diff options
author | nelsonb%netscape.com <devnull@localhost> | 2000-10-05 04:14:44 +0000 |
---|---|---|
committer | nelsonb%netscape.com <devnull@localhost> | 2000-10-05 04:14:44 +0000 |
commit | 42e1f667c441f971823edadb697ba83bc190b6b9 (patch) | |
tree | c47c269fae46eba5039fe0ef3b3a92fe1e79af5a | |
parent | d482cf4bd160219a796e712a40d938b3bb6ed2dd (diff) | |
download | nss-hg-42e1f667c441f971823edadb697ba83bc190b6b9.tar.gz |
Prefix all selfserv's output messages with "selfserv: " so we can tell
client messages apart from server messages when the two are mixed.
When the verbose option is enabled, print out the session reuse stats
right after the first PR_Read completes, so we don't miss any.
-rw-r--r-- | security/nss/cmd/selfserv/selfserv.c | 69 |
1 files changed, 39 insertions, 30 deletions
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index 29d56d9e5..496e9a7bd 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -114,6 +114,7 @@ int ssl3CipherSuites[] = { 0 }; +int requestCert; int stopping; int verbose; SECItem bigBuf; @@ -232,7 +233,7 @@ errWarn(char * funcString) PRErrorCode perr = PR_GetError(); const char * errString = SECU_Strerror(perr); - fprintf(stderr, "exit after %s with error %d:\n%s\n", + fprintf(stderr, "selfserv: %s returned error %d:\n%s\n", funcString, perr, errString); return errString; } @@ -299,16 +300,16 @@ mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, peerCert = SSL_PeerCertificate(fd); - PRINTF("Subject: %s\nIssuer : %s\n", + PRINTF("selfserv: Subject: %s\nselfserv: Issuer : %s\n", peerCert->subjectName, peerCert->issuerName); rv = SSL_AuthCertificate(arg, fd, checkSig, isServer); if (rv == SECSuccess) { - fputs("-- SSL3: Certificate Validated.\n", stderr); + fputs("selfserv: -- SSL3: Certificate Validated.\n", stderr); } else { int err = PR_GetError(); - FPRINTF(stderr, "-- SSL3: Certificate Invalid, err %d.\n%s\n", + FPRINTF(stderr, "selfserv: -- SSL3: Certificate Invalid, err %d.\n%s\n", err, SECU_Strerror(err)); } FLUSH; @@ -340,21 +341,24 @@ extern long ssl3_hch_sid_cache_hits; extern long ssl3_hch_sid_cache_misses; extern long ssl3_hch_sid_cache_not_ok; - result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp); - if (result != SECSuccess) - return; - PRINTF("bulk cipher %s, %d secret key bits, %d key bits, status: %d\n" - "subject DN: %s\n" - "issuer DN: %s\n", cp, kp1, kp0, op, sp, ip); - PR_Free(cp); - PR_Free(ip); - PR_Free(sp); - - PRINTF("%ld cache hits; %ld cache misses, %ld cache not reusable\n", + PRINTF("selfserv: %ld cache hits; %ld cache misses, %ld cache not reusable\n", ssl3_hch_sid_cache_hits, ssl3_hch_sid_cache_misses, ssl3_hch_sid_cache_not_ok); - FLUSH; + result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp); + if (result == SECSuccess) { + PRINTF( + "selfserv: bulk cipher %s, %d secret key bits, %d key bits, status: %d\n", + cp, kp1, kp0, op); + if (requestCert) { + PRINTF("selfserv: subject DN: %s\n" + "selfserv: issuer DN: %s\n", sp, ip); + } + PR_Free(cp); + PR_Free(ip); + PR_Free(sp); + } + FLUSH; } /************************************************************************** @@ -455,7 +459,7 @@ launch_thread( PR_JOINABLE_THREAD, 0); if (slot->prThread == NULL) { PR_Unlock(threadLock); - printf("Failed to launch thread!\n"); + printf("selfserv: Failed to launch thread!\n"); return SECFailure; } @@ -463,7 +467,7 @@ launch_thread( slot->running = 1; ++numRunning; PR_Unlock(threadLock); - PRINTF("Launched thread in slot %d \n", i); + PRINTF("selfserv: Launched thread in slot %d \n", i); FLUSH; return SECSuccess; @@ -484,7 +488,7 @@ reap_threads(void) slot = threads + i; if (slot->running == rs_zombie) { /* Handle cleanup of thread here. */ - PRINTF("Thread in slot %d returned %d\n", i, slot->rv); + PRINTF("selfserv: Thread in slot %d returned %d\n", i, slot->rv); /* Now make sure the thread has ended OK. */ PR_JoinThread(slot->prThread); @@ -501,7 +505,7 @@ reap_threads(void) for (i = 0; i < numUsed; ++i) { slot = threads + i; if (slot->running != rs_idle) { - FPRINTF(stderr, "Thread in slot %d is in state %d!\n", + FPRINTF(stderr, "selfserv: Thread in slot %d is in state %d!\n", i, slot->running); } } @@ -617,7 +621,7 @@ do_writes( errWarn("PR_Write bigBuf"); break; } - FPRINTF(stderr, "PR_Write wrote %d bytes from bigBuf\n", count ); + FPRINTF(stderr, "selfserv: PR_Write wrote %d bytes from bigBuf\n", count ); sent += count; } if (count >= 0) { /* last write didn't fail. */ @@ -680,7 +684,7 @@ handle_fdx_connection( errWarn("FDX PR_Read"); break; } - FPRINTF(stderr, "FDX PR_Read read %d bytes.\n", count ); + FPRINTF(stderr, "selfserv: FDX PR_Read read %d bytes.\n", count ); if (firstTime) { firstTime = 0; printSecurityInfo(ssl_sock); @@ -716,6 +720,7 @@ handle_connection( int bufRem; /* unused bytes at end of buf */ int bufDat; /* characters received in buf */ int newln = 0; /* # of consecutive newlns */ + int firstTime = 1; int i; int rv; PRSocketOptionData opt; @@ -751,12 +756,17 @@ handle_connection( i = 0; rv = PR_Read(ssl_sock, pBuf, bufRem); if (rv == 0) { + errWarn("HDX PR_Read hit EOF"); break; } if (rv < 0) { errWarn("HDX PR_Read"); goto cleanup; } + if (firstTime) { + firstTime = 0; + printSecurityInfo(ssl_sock); + } pBuf += rv; bufRem -= rv; @@ -837,7 +847,7 @@ handle_connection( } else { bytes -= sizeof outHeader - 1; FPRINTF(stderr, - "PR_TransmitFile wrote %d bytes from %s\n", + "selfserv: PR_TransmitFile wrote %d bytes from %s\n", bytes, buf + 4); } PR_Close(local_file_fd); @@ -895,7 +905,7 @@ send_answer: break; } } else { - /* fwrite(buf, 1, i, stdout); /* display it */ + if (verbose > 1) fwrite(buf, 1, i, stdout); /* display it */ rv = PR_Write(ssl_sock, buf, i); if (rv < 0) { errWarn("PR_Write"); @@ -942,7 +952,7 @@ do_accepts( PRFileDesc *tcp_sock; SECStatus result; - FPRINTF(stderr, "\n\n\nAbout to call accept.\n"); + FPRINTF(stderr, "\n\n\nselfserv: About to call accept.\n"); tcp_sock = PR_Accept(listen_sock, &addr, PR_INTERVAL_NO_TIMEOUT); if (tcp_sock == NULL) { errWarn("PR_Accept"); @@ -960,7 +970,7 @@ do_accepts( } } - fprintf(stderr, "Closing listen socket.\n"); + fprintf(stderr, "selfserv: Closing listen socket.\n"); PR_Close(listen_sock); return SECSuccess; } @@ -1167,7 +1177,6 @@ main(int argc, char **argv) char * tmp; CERTCertificate * cert [kt_kea_size] = { NULL }; SECKEYPrivateKey * privKey[kt_kea_size] = { NULL }; - int requestCert = 0; unsigned short port = 0; SECStatus rv; PRBool useExportPolicy = PR_FALSE; @@ -1284,13 +1293,13 @@ main(int argc, char **argv) cert[kt_rsa] = PK11_FindCertFromNickname(nickName, passwd); if (cert[kt_rsa] == NULL) { - fprintf(stderr, "Can't find certificate %s\n", nickName); + fprintf(stderr, "selfserv: Can't find certificate %s\n", nickName); exit(1); } privKey[kt_rsa] = PK11_FindKeyByAnyCert(cert[kt_rsa], passwd); if (privKey[kt_rsa] == NULL) { - fprintf(stderr, "Can't find Private Key for cert %s\n", nickName); + fprintf(stderr, "selfserv: Can't find Private Key for cert %s\n", nickName); exit(1); } @@ -1298,7 +1307,7 @@ main(int argc, char **argv) if (fNickName) { cert[kt_fortezza] = PK11_FindCertFromNickname(fNickName, NULL); if (cert[kt_fortezza] == NULL) { - fprintf(stderr, "Can't find certificate %s\n", fNickName); + fprintf(stderr, "selfserv: Can't find certificate %s\n", fNickName); exit(1); } |