Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netipsec Introduce IPSECLOG and replace ipseclog and DPR...
details: https://anonhg.NetBSD.org/src/rev/b3b0035b9682
branches: trunk
changeset: 353718:b3b0035b9682
user: ozaki-r <ozaki-r%NetBSD.org@localhost>
date: Fri May 19 04:34:09 2017 +0000
description:
Introduce IPSECLOG and replace ipseclog and DPRINTF with it
diffstat:
sys/netipsec/ipsec.c | 63 ++++++++++++++++++-------------------
sys/netipsec/ipsec.h | 9 ++++-
sys/netipsec/ipsec_input.c | 75 +++++++++++++++++++++-----------------------
sys/netipsec/ipsec_mbuf.c | 19 ++++++-----
sys/netipsec/ipsec_output.c | 34 ++++++++++----------
5 files changed, 102 insertions(+), 98 deletions(-)
diffs (truncated from 609 to 300 lines):
diff -r 160b7122f61d -r b3b0035b9682 sys/netipsec/ipsec.c
--- a/sys/netipsec/ipsec.c Fri May 19 04:20:45 2017 +0000
+++ b/sys/netipsec/ipsec.c Fri May 19 04:34:09 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.91 2017/05/16 07:25:57 ozaki-r Exp $ */
+/* $NetBSD: ipsec.c,v 1.92 2017/05/19 04:34:09 ozaki-r Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.91 2017/05/16 07:25:57 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.92 2017/05/19 04:34:09 ozaki-r Exp $");
/*
* IPsec controller part.
@@ -389,8 +389,8 @@
if (sp->policy != IPSEC_POLICY_DISCARD &&
sp->policy != IPSEC_POLICY_NONE) {
- ipseclog((LOG_INFO, "fixed system default policy: %d->%d\n",
- sp->policy, IPSEC_POLICY_NONE));
+ IPSECLOG(LOG_INFO, "fixed system default policy: %d->%d\n",
+ sp->policy, IPSEC_POLICY_NONE);
sp->policy = IPSEC_POLICY_NONE;
}
sp->refcnt++;
@@ -525,8 +525,8 @@
break;
default:
- ipseclog((LOG_ERR, "%s: Invalid policy for PCB %d\n",
- __func__, currsp->policy));
+ IPSECLOG(LOG_ERR, "Invalid policy for PCB %d\n",
+ currsp->policy);
*error = EINVAL;
return NULL;
}
@@ -535,9 +535,9 @@
if (sp == NULL) { /* no SP found */
switch (currsp->policy) {
case IPSEC_POLICY_BYPASS:
- ipseclog((LOG_ERR, "%s: Illegal policy for "
- "non-priviliged defined %d\n", __func__,
- currsp->policy));
+ IPSECLOG(LOG_ERR, "Illegal policy for "
+ "non-priviliged defined %d\n",
+ currsp->policy);
*error = EINVAL;
return NULL;
@@ -551,8 +551,8 @@
break;
default:
- ipseclog((LOG_ERR, "%s: Invalid policy for "
- "PCB %d\n", __func__, currsp->policy));
+ IPSECLOG(LOG_ERR, "Invalid policy for "
+ "PCB %d\n", currsp->policy);
*error = EINVAL;
return NULL;
}
@@ -592,8 +592,7 @@
/* Make an index to look for a policy. */
*error = ipsec_setspidx(m, &spidx, (flag & IP_FORWARDING) ? 0 : 1);
if (*error != 0) {
- DPRINTF(("%s: setpidx failed, dir %u flag %u\n", __func__,
- dir, flag));
+ IPSECLOG(LOG_DEBUG, "setpidx failed, dir %u flag %u\n", dir, flag);
memset(&spidx, 0, sizeof (spidx));
return NULL;
}
@@ -652,7 +651,7 @@
if (*error != 0) {
KEY_FREESP(&sp);
sp = NULL;
- DPRINTF(("%s: done, error %d\n", __func__, *error));
+ IPSECLOG(LOG_DEBUG, "done, error %d\n", *error);
}
return sp;
}
@@ -898,7 +897,7 @@
if (*error != 0) {
KEY_FREESP(&sp);
sp = NULL;
- DPRINTF(("%s: done, error %d\n", __func__, *error));
+ IPSECLOG(LOG_DEBUG, "done, error %d\n", *error);
}
return sp;
}
@@ -1279,7 +1278,7 @@
new = kmem_intr_zalloc(sizeof(*new), KM_NOSLEEP);
if (new == NULL) {
- ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
+ IPSECLOG(LOG_DEBUG, "No more memory.\n");
return ENOBUFS;
}
@@ -1458,7 +1457,7 @@
*mp = key_sp2msg(policy);
if (!*mp) {
- ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
+ IPSECLOG(LOG_DEBUG, "No more memory.\n");
return ENOBUFS;
}
@@ -1498,8 +1497,8 @@
policy = &inp->inp_sp->sp_out;
break;
default:
- ipseclog((LOG_ERR, "%s: invalid direction=%u\n", __func__,
- xpl->sadb_x_policy_dir));
+ IPSECLOG(LOG_ERR, "invalid direction=%u\n",
+ xpl->sadb_x_policy_dir);
return EINVAL;
}
@@ -1530,8 +1529,8 @@
policy = inp->inp_sp->sp_out;
break;
default:
- ipseclog((LOG_ERR, "%s: invalid direction=%u\n", __func__,
- xpl->sadb_x_policy_dir));
+ IPSECLOG(LOG_ERR, "invalid direction=%u\n",
+ xpl->sadb_x_policy_dir);
return EINVAL;
}
@@ -1588,8 +1587,8 @@
policy = &in6p->in6p_sp->sp_out;
break;
default:
- ipseclog((LOG_ERR, "%s: invalid direction=%u\n", __func__,
- xpl->sadb_x_policy_dir));
+ IPSECLOG(LOG_ERR, "invalid direction=%u\n",
+ xpl->sadb_x_policy_dir);
return EINVAL;
}
@@ -1620,8 +1619,8 @@
policy = in6p->in6p_sp->sp_out;
break;
default:
- ipseclog((LOG_ERR, "%s: invalid direction=%u\n", __func__,
- xpl->sadb_x_policy_dir));
+ IPSECLOG(LOG_ERR, "invalid direction=%u\n",
+ xpl->sadb_x_policy_dir);
return EINVAL;
}
@@ -1953,10 +1952,10 @@
break;
#endif
default:
- ipseclog((LOG_ERR, "%s: unknown AF %d in "
- "IPsec tunnel SA\n", __func__,
+ IPSECLOG(LOG_ERR, "unknown AF %d in "
+ "IPsec tunnel SA\n",
((const struct sockaddr *)&isr->saidx.dst)
- ->sa_family));
+ ->sa_family);
break;
}
}
@@ -2185,8 +2184,8 @@
if ((sav->flags & SADB_X_EXT_CYCSEQ) == 0)
return 1;
- ipseclog((LOG_WARNING, "replay counter made %d cycle. %s\n",
- replay->overflow, ipsec_logsastr(sav, buf, sizeof(buf))));
+ IPSECLOG(LOG_WARNING, "replay counter made %d cycle. %s\n",
+ replay->overflow, ipsec_logsastr(sav, buf, sizeof(buf)));
}
replay->count++;
@@ -2365,7 +2364,7 @@
} else {
/* XXX error stat??? */
error = EINVAL;
- DPRINTF(("%s: no SP, packet discarded\n", __func__));/*XXX*/
+ IPSECLOG(LOG_DEBUG, "no SP, packet discarded\n");/*XXX*/
}
splx(s);
@@ -2403,7 +2402,7 @@
if (xsp->xf_type == xftype)
return (*xsp->xf_init)(sav, xsp);
- DPRINTF(("%s: no match for xform type %d\n", __func__, xftype));
+ IPSECLOG(LOG_DEBUG, "no match for xform type %d\n", xftype);
return EINVAL;
}
diff -r 160b7122f61d -r b3b0035b9682 sys/netipsec/ipsec.h
--- a/sys/netipsec/ipsec.h Fri May 19 04:20:45 2017 +0000
+++ b/sys/netipsec/ipsec.h Fri May 19 04:34:09 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.h,v 1.47 2017/05/11 05:55:14 ryo Exp $ */
+/* $NetBSD: ipsec.h,v 1.48 2017/05/19 04:34:09 ozaki-r Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
@@ -242,10 +242,17 @@
extern int ip4_esp_randpad;
extern int crypto_support;
+#include <sys/syslog.h>
#define ipseclog(x) do { if (ipsec_debug) log x; } while (0)
/* for openbsd compatibility */
#define DPRINTF(x) do { if (ipsec_debug) printf x; } while (0)
+#define IPSECLOG(level, fmt, args...) \
+ do { \
+ if (ipsec_debug) \
+ log(level, "%s: " fmt, __func__, ##args); \
+ } while (0)
+
void ipsec_pcbconn (struct inpcbpolicy *);
void ipsec_pcbdisconn (struct inpcbpolicy *);
void ipsec_invalpcbcacheall (void);
diff -r 160b7122f61d -r b3b0035b9682 sys/netipsec/ipsec_input.c
--- a/sys/netipsec/ipsec_input.c Fri May 19 04:20:45 2017 +0000
+++ b/sys/netipsec/ipsec_input.c Fri May 19 04:34:09 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec_input.c,v 1.42 2017/05/11 05:55:14 ryo Exp $ */
+/* $NetBSD: ipsec_input.c,v 1.43 2017/05/19 04:34:09 ozaki-r Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec_input.c,v 1.2.4.2 2003/03/28 20:32:53 sam Exp $ */
/* $OpenBSD: ipsec_input.c,v 1.63 2003/02/20 18:35:43 deraadt Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.42 2017/05/11 05:55:14 ryo Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.43 2017/05/19 04:34:09 ozaki-r Exp $");
/*
* IPsec input processing.
@@ -148,7 +148,7 @@
m_freem(m);
IPSEC_ISTAT(sproto, ESP_STAT_HDROPS, AH_STAT_HDROPS,
IPCOMP_STAT_HDROPS);
- DPRINTF(("ipsec_common_input: packet too small\n"));
+ IPSECLOG(LOG_DEBUG, "packet too small\n");
return EINVAL;
}
@@ -199,8 +199,7 @@
break;
#endif /* INET6 */
default:
- DPRINTF(("ipsec_common_input: unsupported protocol "
- "family %u\n", af));
+ IPSECLOG(LOG_DEBUG, "unsupported protocol family %u\n", af);
m_freem(m);
IPSEC_ISTAT(sproto, ESP_STAT_NOPF, AH_STAT_NOPF,
IPCOMP_STAT_NOPF);
@@ -212,10 +211,10 @@
/* NB: only pass dst since key_allocsa follows RFC2401 */
sav = KEY_ALLOCSA(&dst_address, sproto, spi, sport, dport);
if (sav == NULL) {
- DPRINTF(("ipsec_common_input: no key association found for"
- " SA %s/%08lx/%u/%u\n",
- ipsec_address(&dst_address, buf, sizeof(buf)),
- (u_long) ntohl(spi), sproto, ntohs(dport)));
+ IPSECLOG(LOG_DEBUG,
+ "no key association found for SA %s/%08lx/%u/%u\n",
+ ipsec_address(&dst_address, buf, sizeof(buf)),
+ (u_long) ntohl(spi), sproto, ntohs(dport));
IPSEC_ISTAT(sproto, ESP_STAT_NOTDB, AH_STAT_NOTDB,
IPCOMP_STAT_NOTDB);
splx(s);
@@ -224,10 +223,10 @@
}
if (sav->tdb_xform == NULL) {
- DPRINTF(("ipsec_common_input: attempted to use uninitialized"
- " SA %s/%08lx/%u\n",
- ipsec_address(&dst_address, buf, sizeof(buf)),
- (u_long) ntohl(spi), sproto));
+ IPSECLOG(LOG_DEBUG,
+ "attempted to use uninitialized SA %s/%08lx/%u\n",
+ ipsec_address(&dst_address, buf, sizeof(buf)),
+ (u_long) ntohl(spi), sproto);
IPSEC_ISTAT(sproto, ESP_STAT_NOXFORM, AH_STAT_NOXFORM,
IPCOMP_STAT_NOXFORM);
KEY_FREESAV(&sav);
@@ -297,7 +296,7 @@
/* Sanity check */
if (m == NULL) {
- DPRINTF(("ipsec4_common_input_cb: null mbuf"));
+ IPSECLOG(LOG_DEBUG, "null mbuf");
IPSEC_ISTAT(sproto, ESP_STAT_BADKCR, AH_STAT_BADKCR,
IPCOMP_STAT_BADKCR);
KEY_FREESAV(&sav);
Home |
Main Index |
Thread Index |
Old Index