The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
log.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: bbab59eed62c0b6fef2babebb2c17edd43fe575e $
19 *
20 * @file tls/log.c
21 * @brief Retrieve errors and log messages from OpenSSL's overly complex logging system.
22 *
23 * @copyright 2016,2021 Arran Cudbard-Bell (a.cudbardb@freeradius.org)
24 * @copyright 2016 The FreeRADIUS server project
25 */
26RCSID("$Id: bbab59eed62c0b6fef2babebb2c17edd43fe575e $")
27USES_APPLE_DEPRECATED_API /* OpenSSL API has been deprecated by Apple */
28
29#ifdef WITH_TLS
30#define LOG_PREFIX "tls"
31
32#include <freeradius-devel/util/debug.h>
33#include <freeradius-devel/util/atexit.h>
34#include <freeradius-devel/tls/strerror.h>
35#include <freeradius-devel/tls/utils.h>
36#include <stdatomic.h>
37
38#include "log.h"
39
40/** Holds the state of a log BIO
41 *
42 * Most of these fields are expected to change between uses of the BIO.
43 *
44 * BIOs do not have indexed extension structures like other structures in OpenSSL,
45 * so we're forced to place all information in a structure, and populate it just
46 * prior to a BIO being used.
47 *
48 * These BIOs are thread local to avoid conflicts or locking issues.
49 */
50typedef struct {
51 BIO *bio; //!< Logging bio to write to.
52 fr_sbuff_t sbuff; //!< Used to aggregate line data.
53 fr_sbuff_uctx_talloc_t tctx; //!< extra talloc information for the sbuff.
54 fr_sbuff_marker_t logged_m; //!< How much data has been written.
55
56 request_t *request; //!< the current request. Only used for the
57 ///< request log BIOs.
58 fr_log_type_t type; //!< The type of log messages the bio will produce.
59 fr_log_lvl_t lvl; //!< Level to log message at.
60 char const *file; //!< File this log bio was bound on.
61 int line; //!< Line this log bio was bound on.
62} fr_tls_log_bio_t;
63
64/** Template for the thread local request log BIOs
65 */
66static BIO_METHOD *tls_request_log_meth;
67
68/** Template for the global log BIOs
69 */
70static BIO_METHOD *tls_global_log_meth;
71
72/** Counter for users of the request log bio
73 *
74 */
75static _Atomic(uint32_t) tls_request_log_ref;
76
77/** Counter for users of the global log bio
78 *
79 */
80static _Atomic(uint32_t) tls_global_log_ref;
81
82/** Thread local request log BIO
83 */
84static _Thread_local fr_tls_log_bio_t *request_log_bio;
85
86/** Thread local global log BIO
87 */
88static _Thread_local fr_tls_log_bio_t *global_log_bio;
89
90/** Print out the current stack of certs
91 *
92 * @param[in] file File where this function is being called.
93 * @param[in] line Line where this function is being called.
94 * @param[in] request Current request, may be NULL.
95 * @param[in] log_type The type of log message to produce L_INFO, L_ERR, L_DBG etc...
96 * @param[in] chain The certificate chain.
97 * @param[in] cert The leaf certificate.
98 */
99void _fr_tls_chain_log(char const *file, int line,
100 request_t *request, fr_log_type_t log_type,
101 STACK_OF(X509) *chain, X509 *cert)
102{
103 /*
104 * Dump to the thread local buffer
105 */
106 fr_strerror_clear();
107 _fr_tls_strerror_push_chain(file, line, chain, cert);
108 if (request) {
109 log_request_perror(log_type, L_DBG_LVL_OFF, request, file, line, NULL);
110 } else {
111 fr_perror(NULL);
112 }
113}
114
115/** Print out the current stack of certs
116 *
117 * @param[in] file File where this function is being called.
118 * @param[in] line Line where this function is being called.
119 * @param[in] request Current request, may be NULL.
120 * @param[in] log_type The type of log message to produce L_INFO, L_ERR, L_DBG etc...
121 * @param[in] chain The certificate chain.
122 * @param[in] cert The leaf certificate.
123 * @param[in] marker The certificate we want to mark.
124 */
125void _fr_tls_chain_marker_log(char const *file, int line,
126 request_t *request, fr_log_type_t log_type,
127 STACK_OF(X509) *chain, X509 *cert, X509 *marker)
128{
129 /*
130 * Dump to the thread local buffer
131 */
132 fr_strerror_clear();
133 _fr_tls_strerror_push_chain_marker(file, line, chain, cert, marker);
134 if (request) {
135 log_request_perror(log_type, L_DBG_LVL_OFF, request, file, line, NULL);
136 } else {
137 fr_perror(NULL);
138 }
139}
140
141/** Print out the current stack of X509 objects (certificates only)
142 *
143 * @param[in] file File where this function is being called.
144 * @param[in] line Line where this function is being called.
145 * @param[in] request Current request, may be NULL.
146 * @param[in] log_type The type of log message to produce L_INFO, L_ERR, L_DBG etc...
147 * @param[in] objects A stack of X509 objects
148 */
149void _fr_tls_x509_objects_log(char const *file, int line,
150 request_t *request, fr_log_type_t log_type,
151 STACK_OF(X509_OBJECT) *objects)
152{
153
154 fr_strerror_clear();
155 _fr_tls_strerror_push_x509_objects(file, line, objects);
156 if (request) {
157 log_request_perror(log_type, L_DBG_LVL_OFF, request, file, line, NULL);
158 } else {
159 fr_perror(NULL);
160 }
161}
162
163/** Print errors raised by OpenSSL I/O functions
164 *
165 * Drains the thread local OpenSSL error queue, and prints out errors
166 * based on the SSL handle and the return code of the I/O function.
167 *
168 * OpenSSL lists I/O functions to be:
169 * - SSL_connect
170 * - SSL_accept
171 * - SSL_do_handshake
172 * - SSL_read
173 * - SSL_peek
174 * - SSL_write
175 *
176 * @param request The current request (may be NULL).
177 * @param err returned from SSL_get_error().
178 * @param fmt Error message describing the operation being attempted.
179 * @param ... Arguments for msg.
180 * @return
181 * - 0 TLS session may still be viable.
182 * - -1 TLS session cannot continue.
183 */
184int fr_tls_log_io_error(request_t *request, int err, char const *fmt, ...)
185{
186 static fr_table_num_ordered_t const ssl_io_error_table[] = {
187 { L("SSL_ERROR_NONE"), SSL_ERROR_NONE },
188 { L("SSL_ERROR_ZERO_RETURN"), SSL_ERROR_ZERO_RETURN },
189 { L("SSL_ERROR_WANT_READ"), SSL_ERROR_WANT_READ },
190 { L("SSL_ERROR_WANT_WRITE"), SSL_ERROR_WANT_WRITE },
191 { L("SSL_ERROR_WANT_CONNECT"), SSL_ERROR_WANT_CONNECT },
192 { L("SSL_ERROR_WANT_ACCEPT"), SSL_ERROR_WANT_ACCEPT },
193 { L("SSL_ERROR_WANT_X509_LOOKUP"), SSL_ERROR_WANT_X509_LOOKUP },
194 { L("SSL_ERROR_WANT_ASYNC"), SSL_ERROR_WANT_ASYNC },
195 { L("SSL_ERROR_WANT_ASYNC_JOB"), SSL_ERROR_WANT_ASYNC_JOB },
196 { L("SSL_ERROR_WANT_CLIENT_HELLO_CB"), SSL_ERROR_WANT_CLIENT_HELLO_CB },
197 { L("SSL_ERROR_SYSCALL"), SSL_ERROR_SYSCALL },
198 { L("SSL_ERROR_SSL"), SSL_ERROR_SSL }
199 };
200 static size_t ssl_io_error_table_len = NUM_ELEMENTS(ssl_io_error_table);
201
202 va_list ap;
203 char *msg = NULL;
204
205 switch (err) {
206 /*
207 * These seem to be harmless and already "dealt
208 * with" by our non-blocking environment. NB:
209 * "ZERO_RETURN" is the clean "error"
210 * indicating a successfully closed SSL
211 * tunnel. We let this happen because our IO
212 * loop should not appear to have broken on
213 * this condition - and outside the IO loop, the
214 * "shutdown" state is checked.
215 *
216 * Don't print anything if we ignore the error.
217 */
218 case SSL_ERROR_NONE:
219 case SSL_ERROR_WANT_READ:
220 case SSL_ERROR_WANT_WRITE:
221 case SSL_ERROR_WANT_X509_LOOKUP:
222 case SSL_ERROR_ZERO_RETURN:
223 if (DEBUG_ENABLED2 || RDEBUG_ENABLED2) {
224 va_start(ap, fmt);
225 msg = fr_vasprintf(NULL, fmt, ap);
226 va_end(ap);
227
228 ROPTIONAL(RDEBUG2, DEBUG2, "%s - %s (%i)",
229 msg, fr_table_str_by_value(ssl_io_error_table, err, "<UNKNOWN>"), err);
230 talloc_free(msg);
231 }
232 break;
233
234 /*
235 * These seem to be indications of a genuine
236 * error that should result in the SSL tunnel
237 * being regarded as "dead".
238 */
239 case SSL_ERROR_SYSCALL:
240 va_start(ap, fmt);
241 msg = fr_vasprintf(NULL, fmt, ap);
242 va_end(ap);
243
244 ROPTIONAL(REDEBUG, ERROR, "%s - System call (I/O) error - %s (%i)",
245 msg, fr_table_str_by_value(ssl_io_error_table, err, "<UNKNOWN>"), err);
246
247 talloc_free(msg);
248 return -1;
249
250 /*
251 * Docs say a more verbose error is available
252 * in the normal error stack.
253 */
254 case SSL_ERROR_SSL:
255 va_start(ap, fmt);
256 (void)fr_tls_strerror_vprintf(fmt, ap);
257 va_end(ap);
258
259 ROPTIONAL(RPERROR, PERROR, "");
260 return -1;
261
262 /*
263 * For any other errors that (a) exist, and (b)
264 * crop up - we need to interpret what to do with
265 * them - so "politely inform" the caller that
266 * the code needs updating here.
267 */
268 default:
269 va_start(ap, fmt);
270 msg = fr_vasprintf(NULL, fmt, ap);
271 va_end(ap);
272
273 ROPTIONAL(REDEBUG, ERROR, "%s - TLS session error - %s (%i)",
274 msg, fr_table_str_by_value(ssl_io_error_table, err, "<UNKNOWN>"), err);
275
276 talloc_free(msg);
277
278 return -1;
279 }
280
281 return 0;
282}
283
284
285/** Print errors in the TLS thread local error stack
286 *
287 * Drains the thread local OpenSSL error queue, and prints out errors.
288 *
289 * @param[in] request The current request (may be NULL).
290 * @param[in] msg Error message describing the operation being attempted.
291 * @param[in] ... Arguments for msg.
292 * @return the number of errors drained from the stack.
293 */
294int fr_tls_log(request_t *request, char const *msg, ...)
295{
296 va_list ap;
297 int ret;
298
299 va_start(ap, msg);
300 ret = fr_tls_strerror_vprintf(msg, ap);
301 va_end(ap);
302
303 ROPTIONAL(RPERROR, PERROR, "");
304
305 return ret;
306}
307
308/** Clear errors in the TLS thread local error stack
309 *
310 */
311void fr_tls_log_clear(void)
312{
313 while (ERR_get_error() != 0);
314}
315
316/** Increment the bio meth reference counter
317 *
318 */
319static int tls_log_request_bio_create_cb(BIO *bio)
320{
321 atomic_fetch_add(&tls_request_log_ref, 1);
322 BIO_set_init(bio, 1);
323 return 1;
324}
325
326/** Converts BIO_write() calls to request log calls
327 *
328 * This callback is used to glue the output of OpenSSL functions into request log calls.
329 *
330 * @param[in] bio that was written to.
331 * @param[in] in data being written to BIO.
332 * @param[in] len Length of data being written.
333 */
334static int tls_log_request_bio_write_cb(BIO *bio, char const *in, int len)
335{
336 fr_tls_log_bio_t *lb = talloc_get_type_abort(BIO_get_data(bio), fr_tls_log_bio_t);
337 request_t *request = talloc_get_type_abort(lb->request, request_t);
338 log_request_func_t func;
339 fr_slen_t slen;
340 char *le;
341
342 /*
343 * Pick the right logging function based on the type
344 */
345 if ((lb->type == L_ERR) || (lb->type == L_DBG_ERR) || (lb->type == L_DBG_ERR_REQ)) {
346 func = log_request_error;
347 } else {
348 func = log_request;
349 }
350
351 /*
352 * OpenSSL feeds us data in fragments so we need
353 * to aggregate it, then look for new line chars
354 * as an indication we need to print the line.
355 */
356 slen = fr_sbuff_in_bstrncpy(&lb->sbuff, in, len);
357 if (unlikely(slen < 0)) {
358 /*
359 * We failed to copy the data into the buffer
360 * so we can't do anything with it.
361 */
362 REDEBUG2("Failed copying %u bytes into TLS log aggregation buffer, "
363 "needed %zu more bytes", len, (size_t)(-(slen)));
364 return 0;
365 }
366
367 /*
368 * Split incoming data on new lines
369 */
370 while (fr_sbuff_behind(&lb->logged_m)) {
371 le = memchr(fr_sbuff_current(&lb->logged_m), '\n',
372 fr_sbuff_current(&lb->sbuff) - fr_sbuff_current(&lb->logged_m));
373 /*
374 * Wait until we have a complete line
375 */
376 if (le == NULL) break;
377
378 /*
379 * Skip empty lines
380 */
381 if ((le - fr_sbuff_current(&lb->logged_m)) > 0) {
382 func(lb->type, lb->lvl, request, __FILE__, __LINE__, "%pV",
383 fr_box_strvalue_len(fr_sbuff_current(&lb->logged_m),
384 le - fr_sbuff_current(&lb->logged_m)));
385 }
386
387 fr_sbuff_set(&lb->logged_m, le + 1);
388 }
389
390 /*
391 * Clear out printed data
392 */
393 fr_sbuff_shift(&lb->sbuff, fr_sbuff_used(&lb->logged_m), false);
394
395 return len; /* Amount of data written */
396}
397
398/** Converts BIO_puts() calls to request log calls
399 *
400 * This callback is used to glue the output of OpenSSL functions into request log calls.
401 *
402 * @param[in] bio that was written to.
403 * @param[in] in data being written to BIO.
404 */
405static int tls_log_request_bio_puts_cb(BIO *bio, char const *in)
406{
407 return tls_log_request_bio_write_cb(bio, in, strlen(in));
408}
409
410/** Decrement the bio meth reference counter
411 *
412 */
413static int tls_log_request_bio_free_cb(BIO *bio)
414{
415 atomic_fetch_sub(&tls_request_log_ref, 1);
416 BIO_set_init(bio, 0);
417 return 1;
418}
419
420/** Increment the bio meth reference counter
421 *
422 */
423static int tls_log_global_bio_create_cb(BIO *bio)
424{
425 atomic_fetch_add(&tls_global_log_ref, 1);
426 BIO_set_init(bio, 1);
427 return 1;
428}
429
430/** Converts BIO_write() calls to global log calls
431 *
432 * This callback is used to glue the output of OpenSSL functions into global log calls.
433 *
434 * @param[in] bio that was written to.
435 * @param[in] in data being written to BIO.
436 * @param[in] len Length of data being written.
437 */
438static int tls_log_global_bio_write_cb(BIO *bio, char const *in, int len)
439{
440 fr_tls_log_bio_t *lb = talloc_get_type_abort(BIO_get_data(bio), fr_tls_log_bio_t);
441 char *le;
442
443 /*
444 * OpenSSL feeds us data in fragments so we need
445 * to aggregate it, then look for new line chars
446 * as an indication we need to print the line.
447 */
448 if (fr_sbuff_in_bstrncpy(&lb->sbuff, in, len) < 0) return 0;
449
450 /*
451 * Split incoming data on new lines
452 */
453 while (fr_sbuff_behind(&lb->logged_m)) {
454 le = memchr(fr_sbuff_current(&lb->logged_m), '\n',
455 fr_sbuff_current(&lb->sbuff) - fr_sbuff_current(&lb->logged_m));
456 /*
457 * Wait until we have a complete line
458 */
459 if (le == NULL) break;
460
461 /*
462 * Skip empty lines
463 */
464 if ((le - fr_sbuff_current(&lb->logged_m)) > 0) {
465 if (fr_debug_lvl >= lb->lvl) fr_log(&default_log, lb->type, __FILE__, __LINE__,
466 "%pV",
467 fr_box_strvalue_len(fr_sbuff_current(&lb->logged_m),
468 le - fr_sbuff_current(&lb->logged_m)));
469 }
470
471 fr_sbuff_set(&lb->logged_m, le + 1);
472 }
473
474 /*
475 * Clear out printed data
476 */
477 fr_sbuff_shift(&lb->sbuff, fr_sbuff_used(&lb->logged_m), false);
478
479 return len; /* Amount of data written */
480}
481
482/** Converts BIO_puts() calls to global log calls
483 *
484 * This callback is used to glue the output of OpenSSL functions into global log calls.
485 *
486 * @param[in] bio that was written to.
487 * @param[in] in data being written to BIO.
488 */
489static int tls_log_global_bio_puts_cb(BIO *bio, char const *in)
490{
491 return tls_log_global_bio_write_cb(bio, in, strlen(in));
492}
493
494/** Decrement the bio meth reference counter
495 *
496 */
497static int tls_log_global_bio_free_cb(BIO *bio)
498{
499 atomic_fetch_sub(&tls_global_log_ref, 1);
500 BIO_set_init(bio, 0);
501 return 1;
502}
503
504/** Frees a logging bio and its underlying OpenSSL BIO *
505 *
506 */
507static int _fr_tls_log_bio_free(void *log_bio)
508{
509 fr_tls_log_bio_t *our_log_bio = talloc_get_type_abort(log_bio, fr_tls_log_bio_t);
510
511 BIO_free(our_log_bio->bio);
512 our_log_bio->bio = NULL;
513 return talloc_free(our_log_bio);
514}
515
516/** Return a request log BIO to use with OpenSSL logging functions
517 *
518 * @note The contents of the BIO will only be written to the logging system on finding
519 * a new line. If data remains in the BIO when it is re-initialised (this function
520 * is called again), that data will be discarded.
521 *
522 * @note The returned BIO should be assumed to be invalid if the request yields.
523 *
524 * @param[in] file of caller.
525 * @param[in] line of caller.
526 * @param[in] request to temporarily associate with logging BIO.
527 * @param[in] type to temporarily assign to logging bio.
528 * @param[in] lvl to temporarily assign to logging bio.
529 * @return A thread local BIO to pass to OpenSSL logging functions.
530 */
531BIO *_fr_tls_request_log_bio(char const *file, int line, request_t *request, fr_log_type_t type, fr_log_lvl_t lvl)
532{
533 if (unlikely(!request_log_bio)) {
534 fr_tls_log_bio_t *lb;
535
536 MEM(lb = talloc(NULL, fr_tls_log_bio_t));
537 *lb = (fr_tls_log_bio_t) {
538 .bio = BIO_new(tls_request_log_meth),
539 .request = request,
540 .type = type,
541 .lvl = lvl,
542 .file = file,
543 .line = line
544 };
545 MEM(lb->bio);
546 BIO_set_data(lb->bio, lb); /* So we can retrieve the fr_tls_lb_t in the callbacks */
547 fr_sbuff_init_talloc(lb, &lb->sbuff, &lb->tctx, 1024, 10 * 1024); /* start 1k, max 10k */
548 fr_atexit_thread_local(request_log_bio, _fr_tls_log_bio_free, lb);
549 fr_sbuff_marker(&lb->logged_m, &lb->sbuff);
550 return lb->bio;
551 }
552 fr_sbuff_reset_talloc(&request_log_bio->sbuff); /* Reset to initial size */
553 fr_sbuff_marker(&request_log_bio->logged_m, &request_log_bio->sbuff);
554 request_log_bio->request = request;
555 request_log_bio->type = type;
556 request_log_bio->lvl = lvl;
557 request_log_bio->file = file;
558 request_log_bio->line = line;
559
560 return request_log_bio->bio;
561}
562
563/** Return a global log BIO to use with OpenSSL logging functions
564 *
565 * @note The contents of the BIO will only be written to the logging system on finding
566 * a new line. If data remains in the BIO when it is re-initialised (this function
567 * is called again), that data will be discarded.
568 *
569 * @note The returned BIO should be assumed to be invalid if the current request yields.
570 *
571 * @param[in] file of caller.
572 * @param[in] line of caller.
573 * @param[in] type to temporarily assign to logging bio.
574 * @param[in] lvl to temporarily assign to logging bio.
575 * @return A thread local BIO to pass to OpenSSL logging functions.
576 */
577BIO *_fr_tls_global_log_bio(char const *file, int line, fr_log_type_t type, fr_log_lvl_t lvl)
578{
579 if (unlikely(!global_log_bio)) {
580 fr_tls_log_bio_t *lb;
581
582 MEM(lb = talloc(NULL, fr_tls_log_bio_t));
583 *lb = (fr_tls_log_bio_t) {
584 .bio = BIO_new(tls_global_log_meth),
585 .type = type,
586 .lvl = lvl,
587 .file = file,
588 .line = line
589 };
590 MEM(lb->bio);
591 BIO_set_data(lb->bio, lb); /* So we can retrieve the fr_tls_lb_t in the callbacks */
592 fr_sbuff_init_talloc(lb, &lb->sbuff, &lb->tctx, 1024, 10 * 1024); /* start 1k, max 10k */
593 fr_atexit_thread_local(global_log_bio, _fr_tls_log_bio_free, lb);
594 fr_sbuff_marker(&lb->logged_m, &lb->sbuff);
595 return lb->bio;
596 }
597 fr_sbuff_reset_talloc(&request_log_bio->sbuff); /* Reset to initial size */
598 fr_sbuff_marker(&request_log_bio->logged_m, &request_log_bio->sbuff);
599 global_log_bio->type = type;
600 global_log_bio->lvl = lvl;
601 global_log_bio->file = file;
602 global_log_bio->line = line;
603
604 return global_log_bio->bio;
605}
606
607/** Initialise the BIO logging meths which are used to create thread local logging BIOs
608 *
609 */
610int fr_tls_log_init(void)
611{
612 /*
613 * As per the boringSSL documentation
614 *
615 * BIO_TYPE_START is the first user-allocated |BIO| type.
616 * No pre-defined type, flag bits aside, may exceed this
617 * value.
618 *
619 * The low byte here defines the BIO ID, and the high byte
620 * defines its capabilities.
621 */
622 tls_request_log_meth = BIO_meth_new(BIO_get_new_index() | BIO_TYPE_SOURCE_SINK, "fr_tls_request_log");
623 if (unlikely(!tls_request_log_meth)) return -1;
624
625 BIO_meth_set_create(tls_request_log_meth, tls_log_request_bio_create_cb);
626 BIO_meth_set_write(tls_request_log_meth, tls_log_request_bio_write_cb);
627 BIO_meth_set_puts(tls_request_log_meth, tls_log_request_bio_puts_cb);
628 BIO_meth_set_destroy(tls_request_log_meth, tls_log_request_bio_free_cb);
629
630 tls_global_log_meth = BIO_meth_new(BIO_get_new_index() | BIO_TYPE_SOURCE_SINK, "fr_tls_global_log");
631 if (unlikely(!tls_global_log_meth)) {
632 BIO_meth_free(tls_request_log_meth);
633 tls_request_log_meth = NULL;
634 return -1;
635 }
636
637 BIO_meth_set_create(tls_global_log_meth, tls_log_global_bio_create_cb);
638 BIO_meth_set_write(tls_global_log_meth, tls_log_global_bio_write_cb);
639 BIO_meth_set_puts(tls_global_log_meth, tls_log_global_bio_puts_cb);
640 BIO_meth_set_destroy(tls_global_log_meth, tls_log_global_bio_free_cb);
641
642 return 0;
643}
644
645/** Free the global log method templates
646 *
647 */
648void fr_tls_log_free(void)
649{
650 /*
651 * These must be freed first else
652 * we get crashes in the OpenSSL
653 * code when we try to free them.
654 */
655 fr_assert_msg(atomic_load(&tls_request_log_ref) == 0, "request log BIO refs remaining %u", atomic_load(&tls_request_log_ref));
656 fr_assert_msg(atomic_load(&tls_global_log_ref) == 0, "global log BIO refs remaining %u", atomic_load(&tls_global_log_ref));
657
658 if (tls_request_log_meth) {
659 BIO_meth_free(tls_request_log_meth);
660 tls_request_log_meth = NULL;
661 }
662
663 if (tls_global_log_meth) {
664 BIO_meth_free(tls_global_log_meth);
665 tls_global_log_meth = NULL;
666 }
667}
668#endif /* WITH_TLS */
file
int const char * file
Definition acutest.h:702
va_end
va_end(args)
msg
log_entry msg
Definition acutest.h:794
fmt
static int const char * fmt
Definition acutest.h:573
line
int const char int line
Definition acutest.h:702
va_start
va_start(args, fmt)
fr_atexit_thread_local
#define fr_atexit_thread_local(_name, _free, _uctx)
Definition atexit.h:221
USES_APPLE_DEPRECATED_API
#define USES_APPLE_DEPRECATED_API
Definition build.h:472
RCSID
#define RCSID(id)
Definition build.h:485
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:209
unlikely
#define unlikely(_x)
Definition build.h:383
NUM_ELEMENTS
#define NUM_ELEMENTS(_t)
Definition build.h:339
fr_assert_msg
#define fr_assert_msg(_x, _msg,...)
Calls panic_action ifndef NDEBUG, else logs error and causes the server to exit immediately with code...
Definition debug.h:210
MEM
#define MEM(x)
Definition debug.h:36
ERROR
#define ERROR(fmt,...)
Definition dhcpclient.c:41
err
static fr_slen_t err
Definition dict.h:833
in
static fr_slen_t in
Definition dict.h:833
log_request
void log_request(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, char const *file, int line, char const *fmt,...)
Marshal variadic log arguments into a va_list and pass to normal logging functions.
Definition log.c:610
log_request_perror
void log_request_perror(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, char const *file, int line, char const *fmt,...)
Drain any outstanding messages from the fr_strerror buffers.
Definition log.c:677
log_request_error
void log_request_error(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, char const *file, int line, char const *fmt,...)
Marshal variadic log arguments into a va_list and pass to error logging functions.
Definition log.c:645
PERROR
#define PERROR(_fmt,...)
Definition log.h:228
DEBUG_ENABLED2
#define DEBUG_ENABLED2
True if global debug level 1-2 messages are enabled.
Definition log.h:258
ROPTIONAL
#define ROPTIONAL(_l_request, _l_global, _fmt,...)
Use different logging functions depending on whether request is NULL or not.
Definition log.h:528
log_request_func_t
void(* log_request_func_t)(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, char const *file, int line, char const *fmt,...)
Function signature for log_request functions.
Definition log.h:93
RPERROR
#define RPERROR(fmt,...)
Definition log.h:302
REDEBUG2
#define REDEBUG2(fmt,...)
Definition log.h:372
talloc_free
talloc_free(reap)
fr_debug_lvl
int fr_debug_lvl
Definition log.c:40
default_log
fr_log_t default_log
Definition log.c:288
fr_log
void fr_log(fr_log_t const *log, fr_log_type_t type, char const *file, int line, char const *fmt,...)
Send a server log message to its destination.
Definition log.c:580
fr_log_lvl_t
fr_log_lvl_t
Definition log.h:67
L_DBG_LVL_OFF
@ L_DBG_LVL_OFF
No debug messages.
Definition log.h:69
fr_log_type_t
fr_log_type_t
Definition log.h:54
L_ERR
@ L_ERR
Error message.
Definition log.h:56
L_DBG_ERR
@ L_DBG_ERR
Error only displayed when debugging is enabled.
Definition log.h:62
L_DBG_ERR_REQ
@ L_DBG_ERR_REQ
Less severe error only displayed when debugging is enabled.
Definition log.h:64
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
fr_slen_t
ssize_t fr_slen_t
Definition merged_model.c:35
fr_sbuff_t
Definition merged_model.c:37
request_t
Definition merged_model.c:210
fr_vasprintf
char * fr_vasprintf(TALLOC_CTX *ctx, char const *fmt, va_list ap)
Definition print.c:851
REDEBUG
#define REDEBUG(fmt,...)
Definition radclient.h:52
RDEBUG_ENABLED2
#define RDEBUG_ENABLED2()
Definition radclient.h:50
RDEBUG2
#define RDEBUG2(fmt,...)
Definition radclient.h:54
DEBUG2
#define DEBUG2(fmt,...)
Definition radclient.h:43
fr_sbuff_shift
size_t fr_sbuff_shift(fr_sbuff_t *sbuff, size_t shift, bool move_end)
Shift the contents of the sbuff, returning the number of bytes we managed to shift.
Definition sbuff.c:197
fr_sbuff_reset_talloc
int fr_sbuff_reset_talloc(fr_sbuff_t *sbuff)
Reset a talloced buffer to its initial length, clearing any data stored.
Definition sbuff.c:456
fr_sbuff_in_bstrncpy
ssize_t fr_sbuff_in_bstrncpy(fr_sbuff_t *sbuff, char const *str, size_t len)
Copy bytes into the sbuff up to the first \0.
Definition sbuff.c:1482
fr_sbuff_set
#define fr_sbuff_set(_dst, _src)
fr_sbuff_current
#define fr_sbuff_current(_sbuff_or_marker)
fr_sbuff_used
#define fr_sbuff_used(_sbuff_or_marker)
fr_sbuff_behind
#define fr_sbuff_behind(_sbuff_or_marker)
fr_sbuff_ptr_s
Definition sbuff.h:84
fr_sbuff_uctx_talloc_t
Talloc sbuff extension structure.
Definition sbuff.h:139
type
fr_aka_sim_id_type_t type
Definition state_machine.c:3623
_Atomic
#define _Atomic(T)
Definition stdatomic.h:77
atomic_fetch_sub
#define atomic_fetch_sub(object, operand)
Definition stdatomic.h:339
atomic_load
#define atomic_load(object)
Definition stdatomic.h:343
atomic_fetch_add
#define atomic_fetch_add(object, operand)
Definition stdatomic.h:333
fr_table_str_by_value
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
Definition table.h:772
fr_table_num_ordered_t
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
fr_perror
void fr_perror(char const *fmt,...)
Print the current error to stderr with a prefix.
Definition strerror.c:732
fr_strerror_clear
void fr_strerror_clear(void)
Clears all pending messages from the talloc pools.
Definition strerror.c:576
fr_box_strvalue_len
#define fr_box_strvalue_len(_val, _len)
Definition value.h:297
Generated by   doxygen 1.9.8