr */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not remove session from database (MAC addr: %s)", macaddr); return 0; } @@ -706,7 +713,7 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { DEBUG(ctx, 10, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); if( seskey == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBcheck_sessionkey_uniqness: Invalid session key given"); return 0; } @@ -716,7 +723,7 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { seskey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBcheck_sessionkey_uniqness: Could not check uniqueness of sessionkey"); return 0; } @@ -731,7 +738,7 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske DEBUG(ctx, 10, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); if( (seed == NULL) || (seskey == NULL) ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBregister_sessionkey: Invalid session seed or session key given"); return 0; } @@ -741,7 +748,7 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske seed, seskey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBregister_sessionkey: Error registering sessionkey into openvpn_sessionkeys"); return 0; } @@ -754,7 +761,7 @@ int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { DEBUG(ctx, 10, "eDBremove_sessionkey(ctx, '%s')", seskey); if( seskey == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBremove_sessionkey: Invalid session key given"); return 0; } @@ -764,7 +771,7 @@ int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { seskey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBremove_sessionkey: Error removing sessionkey from openvpn_sessionkeys"); return 0; } @@ -791,13 +798,13 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { */ if( /* IF WE GOT RECORDS IN THE QUERY */ ) { for( /* LOOP THROUGH ALL RECORDS */ ) { - eAdd_value(ctx, sessvals, + eAdd_value(ctx, sessvals, /* GET datakey FROM SQL RESULT */, /* GET dataval FROM SQL RESULT */); } /* FREE SQL RESULT */ } else { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not load session values for session '%s'", sesskey); } @@ -826,7 +833,7 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, session->sessionkey, key, val */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not register new session variable into database: [%s] %s = %s", session->sessionkey, key, val); return 0; @@ -840,7 +847,8 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, val, session->sessionkey, key */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update session variable: [%s] %s = %s ", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not update session variable: [%s] %s = %s ", session->sessionkey, key, val); return 0; } @@ -852,15 +860,17 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, session->sessionkey, key */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not delete session variable: [%s] %s", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not delete session variable: [%s] %s", session->sessionkey, key); return 0; } break; default: - eurephia_log(ctx, LOG_FATAL, 0, "Unknown eDBstore_session_value mode '%i'", mode); - return 1; + eurephia_log(ctx, LOG_FATAL, 0, + "Unknown eDBstore_session_value mode '%i'", mode); + return 0; } /* FREE SQL RESULT */ return 1; @@ -885,7 +895,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { session->sessionkey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not update session status in lastlog (%s))", session->sessionkey); return 0; } @@ -897,7 +907,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { session->sessionkey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variables (%s))", session->sessionkey); return 0; } @@ -927,7 +937,8 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) session->sessionkey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not retrieve firewall profile for session '%s'", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not retrieve firewall profile for session '%s'", session->sessionkey); return NULL; } @@ -935,4 +946,3 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) /* FREE SQL RESULT */ return ret; } - diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c index 4fc7c5d..bdfbea5 100644 --- a/database/sqlite/eurephiadb-sqlite.c +++ b/database/sqlite/eurephiadb-sqlite.c @@ -84,7 +84,7 @@ void update_attempts(eurephiaCTX *ctx, const char *blid) { "UPDATE openvpn_blacklist " " SET last_accessed = CURRENT_TIMESTAMP WHERE blid = %q", blid); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update openvpn_blacklist.last_accessed for blid=%s", blid); } sqlite_free_results(res); @@ -102,10 +102,6 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) dbresult *res = NULL; int rc; -#ifdef MEMWATCH - mwStatistics(3); -#endif - DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]); if( (argc != 1) || (argv[0] == NULL) || (strlen(argv[0]) < 1) ) { @@ -122,7 +118,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) rc = sqlite3_open(argv[0], (void *) &dbc->dbhandle); if( rc ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not open database '%s'", dbc->dbname); + eurephia_log(ctx, LOG_PANIC, 0, "Could not open database '%s'", dbc->dbname); free_nullsafe(dbc->dbname); free_nullsafe(dbc); return 0; @@ -166,7 +162,7 @@ void eDBdisconnect(eurephiaCTX *ctx) } dbc = ctx->dbc; - eurephia_log(ctx, LOG_INFO, 2, "Closing database '%s'", dbc->dbname); + eurephia_log(ctx, LOG_INFO, 1, "Closing database '%s'", dbc->dbname); // Close database connection sqlite3_close((sqlite3 *) dbc->dbhandle); @@ -190,7 +186,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char char *blid = NULL; DEBUG(ctx, 10, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", - org, cname, email, digest, depth); + org, cname, email, digest, depth); // Check if certificate is valid, and not too many attempts has been tried with the given certificate res = sqlite_query(ctx, @@ -209,18 +205,18 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char // Check if we found certificate to be blacklisted or not. blid == NULL when NOT blacklisted if( blid == NULL ) { if( certid > 0 ) { - eurephia_log(ctx, LOG_INFO, 0, + eurephia_log(ctx, LOG_INFO, 0, "Found certid %i for user: %s/%s/%s", certid, org, cname, email); } else { - eurephia_log(ctx, LOG_INFO, 1, + eurephia_log(ctx, LOG_INFO, 1, "Unknown certificate for: %s/%s/%s (depth %s, digest: %s)", org, cname, email, depth, digest); } // Certificate is okay, certid contains the certificate ID } else { // If the certificate or IP is blacklisted, update status and deny access. - eurephia_log(ctx, LOG_WARNING, 1, + eurephia_log(ctx, LOG_WARNING, 0, "Attempt with BLACKLISTED certificate (certid %i)", certid); update_attempts(ctx, blid); certid = -1; @@ -250,7 +246,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const // Generate SHA1 hash of password, used for password auth crpwd = passwdhash(passwd); - res = sqlite_query(ctx, + res = sqlite_query(ctx, "SELECT uicid, ou.uid, activated, deactivated, bl1.blid, bl2.blid, " " (password = '%s') AS pwdok" " FROM openvpn_users ou" @@ -263,7 +259,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const crpwd, certid, username); free_nullsafe(crpwd); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup user in database (certid %i, username '%s'", certid, username); return 0; } @@ -281,7 +277,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const uid, username); uicid = -1; } else if( blid_cert != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, + eurephia_log(ctx, LOG_WARNING, 0, "User account linked with a BLACKLISTED certificate " "(uid: %i, %s) - certid: %s", uid, username, certid); @@ -323,14 +319,14 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username) DEBUG(ctx, 10, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); - res = sqlite_query(ctx, + res = sqlite_query(ctx, "SELECT uid " " FROM openvpn_usercerts " " JOIN openvpn_users USING (uid) " " WHERE certid = '%i' AND username = '%q'", certid, username); if( (res == NULL) || (sqlite_get_numtuples(res) != 1) ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not lookup userid for user '%s'", username); + eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup userid for user '%s'", username); ret = -1; } else { ret = atoi_nullsafe(sqlite_get_value(res, 0, 0)); @@ -351,7 +347,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) DEBUG(ctx, 10, "Function call: eDBblacklist_check(ctx, '%s', '%s')", eDBattempt_types[type].descr, val); - blr = sqlite_query(ctx, "SELECT blid FROM openvpn_blacklist WHERE %s = '%q'", + blr = sqlite_query(ctx, "SELECT blid FROM openvpn_blacklist WHERE %s = '%q'", eDBattempt_types[type].colname, val); if( blr != NULL ) { blid = strdup_nullsafe(sqlite_get_value(blr, 0, 0)); @@ -359,21 +355,21 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) blr = NULL; if( blid != NULL ) { - eurephia_log(ctx, LOG_WARNING, 1, "Attempt from blacklisted %s: %s", + eurephia_log(ctx, LOG_WARNING, 0, "Attempt from blacklisted %s: %s", eDBattempt_types[type].descr, val); blacklisted = 1; // [type] is blacklisted } // Update attempt information update_attempts(ctx, blid); } else { - eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_blacklist for blacklisted %s", + eurephia_log(ctx, LOG_FATAL, 0, "Quering openvpn_blacklist for blacklisted %s failed", eDBattempt_types[type].descr); } if( blacklisted == 0 ) { // Check if this [type] has been attempted earlier - if it has reaced the maximum // attempt limit, blacklist it - atpr = sqlite_query(ctx, + atpr = sqlite_query(ctx, "SELECT atpid, attempts >= %q FROM openvpn_attempts WHERE %s = '%q'", eGet_value(ctx->dbc->config, eDBattempt_types[type].allow_cfg), eDBattempt_types[type].colname, val); @@ -386,14 +382,14 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) // If [type] has reached attempt limit and it is not black listed, black list it if( (atpexceed > 0) && (blid == NULL) ) { eurephia_log(ctx, LOG_WARNING, 0, - "%s got BLACKLISTED due to too many failed attempts: %s", + "%s got BLACKLISTED due to too many failed attempts: %s", eDBattempt_types[type].descr, val); blr = sqlite_query(ctx, - "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')", + "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')", eDBattempt_types[type].colname, val); if( blr == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, - "Could not blacklist %s (%s)", + eurephia_log(ctx, LOG_CRITICAL, 0, + "Could not blacklist %s (%s)", eDBattempt_types[type].descr, val); } sqlite_free_results(blr); @@ -437,7 +433,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value eDBattempt_types[type].colname, eDBattempt_types[type].colname, value); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not look up atpid in openvpn_attempts"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not look up atpid in openvpn_attempts"); return; } @@ -512,7 +508,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); if( skey->sessionstatus != SESSION_NEW ) { - eurephia_log(ctx, LOG_WARNING, 10, "Not a new session, will not register it again"); + eurephia_log(ctx, LOG_WARNING, 5, "Not a new session, will not register it again"); return 1; } @@ -524,7 +520,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, "VALUES (%i, %i, '%q','%q','%q','%q','%q', 1,'%q', CURRENT_TIMESTAMP)", uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not insert new session into openvpn_lastlog"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog"); return 0; } sqlite_free_results(res); @@ -541,7 +537,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha session->sessionkey, macaddr); if( macaddr == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "No MAC address was given to save"); + eurephia_log(ctx, LOG_FATAL, 0, "No MAC address was given to save"); return 0; } @@ -549,7 +545,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha res = sqlite_query(ctx, "INSERT INTO openvpn_macaddr_history (sessionkey, macaddr) VALUES ('%q','%q')", session->sessionkey, macaddr); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Failed to log new MAC address for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Failed to log new MAC address for session"); return 0; } sqlite_free_results(res); @@ -559,7 +555,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha "UPDATE openvpn_lastlog SET sessionstatus = 2, macaddr = '%q' " " WHERE sessionkey = '%q' AND sessionstatus = 1", macaddr, session->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with new MAC address for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new MAC address for session"); return 0; } @@ -567,7 +563,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha // Save the MAC address in the session values register - needed for the destroy session if( eDBset_session_value(ctx, session, "macaddr", macaddr) == 0 ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not save MAC address into session variables"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not save MAC address into session variables"); return 0; } @@ -592,7 +588,7 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, atoi_nullsafe(bytes_sent), atoi_nullsafe(bytes_received), atoi_nullsafe(duration), skey->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with logout information (%s)", + eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with logout information (%s)", skey->sessionkey); return 0; } @@ -611,7 +607,7 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { DEBUG(ctx, 10, "eDBget_sessionkey(ctx, '%s')", sessionseed); if( sessionseed == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBget_sessionkey: No session seed given - cannot locate sessionkey"); return NULL; } @@ -623,7 +619,7 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { " AND sessionseed = '%q'", sessionseed); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)", + eurephia_log(ctx, LOG_FATAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)", sessionseed); return NULL; } @@ -646,10 +642,10 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) { " FROM openvpn_sessions " " JOIN openvpn_lastlog USING (sessionkey)" " WHERE sessionstatus = 3 " - " AND datakey = 'macaddr' " + " AND datakey = 'macaddr'" " AND dataval = '%q'", macaddr); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not remove session from database (MAC addr: %s)", macaddr); return 0; } @@ -667,14 +663,16 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { DEBUG(ctx, 10, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); if( seskey == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBcheck_sessionkey_uniqness: Invalid session key given"); return 0; } - res = sqlite_query(ctx, "SELECT count(sessionkey) = 0 FROM openvpn_lastlog WHERE sessionkey = '%q'", seskey); + res = sqlite_query(ctx, + "SELECT count(sessionkey) = 0 " + "FROM openvpn_lastlog WHERE sessionkey = '%q'", seskey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBcheck_sessionkey_uniqness: Could not check uniqueness of sessionkey"); return 0; } @@ -690,16 +688,16 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske DEBUG(ctx, 10, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); if( (seed == NULL) || (seskey == NULL) ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBregister_sessionkey: Invalid session seed or session key given"); return 0; } - res = sqlite_query(ctx, + res = sqlite_query(ctx, "INSERT INTO openvpn_sessionkeys (sessionseed, sessionkey) VALUES('%q','%q')", seed, seskey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBregister_sessionkey: Error registering sessionkey into openvpn_sessionkeys"); return 0; } @@ -713,14 +711,14 @@ int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { DEBUG(ctx, 10, "eDBremove_sessionkey(ctx, '%s')", seskey); if( seskey == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBremove_sessionkey: Invalid session key given"); return 0; } res = sqlite_query(ctx, "DELETE FROM openvpn_sessionkeys WHERE sessionkey = '%q'", seskey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBremove_sessionkey: Error removing sessionkey from openvpn_sessionkeys"); return 0; } @@ -742,7 +740,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { sessvals = eCreate_value_space(ctx, 10); - res = sqlite_query(ctx, "SELECT datakey, dataval FROM openvpn_sessions WHERE sessionkey = '%q'", + res = sqlite_query(ctx, "SELECT datakey, dataval FROM openvpn_sessions WHERE sessionkey = '%q'", sesskey); if( (res != NULL) || (sqlite_get_numtuples(res) > 0) ) { for( i = 0; i < sqlite_get_numtuples(res); i++ ) { @@ -751,7 +749,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { sqlite_get_value(res, i, 1)); } } else { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not load session values for session '%s'", sesskey); } @@ -776,11 +774,11 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, switch( mode ) { case SESSVAL_NEW: - res = sqlite_query(ctx, + res = sqlite_query(ctx, "INSERT INTO openvpn_sessions (sessionkey, datakey, dataval) " "VALUES ('%q','%q','%q')", session->sessionkey, key, val); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not register new session variable into database: [%s] %s = %s", session->sessionkey, key, val); return 0; @@ -788,21 +786,24 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, break; case SESSVAL_UPDATE: - res = sqlite_query(ctx, + res = sqlite_query(ctx, "UPDATE openvpn_sessions SET dataval = '%q' " - " WHERE sessionkey = '%q' AND datakey = '%q'", val, session->sessionkey, key); + " WHERE sessionkey = '%q' AND datakey = '%q'", + val, session->sessionkey, key); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update session variable: [%s] %s = %s ", + eurephia_log(ctx, LOG_FATAL, 0, "Could not update session variable: [%s] %s = %s ", session->sessionkey, key, val); return 0; } break; case SESSVAL_DELETE: - res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q' AND datakey = '%q'", - session->sessionkey, key); + res = sqlite_query(ctx, + "DELETE FROM openvpn_sessions " + " WHERE sessionkey = '%q' AND datakey = '%q'", + session->sessionkey, key); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not delete session variable: [%s] %s", + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variable: [%s] %s", session->sessionkey, key); return 0; } @@ -810,7 +811,7 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, default: eurephia_log(ctx, LOG_FATAL, 0, "Unknown eDBstore_session_value mode '%i'", mode); - return 1; + return 0; } sqlite_free_results(res); return 1; @@ -829,12 +830,12 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { } // Update session status - res = sqlite_query(ctx, + res = sqlite_query(ctx, "UPDATE openvpn_lastlog " " SET sessionstatus = 4, session_deleted = CURRENT_TIMESTAMP " " WHERE sessionkey = '%q' AND sessionstatus = 3", session->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not update session status in lastlog (%s))", session->sessionkey); return 0; } @@ -843,7 +844,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { // Delete session variables res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'", session->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variables (%s))", session->sessionkey); return 0; } @@ -865,14 +866,14 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) DEBUG(ctx, 10, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", session->sessionkey); - res = sqlite_query(ctx, + res = sqlite_query(ctx, "SELECT fw_profile " " FROM openvpn_lastlog " " JOIN openvpn_usercerts USING(certid, uid)" " JOIN openvpn_accesses USING(accessprofile)" " WHERE sessionkey = '%q'", session->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not retrieve firewall profile for session '%s'", + eurephia_log(ctx, LOG_FATAL, 0, "Could not retrieve firewall profile for session '%s'", session->sessionkey); return NULL; } @@ -880,4 +881,3 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) sqlite_free_results(res); return ret; } - diff --git a/eurephia.c b/eurephia.c index 7eeb175..31ebe72 100644 --- a/eurephia.c +++ b/eurephia.c @@ -194,7 +194,7 @@ eurephiaCTX *eurephiaInit(const char **argv) eurephia_log(ctx, LOG_INFO, 0, "Loaded firewall interface: %s", fwintf); eFW_StartFirewall(ctx); } else { - eurephia_log(ctx, LOG_INFO, 0, "Loading of firewall interface failed (%s)", fwintf); + eurephia_log(ctx, LOG_FATAL, 0, "Loading of firewall interface failed (%s)", fwintf); ctx->eurephia_fw_intf = NULL; } } else { @@ -449,7 +449,7 @@ int eurephia_learn_address(eurephiaCTX *ctx, const char *mode, const char *macad fw_enabled = (eGet_value(ctx->dbc->config, "firewall_interface") != NULL); fwdest = eGet_value(ctx->dbc->config, "firewall_destination"); if( fw_enabled && (fwdest == NULL) ) { - eurephia_log(ctx, LOG_WARNING, 0, "No firewall destination defined in the config."); + eurephia_log(ctx, LOG_CRITICAL, 0, "No firewall destination defined in the config."); } if( strncmp(mode, "add", 3) == 0 ) { diff --git a/eurephia_getsym.c b/eurephia_getsym.c index fdf4cdc..2eb2efb 100644 --- a/eurephia_getsym.c +++ b/eurephia_getsym.c @@ -36,7 +36,7 @@ void *eGetSym(eurephiaCTX *ctx, void *dlh, const char *symnam) DEBUG(ctx, 13, "Locating eDBlink function '%s'", symnam); func = dlsym(dlh, symnam); if( func == NULL ) { - eurephia_log(ctx, LOG_ERROR, 1, "Could not find needed '%s' function in eDBlink driver", symnam); + eurephia_log(ctx, LOG_FATAL, 1, "Could not find needed '%s' function in eDBlink driver", symnam); ctx->fatal_error = 1; } return func; diff --git a/eurephia_values.c b/eurephia_values.c index 604ed3d..01f72f6 100644 --- a/eurephia_values.c +++ b/eurephia_values.c @@ -61,7 +61,7 @@ eurephiaVALUES *eCreate_value_space(eurephiaCTX *ctx, int evgid) ptr = (eurephiaVALUES *) malloc(sizeof(eurephiaVALUES) + 2); if( ptr == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not allocate memory for a new eurephiaVALUE struct"); + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for a new eurephiaVALUE struct"); return NULL; } memset(ptr, 0, sizeof(eurephiaVALUES) + 2); diff --git a/eurephiadb_session.c b/eurephiadb_session.c index 1c9b831..3819d83 100644 --- a/eurephiadb_session.c +++ b/eurephiadb_session.c @@ -65,7 +65,7 @@ int eDBset_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, const char if( session->sessvals == NULL ) { session->sessvals = eCreate_value_space(ctx, 10); if( session->sessvals == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not allocate memory for session values"); + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for session values"); return 0; } } @@ -147,7 +147,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, new_session = (eurephiaSESSION *) malloc(sizeof(eurephiaSESSION) + 2); if( new_session == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not allocate memory for a new session"); + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for a new session"); return NULL; } memset(new_session, 0, sizeof(eurephiaSESSION) + 2); @@ -159,7 +159,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, seeddata = (char *) malloc((totlen * 2) + 4); if( seeddata == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not allocate memory for a new session key (1)"); + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for a new session key (1)"); free_nullsafe(new_session); return NULL; } @@ -177,7 +177,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, seed = (char *) malloc((SHA512_HASH_SIZE*2)+3); if( seed == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not allocate memory for session seed"); + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for session seed"); free_nullsafe(seeddata); free_nullsafe(new_session); return NULL; @@ -208,7 +208,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, // Loop until we get a unique sessionkey - don't loop more than 10 times skeydata = (char *) malloc((totlen*2)+4); if( skeydata == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not allocate memory for new session key data"); + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for new session key data"); free_nullsafe(new_session->sessionkey); free_nullsafe(new_session); free_nullsafe(seeddata); @@ -223,7 +223,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, // Append some random data to our session seed rndstr = (char *) malloc((totlen * 2)); if( rndstr == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for new session key data (2)"); free_nullsafe(new_session->sessionkey); free_nullsafe(new_session); @@ -235,7 +235,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, rndlen = ((totlen * 2) - strlen_nullsafe(seed) - 2); if( !get_randstring(ctx, rndstr, rndlen) ) { - eurephia_log(ctx, LOG_FATAL, 0, + eurephia_log(ctx, LOG_PANIC, 0, "Could not generate enough random data for session key"); free_nullsafe(new_session->sessionkey); free_nullsafe(new_session); @@ -252,7 +252,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, free_nullsafe(new_session->sessionkey); new_session->sessionkey = (char *) malloc((SHA512_HASH_SIZE*2)+3); if( new_session->sessionkey == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for new session key"); free_nullsafe(new_session); free_nullsafe(seeddata); @@ -277,7 +277,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, // If we did not manage to create a unique session key (random data collection must have failed!) if( uniqcheck == 0 ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Did not manage to create a unique sessionkey after %i attempts", loop-1); free_nullsafe(new_session->sessionkey); free_nullsafe(new_session); @@ -318,7 +318,7 @@ eurephiaSESSION *eDBopen_session_macaddr(eurephiaCTX *ctx, const char *macaddr) new_session = (eurephiaSESSION *) malloc(sizeof(eurephiaSESSION) + 2); if( new_session == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not allocate memory for a new session"); + eurephia_log(ctx, LOG_PANIC, 0, "Could not allocate memory for a new session"); return NULL; } memset(new_session, 0, sizeof(eurephiaSESSION) + 2); diff --git a/eurephiafw.c b/eurephiafw.c index a84770c..01272e9 100644 --- a/eurephiafw.c +++ b/eurephiafw.c @@ -116,7 +116,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { (*ctx->fwcfg).thrdata.fw_command = strdup_nullsafe(eGet_value(ctx->dbc->config, "firewall_command")); if( (*ctx->fwcfg).thrdata.fw_command == NULL) { - eurephia_log(ctx, LOG_ERROR, 0, "Could not find firewall_command in configuration. " + eurephia_log(ctx, LOG_PANIC, 0, "Could not find firewall_command in configuration. " "Firewall updates will not be available."); return; } else { @@ -126,11 +126,11 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { fwdest = eGet_value(ctx->dbc->config, "firewall_destination"); if( fwdest == NULL ) { - eurephia_log(ctx, LOG_ERROR, 0, "Could not find firewall_destination in configuration. " + eurephia_log(ctx, LOG_PANIC, 0, "Could not find firewall_destination in configuration. " "Firewall updates will not be available."); return; } else { - eurephia_log(ctx, LOG_INFO, 1, "Using the %s chain for VPN accesses", fwdest); + eurephia_log(ctx, LOG_INFO, 1, "Using '%s' as firewall rule for VPN accesses", fwdest); } eurephia_log(ctx, LOG_INFO, 3, "Starting eurephia firewall interface"); @@ -152,7 +152,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { // Start a new process (should run with root permissions) - which will do the firewall work if( (ctx->fwcfg->fwproc_pid = fork()) < 0 ) { - eurephia_log(ctx, LOG_FATAL, 0, + eurephia_log(ctx, LOG_PANIC, 0, "Could not fork out a child process for the firewall interface (%s)", strerror(errno)); return; @@ -185,7 +185,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { } eurephia_log(ctx, LOG_INFO, 3, "Message queue for firewall updates is ready"); } else { - eurephia_log(ctx, LOG_WARNING, 0, "Could not retrieve message queue attributes (%s)", + eurephia_log(ctx, LOG_FATAL, 0, "Could not retrieve message queue attributes (%s)", strerror(errno)); } @@ -201,7 +201,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { memset(&buf, 0, 1026); snprintf(buf, 1024, "F %s", fwdest); if( mq_send((*ctx->fwcfg).thrdata.msgq, buf, strlen(buf)+1, 1) == -1 ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not request firewall flushing of the %s chain: %s", + eurephia_log(ctx, LOG_ERROR, 0, "Could not request firewall flushing of the %s chain: %s", fwdest, strerror(errno)); }; } @@ -214,7 +214,7 @@ void eFW_StopFirewall(eurephiaCTX *ctx) { return; } - eurephia_log(ctx, LOG_INFO, 3, "Stopping eurephia firewall interface"); + eurephia_log(ctx, LOG_INFO, 2, "Stopping eurephia firewall interface"); // Flush the firewall chain before shutting down, to make sure // we don't unintentionally some accesses open @@ -237,20 +237,20 @@ void eFW_StopFirewall(eurephiaCTX *ctx) { memset(&buf, 0, 520); snprintf(buf, 512, "FWSHUTDOWN%c", 0); if( mq_send((*ctx->fwcfg).thrdata.msgq, buf, 11, 1) == -1 ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not initiate shutdown on eFW module: %s", strerror(errno)); + eurephia_log(ctx, LOG_PANIC, 0, "Could not initiate shutdown on eFW module: %s", strerror(errno)); kill(ctx->fwcfg->fwproc_pid, SIGABRT); } // Wait for the firewall module process to finish if( waitpid(ctx->fwcfg->fwproc_pid, &childret, 0) != ctx->fwcfg->fwproc_pid ) { - eurephia_log(ctx, LOG_FATAL, 0, "Failed to wait for eFW module process to quit: %s", + eurephia_log(ctx, LOG_PANIC, 0, "Failed to wait for eFW module process to quit: %s", strerror(errno)); kill(ctx->fwcfg->fwproc_pid, SIGABRT); } free_nullsafe((*ctx->fwcfg).thrdata.fw_command); free_nullsafe(ctx->fwcfg); - eurephia_log(ctx, LOG_INFO, 3, "eurephia firewall interface is stopped"); + eurephia_log(ctx, LOG_INFO, 2, "eurephia firewall interface is stopped"); } @@ -259,7 +259,7 @@ int eFW_UpdateFirewall(eurephiaCTX *ctx, int mode, char buf[1026]; if( (*ctx->fwcfg).thrdata.fw_command == NULL ) { - eurephia_log(ctx, LOG_ERROR, 0, "Function call: eFW_UpdateFirewall() -- " + eurephia_log(ctx, LOG_FATAL, 0, "Function call: eFW_UpdateFirewall() -- " "firewall_command is not configured. Firewall rules was not updated."); return 0; } @@ -267,14 +267,14 @@ int eFW_UpdateFirewall(eurephiaCTX *ctx, int mode, memset(&buf, 0, 1026); switch( mode ) { case FWRULE_ADD: - eurephia_log(ctx, LOG_INFO, 1, "Function call: eFW_UpdateFirewall(ctx, %s, '%s', '%s', '%s')", + eurephia_log(ctx, LOG_INFO, 3, "Function call: eFW_UpdateFirewall(ctx, %s, '%s', '%s', '%s')", "ADD", macaddr, fwdest, fwprofile); snprintf(buf, 1024, "A %s %s %s", macaddr, fwdest, fwprofile); mq_send((*ctx->fwcfg).thrdata.msgq, buf, strlen(buf)+1, 1); return 1; case FWRULE_DELETE: - eurephia_log(ctx, LOG_INFO, 1, "Function call: eFW_UpdateFirewall(ctx, %s, '%s', '%s', '%s')", + eurephia_log(ctx, LOG_INFO, 3, "Function call: eFW_UpdateFirewall(ctx, %s, '%s', '%s', '%s')", "DELETE", macaddr, fwdest, fwprofile); snprintf(buf, 1024, "D %s %s %s", macaddr, fwdest, fwprofile); mq_send((*ctx->fwcfg).thrdata.msgq, buf, strlen(buf)+1, 1); diff --git a/eurephiafw_helpers.c b/eurephiafw_helpers.c index dd1ff52..ba6305d 100644 --- a/eurephiafw_helpers.c +++ b/eurephiafw_helpers.c @@ -52,13 +52,13 @@ int efwSetupSemaphores(eurephiaCTX *ctx, efw_threaddata *cfg) { int efwRemoveSemaphores(eurephiaCTX *ctx, efw_threaddata *cfg) { if( sem_close(cfg->semp_worker) != 0 ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_WARNING, 0, "eFW: Could not destroy semaphore for worker: %s", strerror(errno)); } sem_unlink(SEMPH_WORKER); if( sem_close(cfg->semp_master) != 0 ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_WARNING, 0, "eFW: Could not destroy semaphore for master: %s", strerror(errno)); } sem_unlink(SEMPH_MASTER); -- cgit From da003cfcee25fc4fb98a061893b44f0eb0f43a7c Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Sat, 4 Oct 2008 00:11:39 +0200 Subject: Log review - changed log levels for all DEBUG(...) calls --- database/eurephiadb-driver_template.c | 44 +++++++++++++++++------------------ database/sqlite/eurephiadb-sqlite.c | 44 +++++++++++++++++------------------ database/sqlite/sqlite.c | 2 +- eurephia.c | 24 +++++++++---------- eurephia_getsym.c | 4 ++-- eurephia_values.c | 6 ++--- eurephiadb.c | 2 +- eurephiadb_session.c | 33 +++++++++++++------------- eurephiafw.c | 6 ++--- firewall/iptables/efw_iptables.c | 12 +++++----- 10 files changed, 88 insertions(+), 89 deletions(-) diff --git a/database/eurephiadb-driver_template.c b/database/eurephiadb-driver_template.c index f640ee8..9e75d33 100644 --- a/database/eurephiadb-driver_template.c +++ b/database/eurephiadb-driver_template.c @@ -124,7 +124,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) * You are free to use whatever parameter syntax you would like to use. */ - DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '...')", argc, dbame); + DEBUG(ctx, 20, "Function call: eDBconnect(ctx, %i, '...')", argc, dbame); // Connect to the database dbc = (eDBconn *) malloc(sizeof(eDBconn)+2); @@ -178,7 +178,7 @@ void eDBdisconnect(eurephiaCTX *ctx) { eDBconn *dbc = NULL; - DEBUG(ctx, 10, "Function call: eDBdisconnect(ctx)"); + DEBUG(ctx, 20, "Function call: eDBdisconnect(ctx)"); if( ctx->dbc == NULL ) { eurephia_log(ctx, LOG_WARNING, 0, "Database not open, cannot close database."); @@ -209,7 +209,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char int certid = 0; char *blid = NULL; - DEBUG(ctx, 10, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", + DEBUG(ctx, 20, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", org, cname, email, digest, depth); // Check if certificate is valid, and not too many attempts has been tried with the given certificate @@ -251,7 +251,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char eurephia_log(ctx, LOG_FATAL, 0, "Could not look up certificate information"); } - DEBUG(ctx, 10, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i", + DEBUG(ctx, 20, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i", org, cname, email, digest, depth, certid); return certid; @@ -264,7 +264,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const char *crpwd = NULL, *activated = NULL, *deactivated = NULL, *blid_uname = NULL, *blid_cert; int uicid = 0, uid = 0, pwdok = 0; - DEBUG(ctx, 10, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username); + DEBUG(ctx, 20, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username); // Generate SHA1 hash of password, used for password auth @@ -334,7 +334,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const } /* FREE SQL RESULT */ - DEBUG(ctx, 10, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i", + DEBUG(ctx, 20, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i", certid, username, uicid); return uicid; @@ -345,7 +345,7 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username) { int ret = 0; - DEBUG(ctx, 10, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); + DEBUG(ctx, 20, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); /* WORK TO DO -- DO SQL: "SELECT uid " @@ -372,7 +372,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) int atpexceed = -1, blacklisted = 0; char *atpid = NULL, *blid = NULL; - DEBUG(ctx, 10, "Function call: eDBblacklist_check(ctx, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBblacklist_check(ctx, '%s', '%s')", eDBattempt_types[type].descr, val); /* WORK TO DO -- DO SQL: @@ -436,7 +436,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) } free_nullsafe(blid); - DEBUG(ctx, 10, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i", + DEBUG(ctx, 20, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i", eDBattempt_types[type].descr, val, blacklisted); return blacklisted; @@ -448,7 +448,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value char *id = NULL, *atmpt_block = NULL, *blid = NULL; int attempts = 0; - DEBUG(ctx, 10, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')", + DEBUG(ctx, 20, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')", eDBattempt_types[type].colname, (mode == ATTEMPT_RESET ? "ATTEMPT_RESET" : "ATTEMPT_REGISTER"), value); @@ -550,7 +550,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, const char *proto, const char *remipaddr, const char *remport, const char *vpnipaddr, const char *vpnipmask) { - DEBUG(ctx, 10, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", + DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); if( skey->sessionstatus != SESSION_NEW ) { @@ -579,7 +579,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const char *macaddr) { - DEBUG(ctx, 10, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", session->sessionkey, macaddr); if( macaddr == NULL ) { @@ -623,7 +623,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, const char *bytes_sent, const char *bytes_received, const char *duration) { - DEBUG(ctx, 10, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", + DEBUG(ctx, 20, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", skey->sessionkey, bytes_sent, bytes_received); /* WORK TO DO -- DO SQL: @@ -651,7 +651,7 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { char *skey = NULL; - DEBUG(ctx, 10, "eDBget_sessionkey(ctx, '%s')", sessionseed); + DEBUG(ctx, 20, "eDBget_sessionkey(ctx, '%s')", sessionseed); if( sessionseed == NULL ) { eurephia_log(ctx, LOG_FATAL, 1, @@ -711,7 +711,7 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) { int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { int uniq = 0; - DEBUG(ctx, 10, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); + DEBUG(ctx, 20, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); if( seskey == NULL ) { eurephia_log(ctx, LOG_FATAL, 1, "eDBcheck_sessionkey_uniqness: Invalid session key given"); @@ -736,7 +736,7 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { // register a link between a short-term session seed and a long-term session key int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seskey) { - DEBUG(ctx, 10, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); + DEBUG(ctx, 20, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); if( (seed == NULL) || (seskey == NULL) ) { eurephia_log(ctx, LOG_FATAL, 1, "eDBregister_sessionkey: Invalid session seed or session key given"); @@ -759,7 +759,7 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske // remove a session seed/session key link from openvpn_sessionkeys int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { - DEBUG(ctx, 10, "eDBremove_sessionkey(ctx, '%s')", seskey); + DEBUG(ctx, 20, "eDBremove_sessionkey(ctx, '%s')", seskey); if( seskey == NULL ) { eurephia_log(ctx, LOG_FATAL, 1, "eDBremove_sessionkey: Invalid session key given"); @@ -788,7 +788,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { return NULL; } - DEBUG(ctx, 10, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey); + DEBUG(ctx, 20, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey); sessvals = eCreate_value_space(ctx, 10); @@ -817,12 +817,12 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, { if( session == NULL ) { - DEBUG(ctx, 10, + DEBUG(ctx, 20, "Function call failed to eDBstore_session_value(ctx, ...): Non-existing session key"); return 0; } - DEBUG(ctx, 10, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')", session->sessionkey, mode, key, val); switch( mode ) { @@ -880,7 +880,7 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, // Delete session information from openvpn_sessions and update openvpn_lastlog with status int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { - DEBUG(ctx, 10, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); + DEBUG(ctx, 20, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); if( (session == NULL) || (session->sessionkey == NULL) ) { eurephia_log(ctx, LOG_ERROR, 1, "No active session given to be destroyed"); @@ -925,7 +925,7 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) { char *ret = NULL; - DEBUG(ctx, 10, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", + DEBUG(ctx, 20, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", session->sessionkey); /* WORK TO DO -- DO SQL: diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c index bdfbea5..03cff02 100644 --- a/database/sqlite/eurephiadb-sqlite.c +++ b/database/sqlite/eurephiadb-sqlite.c @@ -102,7 +102,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) dbresult *res = NULL; int rc; - DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]); + DEBUG(ctx, 20, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]); if( (argc != 1) || (argv[0] == NULL) || (strlen(argv[0]) < 1) ) { eurephia_log(ctx, LOG_PANIC, 0, "Wrong parameters to dblink-sqlite. Cannot open database."); @@ -154,7 +154,7 @@ void eDBdisconnect(eurephiaCTX *ctx) { eDBconn *dbc = NULL; - DEBUG(ctx, 10, "Function call: eDBdisconnect(ctx)"); + DEBUG(ctx, 20, "Function call: eDBdisconnect(ctx)"); if( ctx->dbc == NULL ) { eurephia_log(ctx, LOG_WARNING, 0, "Database not open, cannot close database."); @@ -185,7 +185,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char int certid = 0; char *blid = NULL; - DEBUG(ctx, 10, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", + DEBUG(ctx, 20, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", org, cname, email, digest, depth); // Check if certificate is valid, and not too many attempts has been tried with the given certificate @@ -226,7 +226,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char eurephia_log(ctx, LOG_FATAL, 0, "Could not look up certificate information"); } - DEBUG(ctx, 10, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i", + DEBUG(ctx, 20, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i", org, cname, email, digest, depth, certid); return certid; @@ -240,7 +240,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const char *crpwd = NULL, *activated = NULL, *deactivated = NULL, *blid_uname = NULL, *blid_cert; int uicid = 0, uid = 0, pwdok = 0; - DEBUG(ctx, 10, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username); + DEBUG(ctx, 20, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username); // Generate SHA1 hash of password, used for password auth @@ -305,7 +305,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const } sqlite_free_results(res); - DEBUG(ctx, 10, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i", + DEBUG(ctx, 20, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i", certid, username, uicid); return uicid; @@ -317,7 +317,7 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username) dbresult *res = NULL; int ret = 0; - DEBUG(ctx, 10, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); + DEBUG(ctx, 20, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); res = sqlite_query(ctx, "SELECT uid " @@ -344,7 +344,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) int atpexceed = -1, blacklisted = 0; char *atpid = NULL, *blid = NULL; - DEBUG(ctx, 10, "Function call: eDBblacklist_check(ctx, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBblacklist_check(ctx, '%s', '%s')", eDBattempt_types[type].descr, val); blr = sqlite_query(ctx, "SELECT blid FROM openvpn_blacklist WHERE %s = '%q'", @@ -404,7 +404,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) } free_nullsafe(blid); - DEBUG(ctx, 10, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i", + DEBUG(ctx, 20, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i", eDBattempt_types[type].descr, val, blacklisted); return blacklisted; @@ -416,7 +416,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value char *id = NULL, *atmpt_block = NULL, *blid = NULL; int attempts = 0; - DEBUG(ctx, 10, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')", + DEBUG(ctx, 20, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')", eDBattempt_types[type].colname, (mode == ATTEMPT_RESET ? "ATTEMPT_RESET" : "ATTEMPT_REGISTER"), value); @@ -504,7 +504,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, { dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", + DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); if( skey->sessionstatus != SESSION_NEW ) { @@ -533,7 +533,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha { dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", session->sessionkey, macaddr); if( macaddr == NULL ) { @@ -577,7 +577,7 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, { dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", + DEBUG(ctx, 20, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", skey->sessionkey, bytes_sent, bytes_received); res = sqlite_query(ctx, @@ -604,7 +604,7 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { dbresult *res = NULL; char *skey = NULL; - DEBUG(ctx, 10, "eDBget_sessionkey(ctx, '%s')", sessionseed); + DEBUG(ctx, 20, "eDBget_sessionkey(ctx, '%s')", sessionseed); if( sessionseed == NULL ) { eurephia_log(ctx, LOG_FATAL, 1, @@ -661,7 +661,7 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { dbresult *res; int uniq = 0; - DEBUG(ctx, 10, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); + DEBUG(ctx, 20, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); if( seskey == NULL ) { eurephia_log(ctx, LOG_FATAL, 1, "eDBcheck_sessionkey_uniqness: Invalid session key given"); @@ -686,7 +686,7 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seskey) { dbresult *res; - DEBUG(ctx, 10, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); + DEBUG(ctx, 20, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); if( (seed == NULL) || (seskey == NULL) ) { eurephia_log(ctx, LOG_FATAL, 1, "eDBregister_sessionkey: Invalid session seed or session key given"); @@ -709,7 +709,7 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { dbresult *res; - DEBUG(ctx, 10, "eDBremove_sessionkey(ctx, '%s')", seskey); + DEBUG(ctx, 20, "eDBremove_sessionkey(ctx, '%s')", seskey); if( seskey == NULL ) { eurephia_log(ctx, LOG_FATAL, 1, "eDBremove_sessionkey: Invalid session key given"); @@ -736,7 +736,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { return NULL; } - DEBUG(ctx, 10, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey); + DEBUG(ctx, 20, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey); sessvals = eCreate_value_space(ctx, 10); @@ -764,12 +764,12 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, dbresult *res = NULL; if( session == NULL ) { - DEBUG(ctx, 10, + DEBUG(ctx, 20, "Function call failed to eDBstore_session_value(ctx, ...): Non-existing session key"); return 0; } - DEBUG(ctx, 10, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')", session->sessionkey, mode, key, val); switch( mode ) { @@ -822,7 +822,7 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); + DEBUG(ctx, 20, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); if( (session == NULL) || (session->sessionkey == NULL) ) { eurephia_log(ctx, LOG_ERROR, 1, "No active session given to be destroyed"); @@ -863,7 +863,7 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) char *ret = NULL; dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", + DEBUG(ctx, 20, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", session->sessionkey); res = sqlite_query(ctx, diff --git a/database/sqlite/sqlite.c b/database/sqlite/sqlite.c index 1a97793..85b41de 100644 --- a/database/sqlite/sqlite.c +++ b/database/sqlite/sqlite.c @@ -218,7 +218,7 @@ dbresult *sqlite_query(eurephiaCTX *ctx, char *fmt, ... ) { sql = sqlite3_vmprintf(fmt, ap); va_end(ap); - DEBUG(ctx, 11, "Doing SQL Query: %s", sql); + DEBUG(ctx, 25, "Doing SQL Query: %s", sql); rc = sqlite3_exec( (sqlite3 *) dbc->dbhandle, sql, _cb_parse_result, 0, &errMsg ); if( rc != SQLITE_OK ) { eurephia_log(ctx, LOG_ERROR, 0, "SQL Error: %s", errMsg); diff --git a/eurephia.c b/eurephia.c index 31ebe72..82aa183 100644 --- a/eurephia.c +++ b/eurephia.c @@ -59,7 +59,7 @@ const char *get_env(eurephiaCTX *ctx, int logmasking, const char *envp[], const do_mask = logmasking; #endif if( ctx != NULL ) { - DEBUG(ctx, 23, "Function call: get_env(envp, '%s') == '%s'", + DEBUG(ctx, 30, "Function call: get_env(envp, '%s') == '%s'", key, (do_mask == 0 ? cp + 1 : "xxxxxxxxxxxxxx")); } #endif @@ -69,7 +69,7 @@ const char *get_env(eurephiaCTX *ctx, int logmasking, const char *envp[], const } } if( ctx != NULL ) { - DEBUG(ctx, 23, "Function call: get_env(envp, '%s') -- environment variable not found", + DEBUG(ctx, 15, "Function call: get_env(envp, '%s') -- environment variable not found", key); } va_end(ap); @@ -251,7 +251,7 @@ int eurephia_tlsverify(eurephiaCTX *ctx, const char **env, const char *depth) char *tls_digest, *tls_id; certinfo *ci = NULL; - DEBUG(ctx, 21, "** Function call: eurephia_tlsverify(...)"); + DEBUG(ctx, 10, "** Function call: eurephia_tlsverify(...)"); // Check if IP address is blacklisted ipaddr = (char *) get_env(ctx, 0, env, "untrusted_ip"); @@ -282,7 +282,7 @@ int eurephia_tlsverify(eurephiaCTX *ctx, const char **env, const char *depth) // Reset attempt counter for certificate if it is okey eDBregister_attempt(ctx, attempt_CERTIFICATE, ATTEMPT_RESET, tls_digest); } - DEBUG(ctx, 21, "** Function result: eurephia_tlsverify(...) == %i", result > 0); + DEBUG(ctx, 10, "** Function result: eurephia_tlsverify(...) == %i", result > 0); return (result > 0); } @@ -295,7 +295,7 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env) char *tls_digest, *tls_id, *username, *passwd; certinfo *ci = NULL; - DEBUG(ctx, 21, "** Function call: eurephia_userauth(...)"); + DEBUG(ctx, 10, "** Function call: eurephia_userauth(...)"); // Check if IP address is blacklisted @@ -351,7 +351,7 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env) eDBregister_attempt(ctx, attempt_CERTIFICATE, ATTEMPT_RESET, tls_digest); eDBregister_attempt(ctx, attempt_USERNAME, ATTEMPT_RESET, username); } - DEBUG(ctx, 21, "** Function result: eurephia_userauth(...) = %i", (result>0)); + DEBUG(ctx, 10, "** Function result: eurephia_userauth(...) = %i", (result>0)); return (result > 0); } @@ -362,7 +362,7 @@ int eurephia_connect(eurephiaCTX *ctx, const char **env) { int certid = 0, uid = 0, ret = 0; certinfo *ci = NULL; - DEBUG(ctx, 21, "** Function call: eurephia_connect(...)"); + DEBUG(ctx, 10, "** Function call: eurephia_connect(...)"); // Fetch needed info digest = get_env(ctx, 0, env, "tls_digest_0"); @@ -396,7 +396,7 @@ int eurephia_connect(eurephiaCTX *ctx, const char **env) { ret = eDBregister_login(ctx, session, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); eDBfree_session(ctx, session); - DEBUG(ctx, 21, "** Function result: eurephia_connect(...) = %i", ret); + DEBUG(ctx, 10, "** Function result: eurephia_connect(...) = %i", ret); return ret; } @@ -407,7 +407,7 @@ int eurephia_disconnect(eurephiaCTX *ctx, const char **env) { const char *bytes_sent, *bytes_rec, *duration; int ret = 0; - DEBUG(ctx, 21, "** Function call: eurephia_disconnect(...)"); + DEBUG(ctx, 10, "** Function call: eurephia_disconnect(...)"); // Fetch needed info digest = get_env(ctx, 0, env, "tls_digest_0"); @@ -431,7 +431,7 @@ int eurephia_disconnect(eurephiaCTX *ctx, const char **env) { ret = eDBregister_logout(ctx, session, bytes_sent, bytes_rec, duration); eDBfree_session(ctx, session); - DEBUG(ctx, 21, "** Function result: eurephia_disconnect(...) = %i", ret); + DEBUG(ctx, 10, "** Function result: eurephia_disconnect(...) = %i", ret); return ret; } @@ -442,7 +442,7 @@ int eurephia_learn_address(eurephiaCTX *ctx, const char *mode, const char *macad char *fwprofile = NULL, *fwdest = NULL; int ret = 0, fw_enabled = 0; - DEBUG(ctx, 21, "** Function call: eurephia_learn_address(ctx, '%s', '%s', ...)", + DEBUG(ctx, 10, "** Function call: eurephia_learn_address(ctx, '%s', '%s', ...)", mode, macaddr); // Get firewall information @@ -508,7 +508,7 @@ int eurephia_learn_address(eurephiaCTX *ctx, const char *mode, const char *macad } exit: - DEBUG(ctx, 21, "** Function result: eurephia_learn_address(ctx, '%s', '%s', ...) = %i", + DEBUG(ctx, 10, "** Function result: eurephia_learn_address(ctx, '%s', '%s', ...) = %i", mode, macaddr, ret); return ret; diff --git a/eurephia_getsym.c b/eurephia_getsym.c index 2eb2efb..e12221f 100644 --- a/eurephia_getsym.c +++ b/eurephia_getsym.c @@ -33,10 +33,10 @@ void *eGetSym(eurephiaCTX *ctx, void *dlh, const char *symnam) return NULL; } - DEBUG(ctx, 13, "Locating eDBlink function '%s'", symnam); + DEBUG(ctx, 30, "Locating eDBlink function '%s'", symnam); func = dlsym(dlh, symnam); if( func == NULL ) { - eurephia_log(ctx, LOG_FATAL, 1, "Could not find needed '%s' function in eDBlink driver", symnam); + eurephia_log(ctx, LOG_PANIC, 0, "Could not find needed '%s' function in eDBlink driver", symnam); ctx->fatal_error = 1; } return func; diff --git a/eurephia_values.c b/eurephia_values.c index 01f72f6..0b47374 100644 --- a/eurephia_values.c +++ b/eurephia_values.c @@ -57,7 +57,7 @@ eurephiaVALUES *eCreate_value_space(eurephiaCTX *ctx, int evgid) { eurephiaVALUES *ptr = NULL; - DEBUG(ctx, 12, "Function call: eCreate_value_space(ctx, %i)", evgid); + DEBUG(ctx, 32, "Function call: eCreate_value_space(ctx, %i)", evgid); ptr = (eurephiaVALUES *) malloc(sizeof(eurephiaVALUES) + 2); if( ptr == NULL ) { @@ -75,7 +75,7 @@ void eAdd_value(eurephiaCTX *ctx, eurephiaVALUES *vls, const char *key, const ch eurephiaVALUES *ptr = NULL, *ptr2 = NULL; int vid = 0; - DEBUG(ctx, 12, "Function call: eAdd_value(ctx, vls(%i), '%s', '%s')", + DEBUG(ctx, 31, "Function call: eAdd_value(ctx, vls(%i), '%s', '%s')", (vls != NULL ? vls->evid : -1), key, val); // Allocate buffer and safe values @@ -109,7 +109,7 @@ void do_free_vals(eurephiaVALUES *vls) { } void eFree_values_func(eurephiaCTX *ctx, eurephiaVALUES *vls) { - DEBUG(ctx, 12, "Function call: eFree_values(ctx, vls(%i))", + DEBUG(ctx, 31, "Function call: eFree_values(ctx, vls(%i))", (vls != NULL ? vls->evid : -1)); if( (vls == NULL) ) { diff --git a/eurephiadb.c b/eurephiadb.c index 3e895b3..6bc63cc 100644 --- a/eurephiadb.c +++ b/eurephiadb.c @@ -41,7 +41,7 @@ int eDBlink_close(eurephiaCTX *ctx) return 1; } - DEBUG(ctx, 2, "Unloading eurephiaDB driver"); + eurephia_log(ctx, LOG_INFO, 3, "Unloading eurephiaDB driver"); if( ctx->eurephia_driver != NULL ) { dlclose(ctx->eurephia_driver); ctx->eurephia_driver = NULL; diff --git a/eurephiadb_session.c b/eurephiadb_session.c index 3819d83..927f3ff 100644 --- a/eurephiadb_session.c +++ b/eurephiadb_session.c @@ -58,7 +58,7 @@ int eDBset_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, const char return 0; } - DEBUG(ctx, 10, "Function call: eDBset_session_value(ctx, '%s','%s','%s')", + DEBUG(ctx, 30, "Function call: eDBset_session_value(ctx, '%s','%s','%s')", session->sessionkey, key, val); // Create a new session value buffer if it does not exist @@ -73,20 +73,20 @@ int eDBset_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, const char // Check if the session value exists already. If it does update it, or else add it svals = eGet_valuestruct(session->sessvals, key); if( (svals == NULL) && (val != NULL) ) { - DEBUG(ctx, 23, "eDBset_session_value ... New session value: %s = '%s'", key, val); + DEBUG(ctx, 32, "eDBset_session_value ... New session value: %s = '%s'", key, val); // Add a new session value if( eDBstore_session_value(ctx, session, SESSVAL_NEW, key, val) ) { - DEBUG(ctx, 23, "eDBset_session_value ... Adding value to value stack: %s = '%s'", + DEBUG(ctx, 32, "eDBset_session_value ... Adding value to value stack: %s = '%s'", key, val); // Add value to the stack eAdd_value(ctx, session->sessvals, key, val); - DEBUG(ctx, 11, "Registered session variable to session '%s': %s = %s", + DEBUG(ctx, 32, "Registered session variable to session '%s': %s = %s", session->sessionkey, key, val); } } else if( svals != NULL ) { if( (val != NULL) && (strcmp(svals->val, val) == 0) ) { - DEBUG(ctx, 11, "Session value not changed('%s','%s','%s)", + DEBUG(ctx, 32, "Session value not changed('%s','%s','%s)", session->sessionkey, key, val); return 1; } @@ -94,11 +94,11 @@ int eDBset_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, const char if( eDBstore_session_value(ctx, session,(val != NULL ? SESSVAL_UPDATE : SESSVAL_DELETE), key,val)){ free_nullsafe(svals->val); svals->val = strdup_nullsafe(val); - DEBUG(ctx, 11, "Session variable updated in session '%s': %s = %s", + DEBUG(ctx, 32, "Session variable updated in session '%s': %s = %s", session->sessionkey, key, val); } } else if( (svals == NULL) && (val == NULL ) ) { - DEBUG(ctx, 11, "Ignoring saving new session value '%s' == NULL", key); + DEBUG(ctx, 32, "Ignoring saving new session value '%s' == NULL", key); } return 1; } @@ -111,7 +111,7 @@ int get_randstring(eurephiaCTX *ctx, char *rndstr, int len) { do { if( !rand_init ) { if( !RAND_load_file("/dev/urandom", 64) ) { - DEBUG(ctx, 5, "Could not load random data from /dev/urandom"); + eurehpia_log(ctx, LOG_FATAL, 0, "Could not load random data from /dev/urandom"); return 0; } rand_init = 1; @@ -123,7 +123,7 @@ int get_randstring(eurephiaCTX *ctx, char *rndstr, int len) { sleep(1); rand_init = 0; } while( attempts++ < 11 ); - DEBUG(ctx, 5, "RAND_pseudo_bytes() could not generate enough random data"); + eurephia_log(ctx, LOG_FATAL, 0, "RAND_pseudo_bytes() could not generate enough random data"); return 0; } @@ -142,7 +142,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, uint8_t sha_res[SHA512_HASH_SIZE]; int totlen = 0, i = 0; - DEBUG(ctx, 10, "Function call: eDBopen_session_seed(ctx, '%s', '%s', '%s', '%s', '%s', '%s', '%s')", + DEBUG(ctx, 12, "Function call: eDBopen_session_seed(ctx, '%s', '%s', '%s', '%s', '%s', '%s', '%s')", digest, cname, username, vpnipaddr, vpnipmask, remipaddr, remport); new_session = (eurephiaSESSION *) malloc(sizeof(eurephiaSESSION) + 2); @@ -192,7 +192,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, memset(&sha, 0, sizeof(SHA512Context)); memset(&sha_res, 0, sizeof(sha_res)); - DEBUG(ctx, 12, "Using session seed '%s'", seed); + DEBUG(ctx, 13, "Using session seed '%s'", seed); // Try to retrieve the sessionkey from the database, based on the session seed new_session->sessionkey = eDBget_sessionkey_seed(ctx, seed); @@ -203,7 +203,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, char *skeydata = NULL; int loop = 0, uniqcheck = 0; - DEBUG(ctx, 12, "Unknown session seed, creating new session key"); + DEBUG(ctx, 13, "Unknown session seed, creating new session key"); // Loop until we get a unique sessionkey - don't loop more than 10 times skeydata = (char *) malloc((totlen*2)+4); @@ -298,7 +298,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, new_session->sessionstatus = SESSION_NEW; } else { new_session->sessionstatus = SESSION_EXISTING; - DEBUG(ctx, 12, "Session seed found, using sessionkey '%s'", new_session->sessionkey); + DEBUG(ctx, 13, "Session seed found, using sessionkey '%s'", new_session->sessionkey); } free_nullsafe(seed); free_nullsafe(seeddata); @@ -314,7 +314,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, eurephiaSESSION *eDBopen_session_macaddr(eurephiaCTX *ctx, const char *macaddr) { eurephiaSESSION *new_session = NULL; - DEBUG(ctx, 10, "Function call: eDBopen_session_mac(ctx, '%s')", macaddr); + DEBUG(ctx, 12, "Function call: eDBopen_session_mac(ctx, '%s')", macaddr); new_session = (eurephiaSESSION *) malloc(sizeof(eurephiaSESSION) + 2); if( new_session == NULL ) { @@ -331,6 +331,7 @@ eurephiaSESSION *eDBopen_session_macaddr(eurephiaCTX *ctx, const char *macaddr) free_nullsafe(new_session); return NULL; } + DEBUG(ctx, 13, "Session seed found, using sessionkey '%s'", new_session->sessionkey); // Load session values from the database new_session->sessvals = eDBload_sessiondata(ctx, new_session->sessionkey); @@ -345,10 +346,8 @@ void eDBfree_session_func(eurephiaCTX *ctx, eurephiaSESSION *session) { if( session == NULL ) { return; } - DEBUG(ctx, 20, "Function call: eDBfree_session(ctx, '%s')", session->sessionkey); + DEBUG(ctx, 12, "Function call: eDBfree_session(ctx, '%s')", session->sessionkey); eFree_values(ctx, session->sessvals); free_nullsafe(session->sessionkey); free_nullsafe(session); } - - diff --git a/eurephiafw.c b/eurephiafw.c index 01272e9..ee4949b 100644 --- a/eurephiafw.c +++ b/eurephiafw.c @@ -44,7 +44,7 @@ int eFW_unload(eurephiaCTX *ctx) { } if( ctx->eurephia_fw_intf != NULL ) { - DEBUG(ctx, 2, "Unloading eurephia firewall interface"); + eurephia_log(ctx, LOG_INFO, 3, "Unloading eurephia firewall interface"); dlclose(ctx->eurephia_fw_intf); ctx->eurephia_fw_intf = NULL; return 0; @@ -179,7 +179,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { "Error while emptying messages from queue: %s", strerror(errno)); } else { - DEBUG(ctx, 22, "Removed message on queue: %s", buf); + DEBUG(ctx, 28, "Removed message on queue: %s", buf); } } } @@ -193,7 +193,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { sem_post(ctx->fwcfg->thrdata.semp_master); // Waiting for the FW module to get ready - DEBUG(ctx, 20, "eFW master is ready, waiting for the eFW worker to get ready"); + DEBUG(ctx, 28, "eFW master is ready, waiting for the eFW worker to get ready"); sem_wait(ctx->fwcfg->thrdata.semp_worker); eurephia_log(ctx, LOG_INFO, 2, "eFW interface initialised."); diff --git a/firewall/iptables/efw_iptables.c b/firewall/iptables/efw_iptables.c index 343df9a..9faad54 100644 --- a/firewall/iptables/efw_iptables.c +++ b/firewall/iptables/efw_iptables.c @@ -51,9 +51,9 @@ void eFW_RunFirewall(void *fwargs) { unsigned int prio; char buf[EFW_MSG_SIZE+2]; - DEBUG(ctx, 22, "eFW_RunFirewall: Waiting for eFW master to get ready"); + DEBUG(ctx, 28, "eFW_RunFirewall: Waiting for eFW master to get ready"); sem_wait(cfg->semp_master); - DEBUG(ctx, 22, "eFW_RunFirewall: Telling eFW master that the worker process is ready"); + DEBUG(ctx, 28, "eFW_RunFirewall: Telling eFW master that the worker process is ready"); sem_post(cfg->semp_worker); if( cfg->fw_command == NULL ) { @@ -76,7 +76,7 @@ void eFW_RunFirewall(void *fwargs) { if( !quit ) { int res = 0; - DEBUG(ctx, 23, "eFW_RunFirewall: Received '%s'", buf); + DEBUG(ctx, 20, "eFW_RunFirewall: Received '%s'", buf); res = process_input(ctx, cfg->fw_command, buf); if( ! res ) { @@ -102,7 +102,7 @@ int process_input(eurephiaCTX *ctx, const char *fwcmd, const char *input) { orig_msg = strdup_nullsafe(input); msg = orig_msg; - DEBUG(ctx, 23, "eFW_RunFirewall::process_input(ctx, '%s')", msg); + DEBUG(ctx, 36, "eFW_RunFirewall::process_input(ctx, '%s')", msg); // // Simple parsing of the input string @@ -148,7 +148,7 @@ int process_input(eurephiaCTX *ctx, const char *fwcmd, const char *input) { iptables_args[8] = jump; iptables_args[9] = NULL; - eurephia_log(ctx, LOG_INFO, 2, "eFW_RunFirewall - updating iptables rules " + eurephia_log(ctx, LOG_INFO, 3, "eFW_RunFirewall - updating iptables rules " "==> mode: %s macaddr: '%s' destchain: '%s' jump: '%s'", (mode[1] == 'A' ? "ADD":"DELETE"), macaddr, destchain, jump); break; @@ -157,7 +157,7 @@ int process_input(eurephiaCTX *ctx, const char *fwcmd, const char *input) { destchain = msg; iptables_args[2] = destchain; - eurephia_log(ctx, LOG_INFO, 2, "eFW_RunFirewall - updating iptables rules " + eurephia_log(ctx, LOG_INFO, 3, "eFW_RunFirewall - updating iptables rules " "==> mode: FLUSH destchain: '%s'", destchain); break; -- cgit From 3eb6c07909584422900e42787c48874168afba4e Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Sat, 4 Oct 2008 00:23:23 +0200 Subject: Log review - last round for now. Recategorised a few errors and warnings. --- database/eurephiadb-driver_template.c | 4 ++-- database/sqlite/eurephiadb-sqlite.c | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/database/eurephiadb-driver_template.c b/database/eurephiadb-driver_template.c index 9e75d33..fc67510 100644 --- a/database/eurephiadb-driver_template.c +++ b/database/eurephiadb-driver_template.c @@ -554,7 +554,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); if( skey->sessionstatus != SESSION_NEW ) { - eurephia_log(ctx, LOG_WARNING, 5, "Not a new session, will not register it again"); + eurephia_log(ctx, LOG_ERROR, 5, "Not a new session, will not register it again"); return 1; } @@ -883,7 +883,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { DEBUG(ctx, 20, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); if( (session == NULL) || (session->sessionkey == NULL) ) { - eurephia_log(ctx, LOG_ERROR, 1, "No active session given to be destroyed"); + eurephia_log(ctx, LOG_WARNING, 1, "No active session given to be destroyed"); return 1; } diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c index 03cff02..8fcbd65 100644 --- a/database/sqlite/eurephiadb-sqlite.c +++ b/database/sqlite/eurephiadb-sqlite.c @@ -105,7 +105,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) DEBUG(ctx, 20, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]); if( (argc != 1) || (argv[0] == NULL) || (strlen(argv[0]) < 1) ) { - eurephia_log(ctx, LOG_PANIC, 0, "Wrong parameters to dblink-sqlite. Cannot open database."); + eurephia_log(ctx, LOG_PANIC, 0, "Wrong parameters to eurephiadb-sqlite. Cannot open database."); return 0; } @@ -508,7 +508,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); if( skey->sessionstatus != SESSION_NEW ) { - eurephia_log(ctx, LOG_WARNING, 5, "Not a new session, will not register it again"); + eurephia_log(ctx, LOG_ERROR, 5, "Not a new session, will not register it again"); return 1; } @@ -825,7 +825,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { DEBUG(ctx, 20, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); if( (session == NULL) || (session->sessionkey == NULL) ) { - eurephia_log(ctx, LOG_ERROR, 1, "No active session given to be destroyed"); + eurephia_log(ctx, LOG_WARNING, 1, "No active session given to be destroyed"); return 1; } -- cgit From db82a5db49a17e26f87a2779b62707983abd44f3 Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Sat, 4 Oct 2008 00:24:29 +0200 Subject: Updated TODO --- TODO | 2 -- TODO.done | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/TODO b/TODO index 57acbf5..c13e630 100644 --- a/TODO +++ b/TODO @@ -2,8 +2,6 @@ ** beta_0.9 requirements ** -* Go through all log statements, make sure log type and log level is sane - ** ** Release 1.0 requirements ** diff --git a/TODO.done b/TODO.done index e5a70cb..a3d54e6 100644 --- a/TODO.done +++ b/TODO.done @@ -1,3 +1,5 @@ +* Go through all log statements, make sure log type and log level is sane + * Add pthread mutex locking in eurephia_log(...) [beta_0.9 req] * Make new eurephiadb-driver_template.c - template for creating db driver (DONE) -- cgit