17c478bdstevel@tonic-gate/*
27c478bdstevel@tonic-gate * CDDL HEADER START
37c478bdstevel@tonic-gate *
47c478bdstevel@tonic-gate * The contents of this file are subject to the terms of the
5a7e661aAnthony Scarpino * Common Development and Distribution License (the "License").
6a7e661aAnthony Scarpino * You may not use this file except in compliance with the License.
77c478bdstevel@tonic-gate *
87c478bdstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bdstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bdstevel@tonic-gate * See the License for the specific language governing permissions
117c478bdstevel@tonic-gate * and limitations under the License.
127c478bdstevel@tonic-gate *
137c478bdstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bdstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bdstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bdstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bdstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bdstevel@tonic-gate *
197c478bdstevel@tonic-gate * CDDL HEADER END
207c478bdstevel@tonic-gate */
217c478bdstevel@tonic-gate/*
22a7e661aAnthony Scarpino * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
237c478bdstevel@tonic-gate * Use is subject to license terms.
247c478bdstevel@tonic-gate */
257c478bdstevel@tonic-gate
267c478bdstevel@tonic-gate#include <stdio.h>
277c478bdstevel@tonic-gate#include <stdlib.h>
287c478bdstevel@tonic-gate#include <stdarg.h>
297c478bdstevel@tonic-gate#include <syslog.h>
307c478bdstevel@tonic-gate#include <string.h>
317c478bdstevel@tonic-gate#include <cryptoutil.h>
327c478bdstevel@tonic-gate
337c478bdstevel@tonic-gate#define	CRYPTO_DEBUG_ENV	"SUNW_CRYPTO_DEBUG"
347c478bdstevel@tonic-gate
357c478bdstevel@tonic-gatestatic char *_cryptodebug_prefix = NULL;
367c478bdstevel@tonic-gatestatic int _cryptodebug_enabled = -1; /* -1 unknown, 0 disabled, 1 enabled */
37a7e661aAnthony Scarpinostatic int _cryptoerror_enabled = 1; /* 0 disabled, 1 enabled */
387c478bdstevel@tonic-gatestatic boolean_t _cryptodebug_syslog = B_TRUE;
397c478bdstevel@tonic-gate
407c478bdstevel@tonic-gate/*PRINTFLIKE1*/
417c478bdstevel@tonic-gatevoid
427c478bdstevel@tonic-gatecryptodebug(const char *fmt, ...)
437c478bdstevel@tonic-gate{
447c478bdstevel@tonic-gate	va_list args;
457c478bdstevel@tonic-gate	char fmtbuf[BUFSIZ];
467c478bdstevel@tonic-gate	char msgbuf[BUFSIZ];
477c478bdstevel@tonic-gate
487c478bdstevel@tonic-gate	if (fmt == NULL || _cryptodebug_enabled != 1)
497c478bdstevel@tonic-gate		return;
507c478bdstevel@tonic-gate
517c478bdstevel@tonic-gate	va_start(args, fmt);
527c478bdstevel@tonic-gate	if (_cryptodebug_prefix == NULL) {
537c478bdstevel@tonic-gate		(void) vsnprintf(msgbuf, sizeof (msgbuf), fmt, args);
547c478bdstevel@tonic-gate	} else {
557c478bdstevel@tonic-gate		(void) snprintf(fmtbuf, sizeof (fmtbuf), "%s: %s",
567c478bdstevel@tonic-gate		    _cryptodebug_prefix, fmt);
577c478bdstevel@tonic-gate		(void) vsnprintf(msgbuf, sizeof (msgbuf), fmtbuf, args);
587c478bdstevel@tonic-gate	}
597c478bdstevel@tonic-gate
607c478bdstevel@tonic-gate	if (_cryptodebug_syslog) {
617c478bdstevel@tonic-gate		syslog(LOG_DEBUG, msgbuf);
627c478bdstevel@tonic-gate	} else {
637c478bdstevel@tonic-gate		(void) fprintf(stderr, "%s\n", msgbuf);
647c478bdstevel@tonic-gate	}
657c478bdstevel@tonic-gate	va_end(args);
667c478bdstevel@tonic-gate}
677c478bdstevel@tonic-gate
687c478bdstevel@tonic-gate/*
697c478bdstevel@tonic-gate * cryptoerror
707c478bdstevel@tonic-gate *
717c478bdstevel@tonic-gate * This is intended to be used both by interactive commands like cryptoadm(1m)
727c478bdstevel@tonic-gate * digest(1) etc, and by libraries libpkcs11, libelfsign etc.
737c478bdstevel@tonic-gate *
747c478bdstevel@tonic-gate * A library probably wants most (all?) of its errors going to syslog but
757c478bdstevel@tonic-gate * commands are usually happy for them to go to stderr.
767c478bdstevel@tonic-gate *
777c478bdstevel@tonic-gate * If a syslog priority is passed we log on that priority.  Otherwise we
787c478bdstevel@tonic-gate * use LOG_STDERR to mean use stderr instead. LOG_STDERR is defined in
797c478bdstevel@tonic-gate * cryptoutil.h
807c478bdstevel@tonic-gate */
817c478bdstevel@tonic-gate
827c478bdstevel@tonic-gate/*PRINTFLIKE2*/
837c478bdstevel@tonic-gatevoid
847c478bdstevel@tonic-gatecryptoerror(int priority, const char *fmt, ...)
857c478bdstevel@tonic-gate{
867c478bdstevel@tonic-gate	char fmtbuf[BUFSIZ];
877c478bdstevel@tonic-gate	char msgbuf[BUFSIZ];
887c478bdstevel@tonic-gate	va_list args;
897c478bdstevel@tonic-gate
90a7e661aAnthony Scarpino	if (fmt == NULL || _cryptoerror_enabled == 0)
917c478bdstevel@tonic-gate		return;
927c478bdstevel@tonic-gate
937c478bdstevel@tonic-gate	va_start(args, fmt);
947c478bdstevel@tonic-gate	if (_cryptodebug_prefix == NULL) {
957c478bdstevel@tonic-gate		(void) vsnprintf(msgbuf, sizeof (msgbuf), fmt, args);
967c478bdstevel@tonic-gate	} else {
977c478bdstevel@tonic-gate		(void) snprintf(fmtbuf, sizeof (fmtbuf), "%s: %s",
987c478bdstevel@tonic-gate		    _cryptodebug_prefix, fmt);
997c478bdstevel@tonic-gate		(void) vsnprintf(msgbuf, sizeof (msgbuf), fmtbuf, args);
1007c478bdstevel@tonic-gate	}
1017c478bdstevel@tonic-gate
1027c478bdstevel@tonic-gate	if ((priority == LOG_STDERR) || (priority < 0))  {
1037c478bdstevel@tonic-gate		(void) fprintf(stderr, "%s\n", msgbuf);
1047c478bdstevel@tonic-gate	} else {
1057c478bdstevel@tonic-gate		syslog(priority, msgbuf);
1067c478bdstevel@tonic-gate	}
1077c478bdstevel@tonic-gate	va_end(args);
1087c478bdstevel@tonic-gate}
1097c478bdstevel@tonic-gate
1107c478bdstevel@tonic-gatevoid
111a7e661aAnthony Scarpinocryptoerror_off()
112a7e661aAnthony Scarpino{
113a7e661aAnthony Scarpino	_cryptoerror_enabled = 0;
114a7e661aAnthony Scarpino}
115a7e661aAnthony Scarpino
116a7e661aAnthony Scarpinovoid
117a7e661aAnthony Scarpinocryptoerror_on()
118a7e661aAnthony Scarpino{
119a7e661aAnthony Scarpino	_cryptoerror_enabled = 1;
120a7e661aAnthony Scarpino}
121a7e661aAnthony Scarpino
122a7e661aAnthony Scarpinovoid
1237c478bdstevel@tonic-gatecryptodebug_init(const char *prefix)
1247c478bdstevel@tonic-gate{
1257c478bdstevel@tonic-gate	char *envval = NULL;
1267c478bdstevel@tonic-gate
1277c478bdstevel@tonic-gate	if (prefix != NULL) {
1287c478bdstevel@tonic-gate		_cryptodebug_prefix = strdup(prefix);
1297c478bdstevel@tonic-gate	}
1307c478bdstevel@tonic-gate
1317c478bdstevel@tonic-gate	if (_cryptodebug_enabled == -1) {
1327c478bdstevel@tonic-gate		envval = getenv(CRYPTO_DEBUG_ENV);
1337c478bdstevel@tonic-gate		/*
1347c478bdstevel@tonic-gate		 * If unset or it isn't one of syslog or stderr
1357c478bdstevel@tonic-gate		 * disable debug.
1367c478bdstevel@tonic-gate		 */
1377c478bdstevel@tonic-gate		if (envval == NULL || (strcmp(envval, "") == 0)) {
1387c478bdstevel@tonic-gate			_cryptodebug_enabled = 0;
1397c478bdstevel@tonic-gate			return;
1407c478bdstevel@tonic-gate		} else if (strcmp(envval, "stderr") == 0) {
1417c478bdstevel@tonic-gate			_cryptodebug_syslog = B_FALSE;
1427c478bdstevel@tonic-gate			_cryptodebug_enabled = 1;
1437c478bdstevel@tonic-gate		} else if (strcmp(envval, "syslog") == 0) {
1447c478bdstevel@tonic-gate			_cryptodebug_syslog = B_TRUE;
1457c478bdstevel@tonic-gate			_cryptodebug_enabled = 1;
1467c478bdstevel@tonic-gate		}
1477c478bdstevel@tonic-gate	}
1487c478bdstevel@tonic-gate
1497c478bdstevel@tonic-gate	openlog(_cryptodebug_prefix, LOG_PID, LOG_USER);
1507c478bdstevel@tonic-gate}
1517c478bdstevel@tonic-gate
1527c478bdstevel@tonic-gate#pragma fini(_cryptodebug_fini)
1537c478bdstevel@tonic-gate
1547c478bdstevel@tonic-gatestatic void
1557c478bdstevel@tonic-gate_cryptodebug_fini(void)
1567c478bdstevel@tonic-gate{
1577c478bdstevel@tonic-gate	if (_cryptodebug_prefix != NULL)
1587c478bdstevel@tonic-gate		free(_cryptodebug_prefix);
1597c478bdstevel@tonic-gate}
160