Unify connection established print

2026-06-19 19:33:38 +08:00 · 2026-06-13 09:10:09 +08:00
parent 99cc3c634b
commit 23375d1fa3
11 changed files with 49 additions and 14 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -768,7 +768,7 @@ endif()
 #
 set(CPACK_PACKAGE_NAME "GmSSL")
 set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
-set(CPACK_PACKAGE_VERSION "3.2.0-dev.1022")
+set(CPACK_PACKAGE_VERSION "3.2.0-dev.1023")
 set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
 set(CPACK_NSIS_MODIFY_PATH ON)
 include(CPack)
--- a/cmake/tls12_commands.cmake
+++ b/cmake/tls12_commands.cmake
@@ -25,7 +25,7 @@ execute_process(
 )
 execute_process(
-	COMMAND bash -c "nohup bin/gmssl tls12_server -port ${TLS12_TEST_PORT} -cert tls_server_certs.pem -key signkey.pem -pass P@ssw0rd > tls12_server.log 2>&1 &"
+	COMMAND bash -c "nohup bin/gmssl tls12_server -port ${TLS12_TEST_PORT} -cert tls_server_certs.pem -key signkey.pem -pass P@ssw0rd -cipher_suite TLS_ECDHE_SM4_CBC_SM3 -supported_group sm2p256v1 -sig_alg sm2sig_sm3 > tls12_server.log 2>&1 &"
 	RESULT_VARIABLE SERVER_RESULT
 	TIMEOUT 5
 )
@@ -36,7 +36,7 @@ endif()
 execute_process(COMMAND ${CMAKE_COMMAND} -E sleep 2)
 execute_process(
-	COMMAND bash -c "bin/gmssl tls12_client -host localhost -port ${TLS12_TEST_PORT} -cacert rootcacert.pem < /dev/null > tls12_client.log 2>&1 &"
+	COMMAND bash -c "bin/gmssl tls12_client -host localhost -port ${TLS12_TEST_PORT} -cacert rootcacert.pem -cipher_suite TLS_ECDHE_SM4_CBC_SM3 -supported_group sm2p256v1 -sig_alg sm2sig_sm3 < /dev/null > tls12_client.log 2>&1 &"
 	RESULT_VARIABLE CLIENT_RESULT
 	TIMEOUT 5
 )
--- a/cmake/tls13_commands.cmake
+++ b/cmake/tls13_commands.cmake
@@ -41,7 +41,7 @@ set(FOUND_INDEX -1)
 foreach(i RANGE 1 15)
 	if(EXISTS "tls13_client.log")
 		file(READ "tls13_client.log" CLIENT_LOG_CONTENT)
-		string(FIND "${CLIENT_LOG_CONTENT}" "connected" FOUND_INDEX)
+		string(FIND "${CLIENT_LOG_CONTENT}" "Connection established" FOUND_INDEX)
 		if(NOT ${FOUND_INDEX} EQUAL -1)
 			break()
 		endif()
--- a/include/gmssl/tls.h
+++ b/include/gmssl/tls.h
@@ -75,6 +75,8 @@ typedef enum {
 	TLS_protocol_dtls12			= 0xfefd, // {254, 253}
 } TLS_PROTOCOL;
 #define TLS_CONNECTION_ESTABLISHED_STRING "Connection established"
 const char *tls_protocol_name(int proto);
 int tls_protocol_from_name(const char *name);
@@ -1516,6 +1518,7 @@ int tls13_recv_key_update(TLS_CONNECT *conn);
 void tls_clean_record(TLS_CONNECT *conn);
 int tls_print_record(FILE *fp, int fmt, int ind, const char *label, TLS_CONNECT *conn);
 int tls_connect_print(FILE *fp, int fmt, int ind, const char *label, const TLS_CONNECT *conn);
 int tls_init(TLS_CONNECT *conn, TLS_CTX *ctx);
 int tls_set_verbose(TLS_CONNECT *conn, int verbose);
--- a/include/gmssl/version.h
+++ b/include/gmssl/version.h
@@ -19,7 +19,7 @@ extern "C" {
 // Also update CPACK_PACKAGE_VERSION in CMakeLists.txt
 #define GMSSL_VERSION_NUM	30200
-#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1022"
+#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1023"
 int gmssl_version_num(void);
 const char *gmssl_version_str(void);
--- a/src/tlcp.c
+++ b/src/tlcp.c
@@ -1213,11 +1213,6 @@ int tlcp_recv_server_finished(TLS_CONNECT *conn)
 		return -1;
 	}
 	if(conn->verbose)
 		fprintf(stderr, "Connection established!\n");
 	return 1;
 }
--- a/src/tls12.c
+++ b/src/tls12.c
@@ -3545,9 +3545,6 @@ int tls_recv_server_finished(TLS_CONNECT *conn)
 		return -1;
 	}
 	if(conn->verbose)
 		fprintf(stderr, "Connection established!\n");
 	return 1;
 }
--- a/src/tls_trace.c
+++ b/src/tls_trace.c
@@ -1089,6 +1089,44 @@ int tls_application_data_print(FILE *fp, const uint8_t *data, size_t datalen, in
 // supported_versions 的格式由handshake_type 是否为ClientHello, ServerHello 决定
 // record中是包含这个信息的，但是在exts中没有这个信息
 int tls_connect_print(FILE *fp, int fmt, int ind, const char *label, const TLS_CONNECT *conn)
 {
 	const uint8_t *cert;
 	size_t certlen;
 	const uint8_t *name;
 	size_t namelen;
 	if (!fp || !conn) {
 		error_print();
 		return -1;
 	}
 	if (label) {
 		format_print(fp, fmt, ind, "%s\n", label);
 		ind += 4;
 	}
 	format_print(fp, fmt, ind, "%s\n", TLS_CONNECTION_ESTABLISHED_STRING);
 	format_print(fp, fmt, ind, "Protocol: %s\n", tls_protocol_name(conn->protocol));
 	format_print(fp, fmt, ind, "Cipher suite: %s\n", tls_cipher_suite_name(conn->cipher_suite));
 	if (conn->alpn_selected) {
 		format_print(fp, fmt, ind, "ALPN protocol: %s\n", conn->alpn_selected);
 	}
 	if (conn->peer_cert_chain_len
 		&& x509_certs_get_cert_by_index(conn->peer_cert_chain,
 			conn->peer_cert_chain_len, 0, &cert, &certlen) == 1) {
 		if (x509_cert_get_subject(cert, certlen, &name, &namelen) == 1) {
 			x509_name_print(fp, fmt, ind, "Peer certificate subject", name, namelen);
 		}
 		if (x509_cert_get_issuer(cert, certlen, &name, &namelen) == 1) {
 			x509_name_print(fp, fmt, ind, "Peer certificate issuer", name, namelen);
 		}
 	}
 	return 1;
 }
 int tls_print_record(FILE *fp, int fmt, int ind, const char *label, TLS_CONNECT *conn)
 {
 	tls_record_print(fp, conn->record, conn->recordlen, fmt, ind);
--- a/tools/tlcp_client.c
+++ b/tools/tlcp_client.c
@@ -505,6 +505,7 @@ bad:
 		fprintf(stderr, "%s: error\n", prog);
 		goto end;
 	}
 	tls_connect_print(stderr, 0, 0, NULL, &conn);
 	if (certoutfile) {
 		FILE *certoutfp;
--- a/tools/tls12_client.c
+++ b/tools/tls12_client.c
@@ -491,6 +491,7 @@ bad:
 		fprintf(stderr, "%s: error\n", prog);
 		goto end;
 	}
 	tls_connect_print(stderr, 0, 0, NULL, &conn);
 	if (get) {
 		snprintf(buf, sizeof(buf), "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n", get, host);
--- a/tools/tls13_client.c
+++ b/tools/tls13_client.c
@@ -823,7 +823,7 @@ bad:
 		goto end;
 	}
-	fprintf(stderr, "connected\n");
+	tls_connect_print(stderr, 0, 0, NULL, &conn);
 	fprintf(stderr, "\n");
 	if (get) {