Improve debug logging of client hard reconnect
The current logging was sub-standard, in particular there was no trace whatsoever of the HelloVerifyRequest being sent. Now it's being logged with the usual levels: 4 for full content, 2 return of f_send, 1 decision about sending it (or taking other branches in the same function) because that's the same level as state changes in the handshake, and also same as the "possible client reconnect" message" to which it's the logical continuation (what are we doing about it?). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
f4563b4c8b
commit
243d70f2a5
@ -3219,6 +3219,8 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
|
|||||||
{
|
{
|
||||||
/* If we can't use cookies to verify reachability of the peer,
|
/* If we can't use cookies to verify reachability of the peer,
|
||||||
* drop the record. */
|
* drop the record. */
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "no cookie callbacks, "
|
||||||
|
"can't check reconnect validity" ) );
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -3234,16 +3236,23 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
|
|||||||
|
|
||||||
if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
|
if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
|
||||||
{
|
{
|
||||||
|
int send_ret;
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "sending HelloVerifyRequest" ) );
|
||||||
|
MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network",
|
||||||
|
ssl->out_buf, len );
|
||||||
/* Don't check write errors as we can't do anything here.
|
/* Don't check write errors as we can't do anything here.
|
||||||
* If the error is permanent we'll catch it later,
|
* If the error is permanent we'll catch it later,
|
||||||
* if it's not, then hopefully it'll work next time. */
|
* if it's not, then hopefully it'll work next time. */
|
||||||
(void) ssl->f_send( ssl->p_bio, ssl->out_buf, len );
|
send_ret = ssl->f_send( ssl->p_bio, ssl->out_buf, len );
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", send_ret );
|
||||||
|
(void) send_ret;
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ret == 0 )
|
if( ret == 0 )
|
||||||
{
|
{
|
||||||
/* Got a valid cookie, partially reset context */
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "cookie is valid, resetting context" ) );
|
||||||
if( ( ret = mbedtls_ssl_session_reset_int( ssl, 1 ) ) != 0 )
|
if( ( ret = mbedtls_ssl_session_reset_int( ssl, 1 ) ) != 0 )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret );
|
MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret );
|
||||||
@ -4416,6 +4425,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
|
|||||||
ssl->in_msglen = rec.data_len;
|
ssl->in_msglen = rec.data_len;
|
||||||
|
|
||||||
ret = ssl_check_client_reconnect( ssl );
|
ret = ssl_check_client_reconnect( ssl );
|
||||||
|
MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_client_reconnect", ret );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
#endif
|
#endif
|
||||||
|
Loading…
Reference in New Issue
Block a user