nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-30 23:53:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

finish enforcing the log convention

Browse Source 
svn:r494
This commit is contained in:
Roger Dingledine 2003-09-26 22:27:24 +00:00
parent ab8bceb27a
commit bf10a3c0f1
5 changed files with 58 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
src/common/crypto.c
View File

@ -211,17 +211,17 @@ crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode
crypto_cipher_env_t *crypto = NULL; crypto_cipher_env_t *crypto = NULL;
if (! (crypto = crypto_new_cipher_env(cipher_type))) { if (! (crypto = crypto_new_cipher_env(cipher_type))) {
log_fn(LOG_ERR, "Unable to allocate crypto object"); log_fn(LOG_WARNING, "Unable to allocate crypto object");
return NULL; return NULL;
} }
if (crypto_cipher_set_key(crypto, key)) { if (crypto_cipher_set_key(crypto, key)) {
log_fn(LOG_ERR, "Unable to set key: %s", crypto_perror()); log_fn(LOG_WARNING, "Unable to set key: %s", crypto_perror());
goto error; goto error;
} }
if (crypto_cipher_set_iv(crypto, iv)) { if (crypto_cipher_set_iv(crypto, iv)) {
log_fn(LOG_ERR, "Unable to set iv: %s", crypto_perror()); log_fn(LOG_WARNING, "Unable to set iv: %s", crypto_perror());
goto error; goto error;
} }
@ -231,7 +231,7 @@ crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode
r = crypto_cipher_decrypt_init_cipher(crypto); r = crypto_cipher_decrypt_init_cipher(crypto);
if (r) { if (r) {
log_fn(LOG_ERR, "Unable to initialize cipher: %s", crypto_perror()); log_fn(LOG_WARNING, "Unable to initialize cipher: %s", crypto_perror());
goto error; goto error;
} }
return crypto; return crypto;
@ -352,45 +352,38 @@ int crypto_pk_read_private_key_from_file(crypto_pk_env_t *env, FILE *src)
int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *keyfile) int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *keyfile)
{ {
FILE *f_pr; FILE *f_pr;
int retval = 0;
assert(env && keyfile); assert(env && keyfile);
if (strspn(keyfile,CONFIG_LEGAL_FILENAME_CHARACTERS) == strlen(keyfile)) /* filename contains legal characters only */ if(strspn(keyfile,CONFIG_LEGAL_FILENAME_CHARACTERS) != strlen(keyfile)) {
{ /* filename contains nonlegal characters */
/* open the keyfile */ return -1;
f_pr=fopen(keyfile,"rb"); }
if (!f_pr)
return -1;
/* read the private key */ /* open the keyfile */
retval = crypto_pk_read_private_key_from_file(env, f_pr); f_pr=fopen(keyfile,"rb");
if (!f_pr)
return -1;
/* read the private key */
if(crypto_pk_read_private_key_from_file(env, f_pr) < 0) {
log_fn(LOG_WARNING,"Error reading private key : %s",crypto_perror());
fclose(f_pr); fclose(f_pr);
if (retval == -1) return -1;
{ }
log_fn(LOG_ERR,"Error reading private key : %s",crypto_perror()); fclose(f_pr);
return -1;
}
/* check the private key */ /* check the private key */
retval = crypto_pk_check_key(env); switch(crypto_pk_check_key(env)) {
if (retval == 0) case 0:
{ log_fn(LOG_WARNING,"Private key read but is invalid : %s.", crypto_perror());
log_fn(LOG_ERR,"Private key read but is invalid : %s.", crypto_perror());
return -1; return -1;
} case -1:
else if (retval == -1) log_fn(LOG_WARNING,"Private key read but validity checking failed : %s",crypto_perror());
{
log_fn(LOG_ERR,"Private key read but validity checking failed : %s",crypto_perror());
return -1; return -1;
} /* case 1: fall through */
else if (retval == 1) }
{ return 0;
return 0;
}
} /* filename contains legal characters only */
return -1; /* report error */
} }
int crypto_pk_read_public_key_from_file(crypto_pk_env_t *env, FILE *src) int crypto_pk_read_public_key_from_file(crypto_pk_env_t *env, FILE *src)
@ -989,14 +982,14 @@ int crypto_seed_rng()
n = fread(buf, 1, 20, f); n = fread(buf, 1, 20, f);
fclose(f); fclose(f);
if (n != 20) { if (n != 20) {
log_fn(LOG_INFO, "Error reading from entropy source"); log_fn(LOG_WARNING, "Error reading from entropy source");
return -1; return -1;
} }
RAND_seed(buf, 20); RAND_seed(buf, 20);
return 0; return 0;
} }
log_fn(LOG_INFO, "Cannot seed RNG -- no entropy source found."); log_fn(LOG_WARNING, "Cannot seed RNG -- no entropy source found.");
return -1; return -1;
} }
@ -1053,3 +1046,4 @@ base64_decode(char *dest, int destlen, char *src, int srclen)
ret += len; ret += len;
return ret; return ret;
} }

7
src/common/log.c
View File

@ -20,13 +20,9 @@ static INLINE const char *sev_to_string(int severity) {
switch(severity) { switch(severity) {
case LOG_DEBUG: return "debug"; case LOG_DEBUG: return "debug";
case LOG_INFO: return "info"; case LOG_INFO: return "info";
case LOG_NOTICE: return "notice";
case LOG_WARNING: return "warn"; case LOG_WARNING: return "warn";
case LOG_ERR: return "err"; case LOG_ERR: return "err";
case LOG_CRIT: return "crit"; default: assert(0); return "UNKNOWN";
case LOG_ALERT: return "alert";
case LOG_EMERG: return "emerg";
default: return "UNKNOWN";
} }
} }
@ -167,3 +163,4 @@ void add_file_log(int loglevel, const char *filename)
add_stream_log(loglevel, filename, f); add_stream_log(loglevel, filename, f);
logfiles->needs_close = 1; logfiles->needs_close = 1;
} }

14
src/common/tortls.c
View File

@ -214,7 +214,7 @@ tor_tls_context_new(crypto_pk_env_t *rsa,
if (rsa) { if (rsa) {
cert = tor_tls_create_certificate(rsa, nickname); cert = tor_tls_create_certificate(rsa, nickname);
if (!cert) { if (!cert) {
log(LOG_ERR, "Error creating certificate"); log(LOG_WARNING, "Error creating certificate");
return -1; return -1;
} }
} }
@ -311,7 +311,7 @@ tor_tls_read(tor_tls *tls, char *cp, int len)
r = SSL_read(tls->ssl, cp, len); r = SSL_read(tls->ssl, cp, len);
if (r > 0) if (r > 0)
return r; return r;
err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading", LOG_ERR); err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading", LOG_INFO);
if (err == _TOR_TLS_ZERORETURN) { if (err == _TOR_TLS_ZERORETURN) {
tls->state = TOR_TLS_ST_CLOSED; tls->state = TOR_TLS_ST_CLOSED;
return TOR_TLS_CLOSE; return TOR_TLS_CLOSE;
@ -335,7 +335,7 @@ tor_tls_write(tor_tls *tls, char *cp, int n)
if (n == 0) if (n == 0)
return 0; return 0;
r = SSL_write(tls->ssl, cp, n); r = SSL_write(tls->ssl, cp, n);
err = tor_tls_get_error(tls, r, 0, "writing", LOG_ERR); err = tor_tls_get_error(tls, r, 0, "writing", LOG_INFO);
if (err == TOR_TLS_DONE) { if (err == TOR_TLS_DONE) {
return r; return r;
} else { } else {
@ -358,7 +358,7 @@ tor_tls_handshake(tor_tls *tls)
} else { } else {
r = SSL_connect(tls->ssl); r = SSL_connect(tls->ssl);
} }
r = tor_tls_get_error(tls,r,0, "handshaking", LOG_ERR); r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO);
if (r == TOR_TLS_DONE) { if (r == TOR_TLS_DONE) {
tls->state = TOR_TLS_ST_OPEN; tls->state = TOR_TLS_ST_OPEN;
} }
@ -385,7 +385,7 @@ tor_tls_shutdown(tor_tls *tls)
r = SSL_read(tls->ssl, buf, 128); r = SSL_read(tls->ssl, buf, 128);
} while (r>0); } while (r>0);
err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading to shut down", err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading to shut down",
LOG_ERR); LOG_INFO);
if (err == _TOR_TLS_ZERORETURN) { if (err == _TOR_TLS_ZERORETURN) {
tls->state = TOR_TLS_ST_GOTCLOSE; tls->state = TOR_TLS_ST_GOTCLOSE;
/* fall through... */ /* fall through... */
@ -401,7 +401,7 @@ tor_tls_shutdown(tor_tls *tls)
return TOR_TLS_DONE; return TOR_TLS_DONE;
} }
err = tor_tls_get_error(tls, r, CATCH_SYSCALL|CATCH_ZERO, "shutting down", err = tor_tls_get_error(tls, r, CATCH_SYSCALL|CATCH_ZERO, "shutting down",
LOG_ERR); LOG_INFO);
if (err == _TOR_TLS_SYSCALL) { if (err == _TOR_TLS_SYSCALL) {
/* The underlying TCP connection closed while we were shutting down. */ /* The underlying TCP connection closed while we were shutting down. */
tls->state = TOR_TLS_ST_CLOSED; tls->state = TOR_TLS_ST_CLOSED;
@ -414,7 +414,7 @@ tor_tls_shutdown(tor_tls *tls)
*/ */
if (tls->state == TOR_TLS_ST_GOTCLOSE || if (tls->state == TOR_TLS_ST_GOTCLOSE ||
tls->state == TOR_TLS_ST_SENTCLOSE) { tls->state == TOR_TLS_ST_SENTCLOSE) {
log(LOG_ERR, log(LOG_WARNING,
"TLS returned \"half-closed\" value while already half-closed"); "TLS returned \"half-closed\" value while already half-closed");
return TOR_TLS_ERROR; return TOR_TLS_ERROR;
} }

26
src/common/util.c
View File

@ -60,13 +60,13 @@ tv_udiff(struct timeval *start, struct timeval *end)
long secdiff = end->tv_sec - start->tv_sec; long secdiff = end->tv_sec - start->tv_sec;
if (secdiff+1 > LONG_MAX/1000000) { if (secdiff+1 > LONG_MAX/1000000) {
log_fn(LOG_NOTICE, "comparing times too far apart."); log_fn(LOG_WARNING, "comparing times too far apart.");
return LONG_MAX; return LONG_MAX;
} }
udiff = secdiff*1000000L + (end_usec - start->tv_usec); udiff = secdiff*1000000L + (end_usec - start->tv_usec);
if(udiff < 0) { if(udiff < 0) {
log_fn(LOG_NOTICE, "start is after end. Returning 0."); log_fn(LOG_WARNING, "start is after end. Returning 0.");
return 0; return 0;
} }
return udiff; return udiff;
@ -320,17 +320,17 @@ int check_private_dir(const char *dirname, int create)
struct stat st; struct stat st;
if (stat(dirname, &st)) { if (stat(dirname, &st)) {
if (errno != ENOENT) { if (errno != ENOENT) {
log(LOG_ERR, "Directory %s cannot be read: %s", dirname, log(LOG_WARNING, "Directory %s cannot be read: %s", dirname,
strerror(errno)); strerror(errno));
return -1; return -1;
} }
if (!create) { if (!create) {
log(LOG_ERR, "Directory %s does not exist.", dirname); log(LOG_WARNING, "Directory %s does not exist.", dirname);
return -1; return -1;
} }
log(LOG_INFO, "Creating directory %s", dirname); log(LOG_INFO, "Creating directory %s", dirname);
if (mkdir(dirname, 0700)) { if (mkdir(dirname, 0700)) {
log(LOG_ERR, "Error creating directory %s: %s", dirname, log(LOG_WARNING, "Error creating directory %s: %s", dirname,
strerror(errno)); strerror(errno));
return -1; return -1;
} else { } else {
@ -338,17 +338,17 @@ int check_private_dir(const char *dirname, int create)
} }
} }
if (!(st.st_mode & S_IFDIR)) { if (!(st.st_mode & S_IFDIR)) {
log(LOG_ERR, "%s is not a directory", dirname); log(LOG_WARNING, "%s is not a directory", dirname);
return -1; return -1;
} }
if (st.st_uid != getuid()) { if (st.st_uid != getuid()) {
log(LOG_ERR, "%s is not owned by this UID (%d)", dirname, getuid()); log(LOG_WARNING, "%s is not owned by this UID (%d)", dirname, getuid());
return -1; return -1;
} }
if (st.st_mode & 0077) { if (st.st_mode & 0077) {
log(LOG_WARNING, "Fixing permissions on directory %s", dirname); log(LOG_WARNING, "Fixing permissions on directory %s", dirname);
if (chmod(dirname, 0700)) { if (chmod(dirname, 0700)) {
log(LOG_ERR, "Could not chmod directory %s: %s", dirname, log(LOG_WARNING, "Could not chmod directory %s: %s", dirname,
strerror(errno)); strerror(errno));
return -1; return -1;
} else { } else {
@ -365,28 +365,28 @@ write_str_to_file(const char *fname, const char *str)
int fd; int fd;
FILE *file; FILE *file;
if (strlen(fname) > 1000) { if (strlen(fname) > 1000) {
log(LOG_ERR, "Filename %s is too long.", fname); log(LOG_WARNING, "Filename %s is too long.", fname);
return -1; return -1;
} }
strcpy(tempname,fname); strcpy(tempname,fname);
strcat(tempname,".tmp"); strcat(tempname,".tmp");
if ((fd = open(tempname, O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0) { if ((fd = open(tempname, O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0) {
log(LOG_ERR, "Couldn't open %s for writing: %s", tempname, log(LOG_WARNING, "Couldn't open %s for writing: %s", tempname,
strerror(errno)); strerror(errno));
return -1; return -1;
} }
if (!(file = fdopen(fd, "w"))) { if (!(file = fdopen(fd, "w"))) {
log(LOG_ERR, "Couldn't fdopen %s for writing: %s", tempname, log(LOG_WARNING, "Couldn't fdopen %s for writing: %s", tempname,
strerror(errno)); strerror(errno));
close(fd); return -1; close(fd); return -1;
} }
if (fputs(str,file) == EOF) { if (fputs(str,file) == EOF) {
log(LOG_ERR, "Error writing to %s: %s", tempname, strerror(errno)); log(LOG_WARNING, "Error writing to %s: %s", tempname, strerror(errno));
fclose(file); return -1; fclose(file); return -1;
} }
fclose(file); fclose(file);
if (rename(tempname, fname)) { if (rename(tempname, fname)) {
log(LOG_ERR, "Error replacing %s: %s", fname, strerror(errno)); log(LOG_WARNING, "Error replacing %s: %s", fname, strerror(errno));
return -1; return -1;
} }
return 0; return 0;

10
src/or/config.c
View File

@ -277,24 +277,16 @@ int getconfig(int argc, char **argv, or_options_t *options) {
/* Validate options */ /* Validate options */
if(options->LogLevel) { if(options->LogLevel) {
if(!strcmp(options->LogLevel,"emerg"))
options->loglevel = LOG_EMERG;
else if(!strcmp(options->LogLevel,"alert"))
options->loglevel = LOG_ALERT;
else if(!strcmp(options->LogLevel,"crit"))
options->loglevel = LOG_CRIT;
else if(!strcmp(options->LogLevel,"err")) else if(!strcmp(options->LogLevel,"err"))
options->loglevel = LOG_ERR; options->loglevel = LOG_ERR;
else if(!strcmp(options->LogLevel,"warning")) else if(!strcmp(options->LogLevel,"warning"))
options->loglevel = LOG_WARNING; options->loglevel = LOG_WARNING;
else if(!strcmp(options->LogLevel,"notice"))
options->loglevel = LOG_NOTICE;
else if(!strcmp(options->LogLevel,"info")) else if(!strcmp(options->LogLevel,"info"))
options->loglevel = LOG_INFO; options->loglevel = LOG_INFO;
else if(!strcmp(options->LogLevel,"debug")) else if(!strcmp(options->LogLevel,"debug"))
options->loglevel = LOG_DEBUG; options->loglevel = LOG_DEBUG;
else { else {
log(LOG_ERR,"LogLevel must be one of emerg|alert|crit|err|warning|notice|info|debug."); log(LOG_ERR,"LogLevel must be one of err|warning|info|debug.");
result = -1; result = -1;
} }
} }