aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/network/socket.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/network/socket.c')
-rw-r--r--src/charon/network/socket.c107
1 files changed, 36 insertions, 71 deletions
diff --git a/src/charon/network/socket.c b/src/charon/network/socket.c
index 12dafc8d4..52d44a167 100644
--- a/src/charon/network/socket.c
+++ b/src/charon/network/socket.c
@@ -43,7 +43,6 @@
#include "socket.h"
#include <daemon.h>
-#include <utils/logger_manager.h>
/* constants for packet handling */
#define IP_LEN sizeof(struct iphdr)
@@ -126,11 +125,6 @@ struct private_socket_t{
* send socket on nat-t port for IPv6
*/
int send6_natt;
-
- /**
- * logger for this socket
- */
- logger_t *logger;
};
/**
@@ -158,8 +152,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
FD_SET(this->recv6, &rfds);
}
- this->logger->log(this->logger, CONTROL|LEVEL1,
- "waiting for data on raw sockets");
+ DBG2(SIG_DBG_NET, "waiting for data on raw sockets");
pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &oldstate);
if (select(max(this->recv4, this->recv6) + 1, &rfds, NULL, NULL, NULL) <= 0)
@@ -179,18 +172,16 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
bytes_read = recv(this->recv4, buffer, MAX_PACKET, 0);
if (bytes_read < 0)
{
- this->logger->log(this->logger, ERROR,
- "error reading from IPv4 socket: %m");
+ DBG1(SIG_DBG_NET, "error reading from IPv4 socket: %m");
return FAILED;
}
- this->logger->log_bytes(this->logger, RAW,
- "received IPv4 packet", buffer, bytes_read);
+ DBG3(SIG_DBG_NET, "received IPv4 packet %b", buffer, bytes_read);
/* read source/dest from raw IP/UDP header */
if (bytes_read < IP_LEN + UDP_LEN + MARKER_LEN)
{
- this->logger->log(this->logger, ERROR,
- "received IPv4 packet too short");
+ DBG1(SIG_DBG_NET, "received IPv4 packet too short (%d bytes)",
+ bytes_read);
return FAILED;
}
ip = (struct iphdr*) buffer;
@@ -207,8 +198,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
pkt = packet_create();
pkt->set_source(pkt, source);
pkt->set_destination(pkt, dest);
- this->logger->log(this->logger, CONTROL|LEVEL1,
- "received packet: from %#H to %#H", source, dest);
+ DBG2(SIG_DBG_NET, "received packet: from %#H to %#H", source, dest);
data_offset = IP_LEN + UDP_LEN;
/* remove non esp marker */
if (dest->get_port(dest) == this->natt_port)
@@ -244,17 +234,15 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
bytes_read = recvmsg(this->recv6, &msg, 0);
if (bytes_read < 0)
{
- this->logger->log(this->logger, ERROR,
- "error reading from IPv6 socket: %m");
+ DBG1(SIG_DBG_NET, "error reading from IPv6 socket: %m");
return FAILED;
}
- this->logger->log_bytes(this->logger, RAW,
- "received IPv6 packet", buffer, bytes_read);
+ DBG3(SIG_DBG_NET, "received IPv6 packet %b", buffer, bytes_read);
if (bytes_read < IP_LEN + UDP_LEN + MARKER_LEN)
{
- this->logger->log(this->logger, ERROR,
- "received IPv6 packet too short");
+ DBG3(SIG_DBG_NET, "received IPv6 packet too short (%d bytes)",
+ bytes_read);
return FAILED;
}
@@ -262,10 +250,9 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
for (cmsgptr = CMSG_FIRSTHDR(&msg); cmsgptr != NULL;
cmsgptr = CMSG_NXTHDR(&msg, cmsgptr))
{
- if (cmsgptr->cmsg_len == 0)
+ if (cmsgptr->cmsg_len == 0)
{
- this->logger->log(this->logger, ERROR,
- "error reading IPv6 ancillary data: %m");
+ DBG1(SIG_DBG_NET, "error reading IPv6 ancillary data");
return FAILED;
}
if (cmsgptr->cmsg_level == SOL_IPV6 &&
@@ -286,8 +273,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
/* ancillary data missing? */
if (dest == NULL)
{
- this->logger->log(this->logger, ERROR,
- "error reading IPv6 packet header");
+ DBG1(SIG_DBG_NET, "error reading IPv6 packet header");
return FAILED;
}
@@ -296,8 +282,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
pkt = packet_create();
pkt->set_source(pkt, source);
pkt->set_destination(pkt, dest);
- this->logger->log(this->logger, CONTROL|LEVEL1,
- "received packet: from %#H to %#H", source, dest);
+ DBG2(SIG_DBG_NET, "received packet: from %#H to %#H", source, dest);
data_offset = UDP_LEN;
/* remove non esp marker */
if (dest->get_port(dest) == this->natt_port)
@@ -335,8 +320,7 @@ status_t sender(private_socket_t *this, packet_t *packet)
dst = packet->get_destination(packet);
data = packet->get_data(packet);
- this->logger->log(this->logger, CONTROL|LEVEL1,
- "sending packet: from %#H to %#H", src, dst);
+ DBG2(SIG_DBG_NET, "sending packet: from %#H to %#H", src, dst);
/* send data */
sport = src->get_port(src);
@@ -368,8 +352,8 @@ status_t sender(private_socket_t *this, packet_t *packet)
/* add non esp marker to packet */
if (data.len > MAX_PACKET - MARKER_LEN)
{
- this->logger->log(this->logger, ERROR,
- "unable to send packet: it's too big");
+ DBG1(SIG_DBG_NET, "unable to send packet: it's too big (%d bytes)",
+ data.len);
return FAILED;
}
marked = chunk_alloc(data.len + MARKER_LEN);
@@ -382,8 +366,7 @@ status_t sender(private_socket_t *this, packet_t *packet)
}
else
{
- this->logger->log(this->logger, ERROR,
- "unable to locate a send socket for port %d", sport);
+ DBG1(SIG_DBG_NET, "unable to locate a send socket for port %d", sport);
return FAILED;
}
@@ -392,8 +375,7 @@ status_t sender(private_socket_t *this, packet_t *packet)
if (bytes_sent != data.len)
{
- this->logger->log(this->logger, ERROR,
- "error writing to socket: %m");
+ DBG1(SIG_DBG_NET, "error writing to socket: %m");
return FAILED;
}
return SUCCESS;
@@ -551,14 +533,13 @@ static int open_send_socket(private_socket_t *this, int family, u_int16_t port)
skt = socket(family, SOCK_DGRAM, IPPROTO_UDP);
if (skt < 0)
{
- this->logger->log(this->logger, ERROR, "could not open send socket: %m");
+ DBG1(SIG_DBG_NET, "could not open send socket: %m");
return 0;
}
if (setsockopt(skt, SOL_SOCKET, SO_REUSEADDR, (void*)&on, sizeof(on)) < 0)
{
- this->logger->log(this->logger, ERROR,
- "unable to set SO_REUSEADDR on send socket: %m");
+ DBG1(SIG_DBG_NET, "unable to set SO_REUSEADDR on send socket: %m");
close(skt);
return 0;
}
@@ -574,8 +555,7 @@ static int open_send_socket(private_socket_t *this, int family, u_int16_t port)
if (setsockopt(skt, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
{
- this->logger->log(this->logger, ERROR,
- "unable to set IPSEC_POLICY on send socket: %m");
+ DBG1(SIG_DBG_NET, "unable to set IPSEC_POLICY on send socket: %m");
close(skt);
return 0;
}
@@ -585,8 +565,7 @@ static int open_send_socket(private_socket_t *this, int family, u_int16_t port)
policy.sadb_x_policy_dir = IPSEC_DIR_INBOUND;
if (setsockopt(skt, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
{
- this->logger->log(this->logger, ERROR,
- "unable to set IPSEC_POLICY on send socket: %m");
+ DBG1(SIG_DBG_NET, "unable to set IPSEC_POLICY on send socket: %m");
close(skt);
return 0;
}
@@ -594,7 +573,7 @@ static int open_send_socket(private_socket_t *this, int family, u_int16_t port)
/* bind the send socket */
if (bind(skt, (struct sockaddr *)&addr, sizeof(addr)) < 0)
{
- this->logger->log(this->logger, ERROR, "unable to bind send socket: %m");
+ DBG1(SIG_DBG_NET, "unable to bind send socket: %m");
close(skt);
return 0;
}
@@ -604,8 +583,7 @@ static int open_send_socket(private_socket_t *this, int family, u_int16_t port)
/* enable UDP decapsulation globally, only for one socket needed */
if (setsockopt(skt, SOL_UDP, UDP_ENCAP, &type, sizeof(type)) < 0)
{
- this->logger->log(this->logger, ERROR,
- "unable to set UDP_ENCAP: %m; NAT-T may fail");
+ DBG1(SIG_DBG_NET, "unable to set UDP_ENCAP: %m; NAT-T may fail");
}
}
@@ -686,16 +664,14 @@ static int open_recv_socket(private_socket_t *this, int family)
skt = socket(family, SOCK_RAW, IPPROTO_UDP);
if (skt < 0)
{
- this->logger->log(this->logger, ERROR,
- "unable to create raw socket: %m");
+ DBG1(SIG_DBG_NET, "unable to create raw socket: %m");
return 0;
}
if (setsockopt(skt, SOL_SOCKET, SO_ATTACH_FILTER,
&ikev2_filter, sizeof(ikev2_filter)) < 0)
{
- this->logger->log(this->logger, ERROR,
- "unable to attach IKEv2 filter to raw socket: %m");
+ DBG1(SIG_DBG_NET, "unable to attach IKEv2 filter to raw socket: %m");
close(skt);
return 0;
}
@@ -705,8 +681,7 @@ static int open_recv_socket(private_socket_t *this, int family)
* 2 or 50 depending on kernel header version */
setsockopt(skt, sol, IPV6_2292PKTINFO, &on, sizeof(on)) < 0)
{
- this->logger->log(this->logger, ERROR,
- "unable to set IPV6_PKTINFO on raw socket: %m");
+ DBG1(SIG_DBG_NET, "unable to set IPV6_PKTINFO on raw socket: %m");
close(skt);
return 0;
}
@@ -722,8 +697,7 @@ static int open_recv_socket(private_socket_t *this, int family)
if (setsockopt(skt, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
{
- this->logger->log(this->logger, ERROR,
- "unable to set IPSEC_POLICY on raw socket: %m");
+ DBG1(SIG_DBG_NET, "unable to set IPSEC_POLICY on raw socket: %m");
close(skt);
return 0;
}
@@ -776,8 +750,6 @@ socket_t *socket_create(u_int16_t port, u_int16_t natt_port)
this->public.is_local_address = (bool(*)(socket_t*, host_t*,char**))is_local_address;
this->public.create_local_address_list = (linked_list_t*(*)(socket_t*))create_local_address_list;
this->public.destroy = (void(*)(socket_t*)) destroy;
-
- this->logger = logger_manager->get_logger(logger_manager, SOCKET);
this->port = port;
this->natt_port = natt_port;
@@ -791,16 +763,14 @@ socket_t *socket_create(u_int16_t port, u_int16_t natt_port)
this->recv4 = open_recv_socket(this, AF_INET);
if (this->recv4 == 0)
{
- this->logger->log(this->logger, ERROR,
- "could not open IPv4 receive socket, IPv4 disabled");
+ DBG1(SIG_DBG_NET, "could not open IPv4 receive socket, IPv4 disabled");
}
else
{
this->send4 = open_send_socket(this, AF_INET, this->port);
if (this->send4 == 0)
{
- this->logger->log(this->logger, ERROR,
- "could not open IPv4 send socket, IPv4 disabled");
+ DBG1(SIG_DBG_NET, "could not open IPv4 send socket, IPv4 disabled");
close(this->recv4);
}
else
@@ -808,8 +778,7 @@ socket_t *socket_create(u_int16_t port, u_int16_t natt_port)
this->send4_natt = open_send_socket(this, AF_INET, this->natt_port);
if (this->send4_natt == 0)
{
- this->logger->log(this->logger, ERROR,
- "could not open IPv4 NAT-T send socket");
+ DBG1(SIG_DBG_NET, "could not open IPv4 NAT-T send socket");
}
}
}
@@ -817,16 +786,14 @@ socket_t *socket_create(u_int16_t port, u_int16_t natt_port)
this->recv6 = open_recv_socket(this, AF_INET6);
if (this->recv6 == 0)
{
- this->logger->log(this->logger, ERROR,
- "could not open IPv6 receive socket, IPv6 disabled");
+ DBG1(SIG_DBG_NET, "could not open IPv6 receive socket, IPv6 disabled");
}
else
{
this->send6 = open_send_socket(this, AF_INET6, this->port);
if (this->send6 == 0)
{
- this->logger->log(this->logger, ERROR,
- "could not open IPv6 send socket, IPv6 disabled");
+ DBG1(SIG_DBG_NET, "could not open IPv6 send socket, IPv6 disabled");
close(this->recv6);
}
else
@@ -834,16 +801,14 @@ socket_t *socket_create(u_int16_t port, u_int16_t natt_port)
this->send6_natt = open_send_socket(this, AF_INET6, this->natt_port);
if (this->send6_natt == 0)
{
- this->logger->log(this->logger, ERROR,
- "could not open IPv6 NAT-T send socket");
+ DBG1(SIG_DBG_NET, "could not open IPv6 NAT-T send socket");
}
}
}
if (!(this->send4 || this->send6) || !(this->recv4 || this->recv6))
{
- this->logger->log(this->logger, ERROR,
- "could not create any sockets");
+ DBG1(SIG_DBG_NET, "could not create any sockets");
destroy(this);
charon->kill(charon, "socket initialization failed");
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-04 16:53:18 +0000