net: https: Allow mbedtls debugging for https-server

The mbedtls debugging function was set before the ssl config
struct was initialized. This meant that it was not possible
to activate mbedtls debug prints. This commit sets the debug
print option after the config struct has been initialized.

Fixed also the debug prints which print extra \n which looks
very bad in debugging outputs.

This commit does not enable mbedtls debugging, it just makes it
possible to output mbedtls debug prints. In order to get mbedlts
debug prints one needs to do this:
* set DEBUG_THRESHOLD to >0 in http_server.c
* enable CONFIG_NET_DEBUG_HTTP in project config file
* enable MBEDTLS_DEBUG_C in mbedtls config file (see file pointed
  by CONFIG_MBEDTLS_CFG_FILE option)
* in qemu, one needs to increase the size of the available RAM,
  this setting does the trick, CONFIG_RAM_SIZE=300

Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This commit is contained in:
Jukka Rissanen 2017-06-05 14:52:12 +03:00
commit 2e2ce3120a

View file

@ -29,6 +29,13 @@ static void https_disable(struct http_server_ctx *ctx);
#if defined(MBEDTLS_DEBUG_C)
#include <mbedtls/debug.h>
/* - Debug levels (from ext/lib/crypto/mbedtls/include/mbedtls/debug.h)
* - 0 No debug
* - 1 Error
* - 2 State change
* - 3 Informational
* - 4 Verbose
*/
#define DEBUG_THRESHOLD 0
#endif
@ -958,6 +965,7 @@ static void my_debug(void *ctx, int level,
const char *file, int line, const char *str)
{
const char *p, *basename;
int len;
ARG_UNUSED(ctx);
@ -969,6 +977,12 @@ static void my_debug(void *ctx, int level,
}
/* Avoid printing double newlines */
len = strlen(str);
if (str[len - 1] == '\n') {
((char *)str)[len - 1] = '\0';
}
NET_DBG("%s:%04d: |%d| %s", basename, line, level, str);
}
#endif /* MBEDTLS_DEBUG_C && CONFIG_NET_DEBUG_HTTP */
@ -1281,11 +1295,6 @@ static void https_handler(struct http_server_ctx *ctx)
heap_init(ctx);
#if defined(MBEDTLS_DEBUG_C) && defined(CONFIG_NET_DEBUG_HTTP)
mbedtls_debug_set_threshold(DEBUG_THRESHOLD);
mbedtls_ssl_conf_dbg(&ctx->https.mbedtls.conf, my_debug, NULL);
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init(&ctx->https.mbedtls.srvcert);
#endif
@ -1296,6 +1305,11 @@ static void https_handler(struct http_server_ctx *ctx)
mbedtls_entropy_init(&ctx->https.mbedtls.entropy);
mbedtls_ctr_drbg_init(&ctx->https.mbedtls.ctr_drbg);
#if defined(MBEDTLS_DEBUG_C) && defined(CONFIG_NET_DEBUG_HTTP)
mbedtls_debug_set_threshold(DEBUG_THRESHOLD);
mbedtls_ssl_conf_dbg(&ctx->https.mbedtls.conf, my_debug, NULL);
#endif
/* Load the certificates and private RSA key. This needs to be done
* by the user so we call a callback that user must have provided.
*/