From e7a9ab488c582e7fdc9fe6f4d6b50e93a539b558 Mon Sep 17 00:00:00 2001 From: Colton Willey Date: Fri, 30 Jan 2026 09:57:18 -0800 Subject: [PATCH 1/2] Add option for debug output to default to silent --- configure.ac | 11 +++++++++++ include/wolfprovider/wp_logging.h | 6 ++++++ scripts/build-wolfprovider.sh | 11 +++++++++++ scripts/utils-wolfprovider.sh | 4 ++++ src/wp_logging.c | 30 ++++++++++++++++++++++++++++-- 5 files changed, 60 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index d4228163..a5c5177b 100644 --- a/configure.ac +++ b/configure.ac @@ -73,6 +73,16 @@ AS_IF([test "$ax_enable_debug" = "yes"], [AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS"], []) +# Debug silent mode - logging compiled in but silent until env vars activate +AC_ARG_ENABLE([debug-silent], + [AS_HELP_STRING([--enable-debug-silent],[Debug logging compiled in but silent by default. Use WOLFPROV_LOG_LEVEL and WOLFPROV_LOG_COMPONENTS env vars to enable at runtime (default: disabled)])], + [ ENABLED_DEBUG_SILENT=$enableval ], + [ ENABLED_DEBUG_SILENT=no ] + ) + +AS_IF([test "$ENABLED_DEBUG_SILENT" = "yes"], + [AM_CFLAGS="$AM_CFLAGS -DWOLFPROV_DEBUG_SILENT"]) + # COVERAGE COVERAGE_CFLAGS="--coverage" AX_COVERAGE @@ -207,6 +217,7 @@ echo " * Host CPU: $host_cpu" echo " * C Compiler: $CC" echo " * C Flags: $CFLAGS" echo " * Debug enabled: $ax_enable_debug" +echo " * Debug silent mode: $ENABLED_DEBUG_SILENT" echo echo " Features " echo " * User settings: $ENABLED_USERSETTINGS" diff --git a/include/wolfprovider/wp_logging.h b/include/wolfprovider/wp_logging.h index 7dfc0ddd..b026c1ba 100644 --- a/include/wolfprovider/wp_logging.h +++ b/include/wolfprovider/wp_logging.h @@ -56,6 +56,12 @@ /* wolfProv debug logging support can be compiled in by defining * WOLFPROV_DEBUG or by using the --enable-debug configure option. * + * By default, when debug is enabled, logging is active immediately. + * Use --enable-debug-silent to compile in debug support but keep it + * silent by default. In silent mode, logging is only activated when + * WOLFPROV_LOG_LEVEL or WOLFPROV_LOG_COMPONENTS environment variables + * are set at runtime. + * * wolfProv supports the log levels as mentioned in wolfProv_LogLevels * enum below. The default logging level when debug logging is compiled in * and enabled at runtime is WP_LOG_LEVEL_DEFAULT. diff --git a/scripts/build-wolfprovider.sh b/scripts/build-wolfprovider.sh index c548329d..bfa1e309 100755 --- a/scripts/build-wolfprovider.sh +++ b/scripts/build-wolfprovider.sh @@ -27,6 +27,7 @@ show_help() { echo " Note: Requires --replace-default. Only for test builds, not for production." echo " --leave-silent Enable leave silent mode to suppress logging of return 0 in probing functions where expected failures may occur." echo " Note: This only affects logging; the calling function is still responsible for handling all return values appropriately." + echo " --debug-silent Debug logging compiled in but silent by default. Use WOLFPROV_LOG_LEVEL and WOLFPROV_LOG_COMPONENTS env vars to enable at runtime. Requires --debug." echo " --enable-seed-src Enable SEED-SRC entropy source with /dev/urandom caching for fork-safe entropy." echo " Note: This also enables WC_RNG_SEED_CB in wolfSSL." echo "" @@ -39,6 +40,7 @@ show_help() { echo " WOLFPROV_CLEAN If set to 1, run make clean in OpenSSL, wolfSSL, and wolfProvider" echo " WOLFPROV_DISTCLEAN If set to 1, remove the source and install directories of OpenSSL, wolfSSL, and wolfProvider" echo " WOLFPROV_DEBUG If set to 1, builds OpenSSL, wolfSSL, and wolfProvider with debug options enabled" + echo " WOLFPROV_DEBUG_SILENT If set to 1, debug logging is silent by default (requires WOLFPROV_DEBUG=1)" echo " WOLFPROV_LOG_FILE Path to log file for wolfProvider debug output (alternative to stderr)" echo " WOLFPROV_QUICKTEST If set to 1, disables some tests in the test suite to increase test speed" echo " WOLFPROV_DISABLE_ERR_TRACE If set to 1, wolfSSL will not be configured with --enable-debug-trace-errcodes=backtrace" @@ -132,6 +134,9 @@ for arg in "$@"; do --leave-silent) WOLFPROV_LEAVE_SILENT=1 ;; + --debug-silent) + WOLFPROV_DEBUG_SILENT=1 + ;; --enable-seed-src) WOLFPROV_SEED_SRC=1 ;; @@ -154,6 +159,12 @@ if [ "${WOLFPROV_LEAVE_SILENT}" = "1" ] && [ -z "$WOLFPROV_DEBUG" ] && [ -z "$de exit 1 fi +# Check if --debug-silent was used without debug mode +if [ "${WOLFPROV_DEBUG_SILENT}" = "1" ] && [ -z "$WOLFPROV_DEBUG" ] && [ -z "$debug" ]; then + echo "Error: --debug-silent requires --debug to be set." + exit 1 +fi + if [ -n "$WOLFPROV_LOG_FILE" ] && [ -z "$WOLFPROV_DEBUG" ]; then echo "Error: --debug-log requires --debug to be set." exit 1 diff --git a/scripts/utils-wolfprovider.sh b/scripts/utils-wolfprovider.sh index 6b67c180..7fa2a60d 100644 --- a/scripts/utils-wolfprovider.sh +++ b/scripts/utils-wolfprovider.sh @@ -114,6 +114,10 @@ install_wolfprov() { WOLFPROV_CONFIG_CFLAGS="${WOLFPROV_CONFIG_CFLAGS} -DWOLFPROV_LEAVE_SILENT_MODE" fi + if [ "${WOLFPROV_DEBUG_SILENT}" = "1" ]; then + WOLFPROV_CONFIG_OPTS+=" --enable-debug-silent" + fi + if [ -n "${WOLFPROV_LOG_FILE}" ]; then WOLFPROV_CONFIG_CFLAGS="${WOLFPROV_CONFIG_CFLAGS} -DWOLFPROV_LOG_FILE=\\\"${WOLFPROV_LOG_FILE}\\\"" fi diff --git a/src/wp_logging.c b/src/wp_logging.c index 404c73c2..1a3e3584 100644 --- a/src/wp_logging.c +++ b/src/wp_logging.c @@ -37,9 +37,16 @@ static wolfProv_Logging_cb log_function = NULL; /* Flag indicating if logging is enabled, controlled via - * wolfProv_Debugging_ON() and wolfProv_Debugging_OFF() */ + * wolfProv_Debugging_ON() and wolfProv_Debugging_OFF(). */ static int loggingEnabled = 1; +#ifdef WOLFPROV_DEBUG_SILENT +/* Silent mode gate - when active, blocks all logging output regardless of + * loggingEnabled. Only deactivated when WOLFPROV_LOG_LEVEL or + * WOLFPROV_LOG_COMPONENTS environment variables are set at runtime. */ +static int silentModeActive = 1; +#endif + /* Logging level. Bitmask of logging levels in wolfProv_LogLevels. * Default log level includes error, enter/leave, and info. Does not turn on * verbose by default. */ @@ -121,6 +128,13 @@ int wolfProv_LogInit(void) char* logLevelStr = XGETENV("WOLFPROV_LOG_LEVEL"); char* logComponentsStr = XGETENV("WOLFPROV_LOG_COMPONENTS"); +#ifdef WOLFPROV_DEBUG_SILENT + /* In silent mode, deactivate the silent gate only if env vars are set */ + if (logLevelStr != NULL || logComponentsStr != NULL) { + silentModeActive = 0; + } +#endif + if (logLevelStr != NULL) { if (wolfProv_TokenParse(logLevelStr, "()| \t", wolfProv_LogLevelToMask, &level) == 0) { @@ -201,11 +215,23 @@ int wolfProv_SetLogComponents(int componentMask) * @param logLevel [IN] Log level. */ WP_PRINTF_FUNC(3, 0) -static void wolfprovider_log(const int component, const int logLevel, +static void wolfprovider_log(const int component, const int logLevel, const char* fmt, va_list vlist) { char logMessage[WOLFPROV_MAX_LOG_WIDTH]; + /* Don't log if logging is disabled */ + if (!loggingEnabled) { + return; + } + +#ifdef WOLFPROV_DEBUG_SILENT + /* In silent mode, block all output until env vars unlock it */ + if (silentModeActive) { + return; + } +#endif + /* Don't log messages that do not match our current logging level */ if ((providerLogLevel & logLevel) != logLevel) { return; From d98a90a95c5af3a6dc319edf47250e9386067f2f Mon Sep 17 00:00:00 2001 From: Colton Willey Date: Mon, 2 Feb 2026 11:59:08 -0800 Subject: [PATCH 2/2] Update logging changes to not use new variable --- src/wp_logging.c | 29 ++++++++--------------------- 1 file changed, 8 insertions(+), 21 deletions(-) diff --git a/src/wp_logging.c b/src/wp_logging.c index 1a3e3584..c7e69de6 100644 --- a/src/wp_logging.c +++ b/src/wp_logging.c @@ -40,21 +40,22 @@ static wolfProv_Logging_cb log_function = NULL; * wolfProv_Debugging_ON() and wolfProv_Debugging_OFF(). */ static int loggingEnabled = 1; -#ifdef WOLFPROV_DEBUG_SILENT -/* Silent mode gate - when active, blocks all logging output regardless of - * loggingEnabled. Only deactivated when WOLFPROV_LOG_LEVEL or - * WOLFPROV_LOG_COMPONENTS environment variables are set at runtime. */ -static int silentModeActive = 1; -#endif - /* Logging level. Bitmask of logging levels in wolfProv_LogLevels. * Default log level includes error, enter/leave, and info. Does not turn on * verbose by default. */ +#ifdef WOLFPROV_DEBUG_SILENT +static int providerLogLevel = 0; +#else static int providerLogLevel = WP_LOG_LEVEL_ALL; +#endif /* Components which will be logged when debug enabled. Bitmask of components * in wolfProv_LogComponents. Default components include all. */ +#ifdef WOLFPROV_DEBUG_SILENT +static int providerLogComponents = 0; +#else static int providerLogComponents = WP_LOG_COMP_ALL; +#endif /* Callback functions to parse environment variables WOLFPROV_LOG_LEVEL and WOLFPROV_LOG_COMPONENTS */ static void wolfProv_LogLevelToMask(const char* level, size_t len, void* ctx); @@ -128,13 +129,6 @@ int wolfProv_LogInit(void) char* logLevelStr = XGETENV("WOLFPROV_LOG_LEVEL"); char* logComponentsStr = XGETENV("WOLFPROV_LOG_COMPONENTS"); -#ifdef WOLFPROV_DEBUG_SILENT - /* In silent mode, deactivate the silent gate only if env vars are set */ - if (logLevelStr != NULL || logComponentsStr != NULL) { - silentModeActive = 0; - } -#endif - if (logLevelStr != NULL) { if (wolfProv_TokenParse(logLevelStr, "()| \t", wolfProv_LogLevelToMask, &level) == 0) { @@ -225,13 +219,6 @@ static void wolfprovider_log(const int component, const int logLevel, return; } -#ifdef WOLFPROV_DEBUG_SILENT - /* In silent mode, block all output until env vars unlock it */ - if (silentModeActive) { - return; - } -#endif - /* Don't log messages that do not match our current logging level */ if ((providerLogLevel & logLevel) != logLevel) { return;