Allow log messages to be captured by tincctl.

This allows tincctl to receive log messages from a running tincd,
independent of what is logged to syslog or to file. Tincctl can receive
debug messages with an arbitrary level.

src/openssl/cipher.c

@@ -44,7 +44,7 @@ bool cipher_open_by_name(cipher_t *cipher, const char *name) {
 	if(cipher->cipher)
 		return cipher_open(cipher);
 
-	logger(LOG_ERR, "Unknown cipher name '%s'!", name);
+	logger(DEBUG_ALWAYS, LOG_ERR, "Unknown cipher name '%s'!", name);
 	return false;
 }
 
@@ -54,7 +54,7 @@ bool cipher_open_by_nid(cipher_t *cipher, int nid) {
 	if(cipher->cipher)
 		return cipher_open(cipher);
 
-	logger(LOG_ERR, "Unknown cipher nid %d!", nid);
+	logger(DEBUG_ALWAYS, LOG_ERR, "Unknown cipher nid %d!", nid);
 	return false;
 }
 
@@ -86,7 +86,7 @@ bool cipher_set_key(cipher_t *cipher, void *key, bool encrypt) {
 	if(result)
 		return true;
 
-	logger(LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;
 }
 
@@ -101,14 +101,14 @@ bool cipher_set_key_from_rsa(cipher_t *cipher, void *key, size_t len, bool encry
 	if(result)
 		return true;
 
-	logger(LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;
 }
 
 bool cipher_set_counter_key(cipher_t *cipher, void *key) {
 	int result = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, NULL);
 	if(!result) {
-		logger(LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 
@@ -124,7 +124,7 @@ bool cipher_set_counter_key(cipher_t *cipher, void *key) {
 
 bool cipher_counter_xor(cipher_t *cipher, const void *indata, size_t inlen, void *outdata) {
 	if(!cipher->counter) {
-		logger(LOG_ERR, "Counter not initialized");
+		logger(DEBUG_ALWAYS, LOG_ERR, "Counter not initialized");
 		return false;
 	}
 
@@ -136,7 +136,7 @@ bool cipher_counter_xor(cipher_t *cipher, const void *indata, size_t inlen, void
 		if(!cipher->counter->n) {
 			int len;
 			if(!EVP_EncryptUpdate(&cipher->ctx, cipher->counter->block, &len, cipher->counter->counter, cipher->cipher->block_size)) {
-				logger(LOG_ERR, "Error while encrypting: %s", ERR_error_string(ERR_get_error(), NULL));
+				logger(DEBUG_ALWAYS, LOG_ERR, "Error while encrypting: %s", ERR_error_string(ERR_get_error(), NULL));
 				return false;
 			}
 
@@ -173,7 +173,7 @@ bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou
 		}
 	}
 
-	logger(LOG_ERR, "Error while encrypting: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Error while encrypting: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;
 }
 
@@ -194,7 +194,7 @@ bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou
 		}
 	}
 
-	logger(LOG_ERR, "Error while decrypting: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Error while decrypting: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;
 }
 

src/openssl/digest.c

@@ -41,7 +41,7 @@ bool digest_open_by_name(digest_t *digest, const char *name, int maclength) {
 	digest->key = NULL;
 
 	if(!digest->digest) {
-		logger(LOG_DEBUG, "Unknown digest name '%s'!", name);
+		logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest name '%s'!", name);
 		return false;
 	}
 
@@ -54,7 +54,7 @@ bool digest_open_by_nid(digest_t *digest, int nid, int maclength) {
 	digest->key = NULL;
 
 	if(!digest->digest) {
-		logger(LOG_DEBUG, "Unknown digest nid %d!", nid);
+		logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest nid %d!", nid);
 		return false;
 	}
 
@@ -95,7 +95,7 @@ bool digest_create(digest_t *digest, const void *indata, size_t inlen, void *out
 		if(!EVP_DigestInit(&ctx, digest->digest)
 				|| !EVP_DigestUpdate(&ctx, indata, inlen)
 				|| !EVP_DigestFinal(&ctx, tmpdata, NULL)) {
-			logger(LOG_DEBUG, "Error creating digest: %s", ERR_error_string(ERR_get_error(), NULL));
+			logger(DEBUG_ALWAYS, LOG_DEBUG, "Error creating digest: %s", ERR_error_string(ERR_get_error(), NULL));
 			return false;
 		}
 	}

src/openssl/ecdh.c

@@ -31,19 +31,19 @@
 bool ecdh_generate_public(ecdh_t *ecdh, void *pubkey) {
 	*ecdh = EC_KEY_new_by_curve_name(NID_secp521r1);
 	if(!EC_KEY_generate_key(*ecdh)) {
-		logger(LOG_ERR, "Generating EC key failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Generating EC key failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 	
 	const EC_POINT *point = EC_KEY_get0_public_key(*ecdh);
 	if(!point) {
-		logger(LOG_ERR, "Getting public key failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Getting public key failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 
 	size_t result = EC_POINT_point2oct(EC_KEY_get0_group(*ecdh), point, POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL);
 	if(!result) {
-		logger(LOG_ERR, "Converting EC_POINT to binary failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Converting EC_POINT to binary failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 
@@ -53,13 +53,13 @@ bool ecdh_generate_public(ecdh_t *ecdh, void *pubkey) {
 bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) {
 	EC_POINT *point = EC_POINT_new(EC_KEY_get0_group(*ecdh));
 	if(!point) {
-		logger(LOG_ERR, "EC_POINT_new() failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_ERR, "EC_POINT_new() failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 
 	int result = EC_POINT_oct2point(EC_KEY_get0_group(*ecdh), point, pubkey, ECDH_SIZE, NULL);
 	if(!result) {
-		logger(LOG_ERR, "Converting binary to EC_POINT failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Converting binary to EC_POINT failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 
@@ -69,7 +69,7 @@ bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) {
 	*ecdh = NULL;
 
 	if(!result) {
-		logger(LOG_ERR, "Computing Elliptic Curve Diffie-Hellman shared key failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Computing Elliptic Curve Diffie-Hellman shared key failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 

src/openssl/ecdsa.c

@@ -37,7 +37,7 @@ bool ecdsa_set_base64_public_key(ecdsa_t *ecdsa, const char *p) {
 	len = b64decode(p, (char *)pubkey, len);
 
 	if(!o2i_ECPublicKey(ecdsa, &ppubkey, len)) {
-		logger(LOG_DEBUG, "o2i_ECPublicKey failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_DEBUG, "o2i_ECPublicKey failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 
@@ -64,7 +64,7 @@ bool ecdsa_read_pem_public_key(ecdsa_t *ecdsa, FILE *fp) {
 	if(*ecdsa)
 		return true;
 
-	logger(LOG_ERR, "Unable to read ECDSA public key: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA public key: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;
 }
 
@@ -74,7 +74,7 @@ bool ecdsa_read_pem_private_key(ecdsa_t *ecdsa, FILE *fp) {
 	if(*ecdsa)
 		return true;
 	
-	logger(LOG_ERR, "Unable to read ECDSA private key: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA private key: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;
 }
 
@@ -93,7 +93,7 @@ bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t len, void *sig) {
 	memset(sig, 0, siglen);
 
 	if(!ECDSA_sign(0, hash, sizeof hash, sig, &siglen, *ecdsa)) {
-		logger(LOG_DEBUG, "ECDSA_sign() failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_DEBUG, "ECDSA_sign() failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 
@@ -107,7 +107,7 @@ bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t len, const void *sig) {
 	SHA512(in, len, hash);
 
 	if(!ECDSA_verify(0, hash, sizeof hash, sig, siglen, *ecdsa)) {
-		logger(LOG_DEBUG, "ECDSA_verify() failed: %s", ERR_error_string(ERR_get_error(), NULL));
+		logger(DEBUG_ALWAYS, LOG_DEBUG, "ECDSA_verify() failed: %s", ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 

src/openssl/rsa.c

@@ -55,7 +55,7 @@ bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp) {
 	if(*rsa)
 		return true;
 
-	logger(LOG_ERR, "Unable to read RSA public key: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA public key: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;
 }
 
@@ -65,7 +65,7 @@ bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp) {
 	if(*rsa)
 		return true;
 	
-	logger(LOG_ERR, "Unable to read RSA private key: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA private key: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;
 }
 
@@ -77,7 +77,7 @@ bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) {
 	if(RSA_public_encrypt(len, in, out, *rsa, RSA_NO_PADDING) == len)
 		return true;
 
-	logger(LOG_ERR, "Unable to perform RSA encryption: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Unable to perform RSA encryption: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;	
 }
 
@@ -85,7 +85,7 @@ bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) {
 	if(RSA_private_decrypt(len, in, out, *rsa, RSA_NO_PADDING) == len)
 		return true;
 
-	logger(LOG_ERR, "Unable to perform RSA decryption: %s", ERR_error_string(ERR_get_error(), NULL));
+	logger(DEBUG_ALWAYS, LOG_ERR, "Unable to perform RSA decryption: %s", ERR_error_string(ERR_get_error(), NULL));
 	return false;	
 }