if (ca_verify) {
rc = cert_verify(session, host, GNUTLS_KP_TLS_WWW_SERVER);
if (rc == 0) {
- printf
- ("*** PKI verification of server certificate failed...\n");
+ log_msg
+ (stdout, "*** PKI verification of server certificate failed...\n");
if (!insecure && !ssh)
return -1;
} else if (ENABLED_OPT(OCSP) && gnutls_ocsp_status_request_is_checked(session, 0) == 0) { /* off-line verification succeeded. Try OCSP */
rc = cert_verify_ocsp(session);
if (rc == -1) {
- printf
- ("*** Verifying (with OCSP) server certificate chain failed...\n");
+ log_msg
+ (stdout, "*** Verifying (with OCSP) server certificate chain failed...\n");
if (!insecure && !ssh)
return -1;
} else if (rc == 0)
- printf("*** OCSP: nothing to check.\n");
+ log_msg(stdout, "*** OCSP: nothing to check.\n");
else
- printf("*** OCSP: verified %d certificate(s).\n", rc);
+ log_msg(stdout, "*** OCSP: verified %d certificate(s).\n", rc);
}
}
/* Print the server's trusted CAs
*/
if (nreqs > 0)
- printf("- Server's trusted authorities:\n");
+ log_msg(stdout, "- Server's trusted authorities:\n");
else
- printf
- ("- Server did not send us any trusted authorities names.\n");
+ log_msg
+ (stdout, "- Server did not send us any trusted authorities names.\n");
/* print the names (if any) */
for (i = 0; i < nreqs; i++) {
gnutls_x509_rdn_get(&req_ca_rdn[i], issuer_dn,
&len);
if (ret >= 0) {
- printf(" [%d]: ", i);
- printf("%s\n", issuer_dn);
+ log_msg(stdout, " [%d]: ", i);
+ log_msg(stdout, "%s\n", issuer_dn);
}
}
}
if (x509_key != NULL) {
*pkey = x509_key;
} else {
- printf
- ("- Could not find a suitable key to send to server\n");
+ log_msg
+ (stdout, "- Could not find a suitable key to send to server\n");
return -1;
}
}
}
- printf("- Successfully sent %u certificate(s) to server.\n",
+ log_msg(stdout, "- Successfully sent %u certificate(s) to server.\n",
*pcert_length);
return 0;
str = gnutls_alert_get_name(alert);
if (str == NULL)
str = str_unknown;
- printf("*** Received alert [%d]: %s\n", alert, str);
+ log_msg(stdout, "*** Received alert [%d]: %s\n", alert, str);
}
check_server_cmd(hd, err);
gnutls_perror(ret);
return ret;
} else {
- printf("- ReHandshake was completed\n");
+ log_msg(stdout, "- ReHandshake was completed\n");
return 0;
}
}
fprintf(stderr, "*** Rekey has failed: %s\n", gnutls_strerror(ret));
return ret;
} else {
- printf("- Rekey was completed\n");
+ log_msg(stdout, "- Rekey was completed\n");
return 0;
}
}
hd->rdata.data = NULL;
}
- printf("- Disconnecting\n");
+ log_msg(stdout, "- Disconnecting\n");
socket_bye(hd, 1);
canonicalize_host(hostname, service, sizeof(service));
- printf
- ("\n\n- Connecting again- trying to resume previous session\n");
+ log_msg
+ (stdout, "\n\n- Connecting again- trying to resume previous session\n");
if (HAVE_OPT(STARTTLS_PROTO))
socket_flags |= SOCKET_FLAG_STARTTLS;
else if (fastopen)
socket_open3(hd, hostname, service, OPT_ARG(STARTTLS_PROTO),
socket_flags, CONNECT_MSG, &rdata, &edata);
- printf("- Resume Handshake was completed\n");
+ log_msg(stdout, "- Resume Handshake was completed\n");
if (gnutls_session_is_resumed(hd->session) != 0)
- printf("*** This is a resumed session\n");
+ log_msg(stdout, "*** This is a resumed session\n");
return 0;
}
int socket_flags = SOCKET_FLAG_DONT_PRINT_ERRORS;
FILE *server_fp = NULL;
FILE *client_fp = NULL;
+ FILE *logfile = NULL;
#ifndef _WIN32
struct sigaction new_action;
#endif
cmd_parser(argc, argv);
+ if (HAVE_OPT(LOGFILE)) {
+ logfile = fopen(OPT_ARG(LOGFILE), "w+");
+ if (!logfile) {
+ log_msg(stderr, "Unable to open '%s'!\n", OPT_ARG(LOGFILE));
+ exit(1);
+ }
+ log_set(logfile);
+ }
+
gnutls_global_set_log_function(tls_log_func);
gnutls_global_set_log_level(OPT_VALUE_DEBUG);
hd.verbose = verbose;
if (hd.secure) {
- printf("- Handshake was completed\n");
+ log_msg(stdout, "- Handshake was completed\n");
if (resume != 0)
if (try_resume(&hd)) {
/* Warning! Do not touch this text string, it is used by external
programs to search for when gnutls-cli has reached this point. */
- printf("\n- Simple Client Mode:\n\n");
+ log_msg(stdout, "\n- Simple Client Mode:\n\n");
if (rehandshake)
if (try_rehandshake(&hd)) {
ret = socket_recv(&hd, buffer, MAX_BUF);
if (ret == 0 || (ret == GNUTLS_E_PREMATURE_TERMINATION && user_term)) {
- printf
- ("- Peer has closed the GnuTLS connection\n");
+ log_msg
+ (stdout, "- Peer has closed the GnuTLS connection\n");
break;
} else if (handle_error(&hd, ret) < 0) {
fprintf(stderr,
break;
} else if (ret > 0) {
if (verbose != 0)
- printf("- Received[%d]: ", ret);
+ log_msg(stdout, "- Received[%d]: ", ret);
for (ii = 0; ii < ret; ii++) {
fputc(buffer[ii], stdout);
}
if (ret > 0) {
if (verbose != 0)
- printf("- Sent: %d bytes\n", ret);
+ log_msg(stdout, "- Sent: %d bytes\n", ret);
} else
handle_error(&hd, ret);
cleanup:
socket_bye(&hd, 0);
+ if (logfile) {
+ fclose(logfile);
+ logfile = NULL;
+ }
#ifdef ENABLE_SRP
if (srp_cred)
const char *str;
unsigned int lineb = 0;
- printf("Priority strings in GnuTLS %s:\n", gnutls_check_version(NULL));
+ log_msg(stdout, "Priority strings in GnuTLS %s:\n", gnutls_check_version(NULL));
fputs("\t", stdout);
for (idx=0;;idx++) {
str = gnutls_priority_string_list(idx, GNUTLS_PRIORITY_LIST_INIT_KEYWORDS);
if (str == NULL)
break;
- lineb += printf("%s ", str);
+ lineb += log_msg(stdout, "%s ", str);
if (lineb > 64) {
lineb = 0;
- printf("\n\t");
+ log_msg(stdout, "\n\t");
}
}
- printf("\n\nSpecial strings:\n");
+ log_msg(stdout, "\n\nSpecial strings:\n");
lineb = 0;
fputs("\t", stdout);
for (idx=0;;idx++) {
break;
if (str[0] == 0)
continue;
- lineb += printf("%%%s ", str);
+ lineb += log_msg(stdout, "%%%s ", str);
if (lineb > 64) {
lineb = 0;
- printf("\n\t");
+ log_msg(stdout, "\n\t");
}
}
- printf("\n");
+ log_msg(stdout, "\n");
return;
}
* the server thinks we ignored his request.
* This is a bad design of this client.
*/
- printf("*** Received rehandshake request\n");
+ log_msg(stdout, "*** Received rehandshake request\n");
/* gnutls_alert_send( session, GNUTLS_AL_WARNING, GNUTLS_A_NO_RENEGOTIATION); */
ret = do_handshake(socket);
if (ret == 0) {
- printf("*** Rehandshake was performed.\n");
+ log_msg(stdout, "*** Rehandshake was performed.\n");
} else {
- printf("*** Rehandshake Failed: %s\n", gnutls_strerror(ret));
+ log_msg(stdout, "*** Rehandshake Failed: %s\n", gnutls_strerror(ret));
}
} else if (ret == GNUTLS_E_REAUTH_REQUEST) {
do {
} while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
if (ret == 0) {
- printf("*** Re-auth was performed.\n");
+ log_msg(stdout, "*** Re-auth was performed.\n");
} else {
- printf("*** Re-auth failed: %s\n", gnutls_strerror(ret));
+ log_msg(stdout, "*** Re-auth failed: %s\n", gnutls_strerror(ret));
}
}
}
size_t res_size;
gnutls_datum_t tmp;
- printf("- PSK client callback. ");
+ log_msg(stdout, "- PSK client callback. ");
if (hint)
- printf("PSK hint '%s'\n", hint);
+ log_msg(stdout, "PSK hint '%s'\n", hint);
else
- printf("No PSK hint\n");
+ log_msg(stdout, "No PSK hint\n");
if (HAVE_OPT(PSKUSERNAME))
*username = gnutls_strdup(OPT_ARG(PSKUSERNAME));
char *p = NULL;
size_t n;
- printf("Enter PSK identity: ");
+ log_msg(stdout, "Enter PSK identity: ");
fflush(stdout);
ret = getline(&p, &n, stdin);
fprintf(stderr, "Error setting the x509 trust file: %s\n", gnutls_strerror(ret));
exit(1);
} else {
- printf("Processed %d CA certificate(s).\n", ret);
+ log_msg(stdout, "Processed %d CA certificate(s).\n", ret);
}
if (x509_crlfile != NULL) {
"Error setting the x509 CRL file: %s\n", gnutls_strerror(ret));
exit(1);
} else {
- printf("Processed %d CRL(s).\n", ret);
+ log_msg(stdout, "Processed %d CRL(s).\n", ret);
}
}
const char str_unknown[] = "(unknown)";
+static FILE *logfile = NULL;
/* Hex encodes the given data adding a semicolon between hex bytes.
*/
const char *raw_to_string(const unsigned char *raw, size_t raw_size)
ret = gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_COMPACT, &cinfo);
if (ret == 0) {
- printf("- X.509 cert: %s\n", cinfo.data);
+ log_msg(stdout, "- X.509 cert: %s\n", cinfo.data);
gnutls_free(cinfo.data);
}
rc = gnutls_certificate_verify_peers(session, data, elements, &status);
if (rc == GNUTLS_E_NO_CERTIFICATE_FOUND) {
- printf("- Peer did not send any certificate.\n");
+ log_msg(stdout, "- Peer did not send any certificate.\n");
return 0;
}
if (rc < 0) {
- printf("- Could not verify certificate (err: %s)\n",
+ log_msg(stdout, "- Could not verify certificate (err: %s)\n",
gnutls_strerror(rc));
return 0;
}
rc = gnutls_certificate_verification_status_print(status, type,
&out, 0);
if (rc < 0) {
- printf("- Could not print verification flags (err: %s)\n",
+ log_msg(stdout, "- Could not print verification flags (err: %s)\n",
gnutls_strerror(rc));
return 0;
}
- printf("- Status: %s\n", out.data);
+ log_msg(stdout, "- Status: %s\n", out.data);
gnutls_free(out.data);
return;
}
- printf("- %sDiffie-Hellman parameters\n", str);
- printf(" - Using prime: %d bits\n",
+ log_msg(stdout, "- %sDiffie-Hellman parameters\n", str);
+ log_msg(stdout, " - Using prime: %d bits\n",
gnutls_dh_get_prime_bits(session));
- printf(" - Secret key: %d bits\n",
+ log_msg(stdout, " - Secret key: %d bits\n",
gnutls_dh_get_secret_bits(session));
- printf(" - Peer's public key: %d bits\n",
+ log_msg(stdout, " - Peer's public key: %d bits\n",
gnutls_dh_get_peers_public_bits(session));
ret = gnutls_dh_get_group(session, &raw_gen, &raw_prime);
goto out;
}
- printf(" - PKCS#3 format:\n\n%.*s\n",
+ log_msg(stdout, " - PKCS#3 format:\n\n%.*s\n",
(int) params_data_size, params_data);
out:
if (!print)
return;
- printf("- %sEC Diffie-Hellman parameters\n", str);
+ log_msg(stdout, "- %sEC Diffie-Hellman parameters\n", str);
curve = gnutls_ecc_curve_get(session);
- printf(" - Using curve: %s\n", gnutls_ecc_curve_get_name(curve));
- printf(" - Curve size: %d bits\n",
+ log_msg(stdout, " - Using curve: %s\n", gnutls_ecc_curve_get_name(curve));
+ log_msg(stdout, " - Curve size: %d bits\n",
gnutls_ecc_curve_get_size(curve) * 8);
}
int rc;
desc = gnutls_session_get_desc(session);
- printf("- Description: %s\n", desc);
+ log_msg(stdout, "- Description: %s\n", desc);
gnutls_free(desc);
/* print session ID */
gnutls_session_get_id(session, session_id, &session_id_size);
if (session_id_size > 0) {
- printf("- Session ID: %s\n",
+ log_msg(stdout, "- Session ID: %s\n",
raw_to_string(session_id, session_id_size));
}
* side.
*/
if (gnutls_srp_server_get_username(session) != NULL)
- printf("- SRP authentication. Connected as '%s'\n",
+ log_msg(stdout, "- SRP authentication. Connected as '%s'\n",
gnutls_srp_server_get_username(session));
break;
#endif
/* This returns NULL in server side.
*/
if (gnutls_psk_client_get_hint(session) != NULL)
- printf("- PSK authentication. PSK hint '%s'\n",
+ log_msg(stdout, "- PSK authentication. PSK hint '%s'\n",
gnutls_psk_client_get_hint(session));
/* This returns NULL in client side.
*/
if (gnutls_psk_server_get_username(session) != NULL)
- printf("- PSK authentication. Connected as '%s'\n",
+ log_msg(stdout, "- PSK authentication. Connected as '%s'\n",
gnutls_psk_server_get_username(session));
if (kx == GNUTLS_KX_DHE_PSK)
print_dh_info(session, "Ephemeral ", verbose);
break;
#endif
case GNUTLS_CRD_IA:
- printf("- TLS/IA authentication\n");
+ log_msg(stdout, "- TLS/IA authentication\n");
break;
case GNUTLS_CRD_CERTIFICATE:
{
/* This fails in client side */
if (gnutls_server_name_get
(session, dns, &dns_size, &type, 0) == 0) {
- printf("- Given server name[%d]: %s\n",
+ log_msg(stdout, "- Given server name[%d]: %s\n",
type, dns);
}
}
if ((flags & P_WAIT_FOR_CERT) && gnutls_certificate_get_ours(session) == 0)
- printf("- No certificate was sent to peer\n");
+ log_msg(stdout, "- No certificate was sent to peer\n");
if (flags& P_PRINT_CERT)
print_cert_info(session, verbose, (flags&P_PRINT_CERT));
version = gnutls_protocol_get_version(session);
tmp =
SU(gnutls_protocol_get_name(version));
- printf("- Version: %s\n", tmp);
+ log_msg(stdout, "- Version: %s\n", tmp);
if (version < GNUTLS_TLS1_3) {
tmp = SU(gnutls_kx_get_name(kx));
- printf("- Key Exchange: %s\n", tmp);
+ log_msg(stdout, "- Key Exchange: %s\n", tmp);
}
if (gnutls_sign_algorithm_get(session) != GNUTLS_SIGN_UNKNOWN) {
tmp =
SU(gnutls_sign_get_name
(gnutls_sign_algorithm_get(session)));
- printf("- Server Signature: %s\n", tmp);
+ log_msg(stdout, "- Server Signature: %s\n", tmp);
}
if (gnutls_sign_algorithm_get_client(session) !=
tmp =
SU(gnutls_sign_get_name
(gnutls_sign_algorithm_get_client(session)));
- printf("- Client Signature: %s\n", tmp);
+ log_msg(stdout, "- Client Signature: %s\n", tmp);
}
tmp = SU(gnutls_cipher_get_name(gnutls_cipher_get(session)));
- printf("- Cipher: %s\n", tmp);
+ log_msg(stdout, "- Cipher: %s\n", tmp);
tmp = SU(gnutls_mac_get_name(gnutls_mac_get(session)));
- printf("- MAC: %s\n", tmp);
+ log_msg(stdout, "- MAC: %s\n", tmp);
}
- printf("- Options:");
+ log_msg(stdout, "- Options:");
if (gnutls_session_ext_master_secret_status(session)!=0)
- printf(" extended master secret,");
+ log_msg(stdout, " extended master secret,");
if (gnutls_safe_renegotiation_status(session)!=0)
- printf(" safe renegotiation,");
+ log_msg(stdout, " safe renegotiation,");
if (gnutls_session_etm_status(session)!=0)
- printf(" EtM,");
+ log_msg(stdout, " EtM,");
#ifdef ENABLE_OCSP
if (gnutls_ocsp_status_request_is_checked(session, GNUTLS_OCSP_SR_IS_AVAIL)!=0) {
- printf(" OCSP status request%s,", gnutls_ocsp_status_request_is_checked(session,0)!=0?"":"[ignored]");
+ log_msg(stdout, " OCSP status request%s,", gnutls_ocsp_status_request_is_checked(session,0)!=0?"":"[ignored]");
}
#endif
- printf("\n");
+ log_msg(stdout, "\n");
#ifdef ENABLE_DTLS_SRTP
rc = gnutls_srtp_get_selected_profile(session, &srtp_profile);
if (rc == 0)
- printf("- SRTP profile: %s\n",
+ log_msg(stdout, "- SRTP profile: %s\n",
gnutls_srtp_get_profile_name(srtp_profile));
#endif
#ifdef ENABLE_ALPN
rc = gnutls_alpn_get_selected_protocol(session, &p);
if (rc == 0)
- printf("- Application protocol: %.*s\n", p.size, p.data);
+ log_msg(stdout, "- Application protocol: %.*s\n", p.size, p.data);
#endif
if (verbose) {
else {
size_t i;
- printf("- Channel binding 'tls-unique': ");
+ log_msg(stdout, "- Channel binding 'tls-unique': ");
for (i = 0; i < cb.size; i++)
- printf("%02x", cb.data[i]);
- printf("\n");
+ log_msg(stdout, "%02x", cb.data[i]);
+ log_msg(stdout, "\n");
gnutls_free(cb.data);
}
}
flag = GNUTLS_CRT_PRINT_COMPACT;
if (gnutls_certificate_client_get_request_status(session) != 0) {
- printf("- Server has requested a certificate.\n");
+ log_msg(stdout, "- Server has requested a certificate.\n");
print_crt_status = 1;
}
int verbose = 0;
if (gnutls_certificate_client_get_request_status(session) != 0) {
- printf("- Server has requested a certificate.\n");
+ log_msg(stdout, "- Server has requested a certificate.\n");
verbose = 1;
}
const unsigned int *list;
if (priorities != NULL) {
- printf("Cipher suites for %s\n", priorities);
+ log_msg(stdout, "Cipher suites for %s\n", priorities);
ret = gnutls_priority_init(&pcache, priorities, &err);
if (ret < 0) {
NULL, &version);
if (name != NULL)
- printf("%-50s\t0x%02x, 0x%02x\t%s\n",
+ log_msg(stdout, "%-50s\t0x%02x, 0x%02x\t%s\n",
name, (unsigned char) id[0],
(unsigned char) id[1],
gnutls_protocol_get_name(version));
}
- printf("\n");
+ log_msg(stdout, "\n");
#if 0
{
ret =
&list,
GNUTLS_CTYPE_CLIENT);
- printf("Certificate types: ");
+ log_msg(stdout, "Certificate types: ");
if (ret == 0)
- printf("none\n");
+ log_msg(stdout, "none\n");
for (i = 0; i < (unsigned) ret; i++) {
- printf("CTYPE-%s",
+ log_msg(stdout, "CTYPE-%s",
gnutls_certificate_type_get_name
(list[i]));
if (i + 1 != (unsigned) ret)
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
#endif
{
ret = gnutls_priority_protocol_list(pcache, &list);
- printf("Protocols: ");
+ log_msg(stdout, "Protocols: ");
if (ret == 0)
- printf("none\n");
+ log_msg(stdout, "none\n");
for (i = 0; i < (unsigned) ret; i++) {
- printf("VERS-%s",
+ log_msg(stdout, "VERS-%s",
gnutls_protocol_get_name(list[i]));
if (i + 1 != (unsigned) ret)
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
ret = gnutls_priority_cipher_list(pcache, &list);
- printf("Ciphers: ");
+ log_msg(stdout, "Ciphers: ");
if (ret == 0)
- printf("none\n");
+ log_msg(stdout, "none\n");
for (i = 0; i < (unsigned) ret; i++) {
- printf("%s",
+ log_msg(stdout, "%s",
gnutls_cipher_get_name(list[i]));
if (i + 1 != (unsigned) ret)
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
ret = gnutls_priority_mac_list(pcache, &list);
- printf("MACs: ");
+ log_msg(stdout, "MACs: ");
if (ret == 0)
- printf("none\n");
+ log_msg(stdout, "none\n");
for (i = 0; i < (unsigned) ret; i++) {
- printf("%s",
+ log_msg(stdout, "%s",
gnutls_mac_get_name(list[i]));
if (i + 1 != (unsigned) ret)
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
ret = gnutls_priority_kx_list(pcache, &list);
- printf("Key Exchange Algorithms: ");
+ log_msg(stdout, "Key Exchange Algorithms: ");
if (ret == 0)
- printf("none\n");
+ log_msg(stdout, "none\n");
for (i = 0; i < (unsigned) ret; i++) {
- printf("%s",
+ log_msg(stdout, "%s",
gnutls_kx_get_name(list[i]));
if (i + 1 != (unsigned) ret)
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
ret =
gnutls_priority_group_list(pcache, &list);
- printf("Groups: ");
+ log_msg(stdout, "Groups: ");
if (ret == 0)
- printf("none\n");
+ log_msg(stdout, "none\n");
for (i = 0; i < (unsigned) ret; i++) {
- printf("GROUP-%s",
+ log_msg(stdout, "GROUP-%s",
gnutls_group_get_name(list[i]));
if (i + 1 != (unsigned) ret)
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
ret = gnutls_priority_sign_list(pcache, &list);
- printf("PK-signatures: ");
+ log_msg(stdout, "PK-signatures: ");
if (ret == 0)
- printf("none\n");
+ log_msg(stdout, "none\n");
for (i = 0; i < (unsigned) ret; i++) {
- printf("SIGN-%s",
+ log_msg(stdout, "SIGN-%s",
gnutls_sign_algorithm_get_name(list
[i]));
if (i + 1 != (unsigned) ret)
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
return;
}
- printf("Cipher suites:\n");
+ log_msg(stdout, "Cipher suites:\n");
for (i = 0; (name = gnutls_cipher_suite_info
(i, id, &kx, &cipher, &mac, &version)); i++) {
- printf("%-50s\t0x%02x, 0x%02x\t%s\n",
+ log_msg(stdout, "%-50s\t0x%02x, 0x%02x\t%s\n",
name,
(unsigned char) id[0], (unsigned char) id[1],
gnutls_protocol_get_name(version));
if (verbose)
- printf
- ("\tKey exchange: %s\n\tCipher: %s\n\tMAC: %s\n\n",
+ log_msg
+ (stdout, "\tKey exchange: %s\n\tCipher: %s\n\tMAC: %s\n\n",
gnutls_kx_get_name(kx),
gnutls_cipher_get_name(cipher),
gnutls_mac_get_name(mac));
}
- printf("\n");
+ log_msg(stdout, "\n");
{
const gnutls_certificate_type_t *p =
gnutls_certificate_type_list();
- printf("Certificate types: ");
+ log_msg(stdout, "Certificate types: ");
for (; *p; p++) {
- printf("CTYPE-%s",
+ log_msg(stdout, "CTYPE-%s",
gnutls_certificate_type_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
const gnutls_protocol_t *p = gnutls_protocol_list();
- printf("Protocols: ");
+ log_msg(stdout, "Protocols: ");
for (; *p; p++) {
- printf("VERS-%s", gnutls_protocol_get_name(*p));
+ log_msg(stdout, "VERS-%s", gnutls_protocol_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
const gnutls_cipher_algorithm_t *p = gnutls_cipher_list();
- printf("Ciphers: ");
+ log_msg(stdout, "Ciphers: ");
for (; *p; p++) {
- printf("%s", gnutls_cipher_get_name(*p));
+ log_msg(stdout, "%s", gnutls_cipher_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
const gnutls_mac_algorithm_t *p = gnutls_mac_list();
- printf("MACs: ");
+ log_msg(stdout, "MACs: ");
for (; *p; p++) {
- printf("%s", gnutls_mac_get_name(*p));
+ log_msg(stdout, "%s", gnutls_mac_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
const gnutls_digest_algorithm_t *p = gnutls_digest_list();
- printf("Digests: ");
+ log_msg(stdout, "Digests: ");
for (; *p; p++) {
- printf("%s", gnutls_digest_get_name(*p));
+ log_msg(stdout, "%s", gnutls_digest_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
const gnutls_kx_algorithm_t *p = gnutls_kx_list();
- printf("Key exchange algorithms: ");
+ log_msg(stdout, "Key exchange algorithms: ");
for (; *p; p++) {
- printf("%s", gnutls_kx_get_name(*p));
+ log_msg(stdout, "%s", gnutls_kx_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
const gnutls_compression_method_t *p =
gnutls_compression_list();
- printf("Compression: ");
+ log_msg(stdout, "Compression: ");
for (; *p; p++) {
- printf("COMP-%s", gnutls_compression_get_name(*p));
+ log_msg(stdout, "COMP-%s", gnutls_compression_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
const gnutls_group_t *p = gnutls_group_list();
- printf("Groups: ");
+ log_msg(stdout, "Groups: ");
for (; *p; p++) {
- printf("GROUP-%s", gnutls_group_get_name(*p));
+ log_msg(stdout, "GROUP-%s", gnutls_group_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
const gnutls_pk_algorithm_t *p = gnutls_pk_list();
- printf("Public Key Systems: ");
+ log_msg(stdout, "Public Key Systems: ");
for (; *p; p++) {
- printf("%s", gnutls_pk_algorithm_get_name(*p));
+ log_msg(stdout, "%s", gnutls_pk_algorithm_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
{
const gnutls_sign_algorithm_t *p = gnutls_sign_list();
- printf("PK-signatures: ");
+ log_msg(stdout, "PK-signatures: ");
for (; *p; p++) {
- printf("SIGN-%s",
+ log_msg(stdout, "SIGN-%s",
gnutls_sign_algorithm_get_name(*p));
if (*(p + 1))
- printf(", ");
+ log_msg(stdout, ", ");
else
- printf("\n");
+ log_msg(stdout, "\n");
}
}
}
if (flags & GNUTLS_PIN_FINAL_TRY) {
cache = 0;
- printf("*** This is the final try before locking!\n");
+ log_msg(stdout, "*** This is the final try before locking!\n");
}
if (flags & GNUTLS_PIN_COUNT_LOW) {
cache = 0;
- printf("*** Only few tries left before locking!\n");
+ log_msg(stdout, "*** Only few tries left before locking!\n");
}
if (flags & GNUTLS_PIN_WRONG) {
cache = 0;
- printf("*** Wrong PIN has been provided!\n");
+ log_msg(stdout, "*** Wrong PIN has been provided!\n");
}
if (cache > 0 && cached_url != NULL) {
fprintf(stderr, "Could not find token %s\n", label);
return -1;
}
- printf("Please insert token '%s' in slot and press enter\n",
+ log_msg(stdout, "Please insert token '%s' in slot and press enter\n",
label);
if (fgets(buf, sizeof(buf), stdin) == NULL) {
fprintf(stderr, "error reading input\n");
signal(SIGPIPE, SIG_IGN);
#endif
}
+
+
+int log_msg(FILE *file, const char *message, ...)
+{
+ va_list args;
+ int rv;
+
+ va_start(args, message);
+
+ rv = vfprintf(logfile ? logfile : file, message, args);
+
+ va_end(args);
+
+ return rv;
+}
+
+void log_set(FILE *file)
+{
+ logfile = file;
+}
#include <socket.h>
#include <c-ctype.h>
#include "sockets.h"
+#include "common.h"
#ifdef _WIN32
# undef endservent
if (strcasecmp(socket->app_proto, "smtp") == 0 || strcasecmp(socket->app_proto, "submission") == 0) {
if (socket->verbose)
- printf("Negotiating SMTP STARTTLS\n");
+ log_msg(stdout, "Negotiating SMTP STARTTLS\n");
wait_for_text(socket, "220 ", 4);
snprintf(buf, sizeof(buf), "EHLO %s\r\n", socket->hostname);
wait_for_text(socket, "220 ", 4);
} else if (strcasecmp(socket->app_proto, "imap") == 0 || strcasecmp(socket->app_proto, "imap2") == 0) {
if (socket->verbose)
- printf("Negotiating IMAP STARTTLS\n");
+ log_msg(stdout, "Negotiating IMAP STARTTLS\n");
send_line(socket, "a CAPABILITY\r\n");
wait_for_text(socket, "a OK", 4);
wait_for_text(socket, "a OK", 4);
} else if (strcasecmp(socket->app_proto, "xmpp") == 0) {
if (socket->verbose)
- printf("Negotiating XMPP STARTTLS\n");
+ log_msg(stdout, "Negotiating XMPP STARTTLS\n");
snprintf(buf, sizeof(buf), "<stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' to='%s' version='1.0'>\n", socket->hostname);
send_line(socket, buf);
wait_for_text(socket, "<proceed", 8);
} else if (strcasecmp(socket->app_proto, "ldap") == 0) {
if (socket->verbose)
- printf("Negotiating LDAP STARTTLS\n");
+ log_msg(stdout, "Negotiating LDAP STARTTLS\n");
#define LDAP_STR "\x30\x1d\x02\x01\x01\x77\x18\x80\x16\x31\x2e\x33\x2e\x36\x2e\x31\x2e\x34\x2e\x31\x2e\x31\x34\x36\x36\x2e\x32\x30\x30\x33\x37"
send(socket->fd, LDAP_STR, sizeof(LDAP_STR)-1, 0);
wait_for_text(socket, NULL, 0);
} else if (strcasecmp(socket->app_proto, "ftp") == 0 || strcasecmp(socket->app_proto, "ftps") == 0) {
if (socket->verbose)
- printf("Negotiating FTP STARTTLS\n");
+ log_msg(stdout, "Negotiating FTP STARTTLS\n");
send_line(socket, "FEAT\r\n");
wait_for_text(socket, "211 ", 4);
wait_for_text(socket, "234", 3);
} else if (strcasecmp(socket->app_proto, "lmtp") == 0) {
if (socket->verbose)
- printf("Negotiating LMTP STARTTLS\n");
+ log_msg(stdout, "Negotiating LMTP STARTTLS\n");
wait_for_text(socket, "220 ", 4);
snprintf(buf, sizeof(buf), "LHLO %s\r\n", socket->hostname);
wait_for_text(socket, "220 ", 4);
} else if (strcasecmp(socket->app_proto, "pop3") == 0) {
if (socket->verbose)
- printf("Negotiating POP3 STARTTLS\n");
+ log_msg(stdout, "Negotiating POP3 STARTTLS\n");
wait_for_text(socket, "+OK", 3);
send_line(socket, "STLS\r\n");
wait_for_text(socket, "+OK", 3);
} else if (strcasecmp(socket->app_proto, "nntp") == 0) {
if (socket->verbose)
- printf("Negotiating NNTP STARTTLS\n");
+ log_msg(stdout, "Negotiating NNTP STARTTLS\n");
wait_for_text(socket, "200 ", 4);
send_line(socket, "STARTTLS\r\n");
wait_for_text(socket, "382 ", 4);
} else if (strcasecmp(socket->app_proto, "sieve") == 0) {
if (socket->verbose)
- printf("Negotiating Sieve STARTTLS\n");
+ log_msg(stdout, "Negotiating Sieve STARTTLS\n");
wait_for_text(socket, "OK ", 3);
send_line(socket, "STARTTLS\r\n");
wait_for_text(socket, "OK ", 3);
} else if (strcasecmp(socket->app_proto, "postgres") == 0 || strcasecmp(socket->app_proto, "postgresql") == 0) {
if (socket->verbose)
- printf("Negotiating PostgreSQL STARTTLS\n");
+ log_msg(stdout, "Negotiating PostgreSQL STARTTLS\n");
#define POSTGRES_STR "\x00\x00\x00\x08\x04\xD2\x16\x2F"
send(socket->fd, POSTGRES_STR, sizeof(POSTGRES_STR)-1, 0);
a_hostname = (char*)idna.data;
if (msg != NULL)
- printf("Resolving '%s:%s'...\n", a_hostname, service);
+ log_msg(stdout, "Resolving '%s:%s'...\n", a_hostname, service);
/* get server name */
memset(&hints, 0, sizeof(hints));
hd->connect_addrlen = ptr->ai_addrlen;
if (msg)
- printf("%s '%s:%s' (TFO)...\n", msg, buffer, portname);
+ log_msg(stdout, "%s '%s:%s' (TFO)...\n", msg, buffer, portname);
} else {
if (msg)
- printf("%s '%s:%s'...\n", msg, buffer, portname);
+ log_msg(stdout, "%s '%s:%s'...\n", msg, buffer, portname);
if ((err = connect(sd, ptr->ai_addr, ptr->ai_addrlen)) < 0)
continue;
projects / thirdparty / gnutls.git / commitdiff
