Commit 9e5cafc3 authored by Roger Dingledine's avatar Roger Dingledine
Browse files

first pass: obey log convention

ERR is if something fatal just happened

WARNING is something bad happened, but we're still running. The bad thing
is either a bug in the code, an attack or buggy protocol/implementation
of the remote peer, etc. The operator should examine the bad thing and
try to correct it.
(No error or warning messages should be expected. I expect most people
to run on -l warning eventually.)

NOTICE is never ever used.

INFO means something happened (maybe bad, maybe ok), but there's nothing
you need to (or can) do about it.

DEBUG is for everything louder than INFO.


svn:r486
parent db268414
......@@ -221,7 +221,7 @@ int write_to_buf(const char *string, int string_len, buf_t *buf) {
/* this is the point where you would grow the buffer, if you want to */
if (string_len + buf->datalen > buf->len) { /* we're out of luck */
log_fn(LOG_DEBUG, "buflen too small. Time to implement growing dynamic bufs.");
log_fn(LOG_WARNING, "buflen too small. Time to implement growing dynamic bufs.");
return -1;
}
......@@ -280,11 +280,11 @@ int fetch_from_buf_http(buf_t *buf,
log_fn(LOG_DEBUG,"headerlen %d, bodylen %d.",headerlen,bodylen);
if(headers_out && max_headerlen <= headerlen) {
log_fn(LOG_DEBUG,"headerlen %d larger than %d. Failing.", headerlen, max_headerlen-1);
log_fn(LOG_WARNING,"headerlen %d larger than %d. Failing.", headerlen, max_headerlen-1);
return -1;
}
if(body_out && max_bodylen <= bodylen) {
log_fn(LOG_DEBUG,"bodylen %d larger than %d. Failing.", bodylen, max_bodylen-1);
log_fn(LOG_WARNING,"bodylen %d larger than %d. Failing.", bodylen, max_bodylen-1);
return -1;
}
......@@ -346,33 +346,33 @@ int fetch_from_buf_socks(buf_t *buf,
socks4_info.destip = ntohl(*(uint32_t*)(buf->buf+4));
if(socks4_info.version != 4) {
log_fn(LOG_NOTICE,"Unrecognized version %d.",socks4_info.version);
log_fn(LOG_WARNING,"Unrecognized version %d.",socks4_info.version);
return -1;
}
if(socks4_info.command != 1) { /* not a connect? we don't support it. */
log_fn(LOG_NOTICE,"command %d not '1'.",socks4_info.command);
log_fn(LOG_WARNING,"command %d not '1'.",socks4_info.command);
return -1;
}
port = socks4_info.destport;
if(!port) {
log_fn(LOG_NOTICE,"Port is zero.");
log_fn(LOG_WARNING,"Port is zero.");
return -1;
}
if(!socks4_info.destip) {
log_fn(LOG_NOTICE,"DestIP is zero.");
log_fn(LOG_WARNING,"DestIP is zero.");
return -1;
}
if(socks4_info.destip >> 8) {
struct in_addr in;
log_fn(LOG_NOTICE,"destip not in form 0.0.0.x.");
log_fn(LOG_DEBUG,"destip not in form 0.0.0.x.");
in.s_addr = htonl(socks4_info.destip);
tmpbuf = inet_ntoa(in);
if(max_addrlen <= strlen(tmpbuf)) {
log_fn(LOG_DEBUG,"socks4 addr too long.");
log_fn(LOG_WARNING,"socks4 addr too long.");
return -1;
}
log_fn(LOG_DEBUG,"Successfully read destip (%s)", tmpbuf);
......@@ -393,7 +393,7 @@ int fetch_from_buf_socks(buf_t *buf,
return 0;
}
if(max_addrlen <= next-startaddr) {
log_fn(LOG_DEBUG,"Destaddr not here yet.");
log_fn(LOG_WARNING,"Destaddr too long.");
return -1;
}
}
......
......@@ -121,9 +121,8 @@ static void circuit_free_cpath_node(crypt_path_t *victim) {
static aci_t get_unique_aci_by_addr_port(uint32_t addr, uint16_t port, int aci_type) {
aci_t test_aci;
connection_t *conn;
#ifdef SEQUENTIAL_ACI
uint16_t high_bit;
high_bit = (aci_type == ACI_TYPE_HIGHER) ? 1<<15 : 0;
conn = connection_exact_get_by_addr_port(addr,port);
if (!conn)
......@@ -141,31 +140,6 @@ static aci_t get_unique_aci_by_addr_port(uint32_t addr, uint16_t port, int aci_t
}
test_aci |= high_bit;
} while(circuit_get_by_aci_conn(test_aci, conn));
return test_aci;
#else
try_again:
log_fn(LOG_DEBUG,"trying to get a unique aci");
if (CRYPTO_PSEUDO_RAND_INT(test_aci))
return -1;
if(aci_type == ACI_TYPE_LOWER && test_aci >= (1<<15))
test_aci -= (1<<15);
if(aci_type == ACI_TYPE_HIGHER && test_aci < (1<<15))
test_aci += (1<<15);
/* if aci_type == ACI_BOTH, don't filter any of it */
if(test_aci == 0)
goto try_again;
conn = connection_exact_get_by_addr_port(addr,port);
if(!conn) /* there can't be a conflict -- no connection of that sort yet */
return test_aci;
if(circuit_get_by_aci_conn(test_aci, conn))
goto try_again;
#endif
return test_aci;
}
......@@ -256,7 +230,7 @@ int circuit_deliver_relay_cell(cell_t *cell, circuit_t *circ,
log_fn(LOG_DEBUG,"direction %d, streamid %d before crypt.", cell_direction, *(int*)(cell->payload+1));
if(relay_crypt(circ, buf, 1+CELL_PAYLOAD_SIZE, cell_direction, &layer_hint, &recognized, &conn) < 0) {
log_fn(LOG_DEBUG,"relay crypt failed. Dropping connection.");
log_fn(LOG_WARNING,"relay crypt failed. Dropping connection.");
return -1;
}
......@@ -302,7 +276,7 @@ int relay_crypt(circuit_t *circ, char *in, int inlen, char cell_direction,
if(circ->cpath) { /* we're at the beginning of the circuit. We'll want to do layered crypts. */
thishop = circ->cpath;
if(thishop->state != CPATH_STATE_OPEN) {
log_fn(LOG_INFO,"Relay cell before first created cell?");
log_fn(LOG_WARNING,"Relay cell before first created cell?");
return -1;
}
do { /* Remember: cpath is in forward order, that is, first hop first. */
......@@ -311,7 +285,7 @@ int relay_crypt(circuit_t *circ, char *in, int inlen, char cell_direction,
log_fn(LOG_DEBUG,"before decrypt: %d",*(int*)(in+2));
/* decrypt */
if(crypto_cipher_decrypt(thishop->b_crypto, in, inlen, out)) {
log_fn(LOG_ERR,"Error performing decryption:%s",crypto_perror());
log_fn(LOG_WARNING,"Error performing onion decryption: %s", crypto_perror());
return -1;
}
memcpy(in,out,inlen);
......@@ -330,7 +304,7 @@ int relay_crypt(circuit_t *circ, char *in, int inlen, char cell_direction,
log_fn(LOG_DEBUG,"before encrypt: %d",*(int*)(in+2));
if(crypto_cipher_encrypt(circ->p_crypto, in, inlen, out)) {
log_fn(LOG_ERR,"Encryption failed for ACI : %u (%s).",
log_fn(LOG_WARNING,"Onion encryption failed for ACI %u: %s",
circ->p_aci, crypto_perror());
return -1;
}
......@@ -351,7 +325,7 @@ int relay_crypt(circuit_t *circ, char *in, int inlen, char cell_direction,
log_fn(LOG_DEBUG,"before encrypt: %d",*(int*)(in+2));
if(crypto_cipher_encrypt(thishop->f_crypto, in, inlen, out)) {
log_fn(LOG_ERR,"Error performing encryption:%s",crypto_perror());
log_fn(LOG_WARNING,"Error performing encryption: %s", crypto_perror());
return -1;
}
memcpy(in,out,inlen);
......@@ -362,7 +336,7 @@ int relay_crypt(circuit_t *circ, char *in, int inlen, char cell_direction,
} else { /* we're in the middle. Just one crypt. */
if(crypto_cipher_decrypt(circ->n_crypto,in, inlen, out)) {
log_fn(LOG_ERR,"Decryption failed for ACI : %u (%s).",
log_fn(LOG_WARNING,"Decryption failed for ACI %u: %s",
circ->n_aci, crypto_perror());
return -1;
}
......@@ -645,7 +619,7 @@ void circuit_launch_new(int failure_status) {
retry_circuit:
if(failures > 5) {
log_fn(LOG_INFO,"Giving up, %d failures.", failures);
log_fn(LOG_INFO,"Giving up for now, %d failures.", failures);
return;
}
......@@ -667,7 +641,7 @@ int circuit_establish_circuit(void) {
circ->state = CIRCUIT_STATE_OR_WAIT;
circ->cpath = onion_generate_cpath(&firsthop);
if(!circ->cpath) {
log_fn(LOG_DEBUG,"Generating cpath failed.");
log_fn(LOG_INFO,"Generating cpath failed.");
circuit_close(circ);
return -1;
}
......@@ -681,7 +655,7 @@ int circuit_establish_circuit(void) {
circ->n_addr = firsthop->addr;
circ->n_port = firsthop->or_port;
if(options.OnionRouter) { /* we would be connected if he were up. but he's not. */
log_fn(LOG_DEBUG,"Route's firsthop isn't connected.");
log_fn(LOG_INFO,"Route's firsthop isn't connected.");
circuit_close(circ);
return -1;
}
......@@ -689,7 +663,7 @@ int circuit_establish_circuit(void) {
if(!n_conn) { /* launch the connection */
n_conn = connection_or_connect(firsthop);
if(!n_conn) { /* connect failed, forget the whole thing */
log_fn(LOG_DEBUG,"connect to firsthop failed. Closing.");
log_fn(LOG_INFO,"connect to firsthop failed. Closing.");
circuit_close(circ);
return -1;
}
......@@ -705,7 +679,7 @@ int circuit_establish_circuit(void) {
circ->n_conn = n_conn;
log_fn(LOG_DEBUG,"Conn open. Delivering first onion skin.");
if(circuit_send_next_onion_skin(circ) < 0) {
log_fn(LOG_DEBUG,"circuit_send_next_onion_skin failed.");
log_fn(LOG_INFO,"circuit_send_next_onion_skin failed.");
circuit_close(circ);
return -1;
}
......@@ -726,7 +700,7 @@ void circuit_n_conn_open(connection_t *or_conn) {
log_fn(LOG_DEBUG,"Found circ, sending onion skin.");
circ->n_conn = or_conn;
if(circuit_send_next_onion_skin(circ) < 0) {
log_fn(LOG_DEBUG,"circuit marked for closing.");
log_fn(LOG_INFO,"send_next_onion_skin failed; circuit marked for closing.");
circuit_close(circ);
return; /* FIXME will want to try the other circuits too? */
}
......@@ -752,7 +726,7 @@ int circuit_send_next_onion_skin(circuit_t *circ) {
cell.length = DH_ONIONSKIN_LEN;
if(onion_skin_create(circ->n_conn->onion_pkey, &(circ->cpath->handshake_state), cell.payload) < 0) {
log_fn(LOG_INFO,"onion_skin_create (first hop) failed.");
log_fn(LOG_WARNING,"onion_skin_create (first hop) failed.");
return -1;
}
......@@ -772,13 +746,13 @@ int circuit_send_next_onion_skin(circuit_t *circ) {
hop=hop->next) ;
if(hop == circ->cpath) { /* done building the circuit. whew. */
circ->state = CIRCUIT_STATE_OPEN;
log_fn(LOG_DEBUG,"circuit built!");
log_fn(LOG_INFO,"circuit built!");
return 0;
}
router = router_get_by_addr_port(hop->addr,hop->port);
if(!router) {
log_fn(LOG_INFO,"couldn't lookup router %d:%d",hop->addr,hop->port);
log_fn(LOG_WARNING,"couldn't lookup router %d:%d",hop->addr,hop->port);
return -1;
}
......@@ -792,14 +766,14 @@ int circuit_send_next_onion_skin(circuit_t *circ) {
*(uint32_t*)(cell.payload+RELAY_HEADER_SIZE) = htonl(hop->addr);
*(uint16_t*)(cell.payload+RELAY_HEADER_SIZE+4) = htons(hop->port);
if(onion_skin_create(router->onion_pkey, &(hop->handshake_state), cell.payload+RELAY_HEADER_SIZE+6) < 0) {
log_fn(LOG_INFO,"onion_skin_create failed.");
log_fn(LOG_WARNING,"onion_skin_create failed.");
return -1;
}
log_fn(LOG_DEBUG,"Sending extend relay cell.");
/* send it to hop->prev, because it will transfer it to a create cell and then send to hop */
if(circuit_deliver_relay_cell(&cell, circ, CELL_DIRECTION_OUT, hop->prev) < 0) {
log_fn(LOG_DEBUG,"failed to deliver extend cell. Closing.");
log_fn(LOG_WARNING,"failed to deliver extend cell. Closing.");
return -1;
}
hop->state = CPATH_STATE_AWAITING_KEYS;
......@@ -855,7 +829,7 @@ int circuit_extend(cell_t *cell, circuit_t *circ) {
log_fn(LOG_DEBUG,"aci_type = %u.",aci_type);
circ->n_aci = get_unique_aci_by_addr_port(circ->n_addr, circ->n_port, aci_type);
if(!circ->n_aci) {
log_fn(LOG_ERR,"failed to get unique aci.");
log_fn(LOG_WARNING,"failed to get unique aci.");
return -1;
}
log_fn(LOG_DEBUG,"Chosen ACI %u.",circ->n_aci);
......@@ -889,14 +863,14 @@ int circuit_finish_handshake(circuit_t *circ, char *reply) {
hop != circ->cpath && hop->state == CPATH_STATE_OPEN;
hop=hop->next) ;
if(hop == circ->cpath) { /* got an extended when we're all done? */
log_fn(LOG_INFO,"got extended when circ already built? Closing.");
log_fn(LOG_WARNING,"got extended when circ already built? Closing.");
return -1;
}
}
assert(hop->state == CPATH_STATE_AWAITING_KEYS);
if(onion_skin_client_handshake(hop->handshake_state, reply, keys, 32) < 0) {
log_fn(LOG_ERR,"onion_skin_client_handshake failed.");
log_fn(LOG_WARNING,"onion_skin_client_handshake failed.");
return -1;
}
......@@ -906,18 +880,18 @@ int circuit_finish_handshake(circuit_t *circ, char *reply) {
log_fn(LOG_DEBUG,"hop %d init cipher forward %d, backward %d.", (uint32_t)hop, *(uint32_t*)keys, *(uint32_t*)(keys+16));
if (!(hop->f_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,keys,iv,1))) {
log(LOG_ERR,"Cipher initialization failed.");
log(LOG_WARNING,"forward cipher initialization failed.");
return -1;
}
if (!(hop->b_crypto =
crypto_create_init_cipher(CIRCUIT_CIPHER,keys+16,iv,0))) {
log(LOG_ERR,"Cipher initialization failed.");
log(LOG_WARNING,"backward cipher initialization failed.");
return -1;
}
hop->state = CPATH_STATE_OPEN;
log_fn(LOG_DEBUG,"Completed.");
log_fn(LOG_INFO,"finished");
return 0;
}
......@@ -935,7 +909,7 @@ int circuit_truncated(circuit_t *circ, crypt_path_t *layer) {
for(stream = circ->p_streams; stream; stream=stream->next_stream) {
if(stream->cpath_layer == victim) {
log_fn(LOG_DEBUG, "Marking stream %d for close.", *(int*)stream->stream_id);
log_fn(LOG_INFO, "Marking stream %d for close.", *(int*)stream->stream_id);
stream->marked_for_close = 1;
}
}
......@@ -944,7 +918,7 @@ int circuit_truncated(circuit_t *circ, crypt_path_t *layer) {
circuit_free_cpath_node(victim);
}
log_fn(LOG_DEBUG, "Complete.");
log_fn(LOG_INFO, "finished");
return 0;
}
......
......@@ -77,7 +77,7 @@ void command_process_cell(cell_t *cell, connection_t *conn) {
command_process_destroy_cell);
break;
default:
log(LOG_DEBUG,"Cell of unknown type (%d) received. Dropping.", cell->command);
log_fn(LOG_WARNING,"Cell of unknown type (%d) received. Dropping.", cell->command);
break;
}
}
......@@ -88,14 +88,14 @@ static void command_process_create_cell(cell_t *cell, connection_t *conn) {
circ = circuit_get_by_aci_conn(cell->aci, conn);
if(circ) {
log_fn(LOG_DEBUG,"received CREATE cell for known circ. Dropping.");
log_fn(LOG_WARNING,"received CREATE cell for known circ. Dropping.");
return;
}
circ = circuit_new(cell->aci, conn);
circ->state = CIRCUIT_STATE_ONIONSKIN_PENDING;
if(cell->length != DH_ONIONSKIN_LEN) {
log_fn(LOG_DEBUG,"Bad cell length %d. Dropping.", cell->length);
log_fn(LOG_WARNING,"Bad cell length %d. Dropping.", cell->length);
circuit_close(circ);
return;
}
......@@ -104,11 +104,11 @@ static void command_process_create_cell(cell_t *cell, connection_t *conn) {
/* hand it off to the cpuworkers, and then return */
if(assign_to_cpuworker(NULL, CPUWORKER_TASK_ONION, circ) < 0) {
log_fn(LOG_DEBUG,"Failed to hand off onionskin. Closing.");
log_fn(LOG_WARNING,"Failed to hand off onionskin. Closing.");
circuit_close(circ);
return;
}
log_fn(LOG_DEBUG,"success: handed off onionskin.");
log_fn(LOG_INFO,"success: handed off onionskin.");
}
static void command_process_created_cell(cell_t *cell, connection_t *conn) {
......@@ -118,12 +118,13 @@ static void command_process_created_cell(cell_t *cell, connection_t *conn) {
circ = circuit_get_by_aci_conn(cell->aci, conn);
if(!circ) {
log_fn(LOG_DEBUG,"received CREATED cell for unknown circ. Dropping.");
log_fn(LOG_WARNING,"received CREATED cell for unknown circ. Dropping.");
return;
}
if(circ->n_aci != cell->aci) {
log_fn(LOG_DEBUG,"got created cell from OPward? Dropping.");
log_fn(LOG_WARNING,"got created cell from OPward? Closing.");
circuit_close(circ);
return;
}
assert(cell->length == DH_KEY_LEN);
......@@ -131,13 +132,13 @@ static void command_process_created_cell(cell_t *cell, connection_t *conn) {
if(circ->cpath) { /* we're the OP. Handshake this. */
log_fn(LOG_DEBUG,"at OP. Finishing handshake.");
if(circuit_finish_handshake(circ, cell->payload) < 0) {
log_fn(LOG_INFO,"circuit_finish_handshake failed.");
log_fn(LOG_WARNING,"circuit_finish_handshake failed.");
circuit_close(circ);
return;
}
log_fn(LOG_DEBUG,"Moving to next skin.");
if(circuit_send_next_onion_skin(circ) < 0) {
log_fn(LOG_INFO,"circuit_send_next_onion_skin failed.");
log_fn(LOG_WARNING,"circuit_send_next_onion_skin failed.");
circuit_close(circ);
return;
}
......@@ -151,9 +152,9 @@ static void command_process_created_cell(cell_t *cell, connection_t *conn) {
newcell.length = RELAY_HEADER_SIZE + cell->length;
memcpy(newcell.payload+RELAY_HEADER_SIZE, cell->payload, DH_KEY_LEN);
log_fn(LOG_DEBUG,"Sending extended relay cell.");
log_fn(LOG_INFO,"Converting created cell to extended relay cell, sending.");
if(circuit_deliver_relay_cell(&newcell, circ, CELL_DIRECTION_IN, NULL) < 0) {
log_fn(LOG_DEBUG,"failed to deliver extended cell. Closing.");
log_fn(LOG_WARNING,"failed to deliver extended cell. Closing.");
circuit_close(circ);
return;
}
......@@ -166,26 +167,27 @@ static void command_process_relay_cell(cell_t *cell, connection_t *conn) {
circ = circuit_get_by_aci_conn(cell->aci, conn);
if(!circ) {
log_fn(LOG_DEBUG,"unknown circuit %d. Dropping.", cell->aci);
log_fn(LOG_INFO,"unknown circuit %d. Dropping.", cell->aci);
return;
}
if(circ->state == CIRCUIT_STATE_ONIONSKIN_PENDING) {
log_fn(LOG_DEBUG,"circuit in create_wait. Dropping.");
log_fn(LOG_WARNING,"circuit in create_wait. Closing.");
circuit_close(circ);
return;
}
if(cell->aci == circ->p_aci) { /* it's an outgoing cell */
cell->aci = circ->n_aci; /* switch it */
if(circuit_deliver_relay_cell(cell, circ, CELL_DIRECTION_OUT, conn->cpath_layer) < 0) {
log_fn(LOG_INFO,"circuit_deliver_relay_cell (forward) failed. Closing.");
log_fn(LOG_WARNING,"circuit_deliver_relay_cell (forward) failed. Closing.");
circuit_close(circ);
return;
}
} else { /* it's an ingoing cell */
cell->aci = circ->p_aci; /* switch it */
if(circuit_deliver_relay_cell(cell, circ, CELL_DIRECTION_IN, NULL) < 0) {
log_fn(LOG_DEBUG,"circuit_deliver_relay_cell (backward) failed. Closing.");
log_fn(LOG_WARNING,"circuit_deliver_relay_cell (backward) failed. Closing.");
circuit_close(circ);
return;
}
......@@ -198,7 +200,7 @@ static void command_process_destroy_cell(cell_t *cell, connection_t *conn) {
circ = circuit_get_by_aci_conn(cell->aci, conn);
if(!circ) {
log_fn(LOG_DEBUG,"unknown circuit %d. Dropping.", cell->aci);
log_fn(LOG_INFO,"unknown circuit %d. Dropping.", cell->aci);
return;
}
......
......@@ -163,7 +163,7 @@ static int config_compare(struct config_line *c, char *key, int type, void *arg)
case CONFIG_TYPE_BOOL:
i = atoi(c->value);
if (i != 0 && i != 1) {
log(LOG_ERR, "Boolean keyword '%s' expects 0 or 1", c->key);
log(LOG_WARNING, "Boolean keyword '%s' expects 0 or 1", c->key);
return 0;
}
*(int *)arg = i;
......@@ -259,7 +259,7 @@ int getconfig(int argc, char **argv, or_options_t *options) {
log(LOG_DEBUG,"Opening config file '%s'",fname);
cf = config_open(fname);
if(!cf) { /* it's defined but not there. that's no good. */
if(!cf) {
log(LOG_ERR, "Unable to open configuration file '%s'.",fname);
return -1;
}
......
......@@ -129,7 +129,7 @@ int connection_create_listener(struct sockaddr_in *bindaddr, int type) {
s = socket(PF_INET,SOCK_STREAM,IPPROTO_TCP);
if (s < 0) {
log_fn(LOG_ERR,"Socket creation failed.");
log_fn(LOG_WARNING,"Socket creation failed.");
return -1;
}
......@@ -137,12 +137,12 @@ int connection_create_listener(struct sockaddr_in *bindaddr, int type) {
if(bind(s,(struct sockaddr *)bindaddr,sizeof(*bindaddr)) < 0) {
perror("bind ");
log(LOG_ERR,"Could not bind to port %u.",ntohs(bindaddr->sin_port));
log(LOG_WARNING,"Could not bind to port %u.",ntohs(bindaddr->sin_port));
return -1;
}
if(listen(s,SOMAXCONN) < 0) {
log(LOG_ERR,"Could not listen on port %u.",ntohs(bindaddr->sin_port));
log(LOG_WARNING,"Could not listen on port %u.",ntohs(bindaddr->sin_port));
return -1;
}
......@@ -150,7 +150,7 @@ int connection_create_listener(struct sockaddr_in *bindaddr, int type) {
conn = connection_new(type);
if(!conn) {
log_fn(LOG_DEBUG,"connection_new failed. Giving up.");
log_fn(LOG_WARNING,"connection_new failed. Giving up.");
return -1;
}
conn->s = s;
......@@ -158,7 +158,7 @@ int connection_create_listener(struct sockaddr_in *bindaddr, int type) {
conn->bandwidth = -1;
if(connection_add(conn) < 0) { /* no space, forget it */
log_fn(LOG_DEBUG,"connection_add failed. Giving up.");
log_fn(LOG_WARNING,"connection_add failed. Giving up.");
connection_free(conn);
return -1;
}
......@@ -172,7 +172,6 @@ int connection_create_listener(struct sockaddr_in *bindaddr, int type) {
}
int connection_handle_listener_read(connection_t *conn, int new_type) {
int news; /* the new socket */
connection_t *newconn;
struct sockaddr_in remote; /* information about the remote peer when connecting to other routers */
......@@ -193,7 +192,7 @@ int connection_handle_listener_read(connection_t *conn, int new_type) {
#endif
}
/* else there was a real error. */
log_fn(LOG_ERR,"accept() failed. Closing.");
log_fn(LOG_WARNING,"accept() failed. Closing listener.");
return -1;
}
log(LOG_INFO,"Connection accepted on socket %d (child of fd %d).",news, conn->s);
......@@ -201,6 +200,10 @@ int connection_handle_listener_read(connection_t *conn, int new_type) {
set_socket_nonblocking(news);
newconn = connection_new(new_type);
if(!newconn) {
log_fn(LOG_WARNING,"connection_new failed. Giving up.");
return 0;
}
newconn->s = news;
if(!connection_speaks_cells(newconn)) {
......@@ -230,9 +233,7 @@ static int connection_init_accepted_conn(connection_t *conn) {
switch(conn->type) {
case CONN_TYPE_OR:
if(connection_tls_start_handshake(conn, 1) < 0)
return -1;
break;
return connection_tls_start_handshake(conn, 1);
case CONN_TYPE_AP:
conn->state = AP_CONN_STATE_SOCKS_WAIT;
break;
......@@ -247,7 +248,7 @@ int connection_tls_start_handshake(connection_t *conn, int receiving) {
conn->state = OR_CONN_STATE_HANDSHAKING;
conn->tls = tor_tls_new(conn->s, receiving);
if(!conn->tls) {
log_fn(LOG_ERR,"tor_tls_new failed. Closing.");
log_fn(LOG_WARNING,"tor_tls_new failed. Closing.");
return -1;
}
connection_start_reading(conn);
......@@ -261,7 +262,7 @@ static int connection_tls_continue_handshake(connection_t *conn) {
switch(tor_tls_handshake(conn->tls)) {
case TOR_TLS_ERROR:
case TOR_TLS_CLOSE:
log_fn(LOG_DEBUG,"tls error. breaking.");
log_fn(LOG_INFO,"tls error. breaking.");
return -1;
case TOR_TLS_DONE:
return connection_tls_finish_handshake(conn);
......@@ -288,25 +289,25 @@ static int connection_tls_finish_handshake(connection_t *conn) {
if(tor_tls_peer_has_cert(conn->tls)) { /* it's another OR */
pk = tor_tls_verify(conn->tls);
if(!pk) {
log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing.");
log_fn(LOG_WARNING,"Other side has a cert but it's invalid. Closing.");
return -1;
}
router = router_get_by_link_pk(pk);
if (!router) {
log_fn(LOG_INFO,"Unrecognized public key from peer. Closing.");
log_fn(LOG_WARNING,"Unrecognized public key from peer. Closing.");
crypto_free_pk_env(pk);
return -1;
}
if(conn->link_pkey) { /* I initiated this connection. */
if(crypto_pk_cmp_keys(conn->link_pkey, pk)) {
log_fn(LOG_INFO,"We connected to '%s' but he gave us a different key. Closing.", router->nickname);
log_fn(LOG_WARNING,"We connected to '%s' but he gave us a different key. Closing.", router->nickname);
crypto_free_pk_env(pk);
return -1;
}
log_fn(LOG_DEBUG,"The router's pk matches the one we meant to connect to. Good.");
} else {
if(connection_exact_get_by_addr_port(router->addr,router->or_port)) {
log_fn(LOG_INFO,"That router is already connected. Dropping.");
log_fn(LOG_INFO,"Router %s is already connected. Dropping.", router->nickname);
return -1;
}
connection_or_init_conn_from_router(conn, router);
......@@ -317,22 +318,22 @@ static int connection_tls_finish_handshake(connection_t *conn) {
}
} else { /* I'm a client */
if(!tor_tls_peer_has_cert(conn->tls)) { /* it's a client too?! */
log_fn(LOG_INFO,"Neither peer sent a cert! Closing.");
log_fn(LOG_WARNING,"Neither peer sent a cert! Closing.");
return -1;
}
pk = tor_tls_verify(conn->tls);
if(!pk) {
log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing.");
log_fn(LOG_WARNING,"Other side has a cert but it's invalid. Closing.");
return -1;
}
router = router_get_by_link_pk(pk);
if (!router) {
log_fn(LOG_INFO,"Unrecognized public key from peer. Closing.");
log_fn(LOG_WARNING,"Unrecognized public key from peer. Closing.");
crypto_free_pk_env(pk);
return -1;
}
if(crypto_pk_cmp_keys(conn->link_pkey, pk)) {
log_fn(LOG_INFO,"We connected to '%s' but he gave us a different key. Closing.", router->nickname);
log_fn(LOG_WARNING,"We connected to '%s' but he gave us a different key. Closing.", router->nickname);
crypto_free_pk_env(pk);
return -1;
}
......@@ -355,7 +356,7 @@ int connection_connect(connection_t *conn, char *address, uint32_t addr, uint16_
s=socket(PF_INET,SOCK_STREAM,IPPROTO_TCP);
if (s < 0) {
log_fn(LOG_ERR,"Error creating network socket.");
log_fn(LOG_WARNING,"Error creating network socket.");
return -1;
}
set_socket_nonblocking(s);
......@@ -371,7 +372,7 @@ int connection_connect(connection_t *conn, char *address, uint32_t addr, uint16_
if(!ERRNO_CONN_EINPROGRESS(errno)) {
/* yuck. kill it. */
perror("connect");
log_fn(LOG_DEBUG,"Connect failed.");
log_fn(LOG_INFO,"Connect() to %s:%u failed.",address,port);