[tor/master] Log SSL state changes at LOG_DEBUG, LD_HANDSHAKE.
commit 410e440a8d40e556cc445a1ecc6a8ed4109434b6 Author: Nick Mathewson <nickm@torproject.org> Date: Wed Oct 6 23:17:35 2010 -0400 Log SSL state changes at LOG_DEBUG, LD_HANDSHAKE. This can be slightly useful for debugging blocking events. Addresses ticket 3116; based on loud_ssl_states branch. --- changes/bug3264 | 4 ++++ src/common/tortls.c | 17 +++++++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/changes/bug3264 b/changes/bug3264 new file mode 100644 index 0000000..dcd0a84 --- /dev/null +++ b/changes/bug3264 @@ -0,0 +1,4 @@ + o Minor features: + - Log SSL state transitions at log level DEBUG, log domain + HANDSHAKE. This can be useful for debugging censorship events. + Implements ticket 3264. diff --git a/src/common/tortls.c b/src/common/tortls.c index aaf2fda..94ca81b 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -899,6 +899,13 @@ tor_tls_client_is_using_v2_ciphers(const SSL *ssl, const char *address) return 1; } +static void +tor_tls_debug_state_callback(const SSL *ssl, int type, int val) +{ + log_debug(LD_HANDSHAKE, "SSL %p is now in state %s [type=%d,val=%d].", + ssl, ssl_state_to_string(ssl->state), type, val); +} + /** Invoked when we're accepting a connection on <b>ssl</b>, and the connection * changes state. We use this: * <ul><li>To alter the state of the handshake partway through, so we @@ -910,6 +917,9 @@ tor_tls_server_info_callback(const SSL *ssl, int type, int val) { tor_tls_t *tls; (void) val; + + tor_tls_debug_state_callback(ssl, type, val); + if (type != SSL_CB_ACCEPT_LOOP) return; if (ssl->state != SSL3_ST_SW_SRVR_HELLO_A) @@ -1096,8 +1106,11 @@ tor_tls_new(int sock, int isServer) #ifdef V2_HANDSHAKE_SERVER if (isServer) { SSL_set_info_callback(result->ssl, tor_tls_server_info_callback); - } + } else #endif + { + SSL_set_info_callback(result->ssl, tor_tls_debug_state_callback); + } /* Not expected to get called. */ tls_log_errors(NULL, LOG_WARN, LD_NET, "creating tor_tls_t object"); @@ -1131,7 +1144,7 @@ tor_tls_set_renegotiate_callback(tor_tls_t *tls, if (cb) { SSL_set_info_callback(tls->ssl, tor_tls_server_info_callback); } else { - SSL_set_info_callback(tls->ssl, NULL); + SSL_set_info_callback(tls->ssl, tor_tls_debug_state_callback); } #endif }
participants (1)
-
nickm@torproject.org