From f7b6f669a472407be2e6dcc085621c46c12e3329 Mon Sep 17 00:00:00 2001 From: yrutschle Date: Sun, 19 Sep 2021 20:24:46 +0200 Subject: [PATCH] sslh-select to use new log system --- log.c | 19 ++++++++- log.h | 5 +++ sslh-conf.c | 110 ++++++++++++++++++++++++++++++++++++++++++++------ sslh-conf.h | 6 ++- sslh-select.c | 48 +++++++++------------- sslhconf.cfg | 5 +++ test.cfg | 6 +++ 7 files changed, 156 insertions(+), 43 deletions(-) diff --git a/log.c b/log.c index 11aed81..4c01fcb 100644 --- a/log.c +++ b/log.c @@ -34,12 +34,29 @@ msg_info msg_config = { &cfg.verbose_config }; - msg_info msg_config_error = { LOG_ERR, &cfg.verbose_config_error }; +msg_info msg_fd = { + LOG_DEBUG, + &cfg.verbose_fd +}; + +/* Internal errors: inconsistent states, impossible values, things that should never happen, and are therefore the sign of memory corruption: hence the LOG_CRIT */ +msg_info msg_int_error = { + LOG_CRIT, + &cfg.verbose_system_error +}; + +/* System errors: when the system around us fails us: memory allocation, fork, ... */ +msg_info msg_system_error = { + LOG_ERR, + &cfg.verbose_system_error +}; + + /* Bitmasks in verbose-* values */ #define MSG_STDOUT 1 diff --git a/log.h b/log.h index 70a76bc..e99b77b 100644 --- a/log.h +++ b/log.h @@ -16,4 +16,9 @@ void print_message(msg_info info, const char* str, ...); extern msg_info msg_config; extern msg_info msg_config_error; +extern msg_info msg_fd; + +extern msg_info msg_int_error; +extern msg_info msg_system_error; + #endif /* LOG_H */ diff --git a/sslh-conf.c b/sslh-conf.c index e16dde9..6d8eb46 100644 --- a/sslh-conf.c +++ b/sslh-conf.c @@ -1,5 +1,5 @@ /* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README) - * on Sat Sep 18 22:17:39 2021. + * on Sun Sep 19 20:20:24 2021. # conf2struct: generate libconf parsers that read to structs # Copyright (C) 2018-2021 Yves Rutschle @@ -445,6 +445,10 @@ struct compound_cl_arg { struct arg_file* sslhcfg_conffile; struct arg_int* sslhcfg_verbose_config; struct arg_int* sslhcfg_verbose_config_error; + struct arg_int* sslhcfg_verbose_connections; + struct arg_int* sslhcfg_verbose_fd; + struct arg_int* sslhcfg_verbose_system_error; + struct arg_int* sslhcfg_verbose_int_error; struct arg_int* sslhcfg_verbose; struct arg_lit* sslhcfg_version; struct arg_lit* sslhcfg_foreground; @@ -785,7 +789,7 @@ static struct config_desc table_sslhcfg_listen[] = { }, { 0 } }; - + static struct config_desc table_sslhcfg[] = { @@ -821,6 +825,70 @@ static struct config_desc table_sslhcfg[] = { /* default_val*/ .default_val.def_int = 3 }, + { + /* name */ "verbose_connections", + /* type */ CFG_INT, + /* sub_group*/ NULL, + /* arg_cl */ & sslhcfg_verbose_connections, + /* base_addr */ NULL, + /* offset */ offsetof(struct sslhcfg_item, verbose_connections), + /* offset_len */ 0, + /* offset_present */ 0, + /* size */ sizeof(int), + /* array_type */ -1, + /* mandatory */ 0, + /* optional */ 0, + /* default_val*/ .default_val.def_int = 0 + }, + + { + /* name */ "verbose_fd", + /* type */ CFG_INT, + /* sub_group*/ NULL, + /* arg_cl */ & sslhcfg_verbose_fd, + /* base_addr */ NULL, + /* offset */ offsetof(struct sslhcfg_item, verbose_fd), + /* offset_len */ 0, + /* offset_present */ 0, + /* size */ sizeof(int), + /* array_type */ -1, + /* mandatory */ 0, + /* optional */ 0, + /* default_val*/ .default_val.def_int = 0 + }, + + { + /* name */ "verbose_system_error", + /* type */ CFG_INT, + /* sub_group*/ NULL, + /* arg_cl */ & sslhcfg_verbose_system_error, + /* base_addr */ NULL, + /* offset */ offsetof(struct sslhcfg_item, verbose_system_error), + /* offset_len */ 0, + /* offset_present */ 0, + /* size */ sizeof(int), + /* array_type */ -1, + /* mandatory */ 0, + /* optional */ 0, + /* default_val*/ .default_val.def_int = 3 + }, + + { + /* name */ "verbose_int_error", + /* type */ CFG_INT, + /* sub_group*/ NULL, + /* arg_cl */ & sslhcfg_verbose_int_error, + /* base_addr */ NULL, + /* offset */ offsetof(struct sslhcfg_item, verbose_int_error), + /* offset_len */ 0, + /* offset_present */ 0, + /* size */ sizeof(int), + /* array_type */ -1, + /* mandatory */ 0, + /* optional */ 0, + /* default_val*/ .default_val.def_int = 3 + }, + { /* name */ "verbose", /* type */ CFG_INT, @@ -1157,7 +1225,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: listen */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_listen, - .base_entry = & table_sslhcfg [15], + .base_entry = & table_sslhcfg [19], .targets = sslhcfg_listen_targets, @@ -1169,7 +1237,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: ssh */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_ssh, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_ssh_targets, @@ -1181,7 +1249,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: tls */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_tls, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_tls_targets, @@ -1193,7 +1261,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: openvpn */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_openvpn, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_openvpn_targets, @@ -1205,7 +1273,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: tinc */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_tinc, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_tinc_targets, @@ -1217,7 +1285,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: xmpp */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_xmpp, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_xmpp_targets, @@ -1229,7 +1297,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: http */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_http, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_http_targets, @@ -1241,7 +1309,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: adb */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_adb, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_adb_targets, @@ -1253,7 +1321,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: socks5 */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_socks5, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_socks5_targets, @@ -1265,7 +1333,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: syslog */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_syslog, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_syslog_targets, @@ -1277,7 +1345,7 @@ static struct compound_cl_arg compound_cl_args[] = { { /* arg: anyprot */ .regex = "(.+):(\\w+)", .arg_cl = & sslhcfg_anyprot, - .base_entry = & table_sslhcfg [16], + .base_entry = & table_sslhcfg [20], .targets = sslhcfg_anyprot_targets, @@ -1944,6 +2012,10 @@ int sslhcfg_cl_parse(int argc, char* argv[], struct sslhcfg_item* cfg) #endif sslhcfg_verbose_config = arg_intn(NULL, "verbose-config", "", 0, 1, ""), sslhcfg_verbose_config_error = arg_intn(NULL, "verbose-config-error", "", 0, 1, ""), + sslhcfg_verbose_connections = arg_intn(NULL, "verbose-connections", "", 0, 1, ""), + sslhcfg_verbose_fd = arg_intn(NULL, "verbose-fd", "", 0, 1, ""), + sslhcfg_verbose_system_error = arg_intn(NULL, "verbose-system-error", "", 0, 1, ""), + sslhcfg_verbose_int_error = arg_intn(NULL, "verbose-int-error", "", 0, 1, ""), sslhcfg_verbose = arg_intn("v", "verbose", "", 0, 1, ""), sslhcfg_version = arg_litn("V", "version", 0, 1, "Print version information and exit"), sslhcfg_foreground = arg_litn("f", "foreground", 0, 1, "Run in foreground instead of as a daemon"), @@ -2119,6 +2191,18 @@ void sslhcfg_fprint( fprintf(out, "verbose_config_error: %d", sslhcfg->verbose_config_error); fprintf(out, "\n"); indent(out, depth); + fprintf(out, "verbose_connections: %d", sslhcfg->verbose_connections); + fprintf(out, "\n"); + indent(out, depth); + fprintf(out, "verbose_fd: %d", sslhcfg->verbose_fd); + fprintf(out, "\n"); + indent(out, depth); + fprintf(out, "verbose_system_error: %d", sslhcfg->verbose_system_error); + fprintf(out, "\n"); + indent(out, depth); + fprintf(out, "verbose_int_error: %d", sslhcfg->verbose_int_error); + fprintf(out, "\n"); + indent(out, depth); fprintf(out, "verbose: %d", sslhcfg->verbose); fprintf(out, "\n"); indent(out, depth); diff --git a/sslh-conf.h b/sslh-conf.h index 1f900e1..81ef678 100644 --- a/sslh-conf.h +++ b/sslh-conf.h @@ -1,5 +1,5 @@ /* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README) - * on Sat Sep 18 22:17:39 2021. + * on Sun Sep 19 20:20:24 2021. # conf2struct: generate libconf parsers that read to structs # Copyright (C) 2018-2021 Yves Rutschle @@ -76,6 +76,10 @@ struct sslhcfg_protocols_item { struct sslhcfg_item { int verbose_config; int verbose_config_error; + int verbose_connections; + int verbose_fd; + int verbose_system_error; + int verbose_int_error; int verbose; int version; int foreground; diff --git a/sslh-select.c b/sslh-select.c index a77d883..65fbadf 100644 --- a/sslh-select.c +++ b/sslh-select.c @@ -37,6 +37,7 @@ #include "udp-listener.h" #include "collection.h" #include "gap.h" +#include "log.h" const char* server_type = "sslh-select"; @@ -65,8 +66,7 @@ static int tidy_connection(struct connection *cnx, struct select_info* fd_info) for (i = 0; i < 2; i++) { if (cnx->q[i].fd != -1) { - if (cfg.verbose) - fprintf(stderr, "closing fd %d\n", cnx->q[i].fd); + print_message(msg_fd, "closing fd %d\n", cnx->q[i].fd); FD_CLR(cnx->q[i].fd, fds); FD_CLR(cnx->q[i].fd, fds2); @@ -97,7 +97,7 @@ static struct connection* accept_new_connection(int listen_socket, struct cnx_co int in_socket, res; - if (cfg.verbose) fprintf(stderr, "accepting from %d\n", listen_socket); + print_message(msg_fd, "accepting from %d\n", listen_socket); in_socket = accept(listen_socket, 0, 0); CHECK_RES_RETURN(in_socket, "accept", NULL); @@ -156,8 +156,7 @@ static void shovel(struct connection *cnx, int active_fd, struct select_info* fd read_q = &cnx->q[active_fd]; write_q = &cnx->q[1-active_fd]; - if (cfg.verbose) - fprintf(stderr, "activity on fd%d\n", read_q->fd); + print_message(msg_fd, "activity on fd%d\n", read_q->fd); switch(fd2fd(write_q, read_q)) { case -1: @@ -210,16 +209,14 @@ static void shovel_single(struct connection *cnx) if (FD_ISSET(cnx->q[i].fd, &fds_w)) { res = flush_deferred(&cnx->q[i]); if ((res == -1) && ((errno == EPIPE) || (errno == ECONNRESET))) { - if (cfg.verbose) - fprintf(stderr, "%s socket closed\n", i ? "server" : "client"); + print_message(msg_fd, "%s socket closed\n", i ? "server" : "client"); return; } } if (FD_ISSET(cnx->q[i].fd, &fds_r)) { res = fd2fd(&cnx->q[1-i], &cnx->q[i]); if (!res) { - if (cfg.verbose) - fprintf(stderr, "socket closed\n"); + print_message(msg_fd, "socket closed\n"); return; } } @@ -256,8 +253,7 @@ static void connect_proxy(struct connection *cnx) close(in_socket); close(out_socket); - if (cfg.verbose) - fprintf(stderr, "connection closed down\n"); + print_message(msg_fd, "connection closed down\n"); exit(0); } @@ -315,7 +311,7 @@ static void probing_read_process(struct connection* cnx, /* free(cnx); */ connect_proxy(cnx); exit(0); - case -1: log_message(LOG_ERR, "fork failed: err %d: %s\n", errno, strerror(errno)); + case -1: print_message(msg_system_error, "fork failed: err %d: %s\n", errno, strerror(errno)); break; default: /* parent */ break; @@ -337,7 +333,7 @@ int active_queue(struct connection* cnx, int fd) if (cnx->q[0].fd == fd) return 0; if (cnx->q[1].fd == fd) return 1; - log_message(LOG_ERR, "file descriptor %d not found in connection object\n", fd); + print_message(msg_int_error, "file descriptor %d not found in connection object\n", fd); return -1; } @@ -355,7 +351,7 @@ static void tcp_read_process(struct select_info* fd_info, case ST_PROBING: if (active_q == 1) { - fprintf(stderr, "Activity on fd2 while probing, impossible\n"); + print_message(msg_int_error, "Activity on fd2 while probing, impossible\n"); dump_connection(cnx); exit(1); } @@ -369,7 +365,7 @@ static void tcp_read_process(struct select_info* fd_info, break; default: /* illegal */ - log_message(LOG_ERR, "Illegal connection state %d\n", cnx->state); + print_message(msg_int_error, "Illegal connection state %d\n", cnx->state); dump_connection(cnx); exit(1); } @@ -389,11 +385,10 @@ static void cnx_read_process(struct select_info* fd_info, int fd) break; default: - log_message(LOG_ERR, "cnx_read_process: Illegal connection type %d\n", cnx->type); + print_message(msg_int_error, "cnx_read_process: Illegal connection type %d\n", cnx->type); dump_connection(cnx); exit(1); } - } /* Process a connection that is active in write */ @@ -439,13 +434,13 @@ void cnx_accept_process(struct select_info* fd_info, struct listen_endpoint* lis case SOCK_DGRAM: new_fd = udp_c2s_forward(fd, fd_info->collection, fd_info->max_fd); - fprintf(stderr, "new_fd %d\n", new_fd); + print_message(msg_fd, "new_fd %d\n", new_fd); if (new_fd == -1) return; break; default: - log_message(LOG_ERR, "Inconsistent cnx type: %d\n", type); + print_message(msg_int_error, "Inconsistent cnx type: %d\n", type); exit(1); return; } @@ -478,8 +473,7 @@ static void udp_timeouts(struct select_info* fd_info) time_t timeout = udp_timeout(cnx); if (!timeout) continue; /* Not a UDP connection */ if (cnx && (timeout <= now)) { - if (cfg.verbose > 3) - fprintf(stderr, "timed out UDP %d\n", cnx->target_sock); + print_message(msg_fd, "timed out UDP %d\n", cnx->target_sock); close(cnx->target_sock); FD_CLR(i, &fd_info->fds_r); FD_CLR(i, &fd_info->fds_w); @@ -537,8 +531,7 @@ void main_loop(struct listen_endpoint listen_sockets[], int num_addr_listen) memcpy(&readfds, &fd_info.fds_r, sizeof(readfds)); memcpy(&writefds, &fd_info.fds_w, sizeof(writefds)); - if (cfg.verbose) - fprintf(stderr, "selecting... max_fd=%d num_probing=%d\n", + print_message(msg_fd, "selecting... max_fd=%d num_probing=%d\n", fd_info.max_fd, fd_info.num_probing); res = select(fd_info.max_fd, &readfds, &writefds, NULL, fd_info.num_probing ? &tv : NULL); @@ -570,14 +563,13 @@ void main_loop(struct listen_endpoint listen_sockets[], int num_addr_listen) for (i = 0; i < fd_info.num_probing; i++) { struct connection* cnx = gap_get(fd_info.probing_list, i); if (!cnx || cnx->state != ST_PROBING) { - log_message(LOG_ERR, "Inconsistent probing: cnx=%0xp\n", cnx); + print_message(msg_int_error, "Inconsistent probing: cnx=%0xp\n", cnx); if (cnx) - log_message(LOG_ERR, "Inconsistent probing: state=%d\n", cnx); + print_message(msg_int_error, "Inconsistent probing: state=%d\n", cnx); exit(1); } if (cnx->probe_timeout < time(NULL)) { - if (cfg.verbose) - fprintf(stderr, "timeout slot %d\n", i); + print_message(msg_fd, "timeout slot %d\n", i); probing_read_process(cnx, &fd_info); } } @@ -596,7 +588,7 @@ void main_loop(struct listen_endpoint listen_sockets[], int num_addr_listen) void start_shoveler(int listen_socket) { - fprintf(stderr, "inetd mode is not supported in select mode\n"); + print_message(msg_config_error, "inetd mode is not supported in select mode\n"); exit(1); } diff --git a/sslhconf.cfg b/sslhconf.cfg index bb4b830..6a9a0fa 100644 --- a/sslhconf.cfg +++ b/sslhconf.cfg @@ -27,6 +27,11 @@ config: { items: ( { name: "verbose-config"; type: "int"; default: 0; }, { name: "verbose-config-error"; type: "int"; default: 3; }, + { name: "verbose-connections"; type: "int"; default: 0; }, + { name: "verbose-fd"; type: "int"; default: 0; }, + + { name: "verbose-system-error"; type: "int"; default: 3; }, + { name: "verbose-int-error"; type: "int"; default: 3; }, { name: "verbose"; type: "int"; short: "v" }, # to delete { name: "version"; type: "bool"; default: false; diff --git a/test.cfg b/test.cfg index 08b37df..5f31027 100644 --- a/test.cfg +++ b/test.cfg @@ -13,8 +13,14 @@ syslog_facility: "auth"; # Logging configuration # Value: 1: stdout; 2: syslog; 3: both +# Defaults should be sensible. Generally, you want *-error +# to be always enabled, to know if something is going wrong. #verbose-config: 3; # config: print configuration at startup #verbose-config-error: 3; #config-error: print configuration errors +#verbose-connections: 3; #config-connections: track connections +#verbose-fd: 3; # file descriptor activity, open/close/whatnot +#verbose-system-error: 3; # system call problem, i.e. malloc, fork, failing +#verbose-int-error: 3; # internal errors, the kind that should never happen # List of interfaces on which we should listen # Options: