static int knet_cmd_link_timer(struct knet_vty *vty)
{
+ struct knet_cfg *knet_iface = (struct knet_cfg *)vty->iface;
+ struct knet_host *host = (struct knet_host *)vty->host;
struct knet_link *klink = (struct knet_link *)vty->link;
int paramlen = 0, paramoffset = 0;
char *param = NULL;
get_param(vty, 2, ¶m, ¶mlen, ¶moffset);
holdtime = param_to_int(param, paramlen);
- knet_link_timeout(klink, keepalive, holdtime, 2048);
+ knet_link_timeout(knet_iface->cfg_ring.knet_h, host->node_id, klink, keepalive, holdtime, 2048);
return 0;
}
klink->sock = host->listener4->sock;
}
- knet_link_timeout(klink, 1000, 5000, 2048);
+ knet_link_timeout(knet_iface->cfg_ring.knet_h, host->node_id, klink, 1000, 5000, 2048);
knet_link_enable(knet_iface->cfg_ring.knet_h, host->node_id, klink, 1);
}
write_retry++;
goto try_again;
} else {
+ log_debug(knet_h, KNET_SUB_COMMON, "Unable to write to comm pipe");
return -1;
}
}
#include "crypto.h"
#include "nsscrypto.h"
-#include "libknet.h"
-
-#ifdef CRYPTO_DEBUG
-#include <stdio.h>
-#define log_printf(format, args...) fprintf(stderr, format "\n", ##args);
-#else
-#define log_printf(format, args...);
-#endif
+#include "libknet-private.h"
/*
* internal module switch data
*/
int crypto_encrypt_and_sign (
- struct crypto_instance *instance,
+ knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
- return modules_cmds[instance->model].crypt(instance->model_instance,
- buf_in, buf_in_len, buf_out, buf_out_len);
+ return modules_cmds[knet_h->crypto_instance->model].crypt(knet_h, buf_in, buf_in_len, buf_out, buf_out_len);
}
-int crypto_authenticate_and_decrypt (struct crypto_instance *instance,
+int crypto_authenticate_and_decrypt (
+ knet_handle_t knet_h,
unsigned char *buf,
ssize_t *buf_len)
{
- return modules_cmds[instance->model].decrypt(instance->model_instance, buf, buf_len);
+ return modules_cmds[knet_h->crypto_instance->model].decrypt(knet_h, buf, buf_len);
}
int crypto_init(
knet_handle_t knet_h,
struct knet_handle_crypto_cfg *knet_handle_crypto_cfg)
{
- log_printf("Initizializing crypto module [%s/%s/%s]",
+ log_debug(knet_h, KNET_SUB_CRYPTO,
+ "Initizializing crypto module [%s/%s/%s]",
knet_handle_crypto_cfg->crypto_model,
knet_handle_crypto_cfg->crypto_cipher_type,
knet_handle_crypto_cfg->crypto_hash_type);
knet_h->crypto_instance = malloc(sizeof(struct crypto_instance));
if (!knet_h->crypto_instance) {
- log_printf("no memory from crypto");
+ log_err(knet_h, KNET_SUB_CRYPTO, "Unable to allocate memory for crypto instance");
return -1;
}
knet_h->crypto_instance->model = get_model(knet_handle_crypto_cfg->crypto_model);
if (knet_h->crypto_instance->model < 0) {
- log_printf("model %s not supported", knet_handle_crypto_cfg->crypto_model);
+ log_err(knet_h, KNET_SUB_CRYPTO, "model %s not supported", knet_handle_crypto_cfg->crypto_model);
goto out_err;
}
typedef struct {
const char *model_name;
- int (*init) (knet_handle_t knet_h, struct knet_handle_crypto_cfg *knet_handle_crypto_cfg);
+ int (*init) (knet_handle_t knet_h,
+ struct knet_handle_crypto_cfg *knet_handle_crypto_cfg);
void (*fini) (knet_handle_t knet_h);
- int (*crypt) (void *model_instance, const unsigned char *buf_in, const ssize_t buf_in_len, unsigned char *buf_out, ssize_t *buf_out_len);
- int (*decrypt) (void *model_instance, unsigned char *buf, ssize_t *buf_len);
+ int (*crypt) (knet_handle_t knet_h,
+ const unsigned char *buf_in,
+ const ssize_t buf_in_len,
+ unsigned char *buf_out,
+ ssize_t *buf_out_len);
+ int (*decrypt) (knet_handle_t knet_h,
+ unsigned char *buf,
+ ssize_t *buf_len);
} crypto_model_t;
int crypto_authenticate_and_decrypt (
- struct crypto_instance *instance,
+ knet_handle_t knet_h,
unsigned char *buf,
ssize_t *buf_len);
int crypto_encrypt_and_sign (
- struct crypto_instance *instance,
+ knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
}
}
- if (pipe(knet_h->pipefd))
+ if (pipe(knet_h->pipefd)) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to initialize internal comm pipe");
goto exit_fail1;
+ }
if ((_fdset_cloexec(knet_h->pipefd[0])) ||
(_fdset_cloexec(knet_h->pipefd[1])) ||
(_fdset_nonblock(knet_h->pipefd[0])) ||
- (_fdset_nonblock(knet_h->pipefd[1])))
+ (_fdset_nonblock(knet_h->pipefd[1]))) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to set internal comm pipe sockopts");
goto exit_fail2;
+ }
knet_h->dst_host_filter = knet_handle_cfg->dst_host_filter;
knet_h->dst_host_filter_fn = knet_handle_cfg->dst_host_filter_fn;
- if ((knet_h->dst_host_filter) && (!knet_h->dst_host_filter_fn))
+ if ((knet_h->dst_host_filter) && (!knet_h->dst_host_filter_fn)) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Incorrect dst_host_filter config requested");
goto exit_fail2;
+ }
- if ((knet_h->tap_to_links_buf = malloc(KNET_DATABUFSIZE))== NULL)
+ if ((knet_h->tap_to_links_buf = malloc(KNET_DATABUFSIZE))== NULL) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to allocate memory for tap to link buffer");
goto exit_fail2;
+ }
memset(knet_h->tap_to_links_buf, 0, KNET_DATABUFSIZE);
- if ((knet_h->recv_from_links_buf = malloc(KNET_DATABUFSIZE))== NULL)
+ if ((knet_h->recv_from_links_buf = malloc(KNET_DATABUFSIZE))== NULL) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to allocate memory for link to tap buffer");
goto exit_fail3;
+ }
memset(knet_h->recv_from_links_buf, 0, KNET_DATABUFSIZE);
- if ((knet_h->pingbuf = malloc(KNET_PINGBUFSIZE))== NULL)
+ if ((knet_h->pingbuf = malloc(KNET_PINGBUFSIZE))== NULL) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to allocate memory for hearbeat buffer");
goto exit_fail4;
+ }
memset(knet_h->pingbuf, 0, KNET_PINGBUFSIZE);
- if (pthread_rwlock_init(&knet_h->list_rwlock, NULL) != 0)
+ if (pthread_rwlock_init(&knet_h->list_rwlock, NULL) != 0) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to initialize locks");
goto exit_fail5;
+ }
knet_h->tap_to_links_epollfd = epoll_create(KNET_MAX_EVENTS);
knet_h->recv_from_links_epollfd = epoll_create(KNET_MAX_EVENTS);
if ((knet_h->tap_to_links_epollfd < 0) ||
(knet_h->recv_from_links_epollfd < 0) ||
- (knet_h->dst_link_handler_epollfd < 0))
+ (knet_h->dst_link_handler_epollfd < 0)) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to create epoll(s) fd(s)");
goto exit_fail6;
+ }
if ((_fdset_cloexec(knet_h->tap_to_links_epollfd) != 0) ||
(_fdset_cloexec(knet_h->recv_from_links_epollfd) != 0) ||
- (_fdset_cloexec(knet_h->dst_link_handler_epollfd) != 0))
+ (_fdset_cloexec(knet_h->dst_link_handler_epollfd) != 0)) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to set epoll(s) fd(s) opt(s)");
goto exit_fail6;
+ }
memset(&ev, 0, sizeof(struct epoll_event));
ev.data.fd = knet_h->sockfd;
if (epoll_ctl(knet_h->tap_to_links_epollfd,
- EPOLL_CTL_ADD, knet_h->sockfd, &ev) != 0)
+ EPOLL_CTL_ADD, knet_h->sockfd, &ev) != 0) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to add tapfd to epoll pool");
goto exit_fail6;
+ }
memset(&ev, 0, sizeof(struct epoll_event));
ev.data.fd = knet_h->pipefd[0];
if (epoll_ctl(knet_h->dst_link_handler_epollfd,
- EPOLL_CTL_ADD, knet_h->pipefd[0], &ev) != 0)
+ EPOLL_CTL_ADD, knet_h->pipefd[0], &ev) != 0) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to add pipefd to epoll pool");
goto exit_fail6;
+ }
if (pthread_create(&knet_h->dst_link_handler_thread, 0,
- _handle_dst_link_handler_thread, (void *) knet_h) != 0)
+ _handle_dst_link_handler_thread, (void *) knet_h) != 0) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to start switching manager thread");
goto exit_fail6;
+ }
if (pthread_create(&knet_h->tap_to_links_thread, 0,
- _handle_tap_to_links_thread, (void *) knet_h) != 0)
+ _handle_tap_to_links_thread, (void *) knet_h) != 0) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to start sending thread");
goto exit_fail7;
+ }
if (pthread_create(&knet_h->recv_from_links_thread, 0,
- _handle_recv_from_links_thread, (void *) knet_h) != 0)
+ _handle_recv_from_links_thread, (void *) knet_h) != 0) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to start receiving thread");
goto exit_fail8;
+ }
if (pthread_create(&knet_h->heartbt_thread, 0,
- _handle_heartbt_thread, (void *) knet_h) != 0)
+ _handle_heartbt_thread, (void *) knet_h) != 0) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to start heartbeat thread");
goto exit_fail9;
+ }
return knet_h;
{
void *retval;
- if ((knet_h->host_head != NULL) || (knet_h->listener_head != NULL))
+ if ((knet_h->host_head != NULL) || (knet_h->listener_head != NULL)) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to free handle: host(s) or listener(s) are still active");
goto exit_busy;
+ }
pthread_cancel(knet_h->heartbt_thread);
pthread_join(knet_h->heartbt_thread, &retval);
- if (retval != PTHREAD_CANCELED)
+ if (retval != PTHREAD_CANCELED) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to stop heartbeat thread");
goto exit_busy;
+ }
pthread_cancel(knet_h->tap_to_links_thread);
pthread_join(knet_h->tap_to_links_thread, &retval);
- if (retval != PTHREAD_CANCELED)
+ if (retval != PTHREAD_CANCELED) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to stop sending thread");
goto exit_busy;
+ }
pthread_cancel(knet_h->recv_from_links_thread);
pthread_join(knet_h->recv_from_links_thread, &retval);
- if (retval != PTHREAD_CANCELED)
+ if (retval != PTHREAD_CANCELED) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to stop receiving thread");
goto exit_busy;
+ }
pthread_cancel(knet_h->dst_link_handler_thread);
pthread_join(knet_h->dst_link_handler_thread, &retval);
- if (retval != PTHREAD_CANCELED)
+ if (retval != PTHREAD_CANCELED) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to stop switching manager thread");
goto exit_busy;
+ }
close(knet_h->tap_to_links_epollfd);
close(knet_h->recv_from_links_epollfd);
int knet_handle_crypto(knet_handle_t knet_h, struct knet_handle_crypto_cfg *knet_handle_crypto_cfg)
{
- if (knet_h->enabled)
+ if (knet_h->enabled) {
+ log_err(knet_h, KNET_SUB_CRYPTO, "Cannot enable crypto while forwarding is enabled");
return -1;
+ }
crypto_fini(knet_h);
if ((!strncmp("none", knet_handle_crypto_cfg->crypto_model, 4)) ||
((!strncmp("none", knet_handle_crypto_cfg->crypto_cipher_type, 4)) &&
(!strncmp("none", knet_handle_crypto_cfg->crypto_hash_type, 4)))) {
+ log_debug(knet_h, KNET_SUB_CRYPTO, "crypto is not enabled");
return 0;
}
lnk->connected = connected;
if (_dst_cache_update(knet_h, node_id)) {
+ log_debug(knet_h, KNET_SUB_LINK,
+ "Unable to update link status (host: %s link: %s configured: %u connected: %u)",
+ knet_h->host_index[node_id]->name,
+ lnk->ipaddr,
+ lnk->configured,
+ lnk->connected);
lnk->configured = old_configured;
lnk->connected = old_connected;
return -1;
int knet_link_enable(knet_handle_t knet_h, uint16_t node_id, struct knet_link *lnk, int configured)
{
+ log_debug(knet_h, KNET_SUB_LINK, "host: %s link: %s is enabled",
+ knet_h->host_index[node_id]->name, lnk->ipaddr);
return knet_link_updown(knet_h, node_id, lnk, configured, lnk->connected);
}
lnk->priority = priority;
if (_dst_cache_update(knet_h, node_id)) {
+ log_debug(knet_h, KNET_SUB_LINK,
+ "Unable to update link priority (host: %s link: %s priority: %u)",
+ knet_h->host_index[node_id]->name,
+ lnk->ipaddr,
+ lnk->priority);
lnk->priority = old_priority;
return -1;
}
+ log_debug(knet_h, KNET_SUB_LINK,
+ "host: %s link: %s priority set to: %u",
+ knet_h->host_index[node_id]->name,
+ lnk->ipaddr,
+ lnk->priority);
+
return 0;
}
-void knet_link_timeout(struct knet_link *lnk,
+void knet_link_timeout(knet_handle_t knet_h, uint16_t node_id, struct knet_link *lnk,
time_t interval, time_t timeout, int precision)
{
lnk->ping_interval = interval * 1000; /* microseconds */
lnk->latency_fix = precision;
lnk->latency_exp = precision - \
((lnk->ping_interval * precision) / 8000000);
+ log_debug(knet_h, KNET_SUB_LINK,
+ "host: %s link: %s timeout update - interval: %llu timeout: %llu precision: %d",
+ knet_h->host_index[node_id]->name, lnk->ipaddr,
+ lnk->ping_interval, lnk->pong_timeout, precision);
}
static void _handle_tap_to_links(knet_handle_t knet_h)
KNET_DATABUFSIZE - (KNET_FRAME_SIZE + sizeof(seq_num_t)));
if (inlen == 0) {
+ log_err(knet_h, KNET_SUB_TAP_T, "Unrecoverable error! Got 0 bytes from tap device!");
/* TODO: disconnection, should never happen! */
return;
}
knet_h->tap_to_links_buf->kf_node,
dst_host_ids,
&dst_host_ids_entries);
- if (bcast < 0)
+ if (bcast < 0) {
+ log_debug(knet_h, KNET_SUB_TAP_T, "Error from dst_host_filter_fn: %d", bcast);
return;
+ }
- if ((!bcast) && (!dst_host_ids_entries))
+ if ((!bcast) && (!dst_host_ids_entries)) {
+ log_debug(knet_h, KNET_SUB_TAP_T, "Message is unicast but no dst_host_ids_entries");
return;
+ }
}
- if (pthread_rwlock_rdlock(&knet_h->list_rwlock) != 0)
+ if (pthread_rwlock_rdlock(&knet_h->list_rwlock) != 0) {
+ log_debug(knet_h, KNET_SUB_TAP_T, "Unable to get read lock");
return;
+ }
if (!bcast) {
int host_idx;
for (host_idx = 0; host_idx < dst_host_ids_entries; host_idx++) {
dst_host = knet_h->host_index[dst_host_ids[host_idx]];
- if (!dst_host)
+ if (!dst_host) {
+ log_debug(knet_h, KNET_SUB_TAP_T, "unicast packet, host not found");
continue;
+ }
knet_h->tap_to_links_buf->kf_seq_num = htons(++dst_host->ucast_seq_num_tx);
if (knet_h->crypto_instance) {
- if (crypto_encrypt_and_sign(knet_h->crypto_instance,
+ if (crypto_encrypt_and_sign(knet_h,
(const unsigned char *)knet_h->tap_to_links_buf,
len,
knet_h->tap_to_links_buf_crypt,
&outlen) < 0) {
+ log_debug(knet_h, KNET_SUB_TAP_T, "Unable to encrypt unicast packet");
pthread_rwlock_unlock(&knet_h->list_rwlock);
return;
}
knet_h->tap_to_links_buf->kf_seq_num = htons(++knet_h->bcast_seq_num_tx);
if (knet_h->crypto_instance) {
- if (crypto_encrypt_and_sign(knet_h->crypto_instance,
+ if (crypto_encrypt_and_sign(knet_h,
(const unsigned char *)knet_h->tap_to_links_buf,
len,
knet_h->tap_to_links_buf_crypt,
&outlen) < 0) {
+ log_debug(knet_h, KNET_SUB_TAP_T, "Unable to encrypt mcast/bcast packet");
pthread_rwlock_unlock(&knet_h->list_rwlock);
return;
}
struct timespec recvtime;
unsigned char *outbuf = (unsigned char *)knet_h->recv_from_links_buf;
- if (pthread_rwlock_rdlock(&knet_h->list_rwlock) != 0)
+ if (pthread_rwlock_rdlock(&knet_h->list_rwlock) != 0) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Unable to get read lock");
return;
+ }
addrlen = sizeof(struct sockaddr_storage);
len = recvfrom(sockfd, knet_h->recv_from_links_buf, KNET_DATABUFSIZE,
MSG_DONTWAIT, (struct sockaddr *) &address, &addrlen);
if (knet_h->crypto_instance) {
- if (crypto_authenticate_and_decrypt(knet_h->crypto_instance,
+ if (crypto_authenticate_and_decrypt(knet_h,
(unsigned char *)knet_h->recv_from_links_buf,
- &len) < 0)
+ &len) < 0) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Unable to decrypt/auth packet");
goto exit_unlock;
+ }
}
- if (len < (KNET_FRAME_SIZE + 1))
+ if (len < (KNET_FRAME_SIZE + 1)) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Packet is too short");
goto exit_unlock;
+ }
- if (ntohl(knet_h->recv_from_links_buf->kf_magic) != KNET_FRAME_MAGIC)
+ if (ntohl(knet_h->recv_from_links_buf->kf_magic) != KNET_FRAME_MAGIC) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Packet does not contain knet magic number");
goto exit_unlock;
+ }
- if (knet_h->recv_from_links_buf->kf_version != KNET_FRAME_VERSION)
+ if (knet_h->recv_from_links_buf->kf_version != KNET_FRAME_VERSION) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Packet version does not match");
goto exit_unlock;
+ }
knet_h->recv_from_links_buf->kf_node = ntohs(knet_h->recv_from_links_buf->kf_node);
src_host = knet_h->host_index[knet_h->recv_from_links_buf->kf_node];
if (src_host == NULL) { /* host not found */
+ log_debug(knet_h, KNET_SUB_LINK_T, "Unable to find source host for this packet");
goto exit_unlock;
}
knet_h->recv_from_links_buf->kf_node,
dst_host_ids,
&dst_host_ids_entries);
- if (bcast < 0)
+ if (bcast < 0) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Error from dst_host_filter_fn: %d", bcast);
goto exit_unlock;
+ }
- if ((!bcast) && (!dst_host_ids_entries))
+ if ((!bcast) && (!dst_host_ids_entries)) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Message is unicast but no dst_host_ids_entries");
goto exit_unlock;
+ }
/* check if we are dst for this packet */
if (!bcast) {
break;
}
}
- if (!found)
+ if (!found) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Packet is not for us");
goto exit_unlock;
+ }
}
}
- if (!knet_should_deliver(src_host, bcast, knet_h->recv_from_links_buf->kf_seq_num))
+ if (!knet_should_deliver(src_host, bcast, knet_h->recv_from_links_buf->kf_seq_num)) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Packet has already been delivered");
goto exit_unlock;
+ }
if (write(knet_h->sockfd,
knet_h->recv_from_links_buf->kf_data,
- len - (KNET_FRAME_SIZE + sizeof(seq_num_t))) == len - (KNET_FRAME_SIZE + sizeof(seq_num_t)))
+ len - (KNET_FRAME_SIZE + sizeof(seq_num_t))) == len - (KNET_FRAME_SIZE + sizeof(seq_num_t))) {
knet_has_been_delivered(src_host, bcast, knet_h->recv_from_links_buf->kf_seq_num);
+ } else {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Packet has not been delivered");
+ }
break;
case KNET_FRAME_PING:
knet_h->recv_from_links_buf->kf_node = htons(knet_h->node_id);
if (knet_h->crypto_instance) {
- if (crypto_encrypt_and_sign(knet_h->crypto_instance,
+ if (crypto_encrypt_and_sign(knet_h,
(const unsigned char *)knet_h->recv_from_links_buf,
len,
knet_h->recv_from_links_buf_crypt,
- &outlen) < 0)
+ &outlen) < 0) {
+ log_debug(knet_h, KNET_SUB_LINK_T, "Unable to encrypt pong packet");
break;
-
+ }
outbuf = knet_h->recv_from_links_buf_crypt;
}
if (src_link->latency < src_link->pong_timeout) {
if (!src_link->connected) {
+ log_info(knet_h, KNET_SUB_LINK, "host: %s link: %s is up",
+ src_host->name, src_link->ipaddr);
knet_link_updown(knet_h, src_host->node_id, src_link, src_link->configured, 1);
}
}
int link_idx;
int best_priority = -1;
- if (read(knet_h->pipefd[0], &dst_host_id, sizeof(dst_host_id)) != sizeof(dst_host_id))
+ if (read(knet_h->pipefd[0], &dst_host_id, sizeof(dst_host_id)) != sizeof(dst_host_id)) {
+ log_debug(knet_h, KNET_SUB_SWITCH_T, "Short read on pipe");
return;
+ }
- if (pthread_rwlock_wrlock(&knet_h->list_rwlock) != 0)
+ if (pthread_rwlock_wrlock(&knet_h->list_rwlock) != 0) {
+ log_debug(knet_h, KNET_SUB_SWITCH_T, "Unable to get read lock");
return;
+ }
dst_host = knet_h->host_index[dst_host_id];
- if (!dst_host)
+ if (!dst_host) {
+ log_debug(knet_h, KNET_SUB_SWITCH_T, "Unable to find host");
goto out_unlock;
+ }
dst_host->active_link_entries = 0;
}
}
+ if (dst_host->link_handler_policy == KNET_LINK_POLICY_PASSIVE) {
+ log_debug(knet_h, KNET_SUB_SWITCH_T, "host: %s (passive) best link: %s (%u)",
+ dst_host->name, dst_host->link[dst_host->active_links[0]].ipaddr,
+ dst_host->link[dst_host->active_links[0]].priority);
+ } else {
+ log_debug(knet_h, KNET_SUB_SWITCH_T, "host: %s has %u active links",
+ dst_host->name, dst_host->active_link_entries);
+ }
+
/* no active links, we can clean the circular buffers and indexes */
if (!dst_host->active_link_entries) {
+ log_warn(knet_h, KNET_SUB_SWITCH_T, "host: %s has no active links", dst_host->name);
memset(dst_host->bcast_circular_buffer, 0, KNET_CBUFFER_SIZE);
memset(dst_host->ucast_circular_buffer, 0, KNET_CBUFFER_SIZE);
dst_host->bcast_seq_num_rx = 0;
/* caching last pong to avoid race conditions */
pong_last = dst_link->pong_last;
- if (clock_gettime(CLOCK_MONOTONIC, &clock_now) != 0)
+ if (clock_gettime(CLOCK_MONOTONIC, &clock_now) != 0) {
+ log_debug(knet_h, KNET_SUB_HB_T, "Unable to get monotonic clock");
return;
+ }
timespec_diff(dst_link->ping_last, clock_now, &diff_ping);
knet_h->pingbuf->kf_dyn = dst_link->dynamic;
if (knet_h->crypto_instance) {
- if (crypto_encrypt_and_sign(knet_h->crypto_instance,
+ if (crypto_encrypt_and_sign(knet_h,
(const unsigned char *)knet_h->pingbuf,
KNET_PINGBUFSIZE,
knet_h->pingbuf_crypt,
- &outlen) < 0)
+ &outlen) < 0) {
+ log_debug(knet_h, KNET_SUB_HB_T, "Unable to crypto ping packet");
return;
+ }
outbuf = knet_h->pingbuf_crypt;
}
MSG_DONTWAIT, (struct sockaddr *) &dst_link->address,
sizeof(struct sockaddr_storage));
- if (len == outlen)
+ if (len == outlen) {
dst_link->ping_last = clock_now;
+ } else {
+ log_warn(knet_h, KNET_SUB_HB_T, "Unable to send ping packet");
+ }
}
if (dst_link->connected == 1) {
timespec_diff(pong_last, clock_now, &diff_ping);
if (diff_ping >= (dst_link->pong_timeout * 1000llu)) {
+ log_info(knet_h, KNET_SUB_LINK, "host: %s link: %s is down",
+ dst_host->name, dst_link->ipaddr);
knet_link_updown(knet_h, dst_host->node_id, dst_link, dst_link->configured, 0);
}
}
while (1) {
usleep(KNET_PING_TIMERES);
- if (pthread_rwlock_rdlock(&knet_h->list_rwlock) != 0)
+ if (pthread_rwlock_rdlock(&knet_h->list_rwlock) != 0) {
+ log_debug(knet_h, KNET_SUB_HB_T, "Unable to get read lock");
continue;
+ }
for (dst_host = knet_h->host_head; dst_host != NULL; dst_host = dst_host->next) {
for (link_idx = 0; link_idx < KNET_MAX_LINK; link_idx++) {
{
int ret;
- if ((ret = pthread_rwlock_rdlock(&knet_h->list_rwlock)) != 0)
+ if ((ret = pthread_rwlock_rdlock(&knet_h->list_rwlock)) != 0) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_get: Unable to get read lock");
return ret;
+ }
*host = knet_h->host_index[node_id];
{
int ret;
- if ((ret = pthread_rwlock_rdlock(&knet_h->list_rwlock)) != 0)
+ if ((ret = pthread_rwlock_rdlock(&knet_h->list_rwlock)) != 0) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_acquire: Unable to get read lock");
return ret;
+ }
*host = knet_h->host_head;
*host = NULL;
- if ((ret = pthread_rwlock_unlock(&knet_h->list_rwlock)) != 0)
+ if ((ret = pthread_rwlock_unlock(&knet_h->list_rwlock)) != 0) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_release: Unable to release lock");
return ret;
+ }
return 0;
}
lockstatus = pthread_rwlock_rdlock(&knet_h->list_rwlock);
- if ((lockstatus != 0) && (lockstatus != EDEADLK))
+ if ((lockstatus != 0) && (lockstatus != EDEADLK)) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_foreach: Unable to get lock");
return lockstatus;
+ }
for (host = knet_h->host_head; host != NULL; host = host->next) {
if ((linkfun(knet_h, host, data)) != KNET_HOST_FOREACH_NEXT)
int link_idx, ret = 0; /* success */
struct knet_host *host;
- if ((ret = pthread_rwlock_wrlock(&knet_h->list_rwlock)) != 0)
+ if ((ret = pthread_rwlock_wrlock(&knet_h->list_rwlock)) != 0) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_add: Unable to get write lock");
goto exit_clean;
+ }
if (knet_h->host_index[node_id] != NULL) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_add: host already exists");
errno = ret = EEXIST;
goto exit_unlock;
}
- if ((host = malloc(sizeof(struct knet_host))) == NULL)
+ if ((host = malloc(sizeof(struct knet_host))) == NULL) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_add: unable to allocate memory for host");
goto exit_unlock;
+ }
memset(host, 0, sizeof(struct knet_host));
int ret = 0; /* success */
struct knet_host *host, *removed;
- if ((ret = pthread_rwlock_wrlock(&knet_h->list_rwlock)) != 0)
+ if ((ret = pthread_rwlock_wrlock(&knet_h->list_rwlock)) != 0) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_remove: Unable to get write lock");
goto exit_clean;
+ }
if (knet_h->host_index[node_id] == NULL) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_remove: host unknown");
errno = ret = EINVAL;
goto exit_unlock;
}
struct knet_host *host = NULL;
int old_policy;
- if ((ret = pthread_rwlock_wrlock(&knet_h->list_rwlock)) != 0)
+ if ((ret = pthread_rwlock_wrlock(&knet_h->list_rwlock)) != 0) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_set_policy: Unable to get write lock");
goto exit_clean;
+ }
host = knet_h->host_index[node_id];
if (host == NULL) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_set_policy: host not found");
errno = ret = EINVAL;
goto exit_unlock;
}
host->link_handler_policy = policy;
if (_dst_cache_update(knet_h, node_id)) {
+ log_debug(knet_h, KNET_SUB_HOST, "host_set_policy: unable to update switch cache");
ret = -1;
host->link_handler_policy = old_policy;
}
#define KNET_SUB_TAP_T 5 /* tap thread */
#define KNET_SUB_LINK_T 6 /* link thread */
#define KNET_SUB_SWITCH_T 7 /* switching thread */
-#define KNET_SUB_FILTER 8 /* (ether)filter errors */
-#define KNET_SUB_CRYPTO 9 /* crypto.c generic layer */
-#define KNET_SUB_NSSCRYPTO 10 /* nsscrypto.c */
+#define KNET_SUB_HB_T 8 /* heartbeat thread */
+#define KNET_SUB_FILTER 9 /* (ether)filter errors */
+#define KNET_SUB_CRYPTO 10 /* crypto.c generic layer */
+#define KNET_SUB_NSSCRYPTO 11 /* nsscrypto.c */
#define KNET_SUB_LAST KNET_SUB_NSSCRYPTO
#define KNET_MAX_SUBSYSTEMS KNET_SUB_LAST + 1
int knet_host_set_policy(knet_handle_t knet_h, uint16_t node_id, int policy);
int knet_link_enable(knet_handle_t knet_h, uint16_t node_id, struct knet_link *lnk, int configured);
-void knet_link_timeout(struct knet_link *lnk, time_t interval, time_t timeout, int precision);
+void knet_link_timeout(knet_handle_t knet_h, uint16_t node_id, struct knet_link *lnk, time_t interval, time_t timeout, int precision);
int knet_link_priority(knet_handle_t knet_h, uint16_t node_id, struct knet_link *lnk, uint8_t priority);
#define KNET_HOST_FOREACH_NEXT 0 /* next host */
if (head)
*head = (ret == 0) ? knet_h->listener_head : NULL;
+ if (ret)
+ log_debug(knet_h, KNET_SUB_LISTENER, "listener_acquire: Unable to acquire lock (%d)", writelock);
+
return ret;
}
listener->sock = socket(listener->address.ss_family, SOCK_DGRAM, 0);
- if (listener->sock < 0)
+ if (listener->sock < 0) {
+ log_err(knet_h, KNET_SUB_LISTENER, "Unable to create listener socket");
return listener->sock;
+ }
value = KNET_RING_RCVBUFF;
setsockopt(listener->sock, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value));
}
if (_fdset_cloexec(listener->sock) != 0) {
+ log_err(knet_h, KNET_SUB_LISTENER, "Unable to set listener socket opts");
save_errno = errno;
goto exit_fail1;
}
if (bind(listener->sock, (struct sockaddr *) &listener->address,
sizeof(struct sockaddr_storage)) != 0) {
+ log_err(knet_h, KNET_SUB_LISTENER, "Unable to bind listener socket");
save_errno = errno;
goto exit_fail1;
}
ev.data.fd = listener->sock;
if (epoll_ctl(knet_h->recv_from_links_epollfd, EPOLL_CTL_ADD, listener->sock, &ev) != 0) {
+ log_err(knet_h, KNET_SUB_LISTENER, "Unable to add listener to epoll pool");
save_errno = errno;
goto exit_fail1;
}
if (pthread_rwlock_wrlock(&knet_h->list_rwlock) != 0) {
+ log_err(knet_h, KNET_SUB_LISTENER, "listener_add: Unable to get write lock");
save_errno = errno;
goto exit_fail2;
}
struct knet_host *host;
struct knet_listener *tmp_listener;
- if (pthread_rwlock_wrlock(&knet_h->list_rwlock) != 0)
+ if (pthread_rwlock_wrlock(&knet_h->list_rwlock) != 0) {
+ log_err(knet_h, KNET_SUB_LISTENER, "listener_remove: Unable to get write lock");
return -EINVAL;
+ }
ret = 0;
continue;
if (host->link[link_idx].sock == listener->sock) {
+ log_err(knet_h, KNET_SUB_LISTENER, "listener_remove: listener in use");
ret = -EBUSY;
goto exit_fail1;
}
#include "nsscrypto.h"
#include "libknet-private.h"
-#ifdef CRYPTO_DEBUG
-#include <stdio.h>
-#define log_printf(format, args...) fprintf(stderr, format "\n", ##args);
-#else
-#define log_printf(format, args...);
-#endif
-
/*
* crypto definitions and conversion tables
*/
return -1;
}
-static int init_nss_crypto(struct nsscrypto_instance *instance)
+static int init_nss_crypto(knet_handle_t knet_h)
{
PK11SlotInfo* crypt_slot = NULL;
SECItem crypt_param;
+ struct nsscrypto_instance *instance = knet_h->crypto_instance->model_instance;
if (!cipher_to_nss[instance->crypto_cipher_type]) {
return 0;
crypt_slot = PK11_GetBestSlot(cipher_to_nss[instance->crypto_cipher_type], NULL);
if (crypt_slot == NULL) {
- log_printf("Unable to find security slot (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "Unable to find security slot (err %d)",
PR_GetError());
return -1;
}
PK11_OriginUnwrap, CKA_ENCRYPT|CKA_DECRYPT,
&crypt_param, NULL);
if (instance->nss_sym_key == NULL) {
- log_printf("Failure to import key into NSS (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "Failure to import key into NSS (err %d)",
PR_GetError());
return -1;
}
}
static int encrypt_nss(
- struct nsscrypto_instance *instance,
+ knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
+ struct nsscrypto_instance *instance = knet_h->crypto_instance->model_instance;
PK11Context* crypt_context = NULL;
SECItem crypt_param;
SECItem *nss_sec_param = NULL;
int err = -1;
if (PK11_GenerateRandom (salt, SALT_SIZE) != SECSuccess) {
- log_printf("Failure to generate a random number %d",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "Failure to generate a random number %d",
PR_GetError());
goto out;
}
nss_sec_param = PK11_ParamFromIV (cipher_to_nss[instance->crypto_cipher_type],
&crypt_param);
if (nss_sec_param == NULL) {
- log_printf("Failure to set up PKCS11 param (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "Failure to set up PKCS11 param (err %d)",
PR_GetError());
goto out;
}
instance->nss_sym_key,
nss_sec_param);
if (!crypt_context) {
- log_printf("PK11_CreateContext failed (encrypt) crypt_type=%d (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_CreateContext failed (encrypt) crypt_type=%d (err %d)",
(int)cipher_to_nss[instance->crypto_cipher_type],
PR_GetError());
goto out;
&tmp1_outlen,
KNET_DATABUFSIZE_CRYPT,
(unsigned char *)buf_in, buf_in_len) != SECSuccess) {
- log_printf("PK11_CipherOp failed (encrypt) crypt_type=%d (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_CipherOp failed (encrypt) crypt_type=%d (err %d)",
(int)cipher_to_nss[instance->crypto_cipher_type],
PR_GetError());
goto out;
if (PK11_DigestFinal(crypt_context, data + tmp1_outlen,
&tmp2_outlen, KNET_DATABUFSIZE_CRYPT - tmp1_outlen) != SECSuccess) {
- log_printf("PK11_DigestFinal failed (encrypt) crypt_type=%d (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_DigestFinal failed (encrypt) crypt_type=%d (err %d)",
(int)cipher_to_nss[instance->crypto_cipher_type],
PR_GetError());
goto out;
}
static int decrypt_nss (
- struct nsscrypto_instance *instance,
+ knet_handle_t knet_h,
unsigned char *buf,
ssize_t *buf_len)
{
+ struct nsscrypto_instance *instance = knet_h->crypto_instance->model_instance;
PK11Context* decrypt_context = NULL;
SECItem decrypt_param;
int tmp1_outlen = 0;
CKA_DECRYPT,
instance->nss_sym_key, &decrypt_param);
if (!decrypt_context) {
- log_printf("PK11_CreateContext (decrypt) failed (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_CreateContext (decrypt) failed (err %d)",
PR_GetError());
goto out;
}
if (PK11_CipherOp(decrypt_context, outbuf, &tmp1_outlen,
sizeof(outbuf), data, datalen) != SECSuccess) {
- log_printf("PK11_CipherOp (decrypt) failed (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_CipherOp (decrypt) failed (err %d)",
PR_GetError());
goto out;
}
if (PK11_DigestFinal(decrypt_context, outbuf + tmp1_outlen, &tmp2_outlen,
sizeof(outbuf) - tmp1_outlen) != SECSuccess) {
- log_printf("PK11_DigestFinal (decrypt) failed (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_DigestFinal (decrypt) failed (err %d)",
PR_GetError());
goto out;
}
return -1;
}
-static int init_nss_hash(struct nsscrypto_instance *instance)
+static int init_nss_hash(knet_handle_t knet_h)
{
PK11SlotInfo* hash_slot = NULL;
SECItem hash_param;
+ struct nsscrypto_instance *instance = knet_h->crypto_instance->model_instance;
if (!hash_to_nss[instance->crypto_hash_type]) {
return 0;
hash_slot = PK11_GetBestSlot(hash_to_nss[instance->crypto_hash_type], NULL);
if (hash_slot == NULL) {
- log_printf("Unable to find security slot (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "Unable to find security slot (err %d)",
PR_GetError());
return -1;
}
PK11_OriginUnwrap, CKA_SIGN,
&hash_param, NULL);
if (instance->nss_sym_key_sign == NULL) {
- log_printf("Failure to import key into NSS (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "Failure to import key into NSS (err %d)",
PR_GetError());
return -1;
}
}
static int calculate_nss_hash(
- struct nsscrypto_instance *instance,
+ knet_handle_t knet_h,
const unsigned char *buf,
const size_t buf_len,
unsigned char *hash)
{
+ struct nsscrypto_instance *instance = knet_h->crypto_instance->model_instance;
PK11Context* hash_context = NULL;
SECItem hash_param;
unsigned int hash_tmp_outlen = 0;
&hash_param);
if (!hash_context) {
- log_printf("PK11_CreateContext failed (hash) hash_type=%d (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_CreateContext failed (hash) hash_type=%d (err %d)",
(int)hash_to_nss[instance->crypto_hash_type],
PR_GetError());
goto out;
}
if (PK11_DigestBegin(hash_context) != SECSuccess) {
- log_printf("PK11_DigestBegin failed (hash) hash_type=%d (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_DigestBegin failed (hash) hash_type=%d (err %d)",
(int)hash_to_nss[instance->crypto_hash_type],
PR_GetError());
goto out;
if (PK11_DigestOp(hash_context,
buf,
buf_len) != SECSuccess) {
- log_printf("PK11_DigestOp failed (hash) hash_type=%d (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_DigestOp failed (hash) hash_type=%d (err %d)",
(int)hash_to_nss[instance->crypto_hash_type],
PR_GetError());
goto out;
hash_block,
&hash_tmp_outlen,
hash_block_len[instance->crypto_hash_type]) != SECSuccess) {
- log_printf("PK11_DigestFinale failed (hash) hash_type=%d (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "PK11_DigestFinale failed (hash) hash_type=%d (err %d)",
(int)hash_to_nss[instance->crypto_hash_type],
PR_GetError());
goto out;
* global/glue nss functions
*/
-static int init_nss_db(struct nsscrypto_instance *instance)
+static int init_nss_db(knet_handle_t knet_h)
{
+ struct nsscrypto_instance *instance = knet_h->crypto_instance->model_instance;
+
if ((!cipher_to_nss[instance->crypto_cipher_type]) &&
(!hash_to_nss[instance->crypto_hash_type])) {
return 0;
}
if (NSS_NoDB_Init(".") != SECSuccess) {
- log_printf("NSS DB initialization failed (err %d)",
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "NSS DB initialization failed (err %d)",
PR_GetError());
return -1;
}
return 0;
}
-static int init_nss(struct nsscrypto_instance *instance)
+static int init_nss(knet_handle_t knet_h)
{
- if (init_nss_db(instance) < 0) {
+ if (init_nss_db(knet_h) < 0) {
return -1;
}
- if (init_nss_crypto(instance) < 0) {
+ if (init_nss_crypto(knet_h) < 0) {
return -1;
}
- if (init_nss_hash(instance) < 0) {
+ if (init_nss_hash(knet_h) < 0) {
return -1;
}
*/
int nsscrypto_encrypt_and_sign (
- void *model_instance,
+ knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
ssize_t *buf_out_len)
{
- struct nsscrypto_instance *instance = model_instance;
+ struct nsscrypto_instance *instance = knet_h->crypto_instance->model_instance;
if (cipher_to_nss[instance->crypto_cipher_type]) {
- if (encrypt_nss(instance, buf_in, buf_in_len, buf_out, buf_out_len) < 0) {
+ if (encrypt_nss(knet_h, buf_in, buf_in_len, buf_out, buf_out_len) < 0) {
return -1;
}
} else {
}
if (hash_to_nss[instance->crypto_hash_type]) {
- if (calculate_nss_hash(instance, buf_out, *buf_out_len, buf_out + *buf_out_len) < 0) {
+ if (calculate_nss_hash(knet_h, buf_out, *buf_out_len, buf_out + *buf_out_len) < 0) {
return -1;
}
*buf_out_len = *buf_out_len + hash_len[instance->crypto_hash_type];
}
int nsscrypto_authenticate_and_decrypt (
- void *model_instance,
+ knet_handle_t knet_h,
unsigned char *buf,
ssize_t *buf_len)
{
- struct nsscrypto_instance *instance = model_instance;
+ struct nsscrypto_instance *instance = knet_h->crypto_instance->model_instance;
if (hash_to_nss[instance->crypto_hash_type]) {
unsigned char tmp_hash[hash_len[instance->crypto_hash_type]];
- if (calculate_nss_hash(instance, buf, *buf_len - hash_len[instance->crypto_hash_type], tmp_hash) < 0) {
+ if (calculate_nss_hash(knet_h, buf, *buf_len - hash_len[instance->crypto_hash_type], tmp_hash) < 0) {
return -1;
}
if (memcmp(tmp_hash, buf + (*buf_len - hash_len[instance->crypto_hash_type]), hash_len[instance->crypto_hash_type]) != 0) {
- log_printf("Digest does not match");
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "Digest does not match");
return -1;
}
}
if (cipher_to_nss[instance->crypto_cipher_type]) {
- if (decrypt_nss(instance, buf, buf_len) < 0) {
+ if (decrypt_nss(knet_h, buf, buf_len) < 0) {
return -1;
}
}
{
struct nsscrypto_instance *nsscrypto_instance = NULL;
- log_printf("Initizializing nss crypto module [%s/%s]",
+ log_debug(knet_h, KNET_SUB_NSSCRYPTO,
+ "Initizializing nss crypto module [%s/%s]",
knet_handle_crypto_cfg->crypto_cipher_type,
knet_handle_crypto_cfg->crypto_hash_type);
knet_h->crypto_instance->model_instance = malloc(sizeof(struct nsscrypto_instance));
if (!knet_h->crypto_instance->model_instance) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "Unable to allocate memory for nss model instance");
return -1;
}
memset(nsscrypto_instance, 0, sizeof(struct nsscrypto_instance));
if (!knet_handle_crypto_cfg->crypto_cipher_type) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "no crypto cipher type specified");
goto out_err;
}
nsscrypto_instance->crypto_cipher_type = string_to_crypto_cipher_type(knet_handle_crypto_cfg->crypto_cipher_type);
if (nsscrypto_instance->crypto_cipher_type < 0) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "unknown crypto cipher type requested");
goto out_err;
}
if (!knet_handle_crypto_cfg->crypto_hash_type) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "no crypto hash type specified");
goto out_err;
}
nsscrypto_instance->crypto_hash_type = string_to_crypto_hash_type(knet_handle_crypto_cfg->crypto_hash_type);
if (nsscrypto_instance->crypto_hash_type < 0) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "unknown crypto hash type requested");
goto out_err;
}
if ((!nsscrypto_instance->private_key) ||
(nsscrypto_instance->private_key_len < KNET_MIN_KEY_LEN) ||
(nsscrypto_instance->private_key_len > KNET_MAX_KEY_LEN)) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "crypto private key parameters are incorrect");
goto out_err;
}
}
knet_h->tap_to_links_buf_crypt = malloc(KNET_DATABUFSIZE_CRYPT);
- if (!knet_h->tap_to_links_buf_crypt)
+ if (!knet_h->tap_to_links_buf_crypt) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "unable to allocate memory for crypto send buffer");
goto out_err;
+ }
knet_h->pingbuf_crypt = malloc(KNET_DATABUFSIZE_CRYPT);
- if (!knet_h->pingbuf_crypt)
+ if (!knet_h->pingbuf_crypt) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "unable to allocate memory for crypto hb buffer");
goto out_err;
+ }
knet_h->recv_from_links_buf_crypt = malloc(KNET_DATABUFSIZE_CRYPT);
- if (!knet_h->recv_from_links_buf_crypt)
+ if (!knet_h->recv_from_links_buf_crypt) {
+ log_err(knet_h, KNET_SUB_NSSCRYPTO, "unable to allocate memory for crypto recv buffer");
goto out_err;
+ }
nsscrypto_instance->private_key = knet_handle_crypto_cfg->private_key;
nsscrypto_instance->private_key_len = knet_handle_crypto_cfg->private_key_len;
- if (init_nss(nsscrypto_instance) < 0) {
+ if (init_nss(knet_h) < 0) {
goto out_err;
}
struct nsscrypto_instance;
int nsscrypto_authenticate_and_decrypt (
- void *model_instance,
+ knet_handle_t knet_h,
unsigned char *buf,
ssize_t *buf_len);
int nsscrypto_encrypt_and_sign (
- void *model_instance,
+ knet_handle_t knet_h,
const unsigned char *buf_in,
const ssize_t buf_in_len,
unsigned char *buf_out,
for (i = 2; i < argc; i++) {
if (!strncmp(argv[i], "crypto", 6))
continue;
+ if (!strncmp(argv[i], "debug", 5))
+ continue;
if (knet_host_add(knet_h, i - 1) != 0) {
printf("Unable to add new knet_host\n");
host->link[0].sock = listener->sock;
host->link[0].address.ss_family = AF_INET;
- knet_link_timeout(&host->link[0], 1000, 5000, 2048);
+ knet_link_timeout(knet_h, host->node_id, &host->link[0], 1000, 5000, 2048);
knet_link_enable(knet_h, host->node_id, &host->link[0], 1);
projects / mirror_kronosnet.git / commitdiff