Enable mbedtls debug

src/crypto/mbedtls.c

@@ -24,10 +24,16 @@
 #include <stdlib.h>
 #include <string.h>
 
+/* Enable mbedtls debug: set it to something > 0 (max is 4) */
+#define MBEDTLS_DEBUG_LEVEL 4
+
 #include <mbedtls/base64.h>
 #include <mbedtls/ctr_drbg.h>
 #include <mbedtls/entropy.h>
 #include <mbedtls/error.h>
+#if MBEDTLS_DEBUG_LEVEL > 0
+#include <mbedtls/debug.h>
+#endif /* MBEDTLS_DEBUG_LEVEL > 0 */
 #include <mbedtls/gcm.h>
 #include <mbedtls/md5.h>
 #include <mbedtls/oid.h>
@@ -50,6 +56,21 @@
 #include "bctoolbox/defs.h"
 #include "bctoolbox/logging.h"
 
+/*** Debug ***/
+#if MBEDTLS_DEBUG_LEVEL > 0
+static void bctbx_mbedtls_debug(void *ctx, int level, const char *file, int line, const char *str) {
+	const char *p, *basename;
+	(void)ctx;
+	/* Extract basename from file */
+	for (p = basename = file; *p != '\0'; p++) {
+		if (*p == '/' || *p == '\\') {
+			basename = p + 1;
+		}
+	}
+	bctbx_message("%s:%04d: |%d| %s", basename, line, level, str);
+}
+#endif /* MBEDTLS_DEBUG_LEVEL > 0 */
+
 /*** Cleaning ***/
 /**
  * @brief force a buffer value to zero in a way that shall prevent the compiler from optimizing it out
@@ -1110,6 +1131,11 @@ bctbx_ssl_config_t *bctbx_ssl_config_new(void) {
 	ssl_config->callback_cli_cert_function = NULL;
 	ssl_config->callback_cli_cert_data = NULL;
 
+#if MBEDTLS_DEBUG_LEVEL > 0
+	mbedtls_ssl_conf_dbg(ssl_config->ssl_config, bctbx_mbedtls_debug, NULL);
+	mbedtls_debug_set_threshold(MBEDTLS_DEBUG_LEVEL);
+#endif
+
 #ifdef HAVE_DTLS_SRTP
 	ssl_config->dtls_srtp_mbedtls_profiles[0] = MBEDTLS_TLS_SRTP_UNSET;
 #endif /* HAVE_DTLS_SRTP */