Module: sip-router Branch: andrei/tcp_tls_changes Commit: 6c4a531df862b46dadc62e679da091c07989ff46 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=6c4a531… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Sun Aug 15 18:51:38 2010 +0200 tls: added debug log level modparam The log level used for debug messages can now be configured via the new tls_debug modparam. It can be also changed at runtime (tls.debug). Note that for now debug messages will be logged only if tls is compiled with one of -DTLS_RD_DEBUG, -DTLS_WR_DEBUG or -DTLS_BIO_DEBUG. --- modules/tls/tls_bio.c | 7 +++++-- modules/tls/tls_cfg.c | 5 ++++- modules/tls/tls_cfg.h | 1 + modules/tls/tls_mod.c | 3 ++- modules/tls/tls_server.c | 6 ++++-- 5 files changed, 16 insertions(+), 6 deletions(-) diff --git a/modules/tls/tls_bio.c b/modules/tls/tls_bio.c index c9b4af0..1013bf7 100644 --- a/modules/tls/tls_bio.c +++ b/modules/tls/tls_bio.c @@ -32,6 +32,7 @@ #include "../../compiler_opt.h" #include "../../dprint.h" #include "../../ut.h" +#include "tls_cfg.h" /* 0xf2 should be unused (as of openssl 1.0.0 max. internal defined BIO is 23) */ @@ -44,10 +45,12 @@ #ifdef TLS_BIO_DEBUG #ifdef __SUNPRO_C #define TLS_BIO_DBG(...) \ - LOG_(DEFAULT_FACILITY, L_INFO, "tls_BIO: " LOC_INFO, __VA_ARGS__) + LOG_(DEFAULT_FACILITY, cfg_get(tls, tls_cfg, debug),\ + "tls_BIO: " LOC_INFO, __VA_ARGS__) #else #define TLS_BIO_DBG(args...) \ - LOG_(DEFAULT_FACILITY, L_INFO, "tls_BIO: " LOC_INFO, ## args) + LOG_(DEFAULT_FACILITY, cfg_get(tls, tls_cfg, debug),\ + "tls_BIO: " LOC_INFO, ## args) #endif /* __SUNPRO_c */ #else /* TLS_BIO_DEBUG */ #ifdef __SUNPRO_C diff --git a/modules/tls/tls_cfg.c b/modules/tls/tls_cfg.c index 88b9b0f..046e202 100644 --- a/modules/tls/tls_cfg.c +++ b/modules/tls/tls_cfg.c @@ -50,7 +50,8 @@ struct cfg_group_tls default_tls_cfg = { 0, /* session_cache */ STR_STATIC_INIT("sip-router-tls-3.1"), /* session_id */ STR_NULL, /* config_file */ - 3, /* log */ + 3, /* log (L_DBG)*/ + 3, /* debug (L_DBG) */ 600, /* con_lifetime (s)*/ 1, /* disable_compression */ #if OPENSSL_VERSION_NUMBER >= 0x01000000L @@ -164,6 +165,8 @@ cfg_def_t tls_cfg_def[] = { "tls config file name (used for the per domain options)" }, {"log", CFG_VAR_INT | CFG_ATOMIC, 0, 1000, 0, 0, "tls info messages log level" }, + {"debug", CFG_VAR_INT | CFG_ATOMIC, 0, 1000, 0, 0, + "tls debug messages log level" }, {"connection_timeout", CFG_VAR_INT | CFG_ATOMIC, -1, MAX_TLS_CON_LIFETIME, fix_con_lt, 0, "initial connection lifetime (in s) (obsolete)" }, diff --git a/modules/tls/tls_cfg.h b/modules/tls/tls_cfg.h index eea7292..9ec2570 100644 --- a/modules/tls/tls_cfg.h +++ b/modules/tls/tls_cfg.h @@ -54,6 +54,7 @@ struct cfg_group_tls { str session_id; str config_file; int log; + int debug; int con_lifetime; int disable_compression; /* release internal openssl read or write buffer when they are no longer diff --git a/modules/tls/tls_mod.c b/modules/tls/tls_mod.c index 895d18e..19518f8 100644 --- a/modules/tls/tls_mod.c +++ b/modules/tls/tls_mod.c @@ -194,7 +194,8 @@ static param_export_t params[] = { {"certificate", PARAM_STR, &default_tls_cfg.certificate }, {"cipher_list", PARAM_STR, &default_tls_cfg.cipher_list }, {"connection_timeout", PARAM_INT, &default_tls_cfg.con_lifetime }, - {"tls_log", PARAM_INT, &default_tls_cfg.log }, + {"tls_log", PARAM_INT, &default_tls_cfg.log }, + {"tls_debug", PARAM_INT, &default_tls_cfg.debug }, {"session_cache", PARAM_INT, &default_tls_cfg.session_cache}, {"session_id", PARAM_STR, &default_tls_cfg.session_id }, {"config", PARAM_STR, &default_tls_cfg.config_file }, diff --git a/modules/tls/tls_server.c b/modules/tls/tls_server.c index 122141e..a910767 100644 --- a/modules/tls/tls_server.c +++ b/modules/tls/tls_server.c @@ -90,11 +90,13 @@ #ifdef TLS_F_DEBUG #ifdef __SUNPRO_C #define TLS_F_TRACE(fmt, ...) \ - LOG_(DEFAULT_FACILITY, L_INFO, "TLS_TRACE: " LOC_INFO, " %s" fmt,\ + LOG_(DEFAULT_FACILITY, cfg_get(tls, tls_cfg, debug),\ + "TLS_TRACE: " LOC_INFO, " %s" fmt,\ _FUNC_NAME_, __VA_ARGS__) #else #define TLS_F_TRACE(fmt, args...) \ - LOG_(DEFAULT_FACILITY, L_INFO, "TLS_TRACE: " LOC_INFO, " %s" fmt,\ + LOG_(DEFAULT_FACILITY, cfg_get(tls, tls_cfg, debug),\ + "TLS_TRACE: " LOC_INFO, " %s" fmt,\ _FUNC_NAME_, ## args) #endif /* __SUNPRO_c */ #else /* TLS_F_DEBUG */