gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-1280 修改 debug log

Browse Source
This commit is contained in:
luwenpeng
2020-04-28 18:52:44 +08:00
parent 3156fbfa27
commit 04ed73db0e
1 changed files with 8 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
plugin/business/ssl-policy/src/ssl_policy.cpp
View File

@@ -214,7 +214,6 @@ void intercept_param_new_cb(int table_id, const char* key, const char* table_lin
}
*ad=param;
TFE_LOG_INFO(enforcer->logger, "Add intercept policy: %d", param->policy_id);
TFE_LOG_DEBUG(enforcer->logger, "intercept policy id=%d, key=%s, json=%s", param->policy_id, key, json_str);
error_out:
cJSON_Delete(json);
free(json_str);
@@ -366,7 +365,7 @@ void profile_param_new_cb(int table_id, const char* key, const char* table_line,
}
*ad=param;
TFE_LOG_INFO(enforcer->logger, "decryption profile key=%s, value=%s", key, json_str);
TFE_LOG_INFO(enforcer->logger, "Add decryption profile: %s", key);
error_out:
if (json)
cJSON_Delete(json);
@@ -472,36 +471,19 @@ enum ssl_stream_action ssl_policy_enforce(struct ssl_stream *upstream, void* u_p
(has_error && profile_param->bypass_protocol_errors))
{
action=SSL_ACTION_PASSTHROUGH;
TFE_LOG_DEBUG(enforcer->logger, "%s %s enforce policy_id %d, action PASSTHROUGH due to pinning:%d, mutual_auth:%d, is_ev:%d, is_ct:%d, has_error:%d",
addr_string, sni, policy_param->policy_id,
((pinning_staus == 1 && profile_param->bypass_pinning) ? 1 : 0),
((is_mauth && profile_param->bypass_mutual_auth) ? 1 : 0),
((is_ev && profile_param->bypass_ev_cert) ? 1 : 0),
((is_ct && profile_param->bypass_ct_cert) ? 1 : 0),
((has_error && profile_param->bypass_protocol_errors) ? 1 : 0));
}
else
{
action=SSL_ACTION_INTERCEPT;
}
TFE_LOG_DEBUG(enforcer->logger, "%s %s action:%s enforce \"policy_id:%d, keyring:%d, decryption_profile_id:%d, bypass_ct_cert:%d, bypass_ev_cert:%d, bypass_mutual_auth:%d, bypass_pinning:%d, bypass_protocol_errors:%d, "
"no_verify_cn:%d, no_verify_expry_date:%d, no_verify_issuer:%d, no_verify_self_signed:%d, block_fake_cert:%d, ssl_max_version:%d, ssl_min_version:%d, mirror_client_version:%d, allow_http2:%d\"",
addr_string, sni, (action == SSL_ACTION_INTERCEPT ? "INTERCEPT" : "PASSTHROUGH"),
policy_param->policy_id,
policy_param->keyring,
policy_param->decryption_profile_id,
profile_param->bypass_ct_cert,
profile_param->bypass_ev_cert,
profile_param->bypass_mutual_auth,
profile_param->bypass_pinning,
profile_param->bypass_protocol_errors,
profile_param->no_verify_cn,
profile_param->no_verify_expry_date,
profile_param->no_verify_issuer,
profile_param->no_verify_self_signed,
profile_param->block_fake_cert,
profile_param->ssl_max_version,
profile_param->ssl_min_version,
profile_param->mirror_client_version,
profile_param->allow_http2
);
intercept_param_free(policy_param);
profile_param_free(profile_param);
policy_param=NULL;