DEBUGE, DEBUGW, for errors / warnings. RDEBUG*, too.
This lets the errors and warnings have a common format, so that
the messages don't need to use an explicit "WARNING" string.
It also means that they are now colorized:
warning = bold + yellow
error = bold + red
This should hopefully help people who have issues reading the
debug output
//!< VT100 escape sequences.
} MAIN_CONFIG_T;
-#define DEBUG if(debug_flag)log_debug
-#define DEBUG2 if (debug_flag > 1)log_debug
-#define DEBUG3 if (debug_flag > 2)log_debug
-#define DEBUG4 if (debug_flag > 3)log_debug
+/* DEBUG is defined below */
+#define DEBUG3 if (debug_flag > 2) log_debug
+#define DEBUG4 if (debug_flag > 3) log_debug
#if __GNUC__ >= 3
#define RDEBUG(fmt, ...) if(request && request->radlog) request->radlog(L_DBG, 1, request, fmt, ## __VA_ARGS__)
+#define RDEBUGW(fmt, ...) if(request && request->radlog) request->radlog(L_DBG_WARN, 1, request, fmt, ## __VA_ARGS__)
+#define RDEBUGE(fmt, ...) if(request && request->radlog) request->radlog(L_DBG_ERR, 1, request, fmt, ## __VA_ARGS__)
+
#define RDEBUG2(fmt, ...) if(request && request->radlog) request->radlog(L_DBG, 2, request, fmt, ## __VA_ARGS__)
+#define RDEBUG2W(fmt, ...) if(request && request->radlog) request->radlog(L_DBG_WARN, 2, request, fmt, ## __VA_ARGS__)
+#define RDEBUG2E(fmt, ...) if(request && request->radlog) request->radlog(L_DBG_ERR, 2, request, fmt, ## __VA_ARGS__)
+
#define RDEBUG3(fmt, ...) if(request && request->radlog) request->radlog(L_DBG, 3, request, fmt, ## __VA_ARGS__)
#define RDEBUG4(fmt, ...) if(request && request->radlog) request->radlog(L_DBG, 4, request, fmt, ## __VA_ARGS__)
+
+#define DEBUG(...) if (debug_flag) radlog(L_DBG, ## __VA_ARGS__)
+#define DEBUGW(...) if (debug_flag) radlog(L_DBG_WARN, ## __VA_ARGS__)
+#define DEBUGE(...) if (debug_flag) radlog(L_DBG_ERR, ## __VA_ARGS__)
+
+#define DEBUG2 if (debug_flag > 1) log_debug
+#define DEBUG2W(...) if (debug_flag > 1) radlog(L_DBG_WARN, ## __VA_ARGS__)
+
#else
+#define DEBUG if (debug_flag) log_debug
+#define DEBUG2 if (debug_flag > 1) log_debug
+
#define RDEBUG DEBUG
#define RDEBUG2 DEBUG2
#define RDEBUG3 DEBUG3
#define RETRY_COUNT 3
#define DEAD_TIME 120
-#define L_DBG 1
#define L_AUTH 2
#define L_INFO 3
#define L_ERR 4
#define L_PROXY 5
#define L_ACCT 6
+#define L_DBG 16
+#define L_DBG_WARN 17
+#define L_DBG_ERR 18
+#define L_DBG_WARN2 19
+#define L_DBG_ERR2 20
+
+
/* for paircompare_register */
typedef int (*RAD_COMPARE_FUNC)(void *instance, REQUEST *,VALUE_PAIR *, VALUE_PAIR *, VALUE_PAIR *, VALUE_PAIR **);
*/
if (auth_type < 0) {
if (pairfind(request->config_items, PW_CRYPT_PASSWORD, 0, TAG_ANY) != NULL) {
- RDEBUG2("WARNING: Please update your configuration, and remove 'Auth-Type = Crypt'");
- RDEBUG2("WARNING: Use the PAP module instead.");
+ RDEBUG2W("Please update your configuration, and remove 'Auth-Type = Crypt'");
+ RDEBUG2W("Use the PAP module instead.");
}
else if (pairfind(request->config_items, PW_CLEARTEXT_PASSWORD, 0, TAG_ANY) != NULL) {
- RDEBUG2("WARNING: Please update your configuration, and remove 'Auth-Type = Local'");
- RDEBUG2("WARNING: Use the PAP or CHAP modules instead.");
+ RDEBUG2W("Please update your configuration, and remove 'Auth-Type = Local'");
+ RDEBUG2W("Use the PAP or CHAP modules instead.");
}
/*
* This is fail-safe.
*/
- RDEBUG2("ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user");
+ RDEBUG2E("No Auth-Type found: rejecting the user via Post-Auth-Type = Reject");
return -2;
}
* *the* LOCAL realm.
*/
if (realm &&(strcmp(realm->name, "LOCAL") != 0)) {
- RDEBUG2("WARNING: You set Proxy-To-Realm = %s, but it is a LOCAL realm! Cancelling proxy request.", realm->name);
+ RDEBUG2W("You set Proxy-To-Realm = %s, but it is a LOCAL realm! Cancelling proxy request.", realm->name);
}
if (!realm) {
- RDEBUG2("WARNING: You set Proxy-To-Realm = %s, but the realm does not exist! Cancelling invalid proxy request.", tmp->vp_strvalue);
+ RDEBUG2W("You set Proxy-To-Realm = %s, but the realm does not exist! Cancelling invalid proxy request.", tmp->vp_strvalue);
}
}
(old->coa_pool == client->coa_pool) &&
#endif
(old->message_authenticator == client->message_authenticator)) {
- DEBUG("WARNING: Ignoring duplicate client %s", client->longname);
+ DEBUGW("Ignoring duplicate client %s", client->longname);
client_free(client);
return 1;
}
goto error;
}
#else
- DEBUG("WARNING: Server not build with udpfromto, ignoring client src_ipaddr");
+ DEBUGW("Server not build with udpfromto, ignoring client src_ipaddr");
#endif
free(cl_srcipaddr);
c->src_ipaddr.af = AF_INET;
c->src_ipaddr.ipaddr.ip4addr.s_addr = vp->vp_ipaddr;
#else
- DEBUG("WARNING: Server not build with udpfromto, ignoring FreeRADIUS-Client-Src-IP-Address.");
+ DEBUGW("Server not build with udpfromto, ignoring FreeRADIUS-Client-Src-IP-Address.");
#endif
}
c->src_ipaddr.af = AF_INET6;
c->src_ipaddr.ipaddr.ip6addr = vp->vp_ipv6addr;
#else
- DEBUG("WARNING: Server not build with udpfromto, ignoring FreeRADIUS-Client-Src-IPv6-Address.");
+ DEBUGW("Server not build with udpfromto, ignoring FreeRADIUS-Client-Src-IPv6-Address.");
#endif
}
radlog(L_DBG, "\t%s", buffer);
}
- DEBUG("WARNING: INJECTION IS LEAKING MEMORY!");
+ DEBUGW("INJECTION IS LEAKING MEMORY!");
}
if (!request_receive(fake, packet, sock->inject_client, fun)) {
}
no_such_item:
- DEBUG2("WARNING: No such configuration item %s", ptr);
+ DEBUG2W("No such configuration item %s", ptr);
return NULL;
}
struct stat statbuf;
if (stat(value, &statbuf) < 0) {
- DEBUG("WARNING: Not including file %s: %s", value, strerror(errno));
+ DEBUGW("Not including file %s: %s", value, strerror(errno));
continue;
}
}
* FIXME: print an error for badly formatted attributes?
*/
if (sscanf(buffer, "%255s %8s %1023s", key, op, value) != 3) {
- DEBUG2("WARNING: Skipping badly formatted line %s",
+ DEBUG2W("Skipping badly formatted line %s",
buffer);
continue;
}
char errbuf[128];
regerror(compare, ®, errbuf, sizeof(errbuf));
- DEBUG("ERROR: Failed compiling regular expression: %s", errbuf);
+ DEBUGE("Failed compiling regular expression: %s", errbuf);
}
return FALSE;
}
char errbuf[128];
regerror(compare, ®, errbuf, sizeof(errbuf));
- DEBUG("ERROR: Failed compiling regular expression: %s", errbuf);
+ DEBUGE("Failed compiling regular expression: %s", errbuf);
}
return FALSE;
}
#endif
default:
- DEBUG("ERROR: Comparison operator %s is not supported",
+ DEBUGE("Comparison operator %s is not supported",
fr_token_name(token));
result = FALSE;
break;
request_name = radius_request_name(&name, REQUEST_CURRENT);
if (request_name == REQUEST_UNKNOWN) {
- RDEBUG("ERROR: Invalid request name");
+ RDEBUGE("Invalid request name");
return RLM_MODULE_INVALID;
}
* Qualifiers not valid for this request
*/
if (radius_request(&update_request, request_name) < 0) {
- RDEBUG("WARNING: List name refers to outer request"
+ RDEBUGW("List name refers to outer request"
" but not in a tunnel.");
return RLM_MODULE_NOOP;
}
* Bad list name name
*/
if (list == PAIR_LIST_UNKNOWN) {
- RDEBUG("ERROR: Invalid list name '%s'", name);
+ RDEBUGE("Invalid list name '%s'", name);
return RLM_MODULE_INVALID;
}
output_vps = radius_list(update_request, list);
if (!output_vps) {
if (!((list == PAIR_LIST_COA) || (list == PAIR_LIST_DM))) {
- RDEBUG("WARNING: List '%s' doesn't exist for this packet", name);
+ RDEBUGW("List '%s' doesn't exist for this packet", name);
return RLM_MODULE_INVALID;
}
#ifndef NDEBUG
if (debug_flag && (vp->da->vendor == 0) &&
radius_find_compare(vp->da->attr)) {
- DEBUG("WARNING: You are modifying the value of virtual attribute %s. This is not supported.", vp->da->name);
+ DEBUGW("You are modifying the value of virtual attribute %s. This is not supported.", vp->da->name);
}
#endif
}
if (!pairparsevalue(vp, value)) {
- RDEBUG2("ERROR: Failed parsing value \"%s\" for attribute %s: %s",
+ RDEBUG2E("Failed parsing value \"%s\" for attribute %s: %s",
value, vp->da->name, fr_strerror());
pairfree(&newlist);
return RLM_MODULE_FAIL;
case PW_STATUS_SERVER:
if (!mainconfig.status_server) {
FR_STATS_INC(auth, total_unknown_types);
- DEBUG("WARNING: Ignoring Status-Server request due to security configuration");
+ DEBUGW("Ignoring Status-Server request due to security configuration");
rad_free(&sock->packet);
return 0;
}
if (home_server_find(&sock->my_ipaddr, sock->my_port, sock->proto)) {
char buffer[128];
- DEBUG("ERROR: We have been asked to listen on %s port %d, which is also listed as a home server. This can create a proxy loop.",
+ DEBUGE("We have been asked to listen on %s port %d, which is also listed as a home server. This can create a proxy loop.",
ip_ntoh(&sock->my_ipaddr, buffer, sizeof(buffer)),
sock->my_port);
return -1;
if (!mainconfig.status_server) {
rad_recv_discard(listener->fd);
FR_STATS_INC(auth, total_unknown_types);
- DEBUG("WARNING: Ignoring Status-Server request due to security configuration");
+ DEBUGW("Ignoring Status-Server request due to security configuration");
return 0;
}
fun = rad_status_server;
rad_recv_discard(listener->fd);
FR_STATS_INC(acct, total_unknown_types);
- DEBUG("WARNING: Ignoring Status-Server request due to security configuration");
+ DEBUGW("Ignoring Status-Server request due to security configuration");
return 0;
}
fun = rad_status_server;
if (!vp) return 0;
if (!home_pool_byname(vp->vp_strvalue, HOME_TYPE_COA)) {
- RDEBUG2("ERROR: Cannot proxy to unknown pool %s",
+ RDEBUG2E("Cannot proxy to unknown pool %s",
vp->vp_strvalue);
return 0;
}
if (vp && (vp->vp_integer == 17)) {
vp = pairfind(request->packet->vps, PW_STATE, 0, TAG_ANY);
if (!vp || (vp->length == 0)) {
- RDEBUG("ERROR: CoA-Request with Service-Type = Authorize-Only MUST contain a State attribute");
+ RDEBUGE("CoA-Request with Service-Type = Authorize-Only MUST contain a State attribute");
request->reply->code = PW_COA_NAK;
return RLM_MODULE_FAIL;
}
/*
* RFC 5176, Section 3.2.
*/
- RDEBUG("ERROR: Disconnect-Request MUST NOT contain a Service-Type attribute");
+ RDEBUGE("Disconnect-Request MUST NOT contain a Service-Type attribute");
request->reply->code = PW_DISCONNECT_NAK;
return RLM_MODULE_FAIL;
}
#endif
default:
- DEBUG("WARNING: Internal sanity check failed in binding to socket. Ignoring problem.");
+ DEBUGW("Internal sanity check failed in binding to socket. Ignoring problem.");
return -1;
}
}
if ((home->limit.max_connections > 0) &&
(home->limit.num_connections >= home->limit.max_connections)) {
- DEBUG("WARNING: Home server has too many open connections (%d)",
+ DEBUGW("Home server has too many open connections (%d)",
home->limit.max_connections);
return 0;
}
{ ": Info: ", L_INFO },
{ ": Acct: ", L_ACCT },
{ ": Error: ", L_ERR },
+ { ": WARNING: ", L_DBG_WARN },
+ { ": ERROR: ", L_DBG_ERR },
+ { ": WARNING: ", L_DBG_WARN2 },
+ { ": ERROR: ", L_DBG_ERR2 },
{ NULL, 0 }
};
#define VTC_RED "\x1b[31m"
+#define VTC_YELLOW "\x1b[33m"
#define VTC_BOLD "\x1b[1m"
#define VTC_RESET "\x1b[0m"
{ VTC_BOLD, L_INFO },
{ VTC_BOLD, L_ACCT },
{ VTC_RED, L_ERR },
+ { VTC_BOLD VTC_RED, L_DBG_ERR },
+ { VTC_BOLD VTC_YELLOW, L_DBG_WARN },
+ { VTC_BOLD VTC_RED, L_DBG_ERR2 },
+ { VTC_BOLD VTC_YELLOW, L_DBG_WARN2 },
{ NULL, 0 }
};
*
* Throw the message away.
*/
- if (!debug_flag && (lvl == L_DBG)) {
+ if (!debug_flag && ((lvl & L_DBG) != 0)) {
return 0;
}
sizeof(buffer) - len);
}
+ switch (lvl) {
+ case L_DBG_WARN:
+ len += strlcpy(buffer + len, "WARNING: ", sizeof(buffer) - len);
+ break;
+
+ case L_DBG_ERR:
+ len += strlcpy(buffer + len, "ERROR: ", sizeof(buffer) - len);
+ break;
+
+ default:
+ break;
+ }
+
if (len < sizeof(buffer)) {
len += vsnprintf(buffer + len,
sizeof(buffer) - len - 1, fmt, ap);
case RADLOG_SYSLOG:
switch(lvl) {
case L_DBG:
+ case L_DBG_WARN:
+ case L_DBG_ERR:
lvl = LOG_DEBUG;
break;
case L_AUTH:
va_list ap;
char buffer[8192];
char *p;
+ const char *extra = "";
va_start(ap, msg);
/*
* Debug messages get treated specially.
*/
- if (lvl == L_DBG) {
+ if ((lvl & L_DBG) != 0) {
/*
* There is log function, but the debug level
* isn't high enough. OR, we're in debug mode,
vsnprintf(buffer + len, sizeof(buffer) - len, msg, ap);
finish:
+ switch (lvl) {
+ case L_DBG_WARN:
+ extra = "WARNING: ";
+ lvl = L_DBG_WARN2;
+ break;
+
+ case L_DBG_ERR:
+ extra = "ERROR: ";
+ lvl = L_DBG_ERR2;
+ break;
+
+ break;
+ }
+
if (!fp) {
if (request) {
- radlog(lvl, "(%u) %s", request->number, buffer);
+ radlog(lvl, "(%u) %s%s", request->number, extra, buffer);
} else {
- radlog(lvl, "%s", buffer);
+ radlog(lvl, "%s%s", extra, buffer);
}
} else {
if (request) fprintf(fp, "(%u) ", request->number);
}
if (depth < 0) {
- RDEBUG("ERROR: foreach Nesting too deep!");
+ RDEBUGE("foreach Nesting too deep!");
myresult = RLM_MODULE_FAIL;
goto handle_result;
}
const char *server = request->server;
if (server == mr->ref_name) {
- RDEBUG("WARNING: Suppressing recursive call to server %s", server);
+ RDEBUGW("Suppressing recursive call to server %s", server);
myresult = RLM_MODULE_NOOP;
goto handle_priority;
}
modcallable *c, *loop, *next;
c = *pc;
- DEBUG3("Freeing module %s", c->name);
-
if (c->type != MOD_SINGLE) {
modgroup *g = mod_callabletogroup(c);
if (node->entry->module->detach) {
if ((node->entry->module->detach)(mh->insthandle) < 0) {
- DEBUG("WARNING: Failed detaching module %s cleanly. Doing forcible shutdown", node->name);
+ DEBUGW("Failed detaching module %s cleanly. Doing forcible shutdown", node->name);
}
} else {
if (idx == 0) {
list = server->mc[comp];
- if (!list) RDEBUG2(" WARNING: Empty %s section. Using default return values.", section_type_value[comp].section);
+ if (!list) RDEBUG2W("Empty %s section. Using default return values.", section_type_value[comp].section);
} else {
indexed_modcallable *this;
if (this) {
list = this->modulelist;
} else {
- RDEBUG2(" WARNING: Unknown value specified for %s. Cannot perform requested action.",
+ RDEBUG2W("Unknown value specified for %s. Cannot perform requested action.",
section_type_value[comp].typename);
}
}
* It's OK for the module to not exist.
*/
if (!this && modname && (modname[0] == '-')) {
- DEBUG("WARNING: Not loading module \"%s\" as it is not enabled", modname + 1);
+ DEBUGW("Not loading module \"%s\" as it is not enabled", modname + 1);
continue;
}
cf_log_info(cs, "} # server");
if (!flag && name) {
- DEBUG("WARNING: Server %s is empty, and will do nothing!",
+ DEBUGW("Server %s is empty, and will do nothing!",
name);
}
* there is no point in continuing.
*/
if (request->listener->status != RAD_LISTEN_STATUS_KNOWN) {
- DEBUG("WARNING: Socket was closed while processing request %u: Stopping it.", request->number);
+ DEBUGW("Socket was closed while processing request %u: Stopping it.", request->number);
goto done;
}
}
tries++;
if (tries > 2) {
- RDEBUG2("ERROR: Failed allocating Id for new socket when proxying requests.");
+ RDEBUG2E("Failed allocating Id for new socket when proxying requests.");
return 0;
}
dval = dict_valbyname(PW_POST_PROXY_TYPE, 0, "Fail-Disconnect");
#endif
} else {
- DEBUG("WARNING: Unknown packet type in Post-Proxy-Type Fail: ignoring");
+ DEBUGW("Unknown packet type in Post-Proxy-Type Fail: ignoring");
request_cleanup_delay_init(request, NULL);
return 0;
}
if (vp) {
realm = realm_find2(vp->vp_strvalue);
if (!realm) {
- RDEBUG2("ERROR: Cannot proxy to unknown realm %s",
+ RDEBUG2E("Cannot proxy to unknown realm %s",
vp->vp_strvalue);
return 0;
}
}
if (!pool) {
- RDEBUG2(" WARNING: Cancelling proxy as no home pool exists");
+ RDEBUG2W("Cancelling proxy as no home pool exists");
return 0;
}
home = home_server_ldb(realmname, pool, request);
if (!home) {
- RDEBUG2("ERROR: Failed to find live home server: Cancelling proxy");
+ RDEBUG2E("Failed to find live home server: Cancelling proxy");
return 0;
}
home_server_update_request(home, request);
#ifdef WITH_COA
if (request->coa) {
- RDEBUG("WARNING: Cannot proxy and originate CoA packets at the same time. Cancelling CoA request");
+ RDEBUGW("Cannot proxy and originate CoA packets at the same time. Cancelling CoA request");
request_done(request->coa, FR_ACTION_DONE);
}
#endif
*/
home = home_server_ldb(NULL, request->home_pool, request);
if (!home) {
- RDEBUG2("ERROR: Failed to find live home server for request");
+ RDEBUG2E("Failed to find live home server for request");
post_proxy_fail:
remove_from_proxy_hash(request);
#ifdef WITH_TCP
if (home->proto == IPPROTO_TCP) {
- DEBUG("WARNING: Not marking TCP server %s zombie", home->name);
+ DEBUGW("Not marking TCP server %s zombie", home->name);
return;
}
#endif
#ifdef WITH_TCP
if (home->proto == IPPROTO_TCP) {
- DEBUG("WARNING: Not marking TCP server dead");
+ DEBUGW("Not marking TCP server dead");
return;
}
#endif
coa->home_pool = home_pool_byname(vp->vp_strvalue,
HOME_TYPE_COA);
if (!coa->home_pool) {
- RDEBUG2("WARNING: No such home_server_pool %s",
+ RDEBUG2W("No such home_server_pool %s",
vp->vp_strvalue);
goto fail;
}
if (coa->home_pool) {
coa->home_server = home_server_ldb(NULL, coa->home_pool, coa);
if (!coa->home_server) {
- RDEBUG("WARNING: No live home server for home_server_pool %s", vp->vp_strvalue);
+ RDEBUGW("No live home server for home_server_pool %s", vp->vp_strvalue);
goto fail;
}
home_server_update_request(coa->home_server, coa);
coa->home_server = home_server_find(&ipaddr, port, IPPROTO_UDP);
if (!coa->home_server) {
- RDEBUG2("WARNING: Unknown destination %s:%d for CoA request.",
+ RDEBUG2W("Unknown destination %s:%d for CoA request.",
inet_ntop(ipaddr.af, &ipaddr.ipaddr,
buffer, sizeof(buffer)), port);
goto fail;
((cp = cf_pair_find(cs, "accthost")) != NULL) ||
((cp = cf_pair_find(cs, "secret")) != NULL) ||
((cp = cf_pair_find(cs, "ldflag")) != NULL)) {
- DEBUG2("WARNING: Ignoring old-style configuration entry \"%s\" in realm \"%s\"", cf_pair_attr(cp), r->name);
+ DEBUG2W("Ignoring old-style configuration entry \"%s\" in realm \"%s\"", cf_pair_attr(cp), r->name);
}
if (!found && pool->fallback) {
found = pool->fallback;
- DEBUG("WARNING: Home server pool %s failing over to fallback %s",
+ DEBUGW("Home server pool %s failing over to fallback %s",
pool->name, found->server);
if (pool->in_fallback) goto update_and_return;
dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if (!dh) {
- DEBUG2("WARNING: rlm_eap_tls: Unable to set DH parameters. DH cipher suites may not work!");
- DEBUG2("WARNING: Fix this by running the OpenSSL command listed in eap.conf");
+ DEBUG2W("rlm_eap_tls: Unable to set DH parameters. DH cipher suites may not work!");
+ DEBUG2W("Fix this by running the OpenSSL command listed in eap.conf");
return 0;
}
}
}
} else {
- RDEBUG2("WARNING: No information to cache: session caching will be disabled for session %s", buffer);
+ RDEBUG2W("No information to cache: session caching will be disabled for session %s", buffer);
SSL_CTX_remove_session(ssn->ctx,
ssn->ssl->session);
}
vps = SSL_SESSION_get_ex_data(ssn->ssl->session,
FR_TLS_EX_INDEX_VPS);
if (!vps) {
- RDEBUG("WARNING: No information in cached session %s", buffer);
+ RDEBUGW("No information in cached session %s", buffer);
return -1;
} else {
}
if (err == 0) {
- RDEBUG("WARNING: No data inside of the tunnel.");
+ RDEBUGW("No data inside of the tunnel.");
}
/*
case PW_STATUS_SERVER:
if (!mainconfig.status_server) {
FR_STATS_INC(auth, total_unknown_types);
- DEBUG("WARNING: Ignoring Status-Server request due to security configuration");
+ DEBUGW("Ignoring Status-Server request due to security configuration");
rad_free(&sock->packet);
request->packet = NULL;
return 0;
*/
case PW_USER_PASSWORD:
if (check_item->op == T_OP_CMP_EQ) {
- DEBUG("WARNING: Found User-Password == \"...\".");
- DEBUG("WARNING: Are you sure you don't mean Cleartext-Password?");
- DEBUG("WARNING: See \"man rlm_pap\" for more information.");
+ DEBUGW("Found User-Password == \"...\".");
+ DEBUGW("Are you sure you don't mean Cleartext-Password?");
+ DEBUGW("See \"man rlm_pap\" for more information.");
}
if (pairfind(req_list, PW_USER_PASSWORD, 0, TAG_ANY) == NULL) {
continue;
#endif
}
- RDEBUG2("WARNING: List \"%s\" is not available",
+ RDEBUG2W("List \"%s\" is not available",
fr_int2str(pair_lists, list, "<INVALID>"));
return NULL;
case REQUEST_PARENT: /* for future use in request chaining */
case REQUEST_OUTER:
if (!request->parent) {
- RDEBUG("WARNING: Specified request \"%s\" is "
+ RDEBUGW("Specified request \"%s\" is "
"not available in this context",
fr_int2str(request_refs, name,
"¿unknown?"));
char buffer[MAX_STRING_LEN];
if (radius_request(&request, map->dst->request) < 0) {
- RDEBUG("WARNING: Mapping \"%s\" -> \"%s\" "
+ RDEBUGW("Mapping \"%s\" -> \"%s\" "
"invalid in this context, skipping!",
map->src->name, map->dst->name);
list = radius_list(request, map->dst->list);
if (!list) {
- RDEBUG("WARNING: Mapping \"%s\" -> \"%s\" "
+ RDEBUGW("Mapping \"%s\" -> \"%s\" "
"invalid in this context, skipping!",
map->src->name, map->dst->name);
*/
varlen = rad_copy_variable(buffer, *from);
if (varlen < 0) {
- RDEBUG2("ERROR: Badly formatted variable: %s", *from);
+ RDEBUG2E("Badly formatted variable: %s", *from);
return -1;
}
*from += varlen;
*/
len1 = rad_copy_variable(buffer, p);
if (len1 < 0) {
- RDEBUG2("ERROR: Badly formatted variable: %s", p);
+ RDEBUG2E("Badly formatted variable: %s", p);
return -1;
}
len2 = rad_copy_variable(l, p);
if (len2 < 0) {
- RDEBUG2("ERROR: Invalid text after :- at %s", p);
+ RDEBUG2E("Invalid text after :- at %s", p);
return -1;
}
p += len2;
* Maybe it's the old-style %{foo:-bar}
*/
if (*p == '-') {
- RDEBUG2("WARNING: Deprecated conditional expansion \":-\". See \"man unlang\" for details");
+ RDEBUG2W("Deprecated conditional expansion \":-\". See \"man unlang\" for details");
p++;
xlat_str = module_name;
}
if (!c) {
if (!module_name) {
- RDEBUG2("WARNING: Unknown Attribute \"%s\" in string expansion \"%%%s\"", xlat_str, *from);
+ RDEBUG2W("Unknown Attribute \"%s\" in string expansion \"%%%s\"", xlat_str, *from);
} else {
- RDEBUG2("WARNING: Unknown module \"%s\" in string expansion \"%%%s\"", module_name, *from);
+ RDEBUG2W("Unknown module \"%s\" in string expansion \"%%%s\"", module_name, *from);
}
return -1;
}
p++;
break;
default:
- RDEBUG2("WARNING: Unknown variable '%%%c': See 'doc/variables.txt'", *p);
+ RDEBUG2W("Unknown variable '%%%c': See 'doc/variables.txt'", *p);
if (freespace > 2) {
*q++ = '%';
*q++ = *p++;
found = pairfind(*from, da->attr, da->vendor, TAG_ANY);
if (!found) {
- RDEBUG("WARNING: \"%s\" not found, skipping",
+ RDEBUGW("\"%s\" not found, skipping",
map->src->name);
continue;
}
}
if (pairfind(request->config_items, PW_AUTHTYPE, 0, TAG_ANY) != NULL) {
- RDEBUG2("WARNING: Auth-Type already set. Not setting to CHAP");
+ RDEBUG2W("Auth-Type already set. Not setting to CHAP");
return RLM_MODULE_NOOP;
}
chap = pairfind(request->packet->vps, PW_CHAP_PASSWORD, 0, TAG_ANY);
if (!chap) {
- RDEBUG("ERROR: You set 'Auth-Type = CHAP' for a request that does not contain a CHAP-Password attribute!");
+ RDEBUGE("You set 'Auth-Type = CHAP' for a request that does not contain a CHAP-Password attribute!");
return RLM_MODULE_INVALID;
}
if (chap->length == 0) {
- RDEBUG("ERROR: CHAP-Password is empty");
+ RDEBUGE("CHAP-Password is empty");
return RLM_MODULE_INVALID;
}
if (chap->length != CHAP_VALUE_LENGTH + 1) {
- RDEBUG("ERROR: CHAP-Password has invalid length");
+ RDEBUGE("CHAP-Password has invalid length");
return RLM_MODULE_INVALID;
}
if ((request->listener->type == RAD_LISTEN_DETAIL) &&
(fnmatch(((listen_detail_t *)request->listener->data)->filename,
buffer, FNM_FILE_NAME | FNM_PERIOD ) == 0)) {
- RDEBUG2("WARNING: Suppressing infinite loop.");
+ RDEBUG2W("Suppressing infinite loop.");
return RLM_MODULE_NOOP;
}
#endif
if ((fr_dhcp_decode_options(vp->vp_octets, vp->length, &head) < 0) ||
(head == NULL)) {
- RDEBUG("WARNING: DHCP option decoding failed");
+ RDEBUGW("DHCP option decoding failed");
goto fail;
}
* The attribute type must be valid
*/
if ((p[0] == 0) || (p[0] > 10)) {
- RDEBUG("ERROR: Received Digest-Attributes with invalid sub-attribute %d", p[0]);
+ RDEBUGE("Received Digest-Attributes with invalid sub-attribute %d", p[0]);
return RLM_MODULE_INVALID;
}
* Too short.
*/
if (attrlen < 3) {
- RDEBUG("ERROR: Received Digest-Attributes with short sub-attribute %d, of length %d", p[0], attrlen);
+ RDEBUGE("Received Digest-Attributes with short sub-attribute %d, of length %d", p[0], attrlen);
return RLM_MODULE_INVALID;
}
* Too long.
*/
if (attrlen > length) {
- RDEBUG("ERROR: Received Digest-Attributes with long sub-attribute %d, of length %d", p[0], attrlen);
+ RDEBUGE("Received Digest-Attributes with long sub-attribute %d, of length %d", p[0], attrlen);
return RLM_MODULE_INVALID;
}
if (pairfind(request->config_items, PW_AUTHTYPE, 0, TAG_ANY)) {
- RDEBUG2("WARNING: Auth-Type already set. Not setting to DIGEST");
+ RDEBUG2W("Auth-Type already set. Not setting to DIGEST");
return RLM_MODULE_NOOP;
}
vp = pairfind(request->packet->vps, PW_DIGEST_ATTRIBUTES, 0, TAG_ANY);
if (vp == NULL) {
error:
- RDEBUG("ERROR: You set 'Auth-Type = Digest' for a request that does not contain any digest attributes!");
+ RDEBUGE("You set 'Auth-Type = Digest' for a request that does not contain any digest attributes!");
return RLM_MODULE_INVALID;
}
*/
nonce = pairfind(request->packet->vps, PW_DIGEST_NONCE, 0, TAG_ANY);
if (!nonce) {
- RDEBUG("ERROR: No Digest-Nonce: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-Nonce: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
*/
vp = pairfind(request->packet->vps, PW_DIGEST_USER_NAME, 0, TAG_ANY);
if (!vp) {
- RDEBUG("ERROR: No Digest-User-Name: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-User-Name: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
memcpy(&a1[0], &vp->vp_octets[0], vp->length);
vp = pairfind(request->packet->vps, PW_DIGEST_REALM, 0, TAG_ANY);
if (!vp) {
- RDEBUG("ERROR: No Digest-Realm: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-Realm: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
memcpy(&a1[a1_len], &vp->vp_octets[0], vp->length);
* Tack on the Digest-Nonce. Length must be even
*/
if ((nonce->length & 1) != 0) {
- RDEBUG("ERROR: Received Digest-Nonce hex string with invalid length: Cannot perform Digest authentication");
+ RDEBUGE("Received Digest-Nonce hex string with invalid length: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
memcpy(&a1[a1_len], &nonce->vp_octets[0], nonce->length);
vp = pairfind(request->packet->vps, PW_DIGEST_CNONCE, 0, TAG_ANY);
if (!vp) {
- RDEBUG("ERROR: No Digest-CNonce: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-CNonce: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
* Digest-CNonce length must be even
*/
if ((vp->length & 1) != 0) {
- RDEBUG("ERROR: Received Digest-CNonce hex string with invalid length: Cannot perform Digest authentication");
+ RDEBUGE("Received Digest-CNonce hex string with invalid length: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
memcpy(&a1[a1_len], &vp->vp_octets[0], vp->length);
* We check for "MD5-sess" and "MD5".
* Anything else is an error.
*/
- RDEBUG("ERROR: Unknown Digest-Algorithm \"%s\": Cannot perform Digest authentication", vp->vp_strvalue);
+ RDEBUGE("Unknown Digest-Algorithm \"%s\": Cannot perform Digest authentication", vp->vp_strvalue);
return RLM_MODULE_INVALID;
}
*/
vp = pairfind(request->packet->vps, PW_DIGEST_METHOD, 0, TAG_ANY);
if (!vp) {
- RDEBUG("ERROR: No Digest-Method: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-Method: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
memcpy(&a2[0], &vp->vp_octets[0], vp->length);
vp = pairfind(request->packet->vps, PW_DIGEST_URI, 0, TAG_ANY);
if (!vp) {
- RDEBUG("ERROR: No Digest-URI: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-URI: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
memcpy(&a2[a2_len], &vp->vp_octets[0], vp->length);
*/
body = pairfind(request->packet->vps, PW_DIGEST_BODY_DIGEST, 0, TAG_ANY);
if (!body) {
- RDEBUG("ERROR: No Digest-Body-Digest: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-Body-Digest: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
if ((a2_len + body->length) > sizeof(a2)) {
- RDEBUG("ERROR: Digest-Body-Digest is too long");
+ RDEBUGE("Digest-Body-Digest is too long");
return RLM_MODULE_INVALID;
}
} else if ((qop != NULL) &&
(strcasecmp(qop->vp_strvalue, "auth") != 0)) {
- RDEBUG("ERROR: Unknown Digest-QOP \"%s\": Cannot perform Digest authentication", qop->vp_strvalue);
+ RDEBUGE("Unknown Digest-QOP \"%s\": Cannot perform Digest authentication", qop->vp_strvalue);
return RLM_MODULE_INVALID;
}
vp = pairfind(request->packet->vps, PW_DIGEST_NONCE_COUNT, 0, TAG_ANY);
if (!vp) {
- RDEBUG("ERROR: No Digest-Nonce-Count: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-Nonce-Count: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
memcpy(&kd[kd_len], &vp->vp_octets[0], vp->length);
vp = pairfind(request->packet->vps, PW_DIGEST_CNONCE, 0, TAG_ANY);
if (!vp) {
- RDEBUG("ERROR: No Digest-CNonce: Cannot perform Digest authentication");
+ RDEBUGE("No Digest-CNonce: Cannot perform Digest authentication");
return RLM_MODULE_INVALID;
}
memcpy(&kd[kd_len], &vp->vp_octets[0], vp->length);
*/
vp = pairfind(request->packet->vps, PW_DIGEST_RESPONSE, 0, TAG_ANY);
if (!vp) {
- RDEBUG("ERROR: No Digest-Response attribute in the request. Cannot perform digest authentication");
+ RDEBUGE("No Digest-Response attribute in the request. Cannot perform digest authentication");
return RLM_MODULE_INVALID;
}
if ((default_eap_type == PW_EAP_TNC) &&
!handler->request->parent) {
- RDEBUG2("ERROR: EAP-TNC must be run inside of a TLS method.");
+ RDEBUG2E("EAP-TNC must be run inside of a TLS method.");
return EAP_INVALID;
}
* Prevent a firestorm if the client is confused.
*/
if (handler->eap_type == eaptype->data[i]) {
- RDEBUG2("ERROR! Our request for %s was NAK'd with a request for %s. Skipping the requested type.",
+ RDEBUG2E("Our request for %s was NAK'd with a request for %s. Skipping the requested type.",
eaptype_name, eaptype_name);
continue;
}
* request vps so that autz's work
* correctly
*/
- RDEBUG2("WARNING NAS did not set User-Name. Setting it locally from EAP Identity");
+ RDEBUG2W("NAS did not set User-Name. Setting it locally from EAP Identity");
vp = pairmake("User-Name", handler->identity, T_OP_EQ);
if (vp == NULL) {
RDEBUG("Out of memory");
eaptls_gen_mppe_keys(&handler->request->reply->vps,
tls_session->ssl, tls_session->prf_label);
} else {
- RDEBUG("WARNING: Not adding MPPE keys because there is no PRF label");
+ RDEBUGW("Not adding MPPE keys because there is no PRF label");
}
return 1;
free(check);
if (do_warning) {
- DEBUG("WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
- DEBUG("WARNING: !! EAP session with state 0x%02x%02x%02x%02x%02x%02x%02x%02x did not finish! !!",
+ DEBUGW("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
+ DEBUGW("!! EAP session with state 0x%02x%02x%02x%02x%02x%02x%02x%02x did not finish! !!",
state[0], state[1],
state[2], state[3],
state[4], state[5],
state[6], state[7]);
- DEBUG("WARNING: !! Please read http://wiki.freeradius.org/guide/Certificate_Compatibility !!");
- DEBUG("WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
+ DEBUGW("!! Please read http://wiki.freeradius.org/guide/Certificate_Compatibility !!");
+ DEBUGW("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
}
}
* EAP work.
*/
if (fr_ipaddr_cmp(&one->src_ipaddr, &two->src_ipaddr) != 0) {
- DEBUG("WARNING: EAP packets are arriving from two different upstream servers. Has there been a proxy fail-over?");
+ DEBUGW("EAP packets are arriving from two different upstream servers. Has there been a proxy fail-over?");
}
return 0;
inst = (rlm_eap_t *) instance;
if (!pairfind(request->packet->vps, PW_EAP_MESSAGE, 0, TAG_ANY)) {
- RDEBUG("ERROR: You set 'Auth-Type = EAP' for a request that does not contain an EAP-Message attribute!");
+ RDEBUGE("You set 'Auth-Type = EAP' for a request that does not contain an EAP-Message attribute!");
return RLM_MODULE_INVALID;
}
}
pairadd(&request->config_items, vp);
} else {
- RDEBUG2("WARNING: Auth-Type already set. Not setting to EAP");
+ RDEBUG2W("Auth-Type already set. Not setting to EAP");
}
if (status == EAP_OK) return RLM_MODULE_OK;
VALUE_PAIR *vp;
EAP_DS *eap_ds = handler->eap_ds;
rlm_eap_gtc_t *inst = (rlm_eap_gtc_t *) type_data;
+ REQUEST *request = handler->request;
/*
* Get the Cleartext-Password for this user.
*/
vp = pairfind(handler->request->config_items, PW_CLEARTEXT_PASSWORD, 0, TAG_ANY);
if (!vp) {
- DEBUG2(" rlm_eap_gtc: ERROR: Cleartext-Password is required for authentication.");
+ RDEBUG2E("Cleartext-Password is required for authentication.");
eap_ds->request->code = PW_EAP_FAILURE;
return 0;
}
if (eap_ds->response->type.length != vp->length) {
- DEBUG2(" rlm_eap_gtc: ERROR: Passwords are of different length. %u %u", (unsigned) eap_ds->response->type.length, (unsigned) vp->length);
+ RDEBUG2E("Passwords are of different length. %u %u", (unsigned) eap_ds->response->type.length, (unsigned) vp->length);
eap_ds->request->code = PW_EAP_FAILURE;
return 0;
}
if (memcmp(eap_ds->response->type.data,
vp->vp_strvalue, vp->length) != 0) {
- DEBUG2(" rlm_eap_gtc: ERROR: Passwords are different");
+ RDEBUG2E("Passwords are different");
eap_ds->request->code = PW_EAP_FAILURE;
return 0;
}
}
- DEBUG2(" rlm_eap_gtc: Everything is OK.");
-
eap_ds->request->code = PW_EAP_SUCCESS;
return 1;
if ((vp->da->vendor!= 0) ||
(vp->da->attr < 0x100)) {
if (!compat_mode) {
- DEBUG("[%s]:%d WARNING! Changing '%s =' to '%s =='\n\tfor comparing RADIUS attribute in check item list for user %s",
+ DEBUGW("[%s]:%d Changing '%s =' to '%s =='\n\tfor comparing RADIUS attribute in check item list for user %s",
filename, entry->lineno,
vp->da->name, vp->da->name,
entry->name);
* of the packet, die.
*/
if (remaining < length) {
- RDEBUG2("ERROR! Diameter attribute overflows packet!");
+ RDEBUG2E("Diameter attribute overflows packet!");
return 0;
}
* Normal attributes cannot be.
*/
if ((attr > 255) && (vendor == 0)) {
- RDEBUG2("WARNING: Skipping Diameter attribute %u",
+ RDEBUG2W("Skipping Diameter attribute %u",
attr);
goto next_attr;
}
* EAP-Message AVPs can be larger than 253 octets.
*/
if ((size > 253) && !((vendor == 0) && (attr == PW_EAP_MESSAGE))) {
- RDEBUG2("WARNING: diameter2vp skipping long attribute %u", attr);
+ RDEBUG2W("diameter2vp skipping long attribute %u", attr);
goto next_attr;
}
decoded = rad_attr2vp(NULL, NULL, NULL,
buffer, size + 2, &vp);
if (decoded < 0) {
- RDEBUG2("ERROR: diameter2vp failed decoding attr: %s",
+ RDEBUG2E("diameter2vp failed decoding attr: %s",
fr_strerror());
goto do_octets;
}
if ((size_t) decoded != size + 2) {
- RDEBUG2("ERROR: diameter2vp failed to entirely decode VSA");
+ RDEBUG2E("diameter2vp failed to entirely decode VSA");
pairfree(&vp);
goto do_octets;
}
* as it's permitted to do EAP without
* user-name.
*/
- RDEBUG2("WARNING! No EAP-Identity found to start EAP conversation.");
+ RDEBUG2W("No EAP-Identity found to start EAP conversation.");
}
} /* else there WAS a t->username */
output_pairs = decode_string(request, inst->output);
if (!input_pairs) {
- RDEBUG2("WARNING: Possible parse error in %s",
+ RDEBUG2W("Possible parse error in %s",
inst->input);
return RLM_MODULE_NOOP;
}
* list is empty.
*/
if (!*input_pairs) {
- RDEBUG2("WARNING! Input pairs are empty. No attributes will be passed to the script");
+ RDEBUG2W("Input pairs are empty. No attributes will be passed to the script");
}
/*
if ((vp->da->vendor != 0) ||
(vp->da->attr < 0x100)) {
if (!compat_mode) {
- DEBUG("[%s]:%d WARNING! Changing '%s =' to '%s =='\n\tfor comparing RADIUS attribute in check item list for user %s",
+ DEBUGW("[%s]:%d Changing '%s =' to '%s =='\n\tfor comparing RADIUS attribute in check item list for user %s",
filename, entry->lineno,
vp->da->name, vp->da->name,
entry->name);
!pairfind(request->config_items, PW_USER_PASSWORD, 0, TAG_ANY) &&
!pairfind(request->config_items, PW_PASSWORD_WITH_HEADER, 0, TAG_ANY) &&
!pairfind(request->config_items, PW_CRYPT_PASSWORD, 0, TAG_ANY)) {
- RDEBUG("WARNING: No \"known good\" password "
+ RDEBUGW("No \"known good\" password "
"was found in LDAP. Are you sure that "
"the user is configured correctly?");
}
if (response_name &&
((user_name->length != response_name->length) ||
(strncasecmp(user_name->vp_strvalue, response_name->vp_strvalue, user_name->length) != 0))) {
- RDEBUG("WARNING: User-Name (%s) is not the same as MS-CHAP Name (%s) from EAP-MSCHAPv2", user_name->vp_strvalue, response_name->vp_strvalue);
+ RDEBUGW("User-Name (%s) is not the same as MS-CHAP Name (%s) from EAP-MSCHAPv2", user_name->vp_strvalue, response_name->vp_strvalue);
}
/*
}
if (pairfind(request->config_items, PW_AUTH_TYPE, 0, TAG_ANY)) {
- RDEBUG2("WARNING: Auth-Type already set. Not setting to MS-CHAP");
+ RDEBUG2W("Auth-Type already set. Not setting to MS-CHAP");
return RLM_MODULE_NOOP;
}
challenge = pairfind(request->packet->vps, PW_MSCHAP_CHALLENGE, VENDORPEC_MICROSOFT, TAG_ANY);
if (!challenge) {
- RDEBUG("ERROR: You set 'Auth-Type = MS-CHAP' for a request that does not contain any MS-CHAP attributes!");
+ RDEBUGE("You set 'Auth-Type = MS-CHAP' for a request that does not contain any MS-CHAP attributes!");
return RLM_MODULE_REJECT;
}
if (response_name &&
((username->length != response_name->length) ||
(strncasecmp(username->vp_strvalue, response_name->vp_strvalue, username->length) != 0))) {
- RDEBUG("ERROR: User-Name (%s) is not the same as MS-CHAP Name (%s) from EAP-MSCHAPv2", username->vp_strvalue, response_name->vp_strvalue);
+ RDEBUGE("User-Name (%s) is not the same as MS-CHAP Name (%s) from EAP-MSCHAPv2", username->vp_strvalue, response_name->vp_strvalue);
return RLM_MODULE_REJECT;
}
chap = 2;
} else { /* Neither CHAPv1 or CHAPv2 response: die */
- RDEBUG("ERROR: You set 'Auth-Type = MS-CHAP' for a request that does not contain any MS-CHAP attributes!");
+ RDEBUGE("You set 'Auth-Type = MS-CHAP' for a request that does not contain any MS-CHAP attributes!");
return RLM_MODULE_INVALID;
}
* a User-Name attribute.
*/
if (!request->username) {
- RDEBUG("ERROR: You set 'Auth-Type = OpenDirectory' for a request that does not contain a User-Name attribute!");
+ RDEBUGE("You set 'Auth-Type = OpenDirectory' for a request that does not contain a User-Name attribute!");
return RLM_MODULE_INVALID;
}
*/
if (!request->password ||
(request->password->da->attr != PW_PASSWORD)) {
- RDEBUG("ERROR: You set 'Auth-Type = OpenDirectory' for a request that does not contain a User-Password attribute!");
+ RDEBUGE("You set 'Auth-Type = OpenDirectory' for a request that does not contain a User-Password attribute!");
return RLM_MODULE_INVALID;
}
return RLM_MODULE_NOOP;
}
- RDEBUG("WARNING! No \"known good\" password found for the user. Authentication may fail because of this.");
+ RDEBUGW("No \"known good\" password found for the user. Not setting Auth-Type.");
+ RDEBUGW("Configure a \"known good\" password to get an Access-Accept.");
return RLM_MODULE_NOOP;
}
* Don't touch existing Auth-Types.
*/
if (auth_type) {
- RDEBUG2("WARNING: Auth-Type already set. Not setting to PAP");
+ RDEBUG2W("Auth-Type already set. Not setting to PAP");
return RLM_MODULE_NOOP;
}
if (!request->password ||
(request->password->da->attr != PW_USER_PASSWORD)) {
- RDEBUG("ERROR: You set 'Auth-Type = PAP' for a request that does not contain a User-Password attribute!");
+ RDEBUGE("You set 'Auth-Type = PAP' for a request that does not contain a User-Password attribute!");
return RLM_MODULE_INVALID;
}
}
if (num_proxy_state > 10) {
- DEBUG("WARNING: There are more than 10 Proxy-State attributes in the request.");
- DEBUG("WARNING: You have likely configured an infinite proxy loop.");
+ RDEBUGW("There are more than 10 Proxy-State attributes in the request.");
+ RDEBUGW("You have likely configured an infinite proxy loop.");
}
}
*/
if (!port_seen) {
DEBUG2(" rlm_radutmp: No NAS-Port seen. Cannot do anything.");
- DEBUG2(" rlm_radumtp: WARNING: checkrad will probably not work!");
+ DEBUG2W("checkrad will probably not work!");
return RLM_MODULE_NOOP;
}
*/
if (!port_seen) {
DEBUG2(" rlm_radutmp: No NAS-Port in the packet. Cannot do anything.");
- DEBUG2(" rlm_radumtp: WARNING: checkrad will probably not work!");
+ DEBUG2W("checkrad will probably not work!");
return RLM_MODULE_NOOP;
}
realm = realm_find2(vp->vp_strvalue);
if (!realm) {
- RDEBUG2("ERROR: Cannot Replicate to unknown realm %s", realm);
+ RDEBUG2E("Cannot Replicate to unknown realm %s", realm);
continue;
}
*/
switch (request->packet->code) {
default:
- RDEBUG2("ERROR: Cannot replicate unknown packet code %d",
+ RDEBUG2E("Cannot replicate unknown packet code %d",
request->packet->code);
cleanup(packet);
return RLM_MODULE_FAIL;
}
if (!pool) {
- RDEBUG2(" WARNING: Cancelling replication to Realm %s, as the realm is local.", realm->name);
+ RDEBUG2W("Cancelling replication to Realm %s, as the realm is local.", realm->name);
continue;
}
home = home_server_ldb(realm->name, pool, request);
if (!home) {
- RDEBUG2("ERROR: Failed to find live home server for realm %s",
+ RDEBUG2E("Failed to find live home server for realm %s",
realm->name);
continue;
}
packet->sockfd = fr_socket(&home->src_ipaddr, 0);
if (packet->sockfd < 0) {
- RDEBUG("ERROR: Failed opening socket: %s", fr_strerror());
+ RDEBUGE("Failed opening socket: %s", fr_strerror());
rcode = RLM_MODULE_FAIL;
goto done;
}
vps = radius_list(request, list);
if (!vps) {
- RDEBUG("WARNING: List '%s' doesn't exist for "
+ RDEBUGW("List '%s' doesn't exist for "
"this packet", fr_int2str(pair_lists,
list, "¿unknown?"));
rcode = RLM_MODULE_INVALID;
if (*vps) {
packet->vps = paircopy(*vps);
if (!packet->vps) {
- RDEBUG("ERROR: Out of memory!");
+ RDEBUGE("Out of memory!");
rcode = RLM_MODULE_FAIL;
goto done;
}
RDEBUG("Replicating list '%s' to Realm '%s'",
fr_int2str(pair_lists, list, "¿unknown?"),realm->name);
if (rad_send(packet, NULL, home->secret) < 0) {
- RDEBUG("ERROR: Failed replicating packet: %s",
+ RDEBUGE("Failed replicating packet: %s",
fr_strerror());
rcode = RLM_MODULE_FAIL;
goto done;
request_name = radius_request_name(&attribute, REQUEST_CURRENT);
if (request_name == REQUEST_UNKNOWN) {
- RDEBUG("WARNING: Invalid request qualifier, skipping");
+ RDEBUGW("Invalid request qualifier, skipping");
curl_free(name);
}
if (!radius_request(&reference, request_name)) {
- RDEBUG("WARNING: Attribute name refers to outer request"
+ RDEBUGW("Attribute name refers to outer request"
" but not in a tunnel, skipping");
curl_free(name);
list_name = radius_list_name(&attribute, PAIR_LIST_REPLY);
if (list_name == PAIR_LIST_UNKNOWN) {
- RDEBUG("WARNING: Invalid list qualifier, skipping");
+ RDEBUGW("Invalid list qualifier, skipping");
curl_free(name);
da = dict_attrbyname(attribute);
if (!da) {
- RDEBUG("WARNING: Attribute \"%s\" unknown, skipping",
+ RDEBUGW("Attribute \"%s\" unknown, skipping",
attribute);
curl_free(name);
request_name = radius_request_name(&attribute, REQUEST_CURRENT);
if (request_name == REQUEST_UNKNOWN) {
- RDEBUG("WARNING: Request qualifier unknown, skipping");
+ RDEBUGW("Request qualifier unknown, skipping");
continue;
}
if (!radius_request(&reference, request_name)) {
- RDEBUG("WARNING: Attribute name refers to outer request"
+ RDEBUGW("Attribute name refers to outer request"
" but not in a tunnel, skipping");
continue;
list_name = radius_list_name(&attribute, PAIR_LIST_REPLY);
if (list_name == PAIR_LIST_UNKNOWN) {
- RDEBUG("WARNING: Invalid list qualifier, skipping");
+ RDEBUGW("Invalid list qualifier, skipping");
continue;
}
da = dict_attrbyname(attribute);
if (!da) {
- RDEBUG("WARNING: Attribute \"%s\" unknown, skipping",
+ RDEBUGW("Attribute \"%s\" unknown, skipping",
attribute);
continue;
q += strlen(q);
break;
case 'k': /* Key Name */
- DEBUG2("WARNING: Please replace '%%k' with '${key}'");
+ DEBUG2W("Please replace '%%k' with '${key}'");
strlcpy(q, data->key_name, freespace);
q += strlen(q);
break;
mn_nai = pairfind(request->packet->vps, 1900, 0, TAG_ANY);
if (!mn_nai) mn_nai = pairfind(request->reply->vps, 1900, 0, TAG_ANY);
if (!mn_nai) {
- RDEBUG("WARNING: WiMAX-MN-NAI was not found in the request or in the reply.");
- RDEBUG("WARNING: We cannot calculate MN-HA keys.");
+ RDEBUGW("WiMAX-MN-NAI was not found in the request or in the reply.");
+ RDEBUGW("We cannot calculate MN-HA keys.");
}
/*
vp = NULL;
if (mn_nai) vp = pairfind(request->reply->vps, 23, VENDORPEC_WIMAX, TAG_ANY);
if (!vp) {
- RDEBUG("WARNING: WiMAX-IP-Technology not found in reply.");
- RDEBUG("WARNING: Not calculating MN-HA keys");
+ RDEBUGW("WiMAX-IP-Technology not found in reply.");
+ RDEBUGW("Not calculating MN-HA keys");
}
if (vp) switch (vp->vp_integer) {
*/
ip = pairfind(request->reply->vps, 6, VENDORPEC_WIMAX, TAG_ANY);
if (!ip) {
- RDEBUG("WARNING: WiMAX-hHA-IP-MIP4 not found. Cannot calculate MN-HA-PMIP4 key");
+ RDEBUGW("WiMAX-hHA-IP-MIP4 not found. Cannot calculate MN-HA-PMIP4 key");
break;
}
10, VENDORPEC_WIMAX);
}
if (!vp) {
- RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP4-Key");
+ RDEBUGW("Failed creating WiMAX-MN-hHA-MIP4-Key");
break;
}
memcpy(vp->vp_octets, &mip_rk_1[0], rk1_len);
11, VENDORPEC_WIMAX);
}
if (!vp) {
- RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP4-SPI");
+ RDEBUGW("Failed creating WiMAX-MN-hHA-MIP4-SPI");
break;
}
vp->vp_integer = mip_spi + 1;
*/
ip = pairfind(request->reply->vps, 6, VENDORPEC_WIMAX, TAG_ANY);
if (!ip) {
- RDEBUG("WARNING: WiMAX-hHA-IP-MIP4 not found. Cannot calculate MN-HA-CMIP4 key");
+ RDEBUGW("WiMAX-hHA-IP-MIP4 not found. Cannot calculate MN-HA-CMIP4 key");
break;
}
10, VENDORPEC_WIMAX);
}
if (!vp) {
- RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP4-Key");
+ RDEBUGW("Failed creating WiMAX-MN-hHA-MIP4-Key");
break;
}
memcpy(vp->vp_octets, &mip_rk_1[0], rk1_len);
11, VENDORPEC_WIMAX);
}
if (!vp) {
- RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP4-SPI");
+ RDEBUGW("Failed creating WiMAX-MN-hHA-MIP4-SPI");
break;
}
vp->vp_integer = mip_spi;
*/
ip = pairfind(request->reply->vps, 7, VENDORPEC_WIMAX, TAG_ANY);
if (!ip) {
- RDEBUG("WARNING: WiMAX-hHA-IP-MIP6 not found. Cannot calculate MN-HA-CMIP6 key");
+ RDEBUGW("WiMAX-hHA-IP-MIP6 not found. Cannot calculate MN-HA-CMIP6 key");
break;
}
12, VENDORPEC_WIMAX);
}
if (!vp) {
- RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP6-Key");
+ RDEBUGW("Failed creating WiMAX-MN-hHA-MIP6-Key");
break;
}
memcpy(vp->vp_octets, &mip_rk_1[0], rk1_len);
13, VENDORPEC_WIMAX);
}
if (!vp) {
- RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP6-SPI");
+ RDEBUGW("Failed creating WiMAX-MN-hHA-MIP6-SPI");
break;
}
vp->vp_integer = mip_spi + 2;
61, VENDORPEC_WIMAX);
}
if (!vp) {
- RDEBUG("WARNING: Failed creating WiMAX-FA-RK-SPI");
+ RDEBUGW("Failed creating WiMAX-FA-RK-SPI");
} else {
vp->vp_integer = mip_spi;
}
if (vp) {
RDEBUG("Client requested MN-HA key: Should use SPI to look up key from storage.");
if (!mn_nai) {
- RDEBUG("WARNING: MN-NAI was not found!");
+ RDEBUGW("MN-NAI was not found!");
}
/*
* WiMAX-RRQ-HA-IP
*/
if (!pairfind(request->packet->vps, 18, VENDORPEC_WIMAX, TAG_ANY)) {
- RDEBUG("WARNING: HA-IP was not found!");
+ RDEBUGW("HA-IP was not found!");
}
projects / thirdparty / freeradius-server.git / commitdiff
