/* this is the point where you would grow the buffer, if you want to */
if (string_len + buf->datalen > buf->len) { /* we're out of luck */
- log_fn(LOG_DEBUG, "buflen too small. Time to implement growing dynamic bufs.");
+ log_fn(LOG_WARNING, "buflen too small. Time to implement growing dynamic bufs.");
return -1;
}
log_fn(LOG_DEBUG,"headerlen %d, bodylen %d.",headerlen,bodylen);
if(headers_out && max_headerlen <= headerlen) {
- log_fn(LOG_DEBUG,"headerlen %d larger than %d. Failing.", headerlen, max_headerlen-1);
+ log_fn(LOG_WARNING,"headerlen %d larger than %d. Failing.", headerlen, max_headerlen-1);
return -1;
}
if(body_out && max_bodylen <= bodylen) {
- log_fn(LOG_DEBUG,"bodylen %d larger than %d. Failing.", bodylen, max_bodylen-1);
+ log_fn(LOG_WARNING,"bodylen %d larger than %d. Failing.", bodylen, max_bodylen-1);
return -1;
}
socks4_info.destip = ntohl(*(uint32_t*)(buf->buf+4));
if(socks4_info.version != 4) {
- log_fn(LOG_NOTICE,"Unrecognized version %d.",socks4_info.version);
+ log_fn(LOG_WARNING,"Unrecognized version %d.",socks4_info.version);
return -1;
}
if(socks4_info.command != 1) { /* not a connect? we don't support it. */
- log_fn(LOG_NOTICE,"command %d not '1'.",socks4_info.command);
+ log_fn(LOG_WARNING,"command %d not '1'.",socks4_info.command);
return -1;
}
port = socks4_info.destport;
if(!port) {
- log_fn(LOG_NOTICE,"Port is zero.");
+ log_fn(LOG_WARNING,"Port is zero.");
return -1;
}
if(!socks4_info.destip) {
- log_fn(LOG_NOTICE,"DestIP is zero.");
+ log_fn(LOG_WARNING,"DestIP is zero.");
return -1;
}
if(socks4_info.destip >> 8) {
struct in_addr in;
- log_fn(LOG_NOTICE,"destip not in form 0.0.0.x.");
+ log_fn(LOG_DEBUG,"destip not in form 0.0.0.x.");
in.s_addr = htonl(socks4_info.destip);
tmpbuf = inet_ntoa(in);
if(max_addrlen <= strlen(tmpbuf)) {
- log_fn(LOG_DEBUG,"socks4 addr too long.");
+ log_fn(LOG_WARNING,"socks4 addr too long.");
return -1;
}
log_fn(LOG_DEBUG,"Successfully read destip (%s)", tmpbuf);
return 0;
}
if(max_addrlen <= next-startaddr) {
- log_fn(LOG_DEBUG,"Destaddr not here yet.");
+ log_fn(LOG_WARNING,"Destaddr too long.");
return -1;
}
}
static aci_t get_unique_aci_by_addr_port(uint32_t addr, uint16_t port, int aci_type) {
aci_t test_aci;
connection_t *conn;
-
-#ifdef SEQUENTIAL_ACI
uint16_t high_bit;
+
high_bit = (aci_type == ACI_TYPE_HIGHER) ? 1<<15 : 0;
conn = connection_exact_get_by_addr_port(addr,port);
if (!conn)
}
test_aci |= high_bit;
} while(circuit_get_by_aci_conn(test_aci, conn));
- return test_aci;
-#else
-try_again:
- log_fn(LOG_DEBUG,"trying to get a unique aci");
-
- if (CRYPTO_PSEUDO_RAND_INT(test_aci))
- return -1;
-
- if(aci_type == ACI_TYPE_LOWER && test_aci >= (1<<15))
- test_aci -= (1<<15);
- if(aci_type == ACI_TYPE_HIGHER && test_aci < (1<<15))
- test_aci += (1<<15);
- /* if aci_type == ACI_BOTH, don't filter any of it */
-
- if(test_aci == 0)
- goto try_again;
-
- conn = connection_exact_get_by_addr_port(addr,port);
- if(!conn) /* there can't be a conflict -- no connection of that sort yet */
- return test_aci;
-
- if(circuit_get_by_aci_conn(test_aci, conn))
- goto try_again;
-#endif
-
return test_aci;
}
log_fn(LOG_DEBUG,"direction %d, streamid %d before crypt.", cell_direction, *(int*)(cell->payload+1));
if(relay_crypt(circ, buf, 1+CELL_PAYLOAD_SIZE, cell_direction, &layer_hint, &recognized, &conn) < 0) {
- log_fn(LOG_DEBUG,"relay crypt failed. Dropping connection.");
+ log_fn(LOG_WARNING,"relay crypt failed. Dropping connection.");
return -1;
}
if(circ->cpath) { /* we're at the beginning of the circuit. We'll want to do layered crypts. */
thishop = circ->cpath;
if(thishop->state != CPATH_STATE_OPEN) {
- log_fn(LOG_INFO,"Relay cell before first created cell?");
+ log_fn(LOG_WARNING,"Relay cell before first created cell?");
return -1;
}
do { /* Remember: cpath is in forward order, that is, first hop first. */
log_fn(LOG_DEBUG,"before decrypt: %d",*(int*)(in+2));
/* decrypt */
if(crypto_cipher_decrypt(thishop->b_crypto, in, inlen, out)) {
- log_fn(LOG_ERR,"Error performing decryption:%s",crypto_perror());
+ log_fn(LOG_WARNING,"Error performing onion decryption: %s", crypto_perror());
return -1;
}
memcpy(in,out,inlen);
log_fn(LOG_DEBUG,"before encrypt: %d",*(int*)(in+2));
if(crypto_cipher_encrypt(circ->p_crypto, in, inlen, out)) {
- log_fn(LOG_ERR,"Encryption failed for ACI : %u (%s).",
+ log_fn(LOG_WARNING,"Onion encryption failed for ACI %u: %s",
circ->p_aci, crypto_perror());
return -1;
}
log_fn(LOG_DEBUG,"before encrypt: %d",*(int*)(in+2));
if(crypto_cipher_encrypt(thishop->f_crypto, in, inlen, out)) {
- log_fn(LOG_ERR,"Error performing encryption:%s",crypto_perror());
+ log_fn(LOG_WARNING,"Error performing encryption: %s", crypto_perror());
return -1;
}
memcpy(in,out,inlen);
} else { /* we're in the middle. Just one crypt. */
if(crypto_cipher_decrypt(circ->n_crypto,in, inlen, out)) {
- log_fn(LOG_ERR,"Decryption failed for ACI : %u (%s).",
+ log_fn(LOG_WARNING,"Decryption failed for ACI %u: %s",
circ->n_aci, crypto_perror());
return -1;
}
retry_circuit:
if(failures > 5) {
- log_fn(LOG_INFO,"Giving up, %d failures.", failures);
+ log_fn(LOG_INFO,"Giving up for now, %d failures.", failures);
return;
}
circ->state = CIRCUIT_STATE_OR_WAIT;
circ->cpath = onion_generate_cpath(&firsthop);
if(!circ->cpath) {
- log_fn(LOG_DEBUG,"Generating cpath failed.");
+ log_fn(LOG_INFO,"Generating cpath failed.");
circuit_close(circ);
return -1;
}
circ->n_addr = firsthop->addr;
circ->n_port = firsthop->or_port;
if(options.OnionRouter) { /* we would be connected if he were up. but he's not. */
- log_fn(LOG_DEBUG,"Route's firsthop isn't connected.");
+ log_fn(LOG_INFO,"Route's firsthop isn't connected.");
circuit_close(circ);
return -1;
}
if(!n_conn) { /* launch the connection */
n_conn = connection_or_connect(firsthop);
if(!n_conn) { /* connect failed, forget the whole thing */
- log_fn(LOG_DEBUG,"connect to firsthop failed. Closing.");
+ log_fn(LOG_INFO,"connect to firsthop failed. Closing.");
circuit_close(circ);
return -1;
}
circ->n_conn = n_conn;
log_fn(LOG_DEBUG,"Conn open. Delivering first onion skin.");
if(circuit_send_next_onion_skin(circ) < 0) {
- log_fn(LOG_DEBUG,"circuit_send_next_onion_skin failed.");
+ log_fn(LOG_INFO,"circuit_send_next_onion_skin failed.");
circuit_close(circ);
return -1;
}
log_fn(LOG_DEBUG,"Found circ, sending onion skin.");
circ->n_conn = or_conn;
if(circuit_send_next_onion_skin(circ) < 0) {
- log_fn(LOG_DEBUG,"circuit marked for closing.");
+ log_fn(LOG_INFO,"send_next_onion_skin failed; circuit marked for closing.");
circuit_close(circ);
return; /* FIXME will want to try the other circuits too? */
}
cell.length = DH_ONIONSKIN_LEN;
if(onion_skin_create(circ->n_conn->onion_pkey, &(circ->cpath->handshake_state), cell.payload) < 0) {
- log_fn(LOG_INFO,"onion_skin_create (first hop) failed.");
+ log_fn(LOG_WARNING,"onion_skin_create (first hop) failed.");
return -1;
}
hop=hop->next) ;
if(hop == circ->cpath) { /* done building the circuit. whew. */
circ->state = CIRCUIT_STATE_OPEN;
- log_fn(LOG_DEBUG,"circuit built!");
+ log_fn(LOG_INFO,"circuit built!");
return 0;
}
router = router_get_by_addr_port(hop->addr,hop->port);
if(!router) {
- log_fn(LOG_INFO,"couldn't lookup router %d:%d",hop->addr,hop->port);
+ log_fn(LOG_WARNING,"couldn't lookup router %d:%d",hop->addr,hop->port);
return -1;
}
*(uint32_t*)(cell.payload+RELAY_HEADER_SIZE) = htonl(hop->addr);
*(uint16_t*)(cell.payload+RELAY_HEADER_SIZE+4) = htons(hop->port);
if(onion_skin_create(router->onion_pkey, &(hop->handshake_state), cell.payload+RELAY_HEADER_SIZE+6) < 0) {
- log_fn(LOG_INFO,"onion_skin_create failed.");
+ log_fn(LOG_WARNING,"onion_skin_create failed.");
return -1;
}
log_fn(LOG_DEBUG,"Sending extend relay cell.");
/* send it to hop->prev, because it will transfer it to a create cell and then send to hop */
if(circuit_deliver_relay_cell(&cell, circ, CELL_DIRECTION_OUT, hop->prev) < 0) {
- log_fn(LOG_DEBUG,"failed to deliver extend cell. Closing.");
+ log_fn(LOG_WARNING,"failed to deliver extend cell. Closing.");
return -1;
}
hop->state = CPATH_STATE_AWAITING_KEYS;
log_fn(LOG_DEBUG,"aci_type = %u.",aci_type);
circ->n_aci = get_unique_aci_by_addr_port(circ->n_addr, circ->n_port, aci_type);
if(!circ->n_aci) {
- log_fn(LOG_ERR,"failed to get unique aci.");
+ log_fn(LOG_WARNING,"failed to get unique aci.");
return -1;
}
log_fn(LOG_DEBUG,"Chosen ACI %u.",circ->n_aci);
hop != circ->cpath && hop->state == CPATH_STATE_OPEN;
hop=hop->next) ;
if(hop == circ->cpath) { /* got an extended when we're all done? */
- log_fn(LOG_INFO,"got extended when circ already built? Closing.");
+ log_fn(LOG_WARNING,"got extended when circ already built? Closing.");
return -1;
}
}
assert(hop->state == CPATH_STATE_AWAITING_KEYS);
if(onion_skin_client_handshake(hop->handshake_state, reply, keys, 32) < 0) {
- log_fn(LOG_ERR,"onion_skin_client_handshake failed.");
+ log_fn(LOG_WARNING,"onion_skin_client_handshake failed.");
return -1;
}
log_fn(LOG_DEBUG,"hop %d init cipher forward %d, backward %d.", (uint32_t)hop, *(uint32_t*)keys, *(uint32_t*)(keys+16));
if (!(hop->f_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,keys,iv,1))) {
- log(LOG_ERR,"Cipher initialization failed.");
+ log(LOG_WARNING,"forward cipher initialization failed.");
return -1;
}
if (!(hop->b_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,keys+16,iv,0))) {
- log(LOG_ERR,"Cipher initialization failed.");
+ log(LOG_WARNING,"backward cipher initialization failed.");
return -1;
}
hop->state = CPATH_STATE_OPEN;
- log_fn(LOG_DEBUG,"Completed.");
+ log_fn(LOG_INFO,"finished");
return 0;
}
for(stream = circ->p_streams; stream; stream=stream->next_stream) {
if(stream->cpath_layer == victim) {
- log_fn(LOG_DEBUG, "Marking stream %d for close.", *(int*)stream->stream_id);
+ log_fn(LOG_INFO, "Marking stream %d for close.", *(int*)stream->stream_id);
stream->marked_for_close = 1;
}
}
circuit_free_cpath_node(victim);
}
- log_fn(LOG_DEBUG, "Complete.");
+ log_fn(LOG_INFO, "finished");
return 0;
}
command_process_destroy_cell);
break;
default:
- log(LOG_DEBUG,"Cell of unknown type (%d) received. Dropping.", cell->command);
+ log_fn(LOG_WARNING,"Cell of unknown type (%d) received. Dropping.", cell->command);
break;
}
}
circ = circuit_get_by_aci_conn(cell->aci, conn);
if(circ) {
- log_fn(LOG_DEBUG,"received CREATE cell for known circ. Dropping.");
+ log_fn(LOG_WARNING,"received CREATE cell for known circ. Dropping.");
return;
}
circ = circuit_new(cell->aci, conn);
circ->state = CIRCUIT_STATE_ONIONSKIN_PENDING;
if(cell->length != DH_ONIONSKIN_LEN) {
- log_fn(LOG_DEBUG,"Bad cell length %d. Dropping.", cell->length);
+ log_fn(LOG_WARNING,"Bad cell length %d. Dropping.", cell->length);
circuit_close(circ);
return;
}
/* hand it off to the cpuworkers, and then return */
if(assign_to_cpuworker(NULL, CPUWORKER_TASK_ONION, circ) < 0) {
- log_fn(LOG_DEBUG,"Failed to hand off onionskin. Closing.");
+ log_fn(LOG_WARNING,"Failed to hand off onionskin. Closing.");
circuit_close(circ);
return;
}
- log_fn(LOG_DEBUG,"success: handed off onionskin.");
+ log_fn(LOG_INFO,"success: handed off onionskin.");
}
static void command_process_created_cell(cell_t *cell, connection_t *conn) {
circ = circuit_get_by_aci_conn(cell->aci, conn);
if(!circ) {
- log_fn(LOG_DEBUG,"received CREATED cell for unknown circ. Dropping.");
+ log_fn(LOG_WARNING,"received CREATED cell for unknown circ. Dropping.");
return;
}
if(circ->n_aci != cell->aci) {
- log_fn(LOG_DEBUG,"got created cell from OPward? Dropping.");
+ log_fn(LOG_WARNING,"got created cell from OPward? Closing.");
+ circuit_close(circ);
return;
}
assert(cell->length == DH_KEY_LEN);
if(circ->cpath) { /* we're the OP. Handshake this. */
log_fn(LOG_DEBUG,"at OP. Finishing handshake.");
if(circuit_finish_handshake(circ, cell->payload) < 0) {
- log_fn(LOG_INFO,"circuit_finish_handshake failed.");
+ log_fn(LOG_WARNING,"circuit_finish_handshake failed.");
circuit_close(circ);
return;
}
log_fn(LOG_DEBUG,"Moving to next skin.");
if(circuit_send_next_onion_skin(circ) < 0) {
- log_fn(LOG_INFO,"circuit_send_next_onion_skin failed.");
+ log_fn(LOG_WARNING,"circuit_send_next_onion_skin failed.");
circuit_close(circ);
return;
}
newcell.length = RELAY_HEADER_SIZE + cell->length;
memcpy(newcell.payload+RELAY_HEADER_SIZE, cell->payload, DH_KEY_LEN);
- log_fn(LOG_DEBUG,"Sending extended relay cell.");
+ log_fn(LOG_INFO,"Converting created cell to extended relay cell, sending.");
if(circuit_deliver_relay_cell(&newcell, circ, CELL_DIRECTION_IN, NULL) < 0) {
- log_fn(LOG_DEBUG,"failed to deliver extended cell. Closing.");
+ log_fn(LOG_WARNING,"failed to deliver extended cell. Closing.");
circuit_close(circ);
return;
}
circ = circuit_get_by_aci_conn(cell->aci, conn);
if(!circ) {
- log_fn(LOG_DEBUG,"unknown circuit %d. Dropping.", cell->aci);
+ log_fn(LOG_INFO,"unknown circuit %d. Dropping.", cell->aci);
return;
}
if(circ->state == CIRCUIT_STATE_ONIONSKIN_PENDING) {
- log_fn(LOG_DEBUG,"circuit in create_wait. Dropping.");
+ log_fn(LOG_WARNING,"circuit in create_wait. Closing.");
+ circuit_close(circ);
return;
}
if(cell->aci == circ->p_aci) { /* it's an outgoing cell */
cell->aci = circ->n_aci; /* switch it */
if(circuit_deliver_relay_cell(cell, circ, CELL_DIRECTION_OUT, conn->cpath_layer) < 0) {
- log_fn(LOG_INFO,"circuit_deliver_relay_cell (forward) failed. Closing.");
+ log_fn(LOG_WARNING,"circuit_deliver_relay_cell (forward) failed. Closing.");
circuit_close(circ);
return;
}
} else { /* it's an ingoing cell */
cell->aci = circ->p_aci; /* switch it */
if(circuit_deliver_relay_cell(cell, circ, CELL_DIRECTION_IN, NULL) < 0) {
- log_fn(LOG_DEBUG,"circuit_deliver_relay_cell (backward) failed. Closing.");
+ log_fn(LOG_WARNING,"circuit_deliver_relay_cell (backward) failed. Closing.");
circuit_close(circ);
return;
}
circ = circuit_get_by_aci_conn(cell->aci, conn);
if(!circ) {
- log_fn(LOG_DEBUG,"unknown circuit %d. Dropping.", cell->aci);
+ log_fn(LOG_INFO,"unknown circuit %d. Dropping.", cell->aci);
return;
}
case CONFIG_TYPE_BOOL:
i = atoi(c->value);
if (i != 0 && i != 1) {
- log(LOG_ERR, "Boolean keyword '%s' expects 0 or 1", c->key);
+ log(LOG_WARNING, "Boolean keyword '%s' expects 0 or 1", c->key);
return 0;
}
*(int *)arg = i;
log(LOG_DEBUG,"Opening config file '%s'",fname);
cf = config_open(fname);
- if(!cf) { /* it's defined but not there. that's no good. */
+ if(!cf) {
log(LOG_ERR, "Unable to open configuration file '%s'.",fname);
return -1;
}
s = socket(PF_INET,SOCK_STREAM,IPPROTO_TCP);
if (s < 0) {
- log_fn(LOG_ERR,"Socket creation failed.");
+ log_fn(LOG_WARNING,"Socket creation failed.");
return -1;
}
if(bind(s,(struct sockaddr *)bindaddr,sizeof(*bindaddr)) < 0) {
perror("bind ");
- log(LOG_ERR,"Could not bind to port %u.",ntohs(bindaddr->sin_port));
+ log(LOG_WARNING,"Could not bind to port %u.",ntohs(bindaddr->sin_port));
return -1;
}
if(listen(s,SOMAXCONN) < 0) {
- log(LOG_ERR,"Could not listen on port %u.",ntohs(bindaddr->sin_port));
+ log(LOG_WARNING,"Could not listen on port %u.",ntohs(bindaddr->sin_port));
return -1;
}
conn = connection_new(type);
if(!conn) {
- log_fn(LOG_DEBUG,"connection_new failed. Giving up.");
+ log_fn(LOG_WARNING,"connection_new failed. Giving up.");
return -1;
}
conn->s = s;
conn->bandwidth = -1;
if(connection_add(conn) < 0) { /* no space, forget it */
- log_fn(LOG_DEBUG,"connection_add failed. Giving up.");
+ log_fn(LOG_WARNING,"connection_add failed. Giving up.");
connection_free(conn);
return -1;
}
}
int connection_handle_listener_read(connection_t *conn, int new_type) {
-
int news; /* the new socket */
connection_t *newconn;
struct sockaddr_in remote; /* information about the remote peer when connecting to other routers */
#endif
}
/* else there was a real error. */
- log_fn(LOG_ERR,"accept() failed. Closing.");
+ log_fn(LOG_WARNING,"accept() failed. Closing listener.");
return -1;
}
log(LOG_INFO,"Connection accepted on socket %d (child of fd %d).",news, conn->s);
set_socket_nonblocking(news);
newconn = connection_new(new_type);
+ if(!newconn) {
+ log_fn(LOG_WARNING,"connection_new failed. Giving up.");
+ return 0;
+ }
newconn->s = news;
if(!connection_speaks_cells(newconn)) {
switch(conn->type) {
case CONN_TYPE_OR:
- if(connection_tls_start_handshake(conn, 1) < 0)
- return -1;
- break;
+ return connection_tls_start_handshake(conn, 1);
case CONN_TYPE_AP:
conn->state = AP_CONN_STATE_SOCKS_WAIT;
break;
conn->state = OR_CONN_STATE_HANDSHAKING;
conn->tls = tor_tls_new(conn->s, receiving);
if(!conn->tls) {
- log_fn(LOG_ERR,"tor_tls_new failed. Closing.");
+ log_fn(LOG_WARNING,"tor_tls_new failed. Closing.");
return -1;
}
connection_start_reading(conn);
switch(tor_tls_handshake(conn->tls)) {
case TOR_TLS_ERROR:
case TOR_TLS_CLOSE:
- log_fn(LOG_DEBUG,"tls error. breaking.");
+ log_fn(LOG_INFO,"tls error. breaking.");
return -1;
case TOR_TLS_DONE:
return connection_tls_finish_handshake(conn);
if(tor_tls_peer_has_cert(conn->tls)) { /* it's another OR */
pk = tor_tls_verify(conn->tls);
if(!pk) {
- log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing.");
+ log_fn(LOG_WARNING,"Other side has a cert but it's invalid. Closing.");
return -1;
}
router = router_get_by_link_pk(pk);
if (!router) {
- log_fn(LOG_INFO,"Unrecognized public key from peer. Closing.");
+ log_fn(LOG_WARNING,"Unrecognized public key from peer. Closing.");
crypto_free_pk_env(pk);
return -1;
}
if(conn->link_pkey) { /* I initiated this connection. */
if(crypto_pk_cmp_keys(conn->link_pkey, pk)) {
- log_fn(LOG_INFO,"We connected to '%s' but he gave us a different key. Closing.", router->nickname);
+ log_fn(LOG_WARNING,"We connected to '%s' but he gave us a different key. Closing.", router->nickname);
crypto_free_pk_env(pk);
return -1;
}
log_fn(LOG_DEBUG,"The router's pk matches the one we meant to connect to. Good.");
} else {
if(connection_exact_get_by_addr_port(router->addr,router->or_port)) {
- log_fn(LOG_INFO,"That router is already connected. Dropping.");
+ log_fn(LOG_INFO,"Router %s is already connected. Dropping.", router->nickname);
return -1;
}
connection_or_init_conn_from_router(conn, router);
}
} else { /* I'm a client */
if(!tor_tls_peer_has_cert(conn->tls)) { /* it's a client too?! */
- log_fn(LOG_INFO,"Neither peer sent a cert! Closing.");
+ log_fn(LOG_WARNING,"Neither peer sent a cert! Closing.");
return -1;
}
pk = tor_tls_verify(conn->tls);
if(!pk) {
- log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing.");
+ log_fn(LOG_WARNING,"Other side has a cert but it's invalid. Closing.");
return -1;
}
router = router_get_by_link_pk(pk);
if (!router) {
- log_fn(LOG_INFO,"Unrecognized public key from peer. Closing.");
+ log_fn(LOG_WARNING,"Unrecognized public key from peer. Closing.");
crypto_free_pk_env(pk);
return -1;
}
if(crypto_pk_cmp_keys(conn->link_pkey, pk)) {
- log_fn(LOG_INFO,"We connected to '%s' but he gave us a different key. Closing.", router->nickname);
+ log_fn(LOG_WARNING,"We connected to '%s' but he gave us a different key. Closing.", router->nickname);
crypto_free_pk_env(pk);
return -1;
}
s=socket(PF_INET,SOCK_STREAM,IPPROTO_TCP);
if (s < 0) {
- log_fn(LOG_ERR,"Error creating network socket.");
+ log_fn(LOG_WARNING,"Error creating network socket.");
return -1;
}
set_socket_nonblocking(s);
if(!ERRNO_CONN_EINPROGRESS(errno)) {
/* yuck. kill it. */
perror("connect");
- log_fn(LOG_DEBUG,"Connect failed.");
+ log_fn(LOG_INFO,"Connect() to %s:%u failed.",address,port);
return -1;
} else {
/* it's in progress. set state appropriately and return. */
}
/* it succeeded. we're connected. */
- log_fn(LOG_DEBUG,"Connection to %s:%u established.",address,port);
+ log_fn(LOG_INFO,"Connection to %s:%u established.",address,port);
conn->s = s;
return 1;
}
return -1;
}
if(!connection_state_is_open(conn) && conn->receiver_bucket == 0) {
- log_fn(LOG_DEBUG,"receiver bucket reached 0 before handshake finished. Closing.");
+ log_fn(LOG_WARNING,"receiver bucket reached 0 before handshake finished. Closing.");
return -1;
}
return 0;
switch(result) {
case TOR_TLS_ERROR:
case TOR_TLS_CLOSE:
- log_fn(LOG_DEBUG,"tls error. breaking.");
+ log_fn(LOG_INFO,"tls error. breaking.");
return -1; /* XXX deal with close better */
case TOR_TLS_WANTWRITE:
connection_start_writing(conn);
struct timeval now;
if(connection_is_listener(conn)) {
- log_fn(LOG_DEBUG,"Got a listener socket. Can't happen!");
+ log_fn(LOG_WARNING,"Got a listener socket. Can't happen!");
return -1;
}
switch(flush_buf_tls(conn->tls, conn->outbuf, &conn->outbuf_flushlen)) {
case TOR_TLS_ERROR:
case TOR_TLS_CLOSE:
- log_fn(LOG_DEBUG,"tls error. breaking.");
+ log_fn(LOG_INFO,"tls error. breaking.");
return -1; /* XXX deal with close better */
case TOR_TLS_WANTWRITE:
log_fn(LOG_DEBUG,"wanted write.");
case CONN_TYPE_CPUWORKER:
return connection_cpu_process_inbuf(conn);
default:
- log_fn(LOG_DEBUG,"got unexpected conn->type.");
+ log_fn(LOG_WARNING,"got unexpected conn->type %d.", conn->type);
return -1;
}
}
case CONN_TYPE_CPUWORKER:
return connection_cpu_finished_flushing(conn);
default:
- log_fn(LOG_DEBUG,"got unexpected conn->type.");
+ log_fn(LOG_WARNING,"got unexpected conn->type %d.", conn->type);
return -1;
}
}
cell.aci = circ->n_aci;
if (circuit_deliver_relay_cell(&cell, circ, CELL_DIRECTION(conn->type), conn->cpath_layer) < 0) {
- log(LOG_DEBUG,"circuit_deliver_relay_cell failed. Closing.");
+ log_fn(LOG_WARNING,"(fd %d) circuit_deliver_relay_cell failed. Closing.", conn->s);
circuit_close(circ);
}
return 0;
#else
/* eof reached, kill it. */
- log_fn(LOG_DEBUG,"conn reached eof. Closing.");
+ log_fn(LOG_INFO,"conn (fd %d) reached eof. Closing.", conn->s);
return -1;
#endif
}
return -1;
return 0;
case EXIT_CONN_STATE_CONNECTING:
- log_fn(LOG_DEBUG,"text from server while in 'connecting' state at exit. Leaving it on buffer.");
+ log_fn(LOG_INFO,"text from server while in 'connecting' state at exit. Leaving it on buffer.");
return 0;
}
int cell_direction;
if(!circ) {
- log_fn(LOG_DEBUG,"no circ. Closing.");
+ log_fn(LOG_WARNING,"no circ. Closing.");
return -1;
}
log_fn(LOG_INFO,"delivering %d cell %s.", relay_command, cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");
if(circuit_deliver_relay_cell(&cell, circ, cell_direction, fromconn ? fromconn->cpath_layer : NULL) < 0) {
- log_fn(LOG_DEBUG,"circuit_deliver_relay_cell failed. Closing.");
+ log_fn(LOG_WARNING,"circuit_deliver_relay_cell failed. Closing.");
circuit_close(circ);
return 0;
}
dns_cancel_pending_resolve(conn->address, conn);
}
} else {
- log_fn(LOG_DEBUG,"Got an unexpected relay cell, not in 'open' state. Dropping.");
+ log_fn(LOG_WARNING,"Got an unexpected relay cell, not in 'open' state. Dropping.");
}
return 0;
}
switch(relay_command) {
case RELAY_COMMAND_BEGIN:
if(edge_type == EDGE_AP) {
- log_fn(LOG_INFO,"relay begin request unsupported. Dropping.");
+ log_fn(LOG_WARNING,"relay begin request unsupported at AP. Dropping.");
return 0;
}
if(conn) {
- log_fn(LOG_INFO,"begin cell for known stream. Dropping.");
+ log_fn(LOG_WARNING,"begin cell for known stream. Dropping.");
return 0;
}
return connection_exit_begin_conn(cell, circ);
case RELAY_COMMAND_DATA:
if((edge_type == EDGE_AP && --layer_hint->deliver_window < 0) ||
(edge_type == EDGE_EXIT && --circ->deliver_window < 0)) {
- log_fn(LOG_DEBUG,"circ deliver_window below 0. Killing.");
+ log_fn(LOG_WARNING,"(relay data) circ deliver_window below 0. Killing.");
return -1;
}
log_fn(LOG_DEBUG,"circ deliver_window now %d.", edge_type == EDGE_AP ? layer_hint->deliver_window : circ->deliver_window);
return -1;
if(!conn) {
- log_fn(LOG_DEBUG,"relay cell dropped, unknown stream %d.",*(int*)conn->stream_id);
+ log_fn(LOG_INFO,"relay cell dropped, unknown stream %d.",*(int*)conn->stream_id);
return 0;
}
if(--conn->deliver_window < 0) { /* is it below 0 after decrement? */
- log_fn(LOG_DEBUG,"conn deliver_window below 0. Killing.");
+ log_fn(LOG_WARNING,"(relay data) conn deliver_window below 0. Killing.");
return -1; /* somebody's breaking protocol. kill the whole circuit. */
}
return 0;
case RELAY_COMMAND_END:
if(!conn) {
- log_fn(LOG_DEBUG,"end cell dropped, unknown stream %d.",*(int*)conn->stream_id);
+ log_fn(LOG_INFO,"end cell dropped, unknown stream %d.",*(int*)conn->stream_id);
return 0;
}
- log_fn(LOG_DEBUG,"end cell for stream %d. Removing stream.",*(int*)conn->stream_id);
+ log_fn(LOG_INFO,"end cell for stream %d. Removing stream.",*(int*)conn->stream_id);
#ifdef HALF_OPEN
conn->done_sending = 1;
break;
case RELAY_COMMAND_EXTEND:
if(conn) {
- log_fn(LOG_INFO,"'extend' for non-zero stream. Dropping.");
+ log_fn(LOG_WARNING,"'extend' for non-zero stream. Dropping.");
return 0;
}
return circuit_extend(cell, circ);
case RELAY_COMMAND_EXTENDED:
if(edge_type == EDGE_EXIT) {
- log_fn(LOG_INFO,"'extended' unsupported at exit. Dropping.");
+ log_fn(LOG_WARNING,"'extended' unsupported at exit. Dropping.");
return 0;
}
log_fn(LOG_DEBUG,"Got an extended cell! Yay.");
if(circuit_finish_handshake(circ, cell->payload+RELAY_HEADER_SIZE) < 0) {
- log_fn(LOG_INFO,"circuit_finish_handshake failed.");
+ log_fn(LOG_WARNING,"circuit_finish_handshake failed.");
return -1;
}
return circuit_send_next_onion_skin(circ);
case RELAY_COMMAND_TRUNCATE:
if(edge_type == EDGE_AP) {
- log_fn(LOG_INFO,"'truncate' unsupported at AP. Dropping.");
+ log_fn(LOG_WARNING,"'truncate' unsupported at AP. Dropping.");
return 0;
}
if(circ->n_conn) {
return connection_edge_send_command(NULL, circ, RELAY_COMMAND_TRUNCATED);
case RELAY_COMMAND_TRUNCATED:
if(edge_type == EDGE_EXIT) {
- log_fn(LOG_INFO,"'truncated' unsupported at exit. Dropping.");
+ log_fn(LOG_WARNING,"'truncated' unsupported at exit. Dropping.");
return 0;
}
return circuit_truncated(circ, layer_hint);
case RELAY_COMMAND_CONNECTED:
if(edge_type == EDGE_EXIT) {
- log_fn(LOG_INFO,"'connected' unsupported at exit. Dropping.");
+ log_fn(LOG_WARNING,"'connected' unsupported at exit. Dropping.");
return 0;
}
if(!conn) {
- log_fn(LOG_DEBUG,"connected cell dropped, unknown stream %d.",*(int*)conn->stream_id);
+ log_fn(LOG_INFO,"connected cell dropped, unknown stream %d.",*(int*)conn->stream_id);
break;
}
- log_fn(LOG_DEBUG,"Connected! Notifying application.");
+ log_fn(LOG_INFO,"Connected! Notifying application.");
if(connection_ap_handshake_socks_reply(conn, SOCKS4_REQUEST_GRANTED) < 0) {
conn->marked_for_close = 1;
}
connection_package_raw_inbuf(conn); /* handle whatever might still be on the inbuf */
break;
default:
- log_fn(LOG_DEBUG,"unknown relay command %d.",relay_command);
+ log_fn(LOG_WARNING,"unknown relay command %d.",relay_command);
+ return -1;
}
return 0;
}
}
/* the connect has finished. */
- log_fn(LOG_DEBUG,"Exit connection to %s:%u established.",
+ log_fn(LOG_INFO,"Exit connection to %s:%u established.",
conn->address,conn->port);
conn->state = EXIT_CONN_STATE_OPEN;
connection_stop_writing(conn);
return connection_consider_sending_sendme(conn, conn->type);
default:
- log_fn(LOG_DEBUG,"BUG: called in unexpected state.");
- return 0;
+ log_fn(LOG_WARNING,"BUG: called in unexpected state.");
+ return -1;
}
-
return 0;
}
circ = circuit_get_by_conn(conn);
if(!circ) {
- log_fn(LOG_DEBUG,"conn has no circuits!");
+ log_fn(LOG_INFO,"conn has no circuits! Closing.");
return -1;
}
return 0;
if(conn->package_window <= 0) {
- log_fn(LOG_ERR,"called with package_window 0. Tell Roger.");
+ log_fn(LOG_WARNING,"called with package_window 0. Tell Roger.");
connection_stop_reading(conn);
return 0;
}
if(conn->type == CONN_TYPE_EXIT) {
cell.aci = circ->p_aci;
if(circuit_deliver_relay_cell(&cell, circ, CELL_DIRECTION_IN, NULL) < 0) {
- log_fn(LOG_DEBUG,"circuit_deliver_relay_cell (backward) failed. Closing.");
+ log_fn(LOG_WARNING,"circuit_deliver_relay_cell (backward) failed. Closing.");
circuit_close(circ);
return 0;
}
assert(conn->type == CONN_TYPE_AP);
cell.aci = circ->n_aci;
if(circuit_deliver_relay_cell(&cell, circ, CELL_DIRECTION_OUT, conn->cpath_layer) < 0) {
- log_fn(LOG_DEBUG,"circuit_deliver_relay_cell (forward) failed. Closing.");
+ log_fn(LOG_WARNING,"circuit_deliver_relay_cell (forward) failed. Closing.");
circuit_close(circ);
return 0;
}
circ = circuit_get_by_conn(conn);
if(!circ) {
/* this can legitimately happen if the destroy has already arrived and torn down the circuit */
- log_fn(LOG_DEBUG,"No circuit associated with conn. Skipping.");
+ log_fn(LOG_INFO,"No circuit associated with conn. Skipping.");
return 0;
}
log_fn(LOG_DEBUG,"Outbuf %d, Queueing stream sendme.", conn->outbuf_flushlen);
conn->deliver_window += STREAMWINDOW_INCREMENT;
if(circuit_deliver_relay_cell(&cell, circ, CELL_DIRECTION(edge_type), conn->cpath_layer) < 0) {
- log_fn(LOG_DEBUG,"circuit_deliver_relay_cell failed. Closing.");
+ log_fn(LOG_WARNING,"circuit_deliver_relay_cell failed. Closing.");
circuit_close(circ);
return 0;
}
switch(fetch_from_buf_socks(conn->inbuf,
destaddr, sizeof(destaddr), &destport)) {
case -1:
- log_fn(LOG_DEBUG,"Fetching socks handshake failed. Closing.");
+ log_fn(LOG_WARNING,"Fetching socks handshake failed. Closing.");
connection_ap_handshake_socks_reply(conn, SOCKS4_REQUEST_REJECT);
return -1;
case 0:
1 + STREAM_ID_SIZE + RELAY_HEADER_SIZE;
log_fn(LOG_DEBUG,"Sending relay cell (id %d) to begin stream %d.", *(int *)(cell.payload+1),*(int *)ap_conn->stream_id);
if(circuit_deliver_relay_cell(&cell, circ, CELL_DIRECTION_OUT, ap_conn->cpath_layer) < 0) {
- log_fn(LOG_DEBUG,"failed to deliver begin cell. Closing.");
+ log_fn(LOG_WARNING,"failed to deliver begin cell. Closing.");
return -1;
}
ap_conn->package_window = STREAMWINDOW_START;
*colon = 0;
if(!atoi(colon+1)) { /* bad port */
- log_fn(LOG_DEBUG,"relay begin cell has invalid port. Dropping.");
+ log_fn(LOG_WARNING,"relay begin cell has invalid port. Dropping.");
return 0;
}
log_fn(LOG_DEBUG,"Creating new exit connection.");
n_stream = connection_new(CONN_TYPE_EXIT);
if(!n_stream) {
- log_fn(LOG_DEBUG,"connection_new failed. Dropping.");
+ log_fn(LOG_WARNING,"connection_new failed. Dropping.");
return 0;
}
n_stream->package_window = STREAMWINDOW_START;
n_stream->deliver_window = STREAMWINDOW_START;
if(connection_add(n_stream) < 0) { /* no space, forget it */
- log_fn(LOG_DEBUG,"connection_add failed. Dropping.");
+ log_fn(LOG_WARNING,"connection_add failed. Dropping.");
connection_free(n_stream);
return 0;
}
return 0;
/* else fall through */
case -1: /* resolve failed */
- log_fn(LOG_DEBUG,"Couldn't queue resolve request.");
+ log_fn(LOG_WARNING,"Couldn't queue resolve request.");
connection_remove(n_stream);
connection_free(n_stream);
case 0: /* resolve added to pending list */
connection_set_poll_socket(conn);
conn->state = EXIT_CONN_STATE_OPEN;
if(connection_wants_to_flush(conn)) { /* in case there are any queued data cells */
- log_fn(LOG_ERR,"tell roger: newly connected conn had data waiting!");
+ log_fn(LOG_WARNING,"tell roger: newly connected conn had data waiting!");
// connection_start_writing(conn);
}
// connection_process_inbuf(conn);
assert(conn && conn->type == CONN_TYPE_OR);
if(conn->inbuf_reached_eof) {
- log_fn(LOG_DEBUG,"conn reached eof. Closing.");
+ log_fn(LOG_INFO,"conn reached eof. Closing.");
return -1;
}
}
/* the connect has finished. */
- log_fn(LOG_DEBUG,"OR connect() to router %s:%u finished.",
+ log_fn(LOG_INFO,"OR connect() to router %s:%u finished.",
conn->address,conn->port);
if(connection_tls_start_handshake(conn, 0) < 0)
return -1;
+ return 0;
case OR_CONN_STATE_OPEN:
connection_stop_writing(conn);
return 0;
default:
- log_fn(LOG_ERR,"BUG: called in unexpected state.");
+ log_fn(LOG_WARNING,"BUG: called in unexpected state.");
return 0;
}
}
assert(router);
if(router_is_me(router->addr, router->or_port)) {
- /* this is me! don't connect to me. */
+ /* this is me! don't connect to me. XXX use nickname/key */
log(LOG_DEBUG,"connection_or_connect(): This is me. Skipping.");
return NULL;
}
conn = connection_new(CONN_TYPE_OR);
if(!conn) {
+ log_fn(LOG_WARNING,"connection_new failed; skipping.");
return NULL;
}
}
static void tag_pack(char *tag, uint32_t addr, uint16_t port, aci_t aci) {
- struct in_addr in;
-
*(uint32_t *)tag = addr;
*(uint16_t *)(tag+4) = port;
*(aci_t *)(tag+6) = aci;
-
- in.s_addr = htonl(addr);
- log_fn(LOG_DEBUG,"onion was from %s:%d, aci %d.", inet_ntoa(in), port, aci);
}
static void tag_unpack(char *tag, uint32_t *addr, uint16_t *port, aci_t *aci) {
assert(conn && conn->type == CONN_TYPE_CPUWORKER);
if(conn->inbuf_reached_eof) {
- log_fn(LOG_ERR,"Read eof. Worker dying.");
+ log_fn(LOG_WARNING,"Read eof. Worker dying.");
if(conn->state != CPUWORKER_STATE_IDLE) {
/* XXX the circ associated with this cpuworker will wait forever. Oops. */
num_cpuworkers_busy--;
circ = circuit_get_by_aci_conn(aci, p_conn);
if(!circ) {
- log_fn(LOG_DEBUG,"processed onion for a circ that's gone. Dropping.");
+ log_fn(LOG_INFO,"processed onion for a circ that's gone. Dropping.");
goto done_processing;
}
assert(circ->p_conn);
if(*buf == 0) {
- log_fn(LOG_DEBUG,"decoding onionskin failed. Closing.");
+ log_fn(LOG_WARNING,"decoding onionskin failed. Closing.");
circuit_close(circ);
goto done_processing;
}
if(onionskin_answer(circ, buf+1+TAG_LEN, buf+1+TAG_LEN+DH_KEY_LEN) < 0) {
- log_fn(LOG_DEBUG,"onionskin_answer failed. Closing.");
+ log_fn(LOG_WARNING,"onionskin_answer failed. Closing.");
circuit_close(circ);
goto done_processing;
}
for(;;) {
if(read(fd, &question_type, 1) != 1) {
- log_fn(LOG_INFO,"read type failed. Exiting.");
+ log_fn(LOG_ERR,"read type failed. Exiting.");
spawn_exit();
}
assert(question_type == CPUWORKER_TASK_ONION);
if(read_all(fd, tag, TAG_LEN) != TAG_LEN) {
- log_fn(LOG_INFO,"read tag failed. Exiting.");
+ log_fn(LOG_ERR,"read tag failed. Exiting.");
spawn_exit();
}
if(read_all(fd, question, DH_ONIONSKIN_LEN) != DH_ONIONSKIN_LEN) {
- log_fn(LOG_INFO,"read question failed. Exiting.");
+ log_fn(LOG_ERR,"read question failed. Exiting.");
spawn_exit();
}
if(onion_skin_server_handshake(question, get_onion_key(),
reply_to_proxy, keys, 32) < 0) {
/* failure */
- log_fn(LOG_ERR,"onion_skin_server_handshake failed.");
+ log_fn(LOG_WARNING,"onion_skin_server_handshake failed.");
memset(buf,0,LEN_ONION_RESPONSE); /* send all zeros for failure */
} else {
/* success */
- log_fn(LOG_DEBUG,"onion_skin_server_handshake succeeded.");
+ log_fn(LOG_INFO,"onion_skin_server_handshake succeeded.");
buf[0] = 1; /* 1 means success */
memcpy(buf+1,tag,TAG_LEN);
memcpy(buf+1+TAG_LEN,reply_to_proxy,DH_KEY_LEN);
memcpy(buf+1+TAG_LEN+DH_KEY_LEN,keys,32);
}
if(write_all(fd, buf, LEN_ONION_RESPONSE) != LEN_ONION_RESPONSE) {
- log_fn(LOG_INFO,"writing response buf failed. Exiting.");
+ log_fn(LOG_ERR,"writing response buf failed. Exiting.");
spawn_exit();
}
log_fn(LOG_DEBUG,"finished writing response.");
conn->address = strdup("localhost");
if(connection_add(conn) < 0) { /* no space, forget it */
- log_fn(LOG_INFO,"connection_add failed. Giving up.");
+ log_fn(LOG_WARNING,"connection_add failed. Giving up.");
connection_free(conn); /* this closes fd[0] */
return -1;
}
while(num_cpuworkers < num_cpuworkers_needed) {
if(spawn_cpuworker() < 0) {
- log_fn(LOG_ERR,"spawn failed!");
+ log_fn(LOG_WARNING,"spawn failed!");
return;
}
num_cpuworkers++;
if(!circ)
return;
if(assign_to_cpuworker(cpuworker, CPUWORKER_TASK_ONION, circ) < 0)
- log_fn(LOG_DEBUG,"assign_to_cpuworker failed. Ignoring.");
+ log_fn(LOG_WARNING,"assign_to_cpuworker failed. Ignoring.");
}
/* if cpuworker is defined, assert that he's idle, and use him. else,
assert(cpuworker);
if(!circ->p_conn) {
- log_fn(LOG_DEBUG,"circ->p_conn gone. Failing circ.");
+ log_fn(LOG_INFO,"circ->p_conn gone. Failing circ.");
return -1;
}
tag_pack(tag, circ->p_conn->addr, circ->p_conn->port, circ->p_aci);
if(connection_write_to_buf(&question_type, 1, cpuworker) < 0 ||
connection_write_to_buf(tag, sizeof(tag), cpuworker) < 0 ||
connection_write_to_buf(circ->onionskin, DH_ONIONSKIN_LEN, cpuworker) < 0) {
- log_fn(LOG_NOTICE,"Write failed. Closing worker and failing circ.");
+ log_fn(LOG_WARNING,"Write failed. Closing worker and failing circ.");
cpuworker->marked_for_close = 1;
return -1;
}
if (router->identity_pkey)
conn->identity_pkey = crypto_pk_dup_key(router->identity_pkey);
else {
- log_fn(LOG_ERR, "No signing key known for dirserver %s; signature won't be checked", conn->address);
+ log_fn(LOG_WARNING, "No signing key known for dirserver %s; signature won't be checked", conn->address);
conn->identity_pkey = NULL;
+ /* XXX is there really any situation where router doesn't have an identity_pkey? */
}
if(connection_add(conn) < 0) { /* no space, forget it */
switch(command) {
case DIR_CONN_STATE_CONNECTING_FETCH:
if(connection_write_to_buf(fetchstring, strlen(fetchstring), conn) < 0) {
- log_fn(LOG_DEBUG,"Couldn't write fetch to buffer.");
+ log_fn(LOG_WARNING,"Couldn't write fetch to buffer.");
return -1;
}
conn->state = DIR_CONN_STATE_CLIENT_SENDING_FETCH;
case DIR_CONN_STATE_CONNECTING_UPLOAD:
s = router_get_my_descriptor();
if(!s) {
- log_fn(LOG_DEBUG,"Failed to get my descriptor.");
+ log_fn(LOG_WARNING,"Failed to get my descriptor.");
return -1;
}
snprintf(tmp, sizeof(tmp), "POST / HTTP/1.0\r\nContent-Length: %d\r\n\r\n%s",
strlen(s), s);
if(connection_write_to_buf(tmp, strlen(tmp), conn) < 0) {
- log_fn(LOG_DEBUG,"Couldn't write post/descriptor to buffer.");
+ log_fn(LOG_WARNING,"Couldn't write post/descriptor to buffer.");
return -1;
}
conn->state = DIR_CONN_STATE_CLIENT_SENDING_UPLOAD;
if(directory_dirty) {
if (dump_signed_directory_to_string(the_directory, MAX_DIR_SIZE,
get_identity_key())) {
- log(LOG_ERR, "Error writing directory");
+ log(LOG_WARNING, "Error creating directory");
return;
}
directorylen = strlen(the_directory);
switch(fetch_from_buf_http(conn->inbuf,
NULL, 0, the_directory, MAX_DIR_SIZE)) {
case -1: /* overflow */
- log_fn(LOG_DEBUG,"'fetch' response too large. Failing.");
+ log_fn(LOG_WARNING,"'fetch' response too large. Failing.");
return -1;
case 0:
- log_fn(LOG_DEBUG,"'fetch' response not all here, but we're at eof. Closing.");
+ log_fn(LOG_INFO,"'fetch' response not all here, but we're at eof. Closing.");
return -1;
/* case 1, fall through */
}
/* XXX check headers, at least make sure returned 2xx */
directorylen = strlen(the_directory);
- log_fn(LOG_DEBUG,"Received directory (size %d):\n%s", directorylen, the_directory);
+ log_fn(LOG_INFO,"Received directory (size %d):\n%s", directorylen, the_directory);
if(directorylen == 0) {
- log_fn(LOG_DEBUG,"Empty directory. Ignoring.");
+ log_fn(LOG_INFO,"Empty directory. Ignoring.");
return -1;
}
if(router_get_dir_from_string(the_directory, conn->identity_pkey) < 0){
- log_fn(LOG_DEBUG,"...but parsing failed. Ignoring.");
+ log_fn(LOG_INFO,"...but parsing failed. Ignoring.");
} else {
- log_fn(LOG_DEBUG,"and got an %s directory; updated routers.",
+ log_fn(LOG_INFO,"and got an %s directory; updated routers.",
conn->identity_pkey ? "authenticated" : "unauthenticated");
}
if(options.OnionRouter) { /* connect to them all */
return -1;
case DIR_CONN_STATE_CLIENT_READING_UPLOAD:
/* XXX make sure there's a 200 OK on the buffer */
- log_fn(LOG_DEBUG,"eof while reading upload response. Finished.");
+ log_fn(LOG_INFO,"eof while reading upload response. Finished.");
return -1;
default:
- log_fn(LOG_DEBUG,"conn reached eof, not reading. Closing.");
+ log_fn(LOG_INFO,"conn reached eof, not reading. Closing.");
return -1;
}
}
switch(fetch_from_buf_http(conn->inbuf,
headers, sizeof(headers), body, sizeof(body))) {
case -1: /* overflow */
- log_fn(LOG_DEBUG,"input too large. Failing.");
+ log_fn(LOG_WARNING,"input too large. Failing.");
return -1;
case 0:
log_fn(LOG_DEBUG,"command not all here yet.");
directory_rebuild(); /* rebuild it now, iff it's dirty */
if(directorylen == 0) {
- log_fn(LOG_DEBUG,"My directory is empty. Closing.");
+ log_fn(LOG_WARNING,"My directory is empty. Closing.");
return -1;
}
log_fn(LOG_DEBUG,"Dumping directory to client.");
if((connection_write_to_buf(answerstring, strlen(answerstring), conn) < 0) ||
(connection_write_to_buf(the_directory, directorylen, conn) < 0)) {
- log_fn(LOG_DEBUG,"Failed to write answerstring+directory to outbuf.");
+ log_fn(LOG_WARNING,"Failed to write answerstring+directory to outbuf.");
return -1;
}
conn->state = DIR_CONN_STATE_SERVER_WRITING;
/* XXX should check url and http version */
log_fn(LOG_DEBUG,"Received POST command, body '%s'", body);
if(connection_write_to_buf(answerstring, strlen(answerstring), conn) < 0) {
- log_fn(LOG_DEBUG,"Failed to write answerstring to outbuf.");
+ log_fn(LOG_WARNING,"Failed to write answerstring to outbuf.");
return -1;
}
conn->state = DIR_CONN_STATE_SERVER_WRITING;
return 0;
}
- log_fn(LOG_DEBUG,"Got headers with unknown command. Closing.");
+ log_fn(LOG_WARNING,"Got headers with unknown command. Closing.");
return -1;
}
}
/* the connect has finished. */
- log_fn(LOG_DEBUG,"Dir connection to router %s:%u established.",
+ log_fn(LOG_INFO,"Dir connection to router %s:%u established.",
conn->address,conn->port);
return directory_send_command(conn, conn->state);
connection_watch_events(conn, POLLIN);
return 0;
case DIR_CONN_STATE_SERVER_WRITING:
- log_fn(LOG_DEBUG,"Finished writing server response. Closing.");
+ log_fn(LOG_INFO,"Finished writing server response. Closing.");
return -1; /* kill it */
default:
- log_fn(LOG_DEBUG,"BUG: called in unexpected state.");
- return 0;
+ log_fn(LOG_WARNING,"BUG: called in unexpected state.");
+ return -1;
}
-
return 0;
}
dnsconn = connection_get_by_type_state(CONN_TYPE_DNSWORKER, DNSWORKER_STATE_IDLE);
if(!dnsconn) {
- log_fn(LOG_INFO,"no idle dns workers. Failing.");
+ log_fn(LOG_WARNING,"no idle dns workers. Failing.");
dns_cancel_pending_resolve(exitconn->address, NULL);
return -1;
}
/* FFFF we should have it retry if the first worker bombs out */
if(connection_write_to_buf(&len, 1, dnsconn) < 0 ||
connection_write_to_buf(dnsconn->address, len, dnsconn) < 0) {
- log_fn(LOG_NOTICE,"Write failed. Closing worker and failing resolve.");
+ log_fn(LOG_WARNING,"Write failed. Closing worker and failing resolve.");
dnsconn->marked_for_close = 1;
dns_cancel_pending_resolve(exitconn->address, NULL);
return -1;
resolve = SPLAY_FIND(cache_tree, &cache_root, &search);
if(!resolve) {
- log_fn(LOG_INFO,"Answer to unasked question '%s'? Dropping.", question);
+ log_fn(LOG_WARNING,"Question '%s' is not pending. Dropping.", question);
return;
}
resolve = SPLAY_FIND(cache_tree, &cache_root, &search);
if(!resolve) {
- log_fn(LOG_INFO,"Answer to unasked question '%s'? Dropping.", question);
+ log_fn(LOG_WARNING,"Answer to unasked question '%s'? Dropping.", question);
return;
}
assert(conn && conn->type == CONN_TYPE_DNSWORKER);
if(conn->inbuf_reached_eof) {
- log(LOG_ERR,"connection_dnsworker_process_inbuf(): Read eof. Worker dying.");
+ log_fn(LOG_WARNING,"Read eof. Worker dying.");
if(conn->state == DNSWORKER_STATE_BUSY) {
dns_cancel_pending_resolve(conn->address, NULL);
num_dnsworkers_busy--;
for(;;) {
if(read(fd, &question_len, 1) != 1) {
- log(LOG_INFO,"dnsworker_main(): read length failed. Exiting.");
+ log_fn(LOG_ERR,"read length failed. Child exiting.");
spawn_exit();
}
assert(question_len > 0);
if(read_all(fd, question, question_len) != question_len) {
- log(LOG_INFO,"dnsworker_main(): read hostname failed. Exiting.");
+ log_fn(LOG_ERR,"read hostname failed. Child exiting.");
spawn_exit();
}
question[question_len] = 0; /* null terminate it */
rent = gethostbyname(question);
if (!rent) {
- log(LOG_INFO,"dnsworker_main(): Could not resolve dest addr %s. Returning nulls.",question);
+ log_fn(LOG_INFO,"Could not resolve dest addr %s. Returning nulls.",question);
if(write_all(fd, "\0\0\0\0", 4) != 4) {
- log(LOG_INFO,"dnsworker_main(): writing nulls failed. Exiting.");
+ log_fn(LOG_ERR,"writing nulls failed. Child exiting.");
spawn_exit();
}
} else {
assert(rent->h_length == 4); /* break to remind us if we move away from ipv4 */
if(write_all(fd, rent->h_addr, 4) != 4) {
- log(LOG_INFO,"dnsworker_main(): writing answer failed. Exiting.");
+ log_fn(LOG_INFO,"writing answer failed. Child exiting.");
spawn_exit();
}
- log(LOG_INFO,"dnsworker_main(): Answered question '%s'.",question);
+ log_fn(LOG_INFO,"Answered question '%s'.",question);
}
}
return 0; /* windows wants this function to return an int */
conn->address = strdup("localhost");
if(connection_add(conn) < 0) { /* no space, forget it */
- log_fn(LOG_INFO,"connection_add failed. Giving up.");
+ log_fn(LOG_WARNING,"connection_add failed. Giving up.");
connection_free(conn); /* this closes fd[0] */
return -1;
}
while(num_dnsworkers < num_dnsworkers_needed) {
if(spawn_dnsworker() < 0) {
- log(LOG_ERR,"spawn_enough_dnsworkers(): spawn failed!");
+ log(LOG_WARNING,"spawn_enough_dnsworkers(): spawn failed!");
return;
}
num_dnsworkers++;
int connection_add(connection_t *conn) {
if(nfds >= options.MaxConn-1) {
- log(LOG_INFO,"connection_add(): failing because nfds is too high.");
+ log(LOG_WARNING,"connection_add(): failing because nfds is too high.");
return -1;
}
assert_connection_ok(conn, time(NULL));
if(connection_handle_write(conn) < 0) { /* this connection is broken. remove it. */
- log_fn(LOG_DEBUG,"%s connection broken, removing.", conn_type_to_string[conn->type]);
+ log_fn(LOG_INFO,"%s connection broken, removing.", conn_type_to_string[conn->type]);
connection_remove(conn);
connection_free(conn);
if(i<nfds) { /* we just replaced the one at i with a new one. process it too. */
conn = connection_array[i];
assert_connection_ok(conn, time(NULL));
if(conn->marked_for_close) {
- log_fn(LOG_DEBUG,"Cleaning up connection.");
+ log_fn(LOG_INFO,"Cleaning up connection (fd %d).",conn->s);
if(conn->s >= 0) { /* might be an incomplete edge connection */
/* FIXME there's got to be a better way to check for this -- and make other checks? */
if(connection_speaks_cells(conn)) {
if((!options.OnionRouter && !circuit_get_by_conn(conn)) ||
(!connection_state_is_open(conn))) {
/* we're an onion proxy, with no circuits; or our handshake has expired. kill it. */
- log_fn(LOG_DEBUG,"Expiring connection to %d (%s:%d).",
+ log_fn(LOG_INFO,"Expiring connection to %d (%s:%d).",
i,conn->address, conn->port);
conn->marked_for_close = 1;
} else {
/* fetch a new directory */
if(options.DirPort) {
if(router_get_list_from_file(options.RouterFile) < 0) {
- log(LOG_ERR,"Error reloading router list. Continuing with old list.");
+ log(LOG_WARNING,"Error reloading router list. Continuing with old list.");
}
} else {
directory_initiate_command(router_pick_directory_server(), DIR_CONN_STATE_CONNECTING_FETCH);
// case SIGABRT:
case SIGTERM:
case SIGINT:
- log(LOG_NOTICE,"Catching signal %d, exiting cleanly.", the_signal);
+ log(LOG_ERR,"Catching signal %d, exiting cleanly.", the_signal);
exit(0);
case SIGHUP:
please_reset = 1;
please_reap_children = 1;
break;
default:
- log(LOG_ERR,"Caught signal %d that we can't handle??", the_signal);
+ log(LOG_WARNING,"Caught signal %d that we can't handle??", the_signal);
}
#endif /* signal stuff */
}
if(crypto_pk_write_public_key_to_string(router->onion_pkey,
&onion_pkey,&onion_pkeylen)<0) {
- log_fn(LOG_ERR,"write onion_pkey to string failed!");
+ log_fn(LOG_WARNING,"write onion_pkey to string failed!");
return -1;
}
if(crypto_pk_write_public_key_to_string(router->identity_pkey,
&identity_pkey,&identity_pkeylen)<0) {
- log_fn(LOG_ERR,"write identity_pkey to string failed!");
+ log_fn(LOG_WARNING,"write identity_pkey to string failed!");
return -1;
}
if(crypto_pk_write_public_key_to_string(router->link_pkey,
&link_pkey,&link_pkeylen)<0) {
- log_fn(LOG_ERR,"write link_pkey to string failed!");
+ log_fn(LOG_WARNING,"write link_pkey to string failed!");
return -1;
}
free(link_pkey);
free(identity_pkey);
- if(result < 0 || result > maxlen) {
+ if(result < 0 || result >= maxlen) {
/* apparently different glibcs do different things on snprintf error.. so check both */
return -1;
}
return -1;
if (crypto_pk_private_sign(ident_key, digest, 20, signature) < 0) {
- log_fn(LOG_ERR, "Error signing digest");
+ log_fn(LOG_WARNING, "Error signing digest");
return -1;
}
strcat(s+written, "-----BEGIN SIGNATURE-----\n");
written += strlen(s+written);
if (base64_encode(s+written, maxlen-written, signature, 128) < 0) {
- log_fn(LOG_ERR, "Couldn't base64-encode signature");
+ log_fn(LOG_WARNING, "Couldn't base64-encode signature");
+ /* XXX Nick: do we really mean to fall through here? */
}
written += strlen(s+written);
strcat(s+written, "-----END SIGNATURE-----\n");
router = router_get_by_addr_port(conn->addr,conn->port);
if(!router) {
/* XXX this legitimately happens when conn is an OP. How to detect this? */
- log(LOG_ERR,"build_directory(): couldn't find router %d:%d!",
+ log(LOG_INFO,"build_directory(): couldn't find router %d:%d!",
conn->addr,conn->port);
continue;
}
{
directory_t dir;
if (build_directory(&dir)) {
- log(LOG_ERR,"dump_signed_directory_to_string(): build_directory failed.");
+ log(LOG_WARNING,"dump_signed_directory_to_string(): build_directory failed.");
return -1;
}
return dump_signed_directory_to_string_impl(s, maxlen, &dir, private_key);
written = dump_router_to_string(cp, eos-cp, router, private_key);
if(written < 0) {
- log(LOG_ERR,"dump_signed_directory_to_string(): tried to exceed string length.");
+ log(LOG_WARNING,"dump_signed_directory_to_string(): tried to exceed string length.");
cp[maxlen-1] = 0; /* make sure it's null terminated */
free(dir->routers);
return -1;
cp = s + i;
if (crypto_SHA_digest(s, i, digest)) {
- log(LOG_ERR,"dump_signed_directory_to_string(): couldn't compute digest");
+ log(LOG_WARNING,"dump_signed_directory_to_string(): couldn't compute digest");
return -1;
}
if (crypto_pk_private_sign(private_key, digest, 20, signature) < 0) {
- log(LOG_ERR,"dump_signed_directory_to_string(): couldn't sign digest");
+ log(LOG_WARNING,"dump_signed_directory_to_string(): couldn't sign digest");
return -1;
}
i = strlen(s);
cp = s+i;
if (base64_encode(cp, maxlen-i, signature, 128) < 0) {
- log_fn(LOG_ERR," couldn't base64-encode signature");
+ log_fn(LOG_WARNING," couldn't base64-encode signature");
return -1;
}
strncat(cp, "-----END SIGNATURE-----\n", maxlen-i);
i = strlen(s);
if (i == maxlen) {
- log(LOG_ERR,"dump_signed_directory_to_string(): tried to exceed string length.");
+ log(LOG_WARNING,"dump_signed_directory_to_string(): tried to exceed string length.");
return -1;
}
char localhostname[256];
if(gethostname(localhostname,sizeof(localhostname)) < 0) {
- log_fn(LOG_ERR,"Error obtaining local hostname");
+ log_fn(LOG_WARNING,"Error obtaining local hostname");
return -1;
}
ri = tor_malloc(sizeof(routerinfo_t));
routerinfo_free(desc_routerinfo);
desc_routerinfo = ri;
if (dump_router_to_string(descriptor, 8192, ri, get_identity_key())<0) {
- log_fn(LOG_ERR, "Couldn't dump router to string.");
+ log_fn(LOG_WARNING, "Couldn't dump router to string.");
return -1;
}
return 0;
assert(!ol_tail->next);
if(ol_length >= options.MaxOnionsPending) {
- log_fn(LOG_INFO,"Already have %d onions queued. Closing.", ol_length);
+ log_fn(LOG_WARNING,"Already have %d onions queued. Closing.", ol_length);
free(tmp);
return -1;
}
if (!(circ->n_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,keys,iv,0))) {
- log_fn(LOG_ERR,"Cipher initialization failed (n).");
+ log_fn(LOG_WARNING,"Cipher initialization failed (n).");
return -1;
}
if (!(circ->p_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,keys+16,iv,1))) {
- log_fn(LOG_ERR,"Cipher initialization failed (p).");
+ log_fn(LOG_WARNING,"Cipher initialization failed (p).");
return -1;
}
*routelen = chooselen(cw);
if (*routelen == -1) {
- log(LOG_ERR,"Choosing route length failed.");
+ log_fn(LOG_WARNING,"Choosing route length failed.");
return NULL;
}
- log(LOG_DEBUG,"new_route(): Chosen route length %d.",*routelen);
+ log_fn(LOG_DEBUG,"Chosen route length %d.",*routelen);
num_acceptable_routers = count_acceptable_routers(rarray, rarray_len);
if(num_acceptable_routers < 2) {
- log(LOG_INFO,"new_route(): Not enough acceptable routers. Failing.");
+ log_fn(LOG_INFO,"Not enough acceptable routers. Failing.");
return NULL;
}
if(num_acceptable_routers < *routelen) {
- log(LOG_NOTICE,"new_route(): Cutting routelen from %d to %d.",*routelen, num_acceptable_routers);
+ log_fn(LOG_INFO,"Not enough routers: cutting routelen from %d to %d.",*routelen, num_acceptable_routers);
*routelen = num_acceptable_routers;
}
if(*routelen < 1) {
- log(LOG_ERR,"new_route(): Didn't find any acceptable routers. Failing.");
+ log_fn(LOG_WARNING,"Didn't find any acceptable routers. Failing.");
return NULL;
}
}
choice = choice % rarray_len;
- log(LOG_DEBUG,"new_route(): Contemplating router %u.",choice);
+ log_fn(LOG_DEBUG,"Contemplating router %u.",choice);
if(choice == oldchoice ||
(oldchoice < rarray_len && !crypto_pk_cmp_keys(rarray[choice]->onion_pkey, rarray[oldchoice]->onion_pkey)) ||
(options.OnionRouter && !connection_twin_get_by_addr_port(rarray[choice]->addr, rarray[choice]->or_port))) {
/* Same router as last choice, or router twin,
* or no routers with that key are connected to us.
* Try again. */
- log(LOG_DEBUG,"new_route(): Picked a router %d that won't work as next hop.",choice);
+ log_fn(LOG_DEBUG,"Picked a router %d that won't work as next hop.",choice);
i--;
continue;
}
- log(LOG_DEBUG,"new_route(): Chosen router %u for hop %u.",choice,i);
+ log_fn(LOG_DEBUG,"Chosen router %u for hop %u.",choice,i);
oldchoice = choice;
route[i] = choice;
}
connection_t *conn;
for(i=0;i<rarray_len;i++) {
- log(LOG_DEBUG,"Contemplating whether router %d is a new option...",i);
+ log_fn(LOG_DEBUG,"Contemplating whether router %d is a new option...",i);
if(options.OnionRouter) {
conn = connection_exact_get_by_addr_port(rarray[i]->addr, rarray[i]->or_port);
if(!conn || conn->type != CONN_TYPE_OR || conn->state != OR_CONN_STATE_OPEN) {
- log(LOG_DEBUG,"Nope, %d is not connected.",i);
+ log_fn(LOG_DEBUG,"Nope, %d is not connected.",i);
goto next_i_loop;
}
}
for(j=0;j<i;j++) {
if(!crypto_pk_cmp_keys(rarray[i]->onion_pkey, rarray[j]->onion_pkey)) {
/* these guys are twins. so we've already counted him. */
- log(LOG_DEBUG,"Nope, %d is a twin of %d.",i,j);
+ log_fn(LOG_DEBUG,"Nope, %d is a twin of %d.",i,j);
goto next_i_loop;
}
}
num++;
- log(LOG_DEBUG,"I like %d. num_acceptable_routers now %d.",i, num);
+ log_fn(LOG_DEBUG,"I like %d. num_acceptable_routers now %d.",i, num);
next_i_loop:
; /* our compiler may need an explicit statement after the label */
}
/* choose a route */
route = new_route(options.CoinWeight, rarray, rarray_len, &routelen);
if (!route) {
- log(LOG_ERR,"onion_generate_cpath(): Error choosing a route through the OR network.");
+ log_fn(LOG_INFO,"Error choosing a route through the OR network.");
return NULL;
}
- log(LOG_DEBUG,"onion_generate_cpath(): Chosen a route of length %u: ",routelen);
+ log_fn(LOG_DEBUG,"Chosen a route of length %u: ",routelen);
*firsthop = rarray[route[routelen-1]];
assert(*firsthop); /* should always be defined */
for(i=0; i<routelen; i++) {
netaddr.s_addr = htonl((rarray[route[i]])->addr);
- log(LOG_DEBUG,"onion_generate_cpath(): %u : %s:%u, %u/%u",routelen-i,
+ log_fn(LOG_DEBUG,"%u : %s:%u, %u/%u",routelen-i,
inet_ntoa(netaddr),
(rarray[route[i]])->or_port,
(int) (rarray[route[i]])->onion_pkey,
hop->package_window = CIRCWINDOW_START;
hop->deliver_window = CIRCWINDOW_START;
- log(LOG_DEBUG,"onion_generate_cpath() : Building hop %u of crypt path.",i+1);
+ log_fn(LOG_DEBUG,"Building hop %u of crypt path.",i+1);
}
/* now link cpath->prev to the end of cpath */
#include "orconfig.h"
-#define SEQUENTIAL_ACI
-
#include <stdio.h>
#include <stdlib.h>
#include <limits.h>
/* Used only by OR connections: */
tor_tls *tls;
-#ifdef SEQUENTIAL_ACI
uint16_t next_aci; /* Which ACI do we try to use next on this connection?
* This is always in the range 0..1<<15-1.*/
-#endif
/* Used only by edge connections: */
char stream_id[STREAM_ID_SIZE];
if(!already_learned) {
/* obtain local host information */
if(gethostname(localhostname,sizeof(localhostname)) < 0) {
- log_fn(LOG_ERR,"Error obtaining local hostname");
+ log_fn(LOG_WARNING,"Error obtaining local hostname");
return -1;
}
log_fn(LOG_DEBUG,"localhostname is '%s'.",localhostname);
localhost = gethostbyname(localhostname);
if (!localhost) {
- log_fn(LOG_ERR,"Error obtaining local host info.");
+ log_fn(LOG_WARNING,"Error obtaining local host info.");
+ /* XXX maybe this is worse than warning? bad things happen when we don't know ourselves */
return -1;
}
memset(&answer,0,sizeof(struct sockaddr_in));
if(learn_my_address(&me) < 0)
return -1;
+ /* XXX people call this function like a boolean. that's bad news: -1 is true. */
if(ntohl(me.sin_addr.s_addr) == addr && ntohs(me.sin_port) == port)
return 1;
assert(routerfile);
if (strcspn(routerfile,CONFIG_LEGAL_FILENAME_CHARACTERS) != 0) {
- log_fn(LOG_ERR,"Filename %s contains illegal characters.",routerfile);
+ log_fn(LOG_WARNING,"Filename %s contains illegal characters.",routerfile);
return -1;
}
if(stat(routerfile, &statbuf) < 0) {
- log_fn(LOG_ERR,"Could not stat %s.",routerfile);
+ log_fn(LOG_WARNING,"Could not stat %s.",routerfile);
return -1;
}
/* open the router list */
fd = open(routerfile,O_RDONLY,0);
if (fd<0) {
- log_fn(LOG_ERR,"Could not open %s.",routerfile);
+ log_fn(LOG_WARNING,"Could not open %s.",routerfile);
return -1;
}
string = tor_malloc(statbuf.st_size+1);
if(read(fd,string,statbuf.st_size) != statbuf.st_size) {
- log_fn(LOG_ERR,"Couldn't read all %ld bytes of file '%s'.",
+ log_fn(LOG_WARNING,"Couldn't read all %ld bytes of file '%s'.",
(long)statbuf.st_size,routerfile);
free(string);
close(fd);
string[statbuf.st_size] = 0; /* null terminate it */
if(router_get_list_from_string(string) < 0) {
- log_fn(LOG_ERR,"The routerfile itself was corrupt.");
+ log_fn(LOG_WARNING,"The routerfile itself was corrupt.");
free(string);
return -1;
}
int router_get_list_from_string(char *s)
{
if (router_get_list_from_string_impl(&s, &directory)) {
- log(LOG_ERR, "Error parsing router file");
+ log(LOG_WARNING, "Error parsing router file");
return -1;
}
if (router_resolve_directory(directory)) {
- log(LOG_ERR, "Error resolving directory");
+ log(LOG_WARNING, "Error resolving directory");
return -1;
}
return 0;
char *start, *end;
start = strstr(s, start_str);
if (!start) {
- log_fn(LOG_ERR,"couldn't find \"%s\"",start_str);
+ log_fn(LOG_WARNING,"couldn't find \"%s\"",start_str);
return -1;
}
end = strstr(start+strlen(start_str), end_str);
if (!end) {
- log_fn(LOG_ERR,"couldn't find \"%s\"",end_str);
+ log_fn(LOG_WARNING,"couldn't find \"%s\"",end_str);
return -1;
}
end = strchr(end, '\n');
if (!end) {
- log_fn(LOG_ERR,"couldn't find EOL");
+ log_fn(LOG_WARNING,"couldn't find EOL");
return -1;
}
++end;
if (crypto_SHA_digest(start, end-start, digest)) {
- log_fn(LOG_ERR,"couldn't compute digest");
+ log_fn(LOG_WARNING,"couldn't compute digest");
return -1;
}
int router_get_dir_from_string(char *s, crypto_pk_env_t *pkey)
{
if (router_get_dir_from_string_impl(s, &directory, pkey)) {
- log(LOG_ERR, "router_get_dir_from_string: Couldn't parse directory.");
+ log_fn(LOG_WARNING, "Couldn't parse directory.");
return -1;
}
if (router_resolve_directory(directory)) {
- log(LOG_ERR, "Error resolving directory");
+ log_fn(LOG_WARNING, "Error resolving directory");
return -1;
}
if (compare_recommended_versions(VERSION, directory->software_versions) < 0) {
- log(LOG_ERR, "You are running tor version %s, which is no longer supported.\nPlease upgrade to one of %s.", VERSION, RECOMMENDED_SOFTWARE_VERSIONS);
+ log(LOG_WARNING, "You are running tor version %s, which is no longer supported.\nPlease upgrade to one of %s.", VERSION, RECOMMENDED_SOFTWARE_VERSIONS);
if(options.IgnoreVersion) {
log(LOG_WARNING, "IgnoreVersion is set. If it breaks, we told you so.");
} else {
- log(LOG_ERR,"Set IgnoreVersion config variable if you want to survive this error.");
+ log(LOG_ERR,"Set IgnoreVersion config variable if you want to proceed.");
fflush(0);
exit(0);
}
#define NEXT_TOK() \
do { \
if (router_get_next_token(&s, &tok)) { \
- log(LOG_ERR, "Error reading directory: %s", tok.val.error); \
+ log_fn(LOG_WARNING, "Error reading directory: %s", tok.val.error);\
return -1; \
} } while (0)
#define TOK_IS(type,name) \
do { \
if (tok.tp != type) { \
router_release_token(&tok); \
- log(LOG_ERR, "Error reading directory: expected %s", name); \
+ log_fn(LOG_WARNING, "Error reading directory: expected %s", name);\
return -1; \
} } while(0)
if (router_get_dir_hash(s, digest)) {
- log(LOG_ERR, "Unable to compute digest of directory");
+ log_fn(LOG_WARNING, "Unable to compute digest of directory");
goto err;
}
NEXT_TOK();
NEXT_TOK();
TOK_IS(K_RECOMMENDED_SOFTWARE, "recommended-software");
if (tok.val.cmd.n_args != 1) {
- log(LOG_ERR, "Invalid recommded-software line");
+ log_fn(LOG_WARNING, "Invalid recommded-software line");
goto err;
}
versions = strdup(tok.val.cmd.args[0]);
if (router_get_list_from_string_impl(&s, &new_dir)) {
- log(LOG_ERR, "Error reading routers from directory");
+ log_fn(LOG_WARNING, "Error reading routers from directory");
goto err;
}
new_dir->software_versions = versions;
if (pkey) {
if (crypto_pk_public_checksig(pkey, tok.val.signature, 128, signed_digest)
!= 20) {
- log(LOG_ERR, "Error reading directory: invalid signature.");
+ log_fn(LOG_WARNING, "Error reading directory: invalid signature.");
free(tok.val.signature);
goto err;
}
if (memcmp(digest, signed_digest, 20)) {
- log(LOG_ERR, "Error reading directory: signature does not match.");
+ log_fn(LOG_WARNING, "Error reading directory: signature does not match.");
free(tok.val.signature);
goto err;
}
break;
router = router_get_entry_from_string(s);
if (!router) {
- log(LOG_ERR, "Error reading router");
+ log_fn(LOG_WARNING, "Error reading router");
return -1;
}
if (rarray_len >= MAX_ROUTERS_IN_DIR) {
- log(LOG_ERR, "router_get_list_from_string_tok(): too many routers");
+ log_fn(LOG_WARNING, "too many routers");
routerinfo_free(router);
continue;
}
rent = (struct hostent *)gethostbyname(router->address);
if (!rent) {
- log(LOG_ERR,"router_resolve(): Could not get address for router %s.",router->address);
+ log_fn(LOG_WARNING,"Could not get address for router %s.",router->address);
return -1;
}
assert(rent->h_length == 4);
for (i = 0; i < max; ++i) {
remove = 0;
if (router_resolve(dir->routers[i])) {
- log(LOG_INFO, "Couldn't resolve router %s; removing",
- dir->routers[i]->address);
+ log_fn(LOG_WARNING, "Couldn't resolve router %s; removing",
+ dir->routers[i]->address);
remove = 1;
routerinfo_free(dir->routers[i]);
} else if (router_is_me(dir->routers[i]->addr, dir->routers[i]->or_port)) {
#define NEXT_TOKEN() \
do { if (router_get_next_token(s, tok)) { \
- log(LOG_ERR, "Error reading directory: %s", tok->val.error); \
+ log_fn(LOG_WARNING, "Error reading directory: %s", tok->val.error);\
goto err; \
} } while(0)
if (tok->tp != K_ROUTER) {
router_release_token(tok);
- log(LOG_ERR,"router_get_entry_from_string(): Entry does not start with \"router\"");
+ log_fn(LOG_WARNING,"Entry does not start with \"router\"");
return NULL;
}
router->onion_pkey = router->identity_pkey = router->link_pkey = NULL;
if (tok->val.cmd.n_args != 5) {
- log(LOG_ERR,"router_get_entry_from_string(): Wrong # of arguments to \"router\"");
+ log_fn(LOG_WARNING,"Wrong # of arguments to \"router\"");
goto err;
}
/* Read router->or_port */
router->or_port = atoi(ARGS[1]);
if(!router->or_port) {
- log(LOG_ERR,"router_get_entry_from_string(): or_port unreadable or 0. Failing.");
+ log_fn(LOG_WARNING,"or_port unreadable or 0. Failing.");
goto err;
}
/* Router->bandwidth */
router->bandwidth = atoi(ARGS[4]);
if (!router->bandwidth) {
- log(LOG_ERR,"router_get_entry_from_string(): bandwidth unreadable or 0. Failing.");
+ log_fn(LOG_WARNING,"bandwidth unreadable or 0. Failing.");
}
- log(LOG_DEBUG,"or_port %d, ap_port %d, dir_port %d, bandwidth %d.",
+ log_fn(LOG_DEBUG,"or_port %d, ap_port %d, dir_port %d, bandwidth %d.",
router->or_port, router->ap_port, router->dir_port, router->bandwidth);
NEXT_TOKEN();
if (tok->tp != K_ONION_KEY) {
- log_fn(LOG_ERR, "Missing onion-key"); goto err;
+ log_fn(LOG_WARNING, "Missing onion-key"); goto err;
}
NEXT_TOKEN();
if (tok->tp != _PUBLIC_KEY) {
- log_fn(LOG_ERR, "Missing onion key"); goto err;
+ log_fn(LOG_WARNING, "Missing onion key"); goto err;
} /* XXX Check key length */
router->onion_pkey = tok->val.public_key;
NEXT_TOKEN();
if (tok->tp != K_LINK_KEY) {
- log_fn(LOG_ERR, "Missing link-key"); goto err;
+ log_fn(LOG_WARNING, "Missing link-key"); goto err;
}
NEXT_TOKEN();
if (tok->tp != _PUBLIC_KEY) {
- log_fn(LOG_ERR, "Missing link key"); goto err;
+ log_fn(LOG_WARNING, "Missing link key"); goto err;
} /* XXX Check key length */
router->link_pkey = tok->val.public_key;
NEXT_TOKEN();
if (tok->tp != K_SIGNING_KEY) {
- log_fn(LOG_ERR, "Missing signing-key"); goto err;
+ log_fn(LOG_WARNING, "Missing signing-key"); goto err;
}
NEXT_TOKEN();
if (tok->tp != _PUBLIC_KEY) {
- log_fn(LOG_ERR, "Missing signing key"); goto err;
+ log_fn(LOG_WARNING, "Missing signing key"); goto err;
}
router->identity_pkey = tok->val.public_key;
}
if (tok->tp != K_ROUTER_SIGNATURE) {
- log_fn(LOG_ERR,"Missing router signature");
+ log_fn(LOG_WARNING,"Missing router signature");
goto err;
}
NEXT_TOKEN();
if (tok->tp != _SIGNATURE) {
- log_fn(LOG_ERR,"Missing router signature");
+ log_fn(LOG_WARNING,"Missing router signature");
goto err;
}
assert (router->identity_pkey);
* XXX relay signed router blocks. */
if (crypto_pk_public_checksig(router->identity_pkey, tok->val.signature,
128, signed_digest) != 20) {
- log_fn(LOG_ERR, "Invalid signature");
+ log_fn(LOG_WARNING, "Invalid signature");
goto err;
}
if (memcmp(digest, signed_digest, 20)) {
- log_fn(LOG_ERR, "Mismatched signature");
+ log_fn(LOG_WARNING, "Mismatched signature");
goto err;
}
#endif
}
}
-#if 0
-void test_write_pkey(crypto_pk_env_t *pkey) {
- char *string;
- int len;
-
- log(LOG_DEBUG,"Trying test write.");
- if(crypto_pk_write_public_key_to_string(pkey,&string,&len)<0) {
- log(LOG_DEBUG,"router_get_entry_from_string(): write pkey to string failed\n");
- return;
- }
- log(LOG_DEBUG,"I did it: len %d, string '%s'.",len,string);
- free(string);
-}
-#endif
-
static int router_add_exit_policy(routerinfo_t *router,
directory_token_t *tok) {
struct exit_policy_t *tmpe, *newe;
newe->address = strdup(arg);
newe->port = strdup(colon+1);
- log(LOG_DEBUG,"router_add_exit_policy(): %s %s:%s",
+ log_fn(LOG_DEBUG,"%s %s:%s",
newe->policy_type == EXIT_POLICY_REJECT ? "reject" : "accept",
newe->address, newe->port);
policy_read_failed:
assert(newe->string);
- log(LOG_INFO,"router_add_exit_policy(): Couldn't parse line '%s'. Dropping", newe->string);
+ log_fn(LOG_WARNING,"Couldn't parse line '%s'. Dropping", newe->string);
if(newe->string)
free(newe->string);
if(newe->address)
struct exit_policy_t *tmpe;
if(!my_routerinfo) {
- log(LOG_WARNING, "router_compare_to_exit_policy(): my_routerinfo undefined! Rejected.");
+ log_fn(LOG_WARNING, "my_routerinfo undefined! Rejected.");
return -1;
}
/* Totally ignore the address field of the exit policy, for now. */
if(!strcmp(tmpe->port,"*") || atoi(tmpe->port) == conn->port) {
- log(LOG_INFO,"router_compare_to_exit_policy(): Port '%s' matches '%d'. %s.",
+ log_fn(LOG_INFO,"Port '%s' matches '%d'. %s.",
tmpe->port, conn->port,
tmpe->policy_type == EXIT_POLICY_ACCEPT ? "Accepting" : "Rejecting");
if(tmpe->policy_type == EXIT_POLICY_ACCEPT)
projects / thirdparty / tor.git / commitdiff
