mirrors/etcd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

embed: provide more details on TLS handshake failure

Browse Source 
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
This commit is contained in:
Gyu-Ho Lee
2017-12-01 09:25:39 -08:00
parent b041ce5d51
commit ae589018cb
1 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
embed/config.go
View File

@ -237,13 +237,24 @@ func NewConfig() *Config {
return cfg return cfg
} }
func logTLSHandshakeFailure(conn *tls.Conn, err error) {
state := conn.ConnectionState()
remoteAddr := conn.RemoteAddr().String()
serverName := state.ServerName
if len(state.PeerCertificates) > 0 {
cert := state.PeerCertificates[0]
ips, dns := cert.IPAddresses, cert.DNSNames
plog.Infof("rejected connection from %q (error %q, ServerName %q, IPAddresses %q, DNSNames %q)", remoteAddr, err.Error(), serverName, ips, dns)
} else {
plog.Infof("rejected connection from %q (error %q, ServerName %q)", remoteAddr, err.Error(), serverName)
}
}
// SetupLogging initializes etcd logging. // SetupLogging initializes etcd logging.
// Must be called after flag parsing. // Must be called after flag parsing.
func (cfg *Config) SetupLogging() { func (cfg *Config) SetupLogging() {
cfg.ClientTLSInfo.HandshakeFailure = func(conn *tls.Conn, err error) { cfg.ClientTLSInfo.HandshakeFailure = logTLSHandshakeFailure
plog.Infof("rejected connection from %q (%v)", conn.RemoteAddr().String(), err) cfg.PeerTLSInfo.HandshakeFailure = logTLSHandshakeFailure
}
cfg.PeerTLSInfo.HandshakeFailure = cfg.ClientTLSInfo.HandshakeFailure
capnslog.SetGlobalLogLevel(capnslog.INFO) capnslog.SetGlobalLogLevel(capnslog.INFO)
if cfg.Debug { if cfg.Debug {