From: pcarana Date: Mon, 14 Oct 2019 21:19:42 +0000 (-0500) Subject: Use log priorities from syslog, allow debug without recompiling X-Git-Tag: v1.2.0~70 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=fe9d97c3aca8dcb90fb731b22050da598bed390d;p=thirdparty%2FFORT-validator.git Use log priorities from syslog, allow debug without recompiling --- diff --git a/src/config.c b/src/config.c index 5ef71f81..67b42c83 100644 --- a/src/config.c +++ b/src/config.c @@ -6,6 +6,7 @@ #include #include #include +#include #include "common.h" #include "configure_ac.h" @@ -82,7 +83,7 @@ struct rpki_config { /** Format in which file names will be printed. */ enum filename_format filename_format; /* Log level */ - enum log_level level; + uint8_t level; /* Log output */ enum log_output output; } log; @@ -572,7 +573,7 @@ set_default_values(void) rpki_config.log.color = false; rpki_config.log.filename_format = FNF_GLOBAL; - rpki_config.log.level = LOG_LEVEL_WARNING; + rpki_config.log.level = LOG_WARNING; rpki_config.log.output = CONSOLE; rpki_config.output.roa = NULL; @@ -712,6 +713,7 @@ handle_flags_config(int argc, char **argv) error = validate_config(); + log_start(); end: if (error) free_rpki_config(); @@ -827,7 +829,7 @@ config_get_filename_format(void) return rpki_config.log.filename_format; } -enum log_level +uint8_t config_get_log_level(void) { return rpki_config.log.level; diff --git a/src/config.h b/src/config.h index a7e3ab64..036a8ceb 100644 --- a/src/config.h +++ b/src/config.h @@ -33,7 +33,7 @@ unsigned int config_get_max_cert_depth(void); enum mode config_get_mode(void); bool config_get_color_output(void); enum filename_format config_get_filename_format(void); -enum log_level config_get_log_level(void); +uint8_t config_get_log_level(void); enum log_output config_get_log_output(void); char *config_get_rsync_program(void); struct string_array const *config_get_rsync_args(bool); diff --git a/src/config/log_conf.c b/src/config/log_conf.c index ac9d11f5..5217b914 100644 --- a/src/config/log_conf.c +++ b/src/config/log_conf.c @@ -3,6 +3,7 @@ #include #include #include +#include #include "log.h" #include "config/str.h" @@ -15,24 +16,25 @@ #define LOG_OUTPUT_VALUE_SYSLOG "syslog" #define LOG_OUTPUT_VALUE_CONSOLE "console" -#define DEREFERENCE(type, void_value) (*((enum log_##type *) void_value)) +#define DEREFERENCE_UINT(void_value) (*((uint8_t *) void_value)) +#define DEREFERENCE_ENUM(void_value) (*((enum log_output *) void_value)) static void print_log_level(struct option_field const *field, void *value) { char const *str = ""; - switch (DEREFERENCE(level, value)) { - case LOG_LEVEL_ERROR: + switch (DEREFERENCE_UINT(value)) { + case LOG_ERR: str = LOG_LEVEL_VALUE_ERROR; break; - case LOG_LEVEL_WARNING: + case LOG_WARNING: str = LOG_LEVEL_VALUE_WARNING; break; - case LOG_LEVEL_INFO: + case LOG_INFO: str = LOG_LEVEL_VALUE_INFO; break; - case LOG_LEVEL_DEBUG: + case LOG_DEBUG: str = LOG_LEVEL_VALUE_DEBUG; break; } @@ -45,7 +47,7 @@ print_log_output(struct option_field const *field, void *value) { char const *str = ""; - switch (DEREFERENCE(output, value)) { + switch (DEREFERENCE_ENUM(value)) { case SYSLOG: str = LOG_OUTPUT_VALUE_SYSLOG; break; @@ -62,13 +64,13 @@ parse_argv_log_level(struct option_field const *field, char const *str, void *result) { if (strcmp(str, LOG_LEVEL_VALUE_ERROR) == 0) - DEREFERENCE(level, result) = LOG_LEVEL_ERROR; + DEREFERENCE_UINT(result) = LOG_ERR; else if (strcmp(str, LOG_LEVEL_VALUE_WARNING) == 0) - DEREFERENCE(level, result) = LOG_LEVEL_WARNING; + DEREFERENCE_UINT(result) = LOG_WARNING; else if (strcmp(str, LOG_LEVEL_VALUE_INFO) == 0) - DEREFERENCE(level, result) = LOG_LEVEL_INFO; + DEREFERENCE_UINT(result) = LOG_INFO; else if (strcmp(str, LOG_LEVEL_VALUE_DEBUG) == 0) - DEREFERENCE(level, result) = LOG_LEVEL_DEBUG; + DEREFERENCE_UINT(result) = LOG_DEBUG; else return pr_err("Unknown log level: '%s'", str); @@ -80,9 +82,9 @@ parse_argv_log_output(struct option_field const *field, char const *str, void *result) { if (strcmp(str, LOG_OUTPUT_VALUE_SYSLOG) == 0) - DEREFERENCE(output, result) = SYSLOG; + DEREFERENCE_ENUM(result) = SYSLOG; else if (strcmp(str, LOG_OUTPUT_VALUE_CONSOLE) == 0) - DEREFERENCE(output, result) = CONSOLE; + DEREFERENCE_ENUM(result) = CONSOLE; else return pr_err("Unknown log output: '%s'", str); @@ -113,7 +115,7 @@ parse_json_log_output(struct option_field const *opt, json_t *json, const struct global_type gt_log_level = { .has_arg = required_argument, - .size = sizeof(enum log_level), + .size = sizeof(uint8_t), .print = print_log_level, .parse.argv = parse_argv_log_level, .parse.json = parse_json_log_level, diff --git a/src/config/log_conf.h b/src/config/log_conf.h index e2222dbf..98d40557 100644 --- a/src/config/log_conf.h +++ b/src/config/log_conf.h @@ -3,13 +3,6 @@ #include "config/types.h" -enum log_level { - LOG_LEVEL_ERROR, - LOG_LEVEL_WARNING, - LOG_LEVEL_INFO, - LOG_LEVEL_DEBUG -}; - enum log_output { SYSLOG, CONSOLE diff --git a/src/log.c b/src/log.c index 89dbf341..ad87d2de 100644 --- a/src/log.c +++ b/src/log.c @@ -42,13 +42,13 @@ log_setup(void) syslog_enabled = true; } -void +static void log_disable_std(void) { fprintf_enabled = false; } -void +static void log_disable_syslog(void) { if (syslog_enabled) { @@ -57,6 +57,23 @@ log_disable_syslog(void) } } +void +log_start(void) +{ + switch (config_get_log_output()) { + case SYSLOG: + pr_info("Syslog log output configured; disabling logging on standard streams."); + pr_info("(Logs will be sent to syslog only.)"); + log_disable_std(); + break; + case CONSOLE: + pr_info("Console log output configured; disabling logging on syslog."); + pr_info("(Logs will be sent to the standard streams only.)"); + log_disable_syslog(); + break; + } +} + void log_teardown(void) { @@ -152,6 +169,9 @@ pr_stream(int level, const char *format, va_list args) do { \ va_list args; \ \ + if (level > config_get_log_level()) \ + break; \ + \ if (syslog_enabled) { \ va_start(args, format); \ pr_syslog(level, format, args); \ @@ -165,7 +185,11 @@ pr_stream(int level, const char *format, va_list args) } \ } while (0) -#ifdef DEBUG +bool +log_debug_enabled(void) +{ + return config_get_log_level() == LOG_DEBUG; +} void pr_debug(const char *format, ...) @@ -173,8 +197,6 @@ pr_debug(const char *format, ...) PR_SIMPLE(LOG_DEBUG); } -#endif - void pr_info(const char *format, ...) { diff --git a/src/log.h b/src/log.h index 06e0a2e8..e490e087 100644 --- a/src/log.h +++ b/src/log.h @@ -2,6 +2,7 @@ #define SRC_LOG_H_ #include +#include #include "incidence/incidence.h" /* @@ -39,8 +40,7 @@ /* Only call this group of functions when you know there's only one thread. */ void log_setup(void); -void log_disable_std(void); -void log_disable_syslog(void); +void log_start(void); void log_teardown(void); @@ -49,12 +49,11 @@ void log_teardown(void); * error stack) cannot exceed 512 bytes at present. */ -#ifdef DEBUG -void pr_debug(const char *, ...) CHECK_FORMAT(1, 2); -#else -#define pr_debug(...) do {} while (0) -#endif +/* Check if debug is enabled, useful to avoid boilerplate code */ +bool log_debug_enabled(void); +/* Debug messages, useful for devs or to track a specific problem */ +void pr_debug(const char *, ...) CHECK_FORMAT(1, 2); /* Non-errors deemed useful to the user. */ void pr_info(const char *, ...) CHECK_FORMAT(1, 2); /* Issues that did not trigger RPKI object rejection. */ diff --git a/src/main.c b/src/main.c index 6b05427f..e5662920 100644 --- a/src/main.c +++ b/src/main.c @@ -41,19 +41,6 @@ __main(int argc, char **argv) if (error) return error; - switch (config_get_mode()) { - case SERVER: - pr_info("Server mode configured; disabling logging on standard streams."); - pr_info("(Logs will be sent to syslog only.)"); - log_disable_std(); - break; - case STANDALONE: - pr_info("Standalone mode configured; disabling logging on syslog."); - pr_info("(Logs will be sent to the standard streams only.)"); - log_disable_syslog(); - break; - } - error = nid_init(); if (error) goto revert_config; diff --git a/src/object/certificate.c b/src/object/certificate.c index f52d1f4a..02eb92b5 100644 --- a/src/object/certificate.c +++ b/src/object/certificate.c @@ -48,7 +48,6 @@ struct bgpsec_ski { static void debug_serial_number(BIGNUM *number) { -#ifdef DEBUG char *number_str; number_str = BN_bn2dec(number); @@ -59,7 +58,6 @@ debug_serial_number(BIGNUM *number) pr_debug("serial Number: %s", number_str); free(number_str); -#endif } static int @@ -77,7 +75,8 @@ validate_serial_number(X509 *cert) if (number == NULL) return crypto_err("Could not parse certificate serial number"); - debug_serial_number(number); + if (log_debug_enabled()) + debug_serial_number(number); error = x509stack_store_serial(validation_certstack(state), number); if (error) @@ -1617,14 +1616,14 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri) if (total_parents >= config_get_max_cert_depth()) return pr_err("Certificate chain maximum depth exceeded."); -#ifdef DEBUG + /* Debug cert type */ if (IS_TA) pr_debug("TA Certificate '%s' {", uri_get_printable(cert_uri)); else pr_debug("Certificate '%s' {", uri_get_printable(cert_uri)); -#endif + fnstack_push_uri(cert_uri); memset(&refs, 0, sizeof(refs)); @@ -1641,7 +1640,8 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri) goto revert_cert; type = get_certificate_type(cert, IS_TA); -#ifdef DEBUG + + /* Debug cert type */ switch(type) { case TA: break; @@ -1655,7 +1655,7 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri) pr_debug("Type: unexpected, validated as CA"); break; } -#endif + error = certificate_validate_rfc6487(cert, type); if (error) goto revert_cert; diff --git a/src/object/crl.c b/src/object/crl.c index d2a94832..53144960 100644 --- a/src/object/crl.c +++ b/src/object/crl.c @@ -41,7 +41,6 @@ end: static void debug_revoked(ASN1_INTEGER const *serial_int) { -#ifdef DEBUG BIGNUM *serial_bn; char *serial_str; @@ -61,7 +60,6 @@ debug_revoked(ASN1_INTEGER const *serial_int) free(serial_str); end: BN_free(serial_bn); -#endif } static int @@ -85,7 +83,8 @@ validate_revoked(X509_CRL *crl) i + 1); } - debug_revoked(serial_int); + if (log_debug_enabled()) + debug_revoked(serial_int); if (X509_REVOKED_get0_revocationDate(revoked) == NULL) { return pr_err("CRL's revoked entry #%d lacks a revocation date.", diff --git a/src/object/name.c b/src/object/name.c index a5dc7f02..dc981b78 100644 --- a/src/object/name.c +++ b/src/object/name.c @@ -198,11 +198,12 @@ end: x509_name_put(parent_subject); return error; } -#ifdef DEBUG - void x509_name_pr_debug(const char *prefix, X509_NAME *name) { + if (!log_debug_enabled()) + return; + struct rfc5280_name *printable; if (name == NULL) { @@ -216,5 +217,3 @@ x509_name_pr_debug(const char *prefix, X509_NAME *name) pr_debug("%s: %s", prefix, printable->commonName); x509_name_put(printable); } - -#endif diff --git a/src/object/name.h b/src/object/name.h index a1a070d5..eaa4ec44 100644 --- a/src/object/name.h +++ b/src/object/name.h @@ -22,10 +22,6 @@ bool x509_name_equals(struct rfc5280_name *, struct rfc5280_name *); /* X509_NAME utils */ int validate_issuer_name(char const *, X509_NAME *); -#ifdef DEBUG void x509_name_pr_debug(char const *, X509_NAME *); -#else -#define x509_name_pr_debug(a, b) /* Nothing */ -#endif #endif /* SRC_OBJECT_NAME_H_ */ diff --git a/src/rtr/pdu.c b/src/rtr/pdu.c index d69db34f..ada4723f 100644 --- a/src/rtr/pdu.c +++ b/src/rtr/pdu.c @@ -125,14 +125,13 @@ pdu_load(int fd, struct sockaddr_storage *client_addr, /* No error response because the PDU might have been an error */ return error; -#ifdef DEBUG - { + + if (log_debug_enabled()) { char buffer[INET6_ADDRSTRLEN]; pr_debug("Received a %s PDU from %s.", pdutype2str(header.pdu_type), sockaddr2str(client_addr, buffer)); } -#endif error = validate_rtr_version(fd, &header, hdr_bytes); if (error) diff --git a/src/rtr/pdu_sender.c b/src/rtr/pdu_sender.c index 9fca99da..a0cfe9be 100644 --- a/src/rtr/pdu_sender.c +++ b/src/rtr/pdu_sender.c @@ -101,7 +101,6 @@ send_cache_response_pdu(int fd, uint8_t version) static void pr_debug_prefix4(struct ipv4_prefix_pdu *pdu) { -#ifdef DEBUG char buffer[INET_ADDRSTRLEN]; char const *addr_str; @@ -110,7 +109,6 @@ pr_debug_prefix4(struct ipv4_prefix_pdu *pdu) pr_debug("Encoded prefix %s/%u into a PDU.", addr_str, pdu->prefix_length); -#endif } static int @@ -134,7 +132,8 @@ send_ipv4_prefix_pdu(int fd, uint8_t version, struct vrp const *vrp, len = serialize_ipv4_prefix_pdu(&pdu, data); if (len != RTRPDU_IPV4_PREFIX_LEN) pr_crit("Serialized IPv4 Prefix is %zu bytes.", len); - pr_debug_prefix4(&pdu); + if (log_debug_enabled()) + pr_debug_prefix4(&pdu); return send_response(fd, pdu.header.pdu_type, data, len); } @@ -142,7 +141,6 @@ send_ipv4_prefix_pdu(int fd, uint8_t version, struct vrp const *vrp, static void pr_debug_prefix6(struct ipv6_prefix_pdu *pdu) { -#ifdef DEBUG char buffer[INET6_ADDRSTRLEN]; char const *addr_str; @@ -151,7 +149,6 @@ pr_debug_prefix6(struct ipv6_prefix_pdu *pdu) pr_debug("Encoded prefix %s/%u into a PDU.", addr_str, pdu->prefix_length); -#endif } static int @@ -175,7 +172,8 @@ send_ipv6_prefix_pdu(int fd, uint8_t version, struct vrp const *vrp, len = serialize_ipv6_prefix_pdu(&pdu, data); if (len != RTRPDU_IPV6_PREFIX_LEN) pr_crit("Serialized IPv6 Prefix is %zu bytes.", len); - pr_debug_prefix6(&pdu); + if (log_debug_enabled()) + pr_debug_prefix6(&pdu); return send_response(fd, pdu.header.pdu_type, data, len); } diff --git a/src/rtr/rtr.c b/src/rtr/rtr.c index 7b285bb5..f505009f 100644 --- a/src/rtr/rtr.c +++ b/src/rtr/rtr.c @@ -288,13 +288,11 @@ handle_client_connections(int server_fd) return -EINVAL; } -#ifdef DEBUG - { + if (log_debug_enabled()) { char buffer[INET6_ADDRSTRLEN]; pr_debug("Client accepted: %s", sockaddr2str(&client_addr, buffer)); } -#endif /* * Note: My gut says that errors from now on (even the unknown