summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorvenaas <venaas>2008-09-17 12:03:44 +0000
committervenaas <venaas@e88ac4ed-0b26-0410-9574-a7f39faa03bf>2008-09-17 12:03:44 +0000
commit04e007ddc3e3669458f094436989237d488942d2 (patch)
treeba1e83aa57742df0e183f96ee242560a21f2c17f
parent9565d5287c057a4ec08708ad893ea558b78917fa (diff)
better logging. not requiring server configs to run
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/branches/release-1.1@388 e88ac4ed-0b26-0410-9574-a7f39faa03bf
-rw-r--r--radsecproxy.c33
-rw-r--r--radsecproxy.h5
-rw-r--r--util.c64
-rw-r--r--util.h11
4 files changed, 54 insertions, 59 deletions
diff --git a/radsecproxy.c b/radsecproxy.c
index 669f03c..924434c 100644
--- a/radsecproxy.c
+++ b/radsecproxy.c
@@ -433,6 +433,7 @@ void removeclient(struct client *client) {
pthread_mutex_unlock(&client->replyq->mutex);
pthread_mutex_destroy(&client->replyq->mutex);
list_removedata(client->conf->clients, client);
+ free(client->addr);
free(client);
}
@@ -538,7 +539,7 @@ unsigned char *radudpget(int s, struct client **client, struct server **server,
p = find_conf('U', (struct sockaddr *)&from, client ? clconfs : srvconfs, NULL);
if (!p) {
- debug(DBG_WARN, "radudpget: got packet from wrong or unknown UDP peer %s, ignoring", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_WARN, "radudpget: got packet from wrong or unknown UDP peer %s, ignoring", addr2string((struct sockaddr *)&from));
recv(s, buf, 4, 0);
continue;
}
@@ -558,7 +559,7 @@ unsigned char *radudpget(int s, struct client **client, struct server **server,
}
cnt = recv(s, rad, len, MSG_TRUNC);
- debug(DBG_DBG, "radudpget: got %d bytes from %s", cnt, addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_DBG, "radudpget: got %d bytes from %s", cnt, addr2string((struct sockaddr *)&from));
if (cnt < len) {
debug(DBG_WARN, "radudpget: packet smaller than length field in radius header");
@@ -2387,7 +2388,7 @@ void *udpaccserverrd(void *arg) {
listenres = resolve_hostport('U', options.listenaccudp, DEFAULT_UDP_PORT);
if ((udp_accserver_sock = bindtoaddr(listenres->addrinfo, AF_UNSPEC, 1, 0)) < 0)
- debugx(1, DBG_ERR, "udpserverrd: socket/bind failed");
+ debugx(1, DBG_ERR, "udpaccserverrd: socket/bind failed");
debug(DBG_WARN, "udpaccserverrd: listening for UDP on %s:%s",
listenres->host ? listenres->host : "*", listenres->port);
@@ -2412,7 +2413,8 @@ void *tlsserverwr(void *arg) {
struct replyq *replyq;
struct reply *reply;
- debug(DBG_DBG, "tlsserverwr starting for %s", client->conf->host);
+ debug(DBG_DBG, "tlsserverwr starting for %s", addr2string(client->addr));
+
replyq = client->replyq;
for (;;) {
pthread_mutex_lock(&replyq->mutex);
@@ -2434,8 +2436,8 @@ void *tlsserverwr(void *arg) {
pthread_mutex_unlock(&replyq->mutex);
cnt = SSL_write(client->ssl, reply->buf, RADLEN(reply->buf));
if (cnt > 0)
- debug(DBG_DBG, "tlsserverwr: Sent %d bytes, Radius packet of length %d",
- cnt, RADLEN(reply->buf));
+ debug(DBG_DBG, "tlsserverwr: Sent %d bytes, Radius packet of length %d to %s",
+ cnt, RADLEN(reply->buf), addr2string(client->addr));
else
while ((error = ERR_get_error()))
debug(DBG_ERR, "tlsserverwr: SSL: %s", ERR_error_string(error, NULL));
@@ -2448,7 +2450,7 @@ void tlsserverrd(struct client *client) {
struct request rq;
pthread_t tlsserverwrth;
- debug(DBG_DBG, "tlsserverrd starting for %s", client->conf->host);
+ debug(DBG_DBG, "tlsserverrd starting for %s", addr2string(client->addr));
if (pthread_create(&tlsserverwrth, NULL, tlsserverwr, (void *)client)) {
debug(DBG_ERR, "tlsserverrd: pthread_create failed");
@@ -2460,12 +2462,12 @@ void tlsserverrd(struct client *client) {
rq.buf = radtlsget(client->ssl);
if (!rq.buf)
break;
- debug(DBG_DBG, "tlsserverrd: got Radius message from %s", client->conf->host);
+ debug(DBG_DBG, "tlsserverrd: got Radius message from %s", addr2string(client->addr));
rq.from = client;
radsrv(&rq);
}
- debug(DBG_ERR, "tlsserverrd: connection lost");
+ debug(DBG_ERR, "tlsserverrd: connection from %s lost", addr2string(client->addr));
/* stop writer by setting ssl to NULL and give signal in case waiting for data */
client->ssl = NULL;
pthread_mutex_lock(&client->replyq->mutex);
@@ -2474,7 +2476,7 @@ void tlsserverrd(struct client *client) {
debug(DBG_DBG, "tlsserverrd: waiting for writer to end");
pthread_join(tlsserverwrth, NULL);
removeclientrqs(client);
- debug(DBG_DBG, "tlsserverrd for %s exiting", client->conf->host);
+ debug(DBG_DBG, "tlsserverrd for %s exiting", addr2string(client->addr));
}
void *tlsservernew(void *arg) {
@@ -2490,10 +2492,10 @@ void *tlsservernew(void *arg) {
s = *(int *)arg;
if (getpeername(s, (struct sockaddr *)&from, &fromlen)) {
- debug(DBG_DBG, "tlsserverrd: getpeername failed, exiting");
+ debug(DBG_DBG, "tlsservernew: getpeername failed, exiting");
goto exit;
}
- debug(DBG_WARN, "incoming TLS connection from %s", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_WARN, "incoming TLS connection from %s", addr2string((struct sockaddr *)&from));
conf = find_conf('T', (struct sockaddr *)&from, clconfs, &cur);
if (conf) {
@@ -2502,8 +2504,8 @@ void *tlsservernew(void *arg) {
if (SSL_accept(ssl) <= 0) {
while ((error = ERR_get_error()))
- debug(DBG_ERR, "tlsserverrd: SSL: %s", ERR_error_string(error, NULL));
- debug(DBG_ERR, "SSL_accept failed");
+ debug(DBG_ERR, "tlsservernew: SSL: %s", ERR_error_string(error, NULL));
+ debug(DBG_ERR, "tlsservernew: SSL_accept failed");
goto exit;
}
cert = verifytlscert(ssl);
@@ -2517,6 +2519,7 @@ void *tlsservernew(void *arg) {
client = addclient(conf);
if (client) {
client->ssl = ssl;
+ client->addr = addr_copy((struct sockaddr *)&from);
tlsserverrd(client);
removeclient(client);
} else
@@ -3427,8 +3430,6 @@ int main(int argc, char **argv) {
if (!list_first(clconfs))
debugx(1, DBG_ERR, "No clients configured, nothing to do, exiting");
- if (!list_first(srvconfs))
- debugx(1, DBG_ERR, "No servers configured, nothing to do, exiting");
if (!list_first(realms))
debugx(1, DBG_ERR, "No realms configured, nothing to do, exiting");
diff --git a/radsecproxy.h b/radsecproxy.h
index fcedf04..f4c468d 100644
--- a/radsecproxy.h
+++ b/radsecproxy.h
@@ -101,6 +101,7 @@ struct client {
struct clsrvconf *conf;
SSL *ssl;
struct replyq *replyq;
+ struct sockaddr *addr;
};
struct server {
@@ -165,7 +166,3 @@ struct rewriteconf {
#define ATTRLEN(x) ((x)[1])
#define ATTRVAL(x) ((x) + 2)
#define ATTRVALLEN(x) ((x)[1] - 2)
-
-#define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \
- sizeof(struct sockaddr_in) : \
- sizeof(struct sockaddr_in6))
diff --git a/util.c b/util.c
index 096b7a6..2ff6c26 100644
--- a/util.c
+++ b/util.c
@@ -15,40 +15,7 @@
#include <unistd.h>
#include <stdarg.h>
#include "debug.h"
-
-#if 0
-#include <errno.h>
-void errx(char *format, ...) {
- extern int errno;
-
- va_list ap;
- va_start(ap, format);
- vfprintf(stderr, format, ap);
- va_end(ap);
- if (errno) {
- fprintf(stderr, ": ");
- perror(NULL);
- fprintf(stderr, "errno=%d\n", errno);
- } else
- fprintf(stderr, "\n");
- exit(1);
-}
-
-void err(char *format, ...) {
- extern int errno;
-
- va_list ap;
- va_start(ap, format);
- vfprintf(stderr, format, ap);
- va_end(ap);
- if (errno) {
- fprintf(stderr, ": ");
- perror(NULL);
- fprintf(stderr, "errno=%d\n", errno);
- } else
- fprintf(stderr, "\n");
-}
-#endif
+#include "util.h"
char *stringcopy(const char *s, int len) {
char *r;
@@ -93,7 +60,30 @@ void port_set(struct sockaddr *sa, uint16_t port) {
}
}
-char *addr2string(struct sockaddr *addr, socklen_t len) {
+struct sockaddr *addr_copy(struct sockaddr *in) {
+ struct sockaddr *out = NULL;
+
+ switch (in->sa_family) {
+ case AF_INET:
+ out = malloc(sizeof(struct sockaddr_in));
+ if (out) {
+ memset(out, 0, sizeof(struct sockaddr_in));
+ ((struct sockaddr_in *)out)->sin_addr = ((struct sockaddr_in *)in)->sin_addr;
+ }
+ break;
+ case AF_INET6:
+ out = malloc(sizeof(struct sockaddr_in6));
+ if (out) {
+ memset(out, 0, sizeof(struct sockaddr_in6));
+ ((struct sockaddr_in6 *)out)->sin6_addr = ((struct sockaddr_in6 *)in)->sin6_addr;
+ }
+ break;
+ }
+ out->sa_family = in->sa_family;
+ return out;
+}
+
+char *addr2string(struct sockaddr *addr) {
struct sockaddr_in6 *sa6;
struct sockaddr_in sa4;
static char addr_buf[2][INET6_ADDRSTRLEN];
@@ -109,9 +99,7 @@ char *addr2string(struct sockaddr *addr, socklen_t len) {
addr = (struct sockaddr *)&sa4;
}
}
- len = addr->sa_family == AF_INET ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6);
-
- if (getnameinfo(addr, len, addr_buf[i], sizeof(addr_buf[i]),
+ if (getnameinfo(addr, SOCKADDRP_SIZE(addr), addr_buf[i], sizeof(addr_buf[i]),
NULL, 0, NI_NUMERICHOST)) {
debug(DBG_WARN, "getnameinfo failed");
return "getnameinfo_failed";
diff --git a/util.h b/util.h
index 936c2de..8b37210 100644
--- a/util.h
+++ b/util.h
@@ -1,8 +1,17 @@
#include <sys/socket.h>
#include <netdb.h>
+#define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \
+ sizeof(struct sockaddr_in) : \
+ sizeof(struct sockaddr_in6))
+
+#define SOCKADDRP_SIZE(addr) ((addr)->sa_family == AF_INET ? \
+ sizeof(struct sockaddr_in) : \
+ sizeof(struct sockaddr_in6))
+
char *stringcopy(const char *s, int len);
-char *addr2string(struct sockaddr *addr, socklen_t len);
+char *addr2string(struct sockaddr *addr);
+struct sockaddr *addr_copy(struct sockaddr *in);
uint16_t port_get(struct sockaddr *sa);
void port_set(struct sockaddr *sa, uint16_t port);