diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/common/crypto.c | 72 | ||||
-rw-r--r-- | src/common/log.c | 7 | ||||
-rw-r--r-- | src/common/tortls.c | 14 | ||||
-rw-r--r-- | src/common/util.c | 26 | ||||
-rw-r--r-- | src/or/config.c | 10 |
5 files changed, 56 insertions, 73 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index fa1bf2b734..9f83b56d3f 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -211,17 +211,17 @@ crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode crypto_cipher_env_t *crypto = NULL; if (! (crypto = crypto_new_cipher_env(cipher_type))) { - log_fn(LOG_ERR, "Unable to allocate crypto object"); + log_fn(LOG_WARNING, "Unable to allocate crypto object"); return NULL; } if (crypto_cipher_set_key(crypto, key)) { - log_fn(LOG_ERR, "Unable to set key: %s", crypto_perror()); + log_fn(LOG_WARNING, "Unable to set key: %s", crypto_perror()); goto error; } if (crypto_cipher_set_iv(crypto, iv)) { - log_fn(LOG_ERR, "Unable to set iv: %s", crypto_perror()); + log_fn(LOG_WARNING, "Unable to set iv: %s", crypto_perror()); goto error; } @@ -231,7 +231,7 @@ crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode r = crypto_cipher_decrypt_init_cipher(crypto); if (r) { - log_fn(LOG_ERR, "Unable to initialize cipher: %s", crypto_perror()); + log_fn(LOG_WARNING, "Unable to initialize cipher: %s", crypto_perror()); goto error; } return crypto; @@ -352,45 +352,38 @@ int crypto_pk_read_private_key_from_file(crypto_pk_env_t *env, FILE *src) int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *keyfile) { FILE *f_pr; - int retval = 0; assert(env && keyfile); - if (strspn(keyfile,CONFIG_LEGAL_FILENAME_CHARACTERS) == strlen(keyfile)) /* filename contains legal characters only */ - { - /* open the keyfile */ - f_pr=fopen(keyfile,"rb"); - if (!f_pr) - return -1; - - /* read the private key */ - retval = crypto_pk_read_private_key_from_file(env, f_pr); + if(strspn(keyfile,CONFIG_LEGAL_FILENAME_CHARACTERS) != strlen(keyfile)) { + /* filename contains nonlegal characters */ + return -1; + } + + /* open the keyfile */ + f_pr=fopen(keyfile,"rb"); + if (!f_pr) + return -1; + + /* read the private key */ + if(crypto_pk_read_private_key_from_file(env, f_pr) < 0) { + log_fn(LOG_WARNING,"Error reading private key : %s",crypto_perror()); fclose(f_pr); - if (retval == -1) - { - log_fn(LOG_ERR,"Error reading private key : %s",crypto_perror()); - return -1; - } - - /* check the private key */ - retval = crypto_pk_check_key(env); - if (retval == 0) - { - log_fn(LOG_ERR,"Private key read but is invalid : %s.", crypto_perror()); + return -1; + } + fclose(f_pr); + + /* check the private key */ + switch(crypto_pk_check_key(env)) { + case 0: + log_fn(LOG_WARNING,"Private key read but is invalid : %s.", crypto_perror()); return -1; - } - else if (retval == -1) - { - log_fn(LOG_ERR,"Private key read but validity checking failed : %s",crypto_perror()); + case -1: + log_fn(LOG_WARNING,"Private key read but validity checking failed : %s",crypto_perror()); return -1; - } - else if (retval == 1) - { - return 0; - } - } /* filename contains legal characters only */ - - return -1; /* report error */ + /* case 1: fall through */ + } + return 0; } int crypto_pk_read_public_key_from_file(crypto_pk_env_t *env, FILE *src) @@ -989,14 +982,14 @@ int crypto_seed_rng() n = fread(buf, 1, 20, f); fclose(f); if (n != 20) { - log_fn(LOG_INFO, "Error reading from entropy source"); + log_fn(LOG_WARNING, "Error reading from entropy source"); return -1; } RAND_seed(buf, 20); return 0; } - log_fn(LOG_INFO, "Cannot seed RNG -- no entropy source found."); + log_fn(LOG_WARNING, "Cannot seed RNG -- no entropy source found."); return -1; } @@ -1053,3 +1046,4 @@ base64_decode(char *dest, int destlen, char *src, int srclen) ret += len; return ret; } + diff --git a/src/common/log.c b/src/common/log.c index 0b8a0bb386..f117b877e2 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -20,13 +20,9 @@ static INLINE const char *sev_to_string(int severity) { switch(severity) { case LOG_DEBUG: return "debug"; case LOG_INFO: return "info"; - case LOG_NOTICE: return "notice"; case LOG_WARNING: return "warn"; case LOG_ERR: return "err"; - case LOG_CRIT: return "crit"; - case LOG_ALERT: return "alert"; - case LOG_EMERG: return "emerg"; - default: return "UNKNOWN"; + default: assert(0); return "UNKNOWN"; } } @@ -167,3 +163,4 @@ void add_file_log(int loglevel, const char *filename) add_stream_log(loglevel, filename, f); logfiles->needs_close = 1; } + diff --git a/src/common/tortls.c b/src/common/tortls.c index 1046b49817..271c217904 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -214,7 +214,7 @@ tor_tls_context_new(crypto_pk_env_t *rsa, if (rsa) { cert = tor_tls_create_certificate(rsa, nickname); if (!cert) { - log(LOG_ERR, "Error creating certificate"); + log(LOG_WARNING, "Error creating certificate"); return -1; } } @@ -311,7 +311,7 @@ tor_tls_read(tor_tls *tls, char *cp, int len) r = SSL_read(tls->ssl, cp, len); if (r > 0) return r; - err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading", LOG_ERR); + err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading", LOG_INFO); if (err == _TOR_TLS_ZERORETURN) { tls->state = TOR_TLS_ST_CLOSED; return TOR_TLS_CLOSE; @@ -335,7 +335,7 @@ tor_tls_write(tor_tls *tls, char *cp, int n) if (n == 0) return 0; r = SSL_write(tls->ssl, cp, n); - err = tor_tls_get_error(tls, r, 0, "writing", LOG_ERR); + err = tor_tls_get_error(tls, r, 0, "writing", LOG_INFO); if (err == TOR_TLS_DONE) { return r; } else { @@ -358,7 +358,7 @@ tor_tls_handshake(tor_tls *tls) } else { r = SSL_connect(tls->ssl); } - r = tor_tls_get_error(tls,r,0, "handshaking", LOG_ERR); + r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO); if (r == TOR_TLS_DONE) { tls->state = TOR_TLS_ST_OPEN; } @@ -385,7 +385,7 @@ tor_tls_shutdown(tor_tls *tls) r = SSL_read(tls->ssl, buf, 128); } while (r>0); err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading to shut down", - LOG_ERR); + LOG_INFO); if (err == _TOR_TLS_ZERORETURN) { tls->state = TOR_TLS_ST_GOTCLOSE; /* fall through... */ @@ -401,7 +401,7 @@ tor_tls_shutdown(tor_tls *tls) return TOR_TLS_DONE; } err = tor_tls_get_error(tls, r, CATCH_SYSCALL|CATCH_ZERO, "shutting down", - LOG_ERR); + LOG_INFO); if (err == _TOR_TLS_SYSCALL) { /* The underlying TCP connection closed while we were shutting down. */ tls->state = TOR_TLS_ST_CLOSED; @@ -414,7 +414,7 @@ tor_tls_shutdown(tor_tls *tls) */ if (tls->state == TOR_TLS_ST_GOTCLOSE || tls->state == TOR_TLS_ST_SENTCLOSE) { - log(LOG_ERR, + log(LOG_WARNING, "TLS returned \"half-closed\" value while already half-closed"); return TOR_TLS_ERROR; } diff --git a/src/common/util.c b/src/common/util.c index 2e0f39c96c..a969f0dbd1 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -60,13 +60,13 @@ tv_udiff(struct timeval *start, struct timeval *end) long secdiff = end->tv_sec - start->tv_sec; if (secdiff+1 > LONG_MAX/1000000) { - log_fn(LOG_NOTICE, "comparing times too far apart."); + log_fn(LOG_WARNING, "comparing times too far apart."); return LONG_MAX; } udiff = secdiff*1000000L + (end_usec - start->tv_usec); if(udiff < 0) { - log_fn(LOG_NOTICE, "start is after end. Returning 0."); + log_fn(LOG_WARNING, "start is after end. Returning 0."); return 0; } return udiff; @@ -320,17 +320,17 @@ int check_private_dir(const char *dirname, int create) struct stat st; if (stat(dirname, &st)) { if (errno != ENOENT) { - log(LOG_ERR, "Directory %s cannot be read: %s", dirname, + log(LOG_WARNING, "Directory %s cannot be read: %s", dirname, strerror(errno)); return -1; } if (!create) { - log(LOG_ERR, "Directory %s does not exist.", dirname); + log(LOG_WARNING, "Directory %s does not exist.", dirname); return -1; } log(LOG_INFO, "Creating directory %s", dirname); if (mkdir(dirname, 0700)) { - log(LOG_ERR, "Error creating directory %s: %s", dirname, + log(LOG_WARNING, "Error creating directory %s: %s", dirname, strerror(errno)); return -1; } else { @@ -338,17 +338,17 @@ int check_private_dir(const char *dirname, int create) } } if (!(st.st_mode & S_IFDIR)) { - log(LOG_ERR, "%s is not a directory", dirname); + log(LOG_WARNING, "%s is not a directory", dirname); return -1; } if (st.st_uid != getuid()) { - log(LOG_ERR, "%s is not owned by this UID (%d)", dirname, getuid()); + log(LOG_WARNING, "%s is not owned by this UID (%d)", dirname, getuid()); return -1; } if (st.st_mode & 0077) { log(LOG_WARNING, "Fixing permissions on directory %s", dirname); if (chmod(dirname, 0700)) { - log(LOG_ERR, "Could not chmod directory %s: %s", dirname, + log(LOG_WARNING, "Could not chmod directory %s: %s", dirname, strerror(errno)); return -1; } else { @@ -365,28 +365,28 @@ write_str_to_file(const char *fname, const char *str) int fd; FILE *file; if (strlen(fname) > 1000) { - log(LOG_ERR, "Filename %s is too long.", fname); + log(LOG_WARNING, "Filename %s is too long.", fname); return -1; } strcpy(tempname,fname); strcat(tempname,".tmp"); if ((fd = open(tempname, O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0) { - log(LOG_ERR, "Couldn't open %s for writing: %s", tempname, + log(LOG_WARNING, "Couldn't open %s for writing: %s", tempname, strerror(errno)); return -1; } if (!(file = fdopen(fd, "w"))) { - log(LOG_ERR, "Couldn't fdopen %s for writing: %s", tempname, + log(LOG_WARNING, "Couldn't fdopen %s for writing: %s", tempname, strerror(errno)); close(fd); return -1; } if (fputs(str,file) == EOF) { - log(LOG_ERR, "Error writing to %s: %s", tempname, strerror(errno)); + log(LOG_WARNING, "Error writing to %s: %s", tempname, strerror(errno)); fclose(file); return -1; } fclose(file); if (rename(tempname, fname)) { - log(LOG_ERR, "Error replacing %s: %s", fname, strerror(errno)); + log(LOG_WARNING, "Error replacing %s: %s", fname, strerror(errno)); return -1; } return 0; diff --git a/src/or/config.c b/src/or/config.c index 348d8d7868..8c42480eee 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -277,24 +277,16 @@ int getconfig(int argc, char **argv, or_options_t *options) { /* Validate options */ if(options->LogLevel) { - if(!strcmp(options->LogLevel,"emerg")) - options->loglevel = LOG_EMERG; - else if(!strcmp(options->LogLevel,"alert")) - options->loglevel = LOG_ALERT; - else if(!strcmp(options->LogLevel,"crit")) - options->loglevel = LOG_CRIT; else if(!strcmp(options->LogLevel,"err")) options->loglevel = LOG_ERR; else if(!strcmp(options->LogLevel,"warning")) options->loglevel = LOG_WARNING; - else if(!strcmp(options->LogLevel,"notice")) - options->loglevel = LOG_NOTICE; else if(!strcmp(options->LogLevel,"info")) options->loglevel = LOG_INFO; else if(!strcmp(options->LogLevel,"debug")) options->loglevel = LOG_DEBUG; else { - log(LOG_ERR,"LogLevel must be one of emerg|alert|crit|err|warning|notice|info|debug."); + log(LOG_ERR,"LogLevel must be one of err|warning|info|debug."); result = -1; } } |