From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu, 28 Jul 2016 22:35:10 +0000 (-0400)
Subject: initialize GnuTLS logging cleanly, once at daemon/worker start.
X-Git-Tag: v1.1.0~7^2~7
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=aaa44f19d64d578a326d13c14c333013a9731e98;p=thirdparty%2Fknot-resolver.git

initialize GnuTLS logging cleanly, once at daemon/worker start.

We also propagate kresd's verbosity into the TLS logging level
---

diff --git a/daemon/main.c b/daemon/main.c
index c0404a8c8..c02adb0f2 100644
--- a/daemon/main.c
+++ b/daemon/main.c
@@ -361,6 +361,8 @@ static int run_worker(uv_loop_t *loop, struct engine *engine, fd_array_t *ipc_se
 		}
 	}
 	memcpy(&engine->ipc_set, ipc_set, sizeof(*ipc_set));
+
+	tls_setup_logging(kr_debug_status());
 	/* Notify supervisor. */
 #ifdef HAS_SYSTEMD
 	sd_notify(0, "READY=1");
diff --git a/daemon/tls.c b/daemon/tls.c
index 19ae7c054..023e7a1f9 100644
--- a/daemon/tls.c
+++ b/daemon/tls.c
@@ -52,6 +52,19 @@ struct tls_ctx_t {
 #define DEBUG_MSG(fmt...)
 #endif
 
+static void
+kres_gnutls_log(int level, const char *message)
+{
+	kr_log_error("[tls] gnutls: (%d) %s", level, message);
+}
+
+void
+tls_setup_logging(bool verbose)
+{
+	gnutls_global_set_log_function(kres_gnutls_log);
+	gnutls_global_set_log_level(verbose ? 1 : 0);
+}
+
 static ssize_t kres_gnutls_push(gnutls_transport_ptr_t h, const void *buf, size_t len)
 {
 	struct tls_ctx_t *t = (struct tls_ctx_t *)h;
diff --git a/daemon/tls.h b/daemon/tls.h
index 20ac507eb..088470030 100644
--- a/daemon/tls.h
+++ b/daemon/tls.h
@@ -29,6 +29,8 @@ struct tls_credentials_t {
 	gnutls_certificate_credentials_t credentials;
 };
 
+void tls_setup_logging(bool verbose);
+
 struct tls_ctx_t* tls_new(struct worker_ctx *worker);
 void tls_free(struct tls_ctx_t* tls);