From 0c02582e87cee908c6ccaa0dc4ba6c57aa33188e Mon Sep 17 00:00:00 2001 From: Jelte Fennema-Nio Date: Thu, 20 Jun 2024 17:40:08 +0200 Subject: [PATCH v1 5/8] libpq: Trace responses to SSLRequest and GSSENCRequest Since these are single bytes instead of v2 or v3 messages they need custom tracing logic. These "messages" don't even have official names in the protocol specification, so I called them SSLResponse and GSSENCResponse here. --- src/interfaces/libpq/fe-connect.c | 10 ++++++++++ src/interfaces/libpq/fe-trace.c | 14 ++++++++++++++ src/interfaces/libpq/libpq-int.h | 1 + 3 files changed, 25 insertions(+) diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 071b1b34aa1..0772455c7d1 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -3493,11 +3493,15 @@ keep_going: /* We will come back to here until there is } if (SSLok == 'S') { + if (conn->Pfdebug) + pqTraceOutputEncryptionRequestResponse(conn, "SSL", SSLok); /* mark byte consumed */ conn->inStart = conn->inCursor; } else if (SSLok == 'N') { + if (conn->Pfdebug) + pqTraceOutputEncryptionRequestResponse(conn, "SSL", SSLok); /* mark byte consumed */ conn->inStart = conn->inCursor; @@ -3622,6 +3626,9 @@ keep_going: /* We will come back to here until there is if (gss_ok == 'N') { + if (conn->Pfdebug) + pqTraceOutputEncryptionRequestResponse(conn, "GSSENC", gss_ok); + /* * The connection is still valid, so if it's OK to * continue without GSS, we can proceed using this @@ -3635,6 +3642,9 @@ keep_going: /* We will come back to here until there is gss_ok); goto error_return; } + + if (conn->Pfdebug) + pqTraceOutputEncryptionRequestResponse(conn, "GSSENC", gss_ok); } /* Begin or continue GSSAPI negotiation */ diff --git a/src/interfaces/libpq/fe-trace.c b/src/interfaces/libpq/fe-trace.c index 23df8d0e10e..4978a92ea5e 100644 --- a/src/interfaces/libpq/fe-trace.c +++ b/src/interfaces/libpq/fe-trace.c @@ -821,3 +821,17 @@ pqTraceOutputNoTypeByteMessage(PGconn *conn, const char *message) fputc('\n', conn->Pfdebug); } + +void +pqTraceOutputEncryptionRequestResponse(PGconn *conn, const char *requestType, char response) +{ + if ((conn->traceFlags & PQTRACE_SUPPRESS_TIMESTAMPS) == 0) + { + char timestr[128]; + + pqTraceFormatTimestamp(timestr, sizeof(timestr)); + fprintf(conn->Pfdebug, "%s\t", timestr); + } + + fprintf(conn->Pfdebug, "B\t1\t%sResponse\t %c\n", requestType, response); +} diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h index f9b21c86ae4..575f9dbc7f0 100644 --- a/src/interfaces/libpq/libpq-int.h +++ b/src/interfaces/libpq/libpq-int.h @@ -885,6 +885,7 @@ extern ssize_t pg_GSS_read(PGconn *conn, void *ptr, size_t len); extern void pqTraceOutputMessage(PGconn *conn, const char *message, bool toServer); extern void pqTraceOutputNoTypeByteMessage(PGconn *conn, const char *message); +extern void pqTraceOutputEncryptionRequestResponse(PGconn *conn, const char *requestType, char response); /* === miscellaneous macros === */ -- 2.34.1