void microhttpd_logger(void *arg, const char *fmt, va_list ap) {
char *f;
- f = strappenda("microhttpd: ", fmt);
+ f = strjoina("microhttpd: ", fmt);
DISABLE_WARNING_FORMAT_NONLITERAL;
- log_metav(LOG_INFO, NULL, 0, NULL, f, ap);
+ log_internalv(LOG_INFO, 0, NULL, 0, NULL, f, ap);
REENABLE_WARNING;
}
{ {"9", "enc", "int"}, LOG_DEBUG },
};
-void log_func_gnutls(int level, const char *message) {
+static void log_func_gnutls(int level, const char *message) {
assert_se(message);
if (0 <= level && level < (int) ELEMENTSOF(gnutls_log_map)) {
if (gnutls_log_map[level].enabled)
- log_meta(gnutls_log_map[level].level, NULL, 0, NULL,
- "gnutls %d/%s: %s", level, gnutls_log_map[level].names[1], message);
+ log_internal(gnutls_log_map[level].level, 0, NULL, 0, NULL, "gnutls %d/%s: %s", level, gnutls_log_map[level].names[1], message);
} else {
log_debug("Received GNUTLS message with unknown level %d.", level);
- log_meta(LOG_DEBUG, NULL, 0, NULL, "gnutls: %s", message);
+ log_internal(LOG_DEBUG, 0, NULL, 0, NULL, "gnutls: %s", message);
}
}
-int log_enable_gnutls_category(const char *cat) {
+static void log_reset_gnutls_level(void) {
+ int i;
+
+ for (i = ELEMENTSOF(gnutls_log_map) - 1; i >= 0; i--)
+ if (gnutls_log_map[i].enabled) {
+ log_debug("Setting gnutls log level to %d", i);
+ gnutls_global_set_log_level(i);
+ break;
+ }
+}
+
+static int log_enable_gnutls_category(const char *cat) {
unsigned i;
if (streq(cat, "all")) {
return -EINVAL;
}
-void log_reset_gnutls_level(void) {
- int i;
+int setup_gnutls_logger(char **categories) {
+ char **cat;
+ int r;
- for (i = ELEMENTSOF(gnutls_log_map) - 1; i >= 0; i--)
- if (gnutls_log_map[i].enabled) {
- log_debug("Setting gnutls log level to %d", i);
- gnutls_global_set_log_level(i);
- break;
+ gnutls_global_set_log_function(log_func_gnutls);
+
+ if (categories) {
+ STRV_FOREACH(cat, categories) {
+ r = log_enable_gnutls_category(*cat);
+ if (r < 0)
+ return r;
}
+ } else
+ log_reset_gnutls_level();
+
+ return 0;
}
static int verify_cert_authorized(gnutls_session_t session) {
int r;
r = gnutls_certificate_verify_peers2(session, &status);
- if (r < 0) {
- log_error("gnutls_certificate_verify_peers2 failed: %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "gnutls_certificate_verify_peers2 failed: %m");
type = gnutls_certificate_type_get(session);
r = gnutls_certificate_verification_status_print(status, type, &out, 0);
- if (r < 0) {
- log_error("gnutls_certificate_verification_status_print failed: %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "gnutls_certificate_verification_status_print failed: %m");
- log_info("Certificate status: %s", out.data);
+ log_debug("Certificate status: %s", out.data);
+ gnutls_free(out.data);
return status == 0 ? 0 : -EPERM;
}
return 0;
}
-int check_permissions(struct MHD_Connection *connection, int *code) {
+static inline void gnutls_x509_crt_deinitp(gnutls_x509_crt_t *p) {
+ gnutls_x509_crt_deinit(*p);
+}
+
+int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
const union MHD_ConnectionInfo *ci;
gnutls_session_t session;
- gnutls_x509_crt_t client_cert;
+ _cleanup_(gnutls_x509_crt_deinitp) gnutls_x509_crt_t client_cert = NULL;
_cleanup_free_ char *buf = NULL;
int r;
return -EPERM;
}
- log_info("Connection from %s", buf);
+ log_debug("Connection from %s", buf);
+
+ if (hostname) {
+ *hostname = buf;
+ buf = NULL;
+ }
r = verify_cert_authorized(session);
if (r < 0) {
}
#else
-int check_permissions(struct MHD_Connection *connection, int *code) {
+int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
return -EPERM;
}
+
+int setup_gnutls_logger(char **categories) {
+ if (categories)
+ log_notice("Ignoring specified gnutls logging categories — gnutls not available.");
+ return 0;
+}
#endif