From 550a4104394e1567984b2bd69d5db97ccb706ac7 Mon Sep 17 00:00:00 2001 From: Jelte Fennema-Nio Date: Thu, 20 Jun 2024 17:40:08 +0200 Subject: [PATCH v2 5/8] libpq: Trace responses to SSLRequest and GSSENCRequest Since these are single bytes instead of v2 or v3 messages they need custom tracing logic. These "messages" don't even have official names in the protocol specification, so I called them SSLResponse and GSSENCResponse here. --- src/interfaces/libpq/fe-connect.c | 10 ++++++++++ src/interfaces/libpq/fe-trace.c | 14 ++++++++++++++ src/interfaces/libpq/libpq-int.h | 1 + 3 files changed, 25 insertions(+) diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 071b1b34aa1..0772455c7d1 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -3493,11 +3493,15 @@ keep_going: /* We will come back to here until there is } if (SSLok == 'S') { + if (conn->Pfdebug) + pqTraceOutputEncryptionRequestResponse(conn, "SSL", SSLok); /* mark byte consumed */ conn->inStart = conn->inCursor; } else if (SSLok == 'N') { + if (conn->Pfdebug) + pqTraceOutputEncryptionRequestResponse(conn, "SSL", SSLok); /* mark byte consumed */ conn->inStart = conn->inCursor; @@ -3622,6 +3626,9 @@ keep_going: /* We will come back to here until there is if (gss_ok == 'N') { + if (conn->Pfdebug) + pqTraceOutputEncryptionRequestResponse(conn, "GSSENC", gss_ok); + /* * The connection is still valid, so if it's OK to * continue without GSS, we can proceed using this @@ -3635,6 +3642,9 @@ keep_going: /* We will come back to here until there is gss_ok); goto error_return; } + + if (conn->Pfdebug) + pqTraceOutputEncryptionRequestResponse(conn, "GSSENC", gss_ok); } /* Begin or continue GSSAPI negotiation */ diff --git a/src/interfaces/libpq/fe-trace.c b/src/interfaces/libpq/fe-trace.c index 23df8d0e10e..4978a92ea5e 100644 --- a/src/interfaces/libpq/fe-trace.c +++ b/src/interfaces/libpq/fe-trace.c @@ -821,3 +821,17 @@ pqTraceOutputNoTypeByteMessage(PGconn *conn, const char *message) fputc('\n', conn->Pfdebug); } + +void +pqTraceOutputEncryptionRequestResponse(PGconn *conn, const char *requestType, char response) +{ + if ((conn->traceFlags & PQTRACE_SUPPRESS_TIMESTAMPS) == 0) + { + char timestr[128]; + + pqTraceFormatTimestamp(timestr, sizeof(timestr)); + fprintf(conn->Pfdebug, "%s\t", timestr); + } + + fprintf(conn->Pfdebug, "B\t1\t%sResponse\t %c\n", requestType, response); +} diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h index 3a00ee2903f..82a568f8040 100644 --- a/src/interfaces/libpq/libpq-int.h +++ b/src/interfaces/libpq/libpq-int.h @@ -887,6 +887,7 @@ extern ssize_t pg_GSS_read(PGconn *conn, void *ptr, size_t len); extern void pqTraceOutputMessage(PGconn *conn, const char *message, bool toServer); extern void pqTraceOutputNoTypeByteMessage(PGconn *conn, const char *message); +extern void pqTraceOutputEncryptionRequestResponse(PGconn *conn, const char *requestType, char response); /* === miscellaneous macros === */ -- 2.34.1