Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add a parameter to enable in-depth GnuTLS debug output #219

Closed
rgerhards opened this issue Jan 25, 2015 · 5 comments
Closed

add a parameter to enable in-depth GnuTLS debug output #219

rgerhards opened this issue Jan 25, 2015 · 5 comments
Labels

Comments

@rgerhards
Copy link
Member

@rgerhards rgerhards commented Jan 25, 2015

GnuTLS is often very picky about certificates, and the error codes are sometimes quite generic. Inside rsyslog's ./runtime/nsd_gtls.c there is a code to enable very in-depth logging of GnuTLS actions, but it is commented out via "#if 0". This was based on the assumption that it is only useful for rsyslog developers.

As it turned out, it's useful for users as well, at least in otherwise hard to solve cases. So we should add a (probably global) option to enable GnuTLS debugging.

While this is not available, users can get the same benefits by building rsyslog from source and changing the "#if 0" to "#if 1" in all cases.

@rgerhards
Copy link
Member Author

@rgerhards rgerhards commented Jan 25, 2015

related to: #184

jgerhards added a commit to jgerhards/rsyslog that referenced this issue Jan 26, 2015
enables GnuTLS indepth debugging
closes rsyslog#219
@binarymist
Copy link

@binarymist binarymist commented Jan 29, 2015

Thanks. I'm guessing this will be a few months at minimum away from going into Debian testing?

@rgerhards
Copy link
Member Author

@rgerhards rgerhards commented Jan 29, 2015

I don't know their schedule, but you are probably right. I suggest to build from source. A tarball is already available at http://www.rsyslog.com/downloads/download-daily-build/

@virtualjmills
Copy link

@virtualjmills virtualjmills commented Jun 30, 2018

Old, but important. The GnuTLS debug directive (late rsyslog 8.x code) now uses a quoted-integer from zero (0) to ten (10), with most useful output emitted at level "3" or higher. The old "on" value (such as referenced in #184) simply throws a configuration file parser error. :-)

Example rsyslog.conf line:
global(debug.gnutls="3")

@lock
Copy link

@lock lock bot commented Dec 26, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Dec 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

3 participants