log the encryption level of sent and received packets

2017-02-24 16:03:26 +07:00
parent 1bd1a9e0e5
commit b84e945868
3 changed files with 35 additions and 4 deletions
--- a/protocol/encryption_level.go
+++ b/protocol/encryption_level.go
@@ -14,3 +14,15 @@ const (
 	// EncryptionForwardSecure is forward secure
 	EncryptionForwardSecure
 )
+
+func (e EncryptionLevel) String() string {
+	switch e {
+	case EncryptionUnencrypted:
+		return "unencrypted"
+	case EncryptionSecure:
+		return "encrypted (not forward-secure)"
+	case EncryptionForwardSecure:
+		return "forward-secure"
+	}
+	return "unknown"
+}
--- a/protocol/encryption_level_test.go
+++ b/protocol/encryption_level_test.go
@@ -0,0 +1,15 @@
+package protocol
+
+import (
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("Encryption Level", func() {
+	It("has the correct string representation", func() {
+		Expect(EncryptionUnspecified.String()).To(Equal("unknown"))
+		Expect(EncryptionUnencrypted.String()).To(Equal("unencrypted"))
+		Expect(EncryptionSecure.String()).To(Equal("encrypted (not forward-secure)"))
+		Expect(EncryptionForwardSecure.String()).To(Equal("forward-secure"))
+	})
+})
--- a/session.go
+++ b/session.go
@@ -320,11 +320,15 @@ func (s *session) handlePacketImpl(p *receivedPacket) error {
 		s.largestRcvdPacketNumber,
 		hdr.PacketNumber,
 	)
-	if utils.Debug() {
-		utils.Debugf("<- Reading packet 0x%x (%d bytes) for connection %x @ %s", hdr.PacketNumber, len(data)+len(hdr.Raw), hdr.ConnectionID, time.Now().Format("15:04:05.000"))
-	}

 	packet, err := s.unpacker.Unpack(hdr.Raw, hdr, data)
+	if utils.Debug() {
+		if err != nil {
+			utils.Debugf("<- Reading packet 0x%x (%d bytes) for connection %x @ %s", hdr.PacketNumber, len(data)+len(hdr.Raw), hdr.ConnectionID, time.Now().Format("15:04:05.000"))
+		} else {
+			utils.Debugf("<- Reading packet 0x%x (%d bytes) for connection %x, %s @ %s", hdr.PacketNumber, len(data)+len(hdr.Raw), hdr.ConnectionID, packet.encryptionLevel, time.Now().Format("15:04:05.000"))
+		}
+	}
 	// if the decryption failed, this might be a packet sent by an attacker
 	// don't update the remote address
 	if quicErr, ok := err.(*qerr.QuicError); ok && quicErr.ErrorCode == qerr.DecryptionFailure {
@@ -653,7 +657,7 @@ func (s *session) logPacket(packet *packedPacket) {
 		return
 	}
 	if utils.Debug() {
-		utils.Debugf("-> Sending packet 0x%x (%d bytes) @ %s", packet.number, len(packet.raw), time.Now().Format("15:04:05.000"))
+		utils.Debugf("-> Sending packet 0x%x (%d bytes), %s, @ %s", packet.number, len(packet.raw), packet.encryptionLevel, time.Now().Format("15:04:05.000"))
 		for _, frame := range packet.frames {
 			frames.LogFrame(frame, true)
 		}