From: Vladimír Čunát <vladimir.cunat@nic.cz>
Date: Tue, 12 Sep 2017 11:45:30 +0000 (+0200)
Subject: gnutls logging improvements
X-Git-Tag: v1.4.0~6^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3467ee8178b059af9a18289b94be4550ff5db8a3;p=thirdparty%2Fknot-resolver.git

gnutls logging improvements

- move it to utils.c, so it's sensitive to later changes in verbosity
- don't mark the lines with [tls], as they may come through libdnssec
- use stdout like other verbose messages, instead of stderr (real errors)
---

diff --git a/daemon/main.c b/daemon/main.c
index 92546c43b..56c2e85a1 100644
--- a/daemon/main.c
+++ b/daemon/main.c
@@ -398,7 +398,6 @@ static int run_worker(uv_loop_t *loop, struct engine *engine, fd_array_t *ipc_se
 	}
 	memcpy(&engine->ipc_set, ipc_set, sizeof(*ipc_set));
 
-	tls_setup_logging(kr_verbose_status);
 	/* Notify supervisor. */
 #ifdef HAS_SYSTEMD
 	sd_notify(0, "READY=1");
diff --git a/daemon/tls.c b/daemon/tls.c
index 0b970613c..e1ed1161d 100644
--- a/daemon/tls.c
+++ b/daemon/tls.c
@@ -61,17 +61,6 @@ struct tls_ctx_t {
 #define DEBUG_MSG(fmt...)
 #endif
 
-static void kres_gnutls_log(int level, const char *message)
-{
-	kr_log_error("[tls] gnutls: (%d) %s", level, message);
-}
-
-void tls_setup_logging(bool verbose)
-{
-	gnutls_global_set_log_function(kres_gnutls_log);
-	gnutls_global_set_log_level(verbose ? 5 : 0);
-}
-
 static ssize_t kres_gnutls_push(gnutls_transport_ptr_t h, const void *buf, size_t len)
 {
 	struct tls_ctx_t *t = (struct tls_ctx_t *)h;
diff --git a/daemon/tls.h b/daemon/tls.h
index d86d4c682..385f8fe39 100644
--- a/daemon/tls.h
+++ b/daemon/tls.h
@@ -34,9 +34,6 @@ struct tls_credentials {
 	char *ephemeral_servicename;
 };
 
-/*! Toggle verbose logging from TLS context. */
-void tls_setup_logging(bool verbose);
-
 /*! Create an empty TLS context in query context */
 struct tls_ctx_t* tls_new(struct worker_ctx *worker);
 
diff --git a/lib/utils.c b/lib/utils.c
index f1195a634..f88b33f34 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -22,6 +22,7 @@
 #include <sys/time.h>
 #include <contrib/cleanup.h>
 #include <ccan/isaac/isaac.h>
+#include <gnutls/gnutls.h>
 #include <libknot/descriptor.h>
 #include <libknot/dname.h>
 #include <libknot/rrtype/rrsig.h>
@@ -74,10 +75,22 @@ static inline int u16tostr(uint8_t *dst, uint16_t num)
  * Cleanup callbacks.
  */
 
+static void kres_gnutls_log(int level, const char *message)
+{
+	kr_log_verbose("gnutls: (%d) %s", level, message);
+}
+
 bool kr_verbose_set(bool status)
 {
 #ifndef NOVERBOSELOG
 	kr_verbose_status = status;
+
+	/* gnutls logs messages related to our TLS and also libdnssec,
+	 * and the logging is set up in a global way only */
+	if (status) {
+		gnutls_global_set_log_function(kres_gnutls_log);
+	}
+	gnutls_global_set_log_level(status ? 5 : 0);
 #endif
 	return kr_verbose_status;
 }