Merge branch 'tmp-log-simple' into 'master'

Clean ups on logging

See merge request openconnect/ocserv!266

.gitlab-ci.yml

@@ -7,7 +7,7 @@ variables:
   ALPINE_BUILD: buildenv-alpine
   DEBIAN_BUILD: buildenv-debian
   DEBIAN_X86_CROSS_BUILD: buildenv-debian-x86
-  FEDORA_BUILD: buildenv-fedora
+  FEDORA_BUILD: buildenv-fedora34
   UBUNTU16_BUILD: buildenv-ubuntu
   UBUNTU20_BUILD: buildenv-ubuntu20
   CENTOS8_BUILD: buildenv-centos8
@@ -156,82 +156,6 @@ Centos7:
       - ./*.log
       - ./tests/*.log
 
-RPM/epel7:
-  stage: deploy
-  image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS7_BUILD
-  script:
-  - git submodule update --init
-  - autoreconf -fvi
-  - ./configure
-  - touch ChangeLog
-  - make dist
-  - CURDIR=$(pwd)
-  - TARFILE=$(find ./ -name '*.tar.xz')
-  - RPMVERSION=$(cat /usr/local/rpms/ocserv/*.spec|grep ^Version|awk '{print $2}')
-  - sed -i 's/XFAIL_TESTS=test-sighup-key-change//' /usr/local/rpms/ocserv/ocserv.spec
-  - NEWVERSION=$(echo $TARFILE|sed -e 's/ocserv-//' -e 's/\.tar\.xz//' -e 's|./||')
-  - echo "tarfile $TARFILE" && echo "rpm $RPMVERSION" && echo "new $NEWVERSION"
-  - cp $TARFILE /usr/local/rpms/ocserv
-  - cd /usr/local/rpms/ocserv
-  - sed -i -e "s/$RPMVERSION/$NEWVERSION/" -e 's/have_gpgv2 1/have_gpgv2 0/g' *.spec
-  - ( test "$RPMVERSION" != "$NEWVERSION" && cat sources|grep -v "ocserv-$RPMVERSION" >sources.tmp ) || /bin/true
-  - sha512sum --tag ocserv-$NEWVERSION.tar.xz >>sources.tmp
-  - mv sources.tmp sources
-  - touch ocserv-$NEWVERSION.tar.xz.sig
-  - fedpkg --release el7 local
-  - cd $CURDIR
-  - find /usr/local/rpms/ocserv -name '*.rpm' -exec cp '{}' ./ ';'
-  tags:
-  - shared
-  - linux
-  except:
-  - tags
-  - schedules
-  artifacts:
-    expire_in: 1 week
-    when: on_success
-    paths:
-     - ./*.rpm
-
-RPM/epel8:
-  stage: deploy
-  image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS8_BUILD
-  script:
-  - git submodule update --init
-  - autoreconf -fvi
-  - ./configure
-  - touch ChangeLog
-  - make dist
-  - CURDIR=$(pwd)
-  - TARFILE=$(find ./ -name '*.tar.xz')
-  - RPMVERSION=$(cat /usr/local/rpms/ocserv/*.spec|grep ^Version|awk '{print $2}')
-  - sed -i 's/XFAIL_TESTS=test-sighup-key-change//' /usr/local/rpms/ocserv/ocserv.spec
-  - NEWVERSION=$(echo $TARFILE|sed -e 's/ocserv-//' -e 's/\.tar\.xz//' -e 's|./||')
-  - echo "tarfile $TARFILE" && echo "rpm $RPMVERSION" && echo "new $NEWVERSION"
-  - cp $TARFILE /usr/local/rpms/ocserv
-  - cd /usr/local/rpms/ocserv
-  - sed -i -e "s/Patch0:\t\tocserv-1.1.2-tests.patch//" *.spec
-  - sed -i -e "s/$RPMVERSION/$NEWVERSION/" -e 's/have_gpgv2 1/have_gpgv2 0/g' *.spec
-  - ( test "$RPMVERSION" != "$NEWVERSION" && cat sources|grep -v "ocserv-$RPMVERSION" >sources.tmp ) || /bin/true
-  - sha512sum --tag ocserv-$NEWVERSION.tar.xz >>sources.tmp
-  - mv sources.tmp sources
-  - touch ocserv-$NEWVERSION.tar.xz.sig
-  - export OCSERV_ALLOW_BROKEN_CLIENTS=1
-  - fedpkg --release el8 local
-  - cd $CURDIR
-  - find /usr/local/rpms/ocserv -name '*.rpm' -exec cp '{}' ./ ';'
-  tags:
-  - shared
-  - linux
-  except:
-  - tags
-  - schedules
-  artifacts:
-    expire_in: 1 week
-    when: on_success
-    paths:
-     - ./*.rpm
-
 Coverity:
   stage: testing
   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS8_BUILD

src/log.c

@@ -30,6 +30,44 @@
 #include <main.h>
 #include <sec-mod.h>
 
+/* Returns zero when the given priority is not sufficient
+ * for logging */
+static unsigned check_priority(int *priority, int debug_prio)
+{
+	switch(*priority) {
+		case LOG_ERR:
+		case LOG_WARNING:
+		case LOG_NOTICE:
+			break;
+		case LOG_DEBUG:
+			if (debug_prio < DEBUG_DEBUG)
+				return 0;
+			break;
+		case LOG_INFO:
+			if (debug_prio < DEBUG_INFO)
+				return 0;
+			break;
+		case LOG_HTTP_DEBUG:
+			if (debug_prio < DEBUG_HTTP)
+				return 0;
+	                *priority = LOG_INFO;
+			break;
+		case LOG_TRANSFER_DEBUG:
+			if (debug_prio < DEBUG_TRANSFERRED)
+				return 0;
+	                *priority = LOG_DEBUG;
+			break;
+		case LOG_SENSITIVE:
+			if (debug_prio < DEBUG_SENSITIVE)
+				return 0;
+	                *priority = LOG_DEBUG;
+			break;
+		default:
+			syslog(LOG_DEBUG, "unknown log level %d", *priority);
+        }
+
+        return 1;
+}
 
 void __attribute__ ((format(printf, 3, 4)))
     _oclog(const worker_st * ws, int priority, const char *fmt, ...)
@@ -46,29 +84,9 @@ void __attribute__ ((format(printf, 3, 4)))
 	else
 		debug_prio = GETPCONFIG(ws)->debug;
 
-	if (priority == LOG_DEBUG && debug_prio < DEBUG_DEBUG)
+	if (!check_priority(&priority, debug_prio))
 		return;
 
-	if (priority == LOG_INFO && debug_prio < DEBUG_INFO)
-		return;
-
-	if (priority == LOG_HTTP_DEBUG) {
-	    if (debug_prio < DEBUG_HTTP)
-                return;
-            else
-                priority = LOG_INFO;
-        } else if (priority == LOG_TRANSFER_DEBUG) {
-	    if (debug_prio < DEBUG_TRANSFERRED)
-                return;
-            else
-                priority = LOG_DEBUG;
-        } else if (priority == LOG_SENSITIVE) {
-	    if (debug_prio < DEBUG_SENSITIVE)
-                return;
-            else
-                priority = LOG_DEBUG;
-        }
-
 	ip = ws->remote_ip_str;
 
 	va_start(args, fmt);
@@ -101,32 +119,15 @@ void __attribute__ ((format(printf, 4, 5)))
 	char name[MAX_USERNAME_SIZE+MAX_HOSTNAME_SIZE+3];
 	const char* ip = NULL;
 	va_list args;
-	int debug_prio;
+	int debug_prio = 1;
 	unsigned have_vhosts;
 
 	if (s)
 		debug_prio = GETPCONFIG(s)->debug;
-	else
-		debug_prio = 1;
 
-	if (priority == LOG_DEBUG && debug_prio < DEBUG_DEBUG)
+	if (!check_priority(&priority, debug_prio))
 		return;
 
-	if (priority == LOG_INFO && debug_prio < DEBUG_INFO)
-		return;
-
-	if (priority == LOG_HTTP_DEBUG) {
-	    if (debug_prio < DEBUG_HTTP)
-                return;
-            else
-                priority = LOG_DEBUG;
-        } else if (priority == LOG_TRANSFER_DEBUG) {
-	    if (debug_prio < DEBUG_TRANSFERRED)
-                return;
-            else
-                priority = LOG_DEBUG;
-        }
-
 	if (proc) {
 		ip = human_addr((void*)&proc->remote_addr, proc->remote_addr_len,
 			    ipbuf, sizeof(ipbuf));

src/pcl/pcl.c

@@ -455,9 +455,6 @@ static void co_del_helper(void *data)
 		co_delete(tctx->co_curr->caller);
 		co_call((coroutine_t) cdh);
 		if (tctx->co_dhelper == NULL) {
-			fprintf(stderr,
-				"[PCL] Resume to delete helper coroutine: curr=%p caller=%p\n",
-				tctx->co_curr, tctx->co_curr->caller);
 			exit(1);
 		}
 	}

src/worker-privs.c

@@ -110,9 +110,7 @@ int disable_system_calls(struct worker_st *ws)
 	/* Socket wrapper tests use additional syscalls; only enable
 	 * them when socket wrapper is active */
 	if (getenv("SOCKET_WRAPPER_DIR") != NULL) {
-		ADD_SYSCALL(stat64, 0);
 		ADD_SYSCALL(readlink, 0);
-		ADD_SYSCALL(newfstatat, 0);
 	}
 
 	/* we use quite some system calls here, and in the end
@@ -176,6 +174,9 @@ int disable_system_calls(struct worker_st *ws)
 
 	ADD_SYSCALL(openat, 0);
 	ADD_SYSCALL(fstat, 0);
+	ADD_SYSCALL(stat, 0);
+	ADD_SYSCALL(stat64, 0);
+	ADD_SYSCALL(newfstatat, 0);
 	ADD_SYSCALL(lseek, 0);
 
 	ADD_SYSCALL(getsockopt, 0);
@@ -186,9 +187,6 @@ int disable_system_calls(struct worker_st *ws)
 	/* we need to open files when we have an xml_config_file setup on any vhost */
 	list_for_each(ws->vconfig, vhost, list) {
 		if (vhost->perm_config.config->xml_config_file) {
-			ADD_SYSCALL(stat, 0);
-			ADD_SYSCALL(stat64, 0);
-			ADD_SYSCALL(newfstatat, 0);
 			ADD_SYSCALL(open, 0);
 			ADD_SYSCALL(openat, 0);
 			break;

src/worker-vpn.c

@@ -1443,7 +1443,7 @@ static int dtls_mainloop(worker_st * ws, struct dtls_st * dtls, struct timespec
 						    tnow->tv_sec);
 				if (ret < 0) {
 					oclog(ws, LOG_INFO,
-					      "error parsing CSTP data");
+					      "error parsing DTLS data");
 					goto cleanup;
 				}
 			}
@@ -2482,14 +2482,13 @@ static int parse_data(struct worker_st *ws, uint8_t *buf, size_t buf_size,
 				ret = dtls_send(DTLS_ACTIVE(ws), buf, 1);
 			}
 
-			oclog(ws, LOG_TRANSFER_DEBUG,
-			      "received DTLS DPD; sent response (%d bytes)",
-			      ret);
-
 			if (ret < 0) {
-				oclog(ws, LOG_ERR, "could not send TLS data: %s",
-				      gnutls_strerror(ret));
-				return -1;
+				oclog(ws, LOG_TRANSFER_DEBUG,
+				      "received DTLS DPD; error in sending response: %s", gnutls_strerror(ret));
+			} else {
+				oclog(ws, LOG_TRANSFER_DEBUG,
+				      "received DTLS DPD; sent response (%d bytes)",
+				      ret);
 			}
 		}
 
@@ -2516,7 +2515,7 @@ static int parse_data(struct worker_st *ws, uint8_t *buf, size_t buf_size,
 		/* decompress */
 		if (is_dtls == 0) { /* CSTP */
 			if (ws->cstp_selected_comp == NULL) {
-				oclog(ws, LOG_ERR, "received compression data but no compression was negotiated");
+				oclog(ws, LOG_ERR, "received compressed data but no compression was negotiated");
 				return -1;
 			}
 
@@ -2524,7 +2523,7 @@ static int parse_data(struct worker_st *ws, uint8_t *buf, size_t buf_size,
 			oclog(ws, LOG_DEBUG, "decompressed %d to %d\n", (int)buf_size-8, (int)plain_size);
 		} else { /* DTLS */
 			if (ws->dtls_selected_comp == NULL) {
-				oclog(ws, LOG_ERR, "received compression data but no compression was negotiated");
+				oclog(ws, LOG_ERR, "received compressed data but no compression was negotiated");
 				return -1;
 			}
 

tests/test-user-config

@@ -37,7 +37,7 @@ rm -f ${TMPFILE1}
 rm -f ${TMPFILE2}
 
 update_config test-user-config.config
-launch_simple_server -d 1 -f -c "${CONFIG}"
+launch_simple_server -d 3 -f -c "${CONFIG}"
 PID=$!
 wait_server $PID