From 42f4dcef8895bed3576f2797da8be392ac66bfbf Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Sun, 27 Sep 2020 11:22:38 +0200 Subject: [PATCH] Introduce crypt_logf and remove logger wrapper. Export (alredy existing) log function with variable parameter count. --- lib/cli/cli.c | 67 ++++++++++++----------------------- lib/cli/libcryptsetup_cli.h | 11 +----- lib/cli/libcryptsetup_cli.sym | 1 - lib/internal.h | 9 +++-- lib/libcryptsetup.h | 9 +++++ lib/libcryptsetup.sym | 1 + lib/setup.c | 5 ++- src/cryptsetup.c | 10 +++--- src/cryptsetup.h | 6 ++++ src/cryptsetup_reencrypt.c | 2 +- src/integritysetup.c | 6 ++-- src/veritysetup.c | 2 +- 12 files changed, 55 insertions(+), 74 deletions(-) diff --git a/lib/cli/cli.c b/lib/cli/cli.c index d51e691a..466dfda6 100644 --- a/lib/cli/cli.c +++ b/lib/cli/cli.c @@ -39,8 +39,6 @@ #include "libcryptsetup_cli.h" #include "cli_internal.h" -#define LOG_MAX_LEN 4096 - /* Password reading helpers */ static int untimed_read(int fd, char *pass, size_t maxlen) { @@ -77,20 +75,20 @@ static int timed_read(int fd, char *pass, size_t maxlen, long timeout) #if defined ENABLE_PWQUALITY #include -static int tools_check_pwquality(const char *password) +static int tools_check_pwquality(struct crypt_device *cd, const char *password) { int r; void *auxerror; pwquality_settings_t *pwq; - log_dbg("Checking new password using default pwquality settings."); + crypt_logf(cd, CRYPT_LOG_DEBUG, "Checking new password using default pwquality settings."); pwq = pwquality_default_settings(); if (!pwq) return -EINVAL; r = pwquality_read_config(pwq, NULL, &auxerror); if (r) { - log_err(_("Cannot check password quality: %s"), + crypt_logf(cd, CRYPT_LOG_ERROR, _("Cannot check password quality: %s"), pwquality_strerror(NULL, 0, r, auxerror)); pwquality_free_settings(pwq); return -EINVAL; @@ -98,11 +96,11 @@ static int tools_check_pwquality(const char *password) r = pwquality_check(pwq, password, NULL, NULL, &auxerror); if (r < 0) { - log_err(_("Password quality check failed:\n %s"), + crypt_logf(cd, CRYPT_LOG_ERROR, _("Password quality check failed:\n %s"), pwquality_strerror(NULL, 0, r, auxerror)); r = -EPERM; } else { - log_dbg("New password libpwquality score is %d.", r); + crypt_logf(cd, CRYPT_LOG_DEBUG, "New password libpwquality score is %d.", r); r = 0; } @@ -112,7 +110,7 @@ static int tools_check_pwquality(const char *password) #elif defined ENABLE_PASSWDQC #include -static int tools_check_pwquality(const char *password) +static int tools_check_pwquality(struct crypt_device *cd, const char *password) { passwdqc_params_t params; char *parse_reason; @@ -122,7 +120,7 @@ static int tools_check_pwquality(const char *password) passwdqc_params_reset(¶ms); if (*config && passwdqc_params_load(¶ms, &parse_reason, config)) { - log_err(_("Cannot check password quality: %s"), + crypt_logf(cd, CRYPT_LOG_ERROR, _("Cannot check password quality: %s"), (parse_reason ? parse_reason : "Out of memory")); free(parse_reason); return -EINVAL; @@ -130,7 +128,7 @@ static int tools_check_pwquality(const char *password) check_reason = passwdqc_check(¶ms.qc, password, NULL, NULL); if (check_reason) { - log_err(_("Password quality check failed: Bad passphrase (%s)"), + crypt_logf(cd, CRYPT_LOG_ERROR, _("Password quality check failed: Bad passphrase (%s)"), check_reason); return -EPERM; } @@ -138,7 +136,7 @@ static int tools_check_pwquality(const char *password) return 0; } #else /* !(ENABLE_PWQUALITY || ENABLE_PASSWDQC) */ -static int tools_check_pwquality(const char *password) +static int tools_check_pwquality(struct crypt_device *cd, const char *password) { return 0; } @@ -198,16 +196,16 @@ static int crypt_get_key_tty(const char *prompt, *key = NULL; *key_size = 0; - log_dbg("Interactive passphrase entry requested."); + crypt_logf(cd, CRYPT_LOG_DEBUG, "Interactive passphrase entry requested."); pass = crypt_safe_alloc(key_size_max + 1); if (!pass) { - log_err( _("Out of memory while reading passphrase.")); + crypt_logf(cd, CRYPT_LOG_ERROR, _("Out of memory while reading passphrase.")); return -ENOMEM; } if (interactive_pass(prompt, pass, key_size_max, timeout)) { - log_err(_("Error reading passphrase from terminal.")); + crypt_logf(cd, CRYPT_LOG_ERROR, _("Error reading passphrase from terminal.")); goto out_err; } pass[key_size_max] = '\0'; @@ -215,19 +213,19 @@ static int crypt_get_key_tty(const char *prompt, if (verify) { pass_verify = crypt_safe_alloc(key_size_max); if (!pass_verify) { - log_err(_("Out of memory while reading passphrase.")); + crypt_logf(cd, CRYPT_LOG_ERROR, _("Out of memory while reading passphrase.")); r = -ENOMEM; goto out_err; } if (interactive_pass(_("Verify passphrase: "), pass_verify, key_size_max, timeout)) { - log_err(_("Error reading passphrase from terminal.")); + crypt_logf(cd, CRYPT_LOG_ERROR, _("Error reading passphrase from terminal.")); goto out_err; } if (strncmp(pass, pass_verify, key_size_max)) { - log_err(_("Passphrases do not match.")); + crypt_logf(cd, CRYPT_LOG_ERROR, _("Passphrases do not match.")); r = -EPERM; goto out_err; } @@ -268,7 +266,7 @@ int crypt_cli_get_key(const char *prompt, if (tools_is_stdin(key_file)) { if (isatty(STDIN_FILENO)) { if (keyfile_offset) { - log_err(_("Cannot use offset with terminal input.")); + crypt_logf(cd, CRYPT_LOG_ERROR, _("Cannot use offset with terminal input.")); } else { if (!prompt && !crypt_get_device_name(cd)) snprintf(tmp, sizeof(tmp), _("Enter passphrase: ")); @@ -280,26 +278,26 @@ int crypt_cli_get_key(const char *prompt, r = crypt_get_key_tty(prompt ?: tmp, key, key_size, timeout, verify, cd); } } else { - log_dbg("STDIN descriptor passphrase entry requested."); + crypt_logf(cd, CRYPT_LOG_DEBUG, "STDIN descriptor passphrase entry requested."); /* No keyfile means STDIN with EOL handling (\n will end input)). */ r = crypt_keyfile_device_read(cd, NULL, key, key_size, keyfile_offset, keyfile_size_max, key_file ? 0 : CRYPT_KEYFILE_STOP_EOL); } } else { - log_dbg("File descriptor passphrase entry requested."); + crypt_logf(cd, CRYPT_LOG_DEBUG, "File descriptor passphrase entry requested."); r = crypt_keyfile_device_read(cd, key_file, key, key_size, keyfile_offset, keyfile_size_max, 0); } /* Check pwquality for password (not keyfile) */ if (pwquality && !key_file && !r) - r = tools_check_pwquality(*key); + r = tools_check_pwquality(cd, *key); return r; } -int crypt_cli_read_mk(const char *file, char **key, size_t keysize) +int crypt_cli_read_mk(struct crypt_device *cd, const char *file, char **key, size_t keysize) { int fd; ssize_t ret; @@ -313,13 +311,13 @@ int crypt_cli_read_mk(const char *file, char **key, size_t keysize) fd = open(file, O_RDONLY); if (fd == -1) { - log_err(_("Cannot read keyfile %s."), file); + crypt_logf(cd, CRYPT_LOG_ERROR, _("Cannot read keyfile %s."), file); goto fail; } ret = read_buffer(fd, *key, keysize); if (ret < 0 || (size_t)ret != keysize) { - log_err(_("Cannot read %d bytes from keyfile %s."), keysize, file); + crypt_logf(cd, CRYPT_LOG_ERROR, _("Cannot read %d bytes from keyfile %s."), keysize, file); close(fd); goto fail; } @@ -417,24 +415,3 @@ bool crypt_cli_arg_set(struct crypt_cli *ctx, const char *name) return arg->set; } - -__attribute__((format(printf, 5, 6))) -void crypt_cli_logger(struct crypt_device *cd, int level, const char *file, int line, - const char *format, ...) -{ - va_list argp; - char target[LOG_MAX_LEN + 2]; - - va_start(argp, format); - - if (vsnprintf(&target[0], LOG_MAX_LEN, format, argp) > 0) { - /* All verbose and error messages in tools end with EOL. */ - if (level == CRYPT_LOG_VERBOSE || level == CRYPT_LOG_ERROR || level == CRYPT_LOG_DEBUG || - level == CRYPT_LOG_DEBUG_JSON) - strncat(target, "\n", LOG_MAX_LEN); - - crypt_log(cd, level, target); - } - - va_end(argp); -} diff --git a/lib/cli/libcryptsetup_cli.h b/lib/cli/libcryptsetup_cli.h index e0779058..fd2b67d4 100644 --- a/lib/cli/libcryptsetup_cli.h +++ b/lib/cli/libcryptsetup_cli.h @@ -48,7 +48,7 @@ int crypt_cli_get_key(const char *prompt, int timeout, int verify, int pwquality, struct crypt_device *cd, struct crypt_cli *ctx); -int crypt_cli_read_mk(const char *file, char **key, size_t keysize); +int crypt_cli_read_mk(struct crypt_device *cd, const char *file, char **key, size_t keysize); bool crypt_cli_arg_set(struct crypt_cli *ctx, const char *name); @@ -56,15 +56,6 @@ int crypt_cli_arg_value(struct crypt_cli *ctx, const char *name, void *value); int crypt_cli_arg_type(struct crypt_cli *ctx, const char *name, crypt_arg_type_info *type); -void crypt_cli_logger(struct crypt_device *cd, int level, const char *file, int line, - const char *format, ...); - -/* Log */ -#define log_dbg(x...) crypt_cli_logger(NULL, CRYPT_LOG_DEBUG, __FILE__, __LINE__, x) -#define log_std(x...) crypt_cli_logger(NULL, CRYPT_LOG_NORMAL, __FILE__, __LINE__, x) -#define log_verbose(x...) crypt_cli_logger(NULL, CRYPT_LOG_VERBOSE, __FILE__, __LINE__, x) -#define log_err(x...) crypt_cli_logger(NULL, CRYPT_LOG_ERROR, __FILE__, __LINE__, x) - #ifdef __cplusplus } #endif diff --git a/lib/cli/libcryptsetup_cli.sym b/lib/cli/libcryptsetup_cli.sym index 52e64af3..d3992017 100644 --- a/lib/cli/libcryptsetup_cli.sym +++ b/lib/cli/libcryptsetup_cli.sym @@ -5,7 +5,6 @@ CRYPTSETUP_CLI_1.0 { crypt_cli_arg_set; crypt_cli_arg_type; crypt_cli_arg_value; - crypt_cli_logger; local: *; }; diff --git a/lib/internal.h b/lib/internal.h index 8ebe791b..ff00914a 100644 --- a/lib/internal.h +++ b/lib/internal.h @@ -193,11 +193,10 @@ uint64_t crypt_getphysmemory_kb(void); int init_crypto(struct crypt_device *ctx); -void logger(struct crypt_device *cd, int level, const char *file, int line, const char *format, ...) __attribute__ ((format (printf, 5, 6))); -#define log_dbg(c, x...) logger(c, CRYPT_LOG_DEBUG, __FILE__, __LINE__, x) -#define log_std(c, x...) logger(c, CRYPT_LOG_NORMAL, __FILE__, __LINE__, x) -#define log_verbose(c, x...) logger(c, CRYPT_LOG_VERBOSE, __FILE__, __LINE__, x) -#define log_err(c, x...) logger(c, CRYPT_LOG_ERROR, __FILE__, __LINE__, x) +#define log_dbg(c, x...) crypt_logf(c, CRYPT_LOG_DEBUG, x) +#define log_std(c, x...) crypt_logf(c, CRYPT_LOG_NORMAL, x) +#define log_verbose(c, x...) crypt_logf(c, CRYPT_LOG_VERBOSE, x) +#define log_err(c, x...) crypt_logf(c, CRYPT_LOG_ERROR, x) int crypt_get_debug_level(void); diff --git a/lib/libcryptsetup.h b/lib/libcryptsetup.h index 5886ee07..953f5839 100644 --- a/lib/libcryptsetup.h +++ b/lib/libcryptsetup.h @@ -215,6 +215,15 @@ void crypt_set_log_callback(struct crypt_device *cd, * @param msg log message */ void crypt_log(struct crypt_device *cd, int level, const char *msg); + +/** + * Log function with variable arguments. + * + * @param cd crypt device handle + * @param level log level + * @param format formatted log message + */ +void crypt_logf(struct crypt_device *cd, int level, const char *format, ...); /** @} */ /** diff --git a/lib/libcryptsetup.sym b/lib/libcryptsetup.sym index 03ca9646..5ccf8b8e 100644 --- a/lib/libcryptsetup.sym +++ b/lib/libcryptsetup.sym @@ -117,6 +117,7 @@ CRYPTSETUP_2.0 { crypt_get_dir; crypt_set_debug_level; crypt_log; + crypt_logf; crypt_header_backup; crypt_header_restore; diff --git a/lib/setup.c b/lib/setup.c index 389ae724..89b17d4d 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -175,9 +175,8 @@ void crypt_log(struct crypt_device *cd, int level, const char *msg) fprintf(level == CRYPT_LOG_ERROR ? stderr : stdout, "%s", msg); } -__attribute__((format(printf, 5, 6))) -void logger(struct crypt_device *cd, int level, const char *file, - int line, const char *format, ...) +__attribute__((format(printf, 3, 4))) +void crypt_logf(struct crypt_device *cd, int level, const char *format, ...) { va_list argp; char target[LOG_MAX_LEN + 2]; diff --git a/src/cryptsetup.c b/src/cryptsetup.c index e7985b5c..ac56cbd3 100644 --- a/src/cryptsetup.c +++ b/src/cryptsetup.c @@ -1308,7 +1308,7 @@ static int _luksFormat(struct crypt_device **r_cd, char **r_password, size_t *r_ goto out; if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) { - r = crypt_cli_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize); + r = crypt_cli_read_mk(cd, ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize); if (r < 0) goto out; } @@ -1417,7 +1417,7 @@ static int action_open_luks(void) } else if (!keysize) keysize = ARG_UINT32(OPT_KEY_SIZE_ID) / 8; - r = crypt_cli_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize); + r = crypt_cli_read_mk(cd, ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize); if (r < 0) goto out; r = crypt_activate_by_volume_key(cd, activated_name, @@ -1666,7 +1666,7 @@ static int luksAddUnboundKey(void) } if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) { - r = crypt_cli_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize); + r = crypt_cli_read_mk(cd, ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize); if (r < 0) goto out; @@ -1740,7 +1740,7 @@ static int action_luksAddKey(void) } else if (!keysize) keysize = ARG_UINT32(OPT_KEY_SIZE_ID) / 8; - r = crypt_cli_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize); + r = crypt_cli_read_mk(cd, ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize); if (r < 0) goto out; @@ -3159,7 +3159,7 @@ static int action_reencrypt_luks2(struct crypt_device *cd) goto err; if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) { - r = crypt_cli_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &vk, key_size); + r = crypt_cli_read_mk(cd, ARG_STR(OPT_MASTER_KEY_FILE_ID), &vk, key_size); if (r < 0) goto err; } diff --git a/src/cryptsetup.h b/src/cryptsetup.h index 53df23fd..35ec8ec5 100644 --- a/src/cryptsetup.h +++ b/src/cryptsetup.h @@ -127,4 +127,10 @@ void tools_cleanup(void); #define FREE_AND_NULL(x) do { free(x); x = NULL; } while (0) +/* Log */ +#define log_dbg(x...) crypt_logf(NULL, CRYPT_LOG_DEBUG, x) +#define log_std(x...) crypt_logf(NULL, CRYPT_LOG_NORMAL, x) +#define log_verbose(x...) crypt_logf(NULL, CRYPT_LOG_VERBOSE, x) +#define log_err(x...) crypt_logf(NULL, CRYPT_LOG_ERROR, x) + #endif /* CRYPTSETUP_H */ diff --git a/src/cryptsetup_reencrypt.c b/src/cryptsetup_reencrypt.c index ead558e6..9b7f155d 100644 --- a/src/cryptsetup_reencrypt.c +++ b/src/cryptsetup_reencrypt.c @@ -715,7 +715,7 @@ static int backup_luks_headers(struct reenc_ctx *rc) rc->p[rc->keyslot].password, rc->p[rc->keyslot].passwordLen); } else if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) { log_dbg("Loading new key from file."); - r = crypt_cli_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, key_size); + r = crypt_cli_read_mk(cd, ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, key_size); } if (r < 0) diff --git a/src/integritysetup.c b/src/integritysetup.c index e5e1bcb1..b7a8b8f3 100644 --- a/src/integritysetup.c +++ b/src/integritysetup.c @@ -45,14 +45,14 @@ static int _read_keys(char **integrity_key, struct crypt_params_integrity *param int r; if (integrity_key && ARG_SET(OPT_INTEGRITY_KEY_FILE_ID)) { - r = crypt_cli_read_mk(ARG_STR(OPT_INTEGRITY_KEY_FILE_ID), &int_key, ARG_UINT32(OPT_INTEGRITY_KEY_SIZE_ID)); + r = crypt_cli_read_mk(NULL, ARG_STR(OPT_INTEGRITY_KEY_FILE_ID), &int_key, ARG_UINT32(OPT_INTEGRITY_KEY_SIZE_ID)); if (r < 0) return r; params->integrity_key_size = ARG_UINT32(OPT_INTEGRITY_KEY_SIZE_ID); } if (ARG_SET(OPT_JOURNAL_INTEGRITY_KEY_FILE_ID)) { - r = crypt_cli_read_mk(ARG_STR(OPT_JOURNAL_INTEGRITY_KEY_FILE_ID), &journal_integrity_key, ARG_UINT32(OPT_JOURNAL_INTEGRITY_KEY_SIZE_ID)); + r = crypt_cli_read_mk(NULL, ARG_STR(OPT_JOURNAL_INTEGRITY_KEY_FILE_ID), &journal_integrity_key, ARG_UINT32(OPT_JOURNAL_INTEGRITY_KEY_SIZE_ID)); if (r < 0) { crypt_safe_free(int_key); return r; @@ -62,7 +62,7 @@ static int _read_keys(char **integrity_key, struct crypt_params_integrity *param } if (ARG_SET(OPT_JOURNAL_CRYPT_KEY_FILE_ID)) { - r = crypt_cli_read_mk(ARG_STR(OPT_JOURNAL_CRYPT_KEY_FILE_ID), &journal_crypt_key, ARG_UINT32(OPT_JOURNAL_CRYPT_KEY_SIZE_ID)); + r = crypt_cli_read_mk(NULL, ARG_STR(OPT_JOURNAL_CRYPT_KEY_FILE_ID), &journal_crypt_key, ARG_UINT32(OPT_JOURNAL_CRYPT_KEY_SIZE_ID)); if (r < 0) { crypt_safe_free(int_key); crypt_safe_free(journal_integrity_key); diff --git a/src/veritysetup.c b/src/veritysetup.c index 320cd29e..757a3cb1 100644 --- a/src/veritysetup.c +++ b/src/veritysetup.c @@ -178,7 +178,7 @@ static int _activate(const char *dm_device, goto out; } signature_size = st.st_size; - r = crypt_cli_read_mk(ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID), &signature, signature_size); + r = crypt_cli_read_mk(cd, ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID), &signature, signature_size); if (r < 0) { log_err(_("Cannot read signature file %s."), ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID)); goto out;