Improve debug logging of client hard reconnect

The current logging was sub-standard, in particular there was no trace
whatsoever of the HelloVerifyRequest being sent. Now it's being logged with
the usual levels: 4 for full content, 2 return of f_send, 1 decision about
sending it (or taking other branches in the same function) because that's the
same level as state changes in the handshake, and also same as the "possible
client reconnect" message" to which it's the logical continuation (what are we
doing about it?).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2020-03-31 12:31:24 +02:00
parent 7fe5ac1b62
commit b08a3344a5

View File

@ -4005,17 +4005,23 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
{ {
int send_ret;
MBEDTLS_SSL_DEBUG_MSG( 1, ( "sending HelloVerifyRequest" ) );
MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network",
ssl->out_buf, len );
/* Don't check write errors as we can't do anything here. /* Don't check write errors as we can't do anything here.
* If the error is permanent we'll catch it later, * If the error is permanent we'll catch it later,
* if it's not, then hopefully it'll work next time. */ * if it's not, then hopefully it'll work next time. */
(void) ssl->f_send( ssl->p_bio, ssl->out_buf, len ); send_ret = ssl->f_send( ssl->p_bio, ssl->out_buf, len );
MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", send_ret );
(void) send_ret;
return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
} }
if( ret == 0 ) if( ret == 0 )
{ {
/* Got a valid cookie, partially reset context */ MBEDTLS_SSL_DEBUG_MSG( 1, ( "cookie is valid, resetting context" ) );
if( ( ret = ssl_session_reset_int( ssl, 1 ) ) != 0 ) if( ( ret = ssl_session_reset_int( ssl, 1 ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret );