introduced printf() specifiers for:
authorMartin Willi <martin@strongswan.org>
Wed, 27 Sep 2006 14:14:44 +0000 (14:14 -0000)
committerMartin Willi <martin@strongswan.org>
Wed, 27 Sep 2006 14:14:44 +0000 (14:14 -0000)
  host_t (%H)
  identification_t (%D)
  chunk pointers (%B)
  memory pointer/length (%b)
added a signaling bus:
  receives event and debug messages, sends them to its listeners
  stream_logger, sys_logger, file_logger added, listen to bus
some other tweaks here and there

26 files changed:
src/charon/Makefile.am
src/charon/bus/bus.c [new file with mode: 0644]
src/charon/bus/bus.h [new file with mode: 0644]
src/charon/bus/listeners/file_logger.c [new file with mode: 0644]
src/charon/bus/listeners/file_logger.h [new file with mode: 0644]
src/charon/bus/listeners/stream_logger.c [new file with mode: 0644]
src/charon/bus/listeners/stream_logger.h [new file with mode: 0644]
src/charon/bus/listeners/sys_logger.c [new file with mode: 0644]
src/charon/bus/listeners/sys_logger.h [new file with mode: 0644]
src/charon/config/connections/local_connection_store.c
src/charon/config/credentials/local_credential_store.c
src/charon/config/policies/local_policy_store.c
src/charon/daemon.c
src/charon/daemon.h
src/charon/network/socket.c
src/charon/queues/jobs/delete_child_sa_job.c
src/charon/queues/jobs/incoming_packet_job.c
src/charon/queues/send_queue.c
src/charon/sa/authenticator.c
src/charon/sa/child_sa.c
src/charon/sa/ike_sa.c
src/charon/sa/ike_sa_manager.c
src/charon/sa/transactions/ike_auth.c
src/charon/sa/transactions/ike_sa_init.c
src/charon/testing/certificate_test.c
src/charon/threads/stroke_interface.c

index 330aefc..b8dc4d7 100644 (file)
@@ -3,6 +3,10 @@
 ipsec_PROGRAMS = charon
 
 charon_SOURCES = \
+bus/bus.c bus/bus.h \
+bus/listeners/stream_logger.c bus/listeners/stream_logger.h \
+bus/listeners/sys_logger.c bus/listeners/sys_logger.h \
+bus/listeners/file_logger.c bus/listeners/file_logger.h \
 config/connections/connection.c config/connections/connection.h \
 config/connections/local_connection_store.c config/connections/local_connection_store.h config/connections/connection_store.h \
 config/policies/policy.c config/policies/policy.h \
diff --git a/src/charon/bus/bus.c b/src/charon/bus/bus.c
new file mode 100644 (file)
index 0000000..1e5ff98
--- /dev/null
@@ -0,0 +1,142 @@
+/**
+ * @file bus.c
+ *
+ * @brief Implementation of bus_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "bus.h"
+
+typedef struct private_bus_t private_bus_t;
+
+/**
+ * Private data of a bus_t object.
+ */
+struct private_bus_t {
+       /**
+        * Public part of a bus_t object.
+        */
+       bus_t public;
+       
+       /**
+        * List of registered listeners implementing the bus_t interface
+        */
+       linked_list_t *listeners;
+       
+       /**
+        * Thread local storage for a unique, simple thread ID
+        */
+       pthread_key_t thread_id;
+       
+       /**
+        * Thread local storage the threads IKE_SA
+        */
+       pthread_key_t thread_sa;
+       
+};
+
+/**
+ * Get a unique thread number for a calling thread. Since
+ * pthread_self returns large and ugly numbers, use this function
+ * for logging; these numbers are incremental starting at 1
+ */
+static int get_thread_number(private_bus_t *this)
+{
+       static int current_num = 0, stored_num;
+       
+       stored_num = (int)pthread_getspecific(this->thread_id);
+       if (stored_num == 0)
+       {       /* first call of current thread */
+               pthread_setspecific(this->thread_id, (void*)++current_num);
+               return current_num;
+       }
+       else
+       {
+               return stored_num;
+       }
+}
+
+/**
+ * Implementation of bus_t.add_listener.
+ */
+static void add_listener(private_bus_t *this, bus_listener_t *listener)
+{
+       this->listeners->insert_last(this->listeners, (void*)listener);
+}
+
+/**
+ * Implementation of bus_t.set_sa.
+ */
+static void set_sa(private_bus_t *this, ike_sa_t *ike_sa)
+{
+       pthread_setspecific(this->thread_sa, ike_sa);
+}
+
+/**
+ * Implementation of bus_t.signal.
+ */
+static void signal_(private_bus_t *this, signal_t signal, level_t condition,
+                                       char* format, ...)
+{
+       iterator_t *iterator;
+       bus_listener_t *listener;
+       va_list args;
+       ike_sa_t *ike_sa;
+       int thread;
+       
+       ike_sa = pthread_getspecific(this->thread_sa);
+       thread = get_thread_number(this);
+       va_start(args, format);
+       
+       iterator = this->listeners->create_iterator(this->listeners, TRUE);
+       while (iterator->iterate(iterator, (void**)&listener))
+       {
+               listener->signal(listener, thread, ike_sa,
+                                                signal, condition, format, args);
+       }
+       iterator->destroy(iterator);
+       va_end(args);
+}
+
+/**
+ * Implementation of bus_t.destroy.
+ */
+static void destroy(private_bus_t *this)
+{
+       this->listeners->destroy(this->listeners);
+       free(this);
+}
+
+/*
+ * Described in header.
+ */
+bus_t *bus_create()
+{
+       private_bus_t *this = malloc_thing(private_bus_t);
+       
+       this->public.add_listener = (void(*)(bus_t*,bus_listener_t*))add_listener;
+       this->public.set_sa = (void(*)(bus_t*,ike_sa_t*))set_sa;
+       this->public.signal = (void(*)(bus_t*,signal_t,level_t,char*,...))signal_;
+       this->public.destroy = (void(*)(bus_t*)) destroy;
+       
+       this->listeners = linked_list_create();
+       pthread_key_create(&this->thread_id, NULL);
+       pthread_key_create(&this->thread_sa, NULL);
+       
+       return &(this->public);
+}
diff --git a/src/charon/bus/bus.h b/src/charon/bus/bus.h
new file mode 100644 (file)
index 0000000..cce1f42
--- /dev/null
@@ -0,0 +1,232 @@
+/**
+ * @file bus.h
+ *
+ * @brief Interface of bus_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef BUS_H_
+#define BUS_H_
+
+#include <stdarg.h>
+
+#include <sa/ike_sa.h>
+#include <sa/child_sa.h>
+
+
+/**
+ * @brief Raise a signal for an occured event.
+ *
+ * @param sig          signal_t signal description
+ * @param level                level for the signal
+ * @param format       printf() style format string
+ * @param ...          printf() style agument list
+ */
+#define SIG(sig, level, format, ...) charon->bus->signal(charon->bus, sig, level, format, ##__VA_ARGS__)
+
+/**
+ * @brief Set the IKE_SA the calling thread is using.
+ *
+ * @param ike_sa       ike_sa to register, or NULL to unregister
+ */
+#define SIG_SA(ike_sa) charon->bus->set_sa(charon->bus, ike_sa)
+
+/**
+ * @brief Log a debug message via the signal bus.
+ *
+ * @param signal       signal_t signal description
+ * @param format       printf() style format string
+ * @param ...          printf() style agument list
+ */
+#define DBG1(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG1, format, ##__VA_ARGS__)
+#define DBG2(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG2, format, ##__VA_ARGS__)
+#define DBG3(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG3, format, ##__VA_ARGS__)
+#define DBG4(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG4, format, ##__VA_ARGS__)
+
+
+typedef enum signal_t signal_t;
+
+enum signal_t {
+       /** an IKE_SA has been established */
+       SIG_IKE_UP,
+       /** an IKE_SA has been closed */
+       SIG_IKE_DOWN,
+       /** an IKE_SA has been rekeyed */
+       SIG_IKE_REKEY,
+       /** a CHILD_SA has been installed */
+       SIG_CHILD_UP,
+       /** a CHILD_SA has been closed */
+       SIG_CHILD_DOWN,
+       /** a CHILD_SA has been rekeyed */
+       SIG_CHILD_REKEY,
+       /** a CHILD_SA has been routed */
+       SIG_CHILD_ROUTE,
+       /** a CHILD_SA has been unrouted */
+       SIG_CHILD_UNROUTE,
+       /** a remote peer has been authenticated using RSA digital signature */
+       SIG_AUTH_RSA,
+       /** a remote peer has been authenticated using preshared keys */
+       SIG_AUTH_PSK,
+       
+       /** debugging message printed from an IKE_SA */
+       SIG_DBG_IKE,
+       /** debugging message printed from a CHILD_SA */
+       SIG_DBG_CHD,
+       /** debugging message printed from job processing */
+       SIG_DBG_JOB,
+       /** debugging message printed from configuration backends */
+       SIG_DBG_CFG,
+       /** debugging message printed from kernel interface */
+       SIG_DBG_KNL,
+       /** debugging message printed from networking */
+       SIG_DBG_NET,
+       /** debugging message printed from message encoding/decoding */
+       SIG_DBG_ENC,
+       
+       SIG_MAX,
+};
+
+typedef enum level_t level_t;
+
+enum level_t {
+       /** Signal indicates something has failed */
+       LEV_FAILED,
+       /** Signal indicates something was successful */
+       LEV_SUCCESS,
+       /** Debug level 1, control flow messages */
+       LEV_DBG1,
+       /** Debug level 2, more detail informational messages */
+       LEV_DBG2,
+       /** Debug level 3, RAW data output */
+       LEV_DBG3,
+       /** Debug level 4, RAW data with sensitive (private) data */
+       LEV_DBG4,
+};
+
+typedef struct bus_listener_t bus_listener_t;
+
+/**
+ * @brief Interface for registering at the signal bus.
+ *
+ * To receive signals from the bus, the client implementing the
+ * bus_listener_t interface registers itself at the signal bus.
+ *
+ * @ingroup bus
+ */
+struct bus_listener_t {
+       
+       /**
+        * @brief Send a signal to a bus listener.
+        *
+        * A numerical identification for the thread is included, as the
+        * associated IKE_SA, if any. Signal specifies the type of
+        * the event occured, with a verbosity level. The format string specifies
+        * an additional informational or error message with a printf() like
+        * variable argument list. This is in the va_list form, as forwarding
+        * a "..." parameters to functions is not (cleanly) possible.
+        *
+        * @param this          listener
+        * @param thread        ID of the thread raised this signal
+        * @param ike_sa        IKE_SA associated to the event
+        * @param singal        kind of the signal (up, down, rekeyed, ...)
+        * @param level         level for signal
+        * @param format        printf() style format string
+        * @param args          vprintf() style va_list argument list
+        */
+       void (*signal) (bus_listener_t *this, int thread, ike_sa_t *ike_sa,
+                                       signal_t signal, level_t level, char* format, va_list args);
+};
+
+
+typedef struct bus_t bus_t;
+
+/**
+ * @brief Signal bus which sends signals to registered listeners.
+ *
+ * The signal bus is not much more than a multiplexer. A listener interested
+ * in receiving event signals registers at the bus. Any signals sent to
+ * are delivered to all registered listeners.
+ * 
+ *
+ * @ingroup bus
+ */
+struct bus_t {
+       
+       /**
+        * @brief Register a listener to the bus.
+        *
+        * A registered listener receives all signals which are sent to the bus.
+        *
+        * @param this          bus
+        * @param listener      listener to register.
+        */
+       void (*add_listener) (bus_t *this, bus_listener_t *listener);
+       
+       /**
+        * @brief Set the IKE_SA the calling thread is using.
+        *
+        * To associate an received signal to an IKE_SA without passing it as
+        * parameter each time, the thread registers it's used IKE_SA each
+        * time it checked it out. Before checking it in, the thread unregisters
+        * the IKE_SA (by passing NULL). This IKE_SA is stored per-thread, so each
+        * thread has one IKE_SA registered (or not).
+        * There is a macro to simplify the call.
+        * @see SIG_SA()
+        * 
+        * @param this          bus
+        * @param ike_sa        ike_sa to register, or NULL to unregister
+        */
+       void (*set_sa) (bus_t *this, ike_sa_t *ike_sa);
+       
+       /**
+        * @brief Send a signal to the bus.
+        *
+        * A signal may belong to an IKE_SA and a CHILD_SA. If so, these
+        * are supplied to the signal function. The signal specifies the type of
+        * the event occured. The format string specifies an additional
+        * informational or error message with a printf() like variable argument
+        * list.
+        * Some useful macros may be available to shorten this call.
+        * @see SIG(), DBG1()
+        *
+        * @param this          bus
+        * @param singal        kind of the signal (up, down, rekeyed, ...)
+        * @param level         status level of the signal to send
+        * @param format        printf() style format string
+        * @param ...           printf() style argument list
+        */
+       void (*signal) (bus_t *this, signal_t signal, level_t level, char* format, ...);
+       
+       /**
+        * @brief Destroy the signal bus.
+        *
+        * @param this          bus to destroy
+        */
+       void (*destroy) (bus_t *this);
+};
+
+/**
+ * @brief Create the signal bus which multiplexes signals to its listeners.
+ *
+ * @return             signal bus instance
+ * 
+ * @ingroup bus
+ */
+bus_t *bus_create();
+
+#endif /* BUS_H_ */
diff --git a/src/charon/bus/listeners/file_logger.c b/src/charon/bus/listeners/file_logger.c
new file mode 100644 (file)
index 0000000..4a2fe4b
--- /dev/null
@@ -0,0 +1,179 @@
+/**
+ * @file file_logger.c
+ *
+ * @brief Implementation of file_logger_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/* for fmemopen() */
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <string.h>
+
+#include "file_logger.h"
+
+#include <bus/listeners/stream_logger.h>
+
+
+typedef struct private_file_logger_t private_file_logger_t;
+
+/**
+ * Private data of a file_logger_t object
+ */
+struct private_file_logger_t {
+       
+       /**
+        * Public data.
+        */
+       file_logger_t public;
+       
+       /**
+        * output file
+        */
+       FILE *out;
+       
+       /**
+        * Internal used stream logger that does the dirty work
+        */
+       stream_logger_t *logger;
+       
+       /**
+        * Memory stream used for stream_logger
+        */
+       FILE *stream;
+       
+       /**
+        * Underlying buffer for stream
+        */
+       char buffer[4096];
+};
+
+
+/**
+ * Implementation of bus_listener_t.signal.
+ */
+static void signal_(private_file_logger_t *this, int thread, ike_sa_t* ike_sa,
+                                       signal_t signal, level_t level,
+                                       char *format, va_list args)
+{
+       char line[512];
+       char *prefix;
+       FILE *reader;
+       
+       switch (signal)
+       {
+               case SIG_IKE_UP:
+               case SIG_IKE_DOWN:
+               case SIG_IKE_REKEY:
+               case SIG_DBG_IKE:
+                       prefix = "IKE";
+                       break;
+               case SIG_DBG_CHD:
+                       prefix = "CHD";
+                       break;
+               case SIG_DBG_JOB:
+                       prefix = "JOG";
+                       break;
+               case SIG_DBG_CFG:
+                       prefix = "CFG";
+                       break;
+               case SIG_DBG_KNL:
+                       prefix = "KNL";
+                       break;
+               case SIG_DBG_NET:
+                       prefix = "NET";
+                       break;
+               case SIG_DBG_ENC:
+                       prefix = "ENC";
+                       break;
+               default:
+                       prefix = "???";
+                       break;
+       }
+       
+       flockfile(this->stream);
+       /* reset memory stream */
+       rewind(this->stream);
+       memset(this->buffer, '\0', sizeof(this->buffer));
+       /* log to memstream */
+       this->logger->listener.signal(&this->logger->listener, thread, ike_sa,
+                                                                 signal, level, format, args);
+       /* flush is needed to append a '\0' */
+       fflush(this->stream);
+       
+       /* create a reader stream that reads out line by line */
+       reader = fmemopen(this->buffer, sizeof(this->buffer), "r");
+       
+       while (fgets(line, sizeof(line), reader))
+       {
+               if (line[0] == '\0')
+               {
+                       /* abort on EOF */
+                       break;
+               }
+               else if (line[0] != '\n')
+               {
+                       fprintf(this->out, "%.2d[%s] %s", thread, prefix, line);
+               }
+       }
+       fclose(reader);
+       funlockfile(this->stream);
+}
+
+/**
+ * Implementation of file_logger_t.set_level.
+ */
+static void set_level(private_file_logger_t *this, signal_t signal, level_t max)
+{
+       this->logger->set_level(this->logger, signal, max);
+}
+
+/**
+ * Implementation of file_logger_t.destroy.
+ */
+static void destroy(private_file_logger_t *this)
+{
+       fclose(this->stream);
+       this->logger->destroy(this->logger);
+       free(this);
+}
+
+/*
+ * Described in header.
+ */
+file_logger_t *file_logger_create(FILE *out)
+{
+       private_file_logger_t *this = malloc_thing(private_file_logger_t);
+       
+       /* public functions */
+       this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
+       this->public.set_level = (void(*)(file_logger_t*,signal_t,level_t))set_level;
+       this->public.destroy = (void(*)(file_logger_t*))destroy;
+       
+       /* private variables */
+       this->out = out;
+       this->stream = fmemopen(this->buffer, sizeof(this->buffer), "w");
+       if (this->stream == NULL)
+       {
+               /* fallback to stderr */
+               this->stream = stderr;
+       }
+       this->logger = stream_logger_create(this->stream);
+       
+       return &this->public;
+}
diff --git a/src/charon/bus/listeners/file_logger.h b/src/charon/bus/listeners/file_logger.h
new file mode 100644 (file)
index 0000000..2ca028b
--- /dev/null
@@ -0,0 +1,74 @@
+/**
+ * @file file_logger.h
+ *
+ * @brief Interface of file_logger_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef FILE_LOGGER_H_
+#define FILE_LOGGER_H_
+
+#include <bus/bus.h>
+
+
+typedef struct file_logger_t file_logger_t;
+
+/**
+ * @brief Logger to files which implements bus_listener_t.
+ * 
+ * @b Constructors:
+ *  - file_logger_create()
+ * 
+ * @ingroup listeners
+ */
+struct file_logger_t {
+       
+       /**
+        * Implements the bus_listener_t interface.
+        */
+       bus_listener_t listener;
+       
+       /**
+        * @brief Set the loglevel for a signal type.
+        *
+        * @param this          stream_logger_t object
+        * @param singal        type of signal
+        * @param level         max level to log
+        */
+       void (*set_level) (file_logger_t *this, signal_t signal, level_t level);
+       
+       /**
+        * @brief Destroys a file_logger_t object.
+        *
+        * @param this          file_logger_t object
+        */
+       void (*destroy) (file_logger_t *this);
+};
+
+/**
+ * @brief Constructor to create a file_logger_t object.
+ *
+ * @param out          FILE to write to
+ * @return                     file_logger_t object
+ *
+ * @ingroup listeners
+ */
+file_logger_t *file_logger_create(FILE *out);
+
+
+#endif /* FILE_LOGGER_H_ */
diff --git a/src/charon/bus/listeners/stream_logger.c b/src/charon/bus/listeners/stream_logger.c
new file mode 100644 (file)
index 0000000..7021872
--- /dev/null
@@ -0,0 +1,141 @@
+/**
+ * @file stream_logger.c
+ *
+ * @brief Implementation of stream_logger_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+#include <stdio.h>
+#include <pthread.h>
+
+#include "stream_logger.h"
+
+
+typedef struct private_stream_logger_t private_stream_logger_t;
+
+/**
+ * @brief Private data of a stream_logger_t object.
+ */
+struct private_stream_logger_t {
+       
+       /**
+        * Public data
+        */
+       stream_logger_t public;
+       
+       /**
+        * Maximum level to log
+        */
+       level_t max;
+       
+       /**
+        * stream to write log output to
+        */
+       FILE *out;
+};
+
+/**
+ * Implementation of bus_listener_t.signal.
+ */
+static void signal_(private_stream_logger_t *this, int thread,
+                                       ike_sa_t* ike_sa, signal_t signal, level_t level,
+                                       char *format, va_list args)
+{
+       FILE *o = this->out;
+       
+       flockfile(o);
+       
+       if (level <= this->max)
+       {
+               /* then print the info */
+               switch (signal)
+               {
+                       case SIG_IKE_UP:
+                       {
+                               if (level == LEV_SUCCESS)
+                               {
+                                       fprintf(o, "established: %H[%D]...%H[%D]\n",
+                                                       ike_sa->get_my_host(ike_sa), ike_sa->get_my_id(ike_sa),
+                                                       ike_sa->get_other_host(ike_sa), ike_sa->get_other_id(ike_sa));
+                               }
+                               else
+                               {
+                                       fprintf(o, "establishing failed: %H[%D]...%H[%D]:\n",
+                                                       ike_sa->get_my_host(ike_sa), ike_sa->get_my_id(ike_sa),
+                                                       ike_sa->get_other_host(ike_sa), ike_sa->get_other_id(ike_sa));
+                                       fprintf(o, "  ");
+                                       vfprintf(o, format, args);
+                                       fprintf(o, "\n");
+                               }
+                               break;
+                       }
+                       case SIG_DBG_IKE:
+                       case SIG_DBG_CHD:
+                       case SIG_DBG_JOB:
+                       case SIG_DBG_CFG:
+                       case SIG_DBG_KNL:
+                       case SIG_DBG_NET:
+                       case SIG_DBG_ENC:
+                       {
+                               vfprintf(o, format, args);
+                               fprintf(o, "\n");
+                               break;
+                       }
+                       default:
+                               break;
+               }
+       }
+       
+       funlockfile(o);
+}
+
+/**
+ * Implementation of stream_logger_t.set_level.
+ */
+static void set_level(private_stream_logger_t *this, signal_t signal, level_t max)
+{
+       this->max = max;
+}
+
+/**
+ * Implementation of stream_logger_t.destroy.
+ */
+static void destroy(private_stream_logger_t *this)
+{
+       free(this);
+}
+
+/*
+ * Described in header.
+ */
+stream_logger_t *stream_logger_create(FILE *out)
+{
+       private_stream_logger_t *this = malloc_thing(private_stream_logger_t);
+       
+       /* public functions */
+       this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
+       this->public.set_level = (void(*)(stream_logger_t*,signal_t,level_t))set_level;
+       this->public.destroy = (void(*)(stream_logger_t*))destroy;
+       
+       /* private variables */
+       this->max = LEV_DBG4;
+       this->out = out;
+       
+       return &this->public;
+}
diff --git a/src/charon/bus/listeners/stream_logger.h b/src/charon/bus/listeners/stream_logger.h
new file mode 100644 (file)
index 0000000..62d6c5a
--- /dev/null
@@ -0,0 +1,75 @@
+/**
+ * @file stream_logger.h
+ *
+ * @brief Interface of stream_logger_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef STREAM_LOGGER_H_
+#define STREAM_LOGGER_H_
+
+#include <stdio.h>
+
+#include <types.h>
+#include <bus/bus.h>
+
+typedef struct stream_logger_t stream_logger_t;
+
+/**
+ * @brief Logger for a file stream which implements bus_listener_t.
+ * 
+ * @b Constructors:
+ *  - stream_logger_create()
+ * 
+ * @ingroup listeners
+ */
+struct stream_logger_t {
+       
+       /**
+        * Implements the bus_listener_t interface.
+        */
+       bus_listener_t listener;
+       
+       /**
+        * @brief Set the loglevel for a signal type.
+        *
+        * @param this          stream_logger_t object
+        * @param singal        type of signal
+        * @param level         max level to log
+        */
+       void (*set_level) (stream_logger_t *this, signal_t signal, level_t level);
+       
+       /**
+        * @brief Destroys a stream_logger_t object.
+        *
+        * @param this          stream_logger_t object
+        */
+       void (*destroy) (stream_logger_t *this);
+};
+
+/**
+ * @brief Constructor to create a stream_logger_t object.
+ *
+ * @param out  output stream to log to
+ * @return             stream_logger_t object
+ * 
+ * @ingroup utils
+ */
+stream_logger_t *stream_logger_create(FILE *out);
+
+#endif /* STREAM_LOGGER_H_ */
diff --git a/src/charon/bus/listeners/sys_logger.c b/src/charon/bus/listeners/sys_logger.c
new file mode 100644 (file)
index 0000000..3577376
--- /dev/null
@@ -0,0 +1,181 @@
+/**
+ * @file sys_logger.c
+ *
+ * @brief Implementation of sys_logger_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/* for open_memstream() */
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <string.h>
+#include <pthread.h>
+
+#include "sys_logger.h"
+
+#include <bus/listeners/stream_logger.h>
+
+
+typedef struct private_sys_logger_t private_sys_logger_t;
+
+/**
+ * Private data of a sys_logger_t object
+ */
+struct private_sys_logger_t {
+       
+       /**
+        * Public data.
+        */
+       sys_logger_t public;
+       
+       /**
+        * syslog facility to use
+        */
+       int facility;
+       
+       /**
+        * Internal used stream logger that does the dirty work
+        */
+       stream_logger_t *logger;
+       
+       /**
+        * Memory stream used for stream_logger
+        */
+       FILE *stream;
+       
+       /**
+        * Underlying buffer for stream
+        */
+       char buffer[4096];
+};
+
+
+/**
+ * Implementation of bus_listener_t.signal.
+ */
+static void signal_(private_sys_logger_t *this, int thread, ike_sa_t* ike_sa,
+                                       signal_t signal, level_t level,
+                                       char *format, va_list args)
+{
+       char line[512];
+       char *prefix;
+       FILE *reader;
+       
+       switch (signal)
+       {
+               case SIG_IKE_UP:
+               case SIG_IKE_DOWN:
+               case SIG_IKE_REKEY:
+               case SIG_DBG_IKE:
+                       prefix = "IKE";
+                       break;
+               case SIG_DBG_CHD:
+                       prefix = "CHD";
+                       break;
+               case SIG_DBG_JOB:
+                       prefix = "JOG";
+                       break;
+               case SIG_DBG_CFG:
+                       prefix = "CFG";
+                       break;
+               case SIG_DBG_KNL:
+                       prefix = "KNL";
+                       break;
+               case SIG_DBG_NET:
+                       prefix = "NET";
+                       break;
+               case SIG_DBG_ENC:
+                       prefix = "ENC";
+                       break;
+               default:
+                       prefix = "???";
+                       break;
+       }
+       
+       flockfile(this->stream);
+       /* reset memory stream */
+       rewind(this->stream);
+       memset(this->buffer, '\0', sizeof(this->buffer));
+       /* log to memstream */
+       this->logger->listener.signal(&this->logger->listener, thread, ike_sa,
+                                                                 signal, level, format, args);
+       /* flush is needed to append a '\0' */
+       fflush(this->stream);
+       
+       /* create a reader stream that reads out line by line */
+       reader = fmemopen(this->buffer, sizeof(this->buffer), "r");
+       
+       while (fgets(line, sizeof(line), reader))
+       {
+               if (line[0] == '\0')
+               {
+                       /* abort on EOF */
+                       break;
+               }
+               else if (line[0] != '\n')
+               {
+                       syslog(this->facility|LOG_INFO, "%.2d[%s] %s", thread, prefix, line);
+               }
+       }
+       fclose(reader);
+       funlockfile(this->stream);
+}
+
+/**
+ * Implementation of sys_logger_t.set_level.
+ */
+static void set_level(private_sys_logger_t *this, signal_t signal, level_t max)
+{
+       this->logger->set_level(this->logger, signal, max);
+}
+
+/**
+ * Implementation of sys_logger_t.destroy.
+ */
+static void destroy(private_sys_logger_t *this)
+{
+       closelog();
+       fclose(this->stream);
+       this->logger->destroy(this->logger);
+       free(this);
+}
+
+/*
+ * Described in header.
+ */
+sys_logger_t *sys_logger_create(int facility)
+{
+       private_sys_logger_t *this = malloc_thing(private_sys_logger_t);
+       
+       /* public functions */
+       this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
+       this->public.set_level = (void(*)(sys_logger_t*,signal_t,level_t))set_level;
+       this->public.destroy = (void(*)(sys_logger_t*))destroy;
+       
+       /* private variables */
+       this->facility = facility;
+       this->stream = fmemopen(this->buffer, sizeof(this->buffer), "w");
+       if (this->stream == NULL)
+       {
+               /* fallback to stderr */
+               this->stream = stderr;
+       }
+       this->logger = stream_logger_create(this->stream);
+       
+       return &this->public;
+}
diff --git a/src/charon/bus/listeners/sys_logger.h b/src/charon/bus/listeners/sys_logger.h
new file mode 100644 (file)
index 0000000..ff0b9ba
--- /dev/null
@@ -0,0 +1,76 @@
+/**
+ * @file sys_logger.h
+ *
+ * @brief Interface of sys_logger_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef SYS_LOGGER_H_
+#define SYS_LOGGER_H_
+
+#include <syslog.h>
+
+#include <bus/bus.h>
+
+
+typedef struct sys_logger_t sys_logger_t;
+
+/**
+ * @brief Logger for syslog which implements bus_listener_t.
+ * 
+ * @b Constructors:
+ *  - sys_logger_create()
+ * 
+ * @ingroup listeners
+ */
+struct sys_logger_t {
+       
+       /**
+        * Implements the bus_listener_t interface.
+        */
+       bus_listener_t listener;
+       
+       /**
+        * @brief Set the loglevel for a signal type.
+        *
+        * @param this          stream_logger_t object
+        * @param singal        type of signal
+        * @param level         max level to log
+        */
+       void (*set_level) (sys_logger_t *this, signal_t signal, level_t level);
+       
+       /**
+        * @brief Destroys a sys_logger_t object.
+        *
+        * @param this          sys_logger_t object
+        */
+       void (*destroy) (sys_logger_t *this);
+};
+
+/**
+ * @brief Constructor to create a sys_logger_t object.
+ *
+ * @param facility     syslog facility to use
+ * @return                     sys_logger_t object
+ *
+ * @ingroup listeners
+ */
+sys_logger_t *sys_logger_create(int facility);
+
+
+#endif /* SYS_LOGGER_H_ */
index 72265b5..af107b8 100644 (file)
@@ -74,8 +74,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
        connection_t *candidate;
        connection_t *found = NULL;
        
-       this->logger->log(this->logger, CONTROL|LEVEL1, "looking for connection for host pair %s...%s",
-                                         my_host->get_string(my_host), other_host->get_string(other_host));
+       this->logger->log(this->logger, CONTROL|LEVEL1,
+                                         "looking for connection for host pair %H...%H",
+                                         my_host, other_host);
        
        pthread_mutex_lock(&(this->mutex));
        iterator = this->connections->create_iterator(this->connections, TRUE);
@@ -106,10 +107,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
                        }
 
                        this->logger->log(this->logger, CONTROL|LEVEL2,
-                                                        "candidate connection \"%s\": %s...%s (prio=%d)",
+                                                        "candidate connection \"%s\": %H...%H (prio=%d)",
                                                          candidate->get_name(candidate),
-                                                         candidate_my_host->get_string(candidate_my_host),
-                                                         candidate_other_host->get_string(candidate_other_host),
+                                                         candidate_my_host, candidate_other_host,
                                                          prio);
 
                        if (prio > best_prio)
@@ -127,10 +127,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
                host_t *found_other_host = found->get_other_host(found);
                
                this->logger->log(this->logger, CONTROL|LEVEL1,
-                                                "found matching connection \"%s\": %s...%s (prio=%d)",
+                                                "found matching connection \"%s\": %H...%H (prio=%d)",
                                                  found->get_name(found),
-                                                 found_my_host->get_string(found_my_host),
-                                                 found_other_host->get_string(found_other_host),
+                                                 found_my_host, found_other_host,
                                                  best_prio);
                
                /* give out a new reference to it */
@@ -242,10 +241,8 @@ void log_connections(private_local_connection_store_t *this, logger_t *logger, c
                        host_t *my_host = current->get_my_host(current);
                        host_t *other_host = current->get_other_host(current);
 
-                       logger->log(logger, CONTROL, "  \"%s\": %s...%s",
-                                               current->get_name(current),
-                                               my_host->get_string(my_host),
-                                               other_host->get_string(other_host));
+                       logger->log(logger, CONTROL, "  \"%s\": %H...%H",
+                                               current->get_name(current), my_host, other_host);
                }
        }
        iterator->destroy(iterator);
index db29472..e694186 100644 (file)
@@ -504,8 +504,8 @@ static bool verify(private_local_credential_store_t *this, x509_t *cert, bool *f
                identification_t *subject = cert->get_subject(cert);
                identification_t *issuer  = cert->get_issuer(cert);
 
-               this->logger->log(this->logger, CONTROL|LEVEL1, "subject: '%s'", subject->get_string(subject));
-               this->logger->log(this->logger, CONTROL|LEVEL1, "issuer:  '%s'", issuer->get_string(issuer));
+               this->logger->log(this->logger, CONTROL|LEVEL1, "subject: '%D'", subject);
+               this->logger->log(this->logger, CONTROL|LEVEL1, "issuer:  '%D'", issuer);
 
                ugh = cert->is_valid(cert, &until);
                if (ugh != NULL)
index 1ad0aaa..5253cb3 100644 (file)
@@ -116,8 +116,8 @@ static policy_t *get_policy(private_local_policy_store_t *this,
        policy_t *candidate;
        policy_t *found = NULL;
        
-       this->logger->log(this->logger, CONTROL|LEVEL1, "searching policy for ID pair %s...%s",
-                                         my_id->get_string(my_id), other_id->get_string(other_id));
+       this->logger->log(this->logger, CONTROL|LEVEL1, 
+                                         "searching policy for ID pair %D...%D", my_id, other_id);
 
        pthread_mutex_lock(&(this->mutex));
        iterator = this->policies->create_iterator(this->policies, TRUE);
@@ -151,19 +151,14 @@ static policy_t *get_policy(private_local_policy_store_t *this,
                        {
                                this->logger->log(this->logger, CONTROL|LEVEL2,
                                                                  "candidate '%s' inacceptable due traffic selector mismatch",
-                                                                 candidate->get_name(candidate),
-                                                                 candidate_my_id->get_string(candidate_my_id),
-                                                                 candidate_other_id->get_string(candidate_other_id),
-                                                                 prio);
+                                                                 candidate->get_name(candidate));
                                continue;
                        }
 
                        this->logger->log(this->logger, CONTROL|LEVEL2,
-                                                         "candidate policy '%s': %s...%s (prio=%d)",
+                                                         "candidate policy '%s': %D...%D (prio=%d)",
                                                          candidate->get_name(candidate),
-                                                         candidate_my_id->get_string(candidate_my_id),
-                                                         candidate_other_id->get_string(candidate_other_id),
-                                                         prio);
+                                                         candidate_my_id, candidate_other_id, prio);
 
                        if (prio > best_prio)
                        {
@@ -180,11 +175,9 @@ static policy_t *get_policy(private_local_policy_store_t *this,
                identification_t *found_other_id = found->get_other_id(found);
                
                this->logger->log(this->logger, CONTROL,
-                                                 "found matching policy '%s': %s...%s (prio=%d)",
+                                                 "found matching policy '%s': %D...%D (prio=%d)",
                                                  found->get_name(found),
-                                                 found_my_id->get_string(found_my_id),
-                                                 found_other_id->get_string(found_other_id),
-                                                 best_prio);
+                                                 found_my_id, found_other_id, best_prio);
                /* give out a new reference to it */
                found->get_ref(found);
        }
index cad9bee..fee85dd 100644 (file)
@@ -67,37 +67,15 @@ struct private_daemon_t {
         * The thread_id of main-thread.
         */
        pthread_t main_thread_id;
-       
-       /**
-        * Main loop function.
-        * 
-        * @param this  calling object
-        */
-       void (*run) (private_daemon_t *this);
-       
-       /**
-        * Initialize the daemon.
-        * 
-        * @param this          calling object
-        * @param strict        enforce a strict crl policy
-        */
-       void (*initialize) (private_daemon_t *this, bool strict);
-       
-       /**
-        * Destroy the daemon.
-        * 
-        * @param this  calling object
-        */
-       void (*destroy) (private_daemon_t *this);
 };
 
-/** 
+/**
  * One and only instance of the daemon.
  */
 daemon_t *charon;
 
 /**
- * Implementation of private_daemon_t.run.
+ * Run the daemon and handle unix signals
  */
 static void run(private_daemon_t *this)
 {
@@ -144,7 +122,47 @@ static void run(private_daemon_t *this)
 }
 
 /**
- * Implementation of daemon_t.kill.
+ * Clean up all daemon resources
+ */
+static void destroy(private_daemon_t *this)
+{
+       /* destruction is a non trivial task, we need to follow 
+       * a strict order to prevent threading issues! 
+       * Kill active threads first, except the sender, as
+       * the killed IKE_SA want to send delete messages.
+       */
+       /* we don't want to receive anything anymore... */
+       DESTROY_IF(this->public.receiver);
+       /* ignore all incoming user requests */
+       DESTROY_IF(this->public.stroke);
+       /* stop scheduing jobs */
+       DESTROY_IF(this->public.scheduler);
+       /* stop processing jobs */
+       DESTROY_IF(this->public.thread_pool);
+       /* shut down manager with all IKE SAs */
+       DESTROY_IF(this->public.ike_sa_manager);
+       /* all child SAs should be down now, so kill kernel interface */
+       DESTROY_IF(this->public.kernel_interface);
+       /* destroy other infrastructure */
+       DESTROY_IF(this->public.bus);
+       DESTROY_IF(this->public.outlog);
+       DESTROY_IF(this->public.syslog);
+       DESTROY_IF(this->public.job_queue);
+       DESTROY_IF(this->public.event_queue);
+       DESTROY_IF(this->public.configuration);
+       DESTROY_IF(this->public.credentials);
+       DESTROY_IF(this->public.connections);
+       DESTROY_IF(this->public.policies);
+       /* we hope the sender could send the outstanding deletes, but 
+       * we shut down here at any cost */
+       DESTROY_IF(this->public.sender);
+       DESTROY_IF(this->public.send_queue);
+       DESTROY_IF(this->public.socket);
+       free(this);
+}
+
+/**
+ * Enforce daemon shutdown, with a given reason to do so.
  */
 static void kill_daemon(private_daemon_t *this, char *reason)
 {
@@ -153,7 +171,7 @@ static void kill_daemon(private_daemon_t *this, char *reason)
        if (this->main_thread_id == pthread_self())
        {
                /* initialization failed, terminate daemon */
-               this->destroy(this);
+               destroy(this);
                unlink(PID_FILE);
                exit(-1);
        }
@@ -167,7 +185,7 @@ static void kill_daemon(private_daemon_t *this, char *reason)
 }
 
 /**
- * Implementation of private_daemon_t.initialize.
+ * Initialize the daemon, optional with a strict crl policy
  */
 static void initialize(private_daemon_t *this, bool strict)
 {
@@ -182,6 +200,11 @@ static void initialize(private_daemon_t *this, bool strict)
        this->public.job_queue = job_queue_create();
        this->public.event_queue = event_queue_create();
        this->public.send_queue = send_queue_create();
+       this->public.bus = bus_create();
+       this->public.outlog = file_logger_create(stdout);
+       this->public.bus->add_listener(this->public.bus, &this->public.outlog->listener);
+       this->public.syslog = sys_logger_create(LOG_DAEMON);
+       this->public.bus->add_listener(this->public.bus, &this->public.syslog->listener);
        this->public.connections = (connection_store_t*)local_connection_store_create();
        this->public.policies = (policy_store_t*)local_policy_store_create();
        this->public.credentials = (credential_store_t*)local_credential_store_create(strict);
@@ -202,42 +225,8 @@ static void initialize(private_daemon_t *this, bool strict)
 }
 
 /**
- * Destory all initiated objects
+ * Handle SIGSEGV/SIGILL signals raised by threads
  */
-static void destroy(private_daemon_t *this)
-{
-       /* destruction is a non trivial task, we need to follow 
-        * a strict order to prevent threading issues! 
-        * Kill active threads first, except the sender, as
-        * the killed IKE_SA want to send delete messages.
-        */
-       /* we don't want to receive anything anymore... */
-       DESTROY_IF(this->public.receiver);
-       /* ignore all incoming user requests */
-       DESTROY_IF(this->public.stroke);
-       /* stop scheduing jobs */
-       DESTROY_IF(this->public.scheduler);
-       /* stop processing jobs */
-       DESTROY_IF(this->public.thread_pool);
-       /* shut down manager with all IKE SAs */
-       DESTROY_IF(this->public.ike_sa_manager);
-       /* all child SAs should be down now, so kill kernel interface */
-       DESTROY_IF(this->public.kernel_interface);
-       /* destroy other infrastructure */
-       DESTROY_IF(this->public.job_queue);
-       DESTROY_IF(this->public.event_queue);
-       DESTROY_IF(this->public.configuration);
-       DESTROY_IF(this->public.credentials);
-       DESTROY_IF(this->public.connections);
-       DESTROY_IF(this->public.policies);
-       /* we hope the sender could send the outstanding deletes, but 
-        * we shut down here at any cost */
-       DESTROY_IF(this->public.sender);
-       DESTROY_IF(this->public.send_queue);
-       DESTROY_IF(this->public.socket);
-       free(this);
-}
-
 void signal_handler(int signal)
 {
        void *array[20];
@@ -265,9 +254,7 @@ void signal_handler(int signal)
 }
 
 /**
- * @brief Create the daemon.
- * 
- * @return     created daemon_t
+ * Create the daemon.
  */
 private_daemon_t *daemon_create(void)
 {      
@@ -275,9 +262,6 @@ private_daemon_t *daemon_create(void)
        struct sigaction action;
                
        /* assign methods */
-       this->run = run;
-       this->destroy = destroy;
-       this->initialize = initialize;
        this->public.kill = (void (*) (daemon_t*,char*))kill_daemon;
        
        /* NULL members for clean destruction */
@@ -296,6 +280,9 @@ private_daemon_t *daemon_create(void)
        this->public.kernel_interface = NULL;
        this->public.thread_pool = NULL;
        this->public.stroke = NULL;
+       this->public.bus = NULL;
+       this->public.outlog = NULL;
+       this->public.syslog = NULL;
        
        this->main_thread_id = pthread_self();
        
@@ -322,6 +309,9 @@ private_daemon_t *daemon_create(void)
        return this;
 }
 
+/**
+ * print command line usage and exit
+ */
 static void usage(const char *msg)
 {
        if (msg != NULL && *msg != '\0')
@@ -396,14 +386,14 @@ int main(int argc, char *argv[])
                                                                "Starting Charon (strongSwan Version %s)", VERSION);
                
        /* initialize daemon */
-       private_charon->initialize(private_charon, strict_crl_policy);
+       initialize(private_charon, strict_crl_policy);
        
        /* check/setup PID file */
        if (stat(PID_FILE, &stb) == 0)
        {
                private_charon->logger->log(private_charon->logger, ERROR, 
                                                                        "charon already running (\""PID_FILE"\" exists)");
-               private_charon->destroy(private_charon);
+               destroy(private_charon);
                exit(-1);
        }
        pid_file = fopen(PID_FILE, "w");
@@ -420,19 +410,17 @@ int main(int argc, char *argv[])
        while (list->remove_first(list, (void**)&host) == SUCCESS)
        {
                private_charon->logger->log(private_charon->logger, CONTROL,
-                                                                       "  %s", host->get_string(host));
+                                                                       "  %H", host);
                host->destroy(host);
        }
        list->destroy(list);
        
        /* run daemon */
-       private_charon->run(private_charon);
+       run(private_charon);
        
        /* normal termination, cleanup and exit */
-       private_charon->destroy(private_charon);
+       destroy(private_charon);
        unlink(PID_FILE);
 
        return 0;
 }
-
-
index b3ba35f..c548372 100644 (file)
@@ -32,6 +32,9 @@
 #include <threads/thread_pool.h>
 #include <threads/stroke_interface.h>
 #include <network/socket.h>
+#include <bus/bus.h>
+#include <bus/listeners/file_logger.h>
+#include <bus/listeners/sys_logger.h>
 #include <sa/ike_sa_manager.h>
 #include <queues/send_queue.h>
 #include <queues/job_queue.h>
  */
 
 /**
+ * @defgroup bus bus
+ *
+ * Signaling bus and its listeners.
+ *
+ * @ingroup charon
+ */
+
+/**
  * Name of the daemon.
- * 
+ *
  * @ingroup charon
  */
 #define DAEMON_NAME "charon"
@@ -337,6 +348,21 @@ struct daemon_t {
        thread_pool_t *thread_pool;
        
        /**
+        * The signaling bus.
+        */
+       bus_t *bus;
+       
+       /**
+        * A bus listener logging to stdout
+        */
+       file_logger_t *outlog;
+       
+       /**
+        * A bus listener logging to syslog
+        */
+       sys_logger_t *syslog;
+       
+       /**
         * Kernel Interface to communicate with kernel
         */
        kernel_interface_t *kernel_interface;
index ad8e649..456fc6d 100644 (file)
@@ -204,9 +204,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
                pkt->set_source(pkt, source);
                pkt->set_destination(pkt, dest);
                this->logger->log(this->logger, CONTROL|LEVEL1, 
-                                                 "received packet: from %s[%d] to %s[%d]",
-                                                 source->get_string(source), source->get_port(source),
-                                                 dest->get_string(dest), dest->get_port(dest));
+                                                 "received packet: from %#H to %#H", source, dest);
                data_offset = IP_LEN + UDP_LEN;
                /* remove non esp marker */     
                if (dest->get_port(dest) == this->natt_port)
@@ -297,9 +295,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
                pkt->set_source(pkt, source);
                pkt->set_destination(pkt, dest);
                this->logger->log(this->logger, CONTROL|LEVEL1, 
-                                                 "received packet: from %s[%d] to %s[%d]",
-                                                 source->get_string(source), source->get_port(source),
-                                                 dest->get_string(dest), dest->get_port(dest));
+                                                 "received packet: from %#H to %#H", source, dest);
                data_offset = UDP_LEN;
                /* remove non esp marker */     
                if (dest->get_port(dest) == this->natt_port)
@@ -337,9 +333,8 @@ status_t sender(private_socket_t *this, packet_t *packet)
        dst = packet->get_destination(packet);
        data = packet->get_data(packet);
 
-       this->logger->log(this->logger, CONTROL|LEVEL1, "sending packet: from %s[%d] to %s[%d]",
-                                         src->get_string(src), src->get_port(src),
-                                         dst->get_string(dst), dst->get_port(dst));
+       this->logger->log(this->logger, CONTROL|LEVEL1,
+                                         "sending packet: from %#H to %#H", src, dst);
        
        /* send data */
        sport = src->get_port(src);
@@ -575,6 +570,7 @@ static int open_send_socket(private_socket_t *this, int family, u_int16_t port)
        policy.sadb_x_policy_dir = IPSEC_DIR_OUTBOUND;
        policy.sadb_x_policy_reserved = 0;
        policy.sadb_x_policy_id = 0;
+       policy.sadb_x_policy_priority = 0;
        
        if (setsockopt(skt, ip_proto, ipsec_policy, &policy, sizeof(policy)) < 0)
        {
@@ -729,6 +725,7 @@ static int open_recv_socket(private_socket_t *this, int family)
        policy.sadb_x_policy_dir = IPSEC_DIR_INBOUND;
        policy.sadb_x_policy_reserved = 0;
        policy.sadb_x_policy_id = 0;
+       policy.sadb_x_policy_priority = 0;
        
        if (setsockopt(skt, ip_proto, ipsec_policy, &policy, sizeof(policy)) < 0)
        {
index dd39572..45fc452 100644 (file)
@@ -1,8 +1,8 @@
 /**
  * @file delete_child_sa_job.c
- * 
+ *
  * @brief Implementation of delete_child_sa_job_t.
- * 
+ *
  */
 
 /*
@@ -32,6 +32,7 @@ typedef struct private_delete_child_sa_job_t private_delete_child_sa_job_t;
  */
 struct private_delete_child_sa_job_t {
        /**
+
         * Public delete_child_sa_job_t interface.
         */
        delete_child_sa_job_t public;
index ec8163d..4feff15 100644 (file)
@@ -113,9 +113,8 @@ static status_t execute(private_incoming_packet_job_t *this)
        message = message_create_from_packet(this->packet->clone(this->packet));
        src = message->get_source(message);
        dst = message->get_destination(message);
-       this->logger->log(this->logger, CONTROL, "received packet: from %s[%d] to %s[%d]",
-                                         src->get_string(src), src->get_port(src),
-                                         dst->get_string(dst), dst->get_port(dst));
+       this->logger->log(this->logger, CONTROL,
+                                         "received packet: from %#H to %#H", src, dst);
        
        status = message->parse_header(message);
        if (status != SUCCESS)
index 985cf77..6091a17 100644 (file)
@@ -111,9 +111,8 @@ static void add(private_send_queue_t *this, packet_t *packet)
        
        src = packet->get_source(packet);
        dst = packet->get_destination(packet);
-       this->logger->log(this->logger, CONTROL, "sending packet: from %s[%d] to %s[%d]",
-                                         src->get_string(src), src->get_port(src),
-                                         dst->get_string(dst), dst->get_port(dst));
+       this->logger->log(this->logger, CONTROL, 
+                                         "sending packet: from %#H to %#H", src, dst);
        
        pthread_mutex_lock(&this->mutex);
        this->list->insert_last(this->list, packet);
index 3dcffd0..f605062 100644 (file)
@@ -220,8 +220,9 @@ static status_t verify_auth_data (private_authenticator_t *this,
                                                                                                                 &shared_key);
                        if (status != SUCCESS)
                        {
-                               this->logger->log(this->logger, ERROR, "no shared key found for '%s' and '%s'",
-                                                                 my_id->get_string(my_id), other_id->get_string(other_id));
+                               this->logger->log(this->logger, ERROR, 
+                                                                 "no shared key found for '%D' - '%D'",
+                                                                 my_id, other_id);
                                chunk_free(&shared_key);
                                break;
                        }
@@ -234,7 +235,9 @@ static status_t verify_auth_data (private_authenticator_t *this,
                                                                                                                        shared_key);
                        chunk_free(&shared_key);
 
-                       status = (auth_data.len == my_auth_data.len && memeq(auth_data.ptr, my_auth_data.ptr, my_auth_data.len))
+
+                       status = (auth_data.len == my_auth_data.len &&
+                                         memeq(auth_data.ptr, my_auth_data.ptr, my_auth_data.len))
                                         ? SUCCESS : FAILED;
                        chunk_free(&my_auth_data);
                    break;
@@ -248,8 +251,8 @@ static status_t verify_auth_data (private_authenticator_t *this,
 
                        if (public_key == NULL)
                        {
-                               this->logger->log(this->logger, ERROR, "no RSA public key found for '%s'",
-                                                                 other_id->get_string(other_id));
+                               this->logger->log(this->logger, ERROR, 
+                                                                 "no RSA public key found for '%D'", other_id);
                                status = NOT_FOUND;
                                break;
                        }
@@ -266,9 +269,8 @@ static status_t verify_auth_data (private_authenticator_t *this,
                }
        }
        
-       this->logger->log(this->logger, CONTROL, "authentication of '%s' with %s %s",
-                                         other_id->get_string(other_id),
-                                         enum_name(&auth_method_names, auth_method),
+       this->logger->log(this->logger, CONTROL, "authentication of '%D' with %s %s",
+                                         other_id, enum_name(&auth_method_names, auth_method),
                                          (status == SUCCESS)? "successful":"failed");
        return status;
 }
@@ -284,9 +286,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
                                                                   identification_t *other_id,
                                                                   bool initiator)
 {      
-       this->logger->log(this->logger, CONTROL, "authentication of '%s' with %s (myself)",
-                                         my_id->get_string(my_id),
-                                         enum_name(&auth_method_names, this->auth_method));
+       this->logger->log(this->logger, CONTROL, 
+                                         "authentication of '%D' with %s (myself)",
+                                         my_id, enum_name(&auth_method_names, this->auth_method));
 
        switch (this->auth_method)
        {
@@ -302,8 +304,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
 
                        if (status != SUCCESS)
                        {
-                               this->logger->log(this->logger, ERROR, "no shared key found for '%s' and '%s'",
-                                                                 my_id->get_string(my_id), other_id->get_string(other_id));
+                               this->logger->log(this->logger, ERROR,
+                                                                 "no shared key found for '%D' - '%D'",
+                                                                 my_id, other_id);
                                return status;  
                        }
                        
@@ -330,14 +333,15 @@ static status_t compute_auth_data (private_authenticator_t *this,
                        rsa_public_key_t  *my_pubkey;
                        rsa_private_key_t *my_key;
 
-                       this->logger->log(this->logger, CONTROL|LEVEL1, "looking for RSA public key belonging to '%s'",
-                                                         my_id->get_string(my_id));
+                       this->logger->log(this->logger, CONTROL|LEVEL1,
+                                                         "looking for RSA public key belonging to '%D'",
+                                                         my_id);
 
                        my_pubkey = charon->credentials->get_rsa_public_key(charon->credentials, my_id);
                        if (my_pubkey == NULL)
                        {
-                               this->logger->log(this->logger, ERROR, "no RSA public key found for '%s'",
-                                                                 my_id->get_string(my_id));
+                               this->logger->log(this->logger, ERROR, 
+                                                                 "no RSA public key found for '%D'", my_id);
                                return NOT_FOUND;
                        }
                        this->logger->log(this->logger, CONTROL|LEVEL2, "matching RSA public key found");
@@ -351,8 +355,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
                                char buf[BUF_LEN];
 
                                chunk_to_hex(buf, BUF_LEN, my_pubkey->get_keyid(my_pubkey));
-                               this->logger->log(this->logger, ERROR, "no RSA private key found with for %s with keyid %s",
-                                                                 my_id->get_string(my_id), buf);
+                               this->logger->log(this->logger, ERROR, 
+                                                                 "no RSA private key found with for %D with keyid %s",
+                                                                 my_id, buf);
                                return NOT_FOUND;
                        }
                        this->logger->log(this->logger, CONTROL|LEVEL2, "matching RSA private key found");
index 6b462c2..3a59297 100644 (file)
@@ -296,15 +296,15 @@ static void updown(private_child_sa_t *this, bool up)
                                "PLUTO_CONNECTION='%s' "
                                "PLUTO_INTERFACE='%s' "
                                "PLUTO_REQID='%u' "
-                               "PLUTO_ME='%s' "
-                               "PLUTO_MY_ID='%s' "
+                               "PLUTO_ME='%H' "
+                               "PLUTO_MY_ID='%D' "
                                "PLUTO_MY_CLIENT='%s/%s' "
                                "PLUTO_MY_CLIENT_NET='%s' "
                                "PLUTO_MY_CLIENT_MASK='%s' "
                                "PLUTO_MY_PORT='%u' "
                                "PLUTO_MY_PROTOCOL='%u' "
-                               "PLUTO_PEER='%s' "
-                               "PLUTO_PEER_ID='%s' "
+                               "PLUTO_PEER='%H' "
+                               "PLUTO_PEER_ID='%D' "
                                "PLUTO_PEER_CLIENT='%s/%s' "
                                "PLUTO_PEER_CLIENT_NET='%s' "
                                "PLUTO_PEER_CLIENT_MASK='%s' "
@@ -313,20 +313,20 @@ static void updown(private_child_sa_t *this, bool up)
                                "%s"
                                "%s",
                                 up ? "up" : "down",
-                                streq(this->me.addr->get_string(this->me.addr),
-                                          my_client) ? "-host" : "-client",
+                                /* TODO: fix it: streq(this->me.addr->get_string(this->me.addr),
+                                my_client) ? "-host" :*/ "-client",
                                 this->me.addr->get_family(this->me.addr) == AF_INET ? "" : "-ipv6",
                                 this->name,
                                 ifname,
                                 this->reqid,
-                                this->me.addr->get_string(this->me.addr),
-                                this->me.id->get_string(this->me.id),
+                                this->me.addr,
+                                this->me.id,
                                 my_client, my_client_mask,
                                 my_client, my_client_mask,
                                 policy->my_ts->get_from_port(policy->my_ts),
                                 policy->my_ts->get_protocol(policy->my_ts),
-                                this->other.addr->get_string(this->other.addr),
-                                this->other.id->get_string(this->other.id),
+                                this->other.addr,
+                                this->other.id,
                                 other_client, other_client_mask,
                                 other_client, other_client_mask,
                                 policy->other_ts->get_from_port(policy->other_ts),
@@ -548,8 +548,8 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal, prf_plus
        
        /* send SA down to the kernel */
        this->logger->log(this->logger, CONTROL|LEVEL2,
-                                               "  SPI 0x%.8x, src %s dst %s",
-                                               ntohl(spi), src->get_string(src), dst->get_string(dst));
+                                               "  SPI 0x%.8x, src %H dst %H",
+                                               ntohl(spi), src, dst);
        status = charon->kernel_interface->add_sa(charon->kernel_interface,
                                                                                          src, dst,
                                                                                          spi, this->protocol,
@@ -937,12 +937,9 @@ static status_t update_sa_hosts(private_child_sa_t *this, host_t *new_me, host_t
        }
        
        this->logger->log(this->logger, CONTROL|LEVEL1,
-                                         "updating %s SA 0x%x, from %s:%d..%s:%d to %s:%d..%s:%d",
+                                         "updating %s SA 0x%x, from %#H..#H to %#H..%#H",
                                          mapping_find(protocol_id_m, this->protocol), ntohl(spi),
-                                         src->get_string(src), src->get_port(src),
-                                         dst->get_string(dst), dst->get_port(dst),
-                                         new_src->get_string(new_src), new_src->get_port(new_src),
-                                         new_dst->get_string(new_dst), new_dst->get_port(new_dst));
+                                         src, dst, new_src, new_dst);
        
        status = charon->kernel_interface->update_sa(charon->kernel_interface,
                                                                                                 dst, spi, this->protocol, 
index 671e2b2..0384c37 100644 (file)
@@ -1363,11 +1363,9 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
        if (state == IKE_ESTABLISHED)
        {
                this->time.established = time(NULL);
-               this->logger->log(this->logger, AUDIT, "IKE_SA established: %s[%s]...%s[%s]",
-                                               this->my_host->get_string(this->my_host),
-                                               this->my_id->get_string(this->my_id),
-                                               this->other_host->get_string(this->other_host),
-                                               this->other_id->get_string(this->other_id));
+               this->logger->log(this->logger, AUDIT, "IKE_SA established: %H[%D]...%H[%D]",
+                                                 this->my_host, this->my_id, 
+                                                 this->other_host, this->other_id);
                /* start DPD checks */
                send_dpd(this);
        }
@@ -1784,11 +1782,9 @@ static status_t rekey(private_ike_sa_t *this)
        rekey_ike_sa_t *rekey_ike_sa;
        
        this->logger->log(this->logger, CONTROL, 
-                                         "rekeying IKE_SA between %s[%s]..%s[%s]",
-                                         this->my_host->get_string(this->my_host),
-                                         this->my_id->get_string(this->my_id),
-                                         this->other_host->get_string(this->other_host),
-                                         this->other_id->get_string(this->other_id));
+                                         "rekeying IKE_SA between: %H[%D]...%H[%D]",
+                                         this->my_host, this->my_id, 
+                                         this->other_host, this->other_id);
        
        if (this->state != IKE_ESTABLISHED)
        {
@@ -1869,12 +1865,9 @@ static void log_status(private_ike_sa_t *this, logger_t *logger, char *name)
                                        mapping_find(ike_sa_state_m, this->state),
                                        this->ike_sa_id->get_initiator_spi(this->ike_sa_id),
                                        this->ike_sa_id->get_responder_spi(this->ike_sa_id));
-               logger->log(logger, CONTROL, "  \"%s\": %s[%s]...%s[%s]",
-                                       this->name,
-                                       this->my_host->get_string(this->my_host),
-                                       this->my_id->get_string(this->my_id),
-                                       this->other_host->get_string(this->other_host),
-                                       this->other_id->get_string(this->other_id));
+               logger->log(logger, CONTROL, "  \"%s\": %H[%D]...%H[%D]",
+                                       this->name, this->my_host, this->my_id, 
+                                       this->other_host, this->other_id);
                
                iterator = this->child_sas->create_iterator(this->child_sas, TRUE);
                while (iterator->has_next(iterator))
@@ -1995,11 +1988,9 @@ static void destroy(private_ike_sa_t *this)
        DESTROY_IF(this->prf_auth_r);
 
        this->logger->log(this->logger, AUDIT, 
-                                         "IKE_SA deleted between %s[%s]...%s[%s]",
-                                         this->my_host->get_string(this->my_host),
-                                         this->my_id->get_string(this->my_id),
-                                         this->other_host->get_string(this->other_host),
-                                         this->other_id->get_string(this->other_id));
+                                         "IKE_SA deleted between: %H[%D]...%H[%D]",
+                                         this->my_host, this->my_id, 
+                                         this->other_host, this->other_id);
        
        DESTROY_IF(this->my_host);
        DESTROY_IF(this->other_host);
index 7984aa9..90c43da 100644 (file)
@@ -385,9 +385,8 @@ static ike_sa_t* checkout_by_id(private_ike_sa_manager_t *this,
                {
                        /* looks good, we take this one */
                        this->logger->log(this->logger, CONTROL|LEVEL1, 
-                                                         "found an existing IKE_SA for %s[%s]...%s[%s]",
-                                                         my_host->get_string(my_host), other_host->get_string(other_host),
-                                                         my_id->get_string(my_id), other_id->get_string(other_id));
+                                                         "found an existing IKE_SA for %H[%D]...%H[%D]",
+                                                         my_host, other_host, my_id, other_id);
                        entry->checked_out = TRUE;
                        ike_sa = entry->ike_sa;
                }
@@ -417,13 +416,12 @@ static ike_sa_t* checkout_by_id(private_ike_sa_manager_t *this,
                
                /* check ike_sa out */
                this->logger->log(this->logger, CONTROL|LEVEL1, 
-                                                 "new IKE_SA created for IDs %s - %s",
-                                                 my_id->get_string(my_id), other_id->get_string(other_id));
+                                                 "new IKE_SA created for IDs %D - %D", my_id, other_id);
                new_ike_sa_entry->checked_out = TRUE;
                ike_sa = new_ike_sa_entry->ike_sa;
        }
        pthread_mutex_unlock(&(this->mutex));
-       
+       SIG_SA(ike_sa);
        return ike_sa;
 }
 
@@ -540,6 +538,8 @@ static ike_sa_t* checkout(private_ike_sa_manager_t *this, ike_sa_id_t *ike_sa_id
        }
        
        pthread_mutex_unlock(&(this->mutex));
+       
+       SIG_SA(ike_sa);
        return ike_sa;
 }
 
@@ -575,6 +575,7 @@ static ike_sa_t* checkout_by_child(private_ike_sa_manager_t *this,
        iterator->destroy(iterator);
        pthread_mutex_unlock(&(this->mutex));
        
+       SIG_SA(ike_sa);
        return ike_sa;
 }
 
@@ -679,6 +680,8 @@ static status_t checkin(private_ike_sa_manager_t *this, ike_sa_t *ike_sa)
        this->logger->log(this->logger, CONTROL|LEVEL2, "%d IKE_SAs in manager now",
                                this->ike_sa_list->get_count(this->ike_sa_list));
        pthread_mutex_unlock(&(this->mutex));
+       
+       SIG_SA(NULL);
        return retval;
 }
 
@@ -725,6 +728,7 @@ static status_t checkin_and_destroy(private_ike_sa_manager_t *this, ike_sa_t *ik
        }
        
        pthread_mutex_unlock(&(this->mutex));
+       SIG_SA(NULL);
        return retval;
 }
 
index fae2942..a311805 100644 (file)
@@ -694,8 +694,8 @@ static status_t get_response(private_ike_auth_t *this, message_t *request,
                if (this->policy == NULL)
                {
                        this->logger->log(this->logger, AUDIT,
-                                                         "no acceptable policy for IDs %s - %s found, deleting IKE_SA", 
-                                                         my_id->get_string(my_id), other_id->get_string(other_id));
+                                                         "no acceptable policy for IDs %D - %D found, deleting IKE_SA", 
+                                                         my_id, other_id);
                        my_id->destroy(my_id);
                        other_id->destroy(other_id);
                        build_notify(AUTHENTICATION_FAILED, response, TRUE);
@@ -939,9 +939,8 @@ static status_t conclude(private_ike_auth_t *this, message_t *response,
                {
                        other_id->destroy(other_id);
                        this->logger->log(this->logger, AUDIT,
-                                                         "other peer uses unacceptable ID (%s, excepted %s), deleting IKE_SA",
-                                                         other_id->get_string(other_id),
-                                                         configured_other_id->get_string(configured_other_id));
+                                                         "other peer uses unacceptable ID (%D, excepted %D), deleting IKE_SA",
+                                                         other_id, configured_other_id);
                        return DESTROY_ME;
                }
                /* update other ID. It was already set, but may contain wildcards */
index 855e985..ad481d6 100644 (file)
@@ -570,8 +570,8 @@ static status_t get_response(private_ike_sa_init_t *this,
                response->add_payload(response, (payload_t*)notify);
                
                this->logger->log(this->logger, AUDIT,
-                                                 "no connection for hosts %s...%s found, deleting IKE_SA",
-                                                 me->get_string(me), other->get_string(other));
+                                                 "no connection for hosts %H...%H found, deleting IKE_SA",
+                                                 me, other);
                return DESTROY_ME;
        }
        
index be8a8f7..ceb7bef 100644 (file)
@@ -85,7 +85,7 @@ static char certificate_buffer[] = {
  */
 void test_certificate(protected_tester_t *tester)
 {
-       chunk_t certificate = {certificate_buffer, sizeof(certificate_buffer)};
+       /*chunk_t certificate = {certificate_buffer, sizeof(certificate_buffer)};
        identification_t *id;
        x509_t *cert;
        
@@ -95,7 +95,7 @@ void test_certificate(protected_tester_t *tester)
        id = cert->get_issuer(cert);
        tester->assert_true(tester, strcmp(id->get_string(id), "C=CH, O=Linux strongSwan, CN=maeno") == 0, "issuer");
        cert->destroy(cert);
-       /*
+       
        cert = x509_create_from_file("scripts/complex1.der");
        id = cert->get_subject(cert);
        printf("Subject: %s\n", id->get_string(id));
index 549b4c1..35fcff4 100755 (executable)
@@ -354,9 +354,9 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg)
        {
                other_ca = identification_create_from_string("%any");
        }
-       this->logger->log(this->logger, CONTROL|LEVEL2, "  my ca:   '%s'", my_ca->get_string(my_ca));
-       this->logger->log(this->logger, CONTROL|LEVEL2, "  other ca:'%s'", other_ca->get_string(other_ca));
-       this->logger->log(this->logger, CONTROL|LEVEL2, "  updown:'%s'", msg->add_conn.me.updown);
+       this->logger->log(this->logger, CONTROL|LEVEL1, "  my ca:   '%D'", my_ca);
+       this->logger->log(this->logger, CONTROL|LEVEL1, "  other ca:'%D'", other_ca);
+       this->logger->log(this->logger, CONTROL|LEVEL1, "  updown: '%s'", msg->add_conn.me.updown);
 
        connection = connection_create(msg->add_conn.name,
                                                                   msg->add_conn.ikev2,
@@ -457,12 +457,9 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg)
        
        /* add to global connection list */
        charon->connections->add_connection(charon->connections, connection);
-       this->logger->log(this->logger, CONTROL, "added connection \"%s\": %s[%s]...%s[%s]",
-                                         msg->add_conn.name,
-                                         my_host->get_string(my_host),
-                                         my_id->get_string(my_id),
-                                         other_host->get_string(other_host),
-                                         other_id->get_string(other_id));
+       this->logger->log(this->logger, CONTROL, 
+                                         "added connection \"%s\": %H[%D]...%H[%D]", msg->add_conn.name,
+                                         my_host, my_id, other_host, other_id);
        /* add to global policy list */
        charon->policies->add_policy(charon->policies, policy);
        return;
@@ -633,7 +630,7 @@ static void stroke_status(private_stroke_t *this, stroke_msg_t *msg)
        while (list->remove_first(list, (void**)&host) == SUCCESS)
        {
                this->stroke_logger->log(this->stroke_logger, CONTROL|LEVEL1,
-                                                                "  %s", host->get_string(host));
+                                                                "  %H", host);
                host->destroy(host);
                
        }