inet_tls/logger/report_cb combo losing information

Loïc Hoguin lhoguin@REDACTED
Thu Oct 14 13:58:13 CEST 2021


Hello,

I am trying to understand why there is a difference between the logs from a simple erl node compared to a node that has logger configuration with a handler that customizes the output and logs to a file.

The message logged comes from a handshake error due to a bad certificate when another node is trying to connect through the TLS distribution.

On the simple erl node we get the following error:

=NOTICE REPORT==== 14-Oct-2021::11:23:43.108059 ===
TLS client: In state certify at ssl_handshake.erl:1901 generated CLIENT ALERT: Fatal - Handshake Failure
- {bad_cert,hostname_check_failed}

On the node with logger configuration we get this :


2021-10-14 11:23:43.108216+02:00 [noti] <0.575.0> TLS server: In state certify received CLIENT ALERT: Fatal - Handshake Failure

2021-10-14 11:23:43.108216+02:00 [noti] <0.575.0>

We are missing the bad_cert line and that’s bad because that line is fairly important for debugging the issue.

I have tracked down the error up until the call to ssl_logger:format/1. It receives the following argument:


#{alert =>

              {alert,2,40,

                     #{file => "ssl_alert.erl",line => 136,

                       mfa => {ssl_alert,decode,3}},

                     client,undefined},

          alerter => peer,protocol => "TLS",role => server,

          statename => certify}

As far as I can tell, based on this data, the output is expected.

For what it’s worth, the Meta information doesn’t have the extra info either:


#{depth => 20,file => "ssl_alert.erl",

                                   gl => <0.46.0>,line => 136,

                                   mfa => {ssl_alert,decode,3},

                                   pid => <0.690.0>,

                                   report_cb => fun ssl_logger:format/1,

                                   time => 1634210440978557}

My question therefore is: how can we get the {bad_cert,hostname_check_failed} line logged as well with our custom logger handler? Why is it in the notice report above but not in the logger event?

Thanks,

--
Loïc Hoguin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20211014/fd9b7434/attachment.htm>


More information about the erlang-questions mailing list