LibTLS: Put lots of debug spam behind TLS_DEBUG

2025-05-28 17:55:09 +00:00 · 2020-05-26 23:46:28 +02:00 · 2020-05-26 23:46:28 +02:00 · 5049e41223
commit 5049e41223
parent b0eca4023f
5 changed files with 47 additions and 3 deletions
--- a/Libraries/LibTLS/ClientHandshake.cpp
+++ b/Libraries/LibTLS/ClientHandshake.cpp
@ -87,8 +87,10 @@ ssize_t TLSv12::handle_hello(const ByteBuffer& buffer, WritePacketStage& write_p
    if (session_length && session_length <= 32) {
        memcpy(m_context.session_id, buffer.offset_pointer(res), session_length);
        m_context.session_id_size = session_length;
+#ifdef TLS_DEBUG
        dbg() << "Remote session ID:";
        print_buffer(ByteBuffer::wrap(m_context.session_id, session_length));
+#endif
    } else {
        m_context.session_id_size = 0;
    }
@ -106,7 +108,9 @@ ssize_t TLSv12::handle_hello(const ByteBuffer& buffer, WritePacketStage& write_p
        return (i8)Error::NoCommonCipher;
    }
    m_context.cipher = cipher;
+#ifdef TLS_DEBUG
    dbg() << "Cipher: " << (u16)cipher;
+#endif

    // The handshake hash function is _always_ SHA256
    m_context.handshake_hash.initialize(Crypto::Hash::HashKind::SHA256);
@ -140,7 +144,9 @@ ssize_t TLSv12::handle_hello(const ByteBuffer& buffer, WritePacketStage& write_p
        u16 extension_length = convert_between_host_and_network(*(const u16*)buffer.offset_pointer(res));
        res += 2;

+#ifdef TLS_DEBUG
        dbg() << "extension " << (u16)extension_type << " with length " << extension_length;
+#endif
        if (extension_length) {
            if (buffer.size() - res < extension_length) {
                dbg() << "not enough data for extension";
@ -212,17 +218,23 @@ ssize_t TLSv12::handle_finished(const ByteBuffer& buffer, WritePacketStage& writ
    index += 3;

    if (size < 12) {
+#ifdef TLS_DEBUG
        dbg() << "finished packet smaller than minimum size: " << size;
+#endif
        return (i8)Error::BrokenPacket;
    }

    if (size < buffer.size() - index) {
+#ifdef TLS_DEBUG
        dbg() << "not enough data after length: " << size << " > " << buffer.size() - index;
+#endif
        return (i8)Error::NeedMoreData;
    }

-    // TODO: Compare Hashes
+// TODO: Compare Hashes
+#ifdef TLS_DEBUG
    dbg() << "FIXME: handle_finished :: Check message validity";
+#endif
    m_context.connection_status = ConnectionStatus::Established;

    return handle_message(buffer);
@ -279,7 +291,9 @@ void TLSv12::build_random(PacketBuilder& builder)
 ssize_t TLSv12::handle_payload(const ByteBuffer& vbuffer)
 {
    if (m_context.connection_status == ConnectionStatus::Established) {
+#ifdef TLS_DEBUG
        dbg() << "Renegotiation attempt ignored";
+#endif
        // FIXME: We should properly say "NoRenegotiation", but that causes a handshake failure
        //        so we just roll with it and pretend that we _did_ renegotiate
        //        This will cause issues when we decide to have long-lasting connections, but