| blob | db57ee61a26f358a7d12ebf93507e7b61f431ff3 |
1 /* Copyright (c) 2001, Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
7 /**
8 * \file log.c
9 * \brief Functions to send messages to log files or the console.
10 **/
13 #include <stdarg.h>
14 #include <stdio.h>
15 #include <stdlib.h>
16 #include <string.h>
17 #ifdef HAVE_SYS_TIME_H
18 #include <sys/time.h>
19 #endif
20 #ifdef HAVE_TIME_H
21 #include <time.h>
22 #endif
23 #ifdef HAVE_UNISTD_H
24 #include <unistd.h>
25 #endif
26 #ifdef HAVE_SYS_TYPES_H
27 #include <sys/types.h>
28 #endif
29 #ifdef HAVE_FCNTL_H
30 #include <fcntl.h>
31 #endif
33 #define LOG_PRIVATE
54 /** @{ */
55 /** The string we stick at the end of a log message when it is too long,
56 * and its length. */
58 #define TRUNCATED_STR_LEN 14
59 /** @} */
61 /** Defining compile-time constants for Tor log levels (used by the Rust
62 * log wrapper at src/rust/tor_log) */
68 /** Information for a single logfile; only used in log.c */
79 * log for each log domain? */
83 #define log_free(lg) \
84 FREE_AND_NULL(logfile_t, log_free_, (lg))
86 /** Helper: map a log severity to descriptive string. */
89 {
97 * calls log on failure. */
99 }
100 }
102 /** Helper: decide whether to include the function name in the log message. */
105 {
109 /* All debugging messages occur in interesting places. */
114 /* We care about places where bugs occur. */
117 /* Call raw_assert, not tor_assert, since tor_assert calls
118 * log on failure. */
120 }
121 }
123 /** A mutex to guard changes to logfiles and logging. */
125 /** True iff we have initialized log_mutex */
128 /** Linked list of logfile_t. */
130 /** Boolean: do we report logging domains? */
133 #ifdef HAVE_SYSLOG_H
134 /** The number of open syslog log handlers that we have. When this reaches 0,
135 * we can close our connection to the syslog facility. */
137 #endif
139 /** Represents a log message that we are going to send to callback-driven
140 * loggers once we can do so in a non-reentrant way. */
148 /** Log messages waiting to be replayed onto callback-based logs */
151 /** Callback to invoke when pending_cb_messages becomes nonempty. */
154 /** Log messages waiting to be replayed once the logging system is initialized.
155 */
158 /** Number of bytes of messages queued in pending_startup_messages. (This is
159 * the length of the messages, not the number of bytes used to store
160 * them.) */
163 /** True iff we should store messages while waiting for the logs to get
164 * configured. */
167 /** True iff __PRETTY_FUNCTION__ includes parenthesized arguments. */
170 /** Don't store more than this many bytes of messages while waiting for the
171 * logs to get configured. */
172 #define MAX_STARTUP_MSG_LEN (1<<16)
174 /** Lock the log_mutex to prevent others from changing the logfile_t list */
175 #define LOCK_LOGS() STMT_BEGIN \
176 raw_assert(log_mutex_initialized); \
177 tor_mutex_acquire(&log_mutex); \
178 STMT_END
179 /** Unlock the log_mutex */
180 #define UNLOCK_LOGS() STMT_BEGIN \
181 raw_assert(log_mutex_initialized); \
182 tor_mutex_release(&log_mutex); \
183 STMT_END
185 /** What's the lowest log level anybody cares about? Checking this lets us
186 * bail out early from log_debug if we aren't debugging. */
201 /** Name of the application: used to generate the message we write at the
202 * start of each new log. */
205 /** Set the "application name" for the logs to <b>name</b>: we'll use this
206 * name in the message we write when starting up, and at the start of each new
207 * log.
208 *
209 * Tor uses this string to write the version number to the log file. */
210 void
212 {
215 }
217 /** Return true if some of the running logs might be interested in a log
218 * message of the given severity in the given domains. If this function
219 * returns true, the log message might be ignored anyway, but if it returns
220 * false, it is definitely_ safe not to log the message. */
221 int
223 {
226 }
228 /**
229 * As tor_log, but takes an optional function name, and does not treat its
230 * <b>string</b> as a printf format.
231 *
232 * For use by Rust integration.
233 */
234 void
237 {
239 }
241 /** Log time granularity in milliseconds. */
244 /** Define log time granularity for all logs to be <b>granularity_msec</b>
245 * milliseconds. */
248 {
251 }
253 /** Helper: Write the standard prefix for log lines to a
254 * <b>buf_len</b> character buffer in <b>buf</b>.
255 */
258 {
273 }
282 else
284 }
286 /** If lf refers to an actual file that we have just opened, and the file
287 * contains no data, log an "opening new logfile" message at the top.
288 *
289 * Return -1 if the log is broken and needs to be deleted, else return 0.
290 */
291 static int
293 {
299 /* If it doesn't get closed, it isn't really a file. */
302 /* If it's temporary, it isn't really a file. */
308 /* We are resetting, but we aren't at the start of the file; no
309 * need to log again. */
318 }
322 }
324 /** Helper: Format a log message into a fixed-sized buffer. (This is
325 * factored out of <b>logv</b> so that we never format a message more
326 * than once.) Return a pointer to the first character of the message
327 * portion of the formatted string.
328 */
334 {
360 format_msg_no_room_for_domains:
361 /* This will leave end_of_prefix and n unchanged, and thus cause
362 * whatever log domain string we had written to be clobbered. */
363 ;
364 }
369 funcname);
372 else
374 }
379 }
383 /* The message was too long; overwrite the end of the buffer with
384 * "[...truncated]" */
387 /* We have an extra 2 characters after buf_len to hold the \n\0,
388 * so it's safe to add 1 to the size here. */
390 }
391 /* Set 'n' to the end of the buffer, where we'll be writing \n\0.
392 * Since we already subtracted 2 from buf_len, this is safe.*/
401 }
402 }
403 }
409 }
415 }
417 /* Create a new pending_log_message_t with appropriate values */
421 {
428 }
430 #define pending_log_message_free(msg) \
431 FREE_AND_NULL(pending_log_message_t, pending_log_message_free_, (msg))
433 /** Release all storage held by <b>msg</b>. */
434 static void
436 {
442 }
444 /** Helper function: returns true iff the log file, given in <b>lf</b>, is
445 * handled externally via the system log API, or is an
446 * external callback function. */
449 {
452 }
454 /** Return true iff <b>lf</b> would like to receive a message with the
455 * specified <b>severity</b> in the specified <b>domain</b>.
456 */
459 log_domain_mask_t domain)
460 {
463 }
466 }
469 }
472 }
474 /** Send a message to <b>lf</b>. The full message, with time prefix and
475 * severity, is in <b>buf</b>. The message itself is in
476 * <b>msg_after_prefix</b>. If <b>callbacks_deferred</b> points to true, then
477 * we already deferred this message for pending callbacks and don't need to do
478 * it again. Otherwise, if we need to do it, do it, and set
479 * <b>callbacks_deferred</b> to 1. */
484 {
487 #ifdef HAVE_SYSLOG_H
488 #ifdef MAXLINE
489 /* Some syslog implementations have limits on the length of what you can
490 * pass them, and some very old ones do not detect overflow so well.
491 * Regrettably, they call their maximum line length MAXLINE. */
492 #if MAXLINE < 64
494 #endif
501 }
503 /* We have syslog but not MAXLINE. That's promising! */
515 }
516 }
519 }
522 /* don't log the error! mark this log entry to be blown away, and
523 * continue. */
525 }
526 }
527 }
529 /** Helper: sends a message to the appropriate logfiles, at loglevel
530 * <b>severity</b>. If provided, <b>funcname</b> is prepended to the
531 * message. The actual message is derived as from tor_snprintf(format,ap).
532 */
536 {
544 /* Call raw_assert, not tor_assert, since tor_assert calls log on failure. */
546 /* check that severity is sane. Overrunning the masks array leads to
547 * interesting and hard to diagnose effects */
558 end_of_prefix =
566 }
573 end_of_prefix =
577 }
581 }
583 }
585 /** Output a message to the log. It gets logged to all logfiles that
586 * care about messages with <b>severity</b> in <b>domain</b>. The content
587 * is formatted printf-style based on <b>format</b> and extra arguments.
588 * */
589 void
591 {
594 /* check that domain is composed of known domains and flags */
600 #ifdef TOR_UNIT_TESTS
603 else
604 #endif
607 }
609 /** Helper function; return true iff the <b>n</b>-element array <b>array</b>
610 * contains <b>item</b>. */
611 static int
613 {
618 }
620 }
622 /** Function to call whenever the list of logs changes to get ready to log
623 * from signal handlers. */
624 void
626 {
630 /* The fds are the file descriptors of tor's stdout, stderr, and file
631 * logs. The log and err modules flush these fds during their shutdowns. */
636 /* Reserve the first one for stderr. This is safe because when we daemonize,
637 * we dup2 /dev/null to stderr. */
642 /* Don't try callback to the control port, syslogs, or any
643 * other non-file descriptor log: We can't call arbitrary functions from a
644 * signal handler.
645 */
653 /* Avoid duplicates by checking the log module fd against fds */
656 /* Update fds using the log module's fd */
658 n_fds++;
661 }
662 }
666 /* Don't use a virtual stderr when we're also logging to stdout.
667 * If we reached max_fds logs, we'll now have (max_fds - 1) logs.
668 * That's ok, max_fds is large enough that most tor instances don't exceed
669 * it. */
673 }
678 }
680 /** Add to <b>out</b> a copy of every currently configured log file name. Used
681 * to enable access to these filenames with the sandbox code. */
682 void
684 {
696 }
699 }
701 /** Implementation of the log_fn backend, used when we have
702 * variadic macros. All arguments are as for log_fn, except for
703 * <b>fn</b>, which is the name of the calling function. */
704 void
707 {
714 }
715 void
718 {
730 }
732 /** Free all storage held by <b>victim</b>. */
733 static void
735 {
741 }
743 /** Close all open log files, and free other static memory. */
744 void
746 {
763 }
768 });
774 });
776 }
778 /* We _could_ destroy the log mutex here, but that would screw up any logs
779 * that happened between here and the end of execution.
780 * If tor is re-initialized, log_mutex_initialized will still be 1. So we
781 * won't trigger any undefined behaviour by trying to re-initialize the
782 * log mutex. */
783 }
785 /** Flush the signal-safe log files.
786 *
787 * This function is safe to call from a signal handler. It is currently called
788 * by the BUG() macros, when terminating the process on an abnormal condition.
789 */
790 void
792 {
793 /* If we don't have fsync() in unistd.h, we can't flush the logs. */
794 #ifdef HAVE_FSYNC
796 /* We can't LOCK_LOGS() in a signal handler, because it may call
797 * signal-unsafe functions. And we can't deallocate memory, either. */
804 /* We can't do anything useful if the flush fails. */
806 }
807 }
809 }
811 /** Remove and free the log entry <b>victim</b> from the linked-list
812 * logfiles (it is probably present, but it might not be due to thread
813 * racing issues). After this function is called, the caller shouldn't
814 * refer to <b>victim</b> anymore.
815 */
816 static void
818 {
824 // raw_assert(tmpl);
825 // raw_assert(tmpl->next == victim);
829 }
831 }
833 /** Helper: release system resources (but not memory) held by a single
834 * signal-safe logfile_t. If the log's resources can not be released in
835 * a signal handler, does nothing. */
836 static void
838 {
840 /* We can't do anything useful here if close() fails: we're shutting
841 * down logging, and the err module only does fatal errors. */
844 }
845 }
847 /** Helper: release system resources (but not memory) held by a single
848 * logfile_t. */
849 static void
851 {
855 #ifdef HAVE_SYSLOG_H
857 /* There are no other syslogs; close the logging facility. */
859 }
861 }
862 }
864 /** Adjust a log severity configuration in <b>severity_out</b> to contain
865 * every domain between <b>loglevelMin</b> and <b>loglevelMax</b>, inclusive.
866 */
867 void
870 {
878 }
879 }
881 /** Add a log handler named <b>name</b> to send all messages in <b>severity</b>
882 * to <b>fd</b>. Copies <b>severity</b>. Helper: does no locking. */
886 {
896 }
898 /** Add a log handler named <b>name</b> to send all messages in <b>severity</b>
899 * to <b>fd</b>. Steals a reference to <b>severity</b>; the caller must
900 * not use it after calling this function. */
901 void
903 {
907 }
909 /** Initialize the global logging facility */
910 void
912 {
916 }
917 #ifdef __GNUC__
920 }
921 #endif
928 }
929 }
931 /** Set whether we report logging domains as a part of our log messages.
932 */
933 void
935 {
939 }
941 /** Add a log handler to accept messages when no other log is configured.
942 */
943 void
945 {
952 }
954 /**
955 * Register "cb" as the callback to call when there are new pending log
956 * callbacks to be flushed with flush_pending_log_callbacks().
957 *
958 * Note that this callback, if present, can be invoked from any thread.
959 *
960 * This callback must not log.
961 *
962 * It is intentional that this function contains the name "callback" twice: it
963 * sets a "callback" to be called on the condition that there is a "pending
964 * callback".
965 **/
966 void
968 {
970 }
972 /**
973 * Add a log handler to send messages in <b>severity</b>
974 * to the function <b>cb</b>.
975 */
976 int
978 {
992 }
994 /** Adjust the configured severity of any logs whose callback function is
995 * <b>cb</b>. */
996 void
998 log_callback cb)
999 {
1001 log_severity_list_t severities;
1007 }
1008 }
1011 }
1013 /** If there are any log messages that were generated with LD_NOCB waiting to
1014 * be sent to callback-based loggers, send them now. */
1015 void
1017 {
1025 }
1037 }
1039 }
1052 }
1054 /** Flush all the messages we stored from startup while waiting for log
1055 * initialization.
1056 */
1057 void
1059 {
1069 msg) {
1075 /* We configure a temporary startup log that goes to stdout, so we
1076 * shouldn't replay to stdout/stderr*/
1079 }
1083 }
1089 out:
1091 }
1093 /** Close any log handlers marked by mark_logs_temp(). */
1094 void
1096 {
1103 /* we use *p here to handle the edge case of the head of the list */
1109 }
1110 }
1114 }
1116 /** Make all currently temporary logs (set to be closed by close_temp_logs)
1117 * live again, and close all non-temporary logs. */
1118 void
1120 {
1127 }
1129 /** Configure all log handles to be closed by close_temp_logs(). */
1130 void
1132 {
1138 }
1140 /**
1141 * Add a log handler to send messages to <b>filename</b> via <b>fd</b>. If
1142 * opening the logfile failed, -1 is returned and errno is set appropriately
1143 * (by open(2)). Takes ownership of fd.
1144 */
1149 {
1157 }
1167 }
1171 }
1173 #ifdef HAVE_SYSLOG_H
1174 /**
1175 * Add a log handler to send messages to they system log facility.
1176 *
1177 * If this is the first log handler, opens syslog with ident Tor or
1178 * Tor-<syslog_identity_tag> if that is not NULL.
1179 */
1180 int
1183 {
1186 /* This is the first syslog. */
1192 }
1194 }
1208 }
1211 /** If <b>level</b> is a valid log severity, return the corresponding
1212 * numeric value. Otherwise, return -1. */
1213 int
1215 {
1227 }
1229 /** Return the string equivalent of a given log level. */
1232 {
1234 }
1236 /** NULL-terminated array of names for log domains such that domain_list[dom]
1237 * is a description of <b>dom</b>.
1238 *
1239 * Remember to update doc/man/tor.1.txt if you modify this list.
1240 * */
1246 NULL
1247 };
1255 /** Return a bitmask for the log domain for which <b>domain</b> is the name,
1256 * or 0 if there is no such name. */
1257 static log_domain_mask_t
1259 {
1264 }
1266 }
1268 /** Translate a bitmask of log domains to a string. */
1271 {
1286 }
1292 }
1300 cp++;
1301 }
1302 }
1304 /** Parse a log severity pattern in *<b>cfg_ptr</b>. Advance cfg_ptr after
1305 * the end of the severityPattern. Set the value of <b>severity_out</b> to
1306 * the parsed pattern. Return 0 on success, -1 on failure.
1307 *
1308 * The syntax for a SeverityPattern is:
1309 * <pre>
1310 * SeverityPattern = *(DomainSeverity SP)* DomainSeverity
1311 * DomainSeverity = (DomainList SP)? SeverityRange
1312 * SeverityRange = MinSeverity ("-" MaxSeverity )?
1313 * DomainList = "[" (SP? DomainSpec SP? ",") SP? DomainSpec "]"
1314 * DomainSpec = "*" | Domain | "~" Domain
1315 * </pre>
1316 * A missing MaxSeverity defaults to ERR. Severities and domains are
1317 * case-insensitive. "~" indicates negation for a domain; negation happens
1318 * last inside a DomainList. Only one SeverityRange without a DomainList is
1319 * allowed per line.
1320 */
1321 int
1324 {
1355 log_domain_mask_t d;
1360 }
1368 else
1370 }
1371 }
1379 else
1384 }
1390 }
1402 }
1417 }
1419 done:
1422 }
1424 /** Return the least severe log level that any current log is interested in. */
1425 int
1427 {
1435 }
1437 }
1439 /** Switch all logs to output at most verbose level. */
1440 void
1442 {
1449 }
1452 }
1454 /** Truncate all the log files. */
1455 void
1457 {
1462 }
1463 }
1464 }