From a5f6ab5af03d9be6f3412d4dff67748908799e21 Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Tue, 5 Aug 2025 19:48:08 +0200 Subject: irmd: Add build option to log OAP header info This adds a DEBUG_PROTO_OAP option to show some information in the OAP headers received by the IRMd during flow allocation. Example for unencrypted flow (send): OAP_HDR [528b7bf81df8e9bc @ 2025-08-05 17:05:29 (UTC) ] --> Certificate: Ephemeral Public Key: Data: Signature: Example for encrypted flow (rcv): OAP_HDR [4ff83072e0ed54b3 @ 2025-08-05 17:06:23 (UTC) ] <-- Certificate: Ephemeral Public Key [91 bytes]: Data: Signature: Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders --- src/irmd/CMakeLists.txt | 2 ++ src/irmd/config.h.in | 1 + src/irmd/main.c | 15 ++++++++--- src/irmd/oap.c | 68 +++++++++++++++++++++++++++++++++++++++++++++++++ src/irmd/oap.h | 6 +++++ 5 files changed, 89 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/irmd/CMakeLists.txt b/src/irmd/CMakeLists.txt index fce89bef..312578de 100644 --- a/src/irmd/CMakeLists.txt +++ b/src/irmd/CMakeLists.txt @@ -62,6 +62,8 @@ set(IRMD_PKILL_TIMEOUT 30 CACHE STRING "Number of seconds to wait before sending SIGKILL to subprocesses on exit") set(IRMD_KILL_ALL_PROCESSES TRUE CACHE BOOL "Kill all processes on exit") +set(DEBUG_PROTO_OAP FALSE CACHE BOOL + "Add Flow allocation protocol message output to IRMd debug logging") configure_file("${CMAKE_CURRENT_SOURCE_DIR}/config.h.in" "${CMAKE_CURRENT_BINARY_DIR}/config.h" @ONLY) diff --git a/src/irmd/config.h.in b/src/irmd/config.h.in index aa37b0ac..11b9d11f 100644 --- a/src/irmd/config.h.in +++ b/src/irmd/config.h.in @@ -67,6 +67,7 @@ #cmakedefine IRMD_KILL_ALL_PROCESSES #cmakedefine HAVE_LIBGCRYPT #cmakedefine HAVE_OPENSSL +#cmakedefine DEBUG_PROTO_OAP #define O7S_ASCII_ART \ "\n" \ diff --git a/src/irmd/main.c b/src/irmd/main.c index a5c4001e..bf94354f 100644 --- a/src/irmd/main.c +++ b/src/irmd/main.c @@ -830,7 +830,9 @@ static int flow_accept(struct flow_info * flow, if (delta < -TIMESYNC_SLACK) log_warn("Flow alloc sent from the future (%zd ms).", -delta); - +#ifdef DEBUG_PROTO_OAP + debug_oap_hdr_rcv(&oap_hdr); +#endif if (flow->qs.cypher_s != 0) { /* crypto requested */ uint8_t * s; /* symmetric encryption key */ ssize_t key_len; /* length of local pubkey */ @@ -875,7 +877,9 @@ static int flow_accept(struct flow_info * flow, err = -ENOMEM; goto fail_r_oap_hdr; } - +#ifdef DEBUG_PROTO_OAP + debug_oap_hdr_snd(&oap_hdr); +#endif if (ipcp_flow_alloc_resp(flow, 0, r_oap_hdr.hdr) < 0) { log_err("Failed to respond to flow allocation."); goto fail_resp; @@ -1101,6 +1105,9 @@ static int flow_alloc(struct flow_info * flow, err = -ENOMEM; goto fail_oap_hdr; } +#ifdef DEBUG_PROTO_OAP + debug_oap_hdr_snd(&oap_hdr); +#endif log_info("Allocating flow for %d to %s.", flow->n_pid, dst); @@ -1154,7 +1161,9 @@ static int flow_alloc(struct flow_info * flow, err = -EIPCP; goto fail_r_oap_hdr; } - +#ifdef DEBUG_PROTO_OAP + debug_oap_hdr_rcv(&r_oap_hdr); +#endif if (memcmp(r_oap_hdr.id.data, oap_hdr.id.data, r_oap_hdr.id.len) != 0) { log_err("OAP ID mismatch in flow allocation."); err = -EIPCP; diff --git a/src/irmd/oap.c b/src/irmd/oap.c index d5e5b7cc..500da6f1 100644 --- a/src/irmd/oap.c +++ b/src/irmd/oap.c @@ -26,10 +26,16 @@ #define _POSIX_C_SOURCE 200809L #endif +#define OUROBOROS_PREFIX "irmd/oap" + #include #include +#include +#include #include +#include "config.h" + #include "oap.h" #include @@ -217,4 +223,66 @@ int oap_hdr_decode(buffer_t hdr, return -1; } +#ifdef DEBUG_PROTO_OAP +static void debug_oap_hdr(const struct oap_hdr * hdr) +{ + assert(hdr); + + if (hdr->crt.len > 0) + log_proto(" Certificate: [%zu bytes]", hdr->crt.len); + else + log_proto(" Certificate: "); + + if (hdr->eph.len > 0) + log_proto(" Ephemeral Public Key: [%zu bytes]", hdr->eph.len); + else + log_proto(" Ephemeral Public Key: "); + if (hdr->data.len > 0) + log_proto(" Data: [%zu bytes]", hdr->data.len); + else + log_proto(" Data: "); + if (hdr->sig.len > 0) + log_proto(" Signature: [%zu bytes]", hdr->sig.len); + else + log_proto(" Signature: "); +} + +void debug_oap_hdr_rcv(const struct oap_hdr * hdr) +{ + struct tm * tm; + char tmstr[RIB_TM_STRLEN]; + time_t stamp; + + assert(hdr); + + stamp = (time_t) hdr->timestamp / BILLION; + + tm = gmtime(&stamp); + strftime(tmstr, sizeof(tmstr), RIB_TM_FORMAT, tm); + + log_proto("OAP_HDR [" HASH_FMT64 " @ %s ] <--", + HASH_VAL64(hdr->id.data), tmstr); + + debug_oap_hdr(hdr); +} + +void debug_oap_hdr_snd(const struct oap_hdr * hdr) +{ + struct tm * tm; + char tmstr[RIB_TM_STRLEN]; + time_t stamp; + + assert(hdr); + + stamp = (time_t) hdr->timestamp / BILLION; + + tm = gmtime(&stamp); + strftime(tmstr, sizeof(tmstr), RIB_TM_FORMAT, tm); + + log_proto("OAP_HDR [" HASH_FMT64 " @ %s ] -->", + HASH_VAL64(hdr->id.data), tmstr); + + debug_oap_hdr(hdr); +} +#endif diff --git a/src/irmd/oap.h b/src/irmd/oap.h index 460a89de..ccdfa804 100644 --- a/src/irmd/oap.h +++ b/src/irmd/oap.h @@ -85,4 +85,10 @@ void oap_hdr_fini(struct oap_hdr * oap_hdr); int oap_hdr_decode(buffer_t hdr, struct oap_hdr * oap_hdr); +#ifdef DEBUG_PROTO_OAP +void debug_oap_hdr_snd(const struct oap_hdr * hdr); + +void debug_oap_hdr_rcv(const struct oap_hdr * hdr); +#endif /* DEBUG_PROTO_OAP */ + #endif /* OUROBOROS_IRMD_OAP_H */ -- cgit v1.2.3