1=pod 2 3=head1 NAME 4 5OSSL_trace_enabled, OSSL_trace_begin, OSSL_trace_end, 6OSSL_TRACE_BEGIN, OSSL_TRACE_END, OSSL_TRACE_CANCEL, 7OSSL_TRACE, OSSL_TRACE1, OSSL_TRACE2, OSSL_TRACE3, OSSL_TRACE4, 8OSSL_TRACE5, OSSL_TRACE6, OSSL_TRACE7, OSSL_TRACE8, OSSL_TRACE9, 9OSSL_TRACEV, 10OSSL_TRACE_STRING, OSSL_TRACE_STRING_MAX, OSSL_trace_string, 11OSSL_TRACE_ENABLED 12- OpenSSL Tracing API 13 14=head1 SYNOPSIS 15 16=for openssl generic 17 18 #include <openssl/trace.h> 19 20 int OSSL_trace_enabled(int category); 21 22 BIO *OSSL_trace_begin(int category); 23 void OSSL_trace_end(int category, BIO *channel); 24 25 /* trace group macros */ 26 OSSL_TRACE_BEGIN(category) { 27 ... 28 if (some_error) { 29 /* Leave trace group prematurely in case of an error */ 30 OSSL_TRACE_CANCEL(category); 31 goto err; 32 } 33 ... 34 } OSSL_TRACE_END(category); 35 36 /* one-shot trace macros */ 37 OSSL_TRACE(category, text) 38 OSSL_TRACE1(category, format, arg1) 39 OSSL_TRACE2(category, format, arg1, arg2) 40 ... 41 OSSL_TRACE9(category, format, arg1, ..., arg9) 42 OSSL_TRACE_STRING(category, text, full, data, len) 43 44 #define OSSL_TRACE_STRING_MAX 80 45 int OSSL_trace_string(BIO *out, int text, int full, 46 const unsigned char *data, size_t size); 47 48 /* check whether a trace category is enabled */ 49 if (OSSL_TRACE_ENABLED(category)) { 50 ... 51 } 52 53=head1 DESCRIPTION 54 55The functions described here are mainly interesting for those who provide 56OpenSSL functionality, either in OpenSSL itself or in engine modules 57or similar. 58 59If the tracing facility is enabled (see L</Configure Tracing> below), 60these functions are used to generate free text tracing output. 61 62The tracing output is divided into types which are enabled 63individually by the application. 64The tracing types are described in detail in 65L<OSSL_trace_set_callback(3)/Trace types>. 66The fallback type B<OSSL_TRACE_CATEGORY_ALL> should I<not> be used 67with the functions described here. 68 69Tracing for a specific category is enabled at run-time if a so-called 70I<trace channel> is attached to it. A trace channel is simply a 71BIO object to which the application can write its trace output. 72 73The application has two different ways of registering a trace channel, 74either by directly providing a BIO object using L<OSSL_trace_set_channel(3)>, 75or by providing a callback routine using L<OSSL_trace_set_callback(3)>. 76The latter is wrapped internally by a dedicated BIO object, so for the 77tracing code both channel types are effectively indistinguishable. 78We call them a I<simple trace channel> and a I<callback trace channel>, 79respectively. 80 81To produce trace output, it is necessary to obtain a pointer to the 82trace channel (i.e., the BIO object) using OSSL_trace_begin(), write 83to it using arbitrary BIO output routines, and finally releases the 84channel using OSSL_trace_end(). The OSSL_trace_begin()/OSSL_trace_end() 85calls surrounding the trace output create a group, which acts as a 86critical section (guarded by a mutex) to ensure that the trace output 87of different threads does not get mixed up. 88 89The tracing code normally does not call OSSL_trace_{begin,end}() directly, 90but rather uses a set of convenience macros, see the L</Macros> section below. 91 92 93=head2 Functions 94 95OSSL_trace_enabled() can be used to check if tracing for the given 96I<category> is enabled, i.e., if the tracing facility has been statically 97enabled (see L</Configure Tracing> below) and a trace channel has been 98registered using L<OSSL_trace_set_channel(3)> or L<OSSL_trace_set_callback(3)>. 99 100OSSL_trace_begin() is used to start a tracing section, 101and get the channel for the given I<category> in form of a BIO. 102This BIO can only be used for output. 103The pointer returned is NULL if the category is invalid or not enabled. 104 105OSSL_trace_end() is used to end a tracing section. 106 107Using OSSL_trace_begin() and OSSL_trace_end() to wrap tracing sections 108is I<mandatory>. 109The result of trying to produce tracing output outside of such 110sections is undefined. 111 112OSSL_trace_string() outputs I<data> of length I<size> as a string on BIO I<out>. 113If I<text> is 0, the function masks any included control characters apart from 114newlines and makes sure for nonempty input that the output ends with a newline. 115Unless I<full> is nonzero, the length is limited (with a suitable warning) 116to B<OSSL_TRACE_STRING_MAX> characters, which currently is 80. 117 118=head2 Macros 119 120There are a number of convenience macros defined, to make tracing 121easy and consistent. 122 123OSSL_TRACE_BEGIN() and OSSL_TRACE_END() reserve the B<BIO> C<trc_out> and are 124used as follows to wrap a trace section: 125 126 OSSL_TRACE_BEGIN(TLS) { 127 128 BIO_printf(trc_out, ... ); 129 130 } OSSL_TRACE_END(TLS); 131 132This will normally expand to: 133 134 do { 135 BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_TLS); 136 if (trc_out != NULL) { 137 ... 138 BIO_printf(trc_out, ...); 139 } 140 OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out); 141 } while (0); 142 143OSSL_TRACE_CANCEL() must be used before returning from or jumping out of a 144trace section: 145 146 OSSL_TRACE_BEGIN(TLS) { 147 148 if (some_error) { 149 OSSL_TRACE_CANCEL(TLS); 150 goto err; 151 } 152 BIO_printf(trc_out, ... ); 153 154 } OSSL_TRACE_END(TLS); 155 156This will normally expand to: 157 158 do { 159 BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_TLS); 160 if (trc_out != NULL) { 161 if (some_error) { 162 OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out); 163 goto err; 164 } 165 BIO_printf(trc_out, ... ); 166 } 167 OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out); 168 } while (0); 169 170 171OSSL_TRACE() and OSSL_TRACE1(), OSSL_TRACE2(), ... OSSL_TRACE9() are 172so-called one-shot macros: 173 174The macro call C<OSSL_TRACE(category, text)>, produces literal text trace output. 175 176The macro call C<OSSL_TRACEn(category, format, arg1, ..., argn)> produces 177printf-style trace output with n format field arguments (n=1,...,9). 178It expands to: 179 180 OSSL_TRACE_BEGIN(category) { 181 BIO_printf(trc_out, format, arg1, ..., argN); 182 } OSSL_TRACE_END(category) 183 184Internally, all one-shot macros are implemented using a generic OSSL_TRACEV() 185macro, since C90 does not support variadic macros. This helper macro has a rather 186weird synopsis and should not be used directly. 187 188The macro call C<OSSL_TRACE_STRING(category, text, full, data, len)> 189outputs I<data> of length I<size> as a string 190if tracing for the given I<category> is enabled. 191It expands to: 192 193 OSSL_TRACE_BEGIN(category) { 194 OSSL_trace_string(trc_out, text, full, data, len); 195 } OSSL_TRACE_END(category) 196 197The OSSL_TRACE_ENABLED() macro can be used to conditionally execute some code 198only if a specific trace category is enabled. 199In some situations this is simpler than entering a trace section using 200OSSL_TRACE_BEGIN() and OSSL_TRACE_END(). 201For example, the code 202 203 if (OSSL_TRACE_ENABLED(TLS)) { 204 ... 205 } 206 207expands to 208 209 if (OSSL_trace_enabled(OSSL_TRACE_CATEGORY_TLS) { 210 ... 211 } 212 213=head1 NOTES 214 215It is not needed to guard trace output function calls like 216I<OSSL_TRACE(category, ...)> by I<OSSL_TRACE_ENABLED(category)>. 217 218If producing the trace output requires carrying out auxiliary calculations, 219this auxiliary code should be placed inside a conditional block which is 220executed only if the trace category is enabled. 221 222The most natural way to do this is to place the code inside the trace section 223itself because it already introduces such a conditional block. 224 225 OSSL_TRACE_BEGIN(TLS) { 226 int var = do_some_auxiliary_calculation(); 227 228 BIO_printf(trc_out, "var = %d\n", var); 229 230 } OSSL_TRACE_END(TLS); 231 232In some cases it is more advantageous to use a simple conditional group instead 233of a trace section. This is the case if calculations and tracing happen in 234different locations of the code, or if the calculations are so time consuming 235that placing them inside a (critical) trace section would create too much 236contention. 237 238 if (OSSL_TRACE_ENABLED(TLS)) { 239 int var = do_some_auxiliary_calculation(); 240 241 OSSL_TRACE1("var = %d\n", var); 242 } 243 244Note however that premature optimization of tracing code is in general futile 245and it's better to keep the tracing code as simple as possible. 246Because most often the limiting factor for the application's speed is the time 247it takes to print the trace output, not to calculate it. 248 249=head2 Configure Tracing 250 251By default, the OpenSSL library is built with tracing disabled. To 252use the tracing functionality documented here, it is therefore 253necessary to configure and build OpenSSL with the 'enable-trace' option. 254 255When the library is built with tracing disabled: 256 257=over 4 258 259=item * 260 261The macro B<OPENSSL_NO_TRACE> is defined in F<< <openssl/opensslconf.h> >>. 262 263=item * 264 265all functions are still present, but OSSL_trace_enabled() will always 266report the categories as disabled, and all other functions will do 267nothing. 268 269=item * 270 271the convenience macros are defined to produce dead code. 272For example, take this example from L</Macros> section above: 273 274 OSSL_TRACE_BEGIN(TLS) { 275 276 if (condition) { 277 OSSL_TRACE_CANCEL(TLS); 278 goto err; 279 } 280 BIO_printf(trc_out, ... ); 281 282 } OSSL_TRACE_END(TLS); 283 284When the tracing API isn't operational, that will expand to: 285 286 do { 287 BIO *trc_out = NULL; 288 if (0) { 289 if (condition) { 290 ((void)0); 291 goto err; 292 } 293 BIO_printf(trc_out, ... ); 294 } 295 } while (0); 296 297=back 298 299=head1 RETURN VALUES 300 301OSSL_trace_enabled() returns 1 if tracing for the given I<type> is 302operational and enabled, otherwise 0. 303 304OSSL_trace_begin() returns a B<BIO> pointer if the given I<type> is enabled, 305otherwise NULL. 306 307OSSL_trace_string() returns the number of characters emitted, or -1 on error. 308 309=head1 SEE ALSO 310 311L<OSSL_trace_set_channel(3)>, L<OSSL_trace_set_callback(3)> 312 313=head1 HISTORY 314 315The OpenSSL Tracing API was added in OpenSSL 3.0. 316 317OSSL_TRACE_STRING(), OSSL_TRACE_STRING_MAX, and OSSL_trace_string 318were added in OpenSSL 3.2. 319 320=head1 COPYRIGHT 321 322Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. 323 324Licensed under the Apache License 2.0 (the "License"). You may not use 325this file except in compliance with the License. You can obtain a copy 326in the file LICENSE in the source distribution or at 327L<https://www.openssl.org/source/license.html>. 328 329=cut 330
