Commit 75440d2e authored by Robert Dubner's avatar Robert Dubner
Browse files

Tighten up error messages

parent aa372671
Pipeline #3482 passed with stage
in 44 minutes and 58 seconds
This diff is collapsed.
......@@ -66,7 +66,7 @@ radiusov_bind( RADIUS_INFO *radius_info,
BerValue *dn,
const char *password)
{
Debug(LDAP_DEBUG_TRACE,"=> %s()\n",__func__);
DENTER;
int rc = 0; // Zero means okay
......@@ -114,8 +114,7 @@ typedef struct _ATTRIBUTE_VALUE
static int
radiusov_generalized_callback(Operation *op, SlapReply *rs)
{
Debug( LDAP_DEBUG_TRACE,
"=> %s(): rs->sr_type = %d\n", __func__, rs->sr_type);
DENTER;
ATTRIBUTE_VALUE *desired_attribute = op->o_callback->sc_private;
......@@ -194,7 +193,11 @@ radiusov_generalized_database_fetch(BackendDB *be,
char *returned_value,
size_t len)
{
Debug(LDAP_DEBUG_TRACE,"=> %s(): search string is %s\n",__func__, filter);
DENTER;
Debug( LDAP_DEBUG_ARGS,
DPREFIX "%s(): search string is %s\n",
__func__,
filter);
int rc = 0; // Zero means okay
Connection conn = {0};
......@@ -260,6 +263,9 @@ radiusov_generalized_database_fetch(BackendDB *be,
if( rs.sr_un.sru_search.r_nentries == 0 )
{
// We didn't find anything
Debug( LDAP_DEBUG_ARGS,
DPREFIX "%s(): Not found\n",
__func__);
rc = 1;
}
}
......@@ -321,8 +327,6 @@ convert_search_string( char * const dest,
*d++ = '\0';
va_end(the_parameters);
}
static int
......@@ -331,7 +335,7 @@ radiusov_verify_username_password( RADIUS_INFO *radius_info,
char *pszUsername,
char *pszPassword)
{
Debug(LDAP_DEBUG_TRACE,"=> %s()\n",__func__);
DENTER;
// This was used for development and test of a couple of things. We are
// going to use radius_info->lud_simple_test to get the dn (the URI has to
......@@ -377,6 +381,7 @@ radiusov_get_password_from_uid( RADIUS_INFO *radius_info,
char *password,
size_t password_len)
{
DENTER;
int rc;
char achSearchString[256];
......@@ -409,8 +414,9 @@ radiusov_test_and_development( RADIUS_INFO *radius_info,
// It has the form <username>,<password>. <password> MAY end with '\n'.
// It MUST have a terminating '\0';
//
Debug( LDAP_DEBUG_TRACE,
"=> %s(): The request is %s\n",
DENTER;
Debug( LDAP_DEBUG_ARGS,
DPREFIX "%s(): The request is %s\n",
__func__,
pszUsernamePassword_);
......@@ -436,9 +442,10 @@ radiusov_test_and_development( RADIUS_INFO *radius_info,
else
{
Debug( LDAP_DEBUG_ANY,
"radiusov_acceptconn: "
DPREFIX "%s(): radiusov_acceptconn: "
"We should have gotten \"<uid>,<password>\" from the "
"input packet: %s\n",
__func__,
pszUsernamePassword);
return rc;
}
......@@ -446,7 +453,7 @@ radiusov_test_and_development( RADIUS_INFO *radius_info,
if( strchr(pszUsername,'\\') )
{
Debug( LDAP_DEBUG_ANY,
"=> %s(): Backslash is illegal in <uid>\n",
DPREFIX "%s(): Backslash is illegal in <uid>\n",
__func__);
return rc;
}
......@@ -468,12 +475,15 @@ Nanoseconds(void)
return ts.tv_sec * 1000000000 + ts.tv_nsec ;
}
// This global variable is intended to count up the number of packets sent
// The GV_packet_count variable is intended to count up the number of packets sent
// and received. It is reported as the "nominal packet #". In normal operation
// it will correspond to the packet numbering in Wireshark when the capture and
// slapd are started together.
// This is a headache reducer when debugging.
// This variable is not thread safe; I can pick it up, you can pick it up, and
// we both have the same number. It is, however, thread harmless.
int GV_packet_count = 0;
/* accept a connection on the socket */
......@@ -485,10 +495,10 @@ radiusov_acceptconn(void *ctx, void *arg)
// ltiming = fopen("ltimings.txt","w");
// }
// fprintf(ltiming, "accept\t%ld\n", Nanoseconds());
DENTER;
GV_packet_count += 1;
Debug( LDAP_DEBUG_TRACE,
"=> %s(): nominal packet #%d **************************************\n",
Debug( LDAP_DEBUG_ARGS | LDAP_DEBUG_CONNS | LDAP_DEBUG_PACKETS,
DPREFIX "%s(): nominal packet #%d **************************************\n",
__func__,
GV_packet_count);
......@@ -534,10 +544,7 @@ radiusov_acceptconn(void *ctx, void *arg)
// Something went wrong on the attempt to read from the socket
int saved_errno = errno;
Debug( LDAP_DEBUG_ANY,
"recvfrom() error in %s at %s:%d (%s)\n",
__func__,
__FILE__,
__LINE__,
DPREFIX "recvfrom() error: %s\n",
AC_STRERROR_R(saved_errno, ebuf, sizeof(ebuf)));
return NULL;
}
......@@ -662,8 +669,9 @@ radiusov_create_udp_port( BackendDB *be,
int port_number,
const char *port_host)
{
Debug( LDAP_DEBUG_TRACE,
"=> %s(): Will listen for RADIUS packets on UDP port %s:%d\n",
DENTER;
Debug( LDAP_DEBUG_ARGS,
DPREFIX "%s(): Will listen for RADIUS packets on UDP port %s:%d\n",
__func__,
port_host,
port_number);
......@@ -721,14 +729,16 @@ radiusov_create_udp_port( BackendDB *be,
sizeof(server_addr)) )
{
int saved_errno = errno;
Debug( LDAP_DEBUG_ANY,"radiusov: bind() to port %d failed: %s",
port_number,
AC_STRERROR_R(saved_errno, ebuf, sizeof(ebuf)) );
Debug( LDAP_DEBUG_ANY,
DPREFIX "bind() to port %d failed: %s",
port_number,
AC_STRERROR_R(saved_errno, ebuf, sizeof(ebuf)) );
if (close(radius_info->udp_socket))
{
saved_errno = errno;
Debug( LDAP_DEBUG_ANY,"radiusov: problem closing socket: %s",
AC_STRERROR_R(saved_errno, ebuf, sizeof(ebuf)) );
Debug( LDAP_DEBUG_ANY,
DPREFIX "problem closing socket: %s",
AC_STRERROR_R(saved_errno, ebuf, sizeof(ebuf)) );
}
return 1;
}
......@@ -845,8 +855,9 @@ static ConfigOCs radiusocs[] =
static int
radius_config_driver(ConfigArgs *config_args)
{
Debug( LDAP_DEBUG_ANY,
"%s(): config_args->op is 0x%X; config_args->type is 0x%X\n",
DENTER;
Debug( LDAP_DEBUG_ARGS,
DPREFIX "%s(): config_args->op is 0x%X; config_args->type is 0x%X\n",
__func__,
(int)config_args->op,
(int)config_args->type);
......@@ -865,7 +876,7 @@ radius_config_driver(ConfigArgs *config_args)
if( config_args->argc > 1 )
{
Debug( LDAP_DEBUG_ARGS,
" radiusport is %d\n",
" radiusPort is %d\n",
atoi(config_args->argv[1]));
radius_info->radius_port_number = atoi(config_args->argv[1]);
......@@ -885,7 +896,7 @@ radius_config_driver(ConfigArgs *config_args)
if( config_args->argc > 1 )
{
Debug( LDAP_DEBUG_ARGS,
" radiushost is %s\n",
" radiusHost parameter is %s\n",
config_args->argv[1]);
strncpy(radius_info->radius_port_host,
config_args->argv[1],
......@@ -897,6 +908,9 @@ radius_config_driver(ConfigArgs *config_args)
case RADIUS_CLIENT_URI:
if( config_args->argc > 1 )
{
Debug( LDAP_DEBUG_ARGS,
" radiusClientURI parameter is %s\n",
config_args->argv[1]);
if( ldap_url_parse( config_args->argv[1],
&radius_info->lud_radius_client) )
{
......@@ -911,6 +925,9 @@ radius_config_driver(ConfigArgs *config_args)
case RADIUS_USER_URI:
if( config_args->argc > 1 )
{
Debug( LDAP_DEBUG_ARGS,
" radiusUserURI parameter is %s\n",
config_args->argv[1]);
if( ldap_url_parse( config_args->argv[1],
&radius_info->lud_radius_user) )
{
......@@ -925,6 +942,9 @@ radius_config_driver(ConfigArgs *config_args)
case RADIUS_TEST:
if( config_args->argc > 1 )
{
Debug( LDAP_DEBUG_ARGS,
" radiusTest parameter is %s\n",
config_args->argv[1]);
if( ldap_url_parse( config_args->argv[1],
&radius_info->lud_simple_test) )
{
......@@ -947,8 +967,7 @@ static int
radiusov_db_init( BackendDB *be,
ConfigReply *cr )
{
Debug(LDAP_DEBUG_TRACE,"=> %s()\n",__func__);
DENTER;
slap_overinst *on = (slap_overinst *)be->bd_info;
RADIUS_INFO *radius_info;
......@@ -978,8 +997,7 @@ radiusov_db_init( BackendDB *be,
static int
radiusov_db_destroy(BackendDB *be, ConfigReply *cr )
{
Debug(LDAP_DEBUG_TRACE,"=> %s()\n",__func__);
DENTER;
slap_overinst *radiusov = (slap_overinst *)be->bd_info;
RADIUS_INFO *radius_info = radiusov->on_bi.bi_private;
......@@ -1014,10 +1032,9 @@ radiusov_db_destroy(BackendDB *be, ConfigReply *cr )
static int
radiusov_db_open(BackendDB *be, ConfigReply *cr)
{
DENTER;
int rc = 0;
Debug( LDAP_DEBUG_TRACE, "=> %s()\n", __func__);
slap_overinst *radiusov = (slap_overinst *)be->bd_info;
RADIUS_INFO *radius_info = radiusov->on_bi.bi_private;
......@@ -1036,7 +1053,7 @@ static int
radiusov_db_close( BackendDB *be,
ConfigReply *cr )
{
Debug(LDAP_DEBUG_TRACE,"=> %s()\n",__func__);
DENTER;
slap_overinst *on = (slap_overinst *)be->bd_info;
RADIUS_INFO *radius_info = on->on_bi.bi_private;
......@@ -1065,8 +1082,7 @@ static slap_overinst radiusov;
int
radiusov_initialize( void )
{
Debug( LDAP_DEBUG_TRACE,
"=> radiusov_initialize(): registering slap_overinst\n");
DENTER;
int rc;
......@@ -1092,6 +1108,7 @@ radiusov_initialize( void )
int
init_module( int argc, char *argv[] )
{
DENTER;
return radiusov_initialize();
}
#endif
......@@ -188,4 +188,7 @@ int radiusov_get_password_from_uid( RADIUS_INFO *radius_info,
extern STATE *tls_new_session(SSL_CTX *ctx, TLS_SERVER_CONF *conf);
#define DPREFIX "radiusov: "
#define DENTER Debug(LDAP_DEBUG_TRACE, "=> "DPREFIX "%s()\n",__func__);
#endif /* RADIUSOV_H */
......@@ -355,7 +355,7 @@ radiusov_get_packet_from_request( RADIUS_PACKET *radius_packet,
uint8_t *incoming_request,
ssize_t recv_len)
{
Debug( LDAP_DEBUG_TRACE, "=> %s()\n", __func__);
DENTER;
// This routine dissects the raw incoming_request (which is recv_len bytes
// in length) and turns it into our RADIUS_PACKET format.
......@@ -369,7 +369,7 @@ radiusov_get_packet_from_request( RADIUS_PACKET *radius_packet,
if( recv_len < MINIMUM_POSSIBLE_LENGTH_OF_PACKET )
{
Debug( LDAP_DEBUG_ANY,
"%s(): At %ld bytes, the incoming_request is less than "
DPREFIX "%s(): At %ld bytes, the incoming_request is less than "
"the minimum length (%d) of a RADIUS request\n",
__func__,
recv_len,
......@@ -381,7 +381,7 @@ radiusov_get_packet_from_request( RADIUS_PACKET *radius_packet,
if( recv_len > MAXIMUM_POSSIBLE_LENGTH_OF_PACKET )
{
Debug( LDAP_DEBUG_ANY,
"%s(): At %ld bytes, the incoming_request is greater than "
DPREFIX "%s(): At %ld bytes, the incoming_request is greater than "
"the maximum length (%d) of a RADIUS request\n",
__func__,
recv_len,
......@@ -398,7 +398,7 @@ radiusov_get_packet_from_request( RADIUS_PACKET *radius_packet,
if( length > recv_len)
{
Debug( LDAP_DEBUG_ANY,
"%s(): The incoming_request has %ld bytes, but "
DPREFIX "%s(): The incoming_request has %ld bytes, but "
"the length field is too big at %ld bytes\n",
__func__,
recv_len,
......@@ -431,7 +431,7 @@ radiusov_get_packet_from_request( RADIUS_PACKET *radius_packet,
if( attributes + alength > radius_packet->packet_data + recv_len )
{
Debug( LDAP_DEBUG_ANY,
"%s(): The incoming RADIUS packet has attribute "
DPREFIX "%s(): The incoming RADIUS packet has attribute "
"number %d whose length falls off the end of the packet\n",
__func__,
radius_packet->number_of_attributes);
......@@ -443,7 +443,7 @@ radiusov_get_packet_from_request( RADIUS_PACKET *radius_packet,
if( radius_packet->number_of_attributes >= STUPID_NUMBER_OF_ATTRIBUTES )
{
Debug( LDAP_DEBUG_ANY,
"%s(): Ah, c'mon. Really? The RADIUS packet "
DPREFIX "%s(): Ah, c'mon. Really? The RADIUS packet "
"has more than %d attributes? Get real.\n",
__func__,
STUPID_NUMBER_OF_ATTRIBUTES);
......@@ -462,7 +462,9 @@ radiusov_get_packet_from_request( RADIUS_PACKET *radius_packet,
}
else
{
Debug(LDAP_DEBUG_TRACE,"Silently ignoring RADIUS attribute type %u\n",atype);
Debug( LDAP_DEBUG_ANY,
DPREFIX "Silently ignoring RADIUS attribute type %u\n",
atype);
}
attributes += alength;
}
......@@ -519,7 +521,7 @@ radius_packet_initialize(RADIUS_PACKET *radius_packet)
void
debugging_display_of(RADIUS_PACKET *packet)
{
if( LogTest(LDAP_DEBUG_TRACE) )
if( LogTest(LDAP_DEBUG_ARGS) )
{
uint8_t code = get_code(packet);
uint8_t packet_id = get_identifier(packet);
......
......@@ -481,7 +481,7 @@ load_dh_params(SSL_CTX *ctx, char *file)
int
tls_global_init()
{
Debug(LDAP_DEBUG_TRACE, "=> %s()\n", __func__);
DENTER;
SSL_load_error_strings(); /* readable error messages (examples show call before library_init) */
SSL_library_init(); /* initialize library */
OpenSSL_add_all_algorithms(); /* required for SHA2 in OpenSSL < 0.9.8o and 1.0.0.a */
......@@ -504,7 +504,7 @@ tls_global_init()
SSL_CTX *
tls_init_ctx(TLS_SERVER_CONF *conf)
{
Debug(LDAP_DEBUG_TRACE, "%s()\n", __func__);
DENTER;
SSL_CTX *ctx;
X509_STORE *certstore;
//int verify_mode = SSL_VERIFY_NONE;
......@@ -971,7 +971,7 @@ tls_init_ctx(TLS_SERVER_CONF *conf)
void
tls_establish_default_configuration(TLS_SERVER_CONF *conf)
{
Debug(LDAP_DEBUG_TRACE, "Entering tls_establish_default_configuration()\n");
DENTER;
// These values copied from a default FreeRADIUS instance trap at
// their tls_init_ctx()
......@@ -1460,6 +1460,7 @@ STATE *
tls_new_session(SSL_CTX *ctx,
TLS_SERVER_CONF *conf)
{
DENTER;
// Create a new TLS session
STATE *state = NULL;
SSL *new_tls = NULL;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment