mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 20:33:31 +01:00
Log SSL state changes at LOG_DEBUG, LD_HANDSHAKE.
This can be slightly useful for debugging blocking events. Addresses ticket 3116; based on loud_ssl_states branch.
This commit is contained in:
parent
8653f31d8d
commit
410e440a8d
4
changes/bug3264
Normal file
4
changes/bug3264
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
o Minor features:
|
||||||
|
- Log SSL state transitions at log level DEBUG, log domain
|
||||||
|
HANDSHAKE. This can be useful for debugging censorship events.
|
||||||
|
Implements ticket 3264.
|
@ -899,6 +899,13 @@ tor_tls_client_is_using_v2_ciphers(const SSL *ssl, const char *address)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
tor_tls_debug_state_callback(const SSL *ssl, int type, int val)
|
||||||
|
{
|
||||||
|
log_debug(LD_HANDSHAKE, "SSL %p is now in state %s [type=%d,val=%d].",
|
||||||
|
ssl, ssl_state_to_string(ssl->state), type, val);
|
||||||
|
}
|
||||||
|
|
||||||
/** Invoked when we're accepting a connection on <b>ssl</b>, and the connection
|
/** Invoked when we're accepting a connection on <b>ssl</b>, and the connection
|
||||||
* changes state. We use this:
|
* changes state. We use this:
|
||||||
* <ul><li>To alter the state of the handshake partway through, so we
|
* <ul><li>To alter the state of the handshake partway through, so we
|
||||||
@ -910,6 +917,9 @@ tor_tls_server_info_callback(const SSL *ssl, int type, int val)
|
|||||||
{
|
{
|
||||||
tor_tls_t *tls;
|
tor_tls_t *tls;
|
||||||
(void) val;
|
(void) val;
|
||||||
|
|
||||||
|
tor_tls_debug_state_callback(ssl, type, val);
|
||||||
|
|
||||||
if (type != SSL_CB_ACCEPT_LOOP)
|
if (type != SSL_CB_ACCEPT_LOOP)
|
||||||
return;
|
return;
|
||||||
if (ssl->state != SSL3_ST_SW_SRVR_HELLO_A)
|
if (ssl->state != SSL3_ST_SW_SRVR_HELLO_A)
|
||||||
@ -1096,8 +1106,11 @@ tor_tls_new(int sock, int isServer)
|
|||||||
#ifdef V2_HANDSHAKE_SERVER
|
#ifdef V2_HANDSHAKE_SERVER
|
||||||
if (isServer) {
|
if (isServer) {
|
||||||
SSL_set_info_callback(result->ssl, tor_tls_server_info_callback);
|
SSL_set_info_callback(result->ssl, tor_tls_server_info_callback);
|
||||||
}
|
} else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
|
SSL_set_info_callback(result->ssl, tor_tls_debug_state_callback);
|
||||||
|
}
|
||||||
|
|
||||||
/* Not expected to get called. */
|
/* Not expected to get called. */
|
||||||
tls_log_errors(NULL, LOG_WARN, LD_NET, "creating tor_tls_t object");
|
tls_log_errors(NULL, LOG_WARN, LD_NET, "creating tor_tls_t object");
|
||||||
@ -1131,7 +1144,7 @@ tor_tls_set_renegotiate_callback(tor_tls_t *tls,
|
|||||||
if (cb) {
|
if (cb) {
|
||||||
SSL_set_info_callback(tls->ssl, tor_tls_server_info_callback);
|
SSL_set_info_callback(tls->ssl, tor_tls_server_info_callback);
|
||||||
} else {
|
} else {
|
||||||
SSL_set_info_callback(tls->ssl, NULL);
|
SSL_set_info_callback(tls->ssl, tor_tls_debug_state_callback);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user