From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Wed, 28 Nov 2012 22:08:35 +0000 (+0100)
Subject: journal-gatewayd: log to journal from gnutls
X-Git-Tag: v212~140
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=cafc7f91306ea17ace4a6c3d76d81c8780c87452

journal-gatewayd: log to journal from gnutls

Prefix "gnutls: " is added. Some semi-random mapping of gnutls levels
to syslog levels is done, but since gnutls levels seem to be used
rather loosely, most end up as debug.
---

diff --git a/Makefile.am b/Makefile.am
index 9e01cd520..fed8561ed 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3437,6 +3437,11 @@ systemd_journal_gatewayd_LDADD = \
 	libsystemd-shared.la \
 	$(MICROHTTPD_LIBS)
 
+if HAVE_GNUTLS
+systemd_journal_gatewayd_LDADD += \
+	$(GNUTLS_LIBS)
+endif
+
 systemd_journal_gatewayd_CFLAGS = \
 	$(AM_CFLAGS) \
 	$(MICROHTTPD_CFLAGS)
diff --git a/src/journal/journal-gatewayd.c b/src/journal/journal-gatewayd.c
index 862ee7903..c9a243841 100644
--- a/src/journal/journal-gatewayd.c
+++ b/src/journal/journal-gatewayd.c
@@ -1024,6 +1024,11 @@ int main(int argc, char *argv[]) {
         if (r == 0)
                 return EXIT_SUCCESS;
 
+#ifdef HAVE_GNUTLS
+        gnutls_global_set_log_function(log_func_gnutls);
+        gnutls_global_set_log_level(GNUTLS_LOG_LEVEL);
+#endif
+
         n = sd_listen_fds(1);
         if (n < 0) {
                 log_error("Failed to determine passed sockets: %s", strerror(-n));
diff --git a/src/journal/microhttpd-util.c b/src/journal/microhttpd-util.c
index 3844f7a03..b07ae6dff 100644
--- a/src/journal/microhttpd-util.c
+++ b/src/journal/microhttpd-util.c
@@ -39,3 +39,38 @@ void microhttpd_logger(void *arg, const char *fmt, va_list ap) {
         log_metav(LOG_INFO, NULL, 0, NULL, f, ap);
         REENABLE_WARNING;
 }
+
+#ifdef HAVE_GNUTLS
+
+static int log_level_map[] = {
+        LOG_DEBUG,
+        LOG_WARNING, /* gnutls session audit */
+        LOG_DEBUG,   /* gnutls debug log */
+        LOG_WARNING, /* gnutls assert log */
+        LOG_INFO,    /* gnutls handshake log */
+        LOG_DEBUG,   /* gnutls record log */
+        LOG_DEBUG,   /* gnutls dtls log */
+        LOG_DEBUG,
+        LOG_DEBUG,
+        LOG_DEBUG,
+        LOG_DEBUG,   /* gnutls hard log */
+        LOG_DEBUG,   /* gnutls read log */
+        LOG_DEBUG,   /* gnutls write log */
+        LOG_DEBUG,   /* gnutls io log */
+        LOG_DEBUG,   /* gnutls buffers log */
+};
+
+void log_func_gnutls(int level, const char *message) {
+        int ourlevel;
+
+        assert_se(message);
+
+        if (0 <= level && level < (int) ELEMENTSOF(log_level_map))
+                ourlevel = log_level_map[level];
+        else
+                level = LOG_DEBUG;
+
+        log_meta(ourlevel, NULL, 0, NULL, "gnutls: %s", message);
+}
+
+#endif
diff --git a/src/journal/microhttpd-util.h b/src/journal/microhttpd-util.h
index 74d1668bd..4afe0a29d 100644
--- a/src/journal/microhttpd-util.h
+++ b/src/journal/microhttpd-util.h
@@ -26,3 +26,15 @@
 #include "macro.h"
 
 void microhttpd_logger(void *arg, const char *fmt, va_list ap) _printf_(2, 0);
+
+#ifdef HAVE_GNUTLS
+#include <gnutls/gnutls.h>
+
+void log_func_gnutls(int level, const char *message);
+
+/* This is additionally filtered by our internal log level, so it
+ * should be set fairly high to capture all potentially interesting
+ * events without overwhelming detail.
+ */
+#define GNUTLS_LOG_LEVEL 6
+#endif