Skip to content

Commit

Permalink
Refactor SSL/TLS debug code
Browse files Browse the repository at this point in the history
  • Loading branch information
@droe
droe committed Nov 5, 2014
1 parent 601cdf5 commit 206c688
Show file tree
Hide file tree
Showing 3 changed files with 48 additions and 37 deletions.
38 changes: 1 addition & 37 deletions main.c
View file
Expand Up @@ -600,43 +600,7 @@ main(int argc, char *argv[])
/* debugging */
if (OPTS_DEBUG(opts)) {
main_version();
log_dbg_printf("SSL/TLS protocol: %s%s%s%s%s%s\n",
#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
(opts->sslmethod == SSLv2_method) ? "nossl2" :
#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
#ifdef SSL_OP_NO_SSLv3
(opts->sslmethod == SSLv3_method) ? "ssl3" :
#endif /* SSL_OP_NO_SSLv3 */
#ifdef SSL_OP_NO_TLSv1
(opts->sslmethod == TLSv1_method) ? "tls10" :
#endif /* SSL_OP_NO_TLSv1 */
#ifdef SSL_OP_NO_TLSv1_1
(opts->sslmethod == TLSv1_1_method) ? "tls11" :
#endif /* SSL_OP_NO_TLSv1_1 */
#ifdef SSL_OP_NO_TLSv1_2
(opts->sslmethod == TLSv1_2_method) ? "tls12" :
#endif /* SSL_OP_NO_TLSv1_2 */
"negotiate",
#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
opts->no_ssl2 ? " -ssl2" :
#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
"",
#ifdef SSL_OP_NO_SSLv3
opts->no_ssl3 ? " -ssl3" :
#endif /* SSL_OP_NO_SSLv3 */
"",
#ifdef SSL_OP_NO_TLSv1
opts->no_tls10 ? " -tls10" :
#endif /* SSL_OP_NO_TLSv1 */
"",
#ifdef SSL_OP_NO_TLSv1_1
opts->no_tls11 ? " -tls11" :
#endif /* SSL_OP_NO_TLSv1_1 */
"",
#ifdef SSL_OP_NO_TLSv1_2
opts->no_tls12 ? " -tls12" :
#endif /* SSL_OP_NO_TLSv1_2 */
"");
opts_proto_dbg_dump(opts);
log_dbg_printf("proxyspecs:\n");
for (proxyspec_t *spec = opts->spec; spec; spec = spec->next) {
char *lbuf, *cbuf = NULL;
Expand Down
46 changes: 46 additions & 0 deletions opts.c
View file
Expand Up @@ -29,6 +29,7 @@
#include "opts.h"

#include "sys.h"
#include "log.h"

#include <string.h>
#include <sys/types.h>
Expand Down Expand Up @@ -208,6 +209,51 @@ opts_proto_disable(opts_t *opts, const char *optarg, const char *argv0)
}
}

/*
* Dump the SSL/TLS protocol related configuration to the debug log.
*/
void
opts_proto_dbg_dump(opts_t *opts)
{
log_dbg_printf("SSL/TLS protocol: %s%s%s%s%s%s\n",
#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
(opts->sslmethod == SSLv2_method) ? "nossl2" :
#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
#ifdef SSL_OP_NO_SSLv3
(opts->sslmethod == SSLv3_method) ? "ssl3" :
#endif /* SSL_OP_NO_SSLv3 */
#ifdef SSL_OP_NO_TLSv1
(opts->sslmethod == TLSv1_method) ? "tls10" :
#endif /* SSL_OP_NO_TLSv1 */
#ifdef SSL_OP_NO_TLSv1_1
(opts->sslmethod == TLSv1_1_method) ? "tls11" :
#endif /* SSL_OP_NO_TLSv1_1 */
#ifdef SSL_OP_NO_TLSv1_2
(opts->sslmethod == TLSv1_2_method) ? "tls12" :
#endif /* SSL_OP_NO_TLSv1_2 */
"negotiate",
#if defined(SSL_OP_NO_SSLv2) && defined(WITH_SSLV2)
opts->no_ssl2 ? " -ssl2" :
#endif /* SSL_OP_NO_SSLv2 && WITH_SSLV2 */
"",
#ifdef SSL_OP_NO_SSLv3
opts->no_ssl3 ? " -ssl3" :
#endif /* SSL_OP_NO_SSLv3 */
"",
#ifdef SSL_OP_NO_TLSv1
opts->no_tls10 ? " -tls10" :
#endif /* SSL_OP_NO_TLSv1 */
"",
#ifdef SSL_OP_NO_TLSv1_1
opts->no_tls11 ? " -tls11" :
#endif /* SSL_OP_NO_TLSv1_1 */
"",
#ifdef SSL_OP_NO_TLSv1_2
opts->no_tls12 ? " -tls12" :
#endif /* SSL_OP_NO_TLSv1_2 */
"");
}


/*
* Parse proxyspecs using a simple state machine.
Expand Down
1 change: 1 addition & 0 deletions opts.h
View file
Expand Up @@ -102,6 +102,7 @@ void opts_free(opts_t *) NONNULL(1);
int opts_has_ssl_spec(opts_t *) NONNULL(1) WUNRES;
void opts_proto_force(opts_t *, const char *, const char *) NONNULL(1,2,3);
void opts_proto_disable(opts_t *, const char *, const char *) NONNULL(1,2,3);
void opts_proto_dbg_dump(opts_t *) NONNULL(1);
#define OPTS_DEBUG(opts) unlikely((opts)->debug)

proxyspec_t * proxyspec_parse(int *, char **[], const char *) MALLOC;
Expand Down

0 comments on commit 206c688

Please sign in to comment.