Use SSL_set_msg_callback

tarantool · Aug 30, 2024 · a875f95 · a875f95
1 parent b61c26a
commit a875f95
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 6 deletions.
diff --git a/shim.c b/shim.c
@@ -439,6 +439,16 @@ int X_SSL_verify_cb(int ok, X509_STORE_CTX* store) {
 	return go_ssl_verify_cb_thunk(p, ok, store);
 }
 
+void X_SSL_toggle_tracing(SSL* ssl, FILE* output, short enable) {
+  if (enable) {
+    SSL_set_msg_callback(ssl, SSL_trace);
+    SSL_set_msg_callback_arg(ssl, BIO_new_fp(output, BIO_NOCLOSE));
+  } else {
+    SSL_set_msg_callback(ssl, NULL);
+    SSL_set_msg_callback_arg(ssl, NULL);
+  }
+}
+
 const SSL_METHOD *X_SSLv23_method() {
 	return SSLv23_method();
 }

diff --git a/shim.h b/shim.h
@@ -54,6 +54,7 @@ extern long X_SSL_set_tlsext_host_name(SSL *ssl, const char *name);
 extern const char * X_SSL_get_cipher_name(const SSL *ssl);
 extern int X_SSL_session_reused(SSL *ssl);
 extern int X_SSL_new_index();
+extern void X_SSL_toggle_tracing(SSL* ssl, FILE* output, short enable);
 
 extern const SSL_METHOD *X_SSLv23_method();
 extern const SSL_METHOD *X_SSLv3_method();

diff --git a/ssl.go b/ssl.go
@@ -102,16 +102,12 @@ func (s *SSL) EnableTracing(useStderr bool) {
 		output = C.stderr
 	}
 
-	C.SSL_set_msg_callback(s.ssl, (*[0]byte)(C.SSL_trace))
-	// We cannot use SSL_set_msg_callback_arg directly because it's a macro.
-	C.SSL_ctrl(s.ssl, C.SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, unsafe.Pointer(C.BIO_new_fp(output, C.BIO_NOCLOSE)))
+	C.X_SSL_toggle_tracing(s.ssl, output, 1);
 }
 
 // DisableTracing unsets the msg callback from EnableTracing.
 func (s *SSL) DisableTracing() {
-	C.SSL_set_msg_callback(s.ssl, nil)
-	// We cannot use SSL_set_msg_callback_arg directly because it's a macro.
-	C.SSL_ctrl(s.ssl, C.SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, nil)
+	C.X_SSL_toggle_tracing(s.ssl, nil, 0);
 }
 
 // SetVerify controls peer verification settings. See