child-cfg: Allow suppressing log messages when selecting traffic selectors

Although being already logged on level 2, these messages are usually just
confusing if they pop up randomly in the log when e.g. querying the configs
or installing traps.  So after this the log messages will only be logged when
actually proposing or selecting traffic selectors during IKE.

diff --git a/src/libcharon/config/child_cfg.c b/src/libcharon/config/child_cfg.c
index 0b00599a95bf1e4b85259727199cb79984200f97..d8083d433216d60c919a60af0136409c323b8442 100644 (file)
--- a/src/libcharon/config/child_cfg.c
+++ b/src/libcharon/config/child_cfg.c
@@ -289,7 +289,7 @@ METHOD(child_cfg_t, add_traffic_selector, void,
 
 METHOD(child_cfg_t, get_traffic_selectors, linked_list_t*,
        private_child_cfg_t *this, bool local, linked_list_t *supplied,
-       linked_list_t *hosts)
+       linked_list_t *hosts, bool log)
 {
        enumerator_t *e1, *e2;
        traffic_selector_t *ts1, *ts2, *selected;
@@ -334,13 +334,19 @@ METHOD(child_cfg_t, get_traffic_selectors, linked_list_t*,
        }
        e1->destroy(e1);
 
-       DBG2(DBG_CFG, "%s traffic selectors for %s:",
-                supplied ? "selecting" : "proposing", local ? "us" : "other");
-       if (supplied == NULL)
+       if (log)
+       {
+               DBG2(DBG_CFG, "%s traffic selectors for %s:",
+                        supplied ? "selecting" : "proposing", local ? "us" : "other");
+       }
+       if (!supplied)
        {
                while (derived->remove_first(derived, (void**)&ts1) == SUCCESS)
                {
-                       DBG2(DBG_CFG, " %R", ts1);
+                       if (log)
+                       {
+                               DBG2(DBG_CFG, " %R", ts1);
+                       }
                        result->insert_last(result, ts1);
                }
                derived->destroy(derived);
@@ -358,11 +364,14 @@ METHOD(child_cfg_t, get_traffic_selectors, linked_list_t*,
                                selected = ts1->get_subset(ts1, ts2);
                                if (selected)
                                {
-                                       DBG2(DBG_CFG, " config: %R, received: %R => match: %R",
-                                                ts1, ts2, selected);
+                                       if (log)
+                                       {
+                                               DBG2(DBG_CFG, " config: %R, received: %R => match: %R",
+                                                        ts1, ts2, selected);
+                                       }
                                        result->insert_last(result, selected);
                                }
-                               else
+                               else if (log)
                                {
                                        DBG2(DBG_CFG, " config: %R, received: %R => no match",
                                                 ts1, ts2);

diff --git a/src/libcharon/config/child_cfg.h b/src/libcharon/config/child_cfg.h
index d566da3ecfab55f9bf1567d0757211ae7d379d0a..2defd03301d8d38b75f0d8a3fe7a046ca49cfa71 100644 (file)
--- a/src/libcharon/config/child_cfg.h
+++ b/src/libcharon/config/child_cfg.h
@@ -135,11 +135,13 @@ struct child_cfg_t {
         * @param local                 TRUE for TS on local side, FALSE for remote
         * @param supplied              list with TS to select from, or NULL
         * @param hosts                 addresses to use for narrowing "dynamic" TS', host_t
+        * @param log                   FALSE to avoid logging details about the selection
         * @return                              list containing the traffic selectors
         */
        linked_list_t *(*get_traffic_selectors)(child_cfg_t *this, bool local,
                                                                                        linked_list_t *supplied,
-                                                                                       linked_list_t *hosts);
+                                                                                       linked_list_t *hosts, bool log);
+
        /**
         * Get the updown script to run for the CHILD_SA.
         *

diff --git a/src/libcharon/config/peer_cfg.c b/src/libcharon/config/peer_cfg.c
index 29f06785843ae4260c335c4a70664f39c38d04fe..47a994f60f4ab2aa3e1d301df79fb65c7becbdcf 100644 (file)
--- a/src/libcharon/config/peer_cfg.c
+++ b/src/libcharon/config/peer_cfg.c
@@ -379,7 +379,7 @@ static int get_ts_match(child_cfg_t *cfg, bool local,
        int match = 0, round;
 
        /* fetch configured TS list, narrowing dynamic TS */
-       cfg_list = cfg->get_traffic_selectors(cfg, local, NULL, hosts);
+       cfg_list = cfg->get_traffic_selectors(cfg, local, NULL, hosts, TRUE);
 
        /* use a round counter to rate leading TS with higher priority */
        round = sup_list->get_count(sup_list);

diff --git a/src/libcharon/plugins/smp/smp.c b/src/libcharon/plugins/smp/smp.c
index 86296443d49e6732e974f39aaef9059ea46955e3..e7f6185847c860ccbbad2681b80e10623f108dcd 100644 (file)
--- a/src/libcharon/plugins/smp/smp.c
+++ b/src/libcharon/plugins/smp/smp.c
@@ -324,10 +324,12 @@ static void request_query_config(xmlTextReaderPtr reader, xmlTextWriterPtr write
                        xmlTextWriterStartElement(writer, "childconfig");
                        xmlTextWriterWriteElement(writer, "name",
                                                                          child_cfg->get_name(child_cfg));
-                       list = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
+                       list = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL,
+                                                                                                       NULL, FALSE);
                        write_networks(writer, "local", list);
                        list->destroy_offset(list, offsetof(traffic_selector_t, destroy));
-                       list = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL, NULL);
+                       list = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL,
+                                                                                                       NULL, FALSE);
                        write_networks(writer, "remote", list);
                        list->destroy_offset(list, offsetof(traffic_selector_t, destroy));
                        xmlTextWriterEndElement(writer);

diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c
index d1bf139c2f7869bd23d415ad7cb1f3f687225af2..392eac86d79c95681f13f4a33c083254e5eda65e 100644 (file)
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -580,8 +580,10 @@ METHOD(stroke_list_t, status, void,
                        children = peer_cfg->create_child_cfg_enumerator(peer_cfg);
                        while (children->enumerate(children, &child_cfg))
                        {
-                               my_ts = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
-                               other_ts = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL, NULL);
+                               my_ts = child_cfg->get_traffic_selectors(child_cfg, TRUE,
+                                                                                                                NULL, NULL, FALSE);
+                               other_ts = child_cfg->get_traffic_selectors(child_cfg, FALSE,
+                                                                                                                       NULL, NULL, FALSE);
                                fprintf(out, "%12s:   child:  %#R === %#R %N",
                                                child_cfg->get_name(child_cfg), my_ts, other_ts,
                                                ipsec_mode_names, child_cfg->get_mode(child_cfg));
@@ -614,8 +616,10 @@ METHOD(stroke_list_t, status, void,
                        fprintf(out, "Shunted Connections:\n");
                        first = FALSE;
                }
-               my_ts = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
-               other_ts = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL, NULL);
+               my_ts = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL,
+                                                                                                NULL, FALSE);
+               other_ts = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL,
+                                                                                                       NULL, FALSE);
                fprintf(out, "%12s:  %#R === %#R %N\n",
                                child_cfg->get_name(child_cfg), my_ts, other_ts,
                                ipsec_mode_names, child_cfg->get_mode(child_cfg));

diff --git a/src/libcharon/plugins/unity/unity_narrow.c b/src/libcharon/plugins/unity/unity_narrow.c
index 05ae8d5042f17a86bc02c44d730d8208fe387cbf..afbd6cc7ed9360baf6cc84e62efcd48d463d502f 100644 (file)
--- a/src/libcharon/plugins/unity/unity_narrow.c
+++ b/src/libcharon/plugins/unity/unity_narrow.c
@@ -56,7 +56,7 @@ static void narrow_ts(child_cfg_t *cfg, traffic_selector_t *ts,
 
        received = linked_list_create();
        received->insert_last(received, ts);
-       selected = cfg->get_traffic_selectors(cfg, FALSE, received, NULL);
+       selected = cfg->get_traffic_selectors(cfg, FALSE, received, NULL, FALSE);
        while (selected->remove_first(selected, (void**)&ts) == SUCCESS)
        {
                list->insert_last(list, ts);
@@ -140,7 +140,8 @@ static void narrow_responder_post(child_cfg_t *child_cfg, linked_list_t *local)
        {
                ts->destroy(ts);
        }
-       configured = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
+       configured = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL,
+                                                                                                 FALSE);
 
        while (configured->remove_first(configured, (void**)&ts) == SUCCESS)
        {

diff --git a/src/libcharon/plugins/unity/unity_provider.c b/src/libcharon/plugins/unity/unity_provider.c
index b52ffeeb15ba33f1c6a2034dfe5e4f03afe65ce5..76aad47e6f18d5017833c2ef43b7df1619a94308 100644 (file)
--- a/src/libcharon/plugins/unity/unity_provider.c
+++ b/src/libcharon/plugins/unity/unity_provider.c
@@ -160,7 +160,8 @@ METHOD(attribute_provider_t, create_attribute_enumerator, enumerator_t*,
        enumerator = peer_cfg->create_child_cfg_enumerator(peer_cfg);
        while (enumerator->enumerate(enumerator, &child_cfg))
        {
-               current = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
+               current = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL,
+                                                                                                  FALSE);
                while (current->remove_first(current, (void**)&ts) == SUCCESS)
                {
                        if (use_ts(ts))

diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
index 4385cf606141232bdf49cc22f6dff07af3f84d9c..f529902db22b7cbf7f31b4ff0b1743378029df56 100644 (file)
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
@@ -570,7 +570,7 @@ static void raise_policy_cfg(private_vici_query_t *this, u_int id, char *ike,
        list_mode(b, NULL, cfg);
 
        b->begin_list(b, "local-ts");
-       list = cfg->get_traffic_selectors(cfg, TRUE, NULL, NULL);
+       list = cfg->get_traffic_selectors(cfg, TRUE, NULL, NULL, FALSE);
        enumerator = list->create_enumerator(list);
        while (enumerator->enumerate(enumerator, &ts))
        {
@@ -581,7 +581,7 @@ static void raise_policy_cfg(private_vici_query_t *this, u_int id, char *ike,
        b->end_list(b /* local-ts */);
 
        b->begin_list(b, "remote-ts");
-       list = cfg->get_traffic_selectors(cfg, FALSE, NULL, NULL);
+       list = cfg->get_traffic_selectors(cfg, FALSE, NULL, NULL, FALSE);
        enumerator = list->create_enumerator(list);
        while (enumerator->enumerate(enumerator, &ts))
        {
@@ -873,7 +873,8 @@ CALLBACK(list_conns, vici_message_t*,
                                          child_cfg->get_close_action(child_cfg));
 
                        b->begin_list(b, "local-ts");
-                       list = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
+                       list = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL,
+                                                                                                       NULL, FALSE);
                        selectors = list->create_enumerator(list);
                        while (selectors->enumerate(selectors, &ts))
                        {
@@ -884,7 +885,8 @@ CALLBACK(list_conns, vici_message_t*,
                        b->end_list(b /* local-ts */);
 
                        b->begin_list(b, "remote-ts");
-                       list = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL, NULL);
+                       list = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL,
+                                                                                                       NULL, FALSE);
                        selectors = list->create_enumerator(list);
                        while (selectors->enumerate(selectors, &ts))
                        {

diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c
index 7eeb578f32c81f0c87fd489cdbab7a235eb488cf..49717703c991ef1f313d5c87bc53bc49aba6f5d8 100644 (file)
--- a/src/libcharon/sa/child_sa.c
+++ b/src/libcharon/sa/child_sa.c
@@ -1723,7 +1723,7 @@ static host_t* get_proxy_addr(child_cfg_t *config, host_t *ike, bool local)
        traffic_selector_t *ts;
 
        list = linked_list_create_with_items(ike, NULL);
-       ts_list = config->get_traffic_selectors(config, local, NULL, list);
+       ts_list = config->get_traffic_selectors(config, local, NULL, list, FALSE);
        list->destroy(list);
 
        enumerator = ts_list->create_enumerator(ts_list);

diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c
index 5e5b61e7f401d46a19351195c2606c9667cdbd32..007e94d96866b948a3497477b8dd5dcda235b488 100644 (file)
--- a/src/libcharon/sa/ikev1/tasks/quick_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c
@@ -544,7 +544,7 @@ static traffic_selector_t* select_ts(private_quick_mode_t *this, bool local,
 
        hosts = get_dynamic_hosts(this->ike_sa, local);
        list = this->config->get_traffic_selectors(this->config,
-                                                                                          local, supplied, hosts);
+                                                                                          local, supplied, hosts, TRUE);
        hosts->destroy(hosts);
        if (list->get_first(list, (void**)&ts) == SUCCESS)
        {

diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c
index c90af23b9939db561998e27b12b206f39fd946e1..15bd62471e3cf974e0ec077945da6b9c780c8f43 100644 (file)
--- a/src/libcharon/sa/ikev2/tasks/child_create.c
+++ b/src/libcharon/sa/ikev2/tasks/child_create.c
@@ -481,12 +481,14 @@ static linked_list_t* narrow_ts(private_child_create_t *this, bool local,
                this->ike_sa->has_condition(this->ike_sa, cond))
        {
                nat = get_transport_nat_ts(this, local, in);
-               ts = this->config->get_traffic_selectors(this->config, local, nat, hosts);
+               ts = this->config->get_traffic_selectors(this->config, local, nat,
+                                                                                                hosts, TRUE);
                nat->destroy_offset(nat, offsetof(traffic_selector_t, destroy));
        }
        else
        {
-               ts = this->config->get_traffic_selectors(this->config, local, in, hosts);
+               ts = this->config->get_traffic_selectors(this->config, local, in,
+                                                                                                hosts, TRUE);
        }
 
        hosts->destroy(hosts);
@@ -1075,7 +1077,7 @@ METHOD(task_t, build_i, status_t,
        if (list->get_count(list))
        {
                this->tsi = this->config->get_traffic_selectors(this->config,
-                                                                                                               TRUE, NULL, list);
+                                                                                                               TRUE, NULL, list, TRUE);
                list->destroy_offset(list, offsetof(host_t, destroy));
        }
        else
@@ -1083,12 +1085,12 @@ METHOD(task_t, build_i, status_t,
                list->destroy(list);
                list = get_dynamic_hosts(this->ike_sa, TRUE);
                this->tsi = this->config->get_traffic_selectors(this->config,
-                                                                                                               TRUE, NULL, list);
+                                                                                                               TRUE, NULL, list, TRUE);
                list->destroy(list);
        }
        list = get_dynamic_hosts(this->ike_sa, FALSE);
        this->tsr = this->config->get_traffic_selectors(this->config,
-                                                                                                       FALSE, NULL, list);
+                                                                                                       FALSE, NULL, list, TRUE);
        list->destroy(list);
 
        if (this->packet_tsi)

diff --git a/src/libcharon/sa/shunt_manager.c b/src/libcharon/sa/shunt_manager.c
index a83da0480fe97bbc20d805733680bc557b0fb99e..d66e709372db49a79f7c437f5de7ef0accdfbf90 100644 (file)
--- a/src/libcharon/sa/shunt_manager.c
+++ b/src/libcharon/sa/shunt_manager.c
@@ -117,8 +117,10 @@ static bool install_shunt_policy(child_cfg_t *child)
        host_any6 = host_create_any(AF_INET6);
 
        hosts = linked_list_create_with_items(host_any, host_any6, NULL);
-       my_ts_list =    child->get_traffic_selectors(child, TRUE,  NULL, hosts);
-       other_ts_list = child->get_traffic_selectors(child, FALSE, NULL, hosts);
+       my_ts_list =    child->get_traffic_selectors(child, TRUE,  NULL, hosts,
+                                                                                                FALSE);
+       other_ts_list = child->get_traffic_selectors(child, FALSE, NULL, hosts,
+                                                                                                FALSE);
        hosts->destroy(hosts);
 
        manual_prio = child->get_manual_prio(child);
@@ -287,8 +289,10 @@ static void uninstall_shunt_policy(child_cfg_t *child)
        host_any6 = host_create_any(AF_INET6);
 
        hosts = linked_list_create_with_items(host_any, host_any6, NULL);
-       my_ts_list =    child->get_traffic_selectors(child, TRUE,  NULL, hosts);
-       other_ts_list = child->get_traffic_selectors(child, FALSE, NULL, hosts);
+       my_ts_list =    child->get_traffic_selectors(child, TRUE,  NULL, hosts,
+                                                                                                FALSE);
+       other_ts_list = child->get_traffic_selectors(child, FALSE, NULL, hosts,
+                                                                                                FALSE);
        hosts->destroy(hosts);
 
        manual_prio = child->get_manual_prio(child);

diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c
index 979f9290aa9835ac3f225aacf07c2302c5b9abb7..148df39238c44c6a3f682dbb91f31c830d74f061 100644 (file)
--- a/src/libcharon/sa/trap_manager.c
+++ b/src/libcharon/sa/trap_manager.c
@@ -168,7 +168,7 @@ static bool dynamic_remote_ts(child_cfg_t *child)
        traffic_selector_t *ts;
        bool found = FALSE;
 
-       other_ts = child->get_traffic_selectors(child, FALSE, NULL, NULL);
+       other_ts = child->get_traffic_selectors(child, FALSE, NULL, NULL, FALSE);
        enumerator = other_ts->create_enumerator(other_ts);
        while (enumerator->enumerate(enumerator, &ts))
        {
@@ -296,11 +296,11 @@ METHOD(trap_manager_t, install, bool,
        child_sa = child_sa_create(me, other, child, 0, FALSE, 0, 0);
 
        list = linked_list_create_with_items(me, NULL);
-       my_ts = child->get_traffic_selectors(child, TRUE, NULL, list);
+       my_ts = child->get_traffic_selectors(child, TRUE, NULL, list, FALSE);
        list->destroy_offset(list, offsetof(host_t, destroy));
 
        list = linked_list_create_with_items(other, NULL);
-       other_ts = child->get_traffic_selectors(child, FALSE, NULL, list);
+       other_ts = child->get_traffic_selectors(child, FALSE, NULL, list, FALSE);
        list->destroy_offset(list, offsetof(host_t, destroy));
 
        /* We don't know the finally negotiated protocol (ESP|AH), we install