* certificate. */
int validation_failed;
- LOG(DEBUG, "new connection");
+ LOG(DEBUG1, "new connection");
server_socket = -1;
client_fd_read = NULL;
send_bad_request(client_fd_write);
goto out;
} else if (result == -3) {
- LOG(DEBUG, "read_http_request(): proxy authentication failed");
+ LOG(DEBUG1, "read_http_request(): proxy authentication failed");
send_authentication_required(client_fd_write);
goto out;
}
goto out;
}
- LOG(DEBUG, "target: %s:%s (HTTP 1.%d)", host, port, version_minor);
+ LOG(DEBUG1, "target: %s:%s (HTTP 1.%d)", host, port, version_minor);
/* Connect to proxy server or directly to server. */
if (global_proxy_host != NULL && global_proxy_port != NULL) {
- LOG(DEBUG, "connecting to %s:%s", global_proxy_host,
- global_proxy_port);
+ LOG(DEBUG1, "connecting to %s:%s", global_proxy_host,
+ global_proxy_port);
server_socket = connect_to_host(global_proxy_host, global_proxy_port);
} else {
- LOG(DEBUG, "connecting to %s:%s", host, port);
+ LOG(DEBUG1, "connecting to %s:%s", host, port);
server_socket = connect_to_host(host, port);
}
}
}
- LOG(DEBUG, "connection to server established");
+ LOG(DEBUG1, "connection to server established");
/* If the -u option is used and we don't know this hostname's server
* certificate then just pass through the connection and let the client
fprintf(client_fd_write, "\r\n");
fflush(client_fd_write);
- LOG(DEBUG, "transferring data");
+ LOG(DEBUG1, "transferring data");
/* Proxy data between client and server until one side is done
* (EOF or error). */
transfer_data(client_socket, server_socket);
- LOG(DEBUG, "finished transferring data");
+ LOG(DEBUG1, "finished transferring data");
goto out;
}
}
server_session_init = 1;
- LOG(DEBUG, "starting server TLS handshake");
+ LOG(DEBUG1, "starting server TLS handshake");
/* Try to establish TLS handshake between us and server. */
result = gnutls_handshake(server_session);
}
server_session_started = 1;
- LOG(DEBUG, "server TLS handshake finished");
+ LOG(DEBUG1, "server TLS handshake finished");
/* Make sure the server certificate is valid and known. */
if (verify_tls_connection(server_session, host) != 0) {
fprintf(client_fd_write, "\r\n");
fflush(client_fd_write);
- LOG(DEBUG, "starting client TLS handshake");
+ LOG(DEBUG1, "starting client TLS handshake");
/* Try to establish TLS handshake between client and us. */
result = gnutls_handshake(client_session);
}
client_session_started = 1;
- LOG(DEBUG, "client TLS handshake finished");
+ LOG(DEBUG1, "client TLS handshake finished");
/* Tell the client that the verification failed. Shouldn't be necessary as
* the client should terminate the connection because he received the
goto out;
}
- LOG(DEBUG, "transferring TLS data");
+ LOG(DEBUG1, "transferring TLS data");
/* Proxy data between client and server until one side is done (EOF or
* error). */
transfer_data_tls(client_socket, server_socket,
client_session, server_session);
- LOG(DEBUG, "finished transferring TLS data");
+ LOG(DEBUG1, "finished transferring TLS data");
out:
/* Close TLS sessions if necessary. Use GNUTLS_SHUT_RDWR so the data is
} else if (server_socket != -1) {
close(server_socket);
}
- LOG(DEBUG, "connection to server closed");
+ LOG(DEBUG1, "connection to server closed");
/* Close connection to client. */
if (client_fd_read != NULL) {
if (client_fd_write != NULL) {
} else {
close(client_socket);
}
- LOG(DEBUG, "connection to client closed");
+ LOG(DEBUG1, "connection to client closed");
- LOG(DEBUG, "connection finished");
+ LOG(DEBUG1, "connection finished");
}
fds[1].events = POLLIN | POLLPRI | POLLHUP | POLLERR;
fds[1].revents = 0;
- LOG(DEBUG, "transfer_data(): %d -> %d", client, server);
+ LOG(DEBUG1, "transfer_data(): %d -> %d", client, server);
for (;;) {
int result = poll(fds, 2 /* fd count */, -1 /* no timeout */);
if (gnutls_record_get_max_size(server_session) < buffer_size) {
buffer_size = gnutls_record_get_max_size(server_session);
}
- LOG(DEBUG, "transfer_data_tls(): suggested buffer size: %ld",
- (long int)buffer_size);
+ LOG(DEBUG1, "transfer_data_tls(): suggested buffer size: %ld",
+ (long int)buffer_size);
for (;;) {
int result = poll(fds, 2 /* fd count */, -1 /* no timeout */);
server->ai_socktype,
server->ai_protocol);
if (server_socket < 0) {
- LOG_PERROR(DEBUG, "connect_to_host(): socket(), trying next");
+ LOG_PERROR(DEBUG1, "connect_to_host(): socket(), trying next");
continue;
}
if (connect(server_socket, server->ai_addr, server->ai_addrlen) == 0) {
break;
}
- LOG_PERROR(DEBUG, "connect_to_host(): connect(), trying next");
+ LOG_PERROR(DEBUG1, "connect_to_host(): connect(), trying next");
close(server_socket);
}
/* Open stored server certificate file. */
if (server_certificate_file(&file, hostname, path, sizeof(path)) != 0) {
- LOG(DEBUG, "server certificate:\n%s", server_cert);
+ LOG(DEBUG1, "server certificate:\n%s", server_cert);
return -1;
}
LOG(WARNING, "verify_tls_connection(): '%s' too big", path);
fclose(file);
- LOG(DEBUG, "server certificate:\n%s", server_cert);
+ LOG(DEBUG1, "server certificate:\n%s", server_cert);
return -1;
}
path, strerror(errno));
fclose(file);
- LOG(DEBUG, "server certificate:\n%s", server_cert);
+ LOG(DEBUG1, "server certificate:\n%s", server_cert);
return -1;
}
fclose(file);
*file = fopen(path, "rb");
if (*file == NULL) {
if (global_passthrough_unknown) {
- LOG(DEBUG, "server_certificate_file(): failed to open '%s': %s",
- path, strerror(errno));
+ LOG(DEBUG1, "server_certificate_file(): failed to open '%s': %s",
+ path, strerror(errno));
} else {
LOG(WARNING, "server_certificate_file(): failed to open '%s': %s",
path, strerror(errno));
ruderich.org/simon / tlsproxy / tlsproxy.git / commitdiff