Add more log statements for protocol/internal failures

src/or/command.c

@@ -149,10 +149,15 @@ command_process_cell(cell_t *cell, or_connection_t *conn)
 #endif
 
   /* Reject all but VERSIONS and NETINFO when handshaking. */
+  /* (VERSIONS should actually be impossible; it's variable-length.) */
   if (handshaking && cell->command != CELL_VERSIONS &&
-      cell->command != CELL_NETINFO)
+      cell->command != CELL_NETINFO) {
+    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+           "Received unexpected cell command %d in state %s; ignoring it.",
+           (int)cell->command,
+           conn_state_to_string(CONN_TYPE_OR,conn->_base.state));
     return;
-  /* XXXX VERSIONS should be impossible; it's variable-length. */
+  }
 
   if (conn->_base.state == OR_CONN_STATE_OR_HANDSHAKING_V3)
     or_handshake_state_record_cell(conn->handshake_state, cell, 1);
@@ -239,18 +244,37 @@ command_process_var_cell(var_cell_t *cell, or_connection_t *conn)
 
       /* fall through */
     case OR_CONN_STATE_TLS_SERVER_RENEGOTIATING:
-      if (cell->command != CELL_VERSIONS)
-        return; /*XXXX023 log*/
+      if (cell->command != CELL_VERSIONS) {
+        log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+               "Received a non-VERSIONS cell with command %d in state %s; "
+               "ignoring it.",
+               (int)cell->command,
+               conn_state_to_string(CONN_TYPE_OR,conn->_base.state));
+        return;
+      }
       break;
     case OR_CONN_STATE_OR_HANDSHAKING_V3:
       if (cell->command != CELL_AUTHENTICATE)
         or_handshake_state_record_var_cell(conn->handshake_state, cell, 1);
       break; /* Everything is allowed */
     case OR_CONN_STATE_OPEN:
-      if (conn->link_proto < 3)
+      if (conn->link_proto < 3) {
+        log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+               "Received a variable-length cell with command %d in state %s "
+               "with link protocol %d; ignoring it.",
+               (int)cell->command,
+               conn_state_to_string(CONN_TYPE_OR,conn->_base.state),
+               (int)conn->link_proto);
         return;
+      }
+      break;
     default:
-      /*XXXX023 log */
+      log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+             "Received var-length cell with command %d in unexpected state "
+             "%s [%d]; ignoring it.",
+             (int)cell->command,
+             conn_state_to_string(CONN_TYPE_OR,conn->_base.state),
+             (int)conn->_base.state);
       return;
   }
 

src/or/connection_or.c

@@ -2176,15 +2176,20 @@ connection_or_send_authenticate_cell(or_connection_t *conn, int authtype)
   int cell_maxlen;
   /* XXXX make sure we're actually supposed to send this! */
 
-  if (!pk)
-    return -1;/*XXXX log*/
-  if (authtype != AUTHTYPE_RSA_SHA256_TLSSECRET)
-    return -1;/*XXXX log*/
+  if (!pk) {
+    log_warn(LD_BUG, "Unable to compute authenticate cell: no client auth key");
+    return -1;
+  }
+  if (authtype != AUTHTYPE_RSA_SHA256_TLSSECRET) {
+    log_warn(LD_BUG, "Tried to send authenticate cell with unknown "
+             "authentication type %d", authtype);
+    return -1;
+  }
 
   cell_maxlen = 4 + /* overhead */
     V3_AUTH_BODY_LEN + /* Authentication body */
     crypto_pk_keysize(pk) + /* Max signature length */
-    16 /* just in case XXXX */ ;
+    16 /* add a few extra bytes just in case. */;
 
   cell = var_cell_new(cell_maxlen);
   cell->command = CELL_AUTHENTICATE;
@@ -2197,7 +2202,7 @@ connection_or_send_authenticate_cell(or_connection_t *conn, int authtype)
                                                          pk,
                                                          0 /* not server */);
   if (authlen < 0) {
-    /* XXXX log */
+    log_warn(LD_BUG, "Unable to compute authenticate cell!");
     var_cell_free(cell);
     return -1;
   }