Skip to content
Snippets Groups Projects
Commit 43b4672c authored by Maarten de Waard's avatar Maarten de Waard :angel:
Browse files

replace printf with y_log_message and set debug level. Todo: remove new lines from log messages

parent 5e8bac28
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 188 additions and 129 deletions
src/api/encryption_get.c
+ 1
1
View file @ 43b4672c
......@@ -33,7 +33,7 @@ int callback_encryption_get(const struct _u_request * request,
FILESYSTEM_TYPE);
if (r != 0)
{
printf("mounting root device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR, "mounting root device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"mounting root device failed");
}
......
src/api/encryption_init_post.c
+ 83
57
View file @ 43b4672c
......@@ -57,9 +57,10 @@ int callback_encryption_init_post(const struct _u_request * request,
FILESYSTEM_TYPE);
if (r != 0)
{
printf("mounting root device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"mounting root device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"mounting root device failed");
"mounting root device failed");
}
// Determine if the files on the unencrypted device would fit in memory.
......@@ -73,27 +74,32 @@ int callback_encryption_init_post(const struct _u_request * request,
}
// Copy device contents to temporary filesystem.
printf("copying existing root device contents to memory\n");
y_log_message(Y_LOG_LEVEL_DEBUG,
"copying existing root device contents to memory\n");
char * command = NULL;
asprintf(&command, "rsync -a %s/ %s", UNENCRYPTED_TMP_MOUNTPOINT,
TMP_LOCATION);
r = system(command);
if (r != 0)
{
printf("copying root device contents into memory failed"
": return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"copying root device contents into memory failed: return code %d\n",
r);
return send_simple_response(response, 500, "error",
"copying root device contents into memory failed");
}
// Unmount unencrypted device.
printf("unmounting unencrypted device at %s\n", UNENCRYPTED_TMP_MOUNTPOINT);
y_log_message(Y_LOG_LEVEL_ERROR,
"unmounting unencrypted device at %s\n",
UNENCRYPTED_TMP_MOUNTPOINT);
r = umount(UNENCRYPTED_TMP_MOUNTPOINT);
if (r != 0)
{
printf("unmounting encrypted device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"unmounting encrypted device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"unmounting unencrypted device failed");
"unmounting unencrypted device failed");
}
// Check whether the authorized_keys file exists on root device.
......@@ -103,188 +109,208 @@ int callback_encryption_init_post(const struct _u_request * request,
struct stat st = {0};
if (stat(authorized_keys_path, &st) == -1)
{
printf("authorized_keys not found on root device at %s\n",
y_log_message(Y_LOG_LEVEL_ERROR,
"authorized_keys not found on root device at %s\n",
authorized_keys_path);
return send_simple_response(response, 500, "error",
"authorized_keys not found on root device");
"authorized_keys not found on root device");
}
// Re-partition device.
printf("repartitioning device %s\n", ROOT_DEVICE);
y_log_message(Y_LOG_LEVEL_ERROR, "repartitioning device %s\n", ROOT_DEVICE);
command = NULL;
asprintf(&command, "sgdisk -a 8192 -n 1:0:48M -N 2 %s", ROOT_DEVICE);
r = system(command);
if (r != 0)
{
printf("partitioning root device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"partitioning root device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"partitioning root device failed");
"partitioning root device failed");
}
// Inform kernel of partitioning changes.
printf("running partprobe\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "running partprobe\n");
command = NULL;
asprintf(&command, "partprobe");
r = system(command);
if (r != 0)
{
printf("partprobe: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR, "partprobe failed: return code %d\n",
r);
return send_simple_response(response, 500, "error",
"partprobe failed");
"partprobe failed");
}
// Sleep for a little while.
// This seems necessary for the newly created partitions to appear as
// devices.
printf("waiting a bit...\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "waiting a bit...\n");
sleep(2);
// Create filesystem on the info partition.
printf("creating filesystem on info partition\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "creating filesystem on info partition\n");
command = NULL;
asprintf(&command, "mkfs -t %s %s", FILESYSTEM_TYPE,
INFO_PARTITION_DEVICE);
printf("command: %s\n", command);
y_log_message(Y_LOG_LEVEL_DEBUG, "command: %s\n", command);
r = system(command);
if (r != 0)
{
printf("creating filesystem failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"creating filesystem failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"creating filesystem inside encrypted container failed");
"creating filesystem inside encrypted container failed");
}
// Mount the info partition.
printf("mounting info partition\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "mounting info partition\n");
r = temporary_mount(INFO_PARTITION_DEVICE, INFO_TMP_MOUNTPOINT,
FILESYSTEM_TYPE);
if (r != 0)
{
printf("mounting encrypted device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"mounting encrypted device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"mounting encrypted root device failed");
"mounting encrypted root device failed");
}
// Create some directories in the info partition.
printf("creating directories in info partition\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "creating directories in info partition\n");
command = NULL;
asprintf(&command, "mkdir -p %s%s %s%s", INFO_TMP_MOUNTPOINT,
AUTHORIZED_KEYS_DIR, INFO_TMP_MOUNTPOINT, SSH_HOST_KEY_DIR);
r = system(command);
if (r != 0)
{
printf("creating directories failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"creating directories failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"creating directories in info partition failed");
"creating directories in info partition failed");
}
// Copy authorized_keys file to the info partition.
printf("copying authorized_keys to info partition\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "copying authorized_keys to info partition\n");
command = NULL;
asprintf(&command, "cp %s %s%s",
AUTHORIZED_KEYS_PATH, INFO_TMP_MOUNTPOINT, AUTHORIZED_KEYS_PATH);
r = system(command);
if (r != 0)
{
printf("copying authorized_keys failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"copying authorized_keys failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"copying authorized_keys failed");
"copying authorized_keys failed");
}
// Copy dropbear ssh host keys from the initrd to the info partition.
printf("copying dropbear ssh host keys\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "copying dropbear ssh host keys\n");
command = NULL;
asprintf(&command, "cp /etc/dropbear/* %s%s/", INFO_TMP_MOUNTPOINT,
SSH_HOST_KEY_DIR);
r = system(command);
if (r != 0)
{
printf("copying dropbear ssh host keys failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_DEBUG,
"copying dropbear ssh host keys failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"copying dropbear ssh host keys failed");
"copying dropbear ssh host keys failed");
}
// Unmount info partition.
printf("unmounting info partition at %s\n", INFO_TMP_MOUNTPOINT);
y_log_message(Y_LOG_LEVEL_DEBUG,
"unmounting info partition at %s\n", INFO_TMP_MOUNTPOINT);
r = umount(INFO_TMP_MOUNTPOINT);
if (r != 0)
{
printf("unmounting failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"unmounting failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"unmounting configuration partition failed");
"unmounting configuration partition failed");
}
// Initialise encrypted container on data partition.
printf("creating encrypted container at %s\n", DATA_PARTITION_DEVICE);
y_log_message(Y_LOG_LEVEL_DEBUG,
"creating encrypted container at %s\n", DATA_PARTITION_DEVICE);
r = create_encrypted_device(DATA_PARTITION_DEVICE, password);
if (r != 0)
{
printf("creating encrypted container failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"creating encrypted container failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"creating encryption container failed");
"creating encryption container failed");
}
// Unlock the new container.
printf("unlocking encrypted device\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "unlocking encrypted device\n");
r = encryption_unlock(DATA_PARTITION_DEVICE, MAPPED_DEVICE_NAME,
password);
if (r != 0)
{
printf("unlocking encrypted container failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"unlocking encrypted container failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"unlocking new encryption container failed");
"unlocking new encryption container failed");
}
// Create filesystem in the new container.
printf("creating filesystem in new container\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "creating filesystem in new container\n");
command = NULL;
asprintf(&command, "mkfs -t %s %s", FILESYSTEM_TYPE, MAPPED_DEVICE_PATH);
r = system(command);
if (r != 0)
{
printf("creating filesystem failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"creating filesystem failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"creating filesystem inside encrypted container failed");
"creating filesystem inside encrypted container failed");
}
// Mount the unlocked container.
printf("mounting new filesystem\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "mounting new filesystem\n");
r = temporary_mount(MAPPED_DEVICE_PATH, DATA_TMP_MOUNTPOINT,
FILESYSTEM_TYPE);
if (r != 0)
{
printf("mounting encrypted device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"mounting encrypted device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"mounting encrypted root device failed");
"mounting encrypted root device failed");
}
// Copy device contents from temporary filesystem to encrypted container.
printf("copying root device contents from memory\n");
y_log_message(Y_LOG_LEVEL_DEBUG,
"copying root device contents from memory\n");
command = NULL;
asprintf(&command, "rsync -a %s/ %s", TMP_LOCATION, DATA_TMP_MOUNTPOINT);
r = system(command);
if (r != 0)
{
printf("copying from memory to encrypted device failed:"
" return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"copying from memory to encrypted device failed: return code %d",
r);
return send_simple_response(response, 500, "error",
"copying root device contents from memory failed");
"copying root device contents from memory failed");
}
// Unmount filesystem on encrypted data partition.
printf("unmounting encrypted device at %s\n", DATA_TMP_MOUNTPOINT);
y_log_message(Y_LOG_LEVEL_DEBUG,
"unmounting encrypted device at %s\n", DATA_TMP_MOUNTPOINT);
r = umount(DATA_TMP_MOUNTPOINT);
if (r != 0)
{
printf("unmounting encrypted device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"unmounting encrypted device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"unmounting encrypted device failed");
"unmounting encrypted device failed");
}
// Lock the container.
printf("locking encrypted device\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "locking encrypted device\n");
r = encryption_lock(MAPPED_DEVICE_NAME);
if (r != 0)
{
printf("locking encrypted container failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"locking encrypted container failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"locking container failed");
}
......
src/api/encryption_keys_get.c
+ 2
1
View file @ 43b4672c
......@@ -23,7 +23,8 @@ int callback_encryption_keys_get(const struct _u_request * request,
}
if (r != 0)
{
printf("container_initialise failed with status %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"container_initialise failed with status %d\n", r);
return send_simple_response(response, 500, "error",
"initialising encrypted container failed");
}
......
src/api/encryption_keys_put.c
+ 6
3
View file @ 43b4672c
......@@ -42,7 +42,8 @@ int callback_encryption_keys_put(const struct _u_request * request,
r = parse_int(keyslot_string, &keyslot);
if (r != 0)
{
printf("invalid url parameter `slot`: %s\n", keyslot_string);
y_log_message(Y_LOG_LEVEL_WARNING,
"invalid url parameter `slot`: %s\n", keyslot_string);
return send_simple_response(response, 400, "error",
"invalid url parameter `slot`");
}
......@@ -56,7 +57,8 @@ int callback_encryption_keys_put(const struct _u_request * request,
}
if (r != 0)
{
printf("container_initialise failed with status %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"container_initialise failed with status %d\n", r);
return send_simple_response(response, 500, "error",
"initialising encrypted container failed");
}
......@@ -75,7 +77,8 @@ int callback_encryption_keys_put(const struct _u_request * request,
if (r < 0)
{
// Something else went wrong.
printf("crypt_keyslot_add_by_passphrase failed with status %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"crypt_keyslot_add_by_passphrase failed with status %d\n", r);
return send_simple_response(response, 500, "error",
"error changing password");
}
......
src/api/encryption_remove_post.c
+ 51
33
View file @ 43b4672c
......@@ -46,7 +46,7 @@ int callback_encryption_remove_post(const struct _u_request * request,
}
// Unlock the container.
printf("unlocking encrypted device\n");
y_log_message(Y_LOG_LEVEL_INFO, "unlocking encrypted device\n");
r = encryption_unlock(DATA_PARTITION_DEVICE, MAPPED_DEVICE_NAME,
password);
if (r == -1)
......@@ -57,9 +57,10 @@ int callback_encryption_remove_post(const struct _u_request * request,
}
if (r != 0)
{
printf("unlocking encrypted container failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"unlocking encrypted container failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"unlocking encrypted container failed");
"unlocking encrypted container failed");
}
// Mount the filesystem on the encrypted data partition.
......@@ -67,9 +68,10 @@ int callback_encryption_remove_post(const struct _u_request * request,
FILESYSTEM_TYPE);
if (r != 0)
{
printf("mounting root device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"mounting root device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"mounting root device failed");
"mounting root device failed");
}
// Determine the filesystem usage of the encrypted data partition.
......@@ -78,111 +80,127 @@ int callback_encryption_remove_post(const struct _u_request * request,
{
// Projected memory usage is really high, so abort.
return send_simple_response(response, 500, "error",
"device too large");
"device too large");
}
// Copy device contents to temporary filesystem.
printf("copying existing root device contents to memory\n");
y_log_message(Y_LOG_LEVEL_DEBUG,
"copying existing root device contents to memory\n");
char * command = NULL;
asprintf(&command, "rsync -a %s/ %s", DATA_TMP_MOUNTPOINT, TMP_LOCATION);
r = system(command);
if(r != 0)
{
printf("copying root device contents into memory failed"
": return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"copying root device contents into memory failed: return code %d\n",
r);
return send_simple_response(response, 500, "error",
"copying root device contents into memory failed");
}
// Unmount encrypted data partition.
printf("unmounting encrypted device at %s\n", DATA_TMP_MOUNTPOINT);
y_log_message(Y_LOG_LEVEL_DEBUG,
"unmounting encrypted device at %s\n", DATA_TMP_MOUNTPOINT);
r = umount(DATA_TMP_MOUNTPOINT);
if (r != 0)
{
printf("unmounting encrypted device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"unmounting encrypted device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"unmounting encrypted device failed");
"unmounting encrypted device failed");
}
// Lock the container.
printf("locking encrypted device\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "locking encrypted device\n");
r = encryption_lock(MAPPED_DEVICE_NAME);
if (r != 0)
{
printf("locking encrypted container failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"locking encrypted container failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"locking encrypted container failed");
"locking encrypted container failed");
}
// Unmount info partition.
// We didn't mount this in cryptops-api, but it was mounted by the initrd
// scripts for use by dropbear.
printf("unmounting info partition at %s\n", INFO_MOUNTPOINT);
y_log_message(Y_LOG_LEVEL_DEBUG,
"unmounting info partition at %s\n", INFO_MOUNTPOINT);
r = umount(INFO_MOUNTPOINT);
if (r != 0)
{
printf("unmounting info partition failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"unmounting info partition failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"unmounting info partition failed");
}
// Remove all partitions from the device.
printf("removing partitions from device %s\n", ROOT_DEVICE);
y_log_message(Y_LOG_LEVEL_DEBUG,
"removing partitions from device %s\n", ROOT_DEVICE);
command = NULL;
asprintf(&command, "sgdisk -Z %s", ROOT_DEVICE);
r = system(command);
if (r != 0)
{
printf("removing partitions failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"removing partitions failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"removing partitions failed");
"removing partitions failed");
}
// Create filesystem on the unencrypted device.
printf("creating filesystem on unencrypted device\n");
y_log_message(Y_LOG_LEVEL_DEBUG,
"creating filesystem on unencrypted device\n");
command = NULL;
asprintf(&command, "mkfs -t %s %s", FILESYSTEM_TYPE, ROOT_DEVICE);
r = system(command);
if (r != 0)
{
printf("creating filesystem failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"creating filesystem failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"creating filesystem on unencrypted device failed");
"creating filesystem on unencrypted device failed");
}
// Mount the new filesystem.
printf("mounting new filesystem\n");
y_log_message(Y_LOG_LEVEL_DEBUG, "mounting new filesystem\n");
r = temporary_mount(ROOT_DEVICE, UNENCRYPTED_TMP_MOUNTPOINT,
FILESYSTEM_TYPE);
if (r != 0)
{
printf("mounting unencrypted device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"mounting unencrypted device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"mounting unencrypted root device failed");
"mounting unencrypted root device failed");
}
// Copy device contents from memory to the unencrypted device.
printf("copying root device contents from memory\n");
y_log_message(Y_LOG_LEVEL_DEBUG,
"copying root device contents from memory\n");
command = NULL;
asprintf(&command, "rsync -a %s/ %s",
TMP_LOCATION, UNENCRYPTED_TMP_MOUNTPOINT);
r = system(command);
if (r != 0)
{
printf("copying from memory to unencrypted device failed:"
" return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"copying from memory to unencrypted device failed: return code %d",
r);
return send_simple_response(response, 500, "error",
"copying root device contents from memory failed");
"copying root device contents from memory failed");
}
// Unmount filesystem on unencrypted device.
printf("unmounting unencrypted device at %s\n", UNENCRYPTED_TMP_MOUNTPOINT);
y_log_message(Y_LOG_LEVEL_DEBUG,
"unmounting unencrypted device at %s\n", UNENCRYPTED_TMP_MOUNTPOINT);
r = umount(UNENCRYPTED_TMP_MOUNTPOINT);
if (r != 0)
{
printf("unmounting unencrypted device failed: return code %d\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"unmounting unencrypted device failed: return code %d\n", r);
return send_simple_response(response, 500, "error",
"unmounting unencrypted device failed");
"unmounting unencrypted device failed");
}
// Record that we want to reboot the machine.
......
src/api/encryption_unlock_post.c
+ 2
1
View file @ 43b4672c
......@@ -31,7 +31,8 @@ int callback_encryption_unlock_post(const struct _u_request * request,
if (unlock_status != 0)
{
// Something else went wrong with unlocking.
printf("encryption_unlock failed with status %d\n", unlock_status);
y_log_message(Y_LOG_LEVEL_ERROR,
"encryption_unlock failed with status %d\n", unlock_status);
return send_simple_response(response, 500, "error",
"error during unlocking");
}
......
src/api/ssh_keys_delete.c
+ 2
1
View file @ 43b4672c
......@@ -23,7 +23,8 @@ int callback_ssh_keys_delete(const struct _u_request * request,
int r = parse_int(id_string, &id);
if (r != 0)
{
printf("invalid url parameter `id`: %s\n", id_string);
y_log_message(Y_LOG_LEVEL_WARNING,
"invalid url parameter `id`: %s\n", id_string);
return send_simple_response(response, 400, "error",
"invalid url parameter `id`");
}
......
src/api/ssh_keys_get.c
+ 2
1
View file @ 43b4672c
......@@ -69,7 +69,8 @@ int callback_ssh_keys_get(const struct _u_request * request,
json_t * keys = readAuthorizedKeysToJson();
if (keys == NULL)
{
printf("Could not open authorized_keys file\n");
y_log_message(Y_LOG_LEVEL_ERROR,
"Could not open authorized_keys file\n");
return send_simple_response(response, 500, "error",
"error reading authorized_keys");
}
......
src/api/ssh_keys_post.c
+ 2
1
View file @ 43b4672c
......@@ -25,7 +25,8 @@ int callback_ssh_keys_post(const struct _u_request * request,
// Check if that succeeded.
if (authorized_keys == NULL)
{
printf("Could not open authorized_keys file for writing\n");
y_log_message(Y_LOG_LEVEL_ERROR,
"Could not open authorized_keys file for writing\n");
return send_simple_response(response, 500, "error",
"error opening authorized_keys");
}
......
src/api/ssh_keys_put.c
+ 2
1
View file @ 43b4672c
......@@ -23,7 +23,8 @@ int callback_ssh_keys_put(const struct _u_request * request,
int r = parse_int(id_string, &id);
if (r != 0)
{
printf("invalid url parameter `id`: %s\n", id_string);
y_log_message(Y_LOG_LEVEL_WARNING,
"invalid url parameter `id`: %s\n", id_string);
return send_simple_response(response, 400, "error",
"invalid url parameter `id`");
}
......
src/auxiliary.c
+ 9
9
View file @ 43b4672c
......@@ -3,7 +3,7 @@
*/
void stop_server()
{
printf("Stopping cryptops-api server...\n");
y_log_message(Y_LOG_LEVEL_INFO, "Stopping cryptops-api server...\n");
int fifo;
char fifo_path[] = FIFO_PATH;
fifo = open(fifo_path, O_WRONLY);
......@@ -33,7 +33,7 @@ char * read_from_file(FILE * file)
temp = realloc(str, size + strlength);
if (temp == NULL)
{
printf("Could not allocate memory for file reading\n");
y_log_message(Y_LOG_LEVEL_ERROR, "Could not allocate memory for file reading\n");
return NULL;
}
else
......@@ -95,7 +95,7 @@ unsigned long device_size(char * device_path)
fd = open(device_path, O_RDONLY);
ioctl(fd, BLKGETSIZE, &numblocks);
close(fd);
printf("Number of blocks: %lu, this makes %.3f GB\n",
y_log_message(Y_LOG_LEVEL_DEBUG, "Number of blocks: %lu, this makes %.3f GB\n",
numblocks, (double)numblocks * 512.0 / (1024 * 1024 * 1024));
return (numblocks * 512);
}
......@@ -110,7 +110,7 @@ unsigned long available_memory()
unsigned long free_bytes;
sysinfo(&myinfo);
free_bytes = myinfo.mem_unit * myinfo.freeram;
printf("Free memory: %lu B, %lu MB\n",
y_log_message(Y_LOG_LEVEL_DEBUG, "Free memory: %lu B, %lu MB\n",
free_bytes, free_bytes / 1024 / 1024);
return free_bytes;
}
......@@ -146,16 +146,16 @@ bool filesystem_fits_in_memory(const char * path, double safety_margin)
{
// Something went wrong in determining the filesystem usage.
// Return false as a precaution.
printf("Determining file system usage failed (size: %lu)\n", size);
y_log_message(Y_LOG_LEVEL_ERROR, "Determining file system usage failed (size: %lu)\n", size);
return false;
}
printf("file system usage: %lu bytes\n", size);
y_log_message(Y_LOG_LEVEL_DEBUG, "file system usage: %lu bytes\n", size);
// Determine the available memory.
unsigned long memory = available_memory();
double projected_usage = (double)size / (double)memory;
printf("projected memory usage: %.3f\n", projected_usage);
y_log_message(Y_LOG_LEVEL_DEBUG, "projected memory usage: %.3f\n", projected_usage);
return (projected_usage <= safety_margin);
}
......@@ -234,7 +234,7 @@ int replace_ssh_key(int id, const char * ssh_key)
// Check if that succeeded.
if (authorized_keys_in == NULL)
{
printf("Could not open authorized_keys file for reading\n");
y_log_message(Y_LOG_LEVEL_ERROR, "Could not open authorized_keys file for reading\n");
return -1;
}
......@@ -247,7 +247,7 @@ int replace_ssh_key(int id, const char * ssh_key)
// Check if that succeeded.
if (authorized_keys_out == NULL)
{
printf("Could not open authorized_keys tmp file for writing\n");
y_log_message(Y_LOG_LEVEL_ERROR, "Could not open authorized_keys tmp file for writing\n");
return -2;
}
......
src/cryptops-api.c
+ 1
1
View file @ 43b4672c
......@@ -130,7 +130,7 @@ int main(int argc, char ** argv)
// Check if the encryption/init handler said that we should reboot.
if (reboot)
{
printf("rebooting...");
y_log_message(Y_LOG_LEVEL_ERROR, "rebooting...");
reboot_initrd();
}
......
src/encryption_functions.c
+ 25
19
View file @ 43b4672c
......@@ -13,7 +13,7 @@ static int container_initialise(struct crypt_device ** cd, const char * path,
// Check if the device exists.
if (! path_exists(path))
{
printf("device does not exist: %s.\n", path);
y_log_message(Y_LOG_LEVEL_ERROR, "device does not exist: %s.\n", path);
return 1;
}
......@@ -23,8 +23,8 @@ static int container_initialise(struct crypt_device ** cd, const char * path,
{
if (debug)
{
printf("crypt_init() failed for %s.\n", path);
printf("status: %d.\n", r);
y_log_message(Y_LOG_LEVEL_ERROR,
"crypt_init() failed for '%s', status: %d.\n", path, r);
}
return r;
}
......@@ -35,7 +35,8 @@ static int container_initialise(struct crypt_device ** cd, const char * path,
{
if (debug)
{
printf("crypt_load() failed on device %s.\n",
y_log_message(Y_LOG_LEVEL_ERROR,
"crypt_load() failed on device %s.\n",
crypt_get_device_name(*cd));
}
}
......@@ -84,15 +85,20 @@ static int encryption_unlock(const char * path, const char * device_name,
password, strlen(password), 0);
if (r < 0)
{
printf("Device %s activation failed.\n", device_name);
y_log_message(Y_LOG_LEVEL_ERROR,
"Device %s activation failed.\n", device_name);
crypt_free(cd);
return r;
}
printf("LUKS device %s/%s is active.\n", crypt_get_dir(), device_name);
printf("\tcipher used: %s\n", crypt_get_cipher(cd));
printf("\tcipher mode: %s\n", crypt_get_cipher_mode(cd));
printf("\tdevice UUID: %s\n", crypt_get_uuid(cd));
y_log_message(Y_LOG_LEVEL_DEBUG,
"LUKS device %s/%s is active.\n", crypt_get_dir(), device_name);
y_log_message(Y_LOG_LEVEL_DEBUG, "\tcipher used: %s\n",
crypt_get_cipher(cd));
y_log_message(Y_LOG_LEVEL_DEBUG, "\tcipher mode: %s\n",
crypt_get_cipher_mode(cd));
y_log_message(Y_LOG_LEVEL_DEBUG, "\tdevice UUID: %s\n",
crypt_get_uuid(cd));
crypt_free(cd);
return 0;
......@@ -111,17 +117,17 @@ static int encryption_lock(const char * device_name)
r = crypt_init_by_name(&cd, device_name);
if (r < 0)
{
printf("crypt_init_by_name() failed for %s.\n", device_name);
y_log_message(Y_LOG_LEVEL_ERROR, "crypt_init_by_name() failed for %s.\n", device_name);
return r;
}
if (crypt_status(cd, device_name) == CRYPT_ACTIVE)
{
printf("Device %s is still active.\n", device_name);
y_log_message(Y_LOG_LEVEL_ERROR, "Device %s is still active.\n", device_name);
}
else
{
printf("Something failed perhaps, device %s is not active.\n",
y_log_message(Y_LOG_LEVEL_ERROR, "Something failed perhaps, device %s is not active.\n",
device_name);
crypt_free(cd);
return -1;
......@@ -130,12 +136,12 @@ static int encryption_lock(const char * device_name)
r = crypt_deactivate(cd, device_name);
if (r < 0)
{
printf("crypt_deactivate() failed.\n");
y_log_message(Y_LOG_LEVEL_ERROR, "crypt_deactivate() failed.\n");
crypt_free(cd);
return r;
}
printf("Device %s is now deactivated.\n", device_name);
y_log_message(Y_LOG_LEVEL_ERROR, "Device %s is now deactivated.\n", device_name);
crypt_free(cd);
return 0;
}
......@@ -156,11 +162,11 @@ static int create_encrypted_device(const char * path, const char * password)
r = crypt_init(&cd, path);
if (r < 0 )
{
printf("crypt_init() failed for %s.\n", path);
y_log_message(Y_LOG_LEVEL_ERROR, "crypt_init() failed for %s.\n", path);
return r;
}
printf("Context is attached to block device %s.\n",
y_log_message(Y_LOG_LEVEL_ERROR, "Context is attached to block device %s.\n",
crypt_get_device_name(cd));
params.hash = "sha1";
......@@ -171,7 +177,7 @@ static int create_encrypted_device(const char * path, const char * password)
if (r < 0)
{
printf("crypt_format() failed on device %s\n",
y_log_message(Y_LOG_LEVEL_ERROR, "crypt_format() failed on device %s\n",
crypt_get_device_name(cd));
crypt_free(cd);
return r;
......@@ -181,11 +187,11 @@ static int create_encrypted_device(const char * path, const char * password)
strlen(password));
if (r < 0)
{
printf("Adding keyslot failed.\n");
y_log_message(Y_LOG_LEVEL_ERROR, "Adding keyslot failed.\n");
crypt_free(cd);
return r;
}
printf("The first keyslot is initialized.\n");
y_log_message(Y_LOG_LEVEL_ERROR, "The first keyslot is initialized.\n");
crypt_free(cd);
return 0;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment