diff options
Diffstat (limited to 'src/libstrongswan/plugins')
41 files changed, 340 insertions, 283 deletions
diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c index d0a2da87f..4247f849e 100644 --- a/src/libstrongswan/plugins/agent/agent_private_key.c +++ b/src/libstrongswan/plugins/agent/agent_private_key.c @@ -137,7 +137,8 @@ static int open_connection(char *path) s = socket(AF_UNIX, SOCK_STREAM, 0); if (s == -1) { - DBG1("opening ssh-agent socket %s failed: %s:", path, strerror(errno)); + DBG1(DBG_LIB, "opening ssh-agent socket %s failed: %s:", path, + strerror(errno)); return -1; } @@ -147,7 +148,8 @@ static int open_connection(char *path) if (connect(s, (struct sockaddr*)&addr, SUN_LEN(&addr)) != 0) { - DBG1("connecting to ssh-agent socket failed: %s", strerror(errno)); + DBG1(DBG_LIB, "connecting to ssh-agent socket failed: %s", + strerror(errno)); close(s); return -1; } @@ -168,7 +170,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey) if (write(this->socket, &len, sizeof(len)) != sizeof(len) || write(this->socket, &buf, 1) != 1) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } @@ -179,7 +181,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey) read_uint32(&blob) != blob.len || read_byte(&blob) != SSH_AGENT_ID_RESPONSE) { - DBG1("received invalid ssh-agent identity response"); + DBG1(DBG_LIB, "received invalid ssh-agent identity response"); return FALSE; } count = read_uint32(&blob); @@ -231,7 +233,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, if (scheme != SIGN_RSA_EMSA_PKCS1_SHA1) { - DBG1("signature scheme %N not supported by ssh-agent", + DBG1(DBG_LIB, "signature scheme %N not supported by ssh-agent", signature_scheme_names, scheme); return FALSE; } @@ -241,7 +243,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, if (write(this->socket, &len, sizeof(len)) != sizeof(len) || write(this->socket, &buf, 1) != 1) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } @@ -249,7 +251,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, if (write(this->socket, &len, sizeof(len)) != sizeof(len) || write(this->socket, this->key.ptr, this->key.len) != this->key.len) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } @@ -257,14 +259,14 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, if (write(this->socket, &len, sizeof(len)) != sizeof(len) || write(this->socket, data.ptr, data.len) != data.len) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } flags = htonl(0); if (write(this->socket, &flags, sizeof(flags)) != sizeof(flags)) { - DBG1("writing to ssh-agent failed"); + DBG1(DBG_LIB, "writing to ssh-agent failed"); return FALSE; } @@ -274,7 +276,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, read_uint32(&blob) != blob.len || read_byte(&blob) != SSH_AGENT_SIGN_RESPONSE) { - DBG1("received invalid ssh-agent signature response"); + DBG1(DBG_LIB, "received invalid ssh-agent signature response"); return FALSE; } /* parse length */ @@ -285,7 +287,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, blob = read_string(&blob); if (!blob.len) { - DBG1("received invalid ssh-agent signature response"); + DBG1(DBG_LIB, "received invalid ssh-agent signature response"); return FALSE; } *signature = chunk_clone(blob); @@ -306,7 +308,7 @@ static key_type_t get_type(private_agent_private_key_t *this) static bool decrypt(private_agent_private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("private key decryption not supported by ssh-agent"); + DBG1(DBG_LIB, "private key decryption not supported by ssh-agent"); return FALSE; } diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c index 08315e932..2341c9052 100644 --- a/src/libstrongswan/plugins/curl/curl_fetcher.c +++ b/src/libstrongswan/plugins/curl/curl_fetcher.c @@ -84,7 +84,7 @@ METHOD(fetcher_t, fetch, status_t, curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, this->headers); } - DBG2(" sending http request to '%s'...", uri); + DBG2(DBG_LIB, " sending http request to '%s'...", uri); switch (curl_easy_perform(this->curl)) { case CURLE_UNSUPPORTED_PROTOCOL: @@ -94,7 +94,7 @@ METHOD(fetcher_t, fetch, status_t, status = SUCCESS; break; default: - DBG1("libcurl http request failed: %s", error); + DBG1(DBG_LIB, "libcurl http request failed: %s", error); status = FAILED; break; } diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c index b08d54cc3..e00fcfc03 100644 --- a/src/libstrongswan/plugins/curl/curl_plugin.c +++ b/src/libstrongswan/plugins/curl/curl_plugin.c @@ -69,7 +69,7 @@ plugin_t *curl_plugin_create() } else { - DBG1("global libcurl initializing failed: %s, curl disabled", + DBG1(DBG_LIB, "global libcurl initializing failed: %s, curl disabled", curl_easy_strerror(res)); } return &this->public.plugin; diff --git a/src/libstrongswan/plugins/dnskey/dnskey_builder.c b/src/libstrongswan/plugins/dnskey/dnskey_builder.c index ba20e7158..ea4eb6cda 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_builder.c +++ b/src/libstrongswan/plugins/dnskey/dnskey_builder.c @@ -52,7 +52,7 @@ static dnskey_public_key_t *parse_public_key(chunk_t blob) if (blob.len < sizeof(dnskey_rr_t)) { - DBG1("DNSKEY too short"); + DBG1(DBG_LIB, "DNSKEY too short"); return NULL; } blob = chunk_skip(blob, sizeof(dnskey_rr_t)); @@ -63,7 +63,8 @@ static dnskey_public_key_t *parse_public_key(chunk_t blob) return lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, BUILD_BLOB_DNSKEY, blob, BUILD_END); default: - DBG1("DNSKEY public key algorithm %d not supported", rr->algorithm); + DBG1(DBG_LIB, "DNSKEY public key algorithm %d not supported", + rr->algorithm); return NULL; } } @@ -77,7 +78,7 @@ static dnskey_public_key_t *parse_rsa_public_key(chunk_t blob) if (blob.len < 3) { - DBG1("RFC 3110 public key blob too short for exponent length"); + DBG1(DBG_LIB, "RFC 3110 public key blob too short for exponent length"); return NULL; } @@ -94,7 +95,7 @@ static dnskey_public_key_t *parse_rsa_public_key(chunk_t blob) e.ptr = blob.ptr; if (e.len >= blob.len) { - DBG1("RFC 3110 public key blob too short for exponent"); + DBG1(DBG_LIB, "RFC 3110 public key blob too short for exponent"); return NULL; } n = chunk_skip(blob, e.len); diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c index 123d2a244..ad03fa585 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c @@ -126,14 +126,14 @@ static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[]) { /* a. XVAL = (XKEY + XSEED j) mod 2^b */ add_mod(this->b, xkey, xseed, xval); - DBG3("XVAL %b", xval, this->b); + DBG3(DBG_LIB, "XVAL %b", xval, this->b); /* b. wi = G(t, XVAL ) */ this->g(this, chunk_create(xval, this->b), &w[i * this->b]); - DBG3("w[%d] %b", i, &w[i * this->b], this->b); + DBG3(DBG_LIB, "w[%d] %b", i, &w[i * this->b], this->b); /* c. XKEY = (1 + XKEY + wi) mod 2b */ add_mod(this->b, xkey, &w[i * this->b], sum); add_mod(this->b, sum, one, xkey); - DBG3("XKEY %b", xkey, this->b); + DBG3(DBG_LIB, "XKEY %b", xkey, this->b); } /* 3.3 done already, mod q not used */ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c index 1eee6226d..5dbdde32c 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c @@ -234,7 +234,7 @@ gcrypt_crypter_t *gcrypt_crypter_create(encryption_algorithm_t algo, err = gcry_cipher_open(&this->h, gcrypt_alg, mode, 0); if (err) { - DBG1("grcy_cipher_open(%N) failed: %s", + DBG1(DBG_LIB, "grcy_cipher_open(%N) failed: %s", encryption_algorithm_names, algo, gpg_strerror(err)); free(this); return NULL; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c index 07e987d4d..ca730f9cd 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c @@ -89,7 +89,7 @@ static void set_other_public_value(private_gcrypt_dh_t *this, chunk_t value) err = gcry_mpi_scan(&this->yb, GCRYMPI_FMT_USG, value.ptr, value.len, NULL); if (err) { - DBG1("importing mpi yb failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "importing mpi yb failed: %s", gpg_strerror(err)); return; } @@ -110,7 +110,8 @@ static void set_other_public_value(private_gcrypt_dh_t *this, chunk_t value) } else { - DBG1("public DH value verification failed: y < 2 || y > p - 1 "); + DBG1(DBG_LIB, "public DH value verification failed:" + " y < 2 || y > p - 1 "); } gcry_mpi_release(p_min_1); } @@ -207,7 +208,7 @@ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) params->prime, params->prime_len, NULL); if (err) { - DBG1("importing mpi modulus failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "importing mpi modulus failed: %s", gpg_strerror(err)); free(this); return NULL; } @@ -222,7 +223,7 @@ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) chunk_clear(&random); if (err) { - DBG1("importing mpi xa failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "importing mpi xa failed: %s", gpg_strerror(err)); gcry_mpi_release(this->p); free(this); return NULL; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c index d12fe11d5..39609c16c 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c @@ -137,7 +137,7 @@ gcrypt_hasher_t *gcrypt_hasher_create(hash_algorithm_t algo) err = gcry_md_open(&this->hd, gcrypt_alg, 0); if (err) { - DBG1("grcy_md_open(%N) failed: %s", + DBG1(DBG_LIB, "grcy_md_open(%N) failed: %s", hash_algorithm_names, algo, gpg_strerror(err)); free(this); return NULL; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c index c87f3b882..341ba51d7 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c @@ -126,7 +126,7 @@ plugin_t *gcrypt_plugin_create() if (!gcry_check_version(GCRYPT_VERSION)) { - DBG1("libgcrypt version mismatch"); + DBG1(DBG_LIB, "libgcrypt version mismatch"); return NULL; } diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c index cd156961e..a1d237bcd 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c @@ -130,14 +130,15 @@ static bool sign_raw(private_gcrypt_rsa_private_key_t *this, chunk_free(&em); if (err) { - DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building signature S-expression failed: %s", + gpg_strerror(err)); return FALSE; } err = gcry_pk_sign(&out, in, this->key); gcry_sexp_release(in); if (err) { - DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "creating pkcs1 signature failed: %s", gpg_strerror(err)); return FALSE; } *signature = gcrypt_rsa_find_token(out, "s", this->key); @@ -176,14 +177,14 @@ static bool sign_pkcs1(private_gcrypt_rsa_private_key_t *this, chunk_free(&hash); if (err) { - DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building signature S-expression failed: %s", gpg_strerror(err)); return FALSE; } err = gcry_pk_sign(&out, in, this->key); gcry_sexp_release(in); if (err) { - DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "creating pkcs1 signature failed: %s", gpg_strerror(err)); return FALSE; } *signature = gcrypt_rsa_find_token(out, "s", this->key); @@ -222,7 +223,7 @@ static bool sign(private_gcrypt_rsa_private_key_t *this, signature_scheme_t sche case SIGN_RSA_EMSA_PKCS1_MD5: return sign_pkcs1(this, HASH_MD5, "md5", data, sig); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -243,14 +244,15 @@ static bool decrypt(private_gcrypt_rsa_private_key_t *this, encrypted.len, encrypted.ptr); if (err) { - DBG1("building decryption S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building decryption S-expression failed: %s", + gpg_strerror(err)); return FALSE; } err = gcry_pk_decrypt(&out, in, this->key); gcry_sexp_release(in); if (err) { - DBG1("decrypting pkcs1 data failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "decrypting pkcs1 data failed: %s", gpg_strerror(err)); return FALSE; } padded.ptr = (u_char*)gcry_sexp_nth_data(out, 1, &padded.len); @@ -269,7 +271,7 @@ static bool decrypt(private_gcrypt_rsa_private_key_t *this, gcry_sexp_release(out); if (!pos) { - DBG1("decrypted data has invalid pkcs1 padding"); + DBG1(DBG_LIB, "decrypted data has invalid pkcs1 padding"); return FALSE; } return TRUE; @@ -329,7 +331,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this, chunk_clear(&cp); chunk_clear(&cq); chunk_clear(&cd); - DBG1("scanning mpi for export failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "scanning mpi for export failed: %s", gpg_strerror(err)); return FALSE; } @@ -352,7 +354,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this, if (err) { - DBG1("printing mpi for export failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "printing mpi for export failed: %s", gpg_strerror(err)); chunk_clear(&cp); chunk_clear(&cq); chunk_clear(&cd); @@ -488,7 +490,7 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_gen(key_type_t type, err = gcry_sexp_build(¶m, NULL, "(genkey(rsa(nbits %d)))", key_size); if (err) { - DBG1("building S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building S-expression failed: %s", gpg_strerror(err)); return NULL; } this = gcrypt_rsa_private_key_create_empty(); @@ -497,7 +499,7 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_gen(key_type_t type, if (err) { free(this); - DBG1("generating RSA key failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "generating RSA key failed: %s", gpg_strerror(err)); return NULL; } return &this->public; @@ -557,14 +559,14 @@ gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_load(key_type_t type, p.len, p.ptr, q.len, q.ptr, u.len, u.ptr); if (err) { - DBG1("loading private key failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "loading private key failed: %s", gpg_strerror(err)); free(this); return NULL; } err = gcry_pk_testkey(this->key); if (err) { - DBG1("private key sanity check failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "private key sanity check failed: %s", gpg_strerror(err)); destroy(this); return NULL; } diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c index e083fac94..5fd15d9a3 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c @@ -83,14 +83,16 @@ static bool verify_raw(private_gcrypt_rsa_public_key_t *this, chunk_free(&em); if (err) { - DBG1("building data S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building data S-expression failed: %s", + gpg_strerror(err)); return FALSE; } err = gcry_sexp_build(&sig, NULL, "(sig-val(rsa(s %b)))", signature.len, signature.ptr); if (err) { - DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building signature S-expression failed: %s", + gpg_strerror(err)); gcry_sexp_release(in); return FALSE; } @@ -99,7 +101,8 @@ static bool verify_raw(private_gcrypt_rsa_public_key_t *this, gcry_sexp_release(sig); if (err) { - DBG1("RSA signature verification failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "RSA signature verification failed: %s", + gpg_strerror(err)); return FALSE; } return TRUE; @@ -130,7 +133,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this, chunk_free(&hash); if (err) { - DBG1("building data S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building data S-expression failed: %s", + gpg_strerror(err)); return FALSE; } @@ -138,7 +142,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this, signature.len, signature.ptr); if (err) { - DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building signature S-expression failed: %s", + gpg_strerror(err)); gcry_sexp_release(in); return FALSE; } @@ -147,7 +152,8 @@ static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this, gcry_sexp_release(sig); if (err) { - DBG1("RSA signature verification failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "RSA signature verification failed: %s", + gpg_strerror(err)); return FALSE; } return TRUE; @@ -184,7 +190,7 @@ static bool verify(private_gcrypt_rsa_public_key_t *this, case SIGN_RSA_EMSA_PKCS1_SHA512: return verify_pkcs1(this, HASH_SHA512, "sha512", data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -205,14 +211,16 @@ static bool encrypt_(private_gcrypt_rsa_public_key_t *this, chunk_t plain, plain.len, plain.ptr); if (err) { - DBG1("building encryption S-expression failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "building encryption S-expression failed: %s", + gpg_strerror(err)); return FALSE; } err = gcry_pk_encrypt(&out, in, this->key); gcry_sexp_release(in); if (err) { - DBG1("encrypting data using pkcs1 failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "encrypting data using pkcs1 failed: %s", + gpg_strerror(err)); return FALSE; } *encrypted = gcrypt_rsa_find_token(out, "a", this->key); @@ -343,7 +351,7 @@ gcrypt_rsa_public_key_t *gcrypt_rsa_public_key_load(key_type_t type, n.len, n.ptr, e.len, e.ptr); if (err) { - DBG1("loading public key failed: %s", gpg_strerror(err)); + DBG1(DBG_LIB, "loading public key failed: %s", gpg_strerror(err)); free(this); return NULL; } diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c index f4808f2d4..056bdaac5 100644 --- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c +++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c @@ -119,7 +119,8 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v } else { - DBG1("public DH value verification failed: y ^ q mod p != 1"); + DBG1(DBG_LIB, "public DH value verification failed:" + " y ^ q mod p != 1"); } mpz_clear(one); #else @@ -129,7 +130,8 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v } else { - DBG1("public DH value verification failed: y < 2 || y > p - 1 "); + DBG1(DBG_LIB, "public DH value verification failed:" + " y < 2 || y > p - 1 "); } mpz_clear(p_min_1); } @@ -228,7 +230,8 @@ gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group) rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); if (!rng) { - DBG1("no RNG found for quality %N", rng_quality_names, RNG_STRONG); + DBG1(DBG_LIB, "no RNG found for quality %N", rng_quality_names, + RNG_STRONG); destroy(this); return NULL; } @@ -243,7 +246,8 @@ gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group) } mpz_import(this->xa, random.len, 1, 1, 1, 0, random.ptr); chunk_free(&random); - DBG2("size of DH secret exponent: %u bits", mpz_sizeinbase(this->xa, 2)); + DBG2(DBG_LIB, "size of DH secret exponent: %u bits", + mpz_sizeinbase(this->xa, 2)); mpz_powm(this->ya, this->g, this->xa, this->p); diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c index ac2bad5bf..0d7ec48d2 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c @@ -141,7 +141,8 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this, rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE); if (!rng) { - DBG1("no RNG of quality %N found", rng_quality_names, RNG_TRUE); + DBG1(DBG_LIB, "no RNG of quality %N found", rng_quality_names, + RNG_TRUE); return FAILED; } @@ -248,7 +249,8 @@ static bool build_emsa_pkcs1_signature(private_gmp_rsa_private_key_t *this, if (data.len > this->k - 3) { free(digestInfo.ptr); - DBG1("unable to sign %d bytes using a %dbit key", data.len, this->k * 8); + DBG1(DBG_LIB, "unable to sign %d bytes using a %dbit key", data.len, + this->k * 8); return FALSE; } @@ -309,7 +311,7 @@ static bool sign(private_gmp_rsa_private_key_t *this, signature_scheme_t scheme, case SIGN_RSA_EMSA_PKCS1_MD5: return build_emsa_pkcs1_signature(this, HASH_MD5, data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -332,7 +334,7 @@ static bool decrypt(private_gmp_rsa_private_key_t *this, chunk_t crypto, /* check for hex pattern 00 02 in decrypted message */ if ((*stripped.ptr++ != 0x00) || (*(stripped.ptr++) != 0x02)) { - DBG1("incorrect padding - probably wrong rsa key"); + DBG1(DBG_LIB, "incorrect padding - probably wrong rsa key"); goto end; } stripped.len -= 2; @@ -342,7 +344,7 @@ static bool decrypt(private_gmp_rsa_private_key_t *this, chunk_t crypto, if (stripped.len == 0) { - DBG1("no plaintext data"); + DBG1(DBG_LIB, "no plaintext data"); goto end; } @@ -514,14 +516,14 @@ static status_t check(private_gmp_rsa_private_key_t *this) */ if (this->k < 512 / BITS_PER_BYTE) { - DBG1("key shorter than 512 bits"); + DBG1(DBG_LIB, "key shorter than 512 bits"); return FAILED; } /* we picked a max modulus size to simplify buffer allocation */ if (this->k > 8192 / BITS_PER_BYTE) { - DBG1("key larger than 8192 bits"); + DBG1(DBG_LIB, "key larger than 8192 bits"); return FAILED; } @@ -595,7 +597,7 @@ static status_t check(private_gmp_rsa_private_key_t *this) mpz_clear_sensitive(q1); if (status != SUCCESS) { - DBG1("key integrity tests failed"); + DBG1(DBG_LIB, "key integrity tests failed"); } return status; } @@ -684,7 +686,7 @@ gmp_rsa_private_key_t *gmp_rsa_private_key_gen(key_type_t type, va_list args) mpz_mul(n, p, q); /* n = p*q */ mpz_init_set_ui(e, PUBLIC_EXPONENT); /* assign public exponent */ - mpz_init_set(m, p); /* m = p */ + mpz_init_set(m, p); /* m = p */ mpz_sub_ui(m, m, 1); /* m = m -1 */ mpz_init_set(q1, q); /* q1 = q */ mpz_sub_ui(q1, q1, 1); /* q1 = q1 -1 */ diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c index 111533bec..93eef06ec 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c @@ -183,8 +183,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, { /* IKEv1 signatures without digestInfo */ if (em.len != data.len) { - DBG1("hash size in signature is %u bytes instead of %u bytes", - em.len, data.len); + DBG1(DBG_LIB, "hash size in signature is %u bytes instead of" + " %u bytes", em.len, data.len); goto end; } success = memeq(em.ptr, data.ptr, data.len); @@ -196,7 +196,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, int objectID; hash_algorithm_t hash_algorithm = HASH_UNKNOWN; - DBG2("signature verification:"); + DBG2(DBG_LIB, "signature verification:"); parser = asn1_parser_create(digestInfoObjects, em); while (parser->iterate(parser, &objectID, &object)) @@ -207,7 +207,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, { if (em.len > object.len) { - DBG1("digestInfo field in signature is followed by %u surplus bytes", + DBG1(DBG_LIB, "digestInfo field in signature is" + " followed by %u surplus bytes", em.len - object.len); goto end_parser; } @@ -221,8 +222,8 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, hash_algorithm = hasher_algorithm_from_oid(hash_oid); if (hash_algorithm == HASH_UNKNOWN || hash_algorithm != algorithm) { - DBG1("expected hash algorithm %N, but found %N (OID: %#B)", - hash_algorithm_names, algorithm, + DBG1(DBG_LIB, "expected hash algorithm %N, but found" + " %N (OID: %#B)", hash_algorithm_names, algorithm, hash_algorithm_names, hash_algorithm, &object); goto end_parser; } @@ -236,15 +237,16 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm); if (hasher == NULL) { - DBG1("hash algorithm %N not supported", + DBG1(DBG_LIB, "hash algorithm %N not supported", hash_algorithm_names, hash_algorithm); goto end_parser; } if (object.len != hasher->get_hash_size(hasher)) { - DBG1("hash size in signature is %u bytes instead of %u " - "bytes", object.len, hasher->get_hash_size(hasher)); + DBG1(DBG_LIB, "hash size in signature is %u bytes" + " instead of %u bytes", object.len, + hasher->get_hash_size(hasher)); hasher->destroy(hasher); goto end_parser; } @@ -302,7 +304,7 @@ static bool verify(private_gmp_rsa_public_key_t *this, signature_scheme_t scheme case SIGN_RSA_EMSA_PKCS1_SHA512: return verify_emsa_pkcs1_signature(this, HASH_SHA512, data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -324,7 +326,7 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain, rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); if (rng == NULL) { - DBG1("no random generator available"); + DBG1(DBG_LIB, "no random generator available"); return FALSE; } @@ -332,13 +334,14 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain, padding = this->k - plain.len - 3; if (padding < MIN_PS_PADDING) { - DBG1("pseudo-random padding must be at least %d octets", MIN_PS_PADDING); + DBG1(DBG_LIB, "pseudo-random padding must be at least %d octets", + MIN_PS_PADDING); return FALSE; } /* padding according to PKCS#1 7.2.1 (RSAES-PKCS1-v1.5-ENCRYPT) */ - DBG2("padding %u bytes of data to the rsa modulus size of %u bytes", - plain.len, this->k); + DBG2(DBG_LIB, "padding %u bytes of data to the rsa modulus size of" + " %u bytes", plain.len, this->k); em.len = this->k; em.ptr = malloc(em.len); pos = em.ptr; @@ -364,11 +367,11 @@ static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain, /* now add the data */ memcpy(pos, plain.ptr, plain.len); - DBG3("padded data before rsa encryption: %B", &em); + DBG3(DBG_LIB, "padded data before rsa encryption: %B", &em); /* rsa encryption using PKCS#1 RSAEP */ *crypto = rsaep(this, em); - DBG3("rsa encrypted data: %B", crypto); + DBG3(DBG_LIB, "rsa encrypted data: %B", crypto); chunk_clear(&em); return TRUE; } diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c index ce5b7d56b..59e655cd5 100644 --- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c +++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c @@ -73,27 +73,27 @@ static bool parse(LDAP *ldap, LDAPMessage *result, chunk_t *response) } else { - DBG1("LDAP response contains no values"); + DBG1(DBG_LIB, "LDAP response contains no values"); } ldap_value_free_len(values); } else { - DBG1("getting LDAP values failed: %s", + DBG1(DBG_LIB, "getting LDAP values failed: %s", ldap_err2string(ldap_result2error(ldap, entry, 0))); } ldap_memfree(attr); } else { - DBG1("finding LDAP attributes failed: %s", + DBG1(DBG_LIB, "finding LDAP attributes failed: %s", ldap_err2string(ldap_result2error(ldap, entry, 0))); } ber_free(ber, 0); } else { - DBG1("finding first LDAP entry failed: %s", + DBG1(DBG_LIB, "finding first LDAP entry failed: %s", ldap_err2string(ldap_result2error(ldap, entry, 0))); } return success; @@ -122,7 +122,7 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url, ldap = ldap_init(lurl->lud_host, lurl->lud_port); if (ldap == NULL) { - DBG1("LDAP initialization failed: %s", strerror(errno)); + DBG1(DBG_LIB, "LDAP initialization failed: %s", strerror(errno)); ldap_free_urldesc(lurl); return FAILED; } @@ -133,7 +133,7 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url, ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &ldap_version); ldap_set_option(ldap, LDAP_OPT_NETWORK_TIMEOUT, &timeout); - DBG2("sending LDAP request to '%s'...", url); + DBG2(DBG_LIB, "sending LDAP request to '%s'...", url); res = ldap_simple_bind_s(ldap, NULL, NULL); if (res == LDAP_SUCCESS) @@ -152,12 +152,13 @@ static status_t fetch(private_ldap_fetcher_t *this, char *url, } else { - DBG1("LDAP search failed: %s", ldap_err2string(res)); + DBG1(DBG_LIB, "LDAP search failed: %s", ldap_err2string(res)); } } else { - DBG1("LDAP bind to '%s' failed: %s", url, ldap_err2string(res)); + DBG1(DBG_LIB, "LDAP bind to '%s' failed: %s", url, + ldap_err2string(res)); } ldap_unbind_s(ldap); ldap_free_urldesc(lurl); diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c index 2338428f2..8005b9149 100644 --- a/src/libstrongswan/plugins/mysql/mysql_database.c +++ b/src/libstrongswan/plugins/mysql/mysql_database.c @@ -203,7 +203,7 @@ static conn_t *conn_get(private_mysql_database_t *this) this->password, this->database, this->port, NULL, 0)) { - DBG1("connecting to mysql://%s:***@%s:%d/%s failed: %s", + DBG1(DBG_LIB, "connecting to mysql://%s:***@%s:%d/%s failed: %s", this->username, this->host, this->port, this->database, mysql_error(found->mysql)); conn_destroy(found); @@ -213,7 +213,7 @@ static conn_t *conn_get(private_mysql_database_t *this) { this->mutex->lock(this->mutex); this->pool->insert_last(this->pool, found); - DBG2("increased MySQL connection pool size to %d", + DBG2(DBG_LIB, "increased MySQL connection pool size to %d", this->pool->get_count(this->pool)); this->mutex->unlock(this->mutex); } @@ -232,12 +232,14 @@ static MYSQL_STMT* run(MYSQL *mysql, char *sql, va_list *args) stmt = mysql_stmt_init(mysql); if (stmt == NULL) { - DBG1("creating MySQL statement failed: %s", mysql_error(mysql)); + DBG1(DBG_LIB, "creating MySQL statement failed: %s", + mysql_error(mysql)); return NULL; } if (mysql_stmt_prepare(stmt, sql, strlen(sql))) { - DBG1("preparing MySQL statement failed: %s", mysql_stmt_error(stmt)); + DBG1(DBG_LIB, "preparing MySQL statement failed: %s", + mysql_stmt_error(stmt)); mysql_stmt_close(stmt); return NULL; } @@ -303,21 +305,23 @@ static MYSQL_STMT* run(MYSQL *mysql, char *sql, va_list *args) break; } default: - DBG1("invalid data type supplied"); + DBG1(DBG_LIB, "invalid data type supplied"); mysql_stmt_close(stmt); return NULL; } } if (mysql_stmt_bind_param(stmt, bind)) { - DBG1("binding MySQL param failed: %s", mysql_stmt_error(stmt)); + DBG1(DBG_LIB, "binding MySQL param failed: %s", + mysql_stmt_error(stmt)); mysql_stmt_close(stmt); return NULL; } } if (mysql_stmt_execute(stmt)) { - DBG1("executing MySQL statement failed: %s", mysql_stmt_error(stmt)); + DBG1(DBG_LIB, "executing MySQL statement failed: %s", + mysql_stmt_error(stmt)); mysql_stmt_close(stmt); return NULL; } @@ -413,7 +417,8 @@ static bool mysql_enumerator_enumerate(mysql_enumerator_t *this, ...) case MYSQL_NO_DATA: return FALSE; default: - DBG1("fetching MySQL row failed: %s", mysql_stmt_error(this->stmt)); + DBG1(DBG_LIB, "fetching MySQL row failed: %s", + mysql_stmt_error(this->stmt)); return FALSE; } @@ -536,7 +541,7 @@ static enumerator_t* query(private_mysql_database_t *this, char *sql, ...) break; } default: - DBG1("invalid result data type supplied"); + DBG1(DBG_LIB, "invalid result data type supplied"); mysql_enumerator_destroy(enumerator); va_end(args); return NULL; @@ -544,7 +549,8 @@ static enumerator_t* query(private_mysql_database_t *this, char *sql, ...) } if (mysql_stmt_bind_result(stmt, enumerator->bind)) { - DBG1("binding MySQL result failed: %s", mysql_stmt_error(stmt)); + DBG1(DBG_LIB, "binding MySQL result failed: %s", + mysql_stmt_error(stmt)); mysql_enumerator_destroy(enumerator); enumerator = NULL; } @@ -653,7 +659,7 @@ static bool parse_uri(private_mysql_database_t *this, char *uri) } } } - DBG1("parsing MySQL database uri '%s' failed", uri); + DBG1(DBG_LIB, "parsing MySQL database uri '%s' failed", uri); return FALSE; } diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c index 44f952cb7..a13aa8091 100644 --- a/src/libstrongswan/plugins/mysql/mysql_plugin.c +++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c @@ -52,7 +52,7 @@ plugin_t *mysql_plugin_create() if (!mysql_database_init()) { - DBG1("MySQL client library initialization failed"); + DBG1(DBG_LIB, "MySQL client library initialization failed"); return NULL; } diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c index 92ba348c2..1520d5783 100644 --- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c @@ -103,7 +103,7 @@ static void set_other_public_value(private_openssl_diffie_hellman_t *this, len = DH_compute_key(this->shared_secret.ptr, this->pub_key, this->dh); if (len < 0) { - DBG1("DH shared secret computation failed"); + DBG1(DBG_LIB, "DH shared secret computation failed"); return; } this->shared_secret.len = len; @@ -187,7 +187,8 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(diffie_hellman_group_t g destroy(this); return NULL; } - DBG2("size of DH secret exponent: %d bits", BN_num_bits(this->dh->priv_key)); + DBG2(DBG_LIB, "size of DH secret exponent: %d bits", + BN_num_bits(this->dh->priv_key)); return &this->public; } diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c index 671fa41e2..faec411cd 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c @@ -212,14 +212,14 @@ static void set_other_public_value(private_openssl_ec_diffie_hellman_t *this, ch { if (!chunk2ecp(this->ec_group, value, this->pub_key)) { - DBG1("ECDH public value is malformed"); + DBG1(DBG_LIB, "ECDH public value is malformed"); return; } chunk_free(&this->shared_secret); if (!compute_shared_key(this, &this->shared_secret)) { - DBG1("ECDH shared secret computation failed"); + DBG1(DBG_LIB, "ECDH shared secret computation failed"); return; } diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c index 508370e0a..f355c2022 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c @@ -84,14 +84,14 @@ static bool build_curve_signature(private_openssl_ec_private_key_t *this, req_group = EC_GROUP_new_by_curve_name(nid_curve); if (!req_group) { - DBG1("signature scheme %N not supported in EC (required curve " + DBG1(DBG_LIB, "signature scheme %N not supported in EC (required curve " "not supported)", signature_scheme_names, scheme); return FALSE; } my_group = EC_KEY_get0_group(this->ec); if (EC_GROUP_cmp(my_group, req_group, NULL) != 0) { - DBG1("signature scheme %N not supported by private key", + DBG1(DBG_LIB, "signature scheme %N not supported by private key", signature_scheme_names, scheme); return FALSE; } @@ -162,7 +162,7 @@ static bool sign(private_openssl_ec_private_key_t *this, return build_curve_signature(this, scheme, NID_sha512, NID_secp521r1, data, signature); default: - DBG1("signature scheme %N not supported", + DBG1(DBG_LIB, "signature scheme %N not supported", signature_scheme_names, scheme); return FALSE; } @@ -174,7 +174,7 @@ static bool sign(private_openssl_ec_private_key_t *this, static bool decrypt(private_openssl_ec_private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("EC private key decryption not implemented"); + DBG1(DBG_LIB, "EC private key decryption not implemented"); return FALSE; } @@ -348,13 +348,13 @@ openssl_ec_private_key_t *openssl_ec_private_key_gen(key_type_t type, this->ec = EC_KEY_new_by_curve_name(NID_secp521r1); break; default: - DBG1("EC private key size %d not supported", key_size); + DBG1(DBG_LIB, "EC private key size %d not supported", key_size); destroy(this); return NULL; } if (EC_KEY_generate_key(this->ec) != 1) { - DBG1("EC private key generation failed", key_size); + DBG1(DBG_LIB, "EC private key generation failed", key_size); destroy(this); return NULL; } diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c index 55bcb3165..454e0004f 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c @@ -82,14 +82,14 @@ static bool verify_curve_signature(private_openssl_ec_public_key_t *this, req_group = EC_GROUP_new_by_curve_name(nid_curve); if (!req_group) { - DBG1("signature scheme %N not supported in EC (required curve " + DBG1(DBG_LIB, "signature scheme %N not supported in EC (required curve " "not supported)", signature_scheme_names, scheme); return FALSE; } my_group = EC_KEY_get0_group(this->ec); if (EC_GROUP_cmp(my_group, req_group, NULL) != 0) { - DBG1("signature scheme %N not supported by private key", + DBG1(DBG_LIB, "signature scheme %N not supported by private key", signature_scheme_names, scheme); return FALSE; } @@ -162,7 +162,7 @@ static bool verify(private_openssl_ec_public_key_t *this, return verify_curve_signature(this, scheme, NID_sha512, NID_secp521r1, data, signature); default: - DBG1("signature scheme %N not supported in EC", + DBG1(DBG_LIB, "signature scheme %N not supported in EC", signature_scheme_names, scheme); return FALSE; } @@ -174,7 +174,7 @@ static bool verify(private_openssl_ec_public_key_t *this, static bool encrypt_(private_openssl_ec_public_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("EC public key encryption not implemented"); + DBG1(DBG_LIB, "EC public key encryption not implemented"); return FALSE; } @@ -217,7 +217,7 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp) hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (!hasher) { - DBG1("SHA1 hash algorithm not supported, fingerprinting failed"); + DBG1(DBG_LIB, "SHA1 hash algorithm not supported, fingerprinting failed"); free(key.ptr); return FALSE; } diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index 01c1a7ab5..6af593af5 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -160,7 +160,7 @@ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t sch case SIGN_RSA_EMSA_PKCS1_MD5: return build_emsa_pkcs1_signature(this, NID_md5, data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -172,7 +172,7 @@ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t sch static bool decrypt(private_openssl_rsa_private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("RSA private key decryption not implemented"); + DBG1(DBG_LIB, "RSA private key decryption not implemented"); return FALSE; } @@ -480,18 +480,18 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type, engine = ENGINE_by_id(engine_id); if (!engine) { - DBG1("engine '%s' is not available", engine_id); + DBG1(DBG_LIB, "engine '%s' is not available", engine_id); return NULL; } if (!ENGINE_init(engine)) { - DBG1("failed to initialize engine '%s'", engine_id); + DBG1(DBG_LIB, "failed to initialize engine '%s'", engine_id); ENGINE_free(engine); return NULL; } if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0)) { - DBG1("failed to set PIN on engine '%s'", engine_id); + DBG1(DBG_LIB, "failed to set PIN on engine '%s'", engine_id); ENGINE_free(engine); return NULL; } @@ -499,8 +499,8 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type, key = ENGINE_load_private_key(engine, keyid, NULL, NULL); if (!key) { - DBG1("failed to load private key with ID '%s' from engine '%s'", - keyid, engine_id); + DBG1(DBG_LIB, "failed to load private key with ID '%s' from " + "engine '%s'", keyid, engine_id); ENGINE_free(engine); return NULL; } diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index 6228a07f1..dd079e7bf 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -145,7 +145,7 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc case SIGN_RSA_EMSA_PKCS1_MD5: return verify_emsa_pkcs1_signature(this, NID_md5, data, signature); default: - DBG1("signature scheme %N not supported in RSA", + DBG1(DBG_LIB, "signature scheme %N not supported in RSA", signature_scheme_names, scheme); return FALSE; } @@ -157,7 +157,7 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc static bool encrypt_(private_openssl_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("RSA public key encryption not implemented"); + DBG1(DBG_LIB, "RSA public key encryption not implemented"); return FALSE; } @@ -200,7 +200,7 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp) hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (!hasher) { - DBG1("SHA1 hash algorithm not supported, fingerprinting failed"); + DBG1(DBG_LIB, "SHA1 hash algorithm not supported, fingerprinting failed"); free(key.ptr); return FALSE; } diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c index 2225318af..c9606ae15 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.c +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c @@ -97,7 +97,7 @@ static padlock_feature_t get_padlock_features() return d; } } - DBG1("Padlock not found, CPU is %s", vendor); + DBG1(DBG_LIB, "Padlock not found, CPU is %s", vendor); return 0; } @@ -143,7 +143,7 @@ plugin_t *padlock_plugin_create() free(this); return NULL; } - DBG1("Padlock found, supports:%s%s%s%s%s, enabled:%s%s%s%s%s", + DBG1(DBG_LIB, "Padlock found, supports:%s%s%s%s%s, enabled:%s%s%s%s%s", this->features & PADLOCK_RNG_AVAILABLE ? " RNG" : "", this->features & PADLOCK_ACE_AVAILABLE ? " ACE" : "", this->features & PADLOCK_ACE2_AVAILABLE ? " ACE2" : "", diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c index 2f285e9bc..65be9501b 100644 --- a/src/libstrongswan/plugins/pem/pem_builder.c +++ b/src/libstrongswan/plugins/pem/pem_builder.c @@ -73,7 +73,7 @@ static bool find_boundary(char* tag, chunk_t *line) { if (present("-----", line)) { - DBG2(" -----%s %.*s-----", tag, (int)name.len, name.ptr); + DBG2(DBG_LIB, " -----%s %.*s-----", tag, (int)name.len, name.ptr); return TRUE; } line->ptr++; line->len--; name.len++; @@ -99,7 +99,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); if (hasher == NULL) { - DBG1(" MD5 hash algorithm not available"); + DBG1(DBG_LIB, " MD5 hash algorithm not available"); return NOT_SUPPORTED; } hash.len = hasher->get_hash_size(hasher); @@ -121,7 +121,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size); if (crypter == NULL) { - DBG1(" %N encryption algorithm not available", + DBG1(DBG_LIB, " %N encryption algorithm not available", encryption_algorithm_names, alg); return NOT_SUPPORTED; } @@ -131,7 +131,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, blob->len % iv.len) { crypter->destroy(crypter); - DBG1(" data size is not multiple of block size"); + DBG1(DBG_LIB, " data size is not multiple of block size"); return PARSE_ERROR; } crypter->decrypt(crypter, *blob, iv, &decrypted); @@ -155,7 +155,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, { if (*last_padding_pos != padding) { - DBG1(" invalid passphrase"); + DBG1(DBG_LIB, " invalid passphrase"); return INVALID_ARG; } } @@ -234,7 +234,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data } /* we are looking for a parameter: value pair */ - DBG2(" %.*s", (int)line.len, line.ptr); + DBG2(DBG_LIB, " %.*s", (int)line.len, line.ptr); ugh = extract_parameter_value(&name, &value, &line); if (ugh != NULL) { @@ -274,8 +274,8 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data } else { - DBG1(" encryption algorithm '%.*s' not supported", - dek.len, dek.ptr); + DBG1(DBG_LIB, " encryption algorithm '%.*s'" + " not supported", dek.len, dek.ptr); return NOT_SUPPORTED; } eat_whitespace(&value); @@ -298,7 +298,8 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data *pgp = TRUE; data.ptr++; data.len--; - DBG2(" armor checksum: %.*s", (int)data.len, data.ptr); + DBG2(DBG_LIB, " armor checksum: %.*s", (int)data.len, + data.ptr); continue; } @@ -318,7 +319,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data if (state != PEM_POST) { - DBG1(" file coded in unknown format, discarded"); + DBG1(DBG_LIB, " file coded in unknown format, discarded"); return PARSE_ERROR; } if (!encrypted) @@ -327,7 +328,7 @@ static status_t pem_to_bin(chunk_t *blob, chunk_t(*cb)(void*,int), void *cb_data } if (!cb) { - DBG1(" missing passphrase"); + DBG1(DBG_LIB, " missing passphrase"); return INVALID_ARG; } while (TRUE) @@ -404,13 +405,14 @@ static void *load_from_file(char *file, credential_type_t type, int subtype, fd = open(file, O_RDONLY); if (fd == -1) { - DBG1(" opening '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno)); return NULL; } if (fstat(fd, &sb) == -1) { - DBG1(" getting file size of '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " getting file size of '%s' failed: %s", file, + strerror(errno)); close(fd); return NULL; } @@ -418,7 +420,7 @@ static void *load_from_file(char *file, credential_type_t type, int subtype, addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); if (addr == MAP_FAILED) { - DBG1(" mapping '%s' failed: %s", file, strerror(errno)); + DBG1(DBG_LIB, " mapping '%s' failed: %s", file, strerror(errno)); close(fd); return NULL; } @@ -447,7 +449,8 @@ static void *load_from_fd(int fd, credential_type_t type, int subtype, len = read(fd, pos, buf + sizeof(buf) - pos); if (len < 0) { - DBG1("reading from file descriptor failed: %s", strerror(errno)); + DBG1(DBG_LIB, "reading from file descriptor failed: %s", + strerror(errno)); return NULL; } if (len == 0) @@ -457,7 +460,7 @@ static void *load_from_fd(int fd, credential_type_t type, int subtype, total += len; if (total == sizeof(buf)) { - DBG1("buffer too small to read from file descriptor"); + DBG1(DBG_LIB, "buffer too small to read from file descriptor"); return NULL; } } diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c index d262d18ff..84c9bfddd 100644 --- a/src/libstrongswan/plugins/pgp/pgp_builder.c +++ b/src/libstrongswan/plugins/pgp/pgp_builder.c @@ -41,7 +41,7 @@ static public_key_t *parse_public_key(chunk_t blob) BUILD_BLOB_PGP, blob, BUILD_END); break; default: - DBG1("PGP public key algorithm %N not supported", + DBG1(DBG_LIB, "PGP public key algorithm %N not supported", pgp_pubkey_alg_names, alg); return NULL; } @@ -90,12 +90,13 @@ static private_key_t *parse_rsa_private_key(chunk_t blob) } if (s2k == 255 || s2k == 254) { - DBG1("string-to-key specifiers not supported"); + DBG1(DBG_LIB, "string-to-key specifiers not supported"); return NULL; } if (s2k != PGP_SYM_ALG_PLAIN) { - DBG1("%N private key encryption not supported", pgp_sym_alg_names, s2k); + DBG1(DBG_LIB, "%N private key encryption not supported", + pgp_sym_alg_names, s2k); return NULL; } @@ -121,7 +122,7 @@ static private_key_t *parse_rsa_private_key(chunk_t blob) static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature) { - DBG1("signing failed - decryption only key"); + DBG1(DBG_LIB, "signing failed - decryption only key"); return FALSE; } @@ -131,7 +132,7 @@ static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme, static bool decrypt_not_allowed(private_key_t *this, chunk_t crypto, chunk_t *plain) { - DBG1("decryption failed - signature only key"); + DBG1(DBG_LIB, "decryption failed - signature only key"); return FALSE; } @@ -164,7 +165,7 @@ static private_key_t *parse_private_key(chunk_t blob) case 4: break; default: - DBG1("PGP packet version V%d not supported", version); + DBG1(DBG_LIB, "PGP packet version V%d not supported", version); return FALSE; } if (!pgp_read_scalar(&packet, 4, &created)) diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c index fa2612285..cd04f3d1a 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.c +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -198,9 +198,9 @@ static bool is_newer(certificate_t *this, certificate_t *that) this->get_validity(this, &now, &this_update, NULL); that->get_validity(that, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" certificate from %T is %s - existing certificate from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " certificate from %T is %s - existing certificate" + " from %T %s", &this_update, FALSE, new ? "newer" : "not newer", + &that_update, FALSE, new ? "replaced" : "retained"); return new; } @@ -322,16 +322,18 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) } break; default: - DBG1("PGP packet version V%d not supported", this->version); + DBG1(DBG_LIB, "PGP packet version V%d not supported", + this->version); return FALSE; } if (this->valid) { - DBG2("L2 - created %T, valid %d days", &this->created, FALSE, this->valid); + DBG2(DBG_LIB, "L2 - created %T, valid %d days", &this->created, FALSE, + this->valid); } else { - DBG2("L2 - created %T, never expires", &this->created, FALSE); + DBG2(DBG_LIB, "L2 - created %T, never expires", &this->created, FALSE); } DESTROY_IF(this->key); this->key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, @@ -352,13 +354,13 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher == NULL) { - DBG1("no SHA-1 hasher available"); + DBG1(DBG_LIB, "no SHA-1 hasher available"); return FALSE; } hasher->allocate_hash(hasher, pubkey_packet_header, NULL); hasher->allocate_hash(hasher, pubkey_packet, &this->fingerprint); hasher->destroy(hasher); - DBG2("L2 - v4 fingerprint %#B", &this->fingerprint); + DBG2(DBG_LIB, "L2 - v4 fingerprint %#B", &this->fingerprint); } else { @@ -369,7 +371,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) return FALSE; } this->fingerprint = chunk_clone(this->fingerprint); - DBG2("L2 - v3 fingerprint %#B", &this->fingerprint); + DBG2(DBG_LIB, "L2 - v3 fingerprint %#B", &this->fingerprint); } return TRUE; } @@ -389,7 +391,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) /* we parse only v3 or v4 signature packets */ if (version != 3 && version != 4) { - DBG2("L2 - v%d signature ignored", version); + DBG2(DBG_LIB, "L2 - v%d signature ignored", version); return TRUE; } if (version == 4) @@ -398,7 +400,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) { return FALSE; } - DBG2("L2 - v%d signature of type 0x%02x", version, type); + DBG2(DBG_LIB, "L2 - v%d signature of type 0x%02x", version, type); } else { @@ -411,8 +413,8 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) { return FALSE; } - DBG2("L2 - v3 signature of type 0x%02x, created %T", type, - &created, FALSE); + DBG2(DBG_LIB, "L2 - v3 signature of type 0x%02x, created %T", type, + &created, FALSE); } /* TODO: parse and save signature to a list */ return TRUE; @@ -425,7 +427,7 @@ static bool parse_user_id(private_pgp_cert_t *this, chunk_t packet) { DESTROY_IF(this->user_id); this->user_id = identification_create_from_encoding(ID_KEY_ID, packet); - DBG2("L2 - '%Y'", this->user_id); + DBG2(DBG_LIB, "L2 - '%Y'", this->user_id); return TRUE; } @@ -486,7 +488,7 @@ pgp_cert_t *pgp_cert_load(certificate_type_t type, va_list args) } break; default: - DBG1("ignoring %N packet in PGP certificate", + DBG1(DBG_LIB, "ignoring %N packet in PGP certificate", pgp_packet_tag_names, tag); break; } diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c index 56acac597..d5c3df590 100644 --- a/src/libstrongswan/plugins/pgp/pgp_encoder.c +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c @@ -31,7 +31,8 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args) hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); if (!hasher) { - DBG1("MD5 hash algorithm not supported, PGP fingerprinting failed"); + DBG1(DBG_LIB, "MD5 hash algorithm not supported, PGP" + " fingerprinting failed"); return FALSE; } /* remove leading zero bytes before hashing modulus and exponent */ diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.c b/src/libstrongswan/plugins/pgp/pgp_utils.c index 1658f3232..2d85cc0c8 100644 --- a/src/libstrongswan/plugins/pgp/pgp_utils.c +++ b/src/libstrongswan/plugins/pgp/pgp_utils.c @@ -79,7 +79,7 @@ bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar) if (bytes > blob->len) { - DBG1("PGP data too short to read %d byte scalar", bytes); + DBG1(DBG_LIB, "PGP data too short to read %d byte scalar", bytes); return FALSE; } while (bytes-- > 0) @@ -100,13 +100,13 @@ bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi) if (!pgp_read_scalar(blob, 2, &bits)) { - DBG1("PGP data too short to read MPI length"); + DBG1(DBG_LIB, "PGP data too short to read MPI length"); return FALSE; } bytes = (bits + 7) / 8; if (bytes > blob->len) { - DBG1("PGP data too short to read %d byte MPI", bytes); + DBG1(DBG_LIB, "PGP data too short to read %d byte MPI", bytes); return FALSE; } *mpi = chunk_create(blob->ptr, bytes); @@ -146,7 +146,7 @@ bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag) if (!blob->len) { - DBG1("missing input"); + DBG1(DBG_LIB, "missing input"); return FALSE; } t = blob->ptr[0]; @@ -154,27 +154,27 @@ bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag) /* bit 7 must be set */ if (!(t & 0x80)) { - DBG1("invalid packet tag"); + DBG1(DBG_LIB, "invalid packet tag"); return FALSE; } /* bit 6 set defines new packet format */ if (t & 0x40) { - DBG1("new PGP packet format not supported"); + DBG1(DBG_LIB, "new PGP packet format not supported"); return FALSE; } t = (t & 0x3C) >> 2; if (!pgp_old_packet_length(blob, &len) || len > blob->len) { - DBG1("invalid packet length"); + DBG1(DBG_LIB, "invalid packet length"); return FALSE; } *data = chunk_create(blob->ptr, len); *blob = chunk_skip(*blob, len); *tag = t; - DBG2("L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len); - DBG3("%B", data); + DBG2(DBG_LIB, "L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len); + DBG3(DBG_LIB, "%B", data); return TRUE; } diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c index fbd35e830..88c848899 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c @@ -81,10 +81,10 @@ static public_key_t *parse_public_key(chunk_t blob) /* skip initial bit string octet defining 0 unused bits */ object = chunk_skip(object, 1); } - DBG2("-- > --"); + DBG2(DBG_LIB, "-- > --"); key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, type, BUILD_BLOB_ASN1_DER, object, BUILD_END); - DBG2("-- < --"); + DBG2(DBG_LIB, "-- < --"); break; } } @@ -197,7 +197,7 @@ static private_key_t *parse_rsa_private_key(chunk_t blob) case PRIV_KEY_VERSION: if (object.len > 0 && *object.ptr != 0) { - DBG1("PKCS#1 private key format is not version 1"); + DBG1(DBG_LIB, "PKCS#1 private key format is not version 1"); goto end; } break; diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c index 0a8da815a..e46062d97 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c @@ -97,7 +97,8 @@ static bool hash_pubkey(chunk_t pubkey, chunk_t *hash) if (hasher == NULL) { chunk_free(&pubkey); - DBG1("SHA1 hash algorithm not supported, fingerprinting failed"); + DBG1(DBG_LIB, "SHA1 hash algorithm not supported, " + "fingerprinting failed"); return FALSE; } hasher->allocate_hash(hasher, pubkey, hash); diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index abcb84440..cad279a9d 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -70,16 +70,18 @@ static plugin_t* load_plugin(private_plugin_loader_t *this, constructor = dlsym(RTLD_DEFAULT, create); if (constructor == NULL) { - DBG1("plugin '%s': failed to load - %s not found", name, create); + DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name, + create); return NULL; } plugin = constructor(); if (plugin == NULL) { - DBG1("plugin '%s': failed to load - %s returned NULL", name, create); + DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name, + create); return NULL; } - DBG2("plugin '%s': loaded successfully", name); + DBG2(DBG_LIB, "plugin '%s': loaded successfully", name); return plugin; } @@ -108,20 +110,23 @@ static plugin_t* load_plugin(private_plugin_loader_t *this, { if (!lib->integrity->check_file(lib->integrity, name, file)) { - DBG1("plugin '%s': failed file integrity test of '%s'", name, file); + DBG1(DBG_LIB, "plugin '%s': failed file integrity test of '%s'", + name, file); return NULL; } } handle = dlopen(file, RTLD_LAZY); if (handle == NULL) { - DBG1("plugin '%s': failed to load '%s' - %s", name, file, dlerror()); + DBG1(DBG_LIB, "plugin '%s': failed to load '%s' - %s", name, file, + dlerror()); return NULL; } constructor = dlsym(handle, create); if (constructor == NULL) { - DBG1("plugin '%s': failed to load - %s not found", name, create); + DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name, + create); dlclose(handle); return NULL; } @@ -129,20 +134,22 @@ static plugin_t* load_plugin(private_plugin_loader_t *this, { if (!lib->integrity->check_segment(lib->integrity, name, constructor)) { - DBG1("plugin '%s': failed segment integrity test", name); + DBG1(DBG_LIB, "plugin '%s': failed segment integrity test", name); dlclose(handle); return NULL; } - DBG1("plugin '%s': passed file and segment integrity tests", name); + DBG1(DBG_LIB, "plugin '%s': passed file and segment integrity tests", + name); } plugin = constructor(); if (plugin == NULL) { - DBG1("plugin '%s': failed to load - %s returned NULL", name, create); + DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name, + create); dlclose(handle); return NULL; } - DBG2("plugin '%s': loaded successfully", name); + DBG2(DBG_LIB, "plugin '%s': loaded successfully", name); /* we do not store or free dlopen() handles, leak_detective requires * the modules to keep loaded until leak report */ @@ -192,7 +199,7 @@ static bool load(private_plugin_loader_t *this, char *path, char *list) if (critical) { critical_failed = TRUE; - DBG1("loading critical plugin '%s' failed", token); + DBG1(DBG_LIB, "loading critical plugin '%s' failed", token); } free(token); } diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c index 34f300296..b09f3f57a 100644 --- a/src/libstrongswan/plugins/random/random_rng.c +++ b/src/libstrongswan/plugins/random/random_rng.c @@ -71,7 +71,7 @@ static void get_bytes(private_random_rng_t *this, size_t bytes, got = read(this->dev, buffer + done, bytes - done); if (got <= 0) { - DBG1("reading from \"%s\" failed: %s, retrying...", + DBG1(DBG_LIB, "reading from \"%s\" failed: %s, retrying...", this->file, strerror(errno)); close(this->dev); sleep(1); @@ -124,7 +124,7 @@ random_rng_t *random_rng_create(rng_quality_t quality) this->dev = open(this->file, 0); if (this->dev < 0) { - DBG1("opening \"%s\" failed: %s", this->file, strerror(errno)); + DBG1(DBG_LIB, "opening \"%s\" failed: %s", this->file, strerror(errno)); free(this); return NULL; } diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c index 721f1a126..3e20dbb51 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_database.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c @@ -110,11 +110,13 @@ static sqlite3_stmt* run(private_sqlite_database_t *this, char *sql, } else { - DBG1("preparing sqlite statement failed: %s", sqlite3_errmsg(this->db)); + DBG1(DBG_LIB, "preparing sqlite statement failed: %s", + sqlite3_errmsg(this->db)); } if (res != SQLITE_OK) { - DBG1("binding sqlite statement failed: %s", sqlite3_errmsg(this->db)); + DBG1(DBG_LIB, "binding sqlite statement failed: %s", + sqlite3_errmsg(this->db)); sqlite3_finalize(stmt); return NULL; } @@ -160,7 +162,7 @@ static bool sqlite_enumerator_enumerate(sqlite_enumerator_t *this, ...) case SQLITE_ROW: break; default: - DBG1("stepping sqlite statement failed: %s", + DBG1(DBG_LIB, "stepping sqlite statement failed: %s", sqlite3_errmsg(this->database->db)); /* fall */ case SQLITE_DONE: @@ -203,7 +205,7 @@ static bool sqlite_enumerator_enumerate(sqlite_enumerator_t *this, ...) break; } default: - DBG1("invalid result type supplied"); + DBG1(DBG_LIB, "invalid result type supplied"); return FALSE; } } @@ -272,7 +274,8 @@ static int execute(private_sqlite_database_t *this, int *rowid, char *sql, ...) } else { - DBG1("sqlite execute failed: %s", sqlite3_errmsg(this->db)); + DBG1(DBG_LIB, "sqlite execute failed: %s", + sqlite3_errmsg(this->db)); } sqlite3_finalize(stmt); } @@ -337,7 +340,7 @@ sqlite_database_t *sqlite_database_create(char *uri) if (sqlite3_open(file, &this->db) != SQLITE_OK) { - DBG1("opening SQLite database '%s' failed: %s", + DBG1(DBG_LIB, "opening SQLite database '%s' failed: %s", file, sqlite3_errmsg(this->db)); destroy(this); return NULL; diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c index 4dc1cc174..18e0c9278 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c @@ -44,7 +44,7 @@ static bool test_monobit(monobit_t *param, chunk_t data) } } } - DBG2(" Monobit: %d/%d bits set", bits, data.len * 8); + DBG2(DBG_LIB, " Monobit: %d/%d bits set", bits, data.len * 8); if (bits > param->lower && bits < param->upper) { return TRUE; @@ -101,7 +101,7 @@ static bool test_poker(poker_t *param, chunk_t data) sum += (counter[i] * counter[i]) / 5000.0 * 16.0; } sum -= 5000.0; - DBG2(" Poker: %f", sum); + DBG2(DBG_LIB, " Poker: %f", sum); if (sum > param->lower && sum < param->upper) { return TRUE; @@ -190,7 +190,7 @@ static bool test_runs(runs_t *param, chunk_t data) } } - DBG2(" Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, " + DBG2(DBG_LIB, " Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, " "longruns: %d", zero_runs[1], zero_runs[2], zero_runs[3], zero_runs[4], zero_runs[5], zero_runs[6], diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 79ff80933..95e72789e 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -192,7 +192,7 @@ static bool parse_directoryName(chunk_t blob, int level, bool implicit, identifi } else { - DBG1("more than one directory name - first selected"); + DBG1(DBG_LIB, "more than one directory name - first selected"); directoryName->destroy(directoryName); } } @@ -200,7 +200,7 @@ static bool parse_directoryName(chunk_t blob, int level, bool implicit, identifi } else { - DBG1("no directoryName found"); + DBG1(DBG_LIB, "no directoryName found"); } list->destroy(list); @@ -359,10 +359,11 @@ static bool parse_certificate(private_x509_ac_t *this) break; case AC_OBJ_VERSION: this->version = (object.len) ? (1 + (u_int)*object.ptr) : 1; - DBG2(" v%d", this->version); + DBG2(DBG_LIB, " v%d", this->version); if (this->version != 2) { - DBG1("v%d attribute certificates are not supported", this->version); + DBG1(DBG_LIB, "v%d attribute certificates are not " + "supported", this->version); goto end; } break; @@ -407,20 +408,20 @@ static bool parse_certificate(private_x509_ac_t *this) switch (type) { case OID_AUTHENTICATION_INFO: - DBG2(" need to parse authenticationInfo"); + DBG2(DBG_LIB, " need to parse authenticationInfo"); break; case OID_ACCESS_IDENTITY: - DBG2(" need to parse accessIdentity"); + DBG2(DBG_LIB, " need to parse accessIdentity"); break; case OID_CHARGING_IDENTITY: - DBG2("-- > --"); + DBG2(DBG_LIB, "-- > --"); this->charging = ietf_attributes_create_from_encoding(object); - DBG2("-- < --"); + DBG2(DBG_LIB, "-- < --"); break; case OID_GROUP: - DBG2("-- > --"); + DBG2(DBG_LIB, "-- > --"); this->groups = ietf_attributes_create_from_encoding(object); - DBG2("-- < --"); + DBG2(DBG_LIB, "-- < --"); break; case OID_ROLE: parse_roleSyntax(object, level); @@ -435,21 +436,21 @@ static bool parse_certificate(private_x509_ac_t *this) break; case AC_OBJ_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s",(critical)?"TRUE":"FALSE"); + DBG2(DBG_LIB, " %s",(critical)?"TRUE":"FALSE"); break; case AC_OBJ_EXTN_VALUE: { switch (extn_oid) { case OID_CRL_DISTRIBUTION_POINTS: - DBG2(" need to parse crlDistributionPoints"); + DBG2(DBG_LIB, " need to parse crlDistributionPoints"); break; case OID_AUTHORITY_KEY_ID: this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object, level, &this->authKeySerialNumber); break; case OID_TARGET_INFORMATION: - DBG2(" need to parse targetInformation"); + DBG2(DBG_LIB, " need to parse targetInformation"); break; case OID_NO_REV_AVAIL: this->noRevAvail = TRUE; @@ -464,7 +465,7 @@ static bool parse_certificate(private_x509_ac_t *this) NULL); if (this->algorithm != sig_alg) { - DBG1(" signature algorithms do not agree"); + DBG1(DBG_LIB, " signature algorithms do not agree"); success = FALSE; goto end; } @@ -824,9 +825,9 @@ static bool is_newer(private_x509_ac_t *this, ac_t *that) this_cert->get_validity(this_cert, &now, &this_update, NULL); that_cert->get_validity(that_cert, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" attr cert from %T is %s - existing attr cert from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " attr cert from %T is %s - existing attr cert from %T %s", + &this_update, FALSE, new ? "newer":"not newer", + &that_update, FALSE, new ? "replaced":"retained"); return new; } diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index 4c8456c6b..bdbaa8d4a 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -219,7 +219,7 @@ static void parse_basicConstraints(chunk_t blob, int level0, { case BASIC_CONSTRAINTS_CA: isCA = object.len && *object.ptr; - DBG2(" %s", isCA ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", isCA ? "TRUE" : "FALSE"); if (isCA) { this->flags |= X509_CA; @@ -383,7 +383,7 @@ static identification_t *parse_generalName(chunk_t blob, int level0) if (id_type != ID_ANY) { gn = identification_create_from_encoding(id_type, object); - DBG2(" '%Y'", gn); + DBG2(DBG_LIB, " '%Y'", gn); goto end; } } @@ -539,7 +539,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, /* parsing went wrong - abort */ goto end; } - DBG2(" '%Y'", id); + DBG2(DBG_LIB, " '%Y'", id); if (accessMethod == OID_OCSP && asprintf(&uri, "%Y", id) > 0) { @@ -704,34 +704,36 @@ static bool check_address_object(ts_type_t ts_type, chunk_t object) case TS_IPV4_ADDR_RANGE: if (object.len > 5) { - DBG1("IPv4 address object is larger than 5 octets"); + DBG1(DBG_LIB, "IPv4 address object is larger than 5 octets"); return FALSE; } break; case TS_IPV6_ADDR_RANGE: if (object.len > 17) { - DBG1("IPv6 address object is larger than 17 octets"); + DBG1(DBG_LIB, "IPv6 address object is larger than 17 octets"); return FALSE; } break; default: - DBG1("unknown address family"); + DBG1(DBG_LIB, "unknown address family"); return FALSE; } if (object.len == 0) { - DBG1("An ASN.1 bit string must contain at least the initial octet"); + DBG1(DBG_LIB, "An ASN.1 bit string must contain at least the " + "initial octet"); return FALSE; } if (object.len == 1 && object.ptr[0] != 0) { - DBG1("An empty ASN.1 bit string must contain a zero initial octet"); + DBG1(DBG_LIB, "An empty ASN.1 bit string must contain a zero " + "initial octet"); return FALSE; } if (object.ptr[0] > 7) { - DBG1("number of unused bits is too large"); + DBG1(DBG_LIB, "number of unused bits is too large"); return FALSE; } return TRUE; @@ -769,11 +771,11 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0, { break; } - DBG2(" %N", ts_type_name, ts_type); + DBG2(DBG_LIB, " %N", ts_type_name, ts_type); } break; case IP_ADDR_BLOCKS_INHERIT: - DBG1("inherit choice is not supported"); + DBG1(DBG_LIB, "inherit choice is not supported"); break; case IP_ADDR_BLOCKS_PREFIX: if (!check_address_object(ts_type, object)) @@ -782,7 +784,7 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0, } ts = traffic_selector_create_from_rfc3779_format(ts_type, object, object); - DBG2(" %R", ts); + DBG2(DBG_LIB, " %R", ts); this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts); break; case IP_ADDR_BLOCKS_MIN: @@ -799,7 +801,7 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0, } ts = traffic_selector_create_from_rfc3779_format(ts_type, min_object, object); - DBG2(" %R", ts); + DBG2(DBG_LIB, " %R", ts); this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts); break; default: @@ -893,12 +895,12 @@ static bool parse_certificate(private_x509_cert_t *this) this->version = (object.len) ? (1+(u_int)*object.ptr) : 1; if (this->version < 1 || this->version > 3) { - DBG1("X.509v%d not supported", this->version); + DBG1(DBG_LIB, "X.509v%d not supported", this->version); goto end; } else { - DBG2(" X.509v%d", this->version); + DBG2(DBG_LIB, " X.509v%d", this->version); } break; case X509_OBJ_SERIAL_NUMBER: @@ -909,7 +911,7 @@ static bool parse_certificate(private_x509_cert_t *this) break; case X509_OBJ_ISSUER: this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->issuer); + DBG2(DBG_LIB, " '%Y'", this->issuer); break; case X509_OBJ_NOT_BEFORE: this->notBefore = asn1_parse_time(object, level); @@ -919,13 +921,13 @@ static bool parse_certificate(private_x509_cert_t *this) break; case X509_OBJ_SUBJECT: this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->subject); + DBG2(DBG_LIB, " '%Y'", this->subject); break; case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO: - DBG2("-- > --"); + DBG2(DBG_LIB, "-- > --"); this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END); - DBG2("-- < --"); + DBG2(DBG_LIB, "-- < --"); if (this->public_key == NULL) { goto end; @@ -934,7 +936,7 @@ static bool parse_certificate(private_x509_cert_t *this) case X509_OBJ_OPTIONAL_EXTENSIONS: if (this->version != 3) { - DBG1("Only X.509v3 certificates have extensions"); + DBG1(DBG_LIB, "Only X.509v3 certificates have extensions"); goto end; } break; @@ -943,7 +945,7 @@ static bool parse_certificate(private_x509_cert_t *this) break; case X509_OBJ_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s", critical ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE"); break; case X509_OBJ_EXTN_VALUE: { @@ -997,7 +999,7 @@ static bool parse_certificate(private_x509_cert_t *this) if (critical && lib->settings->get_bool(lib->settings, "libstrongswan.plugins.x509.enforce_critical", FALSE)) { - DBG1("critical %s extension not supported", + DBG1(DBG_LIB, "critical %s extension not supported", (extn_oid == OID_UNKNOWN) ? "unknown" : (char*)oid_names[extn_oid].name); goto end; @@ -1010,7 +1012,7 @@ static bool parse_certificate(private_x509_cert_t *this) this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL); if (this->algorithm != sig_alg) { - DBG1(" signature algorithms do not agree"); + DBG1(DBG_LIB, " signature algorithms do not agree"); goto end; } break; @@ -1038,7 +1040,7 @@ end: hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher == NULL) { - DBG1(" unable to create hash of certificate, SHA1 not supported"); + DBG1(DBG_LIB, " unable to create hash of certificate, SHA1 not supported"); return NULL; } hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash); @@ -1217,9 +1219,9 @@ static bool is_newer(certificate_t *this, certificate_t *that) this->get_validity(this, &now, &this_update, NULL); that->get_validity(that, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" certificate from %T is %s - existing certificate from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " certificate from %T is %s - existing certificate " + "from %T %s", &this_update, FALSE, new ? "newer":"not newer", + &that_update, FALSE, new ? "replaced":"retained"); return new; } @@ -1456,7 +1458,7 @@ chunk_t x509_build_subjectAltNames(linked_list_t *list) context = ASN1_CONTEXT_S_7; break; default: - DBG1("encoding %N as subjectAltName not supported", + DBG1(DBG_LIB, "encoding %N as subjectAltName not supported", id_type_names, id->get_type(id)); enumerator->destroy(enumerator); free(subjectAltNames.ptr); diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c index b9ef3218b..c755d7f63 100644 --- a/src/libstrongswan/plugins/x509/x509_crl.c +++ b/src/libstrongswan/plugins/x509/x509_crl.c @@ -216,14 +216,14 @@ static bool parse(private_x509_crl_t *this) break; case CRL_OBJ_VERSION: this->version = (object.len) ? (1+(u_int)*object.ptr) : 1; - DBG2(" v%d", this->version); + DBG2(DBG_LIB, " v%d", this->version); break; case CRL_OBJ_SIG_ALG: sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL); break; case CRL_OBJ_ISSUER: this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->issuer); + DBG2(DBG_LIB, " '%Y'", this->issuer); break; case CRL_OBJ_THIS_UPDATE: this->thisUpdate = asn1_parse_time(object, level); @@ -248,7 +248,7 @@ static bool parse(private_x509_crl_t *this) case CRL_OBJ_CRL_ENTRY_CRITICAL: case CRL_OBJ_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s", critical ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE"); break; case CRL_OBJ_CRL_ENTRY_EXTN_VALUE: case CRL_OBJ_EXTN_VALUE: @@ -262,7 +262,8 @@ static bool parse(private_x509_crl_t *this) { revoked->reason = *object.ptr; } - DBG2(" '%N'", crl_reason_names, revoked->reason); + DBG2(DBG_LIB, " '%N'", crl_reason_names, + revoked->reason); } else if (extn_oid == OID_AUTHORITY_KEY_ID) { @@ -286,7 +287,7 @@ static bool parse(private_x509_crl_t *this) this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL); if (this->algorithm != sig_alg) { - DBG1(" signature algorithms do not agree"); + DBG1(DBG_LIB, " signature algorithms do not agree"); goto end; } break; @@ -483,7 +484,7 @@ static bool is_newer(private_x509_crl_t *this, crl_t *that) if (this->crlNumber.ptr != NULL && that_crlNumber.ptr != NULL) { new = chunk_compare(this->crlNumber, that_crlNumber) > 0; - DBG1(" crl #%#B is %s - existing crl #%#B %s", + DBG1(DBG_LIB, " crl #%#B is %s - existing crl #%#B %s", &this->crlNumber, new ? "newer":"not newer", &that_crlNumber, new ? "replaced":"retained"); } @@ -497,7 +498,7 @@ static bool is_newer(private_x509_crl_t *this, crl_t *that) this_cert->get_validity(this_cert, &now, &this_update, NULL); that_cert->get_validity(that_cert, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" crl from %T is %s - existing crl from %T %s", + DBG1(DBG_LIB, " crl from %T is %s - existing crl from %T %s", &this_update, FALSE, new ? "newer":"not newer", &that_update, FALSE, new ? "replaced":"retained"); } diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index f86f87751..c835d5dc8 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -179,13 +179,14 @@ static chunk_t build_requestList(private_x509_ocsp_request_t *this) } else { - DBG1("creating OCSP request failed, SHA1 not supported"); + DBG1(DBG_LIB, "creating OCSP request failed, SHA1 not supported"); } public->destroy(public); } else { - DBG1("creating OCSP request failed, CA certificate has no public key"); + DBG1(DBG_LIB, "creating OCSP request failed, CA certificate has " + "no public key"); } return asn1_wrap(ASN1_SEQUENCE, "m", list); } @@ -205,7 +206,7 @@ static chunk_t build_nonce(private_x509_ocsp_request_t *this) return asn1_wrap(ASN1_SEQUENCE, "cm", ASN1_nonce_oid, asn1_simple_object(ASN1_OCTET_STRING, this->nonce)); } - DBG1("creating OCSP request nonce failed, no RNG found"); + DBG1(DBG_LIB, "creating OCSP request nonce failed, no RNG found"); return chunk_empty; } @@ -263,14 +264,14 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this, scheme = SIGN_ECDSA_WITH_SHA1_DER; break; default: - DBG1("unable to sign OCSP request, %N signature not supported", - key_type_names, this->key->get_type(this->key)); + DBG1(DBG_LIB, "unable to sign OCSP request, %N signature not " + "supported", key_type_names, this->key->get_type(this->key)); return chunk_empty; } if (!this->key->sign(this->key, scheme, tbsRequest, &signature)) { - DBG1("creating OCSP signature failed, skipped"); + DBG1(DBG_LIB, "creating OCSP signature failed, skipped"); return chunk_empty; } if (this->cert) @@ -378,7 +379,7 @@ static id_match_t has_issuer(private_x509_ocsp_request_t *this, */ static bool issued_by(private_x509_ocsp_request_t *this, certificate_t *issuer) { - DBG1("OCSP request validation not implemented!"); + DBG1(DBG_LIB, "OCSP request validation not implemented!"); return FALSE; } diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c index 948d7ad85..c70d461df 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c @@ -509,7 +509,8 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this, if (version != OCSP_BASIC_RESPONSE_VERSION) { - DBG1(" ocsp ResponseData version %d not supported", version); + DBG1(DBG_LIB, " ocsp ResponseData version %d not " + "supported", version); goto end; } break; @@ -517,12 +518,12 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this, case BASIC_RESPONSE_ID_BY_NAME: this->responderId = identification_create_from_encoding( ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->responderId); + DBG2(DBG_LIB, " '%Y'", this->responderId); break; case BASIC_RESPONSE_ID_BY_KEY: this->responderId = identification_create_from_encoding( ID_KEY_ID, object); - DBG2(" '%Y'", this->responderId); + DBG2(DBG_LIB, " '%Y'", this->responderId); break; case BASIC_RESPONSE_PRODUCED_AT: this->producedAt = asn1_to_time(&object, ASN1_GENERALIZEDTIME); @@ -536,7 +537,7 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this, break; case BASIC_RESPONSE_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s", critical ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE"); break; case BASIC_RESPONSE_EXT_VALUE: if (extn_oid == OID_NONCE) @@ -622,7 +623,7 @@ static bool parse_OCSPResponse(private_x509_ocsp_response_t *this) case OCSP_SUCCESSFUL: break; default: - DBG1(" ocsp response status: %N", + DBG1(DBG_LIB, " ocsp response status: %N", ocsp_status_names, status); goto end; } @@ -638,7 +639,8 @@ static bool parse_OCSPResponse(private_x509_ocsp_response_t *this) parser->get_level(parser)+1); break; default: - DBG1(" ocsp response type %#B not supported", &object); + DBG1(DBG_LIB, " ocsp response type %#B not supported", + &object); goto end; } break; @@ -772,9 +774,9 @@ static bool is_newer(certificate_t *this, certificate_t *that) this->get_validity(this, &now, &this_update, NULL); that->get_validity(that, &now, &that_update, NULL); new = this_update > that_update; - DBG1(" ocsp response from %T is %s - existing ocsp response from %T %s", - &this_update, FALSE, new ? "newer":"not newer", - &that_update, FALSE, new ? "replaced":"retained"); + DBG1(DBG_LIB, " ocsp response from %T is %s - existing ocsp response " + "from %T %s", &this_update, FALSE, new ? "newer" : "not newer", + &that_update, FALSE, new ? "replaced" : "retained"); return new; } diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c index 6d750c98c..1009ec931 100644 --- a/src/libstrongswan/plugins/x509/x509_pkcs10.c +++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c @@ -297,7 +297,7 @@ static bool parse_extension_request(private_x509_pkcs10_t *this, chunk_t blob, i break; case PKCS10_EXTN_CRITICAL: critical = object.len && *object.ptr; - DBG2(" %s", critical ? "TRUE" : "FALSE"); + DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE"); break; case PKCS10_EXTN_VALUE: { @@ -330,25 +330,25 @@ static bool parse_challengePassword(private_x509_pkcs10_t *this, chunk_t blob, i if (blob.len < 2) { - DBG1("L%d - challengePassword: ASN.1 object smaller than 2 octets", - level); + DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object smaller " + "than 2 octets", level); return FALSE; } tag = *blob.ptr; if (tag < ASN1_UTF8STRING || tag > ASN1_IA5STRING) { - DBG1("L%d - challengePassword: ASN.1 object is not a character string", - level); + DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object is not " + "a character string", level); return FALSE; } if (asn1_length(&blob) == ASN1_INVALID_LENGTH) { - DBG1("L%d - challengePassword: ASN.1 object has an invalid length", - level); + DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object has an " + "invalid length", level); return FALSE; - } - DBG2("L%d - challengePassword:", level); - DBG4(" '%.*s'", blob.len, blob.ptr); + } + DBG2(DBG_LIB, "L%d - challengePassword:", level); + DBG4(DBG_LIB, " '%.*s'", blob.len, blob.ptr); return TRUE; } @@ -406,13 +406,14 @@ static bool parse_certificate_request(private_x509_pkcs10_t *this) case PKCS10_VERSION: if (object.len > 0 && *object.ptr != 0) { - DBG1("PKCS#10 certificate request format is not version 1"); + DBG1(DBG_LIB, "PKCS#10 certificate request format is " + "not version 1"); goto end; } break; case PKCS10_SUBJECT: this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%Y'", this->subject); + DBG2(DBG_LIB, " '%Y'", this->subject); break; case PKCS10_SUBJECT_PUBLIC_KEY_INFO: this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, @@ -467,7 +468,7 @@ end: } else { - DBG1("certificate request is not self-signed"); + DBG1(DBG_LIB, "certificate request is not self-signed"); success = FALSE; } } |