You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Yann Ylavic <yl...@gmail.com> on 2014/01/07 12:46:56 UTC
[PATCH] mod_ssl to dump I/O writes in debug/trace mode
Helo,
maybe it's intended behaviour, but mod_ssl won't dump SSL I/O writes (ie.
ssl_io_data_cb) in DEBUG/TRACE4 (2.2.x/2.4.x) log level.
That's because the callback is not set on the ssl->wbio (rbio only).
This would help debug/diagnose SSL problems without the need of the
corresponding TCP dump.
The following patch will dump writes like reads (unconditionally).
It could be improved to dump reads/writes on both client/proxy sides
depending on a directive (something like SSLDumpMask +ALL -CLIENT_OUT
-PROXY_IN), but that's for debug mode only, so maybe overkill (otherwise
let me know).
Regards,
Yann.
Index: modules/ssl/ssl_engine_io.c
===================================================================
--- modules/ssl/ssl_engine_io.c (revision 1550918)
+++ modules/ssl/ssl_engine_io.c (working copy)
@@ -2014,8 +2014,14 @@ void ssl_io_filter_init(conn_rec *c, request_rec *
ssl_io_filter_cleanup,
apr_pool_cleanup_null);
if (APLOG_CS_IS_LEVEL(c, mySrvFromConn(c), APLOG_TRACE4)) {
- BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb);
- BIO_set_callback_arg(SSL_get_rbio(ssl), (void *)ssl);
+ BIO *rbio = SSL_get_rbio(ssl),
+ *wbio = SSL_get_wbio(ssl);
+ BIO_set_callback(rbio, ssl_io_data_cb);
+ BIO_set_callback_arg(rbio, (void *)ssl);
+ if (wbio && wbio != rbio) {
+ BIO_set_callback(wbio, ssl_io_data_cb);
+ BIO_set_callback_arg(wbio, (void *)ssl);
+ }
}
return;
[EOS]