From c3243c8f502e66d0dc22099392665a62c6b6d48b Mon Sep 17 00:00:00 2001 From: Přemysl Janouch Date: Sun, 12 Jul 2015 05:38:58 +0200 Subject: kike: add some OpenSSL information to debug log --- kike.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/kike.c b/kike.c index d2766d7..108ef72 100644 --- a/kike.c +++ b/kike.c @@ -3445,6 +3445,36 @@ irc_ssl_verify_callback (int verify_ok, X509_STORE_CTX *ctx) return 1; } +static void +irc_ssl_info_callback (const SSL *ssl, int where, int ret) +{ + // For debugging only; provides us with the most important information + + struct str s; + str_init (&s); + + if (where & SSL_CB_LOOP) + str_append_printf (&s, "loop (%s) ", + SSL_state_string_long (ssl)); + if (where & SSL_CB_EXIT) + str_append_printf (&s, "exit (%d in %s) ", ret, + SSL_state_string_long (ssl)); + + if (where & SSL_CB_READ) str_append (&s, "read "); + if (where & SSL_CB_WRITE) str_append (&s, "write "); + + if (where & SSL_CB_ALERT) + str_append_printf (&s, "alert (%s: %s) ", + SSL_alert_type_string_long (ret), + SSL_alert_desc_string_long (ret)); + + if (where & SSL_CB_HANDSHAKE_START) str_append (&s, "handshake start "); + if (where & SSL_CB_HANDSHAKE_DONE) str_append (&s, "handshake done "); + + print_debug ("ssl <%p> %s", ssl, s.str); + str_free (&s); +} + static bool irc_initialize_ssl_ctx (struct server_context *ctx, const char *cert_path, const char *key_path, struct error **e) @@ -3462,6 +3492,9 @@ irc_initialize_ssl_ctx (struct server_context *ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, irc_ssl_verify_callback); // XXX: maybe we should call SSL_CTX_set_options() for some workarounds + if (g_debug_mode) + SSL_CTX_set_info_callback (ctx->ssl_ctx, irc_ssl_info_callback); + const unsigned char session_id_context[SSL_MAX_SSL_SESSION_ID_LENGTH] = PROGRAM_NAME; (void) SSL_CTX_set_session_id_context (ctx->ssl_ctx, -- cgit v1.2.3-70-g09d2