diff options
author | Steffan Karger <steffan@karger.me> | 2015-03-08 11:20:04 +0100 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2015-10-06 13:09:31 +0200 |
commit | 6ef5df14917500f107fd843a6dba61355edaeea0 (patch) | |
tree | 7134c1bff10880e490d3c5a8d1e227e2dfa51d61 | |
parent | 123092a7a95f13f0509d2dc52ec049f91a02686d (diff) | |
download | openvpn-6ef5df14917500f107fd843a6dba61355edaeea0.tar.gz openvpn-6ef5df14917500f107fd843a6dba61355edaeea0.tar.xz openvpn-6ef5df14917500f107fd843a6dba61355edaeea0.zip |
polarssl: add easy logging for PolarSSL errors
Add the functions polar_log_err(), polar_log_func_line() and a macro
polar_ok(), to easily log human-readable PolarSSL errors from
polarssl-specific code.
This does not provide the full logging interface as msg(), because I
would have to add a lot more of macro-magic to achieve that on the
various supported compilers and platforms, and this suffices too (for
now at least).
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1425810005-11893-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9528
Signed-off-by: Gert Doering <gert@greenie.muc.de>
-rw-r--r-- | src/openvpn/crypto_polarssl.c | 27 | ||||
-rw-r--r-- | src/openvpn/crypto_polarssl.h | 40 |
2 files changed, 67 insertions, 0 deletions
diff --git a/src/openvpn/crypto_polarssl.c b/src/openvpn/crypto_polarssl.c index e083398..263b4dc 100644 --- a/src/openvpn/crypto_polarssl.c +++ b/src/openvpn/crypto_polarssl.c @@ -46,6 +46,7 @@ #include "misc.h" #include <polarssl/des.h> +#include <polarssl/error.h> #include <polarssl/md5.h> #include <polarssl/cipher.h> #include <polarssl/havege.h> @@ -86,6 +87,32 @@ crypto_clear_error (void) { } +bool polar_log_err(unsigned int flags, int errval, const char *prefix) +{ + if (0 != errval) + { + char errstr[256]; + polarssl_strerror(errval, errstr, sizeof(errstr)); + + if (NULL == prefix) prefix = "PolarSSL error"; + msg (flags, "%s: %s", prefix, errstr); + } + + return 0 == errval; +} + +bool polar_log_func_line(unsigned int flags, int errval, const char *func, + int line) +{ + char prefix[256]; + + if (!openvpn_snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) + return polar_log_err(flags, errval, func); + + return polar_log_err(flags, errval, prefix); +} + + #ifdef DMALLOC void crypto_init_dmalloc (void) diff --git a/src/openvpn/crypto_polarssl.h b/src/openvpn/crypto_polarssl.h index b6da436..bd0f8b8 100644 --- a/src/openvpn/crypto_polarssl.h +++ b/src/openvpn/crypto_polarssl.h @@ -91,4 +91,44 @@ ctr_drbg_context * rand_ctx_get(); void rand_ctx_enable_prediction_resistance(); #endif +/** + * Log the supplied PolarSSL error, prefixed by supplied prefix. + * + * @param flags Flags to indicate error type and priority. + * @param errval PolarSSL error code to convert to error message. + * @param prefix Prefix to PolarSSL error message. + * + * @returns true if no errors are detected, false otherwise. + */ +bool polar_log_err(unsigned int flags, int errval, const char *prefix); + +/** + * Log the supplied PolarSSL error, prefixed by function name and line number. + * + * @param flags Flags to indicate error type and priority. + * @param errval PolarSSL error code to convert to error message. + * @param func Function name where error was reported. + * @param line Line number where error was reported. + * + * @returns true if no errors are detected, false otherwise. + */ +bool polar_log_func_line(unsigned int flags, int errval, const char *func, + int line); + +/** + * Check errval and log on error. + * + * Convenience wrapper to put around polarssl library calls, e.g. + * if (!polar_ok(polarssl_func())) return 0; + * or + * ASSERT (polar_ok(polarssl_func())); + * + * @param errval PolarSSL error code to convert to error message. + * + * @returns true if no errors are detected, false otherwise. + */ +#define polar_ok(errval) \ + polar_log_func_line(D_CRYPT_ERRORS, errval, __func__, __LINE__) + + #endif /* CRYPTO_POLARSSL_H_ */ |