Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
add global parameter "debug.gnutls"
enables GnuTLS indepth debugging
closes rsyslog#219
  • Loading branch information
jgerhards committed Jan 26, 2015
1 parent 15f884e commit 9125ddf
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 12 deletions.
10 changes: 10 additions & 0 deletions runtime/glbl.c
Expand Up @@ -84,6 +84,7 @@ static int bOptimizeUniProc = 1; /* enable uniprocessor optimizations */
static int bParseHOSTNAMEandTAG = 1; /* parser modification (based on startup params!) */
static int bPreserveFQDN = 0; /* should FQDNs always be preserved? */
static int iMaxLine = 8096; /* maximum length of a syslog message */
static int iGnuTLSLoglevel = 0;
static int iDefPFFamily = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */
static int bDropMalPTRMsgs = 0;/* Drop messages which have malicious PTR records during DNS lookup */
static int option_DisallowWarning = 1; /* complain if message from disallowed sender is received */
Expand Down Expand Up @@ -131,6 +132,7 @@ static struct cnfparamdescr cnfparamdescr[] = {
{ "preservefqdn", eCmdHdlrBinary, 0 },
{ "debug.onshutdown", eCmdHdlrBinary, 0 },
{ "debug.logfile", eCmdHdlrString, 0 },
{ "debug.gnutls", eCmdHdlrPositiveInt, 0 },
{ "defaultnetstreamdrivercafile", eCmdHdlrString, 0 },
{ "defaultnetstreamdriverkeyfile", eCmdHdlrString, 0 },
{ "defaultnetstreamdrivercertfile", eCmdHdlrString, 0 },
Expand Down Expand Up @@ -183,6 +185,12 @@ GetMaxLine(void)
return(iMaxLine);
}

int
GetGnuTLSLoglevel(void)
{
return(iGnuTLSLoglevel);
}

/* define a macro for the simple properties' set and get functions
* (which are always the same). This is only suitable for pretty
* simple cases which require neither checks nor memory allocation.
Expand Down Expand Up @@ -1040,6 +1048,8 @@ glblDoneLoadCnf(void)
} else if(!strcmp(paramblk.descr[i].name, "debug.onshutdown")) {
glblDebugOnShutdown = (int) cnfparamvals[i].val.d.n;
errmsg.LogError(0, RS_RET_OK, "debug: onShutdown set to %d", glblDebugOnShutdown);
} else if(!strcmp(paramblk.descr[i].name, "debug.gnutls")) {
iGnuTLSLoglevel = (int) cnfparamvals[i].val.d.n;
} else if(!strcmp(paramblk.descr[i].name, "parser.controlcharacterescapeprefix")) {
cCCEscapeChar = (uchar) *es_str2cstr(cnfparamvals[i].val.d.estr, NULL);
} else if(!strcmp(paramblk.descr[i].name, "parser.droptrailinglfonreception")) {
Expand Down
1 change: 1 addition & 0 deletions runtime/glbl.h
Expand Up @@ -122,5 +122,6 @@ void glblDestructMainqCnfObj();
void glblDoneLoadCnf(void);
const uchar * glblGetWorkDirRaw(void);
tzinfo_t* glblFindTimezoneInfo(char *id);
int GetGnuTLSLoglevel(void);

#endif /* #ifndef GLBL_H_INCLUDED */
19 changes: 7 additions & 12 deletions runtime/nsd_gtls.c
Expand Up @@ -2,7 +2,7 @@
*
* An implementation of the nsd interface for GnuTLS.
*
* Copyright (C) 2007-2014 Rainer Gerhards and Adiscon GmbH.
* Copyright (C) 2007-2015 Rainer Gerhards and Adiscon GmbH.
*
* This file is part of the rsyslog runtime library.
*
Expand Down Expand Up @@ -87,8 +87,6 @@ static pthread_mutex_t mutGtlsStrerror; /**< a mutex protecting the potentially
/* ------------------------------ GnuTLS specifics ------------------------------ */
static gnutls_certificate_credentials_t xcred;

#ifdef DEBUG
#if 0 /* uncomment, if needed some time again -- DEV Debug only */
/* This defines a log function to be provided to GnuTLS. It hopefully
* helps us track down hard to find problems.
* rgerhards, 2008-06-20
Expand All @@ -97,8 +95,7 @@ static void logFunction(int level, const char *msg)
{
dbgprintf("GnuTLS log msg, level %d: %s\n", level, msg);
}
#endif
#endif /* #ifdef DEBUG */



/* read in the whole content of a file. The caller is responsible for
Expand Down Expand Up @@ -605,13 +602,11 @@ gtlsGlblInit(void)
ABORT_FINALIZE(RS_RET_GNUTLS_ERR);
}

# ifdef DEBUG
#if 0 /* do this in special cases only. WARNING: if active, it may reveal sensitive information! */
/* intialize log function - set a level only for hard-to-find bugs */
gnutls_global_set_log_function(logFunction);
gnutls_global_set_log_level(10); /* 0 (no) to 9 (most), 10 everything */
# endif
# endif
if(GetGnuTLSLoglevel() > 0){
gnutls_global_set_log_function(logFunction);
gnutls_global_set_log_level(GetGnuTLSLoglevel());
/* 0 (no) to 9 (most), 10 everything */
}

finalize_it:
RETiRet;
Expand Down

0 comments on commit 9125ddf

Please sign in to comment.