From 13090ff6ed2c09bcc5f963e131da2ecd5e01f413 Mon Sep 17 00:00:00 2001
From: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
Date: Tue, 27 Dec 2022 12:05:13 +0000
Subject: [PATCH] core: do not log TLS handshake errors by default, option to
 enable (#1652)

* core: do not log TLS handshake errors by default, option to enable

* update simplexmq
---
 cabal.project               |  2 +-
 scripts/nix/sha256map.nix   |  2 +-
 src/Simplex/Chat.hs         |  3 ++-
 src/Simplex/Chat/Options.hs | 13 +++++++++----
 stack.yaml                  |  2 +-
 tests/ChatClient.hs         |  3 ++-
 6 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/cabal.project b/cabal.project
index dd471b432a..f838db2bfc 100644
--- a/cabal.project
+++ b/cabal.project
@@ -7,7 +7,7 @@ constraints: zip +disable-bzip2 +disable-zstd
 source-repository-package
     type: git
     location: https://github.com/simplex-chat/simplexmq.git
-    tag: 267236a4f8d2787d59ad1f9a0be40f3f4eb898dd
+    tag: 874f9f5cd67310ddfbe5540d6abfa5943a534f37
 
 source-repository-package
     type: git
diff --git a/scripts/nix/sha256map.nix b/scripts/nix/sha256map.nix
index f8497eb53e..e28ae1c961 100644
--- a/scripts/nix/sha256map.nix
+++ b/scripts/nix/sha256map.nix
@@ -1,5 +1,5 @@
 {
-  "https://github.com/simplex-chat/simplexmq.git"."267236a4f8d2787d59ad1f9a0be40f3f4eb898dd" = "0vn0sn2486rdr3wm2937q7rr58bj0bgqbblrsr29ys96qkvlkykd";
+  "https://github.com/simplex-chat/simplexmq.git"."874f9f5cd67310ddfbe5540d6abfa5943a534f37" = "0nyhsrg9nb205x57h1dwrhwi9j7bwh3j6hpp7p1kp9pqdsxhcvdl";
   "https://github.com/simplex-chat/direct-sqlcipher.git"."34309410eb2069b029b8fc1872deb1e0db123294" = "0kwkmhyfsn2lixdlgl15smgr1h5gjk7fky6abzh8rng2h5ymnffd";
   "https://github.com/simplex-chat/sqlcipher-simple.git"."5e154a2aeccc33ead6c243ec07195ab673137221" = "1d1gc5wax4vqg0801ajsmx1sbwvd9y7p7b8mmskvqsmpbwgbh0m0";
   "https://github.com/simplex-chat/aeson.git"."3eb66f9a68f103b5f1489382aad89f5712a64db7" = "0kilkx59fl6c3qy3kjczqvm8c3f4n3p0bdk9biyflf51ljnzp4yp";
diff --git a/src/Simplex/Chat.hs b/src/Simplex/Chat.hs
index 2a6d33eaf3..1bafef0c1e 100644
--- a/src/Simplex/Chat.hs
+++ b/src/Simplex/Chat.hs
@@ -3870,8 +3870,9 @@ chatCommandP =
     netCfgP = do
       socksProxy <- "socks=" *> ("off" $> Nothing <|> "on" $> Just defaultSocksProxy <|> Just <$> strP)
       t_ <- optional $ " timeout=" *> A.decimal
+      logErrors <- " log=" *> onOffP <|> pure False
       let tcpTimeout = 1000000 * fromMaybe (maybe 5 (const 10) socksProxy) t_
-      pure $ fullNetworkConfig socksProxy tcpTimeout
+      pure $ fullNetworkConfig socksProxy tcpTimeout logErrors
     dbKeyP = nonEmptyKey <$?> strP
     nonEmptyKey k@(DBEncryptionKey s) = if null s then Left "empty key" else Right k
     autoAcceptP =
diff --git a/src/Simplex/Chat/Options.hs b/src/Simplex/Chat/Options.hs
index 15d03839e2..9c6fd9a905 100644
--- a/src/Simplex/Chat/Options.hs
+++ b/src/Simplex/Chat/Options.hs
@@ -84,6 +84,11 @@ chatOpts appDir defaultDbFileName = do
           <> help "TCP timeout, seconds (default: 5/10 without/with SOCKS5 proxy)"
           <> value 0
       )
+  logTLSErrors <-
+    switch
+      ( long "log-tls-errors"
+          <> help "Log TLS errors"
+      )
   logConnections <-
     switch
       ( long "connections"
@@ -152,7 +157,7 @@ chatOpts appDir defaultDbFileName = do
       { dbFilePrefix,
         dbKey,
         smpServers,
-        networkConfig = fullNetworkConfig socksProxy $ useTcpTimeout socksProxy t,
+        networkConfig = fullNetworkConfig socksProxy (useTcpTimeout socksProxy t) logTLSErrors,
         logConnections,
         logServerHosts,
         logAgent,
@@ -167,10 +172,10 @@ chatOpts appDir defaultDbFileName = do
     useTcpTimeout p t = 1000000 * if t > 0 then t else maybe 5 (const 10) p
     defaultDbFilePath = combine appDir defaultDbFileName
 
-fullNetworkConfig :: Maybe SocksProxy -> Int -> NetworkConfig
-fullNetworkConfig socksProxy tcpTimeout =
+fullNetworkConfig :: Maybe SocksProxy -> Int -> Bool -> NetworkConfig
+fullNetworkConfig socksProxy tcpTimeout logTLSErrors =
   let tcpConnectTimeout = (tcpTimeout * 3) `div` 2
-   in defaultNetworkConfig {socksProxy, tcpTimeout, tcpConnectTimeout}
+   in defaultNetworkConfig {socksProxy, tcpTimeout, tcpConnectTimeout, logTLSErrors}
 
 parseSMPServers :: ReadM [SMPServerWithAuth]
 parseSMPServers = eitherReader $ parseAll smpServersP . B.pack
diff --git a/stack.yaml b/stack.yaml
index 6d9b53e0b3..8d36dcc9ff 100644
--- a/stack.yaml
+++ b/stack.yaml
@@ -49,7 +49,7 @@ extra-deps:
   # - simplexmq-1.0.0@sha256:34b2004728ae396e3ae449cd090ba7410781e2b3cefc59259915f4ca5daa9ea8,8561
   # - ../simplexmq
   - github: simplex-chat/simplexmq
-    commit: 267236a4f8d2787d59ad1f9a0be40f3f4eb898dd
+    commit: 874f9f5cd67310ddfbe5540d6abfa5943a534f37
   # - ../direct-sqlcipher
   - github: simplex-chat/direct-sqlcipher
     commit: 34309410eb2069b029b8fc1872deb1e0db123294
diff --git a/tests/ChatClient.hs b/tests/ChatClient.hs
index 81571d2867..15674bfef8 100644
--- a/tests/ChatClient.hs
+++ b/tests/ChatClient.hs
@@ -287,7 +287,8 @@ serverCfg =
       logStatsStartTime = 0,
       serverStatsLogFile = "tests/smp-server-stats.daily.log",
       serverStatsBackupFile = Nothing,
-      smpServerVRange = supportedSMPServerVRange
+      smpServerVRange = supportedSMPServerVRange,
+      logTLSErrors = True
     }
 
 withSmpServer :: IO a -> IO a