For #121.
if (nid == NID_sha256WithRSAEncryption)
return 0;
- return pr_val_err("%s's signature algorithm is NID '%d', not RSA+SHA256.",
+ return pr_err("%s's signature algorithm is NID '%d', not RSA+SHA256.",
what, nid);
}
if (nid == NID_rsaEncryption)
return 0;
- return pr_val_err("Certificate's public key format is NID '%s', not rsaEncryption.",
+ return pr_err("Certificate's public key format is NID '%s', not rsaEncryption.",
OBJ_nid2sn(nid));
}
/* Validate algorithm and parameters (RFC 8608#section-3.1.1) */
if (nid != NID_X9_62_id_ecPublicKey)
- return pr_val_err("Certificate's public key format is NID '%s', not id-ecPublicKey.",
+ return pr_err("Certificate's public key format is NID '%s', not id-ecPublicKey.",
OBJ_nid2sn(nid));
if (parameter == NULL)
- return pr_val_err("Certificate's public key algorithm MUST have parameters");
+ return pr_err("Certificate's public key algorithm MUST have parameters");
if (parameter_type != V_ASN1_OBJECT)
- return pr_val_err("Certificate's public key parameter type isn't valid");
+ return pr_err("Certificate's public key parameter type isn't valid");
nid = OBJ_obj2nid(parameter);
if (nid != NID_X9_62_prime256v1)
- return pr_val_err("Certificate's public key format is NID '%s', not secp256r1 (a.k.a prime256v1).",
+ return pr_err("Certificate's public key format is NID '%s', not secp256r1 (a.k.a prime256v1).",
OBJ_nid2sn(nid));
return 0;
int error;
if (id == NULL)
- return pr_val_err("The hash algorithm of the '%s' is absent", what);
+ return pr_err("The hash algorithm of the '%s' is absent", what);
error = validate_cms_hash_algorithm_oid(&id->algorithm, what);
if (error)
*/
if (id->parameters != NULL) {
error = is_asn1_null_object(id->parameters)
- ? pr_val_err("The hash algorithm of the '%s' has a NULL object as parameters", what)
- : pr_val_err("The hash algorithm of the '%s' has parameters", what);
+ ? pr_err("The hash algorithm of the '%s' has a NULL object as parameters", what)
+ : pr_err("The hash algorithm of the '%s' has parameters", what);
}
return error;
};
if (oid == NULL)
- return pr_val_err("The hash algorithm of the '%s' is absent", what);
+ return pr_err("The hash algorithm of the '%s' is absent", what);
if (oid->size != sizeof(sha256))
goto incorrect_oid;
return 0;
incorrect_oid:
- return pr_val_err("The hash algorithm of the '%s' is not SHA256.", what);
+ return pr_err("The hash algorithm of the '%s' is not SHA256.", what);
}
int
uint8_t last;
if (id == NULL)
- return pr_val_err("The signature algorithm is absent.");
+ return pr_err("The signature algorithm is absent.");
/*
* rsaEncryption is { pkcs-1 1 }, and sha256WithRSAEncryption is
* accept both.
*/
if (id->parameters != NULL && !is_asn1_null(id->parameters))
- return pr_val_err("The signature algorithm has parameters.");
+ return pr_err("The signature algorithm has parameters.");
return 0;
incorrect_oid:
- return pr_val_err("The Signature algorithm is not RSA nor RSA+SHA256.");
+ return pr_err("The Signature algorithm is not RSA nor RSA+SHA256.");
}
if (cert == NULL)
return NULL;
if (cursor != origin + ber->size)
- pr_op_warn("There's trailing garbage after one of the certificates.");
+ pr_wrn("There's trailing garbage after one of the certificates.");
json = x509_to_json(cert);
return error;
if (!ARCS_EQUAL_OIDS(&arcs, oid_sdata))
- error = pr_val_err("Incorrect content-type.");
+ error = pr_err("Incorrect content-type.");
free_arcs(&arcs);
return error;
errlen = sizeof(errmsg);
if (asn_check_constraints(descriptor, result, errmsg, &errlen) < 0) {
if (log)
- pr_val_err("Error validating ASN.1 object: %s", errmsg);
+ pr_err("Error validating ASN.1 object: %s", errmsg);
return EINVAL;
}
ASN_STRUCT_FREE(*descriptor, *result);
/* We expect the data to be complete; RC_WMORE is an error. */
if (log)
- pr_val_err("Error '%u' decoding ASN.1 object around byte %zu",
+ pr_err("Error '%u' decoding ASN.1 object around byte %zu",
rval.code, rval.consumed);
return EINVAL;
}
{
return (any != NULL)
? asn1_decode(any->buf, any->size, descriptor, result, log)
- : pr_val_err("ANY '%s' is NULL.", descriptor->name);
+ : pr_err("ANY '%s' is NULL.", descriptor->name);
}
int
{
return (string != NULL)
? asn1_decode(string->buf, string->size, descriptor, result, log)
- : pr_val_err("Octet String '%s' is NULL.", descriptor->name);
+ : pr_err("Octet String '%s' is NULL.", descriptor->name);
}
/*
count = OBJECT_IDENTIFIER_get_arcs(oid, result->arcs, MAX_ARCS);
if (count < 0) {
- pr_val_err("OBJECT_IDENTIFIER_get_arcs() returned %zd.", count);
+ pr_err("OBJECT_IDENTIFIER_get_arcs() returned %zd.", count);
free(result->arcs);
return EINVAL;
}
count2 = OBJECT_IDENTIFIER_get_arcs(oid, result->arcs, count);
if (count != count2) {
- pr_val_err("OBJECT_IDENTIFIER_get_arcs() returned %zd. (expected %zd)",
+ pr_err("OBJECT_IDENTIFIER_get_arcs() returned %zd. (expected %zd)",
count2, count);
free(result->arcs);
return EINVAL;
*result = &sinfo->sid.choice.subjectKeyIdentifier;
return 0;
case SignerIdentifier_PR_issuerAndSerialNumber:
- return pr_val_err("Signer Info's sid is an IssuerAndSerialNumber, not a SubjectKeyIdentifier.");
+ return pr_err("Signer Info's sid is an IssuerAndSerialNumber, not a SubjectKeyIdentifier.");
case SignerIdentifier_PR_NOTHING:
break;
}
*result = NULL;
- return pr_val_err("Signer Info's sid is not a SubjectKeyIdentifier.");
+ return pr_err("Signer Info's sid is not a SubjectKeyIdentifier.");
}
static int
otmp = tmp;
ee->x509 = d2i_X509(NULL, &tmp, cer_encoded->size);
if (ee->x509 == NULL)
- return val_crypto_err("Signed object's 'certificate' element does not decode into a Certificate");
+ return pr_crypto_err("Signed object's 'certificate' element does not decode into a Certificate");
if (tmp != otmp + cer_encoded->size)
- return val_crypto_err("Signed object's 'certificate' element contains trailing garbage");
+ return pr_crypto_err("Signed object's 'certificate' element contains trailing garbage");
return cer_validate_ee(ee, so);
}
eContentType = &eci->eContentType;
if (!oid_equal(attrValues, eContentType))
- error = pr_val_err("The attrValues for the content-type attribute does not match the eContentType in the EncapsulatedContentInfo.");
+ error = pr_err("The attrValues for the content-type attribute does not match the eContentType in the EncapsulatedContentInfo.");
ASN_STRUCT_FREE(asn_DEF_OBJECT_IDENTIFIER, attrValues);
return error;
int error;
if (eci->eContent == NULL)
- return pr_val_err("There's no content being signed.");
+ return pr_err("There's no content being signed.");
error = asn1_decode_any(value, &asn_DEF_MessageDigest,
(void **) &digest, true);
error = hash_validate(hash_get_sha256(), eci->eContent->buf,
eci->eContent->size, digest->buf, digest->size);
if (error > 0)
- pr_val_err("The content's hash does not match the Message-Digest Attribute.");
+ pr_err("The content's hash does not match the Message-Digest Attribute.");
ASN_STRUCT_FREE(asn_DEF_MessageDigest, digest);
return abs(error);
int error;
if (sinfo->signedAttrs == NULL)
- return pr_val_err("The SignerInfo's signedAttrs field is NULL.");
+ return pr_err("The SignerInfo's signedAttrs field is NULL.");
for (i = 0; i < sinfo->signedAttrs->list.count; i++) {
attr = sinfo->signedAttrs->list.array[i];
if (attr == NULL) {
- pr_val_err("SignedAttrs array element %u is NULL.", i);
+ pr_err("SignedAttrs array element %u is NULL.", i);
continue;
}
attrs = &attr->attrValues;
if (attrs->list.count != 1) {
- return pr_val_err("signedAttrs's attribute set size (%d) is different than 1",
+ return pr_err("signedAttrs's attribute set size (%d) is different than 1",
attr->attrValues.list.count);
}
if (attrs->list.array == NULL || attrs->list.array[0] == NULL)
- pr_crit("Array size is 1 but array is NULL.");
+ pr_panic("Array size is 1 but array is NULL.");
error = oid2arcs(&attr->attrType, &attrType);
if (error)
if (ARCS_EQUAL_OIDS(&attrType, oid_cta)) {
if (content_type_found) {
- pr_val_err("Multiple ContentTypes found.");
+ pr_err("Multiple ContentTypes found.");
goto illegal_attrType;
}
error = validate_content_type_attribute(
} else if (ARCS_EQUAL_OIDS(&attrType, oid_mda)) {
if (message_digest_found) {
- pr_val_err("Multiple MessageDigests found.");
+ pr_err("Multiple MessageDigests found.");
goto illegal_attrType;
}
error = validate_message_digest_attribute(
} else if (ARCS_EQUAL_OIDS(&attrType, oid_sta)) {
if (signing_time_found) {
- pr_val_err("Multiple SigningTimes found.");
+ pr_err("Multiple SigningTimes found.");
goto illegal_attrType;
}
error = 0; /* No validations needed for now. */
signing_time_found = true;
} else {
/* rfc6488#section-3.1.g */
- pr_val_err("Illegal attrType OID in SignerInfo.");
+ pr_err("Illegal attrType OID in SignerInfo.");
goto illegal_attrType;
}
/* rfc6488#section-3.1.f */
if (!content_type_found)
- return pr_val_err("SignerInfo lacks a ContentType attribute.");
+ return pr_err("SignerInfo lacks a ContentType attribute.");
if (!message_digest_found)
- return pr_val_err("SignerInfo lacks a MessageDigest attribute.");
+ return pr_err("SignerInfo lacks a MessageDigest attribute.");
if (!signing_time_found)
- return pr_val_err("SignerInfo lacks a SigningTime attribute.");
+ return pr_err("SignerInfo lacks a SigningTime attribute.");
return 0;
/* rfc6488#section-2.1 */
sdata = so->sdata;
if (sdata->signerInfos.list.count != 1) {
- return pr_val_err("The SignedData's SignerInfo set is supposed to have only one element. (%d given.)",
+ return pr_err("The SignedData's SignerInfo set is supposed to have only one element. (%d given.)",
sdata->signerInfos.list.count);
}
error = asn_INTEGER2ulong(&sdata->version, &version);
if (error) {
if (errno) {
- pr_val_err("Error converting SignedData version: %s",
+ pr_err("Error converting SignedData version: %s",
strerror(errno));
}
- return pr_val_err("The SignedData version isn't a valid unsigned long");
+ return pr_err("The SignedData version isn't a valid unsigned long");
}
if (version != 3) {
- return pr_val_err("The SignedData version is only allowed to be 3. (Was %lu.)",
+ return pr_err("The SignedData version is only allowed to be 3. (Was %lu.)",
version);
}
/* rfc6488#section-2.1.2 */
/* rfc6488#section-3.1.j 1/2 */
if (sdata->digestAlgorithms.list.count != 1) {
- return pr_val_err("The SignedData's digestAlgorithms set is supposed to have only one element. (%d given.)",
+ return pr_err("The SignedData's digestAlgorithms set is supposed to have only one element. (%d given.)",
sdata->digestAlgorithms.list.count);
}
/* rfc6488#section-2.1.5 */
/* rfc6488#section-3.1.d */
if (sdata->crls != NULL && sdata->crls->list.count > 0)
- return pr_val_err("The SignedData contains at least one CRL.");
+ return pr_err("The SignedData contains at least one CRL.");
/* rfc6488#section-2.1.6.1 */
/* rfc6488#section-3.1.e */
sinfo = sdata->signerInfos.list.array[0];
if (sinfo == NULL)
- return pr_val_err("The SignerInfo object is NULL.");
+ return pr_err("The SignerInfo object is NULL.");
so->signature = &sinfo->signature;
error = asn_INTEGER2ulong(&sinfo->version, &version);
if (error) {
if (errno) {
- pr_val_err("Error converting SignerInfo version: %s",
+ pr_err("Error converting SignerInfo version: %s",
strerror(errno));
}
- return pr_val_err("The SignerInfo version isn't a valid unsigned long");
+ return pr_err("The SignerInfo version isn't a valid unsigned long");
}
if (version != 3) {
- return pr_val_err("The SignerInfo version is only allowed to be 3. (Was %lu.)",
+ return pr_err("The SignerInfo version is only allowed to be 3. (Was %lu.)",
version);
}
/* rfc6488#section-2.1.6.7 */
/* rfc6488#section-3.1.i */
if (sinfo->unsignedAttrs != NULL && sinfo->unsignedAttrs->list.count > 0)
- return pr_val_err("SignerInfo has at least one unsignedAttr.");
+ return pr_err("SignerInfo has at least one unsignedAttr.");
/* rfc6488#section-2.1.4 */
/* rfc6488#section-3.1.c 1/2 */
/* rfc6488#section-3.2 */
/* rfc6488#section-3.3 */
if (sdata->certificates == NULL)
- return pr_val_err("The SignedData does not contain certificates.");
+ return pr_err("The SignedData does not contain certificates.");
if (sdata->certificates->list.count != 1) {
- return pr_val_err("The SignedData contains %d certificates, one expected.",
+ return pr_err("The SignedData contains %d certificates, one expected.",
sdata->certificates->list.count);
}
bool equal;
if (sdata == NULL)
- return pr_val_err("SignedData is NULL.");
+ return pr_err("SignedData is NULL.");
if (sdata->signerInfos.list.array == NULL)
- return pr_val_err("SignerInfos array is NULL.");
+ return pr_err("SignerInfos array is NULL.");
if (sdata->signerInfos.list.array[0] == NULL)
- return pr_val_err("SignerInfos array first element is NULL.");
+ return pr_err("SignerInfos array first element is NULL.");
signedAttrs = sdata->signerInfos.list.array[0]->signedAttrs;
if (signedAttrs == NULL)
- return pr_val_err("signedAttrs is NULL.");
+ return pr_err("signedAttrs is NULL.");
if (signedAttrs->list.array == NULL)
- return pr_val_err("signedAttrs array is NULL.");
+ return pr_err("signedAttrs array is NULL.");
for (i = 0; i < signedAttrs->list.count; i++) {
attr = signedAttrs->list.array[i];
if (!attr)
- return pr_val_err("signedAttrs array element %d is NULL.", i);
+ return pr_err("signedAttrs array element %d is NULL.", i);
error = oid2arcs(&attr->attrType, &arcs);
if (error)
return error;
free_arcs(&arcs);
if (equal) {
if (attr->attrValues.list.array == NULL)
- return pr_val_err("signedAttrs attrValue array is NULL.");
+ return pr_err("signedAttrs attrValue array is NULL.");
if (attr->attrValues.list.array[0] == NULL)
- return pr_val_err("signedAttrs attrValue array first element is NULL.");
+ return pr_err("signedAttrs attrValue array first element is NULL.");
return asn1_decode_any(attr->attrValues.list.array[0],
&asn_DEF_OBJECT_IDENTIFIER,
(void **) result, true);
return true;
}
- pr_val_err("Url '%s' does not appear to have an rsync module.", str);
+ pr_err("Url '%s' does not appear to have an rsync module.", str);
return false;
}
int tmperr, abserr;
unsigned int deleted;
- pr_op_debug("Resetting cache...");
+ pr_trc("Resetting cache...");
abserr = 0;
deleted = 0;
if (tmperr)
abserr = tmperr;
if (abserr)
- pr_op_warn("Cannot reset cache: %s", strerror(abserr));
+ pr_wrn("Cannot reset cache: %s", strerror(abserr));
else
- pr_op_debug(deleted > 0 ? "Cache reset." : "Cache was empty.");
+ pr_trc(deleted > 0 ? "Cache reset." : "Cache was empty.");
closedir(dir);
return abserr;
}
int fd;
int error;
- pr_op_debug("touch " LOCKFILE);
+ pr_trc("touch " LOCKFILE);
/*
* Suppose we get SIGTERM in the middle of this function.
fd = open(LOCKFILE, O_CREAT | O_EXCL, 0644);
if (fd < 0) {
error = errno;
- pr_op_err("Cannot create lockfile '%s/" LOCKFILE "': %s",
+ pr_err("Cannot create lockfile '%s/" LOCKFILE "': %s",
config_get_local_repository(), strerror(error));
return error;
}
static void
unlock_cache(void)
{
- pr_op_debug("rm " LOCKFILE);
+ pr_trc("rm " LOCKFILE);
if (!lockfile_owned) {
- pr_op_debug("The cache wasn't locked.");
+ pr_trc("The cache wasn't locked.");
return;
}
if (unlink(LOCKFILE) < 0) {
int error = errno;
- pr_op_err("Cannot remove lockfile: %s", strerror(error));
+ pr_err("Cannot remove lockfile: %s", strerror(error));
if (error != ENOENT)
return;
}
if (error)
return error;
- pr_op_debug("cd %s", cachedir);
+ pr_trc("cd %s", cachedir);
if (chdir(cachedir) < 0) {
error = errno;
- pr_op_err("Cannot cd to %s: %s", cachedir, strerror(error));
+ pr_err("Cannot cd to %s: %s", cachedir, strerror(error));
return error;
}
error = atexit(cache_atexit);
if (error) {
int err2 = errno;
- pr_op_err("Cannot register cache's exit function.");
- pr_op_err("Error message attempt 1: %s", strerror(error));
- pr_op_err("Error message attempt 2: %s", strerror(err2));
+ pr_err("Cannot register cache's exit function.");
+ pr_err("Error message attempt 1: %s", strerror(error));
+ pr_err("Error message attempt 2: %s", strerror(err2));
return error;
}
error = json_get_uri(json, "http", &http);
if (error && (error != ENOENT)) {
- pr_op_debug("http: %s", strerror(error));
+ pr_trc("http: %s", strerror(error));
return NULL;
}
error = json_get_uri(json, "rsync", &rsync);
if (error && (error != ENOENT)) {
- pr_op_debug("rsync: %s", strerror(error));
+ pr_trc("rsync: %s", strerror(error));
uri_cleanup(&http);
return NULL;
}
node = pzalloc(sizeof(struct cache_node));
if (!init_node_key(&node->key, &http, &rsync)) {
- pr_op_debug("JSON node is missing both http and rsync tags.");
+ pr_trc("JSON node is missing both http and rsync tags.");
uri_cleanup(&rsync);
uri_cleanup(&http);
goto nde;
error = json_get_str(json, "path", &path);
if (error) {
- pr_op_debug("path: %s", strerror(error));
+ pr_trc("path: %s", strerror(error));
goto key;
}
node->path = pstrdup(path);
error = json_get_ts(json, "attempt", &node->attempt_ts);
if (error != 0 && error != ENOENT) {
- pr_op_debug("attempt: %s", strerror(error));
+ pr_trc("attempt: %s", strerror(error));
goto pth;
}
error = json_get_ts(json, "success", &node->success_ts);
if (error != 0 && error != ENOENT) {
- pr_op_debug("success: %s", strerror(error));
+ pr_trc("success: %s", strerror(error));
goto pth;
}
error = json_get_bigint(json, "mftNum", &node->mft.num);
if (error < 0) {
- pr_op_debug("mftNum: %s", strerror(error));
+ pr_trc("mftNum: %s", strerror(error));
goto pth;
}
error = json_get_ts(json, "mftUpdate", &node->mft.update);
if (error != 0 && error != ENOENT) {
- pr_op_debug("mftUpdate: %s", strerror(error));
+ pr_trc("mftUpdate: %s", strerror(error));
goto mft;
}
error = json_get_object(json, "rrdp", &rrdp);
if (error < 0) {
- pr_op_debug("rrdp: %s", strerror(error));
+ pr_trc("rrdp: %s", strerror(error));
goto mft;
}
if (error == 0 && rrdp_json2state(rrdp, node->path, &node->rrdp))
char const *file_version;
int error;
- pr_op_debug("Loading " METAFILE "...");
+ pr_trc("Loading " METAFILE "...");
root = json_load_file(METAFILE, 0, &jerr);
if (root == NULL) {
if (json_error_code(&jerr) == json_error_cannot_open_file) {
- pr_op_debug(METAFILE " does not exist.");
+ pr_trc(METAFILE " does not exist.");
return ENOENT;
} else {
- pr_op_err("Json parsing failure at %s (%d:%d): %s",
+ pr_err("Json parsing failure at %s (%d:%d): %s",
METAFILE, jerr.line, jerr.column, jerr.text);
return EINVAL;
}
}
if (json_typeof(root) != JSON_OBJECT) {
- pr_op_err("The root tag of " METAFILE " is not an object.");
+ pr_err("The root tag of " METAFILE " is not an object.");
goto fail;
}
error = json_get_str(root, TAGNAME_VERSION, &file_version);
if (error) {
if (error > 0)
- pr_op_err(METAFILE " is missing the '"
+ pr_err(METAFILE " is missing the '"
TAGNAME_VERSION "' tag.");
goto fail;
}
if (strcmp(file_version, PACKAGE_VERSION) != 0) {
- pr_op_err("The cache was written by Fort %s; "
+ pr_err("The cache was written by Fort %s; "
"I need to clear it.", file_version);
goto fail;
}
json_decref(root);
- pr_op_debug(METAFILE " loaded.");
+ pr_trc(METAFILE " loaded.");
return 0;
fail: json_decref(root);
wrt = snprintf(filename, 64, "%s/%s.json", tbl->name, dir->d_name);
if (wrt >= 64)
- pr_crit("collect_meta: %d %s %s", wrt, tbl->name, dir->d_name);
+ pr_panic("collect_meta: %d %s %s", wrt, tbl->name, dir->d_name);
pr_clutter("%s: Loading...", filename);
root = json_load_file(filename, 0, &jerr);
if (root == NULL) {
if (json_error_code(&jerr) == json_error_cannot_open_file)
- pr_op_warn("%s: File does not exist.", filename);
+ pr_wrn("%s: File does not exist.", filename);
else
- pr_op_warn("%s: Json parsing failure at (%d:%d): %s",
+ pr_wrn("%s: Json parsing failure at (%d:%d): %s",
filename, jerr.line, jerr.column, jerr.text);
return;
}
if (json_typeof(root) != JSON_OBJECT) {
- pr_op_warn("%s: Root tag is not an object.", filename);
+ pr_wrn("%s: Root tag is not an object.", filename);
goto end;
}
if (dir == NULL) {
error = errno;
if (error != ENOENT)
- pr_op_warn("Cannot open %s: %s",
+ pr_wrn("Cannot open %s: %s",
tbl->name, strerror(error));
return;
}
}
error = errno;
if (error)
- pr_op_warn("Could not finish traversing %s: %s",
+ pr_wrn("Could not finish traversing %s: %s",
tbl->name, strerror(error));
closedir(dir);
struct cache_node *node;
if (!init_node_key(&key, http, rsync)) {
- pr_val_debug("Can't build node identifier: Both HTTP and rsync URLs are NULL.");
+ pr_trc("Can't build node identifier: Both HTTP and rsync URLs are NULL.");
return NULL;
}
int error;
filename = str_concat(node->path, ".json");
- pr_op_debug("rm %s", filename);
+ pr_trc("rm %s", filename);
if (unlink(filename) < 0) {
error = errno;
if (error == ENOENT)
- pr_op_debug("%s already doesn't exist.", filename);
+ pr_trc("%s already doesn't exist.", filename);
else
- pr_op_warn("Cannot rm %s: %s", filename, strerror(errno));
+ pr_wrn("Cannot rm %s: %s", filename, strerror(errno));
}
free(filename);
return;
filename = str_concat(node->path, ".json");
- pr_op_debug("echo \"$json\" > %s", filename);
+ pr_trc("echo \"$json\" > %s", filename);
if (json_dump_file(json, filename, JSON_INDENT(2)))
- pr_op_err("Unable to write %s; unknown cause.", filename);
+ pr_err("Unable to write %s; unknown cause.", filename);
free(filename);
json_decref(json);
struct cache_node *node;
bool downloaded = false;
- pr_val_debug("Trying %s (online)...", uri_str(uri));
+ pr_trc("Trying %s (online)...", uri_str(uri));
if (!tbl->enabled) {
- pr_val_debug("Protocol disabled.");
+ pr_trc("Protocol disabled.");
return VV_FAIL;
}
break;
case DLS_ONGOING:
ongoing: mutex_unlock(&tbl->lock);
- pr_val_debug("Refresh ongoing.");
+ pr_trc("Refresh ongoing.");
return VV_BUSY;
case DLS_FRESH:
break;
default:
- pr_crit("Unknown node state: %d", node->state);
+ pr_panic("Unknown node state: %d", node->state);
}
mutex_unlock(&tbl->lock);
task_wakeup_dormants();
if (node->verdict == VV_FAIL) {
- pr_val_debug("Refresh failed.");
+ pr_trc("Refresh failed.");
return VV_FAIL;
}
- pr_val_debug("Refresh succeeded.");
+ pr_trc("Refresh succeeded.");
*result = node;
return VV_CONTINUE;
}
* Mutex not needed here.
*/
- pr_val_debug("Trying %s (offline)...", uri_str(url));
+ pr_trc("Trying %s (offline)...", uri_str(url));
node = find_node(&cache.fallback, uri_str(url), uri_len(url));
if (!node) {
- pr_val_debug("Cache data unavailable.");
+ pr_trc("Cache data unavailable.");
*result = NULL;
return VV_CONTINUE;
}
node = find_node(&cache.rsync, uri_str(url), uri_len(url));
if (node == NULL) {
mutex_unlock(&cache.rsync.lock);
- pr_op_err("rsync '%s -> %s' finished, but cache node does not exist.",
+ pr_err("rsync '%s -> %s' finished, but cache node does not exist.",
uri_str(url), path);
return;
}
if (node->state != DLS_ONGOING)
- pr_op_warn("rsync '%s -> %s' finished, but existing node was not in ONGOING state.",
+ pr_wrn("rsync '%s -> %s' finished, but existing node was not in ONGOING state.",
uri_str(url), path);
node->state = DLS_FRESH;
dir = opendir(fallback->path);
if (dir == NULL) {
- pr_op_err("opendir() error: %s", strerror(errno));
+ pr_err("opendir() error: %s", strerror(errno));
return;
}
* "forget" a file, then legitimately relist it without actually
* providing it.
*/
- pr_op_debug("Removing hard link: %s", file_path);
+ pr_trc("Removing hard link: %s", file_path);
if (unlink(file_path) < 0)
- pr_op_warn("Could not unlink %s: %s",
+ pr_wrn("Could not unlink %s: %s",
file_path, strerror(errno));
next: free(file_path);
}
if (errno)
- pr_op_err("Fallback directory traversal errored: %s",
+ pr_err("Fallback directory traversal errored: %s",
strerror(errno));
closedir(dir);
}
STAILQ_REMOVE_HEAD(&commits, lh);
if (uri_str(&commit->caRepository) != NULL) {
- pr_op_debug("Creating fallback for %s (%s)",
+ pr_trc("Creating fallback for %s (%s)",
uri_str(&commit->caRepository),
uri_str(&commit->rpkiNotify));
fb->attempt_ts = now;
fb->success_ts = now;
- pr_op_debug("mkdir -f %s", fb->path);
+ pr_trc("mkdir -f %s", fb->path);
if (mkdir(fb->path, CACHE_FILEMODE) < 0) {
error = errno;
if (error != EEXIST) {
- pr_op_err("Cannot create '%s': %s",
+ pr_err("Cannot create '%s': %s",
fb->path, strerror(error));
goto skip;
}
} else { /* TA */
struct cache_mapping *map = &commit->files[0];
- pr_op_debug("Creating fallback for %s",
+ pr_trc("Creating fallback for %s",
uri_str(&map->url));
fb = provide_node(&cache.fallback, &map->url, NULL);
void *arg)
{
if (file_stat_errno(node->path) == ENOENT) {
- pr_op_debug("Missing file; deleting node: %s", node->path);
+ pr_trc("Missing file; deleting node: %s", node->path);
delete_node(table, node, NULL);
}
}
time_t now = time_fatal();
/* Delete the entirety of cache/tmp/. */
- pr_op_debug("Cleaning up temporal files.");
+ pr_trc("Cleaning up temporal files.");
file_rm_rf(CACHE_TMPDIR);
/*
* Ensure valid RPPs and TAs are linked in fallback,
* by hard-linking the new files.
*/
- pr_op_debug("Committing fallbacks.");
+ pr_trc("Committing fallbacks.");
commit_fallbacks(now);
/*
* Delete refresh nodes that haven't been downloaded in a while,
* and fallback nodes that haven't been valid in a while.
*/
- pr_op_debug("Cleaning up abandoned cache files.");
+ pr_trc("Cleaning up abandoned cache files.");
foreach_node(remove_abandoned, &now);
/* (Paranoid) Delete nodes that are no longer mapped to files. */
- pr_op_debug("Cleaning up orphaned nodes.");
+ pr_trc("Cleaning up orphaned nodes.");
foreach_node(remove_orphaned_nodes, NULL);
/* (Paranoid) Delete files that are no longer mapped to nodes. */
- pr_op_debug("Cleaning up orphaned files.");
+ pr_trc("Cleaning up orphaned files.");
remove_orphaned_files();
}
written = snprintf(buf, CACHE_TMPFILE_BUFLEN, CACHE_TMPDIR "/%X", next);
if (written >= CACHE_TMPFILE_BUFLEN)
- pr_crit("I ran out of temporal directories: %u", next);
+ pr_panic("I ran out of temporal directories: %u", next);
}
panic_on_fail(int error, char const *function_name)
{
if (error)
- pr_crit("%s() returned '%s'. "
+ pr_panic("%s() returned '%s'. "
"This is too critical for a recovery; I must die now.",
function_name, strerror(error));
}
case 0:
return error;
case EAGAIN:
- pr_op_err_st("There are too many threads; I can't modify the database.");
+ pr_crit("There are too many threads; I can't modify the database.");
return error;
}
- pr_crit("pthread_rwlock_rdlock() returned '%s'. "
+ pr_panic("pthread_rwlock_rdlock() returned '%s'. "
"This is too critical for a recovery; I must die now.",
strerror(error));
return EINVAL; /* Warning shutupper */
*/
error = pthread_rwlock_wrlock(lock);
if (error)
- pr_crit("pthread_rwlock_wrlock() returned '%s'. "
+ pr_panic("pthread_rwlock_wrlock() returned '%s'. "
"This is too critical for a recovery; I must die now.",
strerror(error));
}
*/
error = pthread_rwlock_unlock(lock);
if (error)
- pr_crit("pthread_rwlock_unlock() returned '%s'. "
+ pr_panic("pthread_rwlock_unlock() returned '%s'. "
"This is too critical for a recovery; I must die now.",
strerror(error));
}
fullpath = realpath(tmp, NULL);
if (fullpath == NULL) {
error = errno;
- pr_op_err("Error getting real path for file '%s' at directory '%s': %s",
+ pr_err("Error getting real path for file '%s' at directory '%s': %s",
dir_name, file_name, strerror(error));
free(tmp);
return error;
dir_loc = opendir(location);
if (dir_loc == NULL) {
error = errno;
- pr_op_err_st("Couldn't open directory '%s': %s",
+ pr_crit("Couldn't open directory '%s': %s",
location, strerror(error));
goto end;
}
error = process_file(location, dir_ent->d_name, file_ext,
&found, cb, arg);
if (error) {
- pr_op_err("The error was at file %s", dir_ent->d_name);
+ pr_err("The error was at file %s", dir_ent->d_name);
goto close_dir;
}
errno = 0;
}
if (errno) {
- pr_op_err_st("Error reading dir %s", location);
+ pr_crit("Error reading dir %s", location);
error = errno;
}
if (!error && found == 0)
error = (empty_err ?
- pr_op_err("Location '%s' doesn't have files with extension '%s'",
+ pr_err("Location '%s' doesn't have files with extension '%s'",
location, file_ext) :
- pr_op_warn("Location '%s' doesn't have files with extension '%s'",
+ pr_wrn("Location '%s' doesn't have files with extension '%s'",
location, file_ext));
close_dir:
error = stat(location, &attr);
if (error) {
error = errno;
- pr_op_err_st("Error reading path '%s': %s", location,
+ pr_crit("Error reading path '%s': %s", location,
strerror(error));
return error;
}
result = time(NULL);
if (result == ((time_t)-1)) {
- pr_val_warn("time(NULL) returned -1: %s", strerror(errno));
+ pr_wrn("time(NULL) returned -1: %s", strerror(errno));
result = 0;
}
result = time(NULL);
if (result == ((time_t)-1))
- pr_crit("time(NULL) returned -1: %s", strerror(errno));
+ pr_panic("time(NULL) returned -1: %s", strerror(errno));
return result;
}
memset(&tm, 0, sizeof(tm));
consumed = strptime(str, FORT_TS_FORMAT, &tm);
if (consumed == NULL || (*consumed) != 0)
- return pr_op_err("String '%s' does not appear to be a timestamp.",
+ return pr_err("String '%s' does not appear to be a timestamp.",
str);
time = timegm(&tm);
if (time == ((time_t) -1)) {
error = errno;
- return pr_op_err("String '%s' does not appear to be a timestamp: %s",
+ return pr_err("String '%s' does not appear to be a timestamp: %s",
str, strerror(error));
}
ts_now(struct timespec *now)
{
if (clock_gettime(CLOCK_MONOTONIC, now) < 0)
- pr_crit("clock_gettime() returned '%s'", strerror(errno));
+ pr_panic("clock_gettime() returned '%s'", strerror(errno));
ts_normalize(now); /* Probably not needed, but I can't find contracts */
}
{
struct option_field const *opt;
- pr_op_info(PACKAGE_STRING);
- pr_op_info(" libcrypto: " OPENSSL_VERSION_TEXT);
- pr_op_info(" jansson: " JANSSON_VERSION);
- pr_op_info(" libcurl: " LIBCURL_VERSION);
- pr_op_info(" libxml: " LIBXML_DOTTED_VERSION);
- pr_op_info(" libmicrohttpd: %x.%x.%x-%x",
+ pr_inf(PACKAGE_STRING);
+ pr_inf(" libcrypto: " OPENSSL_VERSION_TEXT);
+ pr_inf(" jansson: " JANSSON_VERSION);
+ pr_inf(" libcurl: " LIBCURL_VERSION);
+ pr_inf(" libxml: " LIBXML_DOTTED_VERSION);
+ pr_inf(" libmicrohttpd: %x.%x.%x-%x",
MHD_VERSION >> 24, (MHD_VERSION >> 16) & 0xFF,
(MHD_VERSION >> 8) & 0xFF, MHD_VERSION & 0xFF);
- pr_op_info("Configuration {");
+ pr_inf("Configuration {");
FOREACH_OPTION(options, opt, 0xFFFF)
if (is_rpki_config_field(opt) && opt->type->print != NULL)
opt->type->print(opt, get_rpki_config_field(opt));
- pr_op_info("}");
+ pr_inf("}");
}
static void
return 0;
if (rpki_config.payload != NULL)
- return pr_op_err("I don't know what '%s' is.",
+ return pr_err("I don't know what '%s' is.",
rpki_config.payload);
if (rpki_config.tal == NULL)
- return pr_op_err("The TAL(s) location (--tal) is mandatory.");
+ return pr_err("The TAL(s) location (--tal) is mandatory.");
/* A file location at --tal isn't valid when --init-tals is set */
if (!file_is_valid(rpki_config.tal, !rpki_config.init_tals))
- return pr_op_err("Invalid TAL(s) location.");
+ return pr_err("Invalid TAL(s) location.");
/* Ignore the other checks */
if (rpki_config.init_tals)
rpki_config.server.interval.refresh ||
rpki_config.server.interval.expire <
rpki_config.server.interval.retry)
- return pr_op_err("Expire interval must be greater than refresh and retry intervals");
+ return pr_err("Expire interval must be greater than refresh and retry intervals");
if (rpki_config.slurm != NULL && !file_is_valid(rpki_config.slurm, true))
- return pr_op_err("Invalid slurm location.");
+ return pr_err("Invalid slurm location.");
if (rpki_config.http.proxy == NULL) {
proxy = curl_getenv("https_proxy");
FOREACH_OPTION(options, option, AVAILABILITY_GETOPT) {
if (option->id == opt) {
if (option->deprecated)
- pr_op_warn("Warning: '%s' is deprecated.",
+ pr_wrn("Warning: '%s' is deprecated.",
option->name);
return is_rpki_config_field(option)
}
}
- pr_op_err("Unrecognized option: %d", opt);
+ pr_err("Unrecognized option: %d", opt);
return ESRCH;
}
absolute = realpath(relative, NULL);
if (!absolute)
- return pr_op_err("Cannot resolve the absolute path of %s: %s",
+ return pr_err("Cannot resolve the absolute path of %s: %s",
relative, strerror(errno));
free(relative);
}
if (rpki_config.daemon) {
- pr_op_info("Executing as daemon, all logs will be sent to syslog.");
+ pr_inf("Executing as daemon, all logs will be sent to syslog.");
/* Send all logs to syslog */
rpki_config.log.output = SYSLOG;
rpki_config.validation_log.output = SYSLOG;
end:
if (error) {
free_rpki_config();
- pr_op_err("Try '%s --usage' or '%s --help' for more information.",
+ pr_err("Try '%s --usage' or '%s --help' for more information.",
program_name, program_name);
} else
print_config();
void
print_bool(struct option_field const *field, void *value)
{
- pr_op_info("%s: %s", field->name, DEREFERENCE(value) ? "true" : "false");
+ pr_inf("%s: %s", field->name, DEREFERENCE(value) ? "true" : "false");
}
int
return 0;
}
- return pr_op_err("Invalid %s: '%s', must be boolean (true|false)",
+ return pr_err("Invalid %s: '%s', must be boolean (true|false)",
field->name, str);
}
void *result)
{
if (!json_is_boolean(json)) {
- return pr_op_err("The '%s' element is not a JSON boolean.",
+ return pr_err("The '%s' element is not a JSON boolean.",
opt->name);
}
static void
print_curloff(struct option_field const *field, void *value)
{
- pr_op_info("%s: %" CURL_FORMAT_CURL_OFF_T,
+ pr_inf("%s: %" CURL_FORMAT_CURL_OFF_T,
field->name, *((curl_off_t *) value));
}
if (field->type->has_arg != required_argument || str == NULL ||
strlen(str) == 0) {
- return pr_op_err("Integer options ('%s' in this case) require an argument.",
+ return pr_err("Integer options ('%s' in this case) require an argument.",
field->name);
}
if (error || *tmp != '\0') {
if (!error)
error = -EINVAL;
- pr_op_err("Value '%s' at '%s' is not an integer: %s",
+ pr_err("Value '%s' at '%s' is not an integer: %s",
str, field->name, strerror(abs(error)));
return error;
}
if (parsed < 0)
- return pr_op_err("Value of '%s' is negative.", field->name);
+ return pr_err("Value of '%s' is negative.", field->name);
*((curl_off_t *) result) = parsed;
return 0;
json_int_t value;
if (!json_is_integer(json))
- return pr_op_err("The '%s' element is not a JSON integer.",
+ return pr_err("The '%s' element is not a JSON integer.",
opt->name);
value = json_integer_value(json);
if (value < 0)
- return pr_op_err("Value of '%s' is negative.", opt->name);
+ return pr_err("Value of '%s' is negative.", opt->name);
*((curl_off_t *) result) = value;
return 0;
break;
}
- pr_op_info("%s: %s", field->name, str);
+ pr_inf("%s: %s", field->name, str);
}
static int
else if (strcmp(str, VALUE_CRL) == 0)
DEREFERENCE(result) = FT_CRL;
else
- return pr_op_err("Unknown file type: '%s'", str);
+ return pr_err("Unknown file type: '%s'", str);
return 0;
}
break;
}
- pr_op_info("%s: %s", field->name, str);
+ pr_inf("%s: %s", field->name, str);
}
static int
else if (strcmp(str, FNF_VALUE_NAME) == 0)
DEREFERENCE(result) = FNF_NAME;
else
- return pr_op_err("Unknown file name format %s: '%s'",
+ return pr_err("Unknown file name format %s: '%s'",
field->name, str);
return 0;
incidences_parse_json(struct option_field const *opt, json_t *json,
void *_result)
{
- pr_op_warn("Incidences are deprecated; please delete them from your configuration.");
+ pr_wrn("Incidences are deprecated; please delete them from your configuration.");
return 0;
}
break;
}
- pr_op_info("%s: %s", field->name, str);
+ pr_inf("%s: %s", field->name, str);
}
static void
break;
}
- pr_op_info("%s: %s", field->name, str);
+ pr_inf("%s: %s", field->name, str);
}
static void
break;
}
- pr_op_info("%s: %s", field->name, str);
+ pr_inf("%s: %s", field->name, str);
}
static int
else if (strcmp(str, LOG_LEVEL_VALUE_DEBUG) == 0)
DEREFERENCE_UINT(result) = LOG_DEBUG;
else
- return pr_op_err("Unknown %s: '%s'", field->name, str);
+ return pr_err("Unknown %s: '%s'", field->name, str);
return 0;
}
else if (strcmp(str, LOG_OUTPUT_VALUE_CONSOLE) == 0)
DEREFERENCE_ENUM(result) = CONSOLE;
else
- return pr_op_err("Unknown %s: '%s'", field->name, str);
+ return pr_err("Unknown %s: '%s'", field->name, str);
return 0;
}
DEREFERENCE_UINT32(result) = LOG_LOCAL7;
else if (strcmp(str, LOG_FACILITY_VALUE_KERN) == 0 ||
strcmp(str, LOG_FACILITY_VALUE_SYSLOG) == 0)
- return pr_op_err("Unsupported %s: '%s', use another value",
+ return pr_err("Unsupported %s: '%s', use another value",
field->name, str);
else
- return pr_op_err("Unknown %s: '%s'", field->name, str);
+ return pr_err("Unknown %s: '%s'", field->name, str);
return 0;
}
break;
}
- pr_op_info("%s: %s", field->name, str);
+ pr_inf("%s: %s", field->name, str);
}
static int
else if (strcmp(str, VALUE_PRINT_FILE) == 0)
DEREFERENCE(result) = PRINT_FILE;
else
- return pr_op_err("Unknown mode: '%s'", str);
+ return pr_err("Unknown mode: '%s'", str);
return 0;
}
break;
}
- pr_op_info("%s: %s", field->name, str);
+ pr_inf("%s: %s", field->name, str);
}
static int
else if (strcmp(str, OFM_VALUE_JSON) == 0)
DEREFERENCE(result) = OFM_JSON;
else
- return pr_op_err("Unknown output format %s: '%s'",
+ return pr_err("Unknown output format %s: '%s'",
field->name, str);
return 0;
static void
string_print(struct option_field const *field, void *value)
{
- pr_op_info("%s: %s", field->name, DEREFERENCE(value));
+ pr_inf("%s: %s", field->name, DEREFERENCE(value));
}
static int
{
if (field->type->has_arg != required_argument || str == NULL ||
strlen(str) == 0) {
- return pr_op_err("String options ('%s' in this case) require an argument.",
+ return pr_err("String options ('%s' in this case) require an argument.",
field->name);
}
return 0;
} else {
if (string == NULL) {
- return pr_op_err(
+ return pr_err(
"The '%s' field is not allowed to be null.",
opt->name);
}
if (json_is_integer(json)) {
intval = json_integer_value(json);
if (intval < 1 || 65535 < intval) {
- return pr_op_err("'%s' is out of range (1-65535).",
+ return pr_err("'%s' is out of range (1-65535).",
opt->name);
}
strval = pmalloc(6);
written = snprintf(strval, 6, "%" JSON_INTEGER_FORMAT, intval);
if (written < 0 || 6 <= written)
- return pr_op_err("Cannot convert '%s' to string: snprintf returned %d",
+ return pr_err("Cannot convert '%s' to string: snprintf returned %d",
opt->name, written);
DEREFERENCE(result) = strval;
}
if (!json_is_string(json))
- return pr_op_err("The '%s' element is not a JSON string.", name);
+ return pr_err("The '%s' element is not a JSON string.", name);
*result = json_string_value(json);
return 0;
struct string_array *value = _value;
size_t i;
- pr_op_info("%s:", field->name);
+ pr_inf("%s:", field->name);
if (value->length == 0)
- pr_op_info(" <Nothing>");
+ pr_inf(" <Nothing>");
else for (i = 0; i < value->length; i++)
- pr_op_info(" %s", value->array[i]);
+ pr_inf(" %s", value->array[i]);
}
static int
int error;
if (!json_is_array(json)) {
- return pr_op_err("The '%s' element is not a JSON array.",
+ return pr_err("The '%s' element is not a JSON array.",
opt->name);
}
}
if (opt->max > 0 && len > opt->max)
- return pr_op_err("'%s' can have %u elements max; currently it has %lu elements.",
+ return pr_err("'%s' can have %u elements max; currently it has %lu elements.",
opt->name, opt->max, len);
for (i = 0; i < len; i++) {
child = json_array_get(json, i);
if (!json_is_string(child)) {
- return pr_op_err("'%s' array element #%zu is not a string.",
+ return pr_err("'%s' array element #%zu is not a string.",
opt->name, i);
}
}
len = token_count(&tokenizer);
if (opt->max > 0 && len > opt->max)
- return pr_op_err("'%s' can have %u elements max; currently it has %lu elements.",
+ return pr_err("'%s' can have %u elements max; currently it has %lu elements.",
opt->name, opt->max, len);
result->array = pcalloc(len, sizeof(char *));
error = time2str(tt, str);
if (error)
- pr_crit("time2str: %s", strerror(error));
+ pr_panic("time2str: %s", strerror(error));
- pr_op_info("%s: %s", field->name, str);
+ pr_inf("%s: %s", field->name, str);
}
static int
void *result)
{
if (str == NULL || strlen(str) == 0)
- return pr_op_err("--%s needs an argument.", field->name);
+ return pr_err("--%s needs an argument.", field->name);
return str2time(str, result);
}
parse_json_time(struct option_field const *opt, json_t *json, void *result)
{
if (!json_is_string(json))
- return pr_op_err("The '%s' element is not a JSON string.",
+ return pr_err("The '%s' element is not a JSON string.",
opt->name);
return str2time(json_string_value(json), result);
static void
print_uint(struct option_field const *field, void *value)
{
- pr_op_info("%s: %u", field->name, *((unsigned int *) value));
+ pr_inf("%s: %u", field->name, *((unsigned int *) value));
}
static int
if (field->type->has_arg != required_argument || str == NULL ||
strlen(str) == 0) {
- return pr_op_err("Integer options ('%s' in this case) require an argument.",
+ return pr_err("Integer options ('%s' in this case) require an argument.",
field->name);
}
if (error || *tmp != '\0') {
if (!error)
error = EINVAL;
- pr_op_err("Value '%s' at '%s' is not an unsigned integer: %s",
+ pr_err("Value '%s' at '%s' is not an unsigned integer: %s",
str, field->name, strerror(error));
return error;
}
if (parsed < field->min || field->max < parsed) {
- return pr_op_err("Value of '%s' is out of range (%u-%u).",
+ return pr_err("Value of '%s' is out of range (%u-%u).",
field->name, field->min, field->max);
}
json_int_t value;
if (!json_is_integer(json)) {
- return pr_op_err("The '%s' element is not a JSON integer.",
+ return pr_err("The '%s' element is not a JSON integer.",
opt->name);
}
value = json_integer_value(json);
if (value < opt->min || opt->max < value) {
- return pr_op_err("Integer '%s' is out of range (%u-%u).",
+ return pr_err("Integer '%s' is out of range (%u-%u).",
opt->name, opt->min, opt->max);
}
error = errno;
if (error == ENOMEM)
enomem_panic();
- pr_op_err("Cannot get current directory: %s", strerror(error));
+ pr_err("Cannot get current directory: %s", strerror(error));
return error;
}
pid = fork();
if (pid < 0) {
error = errno;
- pr_op_err("Couldn't fork to daemonize: %s", strerror(error));
+ pr_err("Couldn't fork to daemonize: %s", strerror(error));
return error;
}
/* Child goes on from here */
if (setsid() < 0) {
error = errno;
- pr_op_err("Couldn't create new session, ending execution: %s",
+ pr_err("Couldn't create new session, ending execution: %s",
strerror(error));
exit(error);
}
pid = fork();
if (pid < 0) {
error = errno;
- pr_op_err("Couldn't fork again to daemonize, ending execution: %s",
+ pr_err("Couldn't fork again to daemonize, ending execution: %s",
strerror(error));
exit(error);
}
if (chdir(pwd) < 0) {
error = errno;
- pr_op_err("Couldn't chdir() of daemon, ending execution: %s",
+ pr_err("Couldn't chdir() of daemon, ending execution: %s",
strerror(error));
exit(error);
}
* Also "unknown" is misleading. I think it's only "unknown" if the NID
* is -1 or something like that.
*/
- return pr_val_err("Certificate has unknown extension. (Extension NID: %d)",
+ return pr_err("Certificate has unknown extension. (Extension NID: %d)",
nid);
dupe:
- return pr_val_err("Certificate has more than one '%s' extension.",
+ return pr_err("Certificate has more than one '%s' extension.",
handler->meta->name);
not_critical:
- return pr_val_err("Extension '%s' is supposed to be marked critical.",
+ return pr_err("Extension '%s' is supposed to be marked critical.",
handler->meta->name);
critical:
- return pr_val_err("Extension '%s' is not supposed to be marked critical.",
+ return pr_err("Extension '%s' is not supposed to be marked critical.",
handler->meta->name);
}
for (handler = handlers; handler->meta != NULL; handler++) {
if (handler->mandatory && !handler->found)
- return pr_val_err("Certificate is missing the '%s' extension.",
+ return pr_err("Certificate is missing the '%s' extension.",
handler->meta->name);
}
int
cannot_decode(struct extension_metadata const *meta)
{
- return pr_val_err("Extension '%s' seems to be malformed. Cannot decode.",
+ return pr_err("Extension '%s' seems to be malformed. Cannot decode.",
meta->name);
}
/* Get the SPK (ask libcrypto) */
pubkey = X509_get_X509_PUBKEY(cert);
if (pubkey == NULL)
- return val_crypto_err("X509_get_X509_PUBKEY() returned NULL");
+ return pr_crypto_err("X509_get_X509_PUBKEY() returned NULL");
ok = X509_PUBKEY_get0_param(NULL, &spk, &spk_len, NULL, pubkey);
if (!ok)
- return val_crypto_err("X509_PUBKEY_get0_param() returned %d", ok);
+ return pr_crypto_err("X509_PUBKEY_get0_param() returned %d", ok);
/* FIXME the max limit needs to be a lot less than SIZE_MAX. */
if (spk_len < 0 || SIZE_MAX < spk_len) {
- return pr_val_err("The Subject Public Key length (%d) is out of bounds. (0-%zu)",
+ return pr_err("The Subject Public Key length (%d) is out of bounds. (0-%zu)",
spk_len, SIZE_MAX);
}
error = hash_validate(hash_get_sha1(), spk, spk_len, hash->data, hash->length);
if (error > 0) {
- pr_val_err("The Subject Public Key's hash does not match the %s.",
+ pr_err("The Subject Public Key's hash does not match the %s.",
hash_name);
}
X509 *parent = arg;
if (aki->keyid == NULL) {
- return pr_val_err("The %s lacks a keyIdentifier.",
+ return pr_err("The %s lacks a keyIdentifier.",
ext_aki()->name);
}
if (aki->issuer != NULL) {
- return pr_val_err("The %s contains an authorityCertIssuer.",
+ return pr_err("The %s contains an authorityCertIssuer.",
ext_aki()->name);
}
if (aki->serial != NULL) {
- return pr_val_err("The %s contains an authorityCertSerialNumber.",
+ return pr_err("The %s contains an authorityCertSerialNumber.",
ext_aki()->name);
}
file = fopen(file_name, "rb");
if (file == NULL) {
error = errno;
- pr_val_err("Could not open file '%s': %s", file_name,
+ pr_err("Could not open file '%s': %s", file_name,
strerror(error));
return error;
}
if (fstat(fileno(file), stat) == -1) {
error = errno;
- pr_val_err("fstat(%s) failed: %s", file_name, strerror(error));
+ pr_err("fstat(%s) failed: %s", file_name, strerror(error));
goto fail;
}
if (!S_ISREG(stat->st_mode)) {
- error = pr_val_err("'%s' does not seem to be a file.", file_name);
+ error = pr_err("'%s' does not seem to be a file.", file_name);
goto fail;
}
file = fopen(file_name, mode);
if (file == NULL) {
error = errno;
- pr_val_err("Could not open file '%s' for writing: %s",
+ pr_err("Could not open file '%s' for writing: %s",
file_name, strerror(error));
*result = NULL;
return error;
error = errno;
if (!error) /* Linux's man page does not mention errno */
error = -1;
- pr_val_err("Cannot write %s: %s", path, strerror(error));
+ pr_err("Cannot write %s: %s", path, strerror(error));
}
file_close(out);
int
file_write_txt(char const *path, char const *txt)
{
- pr_val_debug("echo 'blah blah' > %s", path);
+ pr_trc("echo 'blah blah' > %s", path);
return write_file(path, txt, strlen(txt));
}
int
file_write_bin(char const *path, unsigned char const *bytes, size_t n)
{
- pr_val_debug("echo 'beep boop' > %s", path);
+ pr_trc("echo 'beep boop' > %s", path);
return write_file(path, bytes, n);
}
file_close(FILE *file)
{
if (fclose(file) == -1)
- pr_val_err("fclose() failed: %s", strerror(errno));
+ pr_err("fclose() failed: %s", strerror(errno));
}
/*
* code. It literally doesn't say how to get an error
* code.
*/
- pr_val_err("File reading error. The error message is (possibly) '%s'",
+ pr_err("File reading error. The error message is (possibly) '%s'",
strerror(error));
free(fc->buf);
goto end;
* less bytes than requested like read() does. It's either
* "consumed everything", "EOF reached" or error.
*/
- pr_op_err_st("Likely programming error: fread() < file size (fr:%zu bs:%zu EOF:%d)",
+ pr_crit("Likely programming error: fread() < file size (fr:%zu bs:%zu EOF:%d)",
fread_result, fc->buflen, feof(file));
free(fc->buf);
error = EINVAL;
bool result;
if (stat(location, &attr) == -1) {
- pr_op_err("stat(%s) failed: %s", location, strerror(errno));
+ pr_err("stat(%s) failed: %s", location, strerror(errno));
return false;
}
result = is_file || is_dir;
if (!result)
- pr_op_err("'%s' does not seem to be a %s", location,
+ pr_err("'%s' does not seem to be a %s", location,
allow_file ? "file or directory" : "directory");
return result;
{
int error;
- pr_op_debug("rm -f %s", path);
+ pr_trc("rm -f %s", path);
if (remove(path) < 0) {
error = errno;
{
if (remove(fpath) < 0) {
rm_error = errno;
- pr_op_warn("Cannot remove '%s': %s", fpath, strerror(rm_error));
+ pr_wrn("Cannot remove '%s': %s", fpath, strerror(rm_error));
}
return 0; /* Remove as much as possible, regardless of error */
{
int error;
- pr_op_debug("rm -rf %s", path);
+ pr_trc("rm -rf %s", path);
/* TODO (performance) optimize that 32 */
rm_error = 0;
error = errno;
}
- pr_op_warn("Cannot remove '%s': %s", path, strerror(error));
+ pr_wrn("Cannot remove '%s': %s", path, strerror(error));
return error;
}
{
int error;
- pr_op_debug("mkdir %s%s", force ? "-f " : "", path);
+ pr_trc("mkdir %s%s", force ? "-f " : "", path);
if (mkdir(path, CACHE_FILEMODE) < 0) {
error = errno;
if (!force || error != EEXIST) {
- pr_op_err("Cannot create '%s': %s",
+ pr_err("Cannot create '%s': %s",
path, strerror(error));
return error;
}
void
file_ln(char const *oldpath, char const *newpath)
{
- pr_op_debug("ln %s %s", oldpath, newpath);
+ pr_trc("ln %s %s", oldpath, newpath);
if (link(oldpath, newpath) < 0)
- pr_op_warn("Could not hard-link %s to %s: %s",
+ pr_wrn("Could not hard-link %s to %s: %s",
newpath, oldpath, strerror(errno));
}
len = snprintf(path, seq->pathlen, "%s/%lX",
seq->prefix, seq->next_id);
if (len < 0) {
- pr_val_err("Cannot compute new cache path: Unknown cause.");
+ pr_err("Cannot compute new cache path: Unknown cause.");
return NULL;
}
if (len < seq->pathlen) {
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
sha1.md = EVP_MD_fetch(NULL, "SHA1", NULL);
if (sha1.md == NULL)
- return pr_op_err("This version of libcrypto does not seem to support SHA1.");
+ return pr_err("This version of libcrypto does not seem to support SHA1.");
sha1.size = EVP_MD_get_size(sha1.md);
sha1.name = EVP_MD_get0_name(sha1.md);
sha256.md = EVP_MD_fetch(NULL, "SHA256", NULL);
if (sha256.md == NULL) {
EVP_MD_free(sha1.md);
- return pr_op_err("This version of libcrypto does not seem to support SHA256.");
+ return pr_err("This version of libcrypto does not seem to support SHA256.");
}
sha256.size = EVP_MD_get_size(sha256.md);
sha256.name = EVP_MD_get0_name(sha256.md);
#else
sha1.md = EVP_get_digestbyname("sha1");
if (sha1.md == NULL)
- return pr_op_err("This version of libcrypto does not seem to support SHA1.");
+ return pr_err("This version of libcrypto does not seem to support SHA1.");
sha1.size = EVP_MD_size(sha1.md);
sha1.name = EVP_MD_name(sha1.md);
sha256.md = EVP_get_digestbyname("sha256");
if (sha256.md == NULL)
- return pr_op_err("This version of libcrypto does not seem to support SHA256.");
+ return pr_err("This version of libcrypto does not seem to support SHA256.");
sha256.size = EVP_MD_size(sha256.md);
sha256.name = EVP_MD_name(sha256.md);
enomem_panic();
if (!EVP_DigestInit_ex(ctx, algorithm->md, NULL)) {
- error = val_crypto_err("EVP_DigestInit_ex() failed");
+ error = pr_crypto_err("EVP_DigestInit_ex() failed");
goto end;
}
consumed = fread(buffer, 1, stat.st_blksize, file);
error = ferror(file);
if (error) {
- pr_val_err("File reading error. Error message (apparently): %s",
+ pr_err("File reading error. Error message (apparently): %s",
strerror(error));
goto end;
}
if (!EVP_DigestUpdate(ctx, buffer, consumed)) {
- error = val_crypto_err("EVP_DigestUpdate() failed");
+ error = pr_crypto_err("EVP_DigestUpdate() failed");
goto end;
}
} while (!feof(file));
if (!EVP_DigestFinal_ex(ctx, result, &hash_size)) {
- error = val_crypto_err("EVP_DigestFinal_ex() failed");
+ error = pr_crypto_err("EVP_DigestFinal_ex() failed");
goto end;
}
if (hash_size != algorithm->size) {
- error = pr_op_err("libcrypto returned a %s hash sized %u bytes.",
+ error = pr_err("libcrypto returned a %s hash sized %u bytes.",
algorithm->name, hash_size);
}
pr_clutter("Validating file hash: %s", path);
if (expected_len != hash_get_size(algorithm))
- return pr_val_err("%s string has bogus size: %zu",
+ return pr_err("%s string has bogus size: %zu",
hash_get_name(algorithm), expected_len);
error = hash_file(algorithm, path, actual, &actual_len);
return 0;
fail:
- error = pr_val_err("File '%s' does not match its expected hash.", path);
+ error = pr_err("File '%s' does not match its expected hash.", path);
#ifdef UNIT_TESTING
size_t i;
printf("Expected: ");
!EVP_DigestUpdate(ctx, content, content_len) ||
!EVP_DigestFinal_ex(ctx, hash, &actual_len)) {
EVP_MD_CTX_free(ctx);
- return val_crypto_err("Buffer hashing failed");
+ return pr_crypto_err("Buffer hashing failed");
}
EVP_MD_CTX_free(ctx);
if (actual_len != algorithm->size)
- pr_crit("libcrypto returned a %s hash sized %u bytes.",
+ pr_panic("libcrypto returned a %s hash sized %u bytes.",
algorithm->name, actual_len);
return 0;
CURLcode res;
res = curl_global_init(CURL_GLOBAL_SSL);
if (res != CURLE_OK)
- return pr_op_err("Error initializing global curl (%s)",
+ return pr_err("Error initializing global curl (%s)",
curl_easy_strerror(res));
return 0;
result = curl_easy_init();
if (result == NULL)
- return pr_val_err(
+ return pr_err(
"curl_easy_init() returned NULL; no error message given."
);
float ratio;
if (args->error == EFBIG) {
- pr_val_err("File too big (read: %zu bytes). Rejecting.",
+ pr_err("File too big (read: %zu bytes). Rejecting.",
args->total_bytes);
return EFBIG;
}
ratio = args->total_bytes / (float) config_get_http_max_file_size();
if (ratio > 0.4f) {
- pr_op_warn("File size exceeds 40%% of the configured limit (%zu/%ld bytes).",
+ pr_wrn("File size exceeds 40%% of the configured limit (%zu/%ld bytes).",
args->total_bytes, config_get_http_max_file_size());
}
res = curl_easy_getinfo(handler->curl, CURLINFO_RESPONSE_CODE,
http_code);
if (res != CURLE_OK) {
- return pr_op_err_st("curl_easy_getinfo(CURLINFO_RESPONSE_CODE) returned '%s'. "
+ return pr_crit("curl_easy_getinfo(CURLINFO_RESPONSE_CODE) returned '%s'. "
"I think this is supposed to be illegal, so I'll have to drop URI '%s'.",
curl_err_string(handler, res), uri_str(uri));
}
errmsg = uri_init(&redirect_url, redirect);
if (errmsg)
- return pr_val_err("Cannot parse redirect '%s' as a URI: %s",
+ return pr_err("Cannot parse redirect '%s' as a URI: %s",
redirect, errmsg);
error = uri_same_origin(src, &redirect_url)
? 0
- : pr_val_err("%s is redirecting to %s; disallowing because of different origin.",
+ : pr_err("%s is redirecting to %s; disallowing because of different origin.",
uri_str(src), uri_str(&redirect_url));
uri_cleanup(&redirect_url);
unsigned int r;
int error;
- pr_val_info("HTTP GET: %s -> %s", uri_str(src), dst);
+ pr_inf("HTTP GET: %s -> %s", uri_str(src), dst);
error = http_easy_init(&handler, ims);
if (error)
res = curl_easy_perform(handler.curl); /* write_callback() */
if (args.file != NULL)
file_close(args.file);
- pr_val_debug("Done. Total bytes transferred: %zu",
+ pr_trc("Done. Total bytes transferred: %zu",
args.total_bytes);
args.error = validate_file_size(&args);
}
if (res != CURLE_OK) {
- pr_val_err("Error requesting URL: %s. (HTTP code: %ld)",
+ pr_err("Error requesting URL: %s. (HTTP code: %ld)",
curl_err_string(&handler, res), http_code);
switch (res) {
}
if (http_code >= 400 || http_code == 204) {
- pr_val_err("HTTP result code: %ld", http_code);
+ pr_err("HTTP result code: %ld", http_code);
error = handle_http_response_code(http_code);
goto end;
}
if (http_code == 304) {
/* Write callback not called, no file to remove. */
- pr_val_debug("Not modified.");
+ pr_trc("Not modified.");
error = 0;
goto end;
}
res = curl_easy_getinfo(handler.curl, CURLINFO_REDIRECT_URL,
&redirect);
if (res != CURLE_OK) {
- error = pr_op_err("curl_easy_getinfo(CURLINFO_REDIRECT_URL) returned %u.", res);
+ error = pr_err("curl_easy_getinfo(CURLINFO_REDIRECT_URL) returned %u.", res);
redirect = NULL;
goto end;
}
break;
r++;
if (r > config_get_max_redirs()) {
- error = pr_val_err("Too many redirects.");
+ error = pr_err("Too many redirects.");
redirect = NULL;
goto end;
}
redirect = pstrdup(redirect);
} while (true);
- pr_val_debug("HTTP result code: %ld", http_code);
+ pr_trc("HTTP result code: %ld", http_code);
error = 0;
if (changed != NULL)
*changed = true;
root = json_load_file(file, JSON_REJECT_DUPLICATES, &json_error);
if (root == NULL) {
- pr_op_err("JSON error on line %d, column %d: %s",
+ pr_err("JSON error on line %d, column %d: %s",
json_error.line, json_error.column, json_error.text);
return ENOENT;
}
return ENOENT;
if (!json_is_string(child))
- return -pr_op_err("Tag '%s' is not a JSON string.", name);
+ return -pr_err("Tag '%s' is not a JSON string.", name);
*result = json_string_value(child);
return 0;
return error;
errmsg = uri_init(result, str);
if (errmsg) {
- pr_op_err("'%s' does not seem to be a URI: %s", str, errmsg);
+ pr_err("'%s' does not seem to be a URI: %s", str, errmsg);
return -EINVAL;
}
return ENOENT;
if (!json_is_integer(child))
- return -pr_op_err("Tag '%s' is not a JSON integer.", name);
+ return -pr_err("Tag '%s' is not a JSON integer.", name);
*result = json_integer_value(child);
return 0;
if (error)
return error;
if (json_int < INT_MIN || INT_MAX < json_int)
- return -pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
+ return -pr_err("Tag '%s' (%" JSON_INTEGER_FORMAT
") is out of range [%d, %d].",
name, json_int, INT_MIN, INT_MAX);
if (error)
return error;
if (json_int < 0 || UINT32_MAX < json_int)
- return -pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
+ return -pr_err("Tag '%s' (%" JSON_INTEGER_FORMAT
") is out of range [0, %u].",
name, json_int, UINT32_MAX);
if (error)
return error;
if (json_int < 0 || ULONG_MAX < json_int)
- return -pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
+ return -pr_err("Tag '%s' (%" JSON_INTEGER_FORMAT
") is out of range [0, %lu].",
name, json_int, ULONG_MAX);
error = asn_str2INTEGER(str, result);
if (error) {
- pr_op_err("Tag '%s' (%s) cannot be parsed into an integer: %s",
+ pr_err("Tag '%s' (%s) cannot be parsed into an integer: %s",
name, str, strerror(error));
return -error;
}
return ENOENT;
if (!json_is_array(child))
- return -pr_op_err("Tag '%s' is not a JSON array.", name);
+ return -pr_err("Tag '%s' is not a JSON array.", name);
*array = child;
return 0;
if (!json_is_object(child)) {
*obj = NULL;
- return -pr_op_err("Tag '%s' is not a JSON object.", name);
+ return -pr_err("Tag '%s' is not a JSON object.", name);
}
*obj = child;
json_add_int(json_t *parent, char const *name, int value)
{
if (json_object_set_new(parent, name, json_integer(value)))
- return pr_op_err(
+ return pr_err(
"Cannot convert %s '%d' to json; unknown cause.",
name, value
);
json_add_ulong(json_t *parent, char const *name, unsigned long value)
{
if (json_object_set_new(parent, name, json_integer(value)))
- return pr_op_err(
+ return pr_err(
"Cannot convert %s '%lu' to json; unknown cause.",
name, value
);
str = asn_INTEGER2str(value);
if (!str)
- return pr_op_err("Cannot convert %s to string.", name);
+ return pr_err("Cannot convert %s to string.", name);
error = json_add_str(parent, name, str);
json_add_str(json_t *parent, char const *name, char const *value)
{
if (json_object_set_new(parent, name, json_string(value)))
- return pr_op_err(
+ return pr_err(
"Cannot convert %s '%s' to json; unknown cause.",
name, value
);
json_add_strn(json_t *parent, char const *name, char const *value, size_t len)
{
if (json_object_set_new(parent, name, json_stringn(value, len)))
- return pr_op_err(
+ return pr_err(
"Cannot convert %s '%.*s' to json; unknown cause.",
name, (int)len, value
);
error = time2str(value, str);
if (error) {
- pr_op_err("Cannot convert timestamp '%s' to json: %s",
+ pr_err("Cannot convert timestamp '%s' to json: %s",
name, strerror(error));
return error;
}
if (json_object_set_new(parent, name, json_string(str)))
- return pr_op_err(
+ return pr_err(
"Cannot convert timestamp '%s' to json; unknown cause.",
name
);
{
json_t *json = json_object();
if (json == NULL)
- pr_op_err_st("Cannot create JSON object." OOM_PFX);
+ pr_crit("Cannot create JSON object." OOM_PFX);
return json;
}
{
json_t *json = json_array();
if (json == NULL)
- pr_op_err_st("Cannot create JSON array." OOM_PFX);
+ pr_crit("Cannot create JSON array." OOM_PFX);
return json;
}
{
json_t *json = json_integer(value);
if (json == NULL)
- pr_op_err_st("Cannot create JSON integer '%lld'."
+ pr_crit("Cannot create JSON integer '%lld'."
OOM_PFX, value);
return json;
}
{
json_t *json = json_string(value);
if (json == NULL)
- pr_op_err_st("Cannot create JSON string '%s'." OOM_PFX, value);
+ pr_crit("Cannot create JSON string '%s'." OOM_PFX, value);
return json;
}
{
json_t *json = json_stringn(value, len);
if (json == NULL)
- pr_op_err_st("Cannot create JSON string '%.*s'."
+ pr_crit("Cannot create JSON string '%.*s'."
OOM_PFX, (int)len, value);
return json;
}
res = json_object_set_new(parent, name, value);
if (res == -1)
- pr_op_err_st("Cannot add JSON '%s' to parent; unknown error.",
+ pr_crit("Cannot add JSON '%s' to parent; unknown error.",
name);
return res;
}
res = json_array_append_new(array, node);
if (res == -1)
- pr_op_err_st("Cannot add JSON node to array; unknown error.");
+ pr_crit("Cannot add JSON node to array; unknown error.");
return res;
}
pthread_mutex_destroy(&logck);
}
-bool
-pr_val_enabled(unsigned int level)
-{
- return val_config.level >= level;
-}
-
-bool
-pr_op_enabled(unsigned int level)
-{
- return op_config.level >= level;
-}
-
static struct level const *
level2struct(int level)
{
} while (0)
void
-pr_op_debug(const char *format, ...)
+pr_trc(const char *format, ...)
{
PR_SIMPLE(LOG_DEBUG, op_config);
}
void
-pr_op_info(const char *format, ...)
+pr_inf(const char *format, ...)
{
PR_SIMPLE(LOG_INFO, op_config);
}
* validation.)
*/
int
-pr_op_warn(const char *format, ...)
+pr_wrn(const char *format, ...)
{
PR_SIMPLE(LOG_WARNING, op_config);
return 0;
}
int
-pr_op_err(const char *format, ...)
+pr_err(const char *format, ...)
{
PR_SIMPLE(LOG_ERR, op_config);
return EINVAL;
}
int
-pr_op_err_st(const char *format, ...)
+pr_crit(const char *format, ...)
{
PR_SIMPLE(LOG_ERR, op_config);
lock_mutex();
return EINVAL;
}
-void
-pr_val_debug(const char *format, ...)
-{
- PR_SIMPLE(LOG_DEBUG, val_config);
-}
-
-void
-pr_val_info(const char *format, ...)
-{
- PR_SIMPLE(LOG_INFO, val_config);
-}
-
-/**
- * Always returs 0. (So you can interrupt whatever you're doing without failing
- * validation.)
- */
-int
-pr_val_warn(const char *format, ...)
-{
- PR_SIMPLE(LOG_WARNING, val_config);
- return 0;
-}
-
-int
-pr_val_err(const char *format, ...)
-{
- PR_SIMPLE(LOG_ERR, val_config);
- return EINVAL;
-}
-
struct crypto_cb_arg {
unsigned int stack_size;
int (*error_fn)(const char *, ...);
* Always appends a newline at the end.
*/
int
-op_crypto_err(const char *format, ...)
+pr_crypto_err(const char *format, ...)
{
PR_SIMPLE(LOG_ERR, op_config);
- return crypto_err(&op_config, pr_op_err);
-}
-
-/**
- * This is like pr_err() and pr_errno(), except meant to log an error made
- * during a libcrypto routine.
- *
- * This differs from usual printf-like functions:
- *
- * - It returns EINVAL, not bytes written.
- * - It prints a newline.
- * - Also prints the cryptolib's error message stack.
- *
- * Always appends a newline at the end.
- */
-int
-val_crypto_err(const char *format, ...)
-{
- PR_SIMPLE(LOG_ERR, val_config);
- return crypto_err(&val_config, pr_val_err);
+ return crypto_err(&op_config, pr_err);
}
__dead void
}
__dead void
-pr_crit(const char *format, ...)
+pr_panic(const char *format, ...)
{
PR_SIMPLE(LOG_ERR, op_config);
print_stack_trace(NULL);
#include <stdio.h>
#define PR_COLOR_DBG "\x1B[36m" /* Cyan */
+#define PR_COLOR_CLT "\x1B[34m" /* Blue */
+#define PR_COLOR_TRC "\x1B[32m" /* Green */
#define PR_COLOR_INF "\x1B[37m" /* White */
#define PR_COLOR_WRN "\x1B[33m" /* Yellow */
#define PR_COLOR_ERR "\x1B[31m" /* Red */
#endif
#endif
-/*
- * I know that the OpenBSD style guide says that we shouldn't declare our own
- * error printing functions, but we kind of need to do it:
- *
- * - It's convoluted to use err() and warn() on libcrypto errors.
- * - I was tasked with using syslog anyway, but the API is kind of limited
- * (especially since vsyslog() is not portable.)
- * - We want to transparently always print offending file name.
- */
-
#if __GNUC__
#define CHECK_FORMAT(str, args) __attribute__((format(printf, str, args)))
#else
-/*
- * No idea how this looks in other compilers.
- * It's safe to obviate since we're bound to see the warnings every time we use
- * GCC anyway.
- */
#define CHECK_FORMAT(str, args) /* Nothing */
#endif
void log_start(void);
void log_teardown(void);
-/*
- * Check if corresponding logging is enabled. You can use these to short-circuit
- * out of heavy logging code.
- */
-bool pr_val_enabled(unsigned int level);
-bool pr_op_enabled(unsigned int level);
-
#define pr_clutter_enabled() false
-#define pr_clutter(...) /* pr_op_debug(__VA_ARGS__) */
-
-/* == Operation logs == */
+#define pr_clutter(...)
-/* Status reports of no interest to the user. */
-void pr_op_debug(const char *, ...) CHECK_FORMAT(1, 2);
-/* Status reports likely useful to the user. */
-void pr_op_info(const char *, ...) CHECK_FORMAT(1, 2);
-/* Non-errors that suggest a problem. */
-int pr_op_warn(const char *, ...) CHECK_FORMAT(1, 2);
-/* Problematic situations that prevent Fort from doing its job. */
-int pr_op_err(const char *, ...) CHECK_FORMAT(1, 2);
-/* Like pr_op_err(), but it also prints a stack trace */
-int pr_op_err_st(const char *format, ...) CHECK_FORMAT(1, 2);
-/* Like pr_op_err(), except it prints libcrypto's error stack as well. */
-int op_crypto_err(const char *, ...) CHECK_FORMAT(1, 2);
+void pr_trc(const char *, ...) CHECK_FORMAT(1, 2);
+void pr_inf(const char *, ...) CHECK_FORMAT(1, 2);
+int pr_wrn(const char *, ...) CHECK_FORMAT(1, 2);
+int pr_err(const char *, ...) CHECK_FORMAT(1, 2);
+/* Like pr_err(), but also prints libcrypto's error stack */
+int pr_crypto_err(const char *, ...) CHECK_FORMAT(1, 2);
+int pr_crit(const char *format, ...) CHECK_FORMAT(1, 2);
+__dead void pr_panic(const char *, ...) CHECK_FORMAT(1, 2);
+__dead void enomem_panic(void); /* Out of memory */
-/* == Validation logs == */
-
-/* Status reports of no interest to the user. */
-void pr_val_debug(const char *, ...) CHECK_FORMAT(1, 2);
-/* Status reports likely useful to the user. */
-void pr_val_info(const char *, ...) CHECK_FORMAT(1, 2);
-/* Issues that did not trigger RPKI object rejection. */
-int pr_val_warn(const char *, ...) CHECK_FORMAT(1, 2);
-/* Problems that trigger RPKI object rejection. */
-int pr_val_err(const char *, ...) CHECK_FORMAT(1, 2);
-/* Like pr_val_err(), except it prints libcrypto's error stack as well. */
-int val_crypto_err(const char *, ...) CHECK_FORMAT(1, 2);
-
-/*
- * Like pr_*_err(), specific to out-of-memory situations.
- * Also terminates the program.
- */
-__dead void enomem_panic(void);
-/* Programming errors */
-__dead void pr_crit(const char *, ...) CHECK_FORMAT(1, 2);
-
-/*
- * Quick and dirty debugging messages.
- *
- * These are not meant to be uploaded; remember to delete them once the bug has
- * been found.
- */
-#define DBG_COLOR "\x1B[32m" /* Green */
-#define DBG_COLOR_RESET "\x1B[0m"
-#define PR_DEBUG \
- printf(DBG_COLOR "%s:%d (%s())" DBG_COLOR_RESET "\n", \
- __FILE__, __LINE__, __func__)
-#define PR_DEBUG_MSG(msg, ...) \
- printf(DBG_COLOR "%s:%d (%s()): " msg DBG_COLOR_RESET "\n", \
+#define PR_DBG(msg, ...) \
+ printf(PR_COLOR_DBG "%s:%d (%s()): " msg PR_COLOR_RST "\n", \
__FILE__, __LINE__, __func__, ##__VA_ARGS__)
+#define PR_HELLO \
+ printf(PR_COLOR_DBG "%s:%d (%s())" PR_COLOR_RST "\n", \
+ __FILE__, __LINE__, __func__)
#endif /* SRC_LOG_H_ */
{
int error;
- pr_op_info("Updating cache...");
+ pr_inf("Updating cache...");
error = vrps_update(NULL);
if (error) {
- pr_op_err("Validation unsuccessful; results unusable.");
+ pr_err("Validation unsuccessful; results unusable.");
return error;
}
- pr_op_info("Done.");
+ pr_inf("Done.");
return 0;
}
int error;
bool changed;
- pr_op_info("Main loop: Starting...");
+ pr_inf("Main loop: Starting...");
error = rtr_start();
if (error)
error = vrps_update(NULL);
if (error) {
- pr_op_err("Main loop: Validation unsuccessful; results unusable.");
+ pr_err("Main loop: Validation unsuccessful; results unusable.");
return error;
}
rtr_notify();
/* TODO (#133) Stats ready; remove this message in a couple versions. */
- pr_op_warn("First validation cycle successfully ended, now you can connect your router(s)");
+ pr_wrn("First validation cycle successfully ended, now you can connect your router(s)");
stats_gauge_set(stat_rtr_ready, 1);
do {
- pr_op_info("Main loop: Sleeping.");
+ pr_inf("Main loop: Sleeping.");
sleep(config_get_validation_interval());
- pr_op_info("Main loop: Time to work!");
+ pr_inf("Main loop: Time to work!");
error = vrps_update(&changed);
if (error == EINTR)
break;
if (error) {
- pr_op_debug("Main loop: %s", strerror(abs(error)));
+ pr_trc("Main loop: %s", strerror(abs(error)));
continue;
}
if (changed)
/* Note: Implicit object registration happens in OBJ_create. */
nid = OBJ_create(oid, sn, ln);
if (nid == 0) {
- op_crypto_err("Unable to register the %s NID.", sn);
+ pr_crypto_err("Unable to register the %s NID.", sn);
return 0;
}
- pr_op_debug("%s registered. Its nid is %d.", sn, nid);
+ pr_trc("%s registered. Its nid is %d.", sn, nid);
} else {
- pr_op_debug("%s retrieved. Its nid is %d.", sn, nid);
+ pr_trc("%s retrieved. Its nid is %d.", sn, nid);
}
return nid;
struct resource_params *params = arg;
if (!resources_contains_asns(params->parent_resources, range))
- return pr_val_err("BGPsec certificate is not allowed to contain ASN range %u-%u.",
+ return pr_err("BGPsec certificate is not allowed to contain ASN range %u-%u.",
range->min, range->max);
return vhandle_router_key(params->ski, range, params->spk);
pub_key = X509_get_X509_PUBKEY(cert);
if (pub_key == NULL) {
- error = val_crypto_err("X509_get_X509_PUBKEY() returned NULL at BGPsec");
+ error = pr_crypto_err("X509_get_X509_PUBKEY() returned NULL at BGPsec");
goto revert_resources;
}
tmp = cert_spk;
cert_spk_len = i2d_X509_PUBKEY(pub_key, &tmp);
if (cert_spk_len != RK_SPKI_LEN) {
- error = val_crypto_err("i2d_X509_PUBKEY() returned %d",
+ error = pr_crypto_err("i2d_X509_PUBKEY() returned %d",
cert_spk_len);
goto revert_spk;
}
{
for (; *str != '\0'; str++)
if (!is_valid_printable_string_char(*str))
- return pr_val_err("Invalid character in '%s' PrintableString: 0x%X",
+ return pr_err("Invalid character in '%s' PrintableString: 0x%X",
what, *str);
return 0;
}
ok = X509_PUBKEY_get0_param(&tal_alg, &tal_spk, &tal_spk_len, NULL,
tal_spki);
if (!ok)
- return val_crypto_err("X509_PUBKEY_get0_param() 1 returned %d", ok);
+ return pr_crypto_err("X509_PUBKEY_get0_param() 1 returned %d", ok);
ok = X509_PUBKEY_get0_param(&cert_alg, &cert_spk, &cert_spk_len, NULL,
cert_spki);
if (!ok)
- return val_crypto_err("X509_PUBKEY_get0_param() 2 returned %d", ok);
+ return pr_crypto_err("X509_PUBKEY_get0_param() 2 returned %d", ok);
if (OBJ_cmp(tal_alg, cert_alg) != 0)
goto root_different_alg_err;
return 0;
root_different_alg_err:
- return pr_val_err("TAL's public key algorithm is different than the root certificate's public key algorithm.");
+ return pr_err("TAL's public key algorithm is different than the root certificate's public key algorithm.");
root_different_pk_err:
- return pr_val_err("TAL's public key is different than the root certificate's public key.");
+ return pr_err("TAL's public key is different than the root certificate's public key.");
}
/*
spki = d2i_X509_PUBKEY(NULL, &cursor, len);
if (spki == NULL) {
- op_crypto_err("The TAL's public key cannot be decoded.");
+ pr_crypto_err("The TAL's public key cannot be decoded.");
goto fail;
}
if (cursor != origin + len) {
X509_PUBKEY_free(spki);
- op_crypto_err("The TAL's public key contains trailing garbage.");
+ pr_crypto_err("The TAL's public key contains trailing garbage.");
goto fail;
}
int error;
if (tal == NULL)
- pr_crit("TAL is NULL.");
+ pr_panic("TAL is NULL.");
/*
* We have a problem at this point:
key = X509_PUBKEY_get0(pubkey);
if (key == NULL)
- return val_crypto_err("X509_PUBKEY_get0() returned NULL");
+ return pr_crypto_err("X509_PUBKEY_get0() returned NULL");
key_type = EVP_PKEY_get_base_id(key);
if (key_type != EVP_PKEY_RSA && key_type != EVP_PKEY_RSA2)
- return val_crypto_err("The public key type is not RSA: %u",
+ return pr_crypto_err("The public key type is not RSA: %u",
key_type);
/*
* *Shrug*. I'm sorry; it's the best I got.
*/
if (!EVP_PKEY_get_size_t_param(key, OSSL_PKEY_PARAM_RSA_BITS, &bits))
- return val_crypto_err("Cannot extract the modulus length from the public key");
+ return pr_crypto_err("Cannot extract the modulus length from the public key");
if (bits < EXPECTED_BITS)
- return pr_val_err("Certificate's subjectPublicKey (RSAPublicKey) modulus lengths %zu bits, not %zu bits",
+ return pr_err("Certificate's subjectPublicKey (RSAPublicKey) modulus lengths %zu bits, not %zu bits",
bits, EXPECTED_BITS);
/*
* I'm going to be a bit lenient with this, because a small amount of
* (Notice this one's a warning.)
*/
if (bits > EXPECTED_BITS)
- pr_val_warn("Certificate's subjectPublicKey (RSAPublicKey) modulus lengths %zu bits, not %zu bits",
+ pr_wrn("Certificate's subjectPublicKey (RSAPublicKey) modulus lengths %zu bits, not %zu bits",
bits, EXPECTED_BITS);
/*
* equal to 65537. The default value is 65537.
*/
if (!EVP_PKEY_get_size_t_param(key, OSSL_PKEY_PARAM_RSA_E, &exponent))
- return val_crypto_err("Cannot extract the exponent from the public key");
+ return pr_crypto_err("Cannot extract the exponent from the public key");
if (exponent != EXPECTED_EXPONENT)
- return pr_val_err("Certificate's subjectPublicKey (RSAPublicKey) exponent is %zu, not %zu",
+ return pr_err("Certificate's subjectPublicKey (RSAPublicKey) exponent is %zu, not %zu",
exponent, EXPECTED_EXPONENT);
return 0;
pkey = X509_PUBKEY_get0(pubkey);
if (pkey == NULL)
- return val_crypto_err("The certificate's Subject Public Key is missing or malformed.");
+ return pr_crypto_err("The certificate's Subject Public Key is missing or malformed.");
rsa = EVP_PKEY_get0_RSA(pkey);
if (rsa == NULL)
- return val_crypto_err("EVP_PKEY_get0_RSA() returned NULL");
+ return pr_crypto_err("EVP_PKEY_get0_RSA() returned NULL");
modulus = RSA_bits(rsa);
if (modulus < MODULUS)
- return pr_val_err("Certificate's subjectPublicKey (RSAPublicKey) modulus is %d bits, not %d bits.",
+ return pr_err("Certificate's subjectPublicKey (RSAPublicKey) modulus is %d bits, not %d bits.",
modulus, MODULUS);
if (modulus > MODULUS)
- pr_val_warn("Certificate's subjectPublicKey (RSAPublicKey) modulus lengths %d bits, not %d bits",
+ pr_wrn("Certificate's subjectPublicKey (RSAPublicKey) modulus lengths %d bits, not %d bits",
modulus, MODULUS);
RSA_get0_key(rsa, NULL, &exp, NULL);
if (exp == NULL)
- return pr_val_err("Certificate's subjectPublicKey (RSAPublicKey) exponent isn't set, must be "
+ return pr_err("Certificate's subjectPublicKey (RSAPublicKey) exponent isn't set, must be "
EXPONENT " bits.");
exp_str = BN_bn2dec(exp);
if (exp_str == NULL)
- return val_crypto_err("Couldn't get subjectPublicKey exponent string");
+ return pr_crypto_err("Couldn't get subjectPublicKey exponent string");
if (strcmp(EXPONENT, exp_str) != 0) {
- error = pr_val_err("Certificate's subjectPublicKey (RSAPublicKey) exponent is %s, must be "
+ error = pr_err("Certificate's subjectPublicKey (RSAPublicKey) exponent is %s, must be "
EXPONENT " bits.", exp_str);
free(exp_str);
return error;
/* Reminder: X509_PUBKEY is the same as SubjectPublicKeyInfo. */
pubkey = X509_get_X509_PUBKEY(cert->x509);
if (pubkey == NULL)
- return val_crypto_err("X509_get_X509_PUBKEY() returned NULL");
+ return pr_crypto_err("X509_get_X509_PUBKEY() returned NULL");
ok = X509_PUBKEY_get0_param(NULL, NULL, NULL, &pa, pubkey);
if (!ok)
- return val_crypto_err("X509_PUBKEY_get0_param() returned %d", ok);
+ return pr_crypto_err("X509_PUBKEY_get0_param() returned %d", ok);
if (cert->type == CERTYPE_BGPSEC)
return validate_certificate_public_key_algorithm_bgpsec(pa);
if (error)
return error;
if ((evppkey = X509_get0_pubkey(cert->x509)) == NULL)
- return val_crypto_err("X509_get0_pubkey() returned NULL");
+ return pr_crypto_err("X509_get0_pubkey() returned NULL");
if (X509_verify(cert->x509, evppkey) != 1)
- return val_crypto_err("Invalid signature.");
+ return pr_crypto_err("Invalid signature.");
}
return 0;
/* rfc6487#section-4.1 */
if (X509_get_version(cert->x509) != 2)
- return pr_val_err("Certificate version is not v3.");
+ return pr_err("Certificate version is not v3.");
/* rfc6487#section-4.2 */
/* <Redacted> */
/* These errors happen when the object is not DER-encoded */
if (content->buf[p->offset] != tag)
- return pr_val_err("Expected tag 0x%x, got 0x%x.",
+ return pr_err("Expected tag 0x%x, got 0x%x.",
tag, content->buf[p->offset]);
if (p->remaining == 0)
- return pr_val_err("Buffer seems truncated.");
+ return pr_err("Buffer seems truncated.");
p->offset++;
p->remaining--;
len_len = ber_fetch_length(true, &content->buf[p->offset], p->remaining,
&value_len);
if (len_len == -1)
- return pr_val_err("Could not decipher length (Unknown cause).");
+ return pr_err("Could not decipher length (Unknown cause).");
if (len_len == 0)
- return pr_val_err("Buffer seems truncated.");
+ return pr_err("Buffer seems truncated.");
p->offset += len_len;
p->remaining -= len_len;
skip = ber_skip_length(NULL, is_constructed, &content->buf[p->offset],
p->remaining);
if (skip == -1)
- return pr_val_err("Could not skip length (Unknown cause).");
+ return pr_err("Could not skip length (Unknown cause).");
if (skip == 0)
- return pr_val_err("Buffer seems truncated.");
+ return pr_err("Buffer seems truncated.");
p->offset += skip;
p->remaining -= skip;
len_len = ber_fetch_length(true, result->buffer,
p.remaining, &result->size);
if (len_len == -1)
- return pr_val_err("Could not decipher length (Unknown cause.)");
+ return pr_err("Could not decipher length (Unknown cause.)");
if (len_len == 0)
- return pr_val_err("Buffer seems truncated.");
+ return pr_err("Buffer seems truncated.");
result->size += len_len;
return 0;
}
public_key = X509_get_X509_PUBKEY(cert);
if (public_key == NULL)
- return val_crypto_err("Certificate seems to lack a public key");
+ return pr_crypto_err("Certificate seems to lack a public key");
/* Create the Message Digest Context */
ctx = EVP_MD_CTX_create();
if (ctx == NULL)
- return val_crypto_err("EVP_MD_CTX_create() error");
+ return pr_crypto_err("EVP_MD_CTX_create() error");
if (1 != EVP_DigestVerifyInit(ctx, NULL, EVP_sha256(), NULL,
X509_PUBKEY_get0(public_key))) {
- error = val_crypto_err("EVP_DigestVerifyInit() error");
+ error = pr_crypto_err("EVP_DigestVerifyInit() error");
goto end;
}
error = EVP_DigestVerifyUpdate(ctx, &EXPLICIT_SET_OF_TAG,
sizeof(EXPLICIT_SET_OF_TAG));
if (1 != error) {
- error = val_crypto_err("EVP_DigestVerifyInit() error");
+ error = pr_crypto_err("EVP_DigestVerifyInit() error");
goto end;
}
error = EVP_DigestVerifyUpdate(ctx, signedAttrs.buffer,
signedAttrs.size);
if (1 != error) {
- error = val_crypto_err("EVP_DigestVerifyInit() error");
+ error = pr_crypto_err("EVP_DigestVerifyInit() error");
goto end;
}
if (1 != EVP_DigestVerifyFinal(ctx, signature->buf, signature->size)) {
- error = val_crypto_err("Signed Object's signature is invalid");
+ error = pr_crypto_err("Signed Object's signature is invalid");
goto end;
}
bio = BIO_new(BIO_s_file());
if (bio == NULL) {
- val_crypto_err("BIO_new(BIO_s_file()) returned NULL");
+ pr_crypto_err("BIO_new(BIO_s_file()) returned NULL");
return NULL;
}
if (BIO_read_filename(bio, path) <= 0) {
- val_crypto_err("Error reading certificate");
+ pr_crypto_err("Error reading certificate");
goto end;
}
cert = d2i_X509_bio(bio, NULL);
if (cert == NULL) {
- val_crypto_err("Error parsing certificate");
+ pr_crypto_err("Error parsing certificate");
goto end;
}
stack = sk_X509_new_null();
if (!stack) {
- val_crypto_err("sk_X509_new_null() returned NULL.");
+ pr_crypto_err("sk_X509_new_null() returned NULL.");
return NULL;
}
for (cert = cert->parent; cert != NULL; cert = cert->parent) {
ret = sk_X509_push(stack, cert->x509);
if (ret <= 0) {
- val_crypto_err("sk_X509_push returned %d.", ret);
+ pr_crypto_err("sk_X509_push returned %d.", ret);
sk_X509_pop_free(stack, X509_free);
return NULL;
}
stack = sk_X509_CRL_new_null();
if (!stack) {
- val_crypto_err("sk_X509_CRL_new_null() returned NULL.");
+ pr_crypto_err("sk_X509_CRL_new_null() returned NULL.");
return NULL;
}
ok = sk_X509_CRL_push(stack, cert->parent->rpp.crl.obj);
if (ok != 1) {
- val_crypto_err("sk_X509_CRL_push() returned %d.", ok);
+ pr_crypto_err("sk_X509_CRL_push() returned %d.", ok);
return NULL;
}
lu = asn1time2str(X509_CRL_get0_lastUpdate(crl));
nu = asn1time2str(X509_CRL_get0_nextUpdate(crl));
- pr_val_err("CRL is stale/expired. (lastUpdate:%s, nextUpdate:%s)",
+ pr_err("CRL is stale/expired. (lastUpdate:%s, nextUpdate:%s)",
lu, nu);
free(lu);
ctx = X509_STORE_CTX_new();
if (ctx == NULL)
- return val_crypto_err("X509_STORE_CTX_new() returned NULL");
+ return pr_crypto_err("X509_STORE_CTX_new() returned NULL");
store = X509_STORE_new();
if (!store) {
- error = val_crypto_err("X509_STORE_new() returned NULL");
+ error = pr_crypto_err("X509_STORE_new() returned NULL");
goto end1;
}
params = X509_VERIFY_PARAM_new();
if (params == NULL) {
- error = val_crypto_err("X509_VERIFY_PARAM_new() returned NULL");
+ error = pr_crypto_err("X509_VERIFY_PARAM_new() returned NULL");
goto end2;
}
/* Returns 0 or 1 , all callers test ! only. */
ok = X509_STORE_CTX_init(ctx, store, cert->x509, NULL);
if (!ok) {
- error = val_crypto_err("X509_STORE_CTX_init() returned %d", ok);
+ error = pr_crypto_err("X509_STORE_CTX_init() returned %d", ok);
goto end3;
}
if (ok <= 0) {
/*
* ARRRRGGGGGGGGGGGGG
- * Do not use val_crypto_err() here; for some reason the proper
+ * Do not use pr_crypto_err() here; for some reason the proper
* error code is stored in the context.
*/
error = X509_STORE_CTX_get_error(ctx);
complain_crl_stale(cert->parent->rpp.crl.obj);
error = EINVAL;
} else if (error)
- pr_val_err("Certificate validation failed: %s",
+ pr_err("Certificate validation failed: %s",
X509_verify_cert_error_string(error));
else {
/*
* That said, there's not much to do about !error,
* so hope for the best.
*/
- val_crypto_err("Certificate validation failed: %d", ok);
+ pr_crypto_err("Certificate validation failed: %d", ok);
error = EINVAL;
}
goto end5;
case 2:
family = &blocks->list.array[0]->addressFamily;
if (get_addr_family(family) != AF_INET) {
- error = pr_val_err("First IP address block listed is not v4.");
+ error = pr_err("First IP address block listed is not v4.");
goto end;
}
family = &blocks->list.array[1]->addressFamily;
if (get_addr_family(family) != AF_INET6) {
- error = pr_val_err("Second IP address block listed is not v6.");
+ error = pr_err("Second IP address block listed is not v6.");
goto end;
}
break;
default:
- error = pr_val_err("Got %d IP address blocks; 1 or 2 expected.",
+ error = pr_err("Got %d IP address blocks; 1 or 2 expected.",
blocks->list.count);
goto end;
}
if (nid == addr_nid) {
if (ip_ext_found)
- return pr_val_err("Multiple IP extensions found.");
+ return pr_err("Multiple IP extensions found.");
if (!X509_EXTENSION_get_critical(ext))
- return pr_val_err("The IP extension is not marked as critical.");
+ return pr_err("The IP extension is not marked as critical.");
ip_ext_found = true;
} else if (nid == asn_nid) {
if (asn_ext_found)
- return pr_val_err("Multiple AS extensions found.");
+ return pr_err("Multiple AS extensions found.");
if (!X509_EXTENSION_get_critical(ext))
- return pr_val_err("The AS extension is not marked as critical.");
+ return pr_err("The AS extension is not marked as critical.");
asn_ext_found = true;
return error;
} else if (nid == bad_addr_nid) {
- return pr_val_err("Certificate has an RFC%s policy, but contains an RFC%s IP extension.",
+ return pr_err("Certificate has an RFC%s policy, but contains an RFC%s IP extension.",
policy_rfc, bad_ext_rfc);
} else if (nid == bad_asn_nid) {
- return pr_val_err("Certificate has an RFC%s policy, but contains an RFC%s ASN extension.",
+ return pr_err("Certificate has an RFC%s policy, but contains an RFC%s ASN extension.",
policy_rfc, bad_ext_rfc);
}
}
if (!ip_ext_found && !asn_ext_found)
- return pr_val_err("Certificate lacks both IP and AS extension.");
+ return pr_err("Certificate lacks both IP and AS extension.");
return 0;
}
"8360", "6484");
}
- pr_crit("Unknown policy: %u", cert->policy);
+ pr_panic("Unknown policy: %u", cert->policy);
return EINVAL;
}
pr_clutter("rpkiManifest: %s", rm);
if (!uri_is_rsync(uri)) {
- pr_val_debug("Ignoring non-rsync rpkiManifest '%s'.", rm);
+ pr_trc("Ignoring non-rsync rpkiManifest '%s'.", rm);
return ENOTSUP;
}
if (uri_str(&uris->rpkiManifest) != NULL) {
- pr_val_warn("Ignoring additional rpkiManifest: %s", rm);
+ pr_wrn("Ignoring additional rpkiManifest: %s", rm);
return 0;
}
pr_clutter("caRepository: %s", cr);
if (!uri_is_rsync(uri)) {
- pr_val_debug("Ignoring non-rsync caRepository '%s'.", cr);
+ pr_trc("Ignoring non-rsync caRepository '%s'.", cr);
return ENOTSUP;
}
if (uri_str(&uris->caRepository) != NULL) {
- pr_val_warn("Ignoring additional caRepository: %s", cr);
+ pr_wrn("Ignoring additional caRepository: %s", cr);
return 0;
}
pr_clutter("rpkiNotify: %s", rn);
if (!uri_is_https(uri)) {
- pr_val_debug("Ignoring non-https rpkiNotify '%s'.", rn);
+ pr_trc("Ignoring non-https rpkiNotify '%s'.", rn);
return ENOTSUP;
}
if (uri_str(&uris->rpkiNotify) != NULL) {
- pr_val_warn("Ignoring additional rpkiNotify: %s", rn);
+ pr_wrn("Ignoring additional rpkiNotify: %s", rn);
return 0;
}
pr_clutter("signedObject: %s", so);
if (!uri_is_rsync(uri)) {
- pr_val_debug("Ignoring non-rsync signedObject '%s'.", so);
+ pr_trc("Ignoring non-rsync signedObject '%s'.", so);
return ENOTSUP;
}
if (uri_str(&sias->signedObject) != NULL) {
- pr_val_warn("Ignoring additional signedObject: %s", so);
+ pr_wrn("Ignoring additional signedObject: %s", so);
return 0;
}
return (bc->pathlen == NULL)
? 0
- : pr_val_err("%s extension contains a Path Length Constraint.",
+ : pr_err("%s extension contains a Path Length Constraint.",
ext_bc()->name);
}
sid = args->sid;
if (ski->length != sid->size
|| memcmp(ski->data, sid->buf, sid->size) != 0) {
- return pr_val_err("The EE certificate's subjectKeyIdentifier does not equal the Signed Object's sid.");
+ return pr_err("The EE certificate's subjectKeyIdentifier does not equal the Signed Object's sid.");
}
return 0;
int error;
if (aki->keyid == NULL) {
- return pr_val_err("The '%s' extension lacks a keyIdentifier.",
+ return pr_err("The '%s' extension lacks a keyIdentifier.",
ext_aki()->name);
}
ski = X509_get_ext_d2i(arg, NID_subject_key_identifier, NULL, NULL);
if (ski == NULL) {
- pr_val_err("Certificate lacks the '%s' extension.",
+ pr_err("Certificate lacks the '%s' extension.",
ext_ski()->name);
return ESRCH;
}
error = (ASN1_OCTET_STRING_cmp(aki->keyid, ski) != 0)
- ? pr_val_err("The '%s' does not equal the '%s'.",
+ ? pr_err("The '%s' does not equal the '%s'.",
ext_aki()->name, ext_ski()->name)
: 0;
unsigned char data[2];
if (ku->length != 2 && ku->length != 1) {
- return pr_val_err("Bogus %s length: %d",
+ return pr_err("Bogus %s length: %d",
ext_ku()->name, ku->length);
}
memcpy(data, ku->data, ku->length);
if (data[0] != byte1 || data[1] != 0) {
- return pr_val_err("Illegal key usage flag string: %d%d%d%d%d%d%d%d%d",
+ return pr_err("Illegal key usage flag string: %d%d%d%d%d%d%d%d%d",
!!(data[0] & 0x80u), !!(data[0] & 0x40u),
!!(data[0] & 0x20u), !!(data[0] & 0x10u),
!!(data[0] & 0x08u), !!(data[0] & 0x04u),
asn1str = GENERAL_NAME_get0_value(ad, &ptype);
if (ptype != GEN_URI) {
- pr_val_debug("Ignoring unknown GENERAL_NAME type: %d", ptype);
+ pr_trc("Ignoring unknown GENERAL_NAME type: %d", ptype);
return ENOTSUP;
}
errmsg = uri_init(uri, str);
if (errmsg)
- pr_val_warn("Cannot parse GENERAL_NAME '%s' as a URI: %s",
+ pr_wrn("Cannot parse GENERAL_NAME '%s' as a URI: %s",
str, errmsg);
free(str);
char const *error_msg;
if (sk_DIST_POINT_num(crldp) != 1) {
- return pr_val_err("The %s extension has %d distribution points. (1 expected)",
+ return pr_err("The %s extension has %d distribution points. (1 expected)",
ext_cdp()->name, sk_DIST_POINT_num(crldp));
}
error_msg = "lacks an RSYNC URI";
dist_point_error:
- return pr_val_err("The %s extension's distribution point %s.",
+ return pr_err("The %s extension's distribution point %s.",
ext_cdp()->name, error_msg);
}
if (found) {
uri_cleanup(&uri);
- return pr_val_err("Extension '%s' has multiple '%s' %s URIs.",
+ return pr_err("Extension '%s' has multiple '%s' %s URIs.",
meta->ia_name, meta->name, meta->type);
}
}
if (meta->required && !found) {
- pr_val_err("Extension '%s' lacks a '%s' valid %s URI.",
+ pr_err("Extension '%s' lacks a '%s' valid %s URI.",
meta->ia_name, meta->name, meta->type);
return ESRCH;
}
struct extension_uris *sias = arg;
if (!uri_is_rsync(uri)) {
- pr_val_debug("Ignoring non-rsync caIssuers '%s'.", uri_str(uri));
+ pr_trc("Ignoring non-rsync caIssuers '%s'.", uri_str(uri));
return ENOTSUP;
}
int nid_cp, nid_qt_cps, pqi_num;
if (sk_POLICYINFO_num(cp) != 1) {
- return pr_val_err("The %s extension has %d policy information's. (1 expected)",
+ return pr_err("The %s extension has %d policy information's. (1 expected)",
ext_cp()->name, sk_POLICYINFO_num(cp));
}
if (policy != NULL)
*policy = RPKI_POLICY_RFC6484;
} else if (nid_cp == nid_certPolicyRpkiV2()) {
- pr_val_debug("Found RFC8360 policy!");
+ pr_trc("Found RFC8360 policy!");
if (policy != NULL)
*policy = RPKI_POLICY_RFC8360;
} else {
- return pr_val_err("Invalid certificate policy OID, isn't 'id-cp-ipAddr-asNumber' nor 'id-cp-ipAddr-asNumber-v2'");
+ return pr_err("Invalid certificate policy OID, isn't 'id-cp-ipAddr-asNumber' nor 'id-cp-ipAddr-asNumber-v2'");
}
/* Exactly one policy qualifier MAY be included (so none is also valid) */
if (pqi_num == 0)
return 0;
if (pqi_num != 1) {
- return pr_val_err("The %s extension has %d policy qualifiers. (none or only 1 expected)",
+ return pr_err("The %s extension has %d policy qualifiers. (none or only 1 expected)",
ext_cp()->name, pqi_num);
}
pqi = sk_POLICYQUALINFO_value(pi->qualifiers, 0);
nid_qt_cps = OBJ_obj2nid(pqi->pqualid);
if (nid_qt_cps != NID_id_qt_cps)
- return pr_val_err("Policy qualifier ID isn't Certification Practice Statement (CPS)");
+ return pr_err("Policy qualifier ID isn't Certification Practice Statement (CPS)");
return 0;
}
validate_aia(struct rpki_certificate *cert)
{
if (!uri_equals(&cert->parent->map.url, &cert->uris.caIssuers))
- return pr_val_err("Certificate's caIssuers (%s) does not match parent certificate's URL (%s).",
+ return pr_err("Certificate's caIssuers (%s) does not match parent certificate's URL (%s).",
uri_str(&cert->parent->map.url),
uri_str(&cert->uris.caIssuers));
struct uri *crl_url = &cer->parent->rpp.crl.map->url;
if (uri_str(&cer->uris.crldp) == NULL)
- pr_crit("Certificate's CRL Distribution Point was not recorded.");
+ pr_panic("Certificate's CRL Distribution Point was not recorded.");
if (uri_str(crl_url) == NULL)
- pr_crit("Manifest's CRL was not recorded.");
+ pr_panic("Manifest's CRL was not recorded.");
if (!uri_equals(&cer->uris.crldp, crl_url)) {
- return pr_val_err("Certificate's CRL Distribution Point ('%s') does not match manifest's CRL ('%s').",
+ return pr_err("Certificate's CRL Distribution Point ('%s') does not match manifest's CRL ('%s').",
uri_str(&cer->uris.crldp), uri_str(crl_url));
}
* part is already handled in convert_resources().
*/
if (cert->type == CERTYPE_TA && resources_empty(cert->resources))
- return pr_val_err("Trust Anchor certificate does not define any number resources.");
+ return pr_err("Trust Anchor certificate does not define any number resources.");
return 0;
}
int error;
if (chain_length(cert) >= config_get_max_cert_depth())
- return pr_val_err("Certificate chain maximum depth exceeded.");
+ return pr_err("Certificate chain maximum depth exceeded.");
fnstack_push_map(&cert->map);
// validation_certstack(state)), rpp_parent);
goto end;
default:
- pr_val_debug("Type: Unknown. Ignoring...");
+ pr_trc("Type: Unknown. Ignoring...");
goto end;
}
if (vv == VV_BUSY)
return VV_BUSY;
if (vv == VV_FAIL) {
- pr_val_err("caRepository '%s' could not be refreshed, "
+ pr_err("caRepository '%s' could not be refreshed, "
"and there is no fallback in the cache. "
"I'm going to have to skip it.",
uri_str(&ca->uris.caRepository));
if (!mft.path) {
if (cage_downgrade(cage))
goto retry;
- pr_val_err("caRepository '%s' is missing a manifest.",
+ pr_err("caRepository '%s' is missing a manifest.",
uri_str(&ca->uris.caRepository));
vv = VV_FAIL;
goto end;
validate_signedObject(struct extension_uris const *exts, struct uri const *url)
{
if (uri_str(&exts->signedObject) == NULL)
- pr_crit("Certificate's signedObject was not recorded.");
+ pr_panic("Certificate's signedObject was not recorded.");
if (!uri_equals(&exts->signedObject, url))
- return pr_val_err("Certificate's signedObject ('%s') does not match the URI of its own signed object (%s).",
+ return pr_err("Certificate's signedObject ('%s') does not match the URI of its own signed object (%s).",
uri_str(&exts->signedObject), uri_str(url));
return 0;
bio = BIO_new(BIO_s_file());
if (bio == NULL)
- return val_crypto_err("BIO_new(BIO_s_file()) returned NULL");
+ return pr_crypto_err("BIO_new(BIO_s_file()) returned NULL");
if (BIO_read_filename(bio, path) <= 0) {
- error = val_crypto_err("Error reading CRL");
+ error = pr_crypto_err("Error reading CRL");
goto end;
}
crl = d2i_X509_CRL_bio(bio, NULL);
if (crl == NULL) {
- error = val_crypto_err("Error parsing CRL");
+ error = pr_crypto_err("Error parsing CRL");
goto end;
}
serial_bn = ASN1_INTEGER_to_BN(serial_int, NULL);
if (serial_bn == NULL) {
- val_crypto_err("Could not parse revoked serial number");
+ pr_crypto_err("Could not parse revoked serial number");
return;
}
serial_str = BN_bn2dec(serial_bn);
if (serial_str == NULL) {
- val_crypto_err("Could not convert BN to string");
+ pr_crypto_err("Could not convert BN to string");
goto end;
}
serial_int = X509_REVOKED_get0_serialNumber(revoked);
if (serial_int == NULL) {
- return pr_val_err("CRL's revoked entry #%d lacks a serial number.",
+ return pr_err("CRL's revoked entry #%d lacks a serial number.",
i + 1);
}
pr_clutter_revoked(serial_int);
if (X509_REVOKED_get0_revocationDate(revoked) == NULL) {
- return pr_val_err("CRL's revoked entry #%d lacks a revocation date.",
+ return pr_err("CRL's revoked entry #%d lacks a revocation date.",
i + 1);
}
if (X509_REVOKED_get0_extensions(revoked) != NULL) {
- return pr_val_err("CRL's revoked entry #%d has extensions.",
+ return pr_err("CRL's revoked entry #%d has extensions.",
i + 1);
}
}
version = X509_CRL_get_version(crl);
if (version != 1)
- return pr_val_err("CRL version (%ld) is not v2 (%d).", version, 1);
+ return pr_err("CRL version (%ld) is not v2 (%d).", version, 1);
error = validate_certificate_signature_algorithm(
X509_CRL_get_signature_nid(crl), "CRL");
error = asn_GT2time(this, &thisUpdate);
if (error)
- return pr_val_err("Manifest's thisUpdate date is unparseable.");
+ return pr_err("Manifest's thisUpdate date is unparseable.");
error = asn_GT2time(next, &nextUpdate);
if (error)
- return pr_val_err("Manifest's nextUpdate date is unparseable.");
+ return pr_err("Manifest's nextUpdate date is unparseable.");
if (tm_cmp(&thisUpdate, &nextUpdate) > 0) {
- return pr_val_err(
+ return pr_err(
"Manifest's thisUpdate (" TM_FMT ") > nextUpdate ("
TM_FMT ").",
TM_ARGS(thisUpdate),
now_tt = time_fatal();
if (gmtime_r(&now_tt, &now) == NULL)
- return pr_val_err("gmtime_r(now) error: %s", strerror(errno));
+ return pr_err("gmtime_r(now) error: %s", strerror(errno));
if (tm_cmp(&now, &thisUpdate) < 0) {
- return pr_val_err(
+ return pr_err(
"Manifest is not valid yet. (thisUpdate: " TM_FMT ")",
TM_ARGS(thisUpdate));
}
if (tm_cmp(&now, &nextUpdate) > 0) {
- return pr_val_err("Manifest is stale. (nextUpdate: " TM_FMT ")",
+ return pr_err("Manifest is stale. (nextUpdate: " TM_FMT ")",
TM_ARGS(nextUpdate));
}
meta->update = timegm(&thisUpdate);
if (meta->update == (time_t)-1)
- return pr_val_err("Cannot convert '" TM_FMT "' to time_t: %s",
+ return pr_err("Cannot convert '" TM_FMT "' to time_t: %s",
TM_ARGS(thisUpdate), strerror(errno));
return 0;
return 0;
if (prev->num.size && INTEGER_cmp(&prev->num, ¤t->num) > 0)
- return pr_val_err("The fallback manifest has a higher manifestNumber than the downloaded one.");
+ return pr_err("The fallback manifest has a higher manifestNumber than the downloaded one.");
if (prev->update && difftime(prev->update, current->update) > 0)
- return pr_val_err("The fallback manifest is newer than the downloaded one.");
+ return pr_err("The fallback manifest is newer than the downloaded one.");
return 0;
}
error = asn_INTEGER2ulong(mft->version, &version);
if (error) {
if (errno) {
- pr_val_err("Error casting manifest version: %s",
+ pr_err("Error casting manifest version: %s",
strerror(errno));
}
- return pr_val_err("The manifest version isn't a valid unsigned long");
+ return pr_err("The manifest version isn't a valid unsigned long");
}
if (version != 0)
return EINVAL;
* 20 octets."
*/
if (mft->manifestNumber.size > 20)
- return pr_val_err("Manifest number is larger than 20 octets");
+ return pr_err("Manifest number is larger than 20 octets");
INTEGER_move(&meta->num, &mft->manifestNumber);
/* rfc6486#section-4.4.3 */
size_t i;
if (ia5->size < 5)
- return pr_val_err("File name is too short (%zu < 5).", ia5->size);
+ return pr_err("File name is too short (%zu < 5).", ia5->size);
dot = ia5->size - 4;
if (ia5->buf[dot] != '.')
- return pr_val_err("File name is missing three-letter extension.");
+ return pr_err("File name is missing three-letter extension.");
for (i = 0; i < ia5->size; i++)
if (i != dot && !is_valid_mft_file_chara(ia5->buf[i]))
- return pr_val_err("File name contains illegal character #%u",
+ return pr_err("File name contains illegal character #%u",
ia5->buf[i]);
return 0;
check_file_and_hash(struct FileAndHash *fah, char const *path)
{
if (fah->hash.bits_unused != 0)
- return pr_val_err("Hash string has unused bits.");
+ return pr_err("Hash string has unused bits.");
/* Includes file exists validation, obv. */
return hash_validate_file(hash_get_sha256(), path,
int error;
if (mft->fileList.list.count == 0)
- return pr_val_err("Manifest's file list is empty.");
+ return pr_err("Manifest's file list is empty.");
rpp = &parent->rpp;
error = uri_parent(&map->url, &rpp_url);
dst->path = cage_map_file(cage, &dst->url);
if (!dst->path) {
- error = pr_val_err(
+ error = pr_err(
"Manifest file '%s' is absent from the cache.",
uri_str(&dst->url));
goto revert;
for (f = 0; f < rpp->nfiles; f++)
if (uri_has_extension(&rpp->files[f].url, ".crl")) {
if (rpp->crl.map != NULL)
- return pr_val_err("Manifest has more than one CRL.");
+ return pr_err("Manifest has more than one CRL.");
rpp->crl.map = &rpp->files[f];
}
/* rfc6486#section-7 */
if (rpp->crl.map == NULL)
- return pr_val_err("Manifest lacks a CRL.");
+ return pr_err("Manifest lacks a CRL.");
return crl_load(rpp->crl.map, parent->x509, &rpp->crl.obj);
}
error = asn_INTEGER2ulong(roa_addr->maxLength, &maxlen);
if (error) {
if (errno) {
- pr_val_err("Error casting ROA's IPv4 maxLength: %s",
+ pr_err("Error casting ROA's IPv4 maxLength: %s",
strerror(errno));
}
- return pr_val_err("The ROA's IPv4 maxLength isn't a valid unsigned long");
+ return pr_err("The ROA's IPv4 maxLength isn't a valid unsigned long");
}
pr_clutter("maxLength: %lu", maxlen);
if (maxlen > 32) {
- return pr_val_err("maxLength (%lu) is out of bounds (0-32).",
+ return pr_err("maxLength (%lu) is out of bounds (0-32).",
maxlen);
}
if (pfx.len > maxlen) {
- return pr_val_err("Prefix length (%u) > maxLength (%lu)",
+ return pr_err("Prefix length (%u) > maxLength (%lu)",
pfx.len, maxlen);
}
}
if (!resources_contains_ipv4(parent, &pfx)) {
- return pr_val_err("ROA is not allowed to advertise %s/%u.",
+ return pr_err("ROA is not allowed to advertise %s/%u.",
addr2str4(&pfx.addr, buf), pfx.len);
}
error = asn_INTEGER2ulong(roa_addr->maxLength, &maxlen);
if (error) {
if (errno) {
- pr_val_err("Error casting ROA's IPv6 maxLength: %s",
+ pr_err("Error casting ROA's IPv6 maxLength: %s",
strerror(errno));
}
- return pr_val_err("The ROA's IPv6 maxLength isn't a valid unsigned long");
+ return pr_err("The ROA's IPv6 maxLength isn't a valid unsigned long");
}
pr_clutter("maxLength: %lu", maxlen);
if (maxlen > 128) {
- return pr_val_err("maxLength (%lu) is out of bounds (0-128).",
+ return pr_err("maxLength (%lu) is out of bounds (0-128).",
maxlen);
}
if (pfx.len > maxlen) {
- return pr_val_err("Prefix length (%u) > maxLength (%lu)",
+ return pr_err("Prefix length (%u) > maxLength (%lu)",
pfx.len, maxlen);
}
}
if (!resources_contains_ipv6(parent, &pfx)) {
- return pr_val_err("ROA is not allowed to advertise %s/%u.",
+ return pr_err("ROA is not allowed to advertise %s/%u.",
addr2str6(&pfx.addr, buf), pfx.len);
}
return ____handle_roa_v6(parent, asn, roa_addr);
}
- return pr_val_err("Unknown family value: %u", family);
+ return pr_err("Unknown family value: %u", family);
}
static int
error = asn_INTEGER2ulong(roa->version, &version);
if (error) {
if (errno) {
- pr_val_err("Error casting ROA's version: %s",
+ pr_err("Error casting ROA's version: %s",
strerror(errno));
}
- return pr_val_err("The ROA's version isn't a valid long");
+ return pr_err("The ROA's version isn't a valid long");
}
/* rfc6482#section-3.1 */
if (version != 0) {
- return pr_val_err("ROA's version (%lu) is nonzero.",
+ return pr_err("ROA's version (%lu) is nonzero.",
version);
}
}
/* rfc6482#section-3.2 */
if (asn_INTEGER2ulong(&roa->asId, &asn) != 0) {
if (errno) {
- pr_val_err("Error casting ROA's AS ID value: %s",
+ pr_err("Error casting ROA's AS ID value: %s",
strerror(errno));
}
- return pr_val_err("ROA's AS ID couldn't be parsed as unsigned long");
+ return pr_err("ROA's AS ID couldn't be parsed as unsigned long");
}
if (asn > UINT32_MAX)
- return pr_val_err("AS value (%lu) is out of range.", asn);
+ return pr_err("AS value (%lu) is out of range.", asn);
/* rfc6482#section-3.3 */
if (roa->ipAddrBlocks.list.array == NULL)
- return pr_val_err("ipAddrBlocks array is NULL.");
+ return pr_err("ipAddrBlocks array is NULL.");
for (b = 0; b < roa->ipAddrBlocks.list.count; b++) {
block = roa->ipAddrBlocks.list.array[b];
if (block == NULL)
- return pr_val_err("Address block array element is NULL.");
+ return pr_err("Address block array element is NULL.");
if (block->addressFamily.size != 2)
goto family_error;
goto family_error;
if (block->addresses.list.array == NULL)
- return pr_val_err("ROA's address list array is NULL.");
+ return pr_err("ROA's address list array is NULL.");
for (a = 0; a < block->addresses.list.count; a++) {
error = ____handle_roa(parent, asn,
return 0;
family_error:
- return pr_val_err("ROA's IP family is not v4 or v6.");
+ return pr_err("ROA's IP family is not v4 or v6.");
}
int
equals = arcs_equal(&arcs, oid);
free_arcs(&arcs);
if (!equals) {
- return pr_val_err("The OID of the SignedObject's encapContentInfo is not '%s'.",
+ return pr_err("The OID of the SignedObject's encapContentInfo is not '%s'.",
oid->name);
}
equals = arcs_equal(&arcs, oid);
free_arcs(&arcs);
if (!equals) {
- return pr_val_err("The OID of the SignedObject's content type attribute is not '%s'.",
+ return pr_err("The OID of the SignedObject's content type attribute is not '%s'.",
oid->name);
}
else
uri_cleanup(&url);
} else {
- pr_op_debug("Ignoring URI '%s': %s", fc, error);
+ pr_trc("Ignoring URI '%s': %s", fc, error);
}
fc = nl + cr + 1;
if (*fc == '\0')
- return pr_op_err("The TAL seems to be missing the public key.");
+ return pr_err("The TAL seems to be missing the public key.");
} while (true);
if (tal->urls.len == 0)
- return pr_op_err("There seems to be an empty/blank line before the end of the URI section.");
+ return pr_err("There seems to be an empty/blank line before the end of the URI section.");
/* subjectPublicKeyInfo section */
if (!base64_decode(nl + cr + 1, 0, &tal->spki, &tal->spki_len))
- return pr_op_err("Cannot decode the public key.");
+ return pr_err("Cannot decode the public key.");
return 0;
/* This label requires fc to make sense */
premature:
- return pr_op_err("The TAL seems to end prematurely at line '%s'.", fc);
+ return pr_err("The TAL seems to end prematurely at line '%s'.", fc);
}
/* @file_path is expected to outlive @tal. */
queue_tal(char const *tal_path, void *arg)
{
if (task_enqueue_tal(tal_path) < 1) {
- pr_op_err("Could not enqueue task '%s'; abandoning validation.",
+ pr_err("Could not enqueue task '%s'; abandoning validation.",
tal_path);
return EINVAL;
}
if (vv != VV_FAIL)
goto end2;
- pr_op_err("None of the TAL URIs yielded a successful traversal.");
+ pr_err("None of the TAL URIs yielded a successful traversal.");
vv = VV_FAIL;
end2: tal_cleanup(&tal);
for (t = 0; t < 5; t++) {
error = pthread_create(&threads[t], NULL, pick_up_work, NULL);
if (error)
- pr_crit("pthread_create(%zu) failed: %s",
+ pr_panic("pthread_create(%zu) failed: %s",
t, strerror(error));
}
for (t = 0; t < 5; t++) {
error = pthread_join(threads[t], NULL);
if (error)
- pr_crit("pthread_join(%zu) failed: %s",
+ pr_panic("pthread_join(%zu) failed: %s",
t, strerror(error));
}
next1 = next_chara(string, pos);
if (next1 == NULL) {
- pr_val_err("vCard's final newline is incomplete ('\\r').");
+ pr_err("vCard's final newline is incomplete ('\\r').");
return SA_ERROR;
}
if (*next1 != '\n')
size_t string_pos;
if (string8->size == line->octet_string_offset)
- return pr_val_err("vCard ends prematurely. (Expected an END line)");
+ return pr_err("vCard ends prematurely. (Expected an END line)");
string.val = string8->buf + line->octet_string_offset;
string.len = string8->size - line->octet_string_offset;
}
}
- return pr_val_err("vCard line does not end with a \\r\\n-style newline.");
+ return pr_err("vCard line does not end with a \\r\\n-style newline.");
}
static int
return 0;
fail:
- return pr_val_err("Expected vCard property '%s', got '%s'.",
+ return pr_err("Expected vCard property '%s', got '%s'.",
expected, line->str.val);
}
break;
} else {
- return pr_val_err("Unexpected vCard line: '%s'",
+ return pr_err("Unexpected vCard line: '%s'",
line->str.val);
}
if (error)
return error;
if (vcard->size != line->octet_string_offset)
- return pr_val_err("vCard has content after the END tag.");
+ return pr_err("vCard has content after the END tag.");
if (!fn_found)
- return pr_val_err("vCard lacks the 'FN' property.");
+ return pr_err("vCard lacks the 'FN' property.");
if (!useful_found)
- return pr_val_err("vCard lacks the 'ORG', 'ADR', 'TEL' and/or 'EMAIL' properties.");
+ return pr_err("vCard lacks the 'ORG', 'ADR', 'TEL' and/or 'EMAIL' properties.");
return 0;
}
err1 = atexit(output_atexit);
if (err1) {
err2 = errno;
- pr_op_err("Cannot register output's exit function.");
- pr_op_err("Error message attempt 1: %s", strerror(err1));
- pr_op_err("Error message attempt 2: %s", strerror(err2));
+ pr_err("Cannot register output's exit function.");
+ pr_err("Error message attempt 1: %s", strerror(err1));
+ pr_err("Error message attempt 2: %s", strerror(err2));
return err1;
}
char addr_buf[INET6_ADDRSTRLEN];
if (vrp->addr_fam != AF_INET && vrp->addr_fam != AF_INET6)
- pr_crit("Unknown family type");
+ pr_panic("Unknown family type");
fprintf(arg, "AS%u,%s/%u,%u\n", vrp->asn,
inet_ntop(vrp->addr_fam, &vrp->prefix, addr_buf, INET6_ADDRSTRLEN),
fprintf(out, ",");
if (vrp->addr_fam != AF_INET && vrp->addr_fam != AF_INET6)
- pr_crit("Unknown family type");
+ pr_panic("Unknown family type");
fprintf(out,
"\n { \"asn\": \"AS%u\", \"prefix\": \"%s/%u\", \"maxLength\": %u }",
char *buf1, *buf2;
if (!base64url_encode(key->ski, RK_SKI_LEN, &buf1)) {
- op_crypto_err("Cannot encode SKI.");
+ pr_crypto_err("Cannot encode SKI.");
return 0; /* Skip it, I guess */
}
if (!base64url_encode(key->spk, RK_SPKI_LEN, &buf2)) {
- op_crypto_err("Cannot encode SPK.");
+ pr_crypto_err("Cannot encode SPK.");
free(buf1);
return 0; /* Skip it, I guess */
}
char *buf1, *buf2;
if (!base64url_encode(key->ski, RK_SKI_LEN, &buf1)) {
- op_crypto_err("Cannot encode SKI.");
+ pr_crypto_err("Cannot encode SKI.");
return 0; /* Skip it, I guess */
}
if (!base64url_encode(key->spk, RK_SPKI_LEN, &buf2)) {
- op_crypto_err("Cannot encode SPK.");
+ pr_crypto_err("Cannot encode SPK.");
free(buf1);
return 0; /* Skip it, I guess */
}
}
if (error)
- pr_op_err("Error printing ROAs: %s", strerror(error));
+ pr_err("Error printing ROAs: %s", strerror(error));
if (out != stdout) {
file_close(out);
if (!error && rename(".roa", config_get_output_roa()) < 0)
- pr_op_err("Cannot move '.roa' to '%s': %s",
+ pr_err("Cannot move '.roa' to '%s': %s",
config_get_output_roa(), strerror(errno));
}
}
}
if (error)
- pr_op_err("Error printing Router Keys: %s", strerror(error));
+ pr_err("Error printing Router Keys: %s", strerror(error));
if (out != stdout) {
file_close(out);
if (!error && rename(".rk", config_get_output_bgpsec()) < 0)
- pr_op_err("Cannot move '.rk' to '%s': %s",
+ pr_err("Cannot move '.rk' to '%s': %s",
config_get_output_bgpsec(), strerror(errno));
}
}
errmsg = uri_init(&url, src);
if (errmsg) {
- pr_op_err("Invalid URI: %s", errmsg);
+ pr_err("Invalid URI: %s", errmsg);
return NULL;
}
uri_cleanup(&url);
if (error) {
- pr_op_err("rsync download failed: %s", strerror(error));
+ pr_err("rsync download failed: %s", strerror(error));
return NULL;
}
strcpy(buf, TMPDIR);
tmpdir = mkdtemp(buf);
if (tmpdir == NULL) {
- pr_op_err("Unable to create " TMPDIR ": %s", strerror(errno));
+ pr_err("Unable to create " TMPDIR ": %s", strerror(errno));
return NULL;
}
static BIO *
rsync2bio_cache(char const *src)
{
- pr_op_err("Disabled for now."); // XXX
+ pr_err("Disabled for now."); // XXX
return NULL;
// char *dst;
//
// dst = url2path(src);
// if (!dst) {
-// pr_op_err("Unparseable rsync URI.");
+// pr_err("Unparseable rsync URI.");
// return NULL;
// }
//
res = BIO_read(*bio, hdrbuf, HDRSIZE);
if (res <= 0) {
- op_crypto_err("Cannot guess file type; IO error.");
+ pr_crypto_err("Cannot guess file type; IO error.");
return FT_UNK;
}
*bio = BIO_new_seq(BIO_new_mem_buf(hdrbuf, res), *bio);
if ((*bio) == NULL) {
- op_crypto_err("BIO_new_seq() returned NULL.");
+ pr_crypto_err("BIO_new_seq() returned NULL.");
return FT_UNK;
}
if (hdrbuf[0] != 0x30) {
- pr_op_debug("File doesn't start with a SEQUENCE.");
+ pr_trc("File doesn't start with a SEQUENCE.");
return FT_UNK;
}
ptr = skip_sequence(hdrbuf, hdrbuf + 1);
if (ptr == NULL) {
- pr_op_debug("Cannot skip first sequence length.");
+ pr_trc("Cannot skip first sequence length.");
return FT_UNK;
}
if (*ptr == 0x06) {
- pr_op_debug("SEQ containing OID.");
+ pr_trc("SEQ containing OID.");
return FT_ROA; /* Same parser for mfts and gbrs */
}
if (*ptr != 0x30) {
- pr_op_debug("SEQ containing unexpected: 0x%x", *ptr);
+ pr_trc("SEQ containing unexpected: 0x%x", *ptr);
return FT_UNK;
}
ptr = skip_sequence(hdrbuf, ptr + 1);
if (ptr == NULL) {
- pr_op_debug("Cannot skip second sequence length.");
+ pr_trc("Cannot skip second sequence length.");
return FT_UNK;
}
ptr = skip_integer(hdrbuf, ptr + 1);
if (ptr == NULL) {
- pr_op_debug("Cannot skip version number.");
+ pr_trc("Cannot skip version number.");
return FT_UNK;
}
if (*ptr == 0x02) {
- pr_op_debug("SEQ containing SEQ containing (INT, INT).");
+ pr_trc("SEQ containing SEQ containing (INT, INT).");
return FT_CER;
}
if (*ptr == 0x30) {
- pr_op_debug("SEQ containing SEQ containing (INT, SEQ).");
+ pr_trc("SEQ containing SEQ containing (INT, SEQ).");
return FT_CRL;
}
- pr_op_debug("SEQ containing SEQ containing unexpected: 0x%x", *ptr);
+ pr_trc("SEQ containing SEQ containing unexpected: 0x%x", *ptr);
return FT_UNK;
}
do {
res1 = BIO_read(bio, buffer, BUFFER_SIZE);
if (res1 <= 0) {
- op_crypto_err("IO error.");
+ pr_crypto_err("IO error.");
goto fail;
}
res2 = ber_decode(&asn_DEF_ContentInfo, (void **)&ci,
buffer, res1);
- pr_op_debug("Consumed: %zu", res2.consumed);
+ pr_trc("Consumed: %zu", res2.consumed);
switch (res2.code) {
case RC_OK:
break;
case RC_FAIL:
- pr_op_err("Unsuccessful parse.");
+ pr_err("Unsuccessful parse.");
goto fail;
}
} while (true);
bio = filename2bio(config_get_payload());
if (bio == NULL)
- return pr_op_err("BIO_new_*() returned NULL.");
+ return pr_err("BIO_new_*() returned NULL.");
switch (guess_file_type(&bio, hdrbuf)) {
case FT_UNK:
BIO_free_all(bio);
- return pr_op_err("Unrecognized file type.");
+ return pr_err("Unrecognized file type.");
case FT_ROA:
case FT_MFT:
BIO_free_all(bio);
if (json == NULL)
- return pr_op_err("Unable to parse.");
+ return pr_err("Unable to parse.");
errno = 0;
if (json_dumpf(json, stdout, JSON_INDENT(4)) < 0) {
error = errno;
if (error)
- pr_op_err("Error writing JSON to file: %s", strerror(error));
+ pr_err("Error writing JSON to file: %s", strerror(error));
else
- pr_op_err("Unknown error writing JSON to file.");
+ pr_err("Unknown error writing JSON to file.");
} else {
error = 0;
ret = MHD_add_response_header(res, "Content-Type", ct);
if (ret != MHD_YES) {
- pr_op_debug("Could not set Content-Type HTTP header.");
+ pr_trc("Could not set Content-Type HTTP header.");
/* Keep going; maybe the client won't care. */
}
}
struct MHD_Response *res;
MHD_RESULT ret;
- pr_op_debug("Handling Prometheus request...");
+ pr_trc("Handling Prometheus request...");
stats = stats_export();
ret = MHD_queue_response(conn, MHD_HTTP_OK, res);
MHD_destroy_response(res);
- pr_op_debug("Prometheus request handled.");
+ pr_trc("Prometheus request handled.");
return ret;
}
if (config_get_mode() != SERVER || port == 0)
return 0;
- pr_op_debug("Starting Prometheus server...");
+ pr_trc("Starting Prometheus server...");
prometheus_daemon = MHD_start_daemon(
MHD_USE_THREAD_PER_CONNECTION, /* flags */
);
if (prometheus_daemon == NULL)
- return pr_op_err("Could not start Prometheus server; Unknown error");
+ return pr_err("Could not start Prometheus server; Unknown error");
- pr_op_debug("Prometheus server started.");
+ pr_trc("Prometheus server started.");
return 0;
}
va_start(args, msg); \
vsnprintf(log_msg, LOG_MSG_LEN, msg, args); \
va_end(args); \
- pr_val_##level("%s", log_msg);
+ pr_##level("%s", log_msg);
/*
* Log callbacks for libxml errors
static void
relax_ng_log_warn(void *ctx, const char *msg, ...)
{
- VLOG_MSG(warn)
+ VLOG_MSG(wrn)
}
/* Signature changed at libxml2 commit 61034116d0a3c8b295c6137956adc3ae55720. */
static void
relax_ng_log_str_err(void *userData, XMLERROR_PARAMTYPE error)
{
- pr_val_err("%s (at line %d)", error->message, error->line);
+ pr_err("%s (at line %d)", error->message, error->line);
}
/* Initialize global schema to parse RRDP files */
rngparser = xmlRelaxNGNewMemParserCtxt(RRDP_V1_RNG, strlen(RRDP_V1_RNG));
if (rngparser == NULL) {
- error = pr_op_err("XML parser init error: xmlRelaxNGNewMemParserCtxt() returned NULL");
+ error = pr_err("XML parser init error: xmlRelaxNGNewMemParserCtxt() returned NULL");
goto cleanup_parser;
}
schema = xmlRelaxNGParse(rngparser);
if (schema == NULL) {
- error = pr_op_err("XML parser init error: xmlRelaxNGParse() returned NULL");
+ error = pr_err("XML parser init error: xmlRelaxNGParse() returned NULL");
goto free_parser_ctx;
}
/* TODO (warning) This uses "XML_CHAR_ENCODING_NONE" */
reader = xmlNewTextReaderFilename(path);
if (reader == NULL)
- return pr_val_err("Unable to open %s (Cause unavailable).", path);
+ return pr_err("Unable to open %s (Cause unavailable).", path);
error = xmlTextReaderRelaxNGSetSchema(reader, schema);
if (error) {
- error = pr_val_err("Couldn't set Relax NG schema.");
+ error = pr_err("Couldn't set Relax NG schema.");
goto free_reader;
}
rngvalidctx = xmlRelaxNGNewValidCtxt(schema);
if (rngvalidctx == NULL) {
- error = pr_val_err("xmlRelaxNGNewValidCtxt() returned NULL");
+ error = pr_err("xmlRelaxNGNewValidCtxt() returned NULL");
goto free_reader;
}
error = xmlTextReaderRelaxNGValidateCtxt(reader, rngvalidctx, 0);
if (error) {
- error = pr_val_err("Invalid XML document");
+ error = pr_err("Invalid XML document");
goto free_valid_ctx;
}
while ((read = xmlTextReaderRead(reader)) == 1) {
if (xmlTextReaderIsValid(reader) <= 0) {
- error = pr_val_err("XML document isn't valid.");
+ error = pr_err("XML document isn't valid.");
goto free_valid_ctx;
}
}
if (read < 0) {
- error = pr_val_err("Error parsing XML document.");
+ error = pr_err("Error parsing XML document.");
goto free_valid_ctx;
}
if (xmlTextReaderIsValid(reader) <= 0) {
- error = pr_val_err("XML document isn't valid.");
+ error = pr_err("XML document isn't valid.");
goto free_valid_ctx;
}
get_addr_family(OCTET_STRING_t *octets)
{
if (octets->size != 2) {
- pr_val_err("Address family has %zu octets. (2 expected.)",
+ pr_err("Address family has %zu octets. (2 expected.)",
octets->size);
return -1;
}
}
unknown:
- pr_val_err("Address family has unknown value 0x%02x%02x.", octets->buf[0],
+ pr_err("Address family has unknown value 0x%02x%02x.", octets->buf[0],
octets->buf[1]);
return -1;
}
inherit_aors(struct resources *resources, struct resources *parent, int family)
{
if (parent == NULL)
- return pr_val_err("Root certificate is trying to inherit IP resources from a parent.");
+ return pr_err("Root certificate is trying to inherit IP resources from a parent.");
switch (family) {
case AF_INET:
if (resources->ip4s != NULL)
- return pr_val_err("Certificate inherits IPv4 resources while also defining others of its own.");
+ return pr_err("Certificate inherits IPv4 resources while also defining others of its own.");
resources->ip4s = parent->ip4s;
if (resources->ip4s != NULL)
res4_get(resources->ip4s);
case AF_INET6:
if (resources->ip6s != NULL)
- return pr_val_err("Certificate inherits IPv6 resources while also defining others of its own.");
+ return pr_err("Certificate inherits IPv6 resources while also defining others of its own.");
resources->ip6s = parent->ip6s;
if (resources->ip6s != NULL)
res6_get(resources->ip6s);
return 0;
}
- pr_crit("Unknown address family '%d'", family);
+ pr_panic("Unknown address family '%d'", family);
return EINVAL; /* Warning shutupper */
}
enum resource_cmp_result result;
if (parent && (resources->ip4s == parent->ip4s))
- return pr_val_err("Certificate defines IPv4 prefixes while also inheriting his parent's.");
+ return pr_err("Certificate defines IPv4 prefixes while also inheriting his parent's.");
error = prefix4_decode(addr, &prefix);
if (error)
if (parent && !res4_contains_prefix(parent->ip4s, &prefix)) {
switch (resources->policy) {
case RPKI_POLICY_RFC6484:
- return pr_val_err("Parent certificate doesn't own IPv4 prefix '%s/%u'.",
+ return pr_err("Parent certificate doesn't own IPv4 prefix '%s/%u'.",
addr2str4(&prefix.addr, buf), prefix.len);
case RPKI_POLICY_RFC8360:
- return pr_val_warn("Certificate is overclaiming the IPv4 prefix '%s/%u'.",
+ return pr_wrn("Certificate is overclaiming the IPv4 prefix '%s/%u'.",
addr2str4(&prefix.addr, buf), prefix.len);
}
}
result = res4_add_prefix(resources->ip4s, &prefix);
if (result != RCR_OK) {
- pr_val_err("Cannot add IPv4 prefix '%s/%u' to certificate resources: %s",
+ pr_err("Cannot add IPv4 prefix '%s/%u' to certificate resources: %s",
addr2str4(&prefix.addr, buf), prefix.len,
sarray_err2str(result));
return EINVAL;
enum resource_cmp_result result;
if (parent && (resources->ip6s == parent->ip6s))
- return pr_val_err("Certificate defines IPv6 prefixes while also inheriting his parent's.");
+ return pr_err("Certificate defines IPv6 prefixes while also inheriting his parent's.");
error = prefix6_decode(addr, &prefix);
if (error)
if (parent && !res6_contains_prefix(parent->ip6s, &prefix)) {
switch (resources->policy) {
case RPKI_POLICY_RFC6484:
- return pr_val_err("Parent certificate doesn't own IPv6 prefix '%s/%u'.",
+ return pr_err("Parent certificate doesn't own IPv6 prefix '%s/%u'.",
addr2str6(&prefix.addr, buf), prefix.len);
case RPKI_POLICY_RFC8360:
- return pr_val_warn("Certificate is overclaiming the IPv6 prefix '%s/%u'.",
+ return pr_wrn("Certificate is overclaiming the IPv6 prefix '%s/%u'.",
addr2str6(&prefix.addr, buf), prefix.len);
}
}
result = res6_add_prefix(resources->ip6s, &prefix);
if (result != RCR_OK) {
- pr_val_err("Cannot add IPv6 prefix '%s/%u' to certificate resources: %s",
+ pr_err("Cannot add IPv6 prefix '%s/%u' to certificate resources: %s",
addr2str6(&prefix.addr, buf), prefix.len,
sarray_err2str(result));
return EINVAL;
return add_prefix6(resources, parent, addr);
}
- pr_crit("Unknown address family '%d'", family);
+ pr_panic("Unknown address family '%d'", family);
return EINVAL; /* Warning shutupper */
}
enum resource_cmp_result result;
if (parent && (resources->ip4s == parent->ip4s))
- return pr_val_err("Certificate defines IPv4 ranges while also inheriting his parent's.");
+ return pr_err("Certificate defines IPv4 ranges while also inheriting his parent's.");
error = range4_decode(input, &range);
if (error)
if (parent && !res4_contains_range(parent->ip4s, &range)) {
switch (resources->policy) {
case RPKI_POLICY_RFC6484:
- return pr_val_err("Parent certificate doesn't own IPv4 range '%s-%s'.",
+ return pr_err("Parent certificate doesn't own IPv4 range '%s-%s'.",
addr2str4(&range.min, buf1),
addr2str4(&range.max, buf2));
case RPKI_POLICY_RFC8360:
- return pr_val_warn("Certificate is overclaiming the IPv4 range '%s-%s'.",
+ return pr_wrn("Certificate is overclaiming the IPv4 range '%s-%s'.",
addr2str4(&range.min, buf1),
addr2str4(&range.max, buf2));
}
result = res4_add_range(resources->ip4s, &range);
if (result != RCR_OK) {
- pr_val_err("Cannot add IPv4 range '%s-%s' to certificate resources: %s",
+ pr_err("Cannot add IPv4 range '%s-%s' to certificate resources: %s",
addr2str4(&range.min, buf1),
addr2str4(&range.max, buf2),
sarray_err2str(result));
enum resource_cmp_result result;
if (parent && (resources->ip6s == parent->ip6s))
- return pr_val_err("Certificate defines IPv6 ranges while also inheriting his parent's.");
+ return pr_err("Certificate defines IPv6 ranges while also inheriting his parent's.");
error = range6_decode(input, &range);
if (error)
if (parent && !res6_contains_range(parent->ip6s, &range)) {
switch (resources->policy) {
case RPKI_POLICY_RFC6484:
- return pr_val_err("Parent certificate doesn't own IPv6 range '%s-%s'.",
+ return pr_err("Parent certificate doesn't own IPv6 range '%s-%s'.",
addr2str6(&range.min, buf1),
addr2str6(&range.max, buf2));
case RPKI_POLICY_RFC8360:
- return pr_val_warn("Certificate is overclaiming the IPv6 range '%s-%s'.",
+ return pr_wrn("Certificate is overclaiming the IPv6 range '%s-%s'.",
addr2str6(&range.min, buf1),
addr2str6(&range.max, buf2));
}
result = res6_add_range(resources->ip6s, &range);
if (result != RCR_OK) {
- pr_val_err("Cannot add IPv6 range '%s-%s' to certificate resources: %s",
+ pr_err("Cannot add IPv6 range '%s-%s' to certificate resources: %s",
addr2str6(&range.min, buf1),
addr2str6(&range.max, buf2),
sarray_err2str(result));
return add_range6(resources, parent, range);
}
- pr_crit("Unknown address family '%d'", family);
+ pr_panic("Unknown address family '%d'", family);
return EINVAL; /* Warning shutupper */
}
int error;
if (resources->force_inherit)
- return pr_val_err("Certificate is only allowed to inherit resources, but defines its own IP addresses or ranges.");
+ return pr_err("Certificate is only allowed to inherit resources, but defines its own IP addresses or ranges.");
if (aors->list.count == 0)
- return pr_val_err("IP extension's set of IP address records is empty.");
+ return pr_err("IP extension's set of IP address records is empty.");
for (i = 0; i < aors->list.count; i++) {
aor = aors->list.array[i];
break;
case IPAddressOrRange_PR_NOTHING:
/* rfc3779#section-2.2.3.7 */
- return pr_val_err("Unknown IPAddressOrRange type: %u",
+ return pr_err("Unknown IPAddressOrRange type: %u",
aor->present);
}
}
}
/* rfc3779#section-2.2.3.4 */
- return pr_val_err("Unknown ipAddressChoice type: %u",
+ return pr_err("Unknown ipAddressChoice type: %u",
obj->ipAddressChoice.present);
}
inherit_asiors(struct resources *resources, struct resources *parent)
{
if (parent == NULL)
- return pr_val_err("Root certificate is trying to inherit AS resources from a parent.");
+ return pr_err("Root certificate is trying to inherit AS resources from a parent.");
if (resources->asns != NULL)
- return pr_val_err("Certificate inherits ASN resources while also defining others of its own.");
+ return pr_err("Certificate inherits ASN resources while also defining others of its own.");
resources->asns = parent->asns;
if (resources->asns != NULL)
error = asn_INTEGER2ulong(as_id, &ulong);
if (error) {
if (errno) {
- pr_val_err("Error converting ASN value: %s",
+ pr_err("Error converting ASN value: %s",
strerror(errno));
}
- return pr_val_err("ASN value is not a valid unsigned long");
+ return pr_err("ASN value is not a valid unsigned long");
}
if (ulong > ASN_MAX) {
- return pr_val_err("ASN value '%lu' is out of bounds. (0-%lu)",
+ return pr_err("ASN value '%lu' is out of bounds. (0-%lu)",
ulong, ASN_MAX);
}
enum resource_cmp_result result;
if (asns->min > asns->max) {
- return pr_val_err("The ASN range %u-%u is inverted.",
+ return pr_err("The ASN range %u-%u is inverted.",
asns->min, asns->max);
}
if (parent && !rasn_contains(parent->asns, asns)) {
switch (resources->policy) {
case RPKI_POLICY_RFC6484:
- return pr_val_err("Parent certificate doesn't own ASN range '%u-%u'.",
+ return pr_err("Parent certificate doesn't own ASN range '%u-%u'.",
asns->min, asns->max);
case RPKI_POLICY_RFC8360:
- return pr_val_warn("Certificate is overclaiming the ASN range '%u-%u'.",
+ return pr_wrn("Certificate is overclaiming the ASN range '%u-%u'.",
asns->min, asns->max);
}
}
result = rasn_add(resources->asns, asns);
if (result != RCR_OK) {
- pr_val_err("Cannot add ASN range '%u-%u' to certificate resources: %s",
+ pr_err("Cannot add ASN range '%u-%u' to certificate resources: %s",
asns->min, asns->max, sarray_err2str(result));
return EINVAL;
}
int error;
if (parent && (resources->asns == parent->asns))
- return pr_val_err("Certificate defines ASN resources while also inheriting his parent's.");
+ return pr_err("Certificate defines ASN resources while also inheriting his parent's.");
switch (obj->present) {
case ASIdOrRange_PR_NOTHING:
return add_asn(resources, &asns, parent);
}
- return pr_val_err("Unknown ASIdOrRange type: %u", obj->present);
+ return pr_err("Unknown ASIdOrRange type: %u", obj->present);
}
static int
int error;
if (resources->force_inherit)
- return pr_val_err("Certificate is only allowed to inherit resources, but defines its own AS numbers.");
+ return pr_err("Certificate is only allowed to inherit resources, but defines its own AS numbers.");
iors = &ids->asnum->choice.asIdsOrRanges;
if (iors->list.count == 0)
- return pr_val_err("AS extension's set of AS number records is empty.");
+ return pr_err("AS extension's set of AS number records is empty.");
for (i = 0; i < iors->list.count; i++) {
error = add_asior(resources, parent, iors->list.array[i]);
struct ASIdentifiers *ids, bool allow_inherit)
{
if (ids->asnum == NULL)
- return pr_val_err("ASN extension lacks 'asnum' element.");
+ return pr_err("ASN extension lacks 'asnum' element.");
if (ids->rdi != NULL)
- return pr_val_err("ASN extension has 'rdi' element. (Prohibited by RFC6487)");
+ return pr_err("ASN extension has 'rdi' element. (Prohibited by RFC6487)");
switch (ids->asnum->present) {
case ASIdentifierChoice_PR_inherit:
if (!allow_inherit)
- return pr_val_err("ASIdentifierChoice %u isn't allowed",
+ return pr_err("ASIdentifierChoice %u isn't allowed",
ids->asnum->present);
return inherit_asiors(resources, parent);
case ASIdentifierChoice_PR_asIdsOrRanges:
break;
}
- return pr_val_err("Unknown ASIdentifierChoice: %u", ids->asnum->present);
+ return pr_err("Unknown ASIdentifierChoice: %u", ids->asnum->present);
}
bool
str = xmlTextReaderGetAttribute(reader, BAD_CAST attr);
if (str == NULL)
- return pr_val_err("Couldn't find xml attribute '%s'", attr);
+ return pr_err("Couldn't find xml attribute '%s'", attr);
errno = 0;
*result = strtoul((char const *) str, NULL, 10);
error = errno;
xmlFree(str);
if (error) {
- pr_val_err("Invalid long value '%s': %s", str, strerror(error));
+ pr_err("Invalid long value '%s': %s", str, strerror(error));
return error;
}
if (attr == NULL) {
result = xmlTextReaderValue(reader);
if (result == NULL)
- pr_val_err("Tag '%s' seems to be empty.",
+ pr_err("Tag '%s' seems to be empty.",
xmlTextReaderConstLocalName(reader));
} else {
result = xmlTextReaderGetAttribute(reader, BAD_CAST attr);
if (result == NULL)
- pr_val_err("Tag '%s' is missing attribute '%s'.",
+ pr_err("Tag '%s' is missing attribute '%s'.",
xmlTextReaderConstLocalName(reader), attr);
}
xmlFree(xmlattr);
if (error)
- return pr_val_err("The '" RRDP_ATTR_HASH "' xml attribute does not appear to be a SHA-256 hash.");
+ return pr_err("The '" RRDP_ATTR_HASH "' xml attribute does not appear to be a SHA-256 hash.");
return 0;
}
return error;
if (version != expected)
- return pr_val_err("Invalid version, must be '%lu' and is '%lu'.",
+ return pr_err("Invalid version, must be '%lu' and is '%lu'.",
expected, version);
return 0;
if (BN_dec2bn(&serial->num, serial->str) == 0)
goto fail;
if (BN_is_negative(serial->num)) {
- pr_val_err("Serial '%s' is negative.", serial->str);
+ pr_err("Serial '%s' is negative.", serial->str);
goto fail;
}
*/
if (!xmlStrEqual(xmlTextReaderConstNamespaceUri(reader),
BAD_CAST RRDP_NAMESPACE))
- return pr_val_err("Namespace isn't '%s', current value is '%s'",
+ return pr_err("Namespace isn't '%s', current value is '%s'",
RRDP_NAMESPACE, xmlTextReaderConstNamespaceUri(reader));
error = validate_version(reader, 1);
return error;
if (strcmp(args->session->session_id, actual.session_id) != 0) {
- error = pr_val_err("File session id [%s] doesn't match notification's session id [%s]",
+ error = pr_err("File session id [%s] doesn't match notification's session id [%s]",
args->session->session_id, actual.session_id);
goto end;
}
if (BN_cmp(actual.serial.num, args->session->serial.num) != 0) {
- error = pr_val_err("File serial [%s] doesn't match notification's serial [%s]",
+ error = pr_err("File serial [%s] doesn't match notification's serial [%s]",
actual.serial.str, args->session->serial.str);
goto end;
}
errmsg = uri_init(&meta->uri, (char const *)xmlattr);
xmlFree(xmlattr);
if (errmsg)
- return pr_val_err("Cannot parse '%s' as a URI: %s",
+ return pr_err("Cannot parse '%s' as a URI: %s",
xmlattr, errmsg);
error = parse_hash(reader, &meta->hash, &meta->hash_len);
if (error)
return error;
if (xmlTextReaderRead(reader) != 1) {
- error = pr_val_err(
+ error = pr_err(
"Couldn't read publish content of element '%s'",
uri_str(&tag.meta.uri)
);
}
if (!base64_decode((char *)base64_str, 0, &tag.content, &tag.content_len)) {
xmlFree(base64_str);
- error = pr_val_err("Cannot decode publish tag's base64.");
+ error = pr_err("Cannot decode publish tag's base64.");
goto end;
}
xmlFree(base64_str);
if (file) {
if (tag.meta.hash == NULL) {
// XXX watch out for this in the log before release
- error = pr_val_err("RRDP desync: "
+ error = pr_err("RRDP desync: "
"<publish> is attempting to create '%s', "
"but the file is already cached.",
uri_str(&tag.meta.uri));
*/
if (remove(file->map.path) < 0) {
error = errno;
- pr_val_err("Cannot delete %s: %s",
+ pr_err("Cannot delete %s: %s",
file->map.path, strerror(error));
if (error != ENOENT)
goto end;
} else {
if (tag.meta.hash != NULL) {
// XXX watch out for this in the log before release
- error = pr_val_err("RRDP desync: "
+ error = pr_err("RRDP desync: "
"<publish> is attempting to overwrite '%s', "
"but the file is absent in the cache.",
uri_str(&tag.meta.uri));
if (!is_known_extension(&tag.meta.uri))
goto end; /* Mirror rsync filters */
if (!tag.meta.hash) {
- error = pr_val_err("Withdraw '%s' is missing a hash.",
+ error = pr_err("Withdraw '%s' is missing a hash.",
uri_str(&tag.meta.uri));
goto end;
}
file = state_find_file(args->state, &tag.meta.uri);
if (!file) {
- error = pr_val_err("Broken RRDP: "
+ error = pr_err("Broken RRDP: "
"<withdraw> is attempting to delete unknown file '%s'.",
uri_str(&tag.meta.uri));
goto end;
goto end;
if (remove(file->map.path) < 0) {
- pr_val_warn("Cannot delete %s: %s", file->map.path,
+ pr_wrn("Cannot delete %s: %s", file->map.path,
strerror(errno));
/* It's fine; keep going. */
}
return error;
if (!notif->snapshot.hash)
- return pr_val_err("Snapshot '%s' is missing a hash.",
+ return pr_err("Snapshot '%s' is missing a hash.",
uri_str(¬if->snapshot.uri));
if (!uri_same_origin(notif->url, ¬if->snapshot.uri))
- return pr_val_err("Notification '%s' and Snapshot '%s' are not hosted by the same origin.",
+ return pr_err("Notification '%s' and Snapshot '%s' are not hosted by the same origin.",
uri_str(notif->url), uri_str(¬if->snapshot.uri));
return 0;
goto srl;
if (!delta.meta.hash) {
- error = pr_val_err("Delta '%s' is missing a hash.",
+ error = pr_err("Delta '%s' is missing a hash.",
uri_str(&delta.meta.uri));
goto mta;
}
if (!uri_same_origin(notif->url, &delta.meta.uri)) {
- error = pr_val_err("Notification %s and Delta %s are not hosted by the same origin.",
+ error = pr_err("Notification %s and Delta %s are not hosted by the same origin.",
uri_str(notif->url), uri_str(&delta.meta.uri));
goto mta;
}
while (true) {
if (BN_cmp(deltas[i].serial.num, min) < 0) {
char *str = BN_bn2dec(min);
- pr_val_err(
+ pr_err(
"Deltas: Serial '%s' is out of bounds. (min:%s)",
deltas[i].serial.str, str);
OPENSSL_free(str);
return EINVAL;
}
if (BN_cmp(max->num, deltas[i].serial.num) < 0)
- return pr_val_err(
+ return pr_err(
"Deltas: Serial '%s' is out of bounds. (max:%s)",
deltas[i].serial.str, max->str);
if (!BN_sub(target_slot, deltas[i].serial.num, min))
- return val_crypto_err("BN_sub() returned error.");
+ return pr_crypto_err("BN_sub() returned error.");
_target_slot = BN_get_word(target_slot);
if (i == _target_slot)
return 0;
if (BN_cmp(deltas[_target_slot].serial.num, deltas[i].serial.num) == 0) {
- return pr_val_err("Deltas: Serial '%s' is not unique.",
+ return pr_err("Deltas: Serial '%s' is not unique.",
deltas[i].serial.str);
}
max_serial = ¬if->session.serial;
min_serial = BN_dup(max_serial->num);
if (min_serial == NULL)
- return val_crypto_err("BN_dup() returned NULL.");
+ return pr_crypto_err("BN_dup() returned NULL.");
if (!BN_sub_word(min_serial, deltas->len - 1)) {
- error = pr_val_err("Could not subtract %s - %zu; unknown cause.",
+ error = pr_err("Could not subtract %s - %zu; unknown cause.",
notif->session.serial.str, deltas->len - 1);
goto end;
}
if (BN_is_negative(min_serial)) {
- error = pr_val_err("Too many deltas (%zu) for serial %s. (Negative serials not implemented.)",
+ error = pr_err("Too many deltas (%zu) for serial %s. (Negative serials not implemented.)",
deltas->len, max_serial->str);
goto end;
}
return parse_session(reader, ¬if->session);
}
- return pr_val_err("Unexpected '%s' element", name);
+ return pr_err("Unexpected '%s' element", name);
case XML_READER_TYPE_END_ELEMENT:
if (xmlStrEqual(name, BAD_CAST RRDP_ELEM_NOTIFICATION))
else if (xmlStrEqual(name, BAD_CAST RRDP_ELEM_SNAPSHOT))
error = validate_session(reader, arg);
else
- return pr_val_err("Unexpected '%s' element", name);
+ return pr_err("Unexpected '%s' element", name);
if (error)
return error;
break;
size_t delta_threshold;
if (strcmp(old_notif->session.session_id, new_notif->session.session_id) != 0) {
- pr_val_debug("The Notification's session ID changed.");
+ pr_trc("The Notification's session ID changed.");
return EINVAL;
}
new_delta = &new_notif->deltas.array[i].meta;
if (memcmp(old_delta->bytes, new_delta->hash, RRDP_HASH_LEN) != 0) {
- pr_val_debug("Notification delta hash does not match cached delta hash; RRDP session desynchronization detected.");
+ pr_trc("Notification delta hash does not match cached delta hash; RRDP session desynchronization detected.");
return EINVAL;
}
int error;
url = &new->snapshot.uri;
- pr_val_debug("Processing snapshot '%s'.", uri_str(url));
+ pr_trc("Processing snapshot '%s'.", uri_str(url));
fnstack_push(uri_str(url));
error = dl_tmp(url, tmppath);
else if (xmlStrEqual(name, BAD_CAST RRDP_ELEM_DELTA))
error = validate_session(reader, arg);
else
- return pr_val_err("Unexpected '%s' element", name);
+ return pr_err("Unexpected '%s' element", name);
if (error)
return error;
break;
url = &delta->meta.uri;
- pr_val_debug("Processing delta '%s'.", uri_str(url));
+ pr_trc("Processing delta '%s'.", uri_str(url));
fnstack_push(uri_str(url));
error = dl_tmp(url, tmppath);
int error;
if (notif->deltas.len == 0) {
- pr_val_warn("There's no delta list to process.");
+ pr_wrn("There's no delta list to process.");
return ENOENT;
}
old = &state->session.serial;
new = ¬if->session.serial;
- pr_val_debug("Handling RRDP delta serials %s-%s.", old->str, new->str);
+ pr_trc("Handling RRDP delta serials %s-%s.", old->str, new->str);
diff_bn = BN_create();
if (!BN_sub(diff_bn, new->num, old->num)) {
BN_free(diff_bn);
- return pr_val_err("Could not subtract %s - %s; unknown cause.",
+ return pr_err("Could not subtract %s - %s; unknown cause.",
new->str, old->str);
}
if (BN_is_negative(diff_bn)) {
BN_free(diff_bn);
- return pr_val_err("Cached delta's serial [%s] is larger than Notification's current serial [%s].",
+ return pr_err("Cached delta's serial [%s] is larger than Notification's current serial [%s].",
old->str, new->str);
}
diff = BN_get_word(diff_bn);
BN_free(diff_bn);
if (diff > config_get_rrdp_delta_threshold() || diff > notif->deltas.len)
- return pr_val_err("Cached RPP is too old. (Cached serial: %s; current serial: %s)",
+ return pr_err("Cached RPP is too old. (Cached serial: %s; current serial: %s)",
old->str, new->str);
for (d = notif->deltas.len - diff; d < notif->deltas.len; d++) {
diff_bn = BN_create();
if (!BN_sub(diff_bn, new->session.serial.num, old->session.serial.num))
- return val_crypto_err("OUCH! libcrypto cannot subtract %s - %s",
+ return pr_crypto_err("OUCH! libcrypto cannot subtract %s - %s",
new->session.serial.str, old->session.serial.str);
if (BN_is_negative(diff_bn))
/* The validation was the BN_cmp() in the caller. */
- pr_crit("%s - %s < 0 despite validations.",
+ pr_panic("%s - %s < 0 despite validations.",
new->session.serial.str, old->session.serial.str);
diff = BN_get_word(diff_bn);
if (diff > new->deltas.len)
/* Should be <= because it was already compared to the delta threshold. */
- pr_crit("%lu > %zu despite validations.",
+ pr_panic("%lu > %zu despite validations.",
diff, new->deltas.len);
BN_free(old->session.serial.num);
if (error)
return error;
if (!(*changed)) {
- pr_val_debug("The Notification has not changed.");
+ pr_trc("The Notification has not changed.");
return 0;
}
return error;
if (remove(tmppath) < 0) {
- pr_val_warn("Can't remove notification's temporal file: %s",
+ pr_wrn("Can't remove notification's temporal file: %s",
strerror(errno));
update_notification_cleanup(new);
/* Nonfatal; fall through */
int error;
fnstack_push(uri_str(notif));
- pr_val_debug("Processing notification.");
+ pr_trc("Processing notification.");
error = dl_notif(notif, mtim, changed, &new);
if (error)
if (!(*changed))
goto end;
- pr_val_debug("New session/serial: %s/%s",
+ pr_trc("New session/serial: %s/%s",
new.session.session_id,
new.session.serial.str);
if ((*state) == NULL) {
- pr_val_debug("This is a new Notification.");
+ pr_trc("This is a new Notification.");
old = pzalloc(sizeof(struct rrdp_state));
/* session postponed! */
old = *state;
serial_cmp = BN_cmp(old->session.serial.num, new.session.serial.num);
if (serial_cmp < 0) {
- pr_val_debug("The Notification's serial changed.");
+ pr_trc("The Notification's serial changed.");
error = validate_session_desync(old, &new);
if (error)
goto reset_notif;
} else if (serial_cmp > 0) {
- pr_val_debug("Cached serial is higher than notification serial.");
+ pr_trc("Cached serial is higher than notification serial.");
goto end;
} else {
- pr_val_debug("The Notification changed, but the session ID and serial didn't, and no session desync was detected.");
+ pr_trc("The Notification changed, but the session ID and serial didn't, and no session desync was detected.");
*changed = false;
goto end;
}
snapshot_fallback:
- pr_val_debug("Falling back to snapshot.");
+ pr_trc("Falling back to snapshot.");
error = handle_snapshot(&new, old);
if (error)
goto clean_notif;
serial->num = BN_create();
serial->str = pstrdup(str);
if (!BN_dec2bn(&serial->num, serial->str)) {
- pr_op_err("Not a serial number: %s", serial->str);
+ pr_err("Not a serial number: %s", serial->str);
BN_free(serial->num);
free(serial->str);
return -EINVAL;
error = json_get_object(jparent, "files", &jfiles);
if (error < 0) {
- pr_op_debug("files: %s", strerror(error));
+ pr_trc("files: %s", strerror(error));
return error;
}
if (error > 0)
json_object_foreach(jfiles, jkey, jvalue) {
if (!json_is_string(jvalue)) {
- pr_op_warn("RRDP file URL '%s' is not a string.", jkey);
+ pr_wrn("RRDP file URL '%s' is not a string.", jkey);
continue;
}
errmsg = uri_init(&url, jkey);
if (errmsg) {
- pr_op_warn("Cannot parse '%s' as a URI: %s", jkey, errmsg);
+ pr_wrn("Cannot parse '%s' as a URI: %s", jkey, errmsg);
continue;
}
path = json_string_value(jvalue);
if (strncmp(path, parent, parent_len) != 0 || path[parent_len] != '/') {
- pr_op_warn("RRDP path '%s' is not child of '%s'.",
+ pr_wrn("RRDP path '%s' is not child of '%s'.",
path, parent);
uri_cleanup(&url);
continue;
}
if (hex2ulong(path + parent_len + 1, &id) != 0) {
- pr_op_warn("RRDP file '%s' is not a hexadecimal number.", path);
+ pr_wrn("RRDP file '%s' is not a hexadecimal number.", path);
uri_cleanup(&url);
continue;
}
}
if (HASH_COUNT(state->files) == 0) {
- pr_op_warn("RRDP cage does not index any files.");
+ pr_wrn("RRDP cage does not index any files.");
return EINVAL;
}
str = json_string_value(json);
if (str == NULL)
- return pr_op_err("Hash is not a string.");
+ return pr_err("Hash is not a string.");
if (strlen(str) != 2 * RRDP_HASH_LEN)
- return pr_op_err("Hash is not %d characters long.",
+ return pr_err("Hash is not %d characters long.",
2 * RRDP_HASH_LEN);
hash = pmalloc(sizeof(struct rrdp_hash));
if (str2hex(str, hash->bytes) != 0) {
free(hash);
- return pr_op_err("Malformed hash: %s", str);
+ return pr_err("Malformed hash: %s", str);
}
*dh = hash;
error = json2session(json, &state->session.session_id);
if (error < 0) {
- pr_op_debug("session: %s", strerror(error));
+ pr_trc("session: %s", strerror(error));
goto fail;
}
error = json2serial(json, &state->session.serial);
if (error < 0) {
- pr_op_debug("serial: %s", strerror(error));
+ pr_trc("serial: %s", strerror(error));
goto fail;
}
error = json2files(json, path, state);
if (error) {
- pr_op_debug("files: %s", strerror(error));
+ pr_trc("files: %s", strerror(error));
goto fail;
}
error = json2dhs(json, state);
if (error) {
- pr_op_debug("delta hashes: %s", strerror(error));
+ pr_trc("delta hashes: %s", strerror(error));
goto fail;
}
asn_enc_rval_t result;
if (pssk.wr == -1) {
- pr_op_err(RSP "Cannot message parent process: "
+ pr_err(RSP "Cannot message parent process: "
"The socket is closed.");
return;
}
*/
if (RsyncRequest_init(&req, &task->url, task->path) < 0) {
- pr_op_err(RSP "Cannot message parent process: "
+ pr_err(RSP "Cannot message parent process: "
"The request object cannot be created");
return;
}
result = der_encode(&asn_DEF_RsyncRequest, &req, write_cb, NULL);
if (result.encoded == -1) {
- pr_op_err(RSP "Cannot message parent process: Unknown error");
+ pr_err(RSP "Cannot message parent process: Unknown error");
/* TODO (asn1) Do this if the error was I/O:
* close(spsk.wr);
* spsk.wr = -1;
*/
}
- pr_op_debug(RSP "Parent notified; sent %zd bytes.", result.encoded);
+ pr_trc(RSP "Parent notified; sent %zd bytes.", result.encoded);
ASN_STRUCT_FREE_CONTENTS_ONLY(asn_DEF_RsyncRequest, &req);
}
if (pipe(fds[0]) < 0) {
error = errno;
- pr_op_err_st(RSP "Piping rsync stderr: %s", strerror(error));
+ pr_crit(RSP "Piping rsync stderr: %s", strerror(error));
return error;
}
if (pipe(fds[1]) < 0) {
error = errno;
- pr_op_err_st(RSP "Piping rsync stdout: %s", strerror(error));
+ pr_crit(RSP "Piping rsync stdout: %s", strerror(error));
close(fds[0][0]);
close(fds[0][1]);
return error;
task->pid = fork();
if (task->pid < 0) {
error = errno;
- pr_op_err_st(RSP "Couldn't spawn the rsync process: %s",
+ pr_crit(RSP "Couldn't spawn the rsync process: %s",
strerror(error));
close(STDERR_READ(fork_fds));
close(STDOUT_READ(fork_fds));
if (tasks->a >= config_rsync_max()) {
LIST_INSERT_HEAD(&tasks->queued, task, lh);
- pr_op_debug(RSP "Queued task %d: %s -> %s",
+ pr_trc(RSP "Queued task %d: %s -> %s",
task->pid, uri_str(&task->url), task->path);
} else {
activate_task(tasks, task, now);
- pr_op_debug(RSP "Got new task %d: %s -> %s",
+ pr_trc(RSP "Got new task %d: %s -> %s",
task->pid, uri_str(&task->url), task->path);
}
}
return;
if (pfd->revents & POLLNVAL) {
- pr_op_err(RSP "bad parent fd: %i", pfd->fd);
+ pr_err(RSP "bad parent fd: %i", pfd->fd);
rstream_close(&pssk.rd, false);
} else if (pfd->revents & POLLERR) {
- pr_op_err(RSP "Generic error during parent fd poll.");
+ pr_err(RSP "Generic error during parent fd poll.");
rstream_close(&pssk.rd, true);
} else if (pfd->revents & (POLLIN | POLLHUP)) {
continue;
}
if (is_error)
- pr_op_err("[RSYNC exec] %s", cur);
+ pr_err("[RSYNC exec] %s", cur);
else
- pr_op_debug("[RSYNC exec] %s", cur);
+ pr_trc("[RSYNC exec] %s", cur);
cur = tmp + 1;
}
free(cpy);
error = errno;
if (error == EINTR)
return 0; /* Dunno; retry */
- pr_op_err(RSP "rsync buffer read error: %s", strerror(error));
+ pr_err(RSP "rsync buffer read error: %s", strerror(error));
goto down; /* Error */
}
handle_rsync_fd(struct pollfd *pfd, size_t p)
{
if (pfd->fd == -1) {
- pr_op_debug(RSP "File descriptor already closed.");
+ pr_trc(RSP "File descriptor already closed.");
return 1;
}
if (pfd->revents & POLLNVAL) {
- pr_op_err(RSP "rsync bad fd: %i", pfd->fd);
+ pr_err(RSP "rsync bad fd: %i", pfd->fd);
return 1;
}
if (pfd->revents & POLLERR) {
- pr_op_err(RSP "Generic error during rsync poll.");
+ pr_err(RSP "Generic error during rsync poll.");
close(pfd->fd);
return 1;
}
again: status = 0;
if (waitpid(pid, &status, 0) < 0) {
error = errno;
- pr_op_err("Could not wait for %s: %s", name, strerror(error));
+ pr_err("Could not wait for %s: %s", name, strerror(error));
return error;
}
if (WIFEXITED(status)) {
/* Happy path (but also sad path sometimes) */
error = WEXITSTATUS(status);
- pr_op_debug("%s ended. Result: %d", name, error);
+ pr_trc("%s ended. Result: %d", name, error);
return error ? EIO : 0;
}
if (WIFSIGNALED(status)) {
- pr_op_warn("%s interrupted by signal %d (%s).",
+ pr_wrn("%s interrupted by signal %d (%s).",
name, WTERMSIG(status), strsignal(WTERMSIG(status)));
return EINTR;
}
* they never retry. But that contradicts all documentation,
* yet seems to be accurate to reality.
*/
- pr_op_debug("%s has resumed.", name);
+ pr_trc("%s has resumed.", name);
goto again;
}
/* Dead code */
- return pr_op_err("Unknown waitpid() status; giving up %s.", name);
+ return pr_err("Unknown waitpid() status; giving up %s.", name);
}
static void
if (task == NULL)
return;
- pr_op_debug(RSP "Activating queued task %s -> %s.",
+ pr_trc(RSP "Activating queued task %s -> %s.",
uri_str(&task->url), task->path);
LIST_REMOVE(task, lh);
activate_task(tasks, task, now);
if (ts_cmp(&epoch, &task->expiration) < 0)
return false;
- pr_op_debug(RSP "Task %d ran out of time.", task->pid);
+ pr_trc(RSP "Task %d ran out of time.", task->pid);
kill_subprocess(task);
wait_subprocess("rsync", task->pid);
finish_task(tasks, task);
expiration = task->expiration;
timeout = ts_delta(&now, &expiration);
- pr_op_debug(RSP "Timeout decided: %dms", timeout);
+ pr_trc(RSP "Timeout decided: %dms", timeout);
events = poll(pfds, pfds_count, timeout);
if (events < 0) {
error = errno;
ts_now(&now);
if (events == 0) { /* Timeout */
- pr_op_debug(RSP "Woke up because of timeout.");
+ pr_trc(RSP "Woke up because of timeout.");
LIST_FOREACH_SAFE(task, &tasks.active, lh, tmp)
maybe_expire(&tasks, task, &now);
goto cont;
}
- pr_op_debug(RSP "Woke up because of input.");
+ pr_trc(RSP "Woke up because of input.");
p = 1;
LIST_FOREACH_SAFE(task, &tasks.active, lh, tmp) {
if (maybe_expire(&tasks, task, &now))
continue;
if (handle_rsync_fd(&pfds[p], p)) {
- pr_op_debug(RSP "Task %d: Stdout closed.",
+ pr_trc(RSP "Task %d: Stdout closed.",
task->pid);
task->stdoutfd = -1;
}
p++;
if (handle_rsync_fd(&pfds[p], p)) {
- pr_op_debug(RSP "Task %d: Stderr closed.",
+ pr_trc(RSP "Task %d: Stderr closed.",
task->pid);
task->stderrfd = -1;
}
p++;
if (task->stdoutfd == -1 && task->stderrfd == -1) {
- pr_op_debug(RSP "Both stdout & stderr are closed; ending task %d.",
+ pr_trc(RSP "Both stdout & stderr are closed; ending task %d.",
task->pid);
wait_subprocess("rsync", task->pid);
finish_task(&tasks, task);
cont: free(pfds);
} while ((pssk.rd.fd != -1 || tasks.a > 0));
- pr_op_debug(RSP "The parent stream is closed and there are no rsync tasks running. Cleaning up...");
+ pr_trc(RSP "The parent stream is closed and there are no rsync tasks running. Cleaning up...");
LIST_FOREACH_SAFE(task, &tasks.active, lh, tmp) {
kill_subprocess(task);
if (pipe(fds) < 0) {
error = errno;
- pr_op_warn("Cannot create pipe: %s", strerror(error));
+ pr_wrn("Cannot create pipe: %s", strerror(error));
return error;
}
flags = fcntl(fds[RDFD], F_GETFL);
if (flags < 0) {
error = errno;
- pr_op_warn("Cannot retrieve pipe flags: %s", strerror(error));
+ pr_wrn("Cannot retrieve pipe flags: %s", strerror(error));
goto cancel;
}
if (fcntl(fds[RDFD], F_SETFL, flags | O_NONBLOCK) < 0) {
error = errno;
- pr_op_warn("Cannot enable O_NONBLOCK: %s", strerror(error));
+ pr_wrn("Cannot enable O_NONBLOCK: %s", strerror(error));
goto cancel;
}
if (nonblock_pipe(parent2spawner) != 0)
goto fail1;
if (pipe(spawner2parent) < 0) {
- pr_op_warn("Cannot create pipe: %s", strerror(errno));
+ pr_wrn("Cannot create pipe: %s", strerror(errno));
goto fail2;
}
spawner = fork();
if (spawner < 0) {
- pr_op_warn("Cannot fork rsync spawner: %s", strerror(errno));
+ pr_wrn("Cannot fork rsync spawner: %s", strerror(errno));
goto fail3;
}
error = pthread_create(&srt, NULL, rcv_spawner_responses, NULL);
if (error) {
- pr_op_warn("Cannot start rsync spawner listener thread: %s",
+ pr_wrn("Cannot start rsync spawner listener thread: %s",
strerror(error));
spsk_cleanup();
goto fail1;
close(spawner2parent[WRFD]);
fail2: close(parent2spawner[RDFD]);
close(parent2spawner[WRFD]);
-fail1: pr_op_warn("rsync will not be available.");
+fail1: pr_wrn("rsync will not be available.");
pssk.rd.fd = pssk.wr = -1;
}
mutex_unlock(&table->lock);
if (error) {
- pr_val_err("ROA couldn't be added to hash table: %s",
+ pr_err("ROA couldn't be added to hash table: %s",
strerror(error));
return error;
}
mutex_unlock(&table->lock);
if (error) {
- pr_val_err("Router Key couldn't be added to hash table: %s",
+ pr_err("Router Key couldn't be added to hash table: %s",
strerror(error));
return error;
}
return &deltas->v4.removes;
}
- pr_crit("Unknown delta operation: %d", op);
+ pr_panic("Unknown delta operation: %d", op);
return NULL; /* Warning shutupper */
}
return &deltas->v6.removes;
}
- pr_crit("Unknown delta operation: %d", op);
+ pr_panic("Unknown delta operation: %d", op);
return NULL; /* Warning shutupper */
}
return;
}
- pr_crit("Unknown protocol: [%u %s/%u-%u %u] %c %u/%u "
+ pr_panic("Unknown protocol: [%u %s/%u-%u %u] %c %u/%u "
"(Please report this output to https://github.com/NICMx/FORT-validator/issues/89)",
vrp->asn,
addr2str6(&vrp->prefix.v6, buffer),
return;
}
- pr_crit("Unknown delta operation: %d", op);
+ pr_panic("Unknown delta operation: %d", op);
}
bool
error = pthread_rwlock_init(&state_lock, NULL);
if (error) {
- pr_op_err("state pthread_rwlock_init() errored: %s",
+ pr_err("state pthread_rwlock_init() errored: %s",
strerror(error));
darray_destroy(state.deltas);
return error;
}
rwlock_unlock(&state_lock);
- pr_op_info("Validation finished:");
- pr_op_info("- Valid ROAs: %u", roas);
- pr_op_info("- Valid Router Keys: %u", rks);
+ pr_inf("Validation finished:");
+ pr_inf("- Valid ROAs: %u", roas);
+ pr_inf("- Valid Router Keys: %u", rks);
if (config_get_mode() == SERVER)
- pr_op_info("- Serial: %u", serial);
+ pr_inf("- Serial: %u", serial);
if (start != ((time_t) -1) && finish != ((time_t) -1))
- pr_op_info("- Real execution time: %.0lfs", difftime(finish, start));
+ pr_inf("- Real execution time: %.0lfs", difftime(finish, start));
return error;
}
enum vrps_foreach_delta_since_result result;
int error;
- pr_op_debug("Serial Query. Request version/session/serial: %u/%u/%u",
+ pr_trc("Serial Query. Request version/session/serial: %u/%u/%u",
request->pdu.rtr_version,
request->pdu.obj.sq.session_id,
request->pdu.obj.sq.serial_number);
* levels (see apply_pollfds()), so we'll just whine on debug.
*/
- pr_op_debug("poll() returned revents '0x%02x'. This means", pfd->revents);
+ pr_trc("poll() returned revents '0x%02x'. This means", pfd->revents);
if (pfd->revents & POLLHUP) {
- pr_op_debug("- 0x%02x: Peer hung up.", POLLHUP);
+ pr_trc("- 0x%02x: Peer hung up.", POLLHUP);
}
if (pfd->revents & POLLERR) {
- pr_op_debug("- 0x%02x: Read end was closed, or generic error.",
+ pr_trc("- 0x%02x: Read end was closed, or generic error.",
POLLERR);
}
if (pfd->revents & POLLNVAL) {
* In our case, this is perfectly normal. The main polling
* thread closed it while we were trying to write. Whatever.
*/
- pr_op_debug("- 0x%02x: File Descriptor not open.", POLLNVAL);
+ pr_trc("- 0x%02x: File Descriptor not open.", POLLNVAL);
}
/* Interrupt handler thread, but no need to raise alarms. */
pfd.revents = 0;
error = poll(&pfd, 1, -1);
if (error < 0)
- return pr_op_err_st("poll() error: %s", strerror(errno));
+ return pr_crit("poll() error: %s", strerror(errno));
if (error == 0)
- return pr_op_err_st("poll() returned 0, even though there's no timeout.");
+ return pr_crit("poll() returned 0, even though there's no timeout.");
if (pfd.revents & (POLLHUP | POLLERR | POLLNVAL))
return print_poll_failure(&pfd);
} while (!(pfd.revents & POLLOUT));
if (write(fd, data, data_len) < 0) {
error = errno;
- pr_op_debug("Error sending %s to client: %s",
+ pr_trc("Error sending %s to client: %s",
pdutype2str(pdu_type), strerror(error));
return error;
}
if (consumed == -1) {
error = errno;
if (error == EAGAIN || error == EWOULDBLOCK) {
- pr_op_debug("Reached stream limit for now.");
+ pr_trc("Reached stream limit for now.");
return BS_WOULD_BLOCK;
} else {
- pr_op_err("Client socket read interrupted: %s",
+ pr_err("Client socket read interrupted: %s",
strerror(error));
return BS_ERROR;
}
}
if (consumed == 0) {
- pr_op_debug("Client '%s' closed the socket.",
+ pr_trc("Client '%s' closed the socket.",
in->addr);
return BS_EOS;
}
* big PDU that either lengths exactly RTRPDU_MAX_LEN2, or is too big
* for us to to allow it.
*/
- pr_op_debug("Stream limit not reached yet.");
+ pr_trc("Stream limit not reached yet.");
return BS_KEEP_READING;
}
}
}
- pr_crit("Unknown RTR version %u", stream->rtr_version);
+ pr_panic("Unknown RTR version %u", stream->rtr_version);
unsupported:
return err_pdu_send_unsupported_proto_version(
size_t length;
if (hdr->len != RTRPDU_SERIAL_QUERY_LEN) {
- pr_op_err("%s: Header length is not %u: %u",
+ pr_err("%s: Header length is not %u: %u",
stream->addr, RTRPDU_SERIAL_QUERY_LEN, hdr->len);
return err_pdu_send_invalid_request(
stream->fd, stream->rtr_version, &result->pdu.raw,
length = get_length(stream);
if (length < RTRPDU_SERIAL_QUERY_LEN) {
- pr_op_debug("PDU fragmented after hdr (%zu)", length);
+ pr_trc("PDU fragmented after hdr (%zu)", length);
return EAGAIN;
}
- pr_op_debug("Received a Serial Query from %s.", stream->addr);
+ pr_trc("Received a Serial Query from %s.", stream->addr);
result->pdu.obj.sq.session_id = hdr->m.session_id;
stream->start += RTR_HDR_LEN;
size_t length;
if (hdr->len != RTRPDU_RESET_QUERY_LEN) {
- pr_op_err("%s: Header length is not %u: %u",
+ pr_err("%s: Header length is not %u: %u",
stream->addr, RTRPDU_RESET_QUERY_LEN, hdr->len);
return err_pdu_send_invalid_request(
stream->fd, stream->rtr_version, &result->pdu.raw,
length = get_length(stream);
if (length < RTRPDU_RESET_QUERY_LEN) {
- pr_op_debug("PDU fragmented after hdr (%zu)", length);
+ pr_trc("PDU fragmented after hdr (%zu)", length);
return EAGAIN;
}
- pr_op_debug("Received a Reset Query from %s.", stream->addr);
+ pr_trc("Received a Reset Query from %s.", stream->addr);
stream->start += RTR_HDR_LEN;
return 0;
char const *client_addr)
{
if (errmsg != NULL) {
- pr_op_err("RTR client %s responded with error PDU '%s' ('%s'). Closing socket.",
+ pr_err("RTR client %s responded with error PDU '%s' ('%s'). Closing socket.",
client_addr, err_pdu_to_string(errcode), errmsg);
} else {
- pr_op_err("RTR client %s responded with error PDU '%s'. Closing socket.",
+ pr_err("RTR client %s responded with error PDU '%s'. Closing socket.",
client_addr, err_pdu_to_string(errcode));
}
}
int error;
if (hdr->len > RTRPDU_ERROR_REPORT_MAX_LEN) {
- return pr_op_err(
+ return pr_err(
"%s: Error Report PDU is too big (%u bytes).",
stream->addr, hdr->len
);
}
if (hdr->len < RTR_HDR_LEN + 8) { /* hdr + errpdu len + errmsg len */
- return pr_op_err(
+ return pr_err(
"%s: Error Report PDU is too small (%u bytes).",
stream->addr, hdr->len
);
}
- pr_op_debug("Received an Error Report from %s.", stream->addr);
+ pr_trc("Received an Error Report from %s.", stream->addr);
/* Header */
stream->start += RTR_HDR_LEN;
/* Error PDU length */
if (get_length(stream) < 4) {
- pr_op_debug("Fragmented on error PDU length.");
+ pr_trc("Fragmented on error PDU length.");
error = EAGAIN;
goto revert_hdr;
}
* We truncate PDUs larger than RTRPDU_MAX_LEN, so we couldn't
* have sent this PDU. Looks like someone is messing with us.
*/
- error = pr_op_err(
+ error = pr_err(
"%s: Error Report PDU's embedded PDU is too big (%u bytes).",
stream->addr, errpdu_len
);
goto revert_errpdu_len;
}
if (hdr->len < RTR_HDR_LEN + 8 + errpdu_len) {
- error = pr_op_err(
+ error = pr_err(
"%s: Invalid Length of Encapsulated PDU (%u); PDU length is %u.",
stream->addr, errpdu_len, hdr->len
);
/* Error PDU */
if (get_length(stream) < errpdu_len) {
- pr_op_debug("Fragmented on error PDU.");
+ pr_trc("Fragmented on error PDU.");
error = EAGAIN;
goto revert_errpdu_len;
}
/* Error msg length */
if (get_length(stream) < 4) {
- pr_op_debug("Fragmented on error message length.");
+ pr_trc("Fragmented on error message length.");
error = EAGAIN;
goto revert_errpdu;
}
errmsg_len = read_uint32(stream->start);
stream->start += 4;
if (hdr->len != rtrpdu_error_report_len(errpdu_len, errmsg_len)) {
- error = pr_op_err(
+ error = pr_err(
"%s: Error Report PDU is malformed; header length is %u, but effective length is %u + %u + %u + %u + %u.",
stream->addr, hdr->len,
RTR_HDR_LEN, 4, errpdu_len, 4, errmsg_len
/* Read header. */
if (remainder < RTR_HDR_LEN) {
- pr_op_debug("PDU fragmented on header (%zu)", remainder);
+ pr_trc("PDU fragmented on header (%zu)", remainder);
break; /* PDU is fragmented */
}
read_hdr(stream, &hdr);
/* Validate length; Needs raw. */
if (hdr.len > RTRPDU_MAX_LEN2) {
- pr_op_err("%s: Header length too big: %u > %u",
+ pr_err("%s: Header length too big: %u > %u",
stream->addr, hdr.len, RTRPDU_MAX_LEN2);
err_pdu_send_invalid_request(
stream->fd,
/* Validate version; Needs raw. */
if (validate_rtr_version(stream, &hdr, &raw) != 0) {
- pr_op_err("%s: Bad RTR version: %u",
+ pr_err("%s: Bad RTR version: %u",
stream->addr, hdr.version);
goto fail;
}
error = load_error_report(stream, &hdr);
break;
default:
- pr_op_err("%s: Unknown PDU type: %u",
+ pr_err("%s: Unknown PDU type: %u",
stream->addr, hdr.version);
err_pdu_send_unsupported_pdu_type(stream->fd,
stream->rtr_version, &request_tmp->pdu.raw);
case BS_KEEP_READING:
goto again;
case BS_ERROR:
- pr_crit("This should have been catched earlier.");
+ pr_panic("This should have been catched earlier.");
}
fail:
}
if (*(ptr + 1) == '\0')
- return pr_op_err("Invalid server address '%s', can't end with '#'",
+ return pr_err("Invalid server address '%s', can't end with '#'",
full_address);
tmp_addr_len = strlen(full_address) - strlen(ptr);
error = getaddrinfo(hostname, service, &hints, result);
if (error) {
- pr_op_err("Could not infer a bindable address out of address '%s' and port '%s': %s",
+ pr_err("Could not infer a bindable address out of address '%s' and port '%s': %s",
(hostname != NULL) ? hostname : "any", service,
gai_strerror(error));
return error;
flags = fcntl(fd, F_GETFL);
if (flags == -1) {
error = errno;
- pr_op_err_st("fcntl() to get flags failed: %s", strerror(error));
+ pr_crit("fcntl() to get flags failed: %s", strerror(error));
return error;
}
if (fcntl(fd, F_SETFL, flags) == -1) {
error = errno;
- pr_op_err_st("fcntl() to set flags failed: %s", strerror(error));
+ pr_crit("fcntl() to set flags failed: %s", strerror(error));
return error;
}
#ifdef __linux__
if (is_wildcard(ai->ai_addr)) {
if (ctx->wildcard_found)
- pr_op_warn("You have more than one wildcard address in server.address, and you're on Linux.\n"
+ pr_wrn("You have more than one wildcard address in server.address, and you're on Linux.\n"
"On Linux, :: implies 0.0.0.0 by default, and you can't bind to 0.0.0.0 twice.\n"
"The socket bind is probably going to fail.\n"
"If you meant to bind to any address on both IPv4 and IPv6, you only need '::'.");
server.fd = -1;
server.addr = get_best_printable(ai, ctx->input_addr);
- pr_op_info("[%s]:%s: Setting up socket...", server.addr, port);
+ pr_inf("[%s]:%s: Setting up socket...", server.addr, port);
server.fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (server.fd < 0) {
goto fail;
}
- pr_op_info("[%s]:%s: Success.", server.addr, port);
+ pr_inf("[%s]:%s: Success.", server.addr, port);
server_arraylist_add(&servers, &server);
}
return 0;
fail:
- pr_op_err("[%s]:%s: %s: %s", server.addr, port, errmsg, strerror(err));
+ pr_err("[%s]:%s: %s: %s", server.addr, port, errmsg, strerror(err));
if (server.fd != -1)
close(server.fd);
free(server.addr);
break;
default:
/* Should have been catched during constructor */
- pr_crit("Unexpected PDU type: %u", request->pdu.type);
+ pr_panic("Unexpected PDU type: %u", request->pdu.type);
}
if (request->eos)
if (err == EWOULDBLOCK)
goto retry;
- pr_op_info("Client connection attempt not accepted: %s. Quitting...",
+ pr_inf("Client connection attempt not accepted: %s. Quitting...",
strerror(err));
return AV_SERVER_ERROR;
retry:
- pr_op_info("Client connection attempt not accepted: %s. Retrying...",
+ pr_inf("Client connection attempt not accepted: %s. Retrying...",
strerror(err));
return AV_CLIENT_ERROR;
}
client_arraylist_add(&clients, &client);
- pr_op_info("Client accepted [FD: %d]: %s", fd, addr);
+ pr_inf("Client accepted [FD: %d]: %s", fd, addr);
return AV_SUCCESS;
}
if (pfd->revents & POLLHUP) {
/* Normal; we don't have control over the client. */
- pr_op_info("%s '%s' down: Peer hung up. (Revents 0x%02x)",
+ pr_inf("%s '%s' down: Peer hung up. (Revents 0x%02x)",
what, addr, pfd->revents);
}
if (pfd->revents & POLLERR) {
*
* Warning it is.
*/
- pr_op_warn("%s '%s' down: Generic error. (Revents 0x%02x)",
+ pr_wrn("%s '%s' down: Generic error. (Revents 0x%02x)",
what, addr, pfd->revents);
}
if (pfd->revents & POLLNVAL) {
* We're the main polling thread, so nobody else should be
* closing sockets on us.
*/
- pr_op_err("%s '%s' down: File Descriptor closed. (Revents 0x%02x)",
+ pr_err("%s '%s' down: File Descriptor closed. (Revents 0x%02x)",
what, addr, pfd->revents);
}
}
error = errno;
switch (error) {
case EINTR:
- pr_op_info("poll() was interrupted by some signal.");
+ pr_inf("poll() was interrupted by some signal.");
goto stop;
case ENOMEM:
enomem_panic();
goto retry;
case EFAULT:
case EINVAL:
- pr_crit("poll() error: %s", strerror(error));
+ pr_panic("poll() error: %s", strerror(error));
}
}
stop_server_thread = true;
error = pthread_join(server_thread, NULL);
if (error)
- pr_op_err("pthread_join() failed: %s", strerror(error));
+ pr_err("pthread_join() failed: %s", strerror(error));
thread_pool_destroy(request_handlers);
case GLSNR_OK:
break;
case GLSNR_UNDER_CONSTRUCTION:
- pr_op_info("Can't notify RTR clients: Database under construction");
+ pr_inf("Can't notify RTR clients: Database under construction");
return;
case GLSNR_CANT_LOCK:
- pr_op_info("Can't notify RTR clients: Too many simultaneous read locks");
+ pr_inf("Can't notify RTR clients: Too many simultaneous read locks");
return;
}
for (i = 0; cleanups[i]; i++)
if (sigaction(cleanups[i], &action, NULL) < 0)
- pr_op_err("'%s' signal action registration failure: %s",
+ pr_err("'%s' signal action registration failure: %s",
strsignal(cleanups[i]), strerror(errno));
/*
*/
action.sa_handler = SIG_IGN;
if (sigaction(SIGPIPE, &action, NULL) < 0)
- pr_op_err("SIGPIPE action registration failure: %s",
+ pr_err("SIGPIPE action registration failure: %s",
strerror(errno));
}
{
char addr_buf[INET6_ADDRSTRLEN];
- pr_op_info(" {");
+ pr_inf(" {");
if (prefix->data_flag & SLURM_COM_FLAG_ASN)
- pr_op_info(" ASN: %u", prefix->vrp.asn);
+ pr_inf(" ASN: %u", prefix->vrp.asn);
if (prefix->data_flag & SLURM_PFX_FLAG_PREFIX) {
- pr_op_info(" Prefix: %s/%u",
+ pr_inf(" Prefix: %s/%u",
inet_ntop(prefix->vrp.addr_fam, &prefix->vrp.prefix,
addr_buf, INET6_ADDRSTRLEN),
prefix->vrp.prefix_length);
}
if (prefix->data_flag & SLURM_PFX_FLAG_MAX_LENGTH)
- pr_op_info(" Max prefix length: %u",
+ pr_inf(" Max prefix length: %u",
prefix->vrp.max_prefix_length);
- pr_op_info(" }");
+ pr_inf(" }");
return 0;
}
char *pad = " ";
char *buf;
- pr_op_info(" {");
+ pr_inf(" {");
if (bgpsec->data_flag & SLURM_COM_FLAG_ASN)
- pr_op_info("%s ASN: %u", pad, bgpsec->asn);
+ pr_inf("%s ASN: %u", pad, bgpsec->asn);
if (bgpsec->data_flag & SLURM_BGPS_FLAG_SKI) {
do {
if (!base64url_encode(bgpsec->ski, RK_SKI_LEN, &buf)) {
- op_crypto_err("Cannot encode SKI.");
- pr_op_info("%s SKI: <error encoding value>",
+ pr_crypto_err("Cannot encode SKI.");
+ pr_inf("%s SKI: <error encoding value>",
pad);
break;
}
- pr_op_info("%s SKI: %s", pad, buf);
+ pr_inf("%s SKI: %s", pad, buf);
free(buf);
} while (0);
}
do {
if (!base64url_encode(bgpsec->router_public_key,
RK_SPKI_LEN, &buf)) {
- op_crypto_err("Cannot encode routerPublicKey.");
- pr_op_info("%s Router public key: <error encoding value>",
+ pr_crypto_err("Cannot encode routerPublicKey.");
+ pr_inf("%s Router public key: <error encoding value>",
pad);
break;
}
- pr_op_info("%s Router public key: %s", pad, buf);
+ pr_inf("%s Router public key: %s", pad, buf);
free(buf);
} while (0);
}
- pr_op_info(" }");
+ pr_inf(" }");
return 0;
}
void
db_slurm_log(struct db_slurm *db)
{
- pr_op_info("SLURM loaded at %s", asctime(localtime(&db->loaded_date)));
- pr_op_info("Validation output filters {");
- pr_op_info(" Prefix filters {");
+ pr_inf("SLURM loaded at %s", asctime(localtime(&db->loaded_date)));
+ pr_inf("Validation output filters {");
+ pr_inf(" Prefix filters {");
foreach_filter_prefix(&db->lists, print_prefix_data, NULL);
- pr_op_info(" }");
- pr_op_info(" BGPsec filters {");
+ pr_inf(" }");
+ pr_inf(" BGPsec filters {");
foreach_filter_bgpsec(&db->lists, print_bgpsec_data, NULL);
- pr_op_info(" }");
- pr_op_info("}");
+ pr_inf(" }");
+ pr_inf("}");
- pr_op_info("Locally added assertions {");
- pr_op_info(" Prefix assertions {");
+ pr_inf("Locally added assertions {");
+ pr_inf(" Prefix assertions {");
foreach_assertion_prefix(&db->lists, print_prefix_data, NULL);
- pr_op_info(" }");
- pr_op_info(" BGPsec assertions {");
+ pr_inf(" }");
+ pr_inf(" BGPsec assertions {");
foreach_assertion_bgpsec(&db->lists, print_bgpsec_data, NULL);
- pr_op_info(" }");
- pr_op_info("}");
+ pr_inf(" }");
+ pr_inf("}");
}
void
vrp.max_prefix_length);
}
- pr_crit("Unknown addr family type: %u", vrp.addr_fam);
+ pr_panic("Unknown addr family type: %u", vrp.addr_fam);
return EINVAL; /* Warning shutupper */
}
if (hash_file(hash_get_sha256(), location, csum->csum, &csum->csum_len) != 0) {
free(csum);
- return pr_op_err("Calculating slurm hash");
+ return pr_err("Calculating slurm hash");
}
list = arg;
struct db_slurm *new_slurm = NULL;
int error;
- pr_op_info("Checking if there are new or modified SLURM files");
+ pr_inf("Checking if there are new or modified SLURM files");
error = slurm_load_checksums(&new_csums);
if (error)
if (*slurm != NULL) {
db_slurm_get_csum_list(*slurm, &old_csums);
if (are_csum_lists_equals(&new_csums, &old_csums)) {
- pr_op_info("Applying same old SLURM, no changes found.");
+ pr_inf("Applying same old SLURM, no changes found.");
destroy_local_csum_list(&new_csums);
return 0;
}
}
- pr_op_info("Applying configured SLURM");
+ pr_inf("Applying configured SLURM");
error = load_slurm_files(&new_csums, &new_slurm);
if (error) {
/* Fall back to previous iteration's SLURM */
- pr_op_info("Error '%s' loading SLURM. The validation will continue regardless.",
+ pr_inf("Error '%s' loading SLURM. The validation will continue regardless.",
strerror(error));
if (*slurm != NULL) {
- pr_op_info("A previous valid version of the SLURM exists and will be applied.");
+ pr_inf("A previous valid version of the SLURM exists and will be applied.");
db_slurm_log(*slurm);
}
#define ROUTER_PUBLIC_KEY "routerPublicKey"
#define COMMENT "comment"
-#define COMPLAIN_REQUIRED(name) pr_op_err("SLURM member '" name "' is required")
+#define COMPLAIN_REQUIRED(name) pr_err("SLURM member '" name "' is required")
static int handle_json(json_t *, struct db_slurm *);
&json_error);
if (json_root == NULL)
/* File wasn't read or has a content error */
- return pr_op_err("SLURM JSON error on line %d, column %d: %s",
+ return pr_err("SLURM JSON error on line %d, column %d: %s",
json_error.line, json_error.column, json_error.text);
error = handle_json(json_root, arg);
return error;
if (error > 0)
/* Optional for filters */
- return is_assertion ? pr_op_err("ASN is required") : 0;
+ return is_assertion ? pr_err("ASN is required") : 0;
*flag = *flag | SLURM_COM_FLAG_ASN;
(*members_loaded)++;
return error;
if (str_prefix == NULL) {
return is_assertion
- ? pr_op_err("SLURM assertion prefix is required")
+ ? pr_err("SLURM assertion prefix is required")
: 0; /* Optional for filters */
}
/* Filters */
if (!is_assertion)
return (error == 0)
- ? pr_op_err("Prefix filter can't have a max prefix length")
+ ? pr_err("Prefix filter can't have a max prefix length")
: 0;
/* Assertions */
max = (addr_fam == AF_INET) ? 32 : 128;
if (max < u32)
- return pr_op_err("Max prefix length (%u) is out of range [0, %u].",
+ return pr_err("Max prefix length (%u) is out of range [0, %u].",
u32, max);
*flag = *flag | SLURM_PFX_FLAG_MAX_LENGTH;
* without trailing '=' (Section 5 of [RFC4648])"
*/
if (strrchr(encoded, '=') != NULL)
- return pr_op_err_st("The base64 encoded value has trailing '='");
+ return pr_crit("The base64 encoded value has trailing '='");
/*
* IMHO there's an error at RFC 8416 regarding the use of base64
return error;
if (str_encoded == NULL)
return is_assertion
- ? pr_op_err("SLURM assertion " SKI " is required")
+ ? pr_err("SLURM assertion " SKI " is required")
: 0; /* Optional for filters */
error = validate_base64url_encoded(str_encoded);
return error;
if (!base64url_decode(str_encoded, &result->ski, &ski_len))
- return pr_op_err("The " SKI " could not be decoded.");
+ return pr_err("The " SKI " could not be decoded.");
/* Validate that's at least 20 octects long */
if (ski_len != RK_SKI_LEN) {
free(result->ski);
- return pr_op_err("The decoded SKI must be 20 octets long");
+ return pr_err("The decoded SKI must be 20 octets long");
}
result->data_flag = result->data_flag | SLURM_BGPS_FLAG_SKI;
spki = d2i_X509_PUBKEY(NULL, &cursor, len);
if (spki == NULL)
- return op_crypto_err("Not a valid router public key");
+ return pr_crypto_err("Not a valid router public key");
if (cursor != origin + len) {
X509_PUBKEY_free(spki);
- return op_crypto_err("Router public key contains trailing garbage.");
+ return pr_crypto_err("Router public key contains trailing garbage.");
}
ok = X509_PUBKEY_get0_param(&alg, NULL, NULL, &pa, spki);
if (!ok) {
X509_PUBKEY_free(spki);
- return op_crypto_err("X509_PUBKEY_get0_param() returned %d", ok);
+ return pr_crypto_err("X509_PUBKEY_get0_param() returned %d", ok);
}
error = validate_certificate_public_key_algorithm_bgpsec(pa);
/* Filters */
if (!is_assertion)
return (error == 0)
- ? pr_op_err("BGPsec filter can't have a router public key")
+ ? pr_err("BGPsec filter can't have a router public key")
: 0;
/* Assertions */
if (encoded == NULL)
- return pr_op_err("SLURM assertion " ROUTER_PUBLIC_KEY " is required.");
+ return pr_err("SLURM assertion " ROUTER_PUBLIC_KEY " is required.");
error = validate_base64url_encoded(encoded);
if (error)
return error;
if (!base64url_decode(encoded, &result->router_public_key, &spk_len))
- return pr_op_err("The " ROUTER_PUBLIC_KEY " could not be decoded.");
+ return pr_err("The " ROUTER_PUBLIC_KEY " could not be decoded.");
/*
* Validate that "is the full ASN.1 DER encoding of the
int error;
if (!json_is_object(object))
- return pr_op_err("Not a valid JSON object");
+ return pr_err("Not a valid JSON object");
init_slurm_prefix(&result);
member_count = 0;
/* A single comment isn't valid */
if (result.data_flag == SLURM_COM_FLAG_COMMENT)
- return pr_op_err("Single comments aren't valid");
+ return pr_err("Single comments aren't valid");
/* A filter must have ASN and/or prefix */
if (!is_assertion) {
if ((result.data_flag &
(SLURM_COM_FLAG_ASN | SLURM_PFX_FLAG_PREFIX)) == 0)
- return pr_op_err("Prefix filter must have an asn and/or prefix");
+ return pr_err("Prefix filter must have an asn and/or prefix");
/* Validate expected members */
if (!json_valid_members_count(object, member_count))
- return pr_op_err("Prefix filter has unknown members (see RFC 8416 section 3.3.1)");
+ return pr_err("Prefix filter has unknown members (see RFC 8416 section 3.3.1)");
return db_slurm_add_prefix_filter(db, &result);
}
if ((result.data_flag & SLURM_PFX_FLAG_MAX_LENGTH) > 0 &&
result.vrp.prefix_length > result.vrp.max_prefix_length)
- return pr_op_err("Prefix length is greater than max prefix length");
+ return pr_err("Prefix length is greater than max prefix length");
/* Validate expected members */
if (!json_valid_members_count(object, member_count))
- return pr_op_err("Prefix assertion has unknown members (see RFC 8416 section 3.4.1)");
+ return pr_err("Prefix assertion has unknown members (see RFC 8416 section 3.4.1)");
return db_slurm_add_prefix_assertion(db, &result);
}
if (!error)
continue;
if (error == EEXIST)
- pr_op_err(
+ pr_err(
"The prefix %s element \"%s\", covers or is covered by another assertion/filter; SLURM loading will be stopped. %s",
(is_assertion ? "assertion" : "filter"),
json_dumps(element, 0),
"TIP: More than 1 SLURM files were found, check if the prefix is contained in multiple files (see RFC 8416 section 4.2).");
else
- pr_op_err(
+ pr_err(
"Error at prefix %s, element \"%s\", SLURM loading will be stopped",
(is_assertion ? "assertions" : "filters"),
json_dumps(element, 0));
int error;
if (!json_is_object(object))
- return pr_op_err("Not a valid JSON object");
+ return pr_err("Not a valid JSON object");
init_slurm_bgpsec(&result);
member_count = 0;
/* A single comment isn't valid */
if (result.data_flag == SLURM_COM_FLAG_COMMENT) {
- error = pr_op_err("Single comments aren't valid");
+ error = pr_err("Single comments aren't valid");
goto release_router_key;
}
if (!is_assertion) {
if ((result.data_flag &
(SLURM_COM_FLAG_ASN | SLURM_BGPS_FLAG_SKI)) == 0) {
- error = pr_op_err("BGPsec filter must have an asn and/or SKI");
+ error = pr_err("BGPsec filter must have an asn and/or SKI");
goto release_router_key;
}
/* Validate expected members */
if (!json_valid_members_count(object, member_count)) {
- error = pr_op_err("BGPsec filter has unknown members (see RFC 8416 section 3.3.2)");
+ error = pr_err("BGPsec filter has unknown members (see RFC 8416 section 3.3.2)");
goto release_router_key;
}
/* Validate expected members */
if (!json_valid_members_count(object, member_count)) {
- error = pr_op_err("BGPsec assertion has unknown members (see RFC 8416 section 3.4.2)");
+ error = pr_err("BGPsec assertion has unknown members (see RFC 8416 section 3.4.2)");
goto release_router_key;
}
if (!error)
continue;
if (error == EEXIST)
- pr_op_err(
+ pr_err(
"The ASN at bgpsec %s element \"%s\", is duplicated in another assertion/filter; SLURM loading will be stopped. %s",
(is_assertion ? "assertion" : "filter"),
json_dumps(element, 0),
"TIP: More than 1 SLURM files were found, check if the ASN is contained in multiple files (see RFC 8416 section 4.2).");
else
- pr_op_err(
+ pr_err(
"Error at bgpsec %s, element \"%s\", SLURM loading will be stopped",
(is_assertion ? "assertions" : "filters"),
json_dumps(element, 0));
/* Validate data */
if (version != 1)
- return pr_op_err("'" SLURM_VERSION "' must be 1");
+ return pr_err("'" SLURM_VERSION "' must be 1");
return 0;
}
expected_members = 2;
if (!json_valid_members_count(filters, expected_members))
- return pr_op_err(
+ return pr_err(
"SLURM '%s' must contain only %lu members (RFC 8416 section 3.2)",
VALIDATION_OUTPUT_FILTERS,
expected_members);
expected_members = 2;
if (!json_valid_members_count(assertions, expected_members))
- return pr_op_err(
+ return pr_err(
"SLURM '%s' must contain only %lu members (RFC 8416 section 3.2)",
LOCALLY_ADDED_ASSERTIONS,
expected_members);
int error;
if (!json_is_object(root))
- return pr_op_err("The root of the SLURM is not a JSON object.");
+ return pr_err("The root of the SLURM is not a JSON object.");
error = load_version(root);
if (error)
expected_members = 3;
if (!json_valid_members_count(root, expected_members))
- return pr_op_err(
+ return pr_err(
"SLURM root must have only %lu members (RFC 8416 section 3.2)",
expected_members);
(int)talen, ta, proto);
if (chars < 0 || keylen <= chars) {
free(key);
- pr_op_warn("Cannot create valid_vrps_total stat: %d", chars);
+ pr_wrn("Cannot create valid_vrps_total stat: %d", chars);
return;
}
cancel:
free(buf.str);
- pr_op_err("Cannot create Prometheus response: Too many stats");
+ pr_err("Cannot create Prometheus response: Too many stats");
return NULL;
}
if (wr < 0)
return errno;
if (wr > len)
- pr_crit("wr > len: %zd > %zu", wr, len);
+ pr_panic("wr > len: %zd > %zu", wr, len);
len -= wr;
offset += wr;
} while (len > 0);
return task->u.tal;
}
- pr_crit("Unknown task type: %u", task->type);
+ pr_panic("Unknown task type: %u", task->type);
return NULL;
}
if (prev) {
ntasks--;
if (ntasks < 0)
- pr_crit("active < 0: %d", ntasks);
+ pr_panic("active < 0: %d", ntasks);
}
while (ntasks > 0) {
- pr_op_debug("task_dequeue(): %u existing tasks.", ntasks);
+ pr_trc("task_dequeue(): %u existing tasks.", ntasks);
task = STAILQ_FIRST(&waiting);
if (task != NULL) {
STAILQ_REMOVE_HEAD(&waiting, lh);
mutex_unlock(&lock);
- pr_op_debug("task_dequeue(): Claimed task '%s'.",
+ pr_trc("task_dequeue(): Claimed task '%s'.",
task_name(task));
return task;
}
- pr_op_debug("task_dequeue(): Sleeping...");
+ pr_trc("task_dequeue(): Sleeping...");
timeout.tv_sec = time_fatal() + 10;
error = pthread_cond_timedwait(&awakener, &lock, &timeout);
switch (error) {
case 0:
- pr_op_debug("task_dequeue(): Woke up by cond.");
+ pr_trc("task_dequeue(): Woke up by cond.");
break;
case ETIMEDOUT:
- pr_op_debug("task_dequeue(): Woke up by timeout.");
+ pr_trc("task_dequeue(): Woke up by timeout.");
break;
case EINTR:
- pr_op_debug("task_dequeue(): Interrupted by signal.");
+ pr_trc("task_dequeue(): Interrupted by signal.");
goto end;
default:
panic_on_fail(error, "pthread_cond_wait");
}
}
- pr_op_debug("task_dequeue(): No more tasks; done.");
+ pr_trc("task_dequeue(): No more tasks; done.");
panic_on_fail(pthread_cond_broadcast(&awakener),
"pthread_cond_broadcast");
end: mutex_unlock(&lock);
static void
wait_for_parent_signal(struct thread_pool *pool, unsigned int thread_id)
{
- pr_op_debug("Thread %s.%u: Waiting for work...", pool->name, thread_id);
+ pr_trc("Thread %s.%u: Waiting for work...", pool->name, thread_id);
panic_on_fail(pthread_cond_wait(&pool->parent2worker, &pool->lock),
"pthread_cond_wait");
}
task = TAILQ_LAST(&pool->queue, task_queue);
if (task != NULL) {
TAILQ_REMOVE(&pool->queue, task, next);
- pr_op_debug("Thread %s.%u: Claimed task '%s'", pool->name,
+ pr_trc("Thread %s.%u: Claimed task '%s'", pool->name,
thread_id, task->name);
} else {
- pr_op_debug("Thread %s.%u: Claimed nothing", pool->name,
+ pr_trc("Thread %s.%u: Claimed nothing", pool->name,
thread_id);
}
task_queue_push(struct thread_pool *pool, struct thread_pool_task *task)
{
TAILQ_INSERT_HEAD(&pool->queue, task, next);
- pr_op_debug("Pool '%s': Pushed task '%s'", pool->name, task->name);
+ pr_trc("Pool '%s': Pushed task '%s'", pool->name, task->name);
}
/*
if (task != NULL) {
task->cb(task->arg);
- pr_op_debug("Thread %s.%u: Task '%s' ended", pool->name,
+ pr_trc("Thread %s.%u: Task '%s' ended", pool->name,
thread_id, task->name);
task_destroy(task);
}
}
mutex_unlock(&pool->lock);
- pr_op_debug("Thread %s.%u: Returning.", pool->name, thread_id);
+ pr_trc("Thread %s.%u: Returning.", pool->name, thread_id);
return NULL;
}
error = pthread_attr_init(attr);
if (error) {
- pr_op_err_st("pthread_attr_init() failed: %s", strerror(error));
+ pr_crit("pthread_attr_init() failed: %s", strerror(error));
return error;
}
error = pthread_attr_setstacksize(attr, 1024 * 1024 * 2);
if (error) {
pthread_attr_destroy(attr);
- pr_op_err_st("pthread_attr_setstacksize() failed: %s",
+ pr_crit("pthread_attr_setstacksize() failed: %s",
strerror(error));
return error;
}
error = pthread_create(&pool->thread_ids[i], &attr, tasks_poll,
pool);
if (error) {
- pr_op_err_st("pthread_create() failed: %s",
+ pr_crit("pthread_create() failed: %s",
strerror(error));
goto end;
}
- pr_op_debug("Pool '%s': Thread #%u spawned", pool->name, i + 1);
+ pr_trc("Pool '%s': Thread #%u spawned", pool->name, i + 1);
}
end:
/* Init locking */
error = pthread_mutex_init(&result->lock, NULL);
if (error) {
- pr_op_err_st("pthread_mutex_init() failed: %s",
+ pr_crit("pthread_mutex_init() failed: %s",
strerror(error));
goto free_tmp;
}
/* Init conditional to signal pending work */
error = pthread_cond_init(&result->parent2worker, NULL);
if (error) {
- pr_op_err_st("pthread_cond_init(p2w) failed: %s",
+ pr_crit("pthread_cond_init(p2w) failed: %s",
strerror(error));
goto free_mutex;
}
/* Init conditional to signal no pending work */
error = pthread_cond_init(&result->worker2parent, NULL);
if (error) {
- pr_op_err_st("pthread_cond_init(w2p) failed: %s",
+ pr_crit("pthread_cond_init(w2p) failed: %s",
strerror(error));
goto free_working_cond;
}
struct thread_pool_task *tmp;
unsigned int t;
- pr_op_debug("Destroying thread pool '%s'.", pool->name);
+ pr_trc("Destroying thread pool '%s'.", pool->name);
/* Remove all pending work and send the signal to stop it */
mutex_lock(&pool->lock);
pthread_mutex_destroy(&pool->lock);
free(pool);
- pr_op_debug("Destroyed.");
+ pr_trc("Destroyed.");
}
/*
/* If the pool has to stop, the wait will happen during the joins. */
while (!pool->stop) {
- pr_op_debug("- Active workers: %u", pool->working_count);
- pr_op_debug("- Task queue: %s",
+ pr_trc("- Active workers: %u", pool->working_count);
+ pr_trc("- Task queue: %s",
TAILQ_EMPTY(&pool->queue) ? "Empty" : "Not Empty");
if (pool->working_count == 0 && TAILQ_EMPTY(&pool->queue)) {
- pr_op_debug("Pool '%s': All work has been completed.",
+ pr_trc("Pool '%s': All work has been completed.",
pool->name);
break;
}
- pr_op_debug("Pool '%s': Waiting for tasks to be completed",
+ pr_trc("Pool '%s': Waiting for tasks to be completed",
pool->name);
wait_for_worker_signal(pool);
}
*/
error = pthread_key_create(&filenames_key, fnstack_discard);
if (error) {
- pr_op_err(
+ pr_err(
"Cannot initialize the file name stack thread variable: %s",
strerror(error));
return error;
error = pthread_setspecific(filenames_key, files);
if (error)
- pr_op_err("pthread_setspecific() failed: %s", strerror(error));
+ pr_err("pthread_setspecific() failed: %s", strerror(error));
}
void
error = pthread_setspecific(filenames_key, NULL);
if (error)
- pr_op_err("pthread_setspecific() failed: %s", strerror(error));
+ pr_err("pthread_setspecific() failed: %s", strerror(error));
}
/*
* Call this function every time you're about to start processing a new file.
- * Any pr_op_err()s and friends will now include the new file name.
+ * Any pr_err()s and friends will now include the new file name.
* Use fnstack_pop() to revert back to the previously stacked file name.
* @file is not cloned; it's expected to outlive the push/pop operation.
*
* test_fnstack(void)
* {
* fnstack_push("text.txt");
- * pr_val_info("Message 1");
+ * pr_inf("Message 1");
* fnstack_push("image.png");
- * pr_val_info("Message 2");
+ * pr_inf("Message 2");
* fnstack_pop();
- * pr_val_info("Message 3");
+ * pr_inf("Message 3");
* fnstack_pop();
* }
*
int len;
if (str->size > 4) {
- return pr_val_err("IPv4 address has too many octets. (%zu)",
+ return pr_err("IPv4 address has too many octets. (%zu)",
str->size);
}
if (str->bits_unused < 0 || 7 < str->bits_unused) {
- return pr_val_err("Bit string IPv4 address's unused bits count (%d) is out of range (0-7).",
+ return pr_err("Bit string IPv4 address's unused bits count (%d) is out of range (0-7).",
str->bits_unused);
}
len = 8 * str->size - str->bits_unused;
if (len < 0 || 32 < len) {
- return pr_val_err("IPv4 prefix length (%d) is out of bounds (0-32).",
+ return pr_err("IPv4 prefix length (%d) is out of bounds (0-32).",
len);
}
result->len = len;
if ((result->addr.s_addr & be32_suffix_mask(result->len)) != 0) {
- return pr_val_err("IPv4 prefix '%s/%u' has enabled suffix bits.",
+ return pr_err("IPv4 prefix '%s/%u' has enabled suffix bits.",
addr2str4(&result->addr, buf), result->len);
}
int len;
if (str->size > 16) {
- return pr_val_err("IPv6 address has too many octets. (%zu)",
+ return pr_err("IPv6 address has too many octets. (%zu)",
str->size);
}
if (str->bits_unused < 0 || 7 < str->bits_unused) {
- return pr_val_err("Bit string IPv6 address's unused bits count (%d) is out of range (0-7).",
+ return pr_err("Bit string IPv6 address's unused bits count (%d) is out of range (0-7).",
str->bits_unused);
}
len = 8 * str->size - str->bits_unused;
if (len < 0 || 128 < len) {
- return pr_val_err("IPv6 prefix length (%d) is out of bounds (0-128).",
+ return pr_err("IPv6 prefix length (%d) is out of bounds (0-128).",
len);
}
memset(&suffix, 0, sizeof(suffix));
ipv6_suffix_mask(result->len, &suffix);
if (addr6_bitwise_and(&result->addr, &suffix)) {
- return pr_val_err("IPv6 prefix '%s/%u' has enabled suffix bits.",
+ return pr_err("IPv6 prefix '%s/%u' has enabled suffix bits.",
addr2str6(&result->addr, buf), result->len);
}
char buf2[INET_ADDRSTRLEN];
if (ntohl(result->min.s_addr) > ntohl(result->max.s_addr)) {
- return pr_val_err("The IPv4 range '%s-%s' is inverted.",
+ return pr_err("The IPv4 range '%s-%s' is inverted.",
addr2str4(&result->min, buf1),
addr2str4(&result->max, buf2));
}
if (((MIN & mask) != 0) || ((MAX & mask) == 0))
return 0;
- return pr_val_err("IPAddressRange '%s-%s' is a range, but should have been encoded as a prefix.",
+ return pr_err("IPAddressRange '%s-%s' is a range, but should have been encoded as a prefix.",
addr2str4(&range->min, buf1), addr2str4(&range->max, buf2));
}
min = addr6_get_quadrant(&result->min, quadrant);
max = addr6_get_quadrant(&result->max, quadrant);
if (min > max) {
- return pr_val_err("The IPv6 range '%s-%s' is inverted.",
+ return pr_err("The IPv6 range '%s-%s' is inverted.",
addr2str6(&result->min, buf1),
addr2str6(&result->max, buf2));
} else if (min < max) {
{
char buf1[INET6_ADDRSTRLEN];
char buf2[INET6_ADDRSTRLEN];
- return pr_val_err("IPAddressRange %s-%s is a range, but should have been encoded as a prefix.",
+ return pr_err("IPAddressRange %s-%s is a range, but should have been encoded as a prefix.",
addr2str6(&range->min, buf1),
addr2str6(&range->max, buf2));
}
int error;
if (str == NULL)
- return pr_val_err("Can't parse NULL IPv4 prefix");
+ return pr_err("Can't parse NULL IPv4 prefix");
error = str2addr4(str, &result->addr);
if (error)
- return pr_val_err("Invalid IPv4 prefix '%s'", str);
+ return pr_err("Invalid IPv4 prefix '%s'", str);
return 0;
}
int error;
if (str == NULL)
- return pr_val_err("Can't parse NULL IPv6 prefix");
+ return pr_err("Can't parse NULL IPv6 prefix");
error = str2addr6(str, &result->addr);
if (error)
- return pr_val_err("Invalid IPv6 prefix '%s'", str);
+ return pr_err("Invalid IPv6 prefix '%s'", str);
return 0;
}
int error;
if (text == NULL)
- return pr_val_err("Can't decode NULL prefix length");
+ return pr_err("Can't decode NULL prefix length");
errno = 0;
len = strtoul(text, NULL, 10);
error = errno;
if (error) {
- return pr_val_err("Invalid prefix length '%s': %s", text,
+ return pr_err("Invalid prefix length '%s': %s", text,
strerror(error));
}
/* An underflow or overflow will be considered here */
if (max_value < len)
- return pr_val_err("Prefix length (%lu) is out of range (0-%u).",
+ return pr_err("Prefix length (%lu) is out of range (0-%u).",
len, max_value);
*dst = (uint8_t) len;
char buffer[INET_ADDRSTRLEN];
if ((prefix->addr.s_addr & be32_suffix_mask(prefix->len)) != 0)
- return pr_val_err("IPv4 prefix %s/%u has enabled suffix bits.",
+ return pr_err("IPv4 prefix %s/%u has enabled suffix bits.",
addr2str4(&prefix->addr, buffer), prefix->len);
return 0;
for (i = 0; i < 16; i++)
if (prefix->addr.s6_addr[i] & suffix.s6_addr[i])
- return pr_val_err("IPv6 prefix %s/%u has enabled suffix bits.",
+ return pr_err("IPv6 prefix %s/%u has enabled suffix bits.",
addr2str6(&prefix->addr, buffer), prefix->len);
return 0;
type = BIO_get_new_index();
if (type == -1)
- return op_crypto_err("BIO_get_new_index() returned -1.");
+ return pr_crypto_err("BIO_get_new_index() returned -1.");
method = BIO_meth_new(type | BIO_TYPE_FILTER, "seq");
if (method == NULL)
- return op_crypto_err("BIO_meth_new() returned NULL.");
+ return pr_crypto_err("BIO_meth_new() returned NULL.");
if (!BIO_meth_set_read(method, bioseq_read) ||
!BIO_meth_set_destroy(method, bioseq_destroy)) {
BIO_meth_free(method);
method = NULL;
- return op_crypto_err("BIO_meth_set_*() returned 0.");
+ return pr_crypto_err("BIO_meth_set_*() returned 0.");
}
return 0;
return path_filename(uri_str(&map->url));
}
- pr_crit("Unknown file name format: %u", format);
+ pr_panic("Unknown file name format: %u", format);
return NULL;
}
data = X509_NAME_ENTRY_get_data(name);
if (data == NULL)
- return val_crypto_err("X509_NAME_ENTRY_get_data() returned NULL");
+ return pr_crypto_err("X509_NAME_ENTRY_get_data() returned NULL");
result = pmalloc(data->length + 1);
memcpy(result, data->data, data->length);
error = name2string(entry, &result->serialNumber);
break;
default:
- error = pr_val_err("The '%s' name has an unknown attribute. (NID: %d)",
+ error = pr_err("The '%s' name has an unknown attribute. (NID: %d)",
what, nid);
break;
}
}
if (result->commonName == NULL) {
- error = pr_val_err("The '%s' name lacks a commonName attribute.",
+ error = pr_err("The '%s' name lacks a commonName attribute.",
what);
goto fail;
}
parent_serial = x509_name_serialNumber(parent_subject);
child_serial = x509_name_serialNumber(child_issuer);
- error = pr_val_err("Issuer name ('%s%s%s') does not equal issuer certificate's name ('%s%s%s').",
+ error = pr_err("Issuer name ('%s%s%s') does not equal issuer certificate's name ('%s%s%s').",
x509_name_commonName(child_issuer),
(child_serial != NULL) ? "/" : "",
(child_serial != NULL) ? child_serial : "",
return RCR_EINTERSECTION;
}
- pr_crit("Unknown comparison value: %u", cmp);
+ pr_panic("Unknown comparison value: %u", cmp);
}
enum resource_cmp_result
return false;
}
- pr_crit("Unknown comparison value: %u", cmp);
+ pr_panic("Unknown comparison value: %u", cmp);
}
return false;
written = snprintf(result, n, "%s%s", s1, s2);
if (written != n - 1)
- pr_crit("str_concat: %zu %d %s %s", n, written, s1, s2);
+ pr_panic("str_concat: %zu %d %s %s", n, written, s1, s2);
return result;
}
/* Implementation-aware */
if (ia5->flags & ASN1_STRING_FLAG_BITS_LEFT) {
- pr_val_warn("CRL URI IA5String has unused bits.");
+ pr_wrn("CRL URI IA5String has unused bits.");
return EINVAL;
}
len = ASN1_STRING_length(ia5);
for (i = 0; i < len; i++)
if (data[i] == 0) {
- pr_val_warn("Null character found in IA5String index %zu. (Length: %zu)",
+ pr_wrn("Null character found in IA5String index %zu. (Length: %zu)",
i, len);
return EINVAL;
}
bio = BIO_new(BIO_s_mem());
if (bio == NULL)
- return val_crypto_err("Cannot create a BIO.");
+ return pr_crypto_err("Cannot create a BIO.");
if (BN_print(bio, bn) == 0) {
BIO_free(bio);
- return val_crypto_err("Unable to print the BIGNUM into a BIO");
+ return pr_crypto_err("Unable to print the BIGNUM into a BIO");
}
written = BIO_number_written(bio);
case '#':
goto frag;
default:
- pr_crit("Unhandled character after query: %c",
+ pr_panic("Unhandled character after query: %c",
cursor[0]);
}
break;
break;
default:
- pr_crit("Unhandled character after path: %c",
+ pr_panic("Unhandled character after path: %c",
cursor[0]);
}
}
return addr6_equals(&a->prefix.v6, &b->prefix.v6);
}
- pr_crit("Unknown address family: %u", a->addr_fam);
+ pr_panic("Unknown address family: %u", a->addr_fam);
return false; /* Warning shutupper */
}
&& (a->prefix_length <= b->prefix_length);
}
- pr_crit("Unknown address family: %u", a->addr_fam);
+ pr_panic("Unknown address family: %u", a->addr_fam);
return false; /* Warning shutupper */
}
tt_now = time_fatal();
if (localtime_r(&tt_now, &tm) == NULL) {
error = errno;
- pr_crit("localtime_r(tt, &tm) returned error: %s",
+ pr_panic("localtime_r(tt, &tm) returned error: %s",
strerror(error));
}
tm.tm_mday -= days;
last_week = mktime(&tm);
if (last_week == (time_t) -1)
- pr_crit("mktime(tm) returned (time_t) -1.");
+ pr_panic("mktime(tm) returned (time_t) -1.");
return last_week;
}
{
epoch = outdate ? get_days_ago(30) : get_days_ago(1);
- pr_op_debug("--- Unfreshening... ---");
+ pr_trc("--- Unfreshening... ---");
foreach_node(unfreshen, NULL);
ck_assert_int_eq(0, nftw(".", nftw_unfreshen, 32, FTW_PHYS));
- pr_op_debug("---- Tree now stale. ----");
+ pr_trc("---- Tree now stale. ----");
cache_print();
}
{
struct timespec now;
if (clock_gettime(CLOCK_MONOTONIC, &now) < 0)
- pr_crit("clock_gettime() returned '%s'", strerror(errno));
+ pr_panic("clock_gettime() returned '%s'", strerror(errno));
printf("%ld.%.3ld ", now.tv_sec, now.tv_nsec / 1000000);
}
return result; \
}
-MOCK_VOID_PRINT(pr_op_debug, PR_COLOR_DBG)
-MOCK_VOID_PRINT(pr_op_info, PR_COLOR_INF)
-MOCK_INT_PRINT(pr_op_warn, PR_COLOR_WRN, 0)
-MOCK_INT_PRINT(pr_op_err, PR_COLOR_ERR, EINVAL)
-MOCK_INT_PRINT(pr_op_err_st, PR_COLOR_ERR, EINVAL)
-MOCK_INT_PRINT(op_crypto_err, PR_COLOR_ERR, EINVAL)
-
-MOCK_VOID_PRINT(pr_val_debug, PR_COLOR_DBG)
-MOCK_VOID_PRINT(pr_val_info, PR_COLOR_INF)
-MOCK_INT_PRINT(pr_val_warn, PR_COLOR_WRN, 0)
-MOCK_INT_PRINT(pr_val_err, PR_COLOR_ERR, EINVAL)
+MOCK_VOID_PRINT(pr_trc, PR_COLOR_DBG)
+MOCK_VOID_PRINT(pr_inf, PR_COLOR_INF)
+MOCK_INT_PRINT(pr_wrn, PR_COLOR_WRN, 0)
+MOCK_INT_PRINT(pr_err, PR_COLOR_ERR, EINVAL)
+MOCK_INT_PRINT(pr_crit, PR_COLOR_ERR, EINVAL)
struct crypto_cb_arg {
unsigned int stack_size;
}
int
-val_crypto_err(const char *format, ...)
+pr_crypto_err(const char *format, ...)
{
MOCK_PRINT(PR_COLOR_ERR);
- return crypto_err(pr_val_err);
+ return crypto_err(pr_err);
}
void
}
void
-pr_crit(const char *format, ...)
+pr_panic(const char *format, ...)
{
va_list args;
- fprintf(stderr, "pr_crit() called! ");
+ fprintf(stderr, "pr_panic() called! ");
va_start(args, format);
vfprintf(stderr, format, args);
va_end(args);
int fd;
int error;
- pr_op_debug("touch %s", file);
+ pr_trc("touch %s", file);
fd = open(file, O_WRONLY | O_CREAT, CACHE_FILEMODE);
if (fd < 0) {
{
struct sigaction action = { .sa_handler = SIG_IGN };
if (sigaction(SIGPIPE, &action, NULL) == -1)
- pr_crit("Cannot disable SIGPIPE: %s", strerror(errno));
+ pr_panic("Cannot disable SIGPIPE: %s", strerror(errno));
}
static void
size_t i;
if (sizeof(content) % STR64LEN != 0)
- pr_crit("content's length isn't divisible by str64's length");
+ pr_panic("content's length isn't divisible by str64's length");
for (i = 0; i < (sizeof(content) / STR64LEN); i++)
memcpy(content + 64 * i, STR64, STR64LEN);
}
int
send_cache_reset_pdu(int fd, uint8_t version)
{
- pr_op_info(" Server sent Cache Reset.");
+ pr_inf(" Server sent Cache Reset.");
ck_assert_int_eq(pop_expected_pdu(), PDU_TYPE_CACHE_RESET);
return 0;
}
int
send_cache_response_pdu(int fd, uint8_t version)
{
- pr_op_info(" Server sent Cache Response.");
+ pr_inf(" Server sent Cache Response.");
ck_assert_int_eq(pop_expected_pdu(), PDU_TYPE_CACHE_RESPONSE);
return 0;
}
* we'll just check `M + N` contiguous Prefix PDUs.
*/
uint8_t pdu_type = pop_expected_pdu();
- pr_op_info(" Server sent Prefix PDU.");
+ pr_inf(" Server sent Prefix PDU.");
switch (vrp->addr_fam) {
case AF_INET:
* we'll just check `M + N` contiguous Prefix PDUs.
*/
uint8_t pdu_type = pop_expected_pdu();
- pr_op_info(" Server sent Router Key PDU.");
+ pr_inf(" Server sent Router Key PDU.");
printf("%s asn%u RK\n", flags2str(flags), router_key->as);
ck_assert_msg(pdu_type == PDU_TYPE_ROUTER_KEY,
"Server sent a Router Key. Expected PDU type was %d.", pdu_type);
int
send_end_of_data_pdu(int fd, uint8_t version, serial_t end_serial)
{
- pr_op_info(" Server sent End of Data.");
+ pr_inf(" Server sent End of Data.");
ck_assert_int_eq(pop_expected_pdu(), PDU_TYPE_END_OF_DATA);
return 0;
}
send_error_report_pdu(int fd, uint8_t version, uint16_t code,
struct rtr_buffer const *request, char *message)
{
- pr_op_info(" Server sent Error Report %u: '%s'", code, message);
+ pr_inf(" Server sent Error Report %u: '%s'", code, message);
ck_assert_int_eq(pop_expected_pdu(), PDU_TYPE_ERROR_REPORT);
return 0;
}
{
struct rtr_request request;
- pr_op_info("-- Start or Restart --");
+ pr_inf("-- Start or Restart --");
/* Init */
init_db_full();
{
struct rtr_request request;
- pr_op_info("-- Typical Exchange --");
+ pr_inf("-- Typical Exchange --");
/* Init */
init_db_full();
{
struct rtr_request request;
- pr_op_info("-- No Incremental Update Available --");
+ pr_inf("-- No Incremental Update Available --");
/* Init */
init_db_full();
{
struct rtr_request request;
- pr_op_info("-- Cache Has No Data Available --");
+ pr_inf("-- Cache Has No Data Available --");
/* Init */
ck_assert_int_eq(0, vrps_init());
{
struct rtr_request request;
- pr_op_info("-- Bad Session ID --");
+ pr_inf("-- Bad Session ID --");
/* Init */
init_db_full();
projects / thirdparty / FORT-validator.git / commitdiff
