diff options
Diffstat (limited to 'manual/html_node/Debugging-and-auditing.html')
| -rw-r--r-- | manual/html_node/Debugging-and-auditing.html | 244 |
1 files changed, 0 insertions, 244 deletions
diff --git a/manual/html_node/Debugging-and-auditing.html b/manual/html_node/Debugging-and-auditing.html deleted file mode 100644 index fe2497ec11..0000000000 --- a/manual/html_node/Debugging-and-auditing.html +++ /dev/null @@ -1,244 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<html> -<!-- This manual is last updated 4 March 2015 for version -3.5.4 of GnuTLS. - -Copyright (C) 2001-2015 Free Software Foundation, Inc.\\ -Copyright (C) 2001-2015 Nikos Mavrogiannopoulos - -Permission is granted to copy, distribute and/or modify this document -under the terms of the GNU Free Documentation License, Version 1.3 or -any later version published by the Free Software Foundation; with no -Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A -copy of the license is included in the section entitled "GNU Free -Documentation License". --> -<!-- Created by GNU Texinfo 6.1, http://www.gnu.org/software/texinfo/ --> -<head> -<title>GnuTLS 3.5.4: Debugging and auditing</title> - -<meta name="description" content="GnuTLS 3.5.4: Debugging and auditing"> -<meta name="keywords" content="GnuTLS 3.5.4: Debugging and auditing"> -<meta name="resource-type" content="document"> -<meta name="distribution" content="global"> -<meta name="Generator" content="makeinfo"> -<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> -<link href="index.html#Top" rel="start" title="Top"> -<link href="Function-and-Data-Index.html#Function-and-Data-Index" rel="index" title="Function and Data Index"> -<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents"> -<link href="Introduction-to-the-library.html#Introduction-to-the-library" rel="up" title="Introduction to the library"> -<link href="Thread-safety.html#Thread-safety" rel="next" title="Thread safety"> -<link href="Common-types.html#Common-types" rel="prev" title="Common types"> -<style type="text/css"> -<!-- -a.summary-letter {text-decoration: none} -blockquote.indentedblock {margin-right: 0em} -blockquote.smallindentedblock {margin-right: 0em; font-size: smaller} -blockquote.smallquotation {font-size: smaller} -div.display {margin-left: 3.2em} -div.example {margin-left: 3.2em} -div.lisp {margin-left: 3.2em} -div.smalldisplay {margin-left: 3.2em} -div.smallexample {margin-left: 3.2em} -div.smalllisp {margin-left: 3.2em} -kbd {font-style: oblique} -pre.display {font-family: inherit} -pre.format {font-family: inherit} -pre.menu-comment {font-family: serif} -pre.menu-preformatted {font-family: serif} -pre.smalldisplay {font-family: inherit; font-size: smaller} -pre.smallexample {font-size: smaller} -pre.smallformat {font-family: inherit; font-size: smaller} -pre.smalllisp {font-size: smaller} -span.nolinebreak {white-space: nowrap} -span.roman {font-family: initial; font-weight: normal} -span.sansserif {font-family: sans-serif; font-weight: normal} -ul.no-bullet {list-style: none} -body { - margin: 2%; - padding: 0 5%; - background: #ffffff; -} -h1,h2,h3,h4,h5 { - font-weight: bold; - padding: 5px 5px 5px 5px; - background-color: #c2e0ff; - color: #336699; -} -h1 { - padding: 2em 2em 2em 5%; - color: white; - background: #336699; - text-align: center; - letter-spacing: 3px; -} -h2 { text-decoration: underline; } -pre { - margin: 0 5%; - padding: 0.5em; -} -pre.example,pre.verbatim { - padding-bottom: 1em; - - border: solid #c2e0ff; - background: #f0faff; - border-width: 1px 1px 1px 5px; - margin: 1em auto; - width: 90%; -} - -div.node { - margin: 0 -5% 0 -2%; - padding: 0.5em 0.5em; - margin-top: 0.5em; - margin-bottom: 0.5em; - font-weight: bold; -} -dd, li { - padding-top: 0.1em; - padding-bottom: 0.1em; -} -div.float { - - margin-bottom: 0.5em; - text-align: center; -} - -table { - text-align: left; - margin-left:auto; - margin-right:auto; - border-spacing: 7px; - width: 50%; -} - -th { - padding: 0; - color: #336699; - background-color: #c2e0ff; - border: solid #000000; - border-width: 0px; - margin: 1em auto; - text-align: center; - margin-left:auto; - margin-right:auto; -} - -td { - padding: 0; - border: solid #000000; - background-color: #f0faff; - border-width: 0px; - margin: 1em auto; - text-align: left; - margin-left:auto; - margin-right:auto; - padding-left: 1em; -} - -dl { - text-align: left; - margin-left:auto; - margin-right:auto; - width: 50%; - - padding-left: 1em; - border: solid #c2e0ff; - background: #f0faff; - border-width: 5px 1px 1px 1px; - margin: 1em auto; -} - ---> -</style> - - -</head> - -<body lang="en"> -<a name="Debugging-and-auditing"></a> -<div class="header"> -<p> -Next: <a href="Thread-safety.html#Thread-safety" accesskey="n" rel="next">Thread safety</a>, Previous: <a href="Common-types.html#Common-types" accesskey="p" rel="prev">Common types</a>, Up: <a href="Introduction-to-the-library.html#Introduction-to-the-library" accesskey="u" rel="up">Introduction to the library</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p> -</div> -<hr> -<a name="Debugging-and-auditing-1"></a> -<h4 class="subsection">6.1.4 Debugging and auditing</h4> - -<p>In many cases things may not go as expected and further information, -to assist debugging, from <acronym>GnuTLS</acronym> is desired. -Those are the cases where the <a href="Core-TLS-API.html#gnutls_005fglobal_005fset_005flog_005flevel">gnutls_global_set_log_level</a> and -<a href="Core-TLS-API.html#gnutls_005fglobal_005fset_005flog_005ffunction">gnutls_global_set_log_function</a> are to be used. Those will print -verbose information on the <acronym>GnuTLS</acronym> functions internal flow. -</p> -<dl compact="compact"> -<dt><code><var>void</var> <a href="Core-TLS-API.html#gnutls_005fglobal_005fset_005flog_005flevel">gnutls_global_set_log_level</a> (int <var>level</var>)</code></dt> -<dt><code><var>void</var> <a href="Core-TLS-API.html#gnutls_005fglobal_005fset_005flog_005ffunction">gnutls_global_set_log_function</a> (gnutls_log_func <var>log_func</var>)</code></dt> -</dl> - -<p>Alternatively the environment variable <code>GNUTLS_DEBUG_LEVEL</code> can be -set to a logging level and GnuTLS will output debugging output to standard -error. Other available environment variables are shown in <a href="#tab_003aenvironment">Table 6.1</a>. -</p> -<div class="float"><a name="tab_003aenvironment"></a> -<table> -<thead><tr><th width="30%">Variable</th><th width="70%">Purpose</th></tr></thead> -<tr><td width="30%"><code>GNUTLS_DEBUG_LEVEL</code></td><td width="70%">When set to a numeric value, it sets the default debugging level for GnuTLS applications.</td></tr> -<tr><td width="30%"><code>SSLKEYLOGFILE</code></td><td width="70%">When set to a filename, GnuTLS will append to it the session keys in the NSS Key Log -format. That format can be read by wireshark and will allow decryption of the session for debugging.</td></tr> -<tr><td width="30%"><code>GNUTLS_CPUID_OVERRIDE</code></td><td width="70%">That environment variable can be used to -explicitly enable/disable the use of certain CPU capabilities. Note that CPU -detection cannot be overridden, i.e., VIA options cannot be enabled on an Intel -CPU. The currently available options are: -<ul> -<li> 0x1: Disable all run-time detected optimizations -</li><li> 0x2: Enable AES-NI -</li><li> 0x4: Enable SSSE3 -</li><li> 0x8: Enable PCLMUL -</li><li> 0x10: Enable AVX -</li><li> 0x100000: Enable VIA padlock -</li><li> 0x200000: Enable VIA PHE -</li><li> 0x400000: Enable VIA PHE SHA512 -</li></ul></td></tr> -<tr><td width="30%"><code>GNUTLS_FORCE_FIPS_MODE</code></td><td width="70%">In setups where GnuTLS is compiled with support for FIPS140-2 (see –enable-fips140-mode in configure), that option if set to one enforces the FIPS140 mode.</td></tr> -</table> - -<div class="float-caption"><p><strong>Table 6.1: </strong>Environment variables used by the library.</p></div></div> - -<p>When debugging is not required, important issues, such as detected -attacks on the protocol still need to be logged. This is provided -by the logging function set by -<a href="Core-TLS-API.html#gnutls_005fglobal_005fset_005faudit_005flog_005ffunction">gnutls_global_set_audit_log_function</a>. The provided function -will receive an message and the corresponding -TLS session. The session information might be used to derive IP addresses -or other information about the peer involved. -</p> - - - - -<dl> -<dt><a name="index-gnutls_005fglobal_005fset_005faudit_005flog_005ffunction"></a>Function: <em>void</em> <strong>gnutls_global_set_audit_log_function</strong> <em>(gnutls_audit_log_func <var>log_func</var>)</em></dt> -<dd><p><var>log_func</var>: it is the audit log function -</p> -<p>This is the function to set the audit logging function. This -is a function to report important issues, such as possible -attacks in the protocol. This is different from <code>gnutls_global_set_log_function()</code> -because it will report also session-specific events. The session -parameter will be null if there is no corresponding TLS session. -</p> -<p><code>gnutls_audit_log_func</code> is of the form, -void (*gnutls_audit_log_func)( gnutls_session_t, const char*); -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<hr> -<div class="header"> -<p> -Next: <a href="Thread-safety.html#Thread-safety" accesskey="n" rel="next">Thread safety</a>, Previous: <a href="Common-types.html#Common-types" accesskey="p" rel="prev">Common types</a>, Up: <a href="Introduction-to-the-library.html#Introduction-to-the-library" accesskey="u" rel="up">Introduction to the library</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p> -</div> - - - -</body> -</html> |