aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPřemysl Janouch <p.janouch@gmail.com>2015-07-12 05:38:58 +0200
committerPřemysl Janouch <p.janouch@gmail.com>2015-07-12 05:42:07 +0200
commitc3243c8f502e66d0dc22099392665a62c6b6d48b (patch)
treedbb6316935ee3dbd2e4e5c4e923e33c651acc690
parentd5a153bbe3134a37dc4bcee0ab9a10c4b59f8d2e (diff)
downloadxK-c3243c8f502e66d0dc22099392665a62c6b6d48b.tar.gz
xK-c3243c8f502e66d0dc22099392665a62c6b6d48b.tar.xz
xK-c3243c8f502e66d0dc22099392665a62c6b6d48b.zip
kike: add some OpenSSL information to debug log
-rw-r--r--kike.c33
1 files changed, 33 insertions, 0 deletions
diff --git a/kike.c b/kike.c
index d2766d7..108ef72 100644
--- a/kike.c
+++ b/kike.c
@@ -3445,6 +3445,36 @@ irc_ssl_verify_callback (int verify_ok, X509_STORE_CTX *ctx)
return 1;
}
+static void
+irc_ssl_info_callback (const SSL *ssl, int where, int ret)
+{
+ // For debugging only; provides us with the most important information
+
+ struct str s;
+ str_init (&s);
+
+ if (where & SSL_CB_LOOP)
+ str_append_printf (&s, "loop (%s) ",
+ SSL_state_string_long (ssl));
+ if (where & SSL_CB_EXIT)
+ str_append_printf (&s, "exit (%d in %s) ", ret,
+ SSL_state_string_long (ssl));
+
+ if (where & SSL_CB_READ) str_append (&s, "read ");
+ if (where & SSL_CB_WRITE) str_append (&s, "write ");
+
+ if (where & SSL_CB_ALERT)
+ str_append_printf (&s, "alert (%s: %s) ",
+ SSL_alert_type_string_long (ret),
+ SSL_alert_desc_string_long (ret));
+
+ if (where & SSL_CB_HANDSHAKE_START) str_append (&s, "handshake start ");
+ if (where & SSL_CB_HANDSHAKE_DONE) str_append (&s, "handshake done ");
+
+ print_debug ("ssl <%p> %s", ssl, s.str);
+ str_free (&s);
+}
+
static bool
irc_initialize_ssl_ctx (struct server_context *ctx,
const char *cert_path, const char *key_path, struct error **e)
@@ -3462,6 +3492,9 @@ irc_initialize_ssl_ctx (struct server_context *ctx,
SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, irc_ssl_verify_callback);
// XXX: maybe we should call SSL_CTX_set_options() for some workarounds
+ if (g_debug_mode)
+ SSL_CTX_set_info_callback (ctx->ssl_ctx, irc_ssl_info_callback);
+
const unsigned char session_id_context[SSL_MAX_SSL_SESSION_ID_LENGTH]
= PROGRAM_NAME;
(void) SSL_CTX_set_session_id_context (ctx->ssl_ctx,