[EXPORTER] Log SSL Connection Information

[chusitoo]

Fixes #2250

Changes

Enable curl verbose output and add debug function callback to intercept the "interesting" logs.

This functionality is controlled by the compile-time flag/option WITH_CURL_LOGGING=ON but can also be enabled at runtime by setting OtlpHttpExporterOptions::console_debug = true.

By default, all the headers and other information are not available and protected by a compile-time flag since they could contain sensitive information.

An example of info logging related to TLS handshake, available by default:

[Info] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:593 SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / X25519 / RSASSA-PSS

An example of debug logging, enabled via -DCURL_DEBUG:

[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:613 Send header => POST /v1/traces HTTP/2
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:613 Send header => Host: localhost:4318
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:613 Send header => Accept: */*
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:613 Send header => Content-Type: application/x-protobuf
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:613 Send header => User-Agent: OTel-OTLP-Exporter-Cpp/1.17.0
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:613 Send header => Content-Length: 238
[Debug] File: /otel/exporters/otlp/src/otlp_http_client.cc:226 [OTLP HTTP Client] Session state: sending request
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:602 We are completely uploaded and fine
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:620 Recv header => HTTP/2 200
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:620 Recv header => content-type: application/x-protobuf
[Debug] File: /otel/ext/src/http/client/curl/http_operation_curl.cc:620 Recv header => content-length: 2

For significant contributions please make sure you have completed the following items:

• CHANGELOG.md updated for non-trivial changes
• Unit tests have been added
• Changes in public API reviewed

[netlify]

✅ Deploy Preview for opentelemetry-cpp-api-docs canceled.

Name	Link
🔨 Latest commit	5dc28ab
🔍 Latest deploy log	https://app.netlify.com/sites/opentelemetry-cpp-api-docs/deploys/672643158eff1700080ee94c

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 87.88%. Comparing base (497eaf4) to head (5dc28ab).
Report is 151 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3113      +/-   ##
==========================================
+ Coverage   87.12%   87.88%   +0.76%     
==========================================
  Files         200      195       -5     
  Lines        6109     6137      +28     
==========================================
+ Hits         5322     5393      +71     
+ Misses        787      744      -43     

see 99 files with indirect coverage changes

[lalitb]

Setting CURLOPT_VERBOSE to 1L is useful for debugging but not sure if it's best practice to keep enabled in production, as it can significantly impact performance in high-throughput scenarios. Would it make sense to make this optional, controlled by an environment variable, configuration option, or macro?

[chusitoo]

Agreed, I think that would make sense as the general rule.

If the requirement is to expose the TLS version / cipher information in the logs, then CURLOPT_VERBOSE is absolutely required in order to use a custom debug function callback, as explained in CURLOPT_DEBUGFUNCTION

I haven't found anything obvious in terms of option switches / macros that I could repurpose for this so maybe introducing something like a WITH_CURL_LOGGING flag would be an acceptable approach.

[lalitb]

yes WITH_CURL_LOGGING looks good to me.

[marcalff]

I agree, we need a compile time flag like WITH_CURL_LOGGING.

A runtime flag as well, to turn the verbose logging on/off would be nice, but this can be a separate discussion and PR.

[chusitoo]

Apologies for the sudden silence, it's been a busy week so far.

I actually had this similarly implemented with a runtime flag for another project. I think I can have this done in the same PR, just need to run this through the full CI to make sure I didn't miss anything.

If both compile-time and runtime flags are to be supported, the way I see it is that runtime should take precedence as there could be certain cases where this logging info would be useful but, as a general use case, omitting it would fall back to the value set at compile time via WITH_CURL_LOGGING.

[marcalff]

Great work, thanks for the feature.

Reusing console_debug for this is a good idea.

See some comments or questions, with approval to follow once resolved.

[marcalff]

Two concerns here:

• not sure if casting a boolean to a long will always give 0L / 1L, so a plain if statement to set a verbose local variable will be safer
• should it be is_log_enabled && kEnableCurlLogging instead ?

[chusitoo]

Regarding the explicit cast, it looked fairly safe given that the CURL API seems to only care about the value being 0 (disabled) or otherwise. Will update to a good ol' if statement, as requested.

As for the logic, my impression was that we wanted to have the runtime drive this behavior regardless of what is set at compile-time, but if omitting console_debug, it would still output logs provided WITH_CURL_LOGGING option was set.

If, what is ultimately needed is that the compile-time flag dictate the runtime behavior, then I guess it would need to be AND'ed, instead.

Let me know what is the preferred approach with respect to the above and I will push all the required changes at the same time.

[marcalff]

Please clarify (with a comment) the intent of CURL_DEBUG, which is separate from ENABLE_CURL_LOGGING.

As I understand it, ENABLE_CURL_LOGGING is exposed in CMake, to add the new logging feature.

On top of that, CURL_DEBUG seem to be a private developer flag (not exposed in cmake), for a developper to debug the new logging feature itself, if needed.

So, ENABLE_CURL_LOGGING may be used optionally in production, but CURL_DEBUG should not be used in production.

Is this accurate ?

[chusitoo]

That is correct, CURL_DEBUG is a guard that comes in handy when debugging something, where the full verbosity would be required. However, making it controllable by the user is probably not desirable as it could lead to unintentionally logging too much / sensitive information, such as request body, auth tokens, other sensitive in/out headers, etc.

That said, though, if this is deemed necessary by future requirements, exposing additional logging should be as simple as "punching" a few more holes in the callback function, by simply adding the respective if / else if statements outside this guarded block.

So, in a way, the second use of CURL_DEBUG is to force the developer to have to explicitly opt-in for exposing more logging info from CURL, which hopefully also makes it easy to see what information the callback function is letting out into the wild.