polarssl: actually use polarssl debug logging

We had the machinery in place, but did not actually use it because nothing
will be logged untill the debug threshold is increased.

This commit makes --verb 8 result is level 2 polar logging (which is
verbose, and --verb 9 result in level 3 polar logging (which is very
verbose).  There are higher levels, but those are extremely verbose.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1452113943-30684-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10945
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c
index 339d1fb194fea9a70e0c442e49c0ea947d25cd37..58b211648c83f5fcd3266711594d636f9a9c6daf 100644 (file)
--- a/src/openvpn/ssl_polarssl.c
+++ b/src/openvpn/ssl_polarssl.c
@@ -49,6 +49,7 @@
 #include <polarssl/havege.h>
 
 #include "ssl_verify_polarssl.h"
+#include <polarssl/debug.h>
 #include <polarssl/error.h>
 #include <polarssl/oid.h>
 #include <polarssl/pem.h>
@@ -679,8 +680,8 @@ static int endless_buf_write( void *ctx, const unsigned char *in, size_t len )
 
 static void my_debug( void *ctx, int level, const char *str )
 {
-  int my_loglevel = (level < 2) ? D_TLS_DEBUG_MED : D_TLS_DEBUG;
-  msg (my_loglevel, "PolarSSL alert: %s", str);
+  int my_loglevel = (level < 3) ? D_TLS_DEBUG_MED : D_TLS_DEBUG;
+  msg (my_loglevel, "PolarSSL msg: %s", str);
 }
 
 /*
@@ -762,6 +763,7 @@ void key_state_ssl_init(struct key_state_ssl *ks_ssl,
   if (polar_ok(ssl_init(ks_ssl->ctx)))
     {
       /* Initialise SSL context */
+      debug_set_threshold(3);
       ssl_set_dbg (ks_ssl->ctx, my_debug, NULL);
       ssl_set_endpoint (ks_ssl->ctx, ssl_ctx->endpoint);