diff options
author | venaas <venaas> | 2008-09-17 12:02:22 +0000 |
---|---|---|
committer | venaas <venaas@e88ac4ed-0b26-0410-9574-a7f39faa03bf> | 2008-09-17 12:02:22 +0000 |
commit | 403fafa13e85fa0e647b81313341cdb7d7aed68e (patch) | |
tree | ace8e26f2d6a4a81065a22c96176a71295d97ee1 | |
parent | 1e46e5030af79fae82a15a4d25f5e09d5a092719 (diff) |
better logging, fixed bug with crash when removing client
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@387 e88ac4ed-0b26-0410-9574-a7f39faa03bf
-rw-r--r-- | dtls.c | 25 | ||||
-rw-r--r-- | radsecproxy.c | 12 | ||||
-rw-r--r-- | radsecproxy.h | 10 | ||||
-rw-r--r-- | tcp.c | 22 | ||||
-rw-r--r-- | tls.c | 19 | ||||
-rw-r--r-- | udp.c | 4 | ||||
-rw-r--r-- | util.c | 41 | ||||
-rw-r--r-- | util.h | 10 |
8 files changed, 56 insertions, 87 deletions
@@ -215,7 +215,7 @@ void *dtlsserverwr(void *arg) { struct queue *replyq; struct request *reply; - debug(DBG_DBG, "dtlsserverwr: starting for %s", client->conf->host); + debug(DBG_DBG, "dtlsserverwr: starting for %s", addr2string(client->addr)); replyq = client->replyq; for (;;) { pthread_mutex_lock(&replyq->mutex); @@ -237,8 +237,8 @@ void *dtlsserverwr(void *arg) { pthread_mutex_unlock(&replyq->mutex); cnt = SSL_write(client->ssl, reply->replybuf, RADLEN(reply->replybuf)); if (cnt > 0) - debug(DBG_DBG, "dtlsserverwr: sent %d bytes, Radius packet of length %d", - cnt, RADLEN(reply->replybuf)); + debug(DBG_DBG, "dtlsserverwr: sent %d bytes, Radius packet of length %d to %s", + cnt, RADLEN(reply->replybuf), addr2string(client->addr)); else while ((error = ERR_get_error())) debug(DBG_ERR, "dtlsserverwr: SSL: %s", ERR_error_string(error, NULL)); @@ -251,7 +251,7 @@ void dtlsserverrd(struct client *client) { uint8_t *buf; pthread_t dtlsserverwrth; - debug(DBG_DBG, "dtlsserverrd: starting for %s", client->conf->host); + debug(DBG_DBG, "dtlsserverrd: starting for %s", addr2string(client->addr)); if (pthread_create(&dtlsserverwrth, NULL, dtlsserverwr, (void *)client)) { debug(DBG_ERR, "dtlsserverrd: pthread_create failed"); @@ -261,10 +261,10 @@ void dtlsserverrd(struct client *client) { for (;;) { buf = raddtlsget(client->ssl, client->rbios, IDLE_TIMEOUT); if (!buf) { - debug(DBG_ERR, "dtlsserverrd: connection from %s lost", client->conf->host); + debug(DBG_ERR, "dtlsserverrd: connection from %s lost", addr2string(client->addr)); break; } - debug(DBG_DBG, "dtlsserverrd: got Radius message from %s", client->conf->host); + debug(DBG_DBG, "dtlsserverrd: got Radius message from %s", addr2string(client->addr)); rq = newrequest(); if (!rq) { free(buf); @@ -273,7 +273,7 @@ void dtlsserverrd(struct client *client) { rq->buf = buf; rq->from = client; if (!radsrv(rq)) { - debug(DBG_ERR, "dtlsserverrd: message authentication/validation failed, closing connection from %s", client->conf->host); + debug(DBG_ERR, "dtlsserverrd: message authentication/validation failed, closing connection from %s", addr2string(client->addr)); break; } } @@ -287,7 +287,7 @@ void dtlsserverrd(struct client *client) { debug(DBG_DBG, "dtlsserverrd: waiting for writer to end"); pthread_join(dtlsserverwrth, NULL); removeclientrqs(client); - debug(DBG_DBG, "dtlsserverrd: reader for %s exiting", client->conf->host); + debug(DBG_DBG, "dtlsserverrd: reader for %s exiting", addr2string(client->addr)); } void *dtlsservernew(void *arg) { @@ -316,6 +316,7 @@ void *dtlsservernew(void *arg) { client = addclient(conf, 1); if (client) { client->sock = params->sock; + client->addr = addr_copy((struct sockaddr *)¶ms->addr); client->rbios = params->sesscache->rbios; client->ssl = ssl; dtlsserverrd(client); @@ -417,7 +418,7 @@ void *udpdtlsserverrd(void *arg) { pthread_mutex_lock(&cacheentry->mutex); if (cacheentry->rbios) { if (udp2bio(s, cacheentry->rbios, cnt)) - debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from, fromlen)); + debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from)); } else recv(s, buf, 1, 0); pthread_mutex_unlock(&cacheentry->mutex); @@ -449,7 +450,7 @@ void *udpdtlsserverrd(void *arg) { memcpy(¶ms->addr, &from, fromlen); if (udp2bio(s, params->sesscache->rbios, cnt)) { - debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from, fromlen)); + debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from)); if (!pthread_create(&dtlsserverth, NULL, dtlsservernew, (void *)params)) { pthread_detach(dtlsserverth); cacheexpire(sessioncache, &lastexpiry); @@ -568,12 +569,12 @@ void *udpdtlsclientrd(void *arg) { conf = find_srvconf(RAD_DTLS, (struct sockaddr *)&from, NULL); if (!conf) { - debug(DBG_WARN, "udpdtlsclientrd: got packet from wrong or unknown DTLS peer %s, ignoring", addr2string((struct sockaddr *)&from, fromlen)); + debug(DBG_WARN, "udpdtlsclientrd: got packet from wrong or unknown DTLS peer %s, ignoring", addr2string((struct sockaddr *)&from)); recv(s, buf, 4, 0); continue; } if (udp2bio(s, conf->servers->rbios, cnt)) - debug(DBG_DBG, "radudpget: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from, fromlen)); + debug(DBG_DBG, "radudpget: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from)); } } diff --git a/radsecproxy.c b/radsecproxy.c index 2201af9..5775f0c 100644 --- a/radsecproxy.c +++ b/radsecproxy.c @@ -585,20 +585,22 @@ struct client *addclient(struct clsrvconf *conf, uint8_t lock) { } void removeclient(struct client *client) { + struct clsrvconf *conf; + if (!client) return; - - pthread_mutex_lock(client->conf->lock); - if (client->conf->clients) { + conf = client->conf; + pthread_mutex_lock(conf->lock); + if (conf->clients) { pthread_mutex_lock(&client->lock); removequeue(client->replyq); - list_removedata(client->conf->clients, client); + list_removedata(conf->clients, client); pthread_mutex_unlock(&client->lock); pthread_mutex_destroy(&client->lock); free(client->addr); free(client); } - pthread_mutex_unlock(client->conf->lock); + pthread_mutex_unlock(conf->lock); } void removeclientrqs(struct client *client) { diff --git a/radsecproxy.h b/radsecproxy.h index a421c5e..6caf2d9 100644 --- a/radsecproxy.h +++ b/radsecproxy.h @@ -108,7 +108,7 @@ struct client { struct request *rqs[MAX_REQUESTS]; struct queue *replyq; struct queue *rbios; /* for dtls */ - struct sockaddr *addr; /* for udp */ + struct sockaddr *addr; }; struct server { @@ -195,14 +195,6 @@ struct protodefs { #define ATTRVAL(x) ((x) + 2) #define ATTRVALLEN(x) ((x)[1] - 2) -#define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \ - sizeof(struct sockaddr_in) : \ - sizeof(struct sockaddr_in6)) - -#define SOCKADDRP_SIZE(addr) ((addr)->sa_family == AF_INET ? \ - sizeof(struct sockaddr_in) : \ - sizeof(struct sockaddr_in6)) - struct addrinfo *getsrcprotores(uint8_t type); struct clsrvconf *find_clconf(uint8_t type, struct sockaddr *addr, struct list_node **cur); struct clsrvconf *find_srvconf(uint8_t type, struct sockaddr *addr, struct list_node **cur); @@ -192,7 +192,7 @@ void *tcpserverwr(void *arg) { struct queue *replyq; struct request *reply; - debug(DBG_DBG, "tcpserverwr: starting for %s", client->conf->host); + debug(DBG_DBG, "tcpserverwr: starting for %s", addr2string(client->addr)); replyq = client->replyq; for (;;) { pthread_mutex_lock(&replyq->mutex); @@ -213,10 +213,10 @@ void *tcpserverwr(void *arg) { pthread_mutex_unlock(&replyq->mutex); cnt = write(client->sock, reply->replybuf, RADLEN(reply->replybuf)); if (cnt > 0) - debug(DBG_DBG, "tcpserverwr: sent %d bytes, Radius packet of length %d", - cnt, RADLEN(reply->replybuf)); + debug(DBG_DBG, "tcpserverwr: sent %d bytes, Radius packet of length %d to %s", + cnt, RADLEN(reply->replybuf), addr2string(client->addr)); else - debug(DBG_ERR, "tcpserverwr: write error for %s", client->conf->host); + debug(DBG_ERR, "tcpserverwr: write error for %s", addr2string(client->addr)); freerq(reply); } } @@ -226,7 +226,7 @@ void tcpserverrd(struct client *client) { uint8_t *buf; pthread_t tcpserverwrth; - debug(DBG_DBG, "tcpserverrd: starting for %s", client->conf->host); + debug(DBG_DBG, "tcpserverrd: starting for %s", addr2string(client->addr)); if (pthread_create(&tcpserverwrth, NULL, tcpserverwr, (void *)client)) { debug(DBG_ERR, "tcpserverrd: pthread_create failed"); @@ -236,10 +236,10 @@ void tcpserverrd(struct client *client) { for (;;) { buf = radtcpget(client->sock, 0); if (!buf) { - debug(DBG_ERR, "tcpserverrd: connection from %s lost", client->conf->host); + debug(DBG_ERR, "tcpserverrd: connection from %s lost", addr2string(client->addr)); break; } - debug(DBG_DBG, "tcpserverrd: got Radius message from %s", client->conf->host); + debug(DBG_DBG, "tcpserverrd: got Radius message from %s", addr2string(client->addr)); rq = newrequest(); if (!rq) { free(buf); @@ -248,7 +248,7 @@ void tcpserverrd(struct client *client) { rq->buf = buf; rq->from = client; if (!radsrv(rq)) { - debug(DBG_ERR, "tcpserverrd: message authentication/validation failed, closing connection from %s", client->conf->host); + debug(DBG_ERR, "tcpserverrd: message authentication/validation failed, closing connection from %s", addr2string(client->addr)); break; } } @@ -261,9 +261,8 @@ void tcpserverrd(struct client *client) { debug(DBG_DBG, "tcpserverrd: waiting for writer to end"); pthread_join(tcpserverwrth, NULL); removeclientrqs(client); - debug(DBG_DBG, "tcpserverrd: reader for %s exiting", client->conf->host); + debug(DBG_DBG, "tcpserverrd: reader for %s exiting", addr2string(client->addr)); } - void *tcpservernew(void *arg) { int s; struct sockaddr_storage from; @@ -276,13 +275,14 @@ void *tcpservernew(void *arg) { debug(DBG_DBG, "tcpservernew: getpeername failed, exiting"); goto exit; } - debug(DBG_WARN, "tcpservernew: incoming TCP connection from %s", addr2string((struct sockaddr *)&from, fromlen)); + debug(DBG_WARN, "tcpservernew: incoming TCP connection from %s", addr2string((struct sockaddr *)&from)); conf = find_clconf(RAD_TCP, (struct sockaddr *)&from, NULL); if (conf) { client = addclient(conf, 1); if (client) { client->sock = s; + client->addr = addr_copy((struct sockaddr *)&from); tcpserverrd(client); removeclient(client); } else @@ -243,7 +243,7 @@ void *tlsserverwr(void *arg) { struct queue *replyq; struct request *reply; - debug(DBG_DBG, "tlsserverwr: starting for %s", client->conf->host); + debug(DBG_DBG, "tlsserverwr: starting for %s", addr2string(client->addr)); replyq = client->replyq; for (;;) { pthread_mutex_lock(&replyq->mutex); @@ -265,8 +265,8 @@ void *tlsserverwr(void *arg) { pthread_mutex_unlock(&replyq->mutex); cnt = SSL_write(client->ssl, reply->replybuf, RADLEN(reply->replybuf)); if (cnt > 0) - debug(DBG_DBG, "tlsserverwr: sent %d bytes, Radius packet of length %d", - cnt, RADLEN(reply->replybuf)); + debug(DBG_DBG, "tlsserverwr: sent %d bytes, Radius packet of length %d to %s", + cnt, RADLEN(reply->replybuf), addr2string(client->addr)); else while ((error = ERR_get_error())) debug(DBG_ERR, "tlsserverwr: SSL: %s", ERR_error_string(error, NULL)); @@ -279,7 +279,7 @@ void tlsserverrd(struct client *client) { uint8_t *buf; pthread_t tlsserverwrth; - debug(DBG_DBG, "tlsserverrd: starting for %s", client->conf->host); + debug(DBG_DBG, "tlsserverrd: starting for %s", addr2string(client->addr)); if (pthread_create(&tlsserverwrth, NULL, tlsserverwr, (void *)client)) { debug(DBG_ERR, "tlsserverrd: pthread_create failed"); @@ -289,10 +289,10 @@ void tlsserverrd(struct client *client) { for (;;) { buf = radtlsget(client->ssl, 0); if (!buf) { - debug(DBG_ERR, "tlsserverrd: connection from %s lost", client->conf->host); + debug(DBG_ERR, "tlsserverrd: connection from %s lost", addr2string(client->addr)); break; } - debug(DBG_DBG, "tlsserverrd: got Radius message from %s", client->conf->host); + debug(DBG_DBG, "tlsserverrd: got Radius message from %s", addr2string(client->addr)); rq = newrequest(); if (!rq) { free(buf); @@ -301,7 +301,7 @@ void tlsserverrd(struct client *client) { rq->buf = buf; rq->from = client; if (!radsrv(rq)) { - debug(DBG_ERR, "tlsserverrd: message authentication/validation failed, closing connection from %s", client->conf->host); + debug(DBG_ERR, "tlsserverrd: message authentication/validation failed, closing connection from %s", addr2string(client->addr)); break; } } @@ -314,7 +314,7 @@ void tlsserverrd(struct client *client) { debug(DBG_DBG, "tlsserverrd: waiting for writer to end"); pthread_join(tlsserverwrth, NULL); removeclientrqs(client); - debug(DBG_DBG, "tlsserverrd: reader for %s exiting", client->conf->host); + debug(DBG_DBG, "tlsserverrd: reader for %s exiting", addr2string(client->addr)); } void *tlsservernew(void *arg) { @@ -333,7 +333,7 @@ void *tlsservernew(void *arg) { debug(DBG_DBG, "tlsservernew: getpeername failed, exiting"); goto exit; } - debug(DBG_WARN, "tlsservernew: incoming TLS connection from %s", addr2string((struct sockaddr *)&from, fromlen)); + debug(DBG_WARN, "tlsservernew: incoming TLS connection from %s", addr2string((struct sockaddr *)&from)); conf = find_clconf(RAD_TLS, (struct sockaddr *)&from, &cur); if (conf) { @@ -357,6 +357,7 @@ void *tlsservernew(void *arg) { client = addclient(conf, 1); if (client) { client->ssl = ssl; + client->addr = addr_copy((struct sockaddr *)&from); tlsserverrd(client); removeclient(client); } else @@ -72,7 +72,7 @@ unsigned char *radudpget(int s, struct client **client, struct server **server, ? find_clconf(RAD_UDP, (struct sockaddr *)&from, NULL) : find_srvconf(RAD_UDP, (struct sockaddr *)&from, NULL); if (!p) { - debug(DBG_WARN, "radudpget: got packet from wrong or unknown UDP peer %s, ignoring", addr2string((struct sockaddr *)&from, fromlen)); + debug(DBG_WARN, "radudpget: got packet from wrong or unknown UDP peer %s, ignoring", addr2string((struct sockaddr *)&from)); recv(s, buf, 4, 0); continue; } @@ -92,7 +92,7 @@ unsigned char *radudpget(int s, struct client **client, struct server **server, } cnt = recv(s, rad, len, MSG_TRUNC); - debug(DBG_DBG, "radudpget: got %d bytes from %s", cnt, addr2string((struct sockaddr *)&from, fromlen)); + debug(DBG_DBG, "radudpget: got %d bytes from %s", cnt, addr2string((struct sockaddr *)&from)); if (cnt < len) { debug(DBG_WARN, "radudpget: packet smaller than length field in radius header"); @@ -15,40 +15,7 @@ #include <unistd.h> #include <stdarg.h> #include "debug.h" - -#if 0 -#include <errno.h> -void errx(char *format, ...) { - extern int errno; - - va_list ap; - va_start(ap, format); - vfprintf(stderr, format, ap); - va_end(ap); - if (errno) { - fprintf(stderr, ": "); - perror(NULL); - fprintf(stderr, "errno=%d\n", errno); - } else - fprintf(stderr, "\n"); - exit(1); -} - -void err(char *format, ...) { - extern int errno; - - va_list ap; - va_start(ap, format); - vfprintf(stderr, format, ap); - va_end(ap); - if (errno) { - fprintf(stderr, ": "); - perror(NULL); - fprintf(stderr, "errno=%d\n", errno); - } else - fprintf(stderr, "\n"); -} -#endif +#include "util.h" char *stringcopy(const char *s, int len) { char *r; @@ -131,7 +98,7 @@ struct sockaddr *addr_copy(struct sockaddr *in) { return out; } -char *addr2string(struct sockaddr *addr, socklen_t len) { +char *addr2string(struct sockaddr *addr) { struct sockaddr_in6 *sa6; struct sockaddr_in sa4; static char addr_buf[2][INET6_ADDRSTRLEN]; @@ -147,9 +114,7 @@ char *addr2string(struct sockaddr *addr, socklen_t len) { addr = (struct sockaddr *)&sa4; } } - len = addr->sa_family == AF_INET ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6); - - if (getnameinfo(addr, len, addr_buf[i], sizeof(addr_buf[i]), + if (getnameinfo(addr, SOCKADDRP_SIZE(addr), addr_buf[i], sizeof(addr_buf[i]), NULL, 0, NI_NUMERICHOST)) { debug(DBG_WARN, "getnameinfo failed"); return "getnameinfo_failed"; @@ -1,8 +1,16 @@ #include <sys/socket.h> #include <netdb.h> +#define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \ + sizeof(struct sockaddr_in) : \ + sizeof(struct sockaddr_in6)) + +#define SOCKADDRP_SIZE(addr) ((addr)->sa_family == AF_INET ? \ + sizeof(struct sockaddr_in) : \ + sizeof(struct sockaddr_in6)) + char *stringcopy(const char *s, int len); -char *addr2string(struct sockaddr *addr, socklen_t len); +char *addr2string(struct sockaddr *addr); int addr_equal(struct sockaddr *a, struct sockaddr *b); struct sockaddr *addr_copy(struct sockaddr *in); uint16_t port_get(struct sockaddr *sa); |