interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Print GnuTLS debug messages

This commit is contained in:
Willem Toorop 2020-03-05 13:39:30 +01:00
parent ef455471f4
commit c234865a80
1 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/gnutls/tls.c
View File

@ -166,9 +166,15 @@ static getdns_return_t error_may_want_read_write(_getdns_tls_connection* conn, i
else else
return GETDNS_RETURN_TLS_WANT_WRITE; return GETDNS_RETURN_TLS_WANT_WRITE;
case GNUTLS_E_FATAL_ALERT_RECEIVED: case GNUTLS_E_FATAL_ALERT_RECEIVED:
DEBUG_STUB("GNUTLS fatal alert: \"%s\"\n", _getdns_log( conn->log
gnutls_alert_get_name(gnutls_alert_get(conn->tls))); , GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_ERR
, "%s %s %d (%s)\n"
, STUB_DEBUG_SETUP_TLS
, "Error in TLS handshake"
, (int)gnutls_alert_get(conn->tls)
, gnutls_alert_get_name(gnutls_alert_get(conn->tls))
);
/* fallthrough */
default: default:
return GETDNS_RETURN_GENERIC_ERROR; return GETDNS_RETURN_GENERIC_ERROR;
} }
@ -322,6 +328,11 @@ getdns_return_t _getdns_tls_context_set_ca(_getdns_tls_context* ctx, const char*
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
} }
void _getdns_gnutls_stub_log(int level, const char *msg)
{
DEBUG_STUB("GnuTLS log (%.2d): %s", level, msg);
}
_getdns_tls_connection* _getdns_tls_connection_new(struct mem_funcs* mfs, _getdns_tls_context* ctx, int fd, const getdns_log_config* log) _getdns_tls_connection* _getdns_tls_connection_new(struct mem_funcs* mfs, _getdns_tls_context* ctx, int fd, const getdns_log_config* log)
{ {
_getdns_tls_connection* res; _getdns_tls_connection* res;
@ -356,6 +367,8 @@ _getdns_tls_connection* _getdns_tls_connection_new(struct mem_funcs* mfs, _getdn
gnutls_certificate_set_x509_trust_dir(res->cred, ctx->ca_trust_path, GNUTLS_X509_FMT_PEM); gnutls_certificate_set_x509_trust_dir(res->cred, ctx->ca_trust_path, GNUTLS_X509_FMT_PEM);
} }
gnutls_global_set_log_level(99);
gnutls_global_set_log_function(_getdns_gnutls_stub_log);
if (gnutls_init(&res->tls, GNUTLS_CLIENT | GNUTLS_NONBLOCK) != GNUTLS_E_SUCCESS) if (gnutls_init(&res->tls, GNUTLS_CLIENT | GNUTLS_NONBLOCK) != GNUTLS_E_SUCCESS)
goto failed; goto failed;
if (set_connection_ciphers(res) != GNUTLS_E_SUCCESS) { if (set_connection_ciphers(res) != GNUTLS_E_SUCCESS) {