From b28ccfc725c9a52401aaa09de0734a44bd44a02d Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Thu, 7 Mar 2019 15:23:19 +0000 Subject: [tls] Display cross-certificate and OCSP status messages TLS connections will almost always create background connections to perform cross-signed certificate downloads and OCSP checks. There is currently no direct visibility into which checks are taking place, which makes troubleshooting difficult in the absence of either a packet capture or a debug build. Use the job progress message buffer to report the current cross-signed certificate download or OCSP status check, where applicable. Signed-off-by: Michael Brown --- src/net/tls.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'src/net/tls.c') diff --git a/src/net/tls.c b/src/net/tls.c index 1cd37e77..510bef8c 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -47,6 +47,7 @@ FILE_LICENCE ( GPL2_OR_LATER ); #include #include #include +#include #include /* Disambiguate the various error causes */ @@ -2570,12 +2571,31 @@ static int tls_plainstream_deliver ( struct tls_connection *tls, return rc; } +/** + * Report job progress + * + * @v tls TLS connection + * @v progress Progress report to fill in + * @ret ongoing_rc Ongoing job status code (if known) + */ +static int tls_progress ( struct tls_connection *tls, + struct job_progress *progress ) { + + /* Return cipherstream or validator progress as applicable */ + if ( tls_ready ( tls ) ) { + return job_progress ( &tls->cipherstream, progress ); + } else { + return job_progress ( &tls->validator, progress ); + } +} + /** TLS plaintext stream interface operations */ static struct interface_operation tls_plainstream_ops[] = { INTF_OP ( xfer_deliver, struct tls_connection *, tls_plainstream_deliver ), INTF_OP ( xfer_window, struct tls_connection *, tls_plainstream_window ), + INTF_OP ( job_progress, struct tls_connection *, tls_progress ), INTF_OP ( intf_close, struct tls_connection *, tls_close ), }; -- cgit v1.2.3-55-g7522