net: app: Move mbedTLS debug log level config to mbedTLS Kconfig

mbedTLS log level is obviously a mbedTLS config setting. It makes
sense to have it defined in mbedTLS Kconfig, and different parts
of Zephyr to reuse as needed (e.g. net-app vs upcoming TLS wrapper
for sockets).

Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>

ext/lib/crypto/mbedtls/Kconfig

@@ -57,15 +57,30 @@ config MBEDTLS_DEBUG
 	depends on MBEDTLS_BUILTIN
 	default n
 	help
-	  Enable debugging activation for mbed TLS configuration. Note that this
-	  does not directly cause any debug print output. For that you need to
-	  call
-	  mbedtls_debug_set_threshold(level);
-	  and
+	  Enable debugging activation for mbed TLS configuration. If you use
+	  mbedTLS/Zephyr integration (e.g. net_app), this will activate debug
+	  logging (of the level configured by MBEDTLS_DEBUG_LEVEL).
+	  If you use mbedTLS directly instead, you will need to perform
+	  additional configuration yourself: call
 	  mbedtls_ssl_conf_dbg(&mbedtls.conf, my_debug, NULL);
+	  mbedtls_debug_set_threshold(level);
 	  functions in your application, and create the my_debug() function to
 	  actually print something useful.
 
+config MBEDTLS_DEBUG_LEVEL
+	int "mbed TLS default debug level"
+	depends on MBEDTLS_DEBUG
+	default 0
+	range 0 4
+	help
+	  Default mbed TLS debug logging level for Zephyr integration code
+	  (from ext/lib/crypto/mbedtls/include/mbedtls/debug.h):
+	  0 No debug
+	  1 Error
+	  2 State change
+	  3 Information
+	  4 Verbose
+
 config MBEDTLS_TEST
 	bool "Compile internal self test functions"
 	depends on MBEDTLS_BUILTIN

samples/net/http_client/prj_tls.conf

@@ -24,7 +24,7 @@ CONFIG_NET_DEBUG_CONTEXT=n
 CONFIG_NET_DEBUG_NET_PKT=y
 CONFIG_NET_DEBUG_TCP=n
 CONFIG_MBEDTLS_DEBUG=n
-CONFIG_NET_DEBUG_APP_TLS_LEVEL=1
+CONFIG_MBEDTLS_DEBUG_LEVEL=1
 
 CONFIG_HTTP=y
 CONFIG_HTTP_CLIENT=y

samples/net/http_server/prj_tls.conf

@@ -22,7 +22,7 @@ CONFIG_NET_DEBUG_HTTP_CONN=y
 CONFIG_NET_DEBUG_HTTP=n
 CONFIG_NET_DEBUG_NET_PKT=y
 CONFIG_MBEDTLS_DEBUG=n
-CONFIG_NET_DEBUG_APP_TLS_LEVEL=1
+CONFIG_MBEDTLS_DEBUG_LEVEL=1
 
 CONFIG_HTTP=y
 CONFIG_HTTP_SERVER=y

subsys/net/lib/app/Kconfig

@@ -118,20 +118,6 @@ config NET_APP_DTLS_TIMEOUT
 	  If a DTLS session does not have any activity, then disconnect
 	  the session. The value is in seconds.
 
-config NET_DEBUG_APP_TLS_LEVEL
-	int "Debug level for mbedtls in net app library"
-	depends on (NET_APP_TLS || NET_APP_DTLS) && NET_DEBUG_APP
-	default 0
-	range 0 4
-	help
-	  Sets log level for the mbedtls when debugging net_app library.
-	  Levels are (from ext/lib/crypto/mbedtls/include/mbedtls/debug.h):
-	  0 No debug
-	  1 Error
-	  2 State change
-	  3 Information
-	  4 Verbose
-
 config NET_APP_TLS_STACK_SIZE
 	int "TLS handler thread stack size"
 	default 8192

subsys/net/lib/app/net_app.c

@@ -2196,7 +2196,7 @@ int _net_app_tls_init(struct net_app_ctx *ctx, int client_or_server)
 	mbedtls_ctr_drbg_init(&ctx->tls.mbedtls.ctr_drbg);
 
 #if defined(MBEDTLS_DEBUG_C) && defined(CONFIG_NET_DEBUG_APP)
-	mbedtls_debug_set_threshold(DEBUG_THRESHOLD);
+	mbedtls_debug_set_threshold(CONFIG_MBEDTLS_DEBUG_LEVEL);
 	mbedtls_ssl_conf_dbg(&ctx->tls.mbedtls.conf, my_debug, NULL);
 #endif
 

subsys/net/lib/app/net_app_private.h

@@ -11,22 +11,6 @@
 /* Print extra info about received TLS data */
 #define RX_EXTRA_DEBUG 0
 
-#if defined(MBEDTLS_DEBUG_C)
-#include <mbedtls/debug.h>
-/* - Debug levels (from ext/lib/crypto/mbedtls/include/mbedtls/debug.h)
- *    - 0 No debug
- *    - 1 Error
- *    - 2 State change
- *    - 3 Informational
- *    - 4 Verbose
- */
-#if defined(CONFIG_NET_DEBUG_APP_TLS_LEVEL)
-#define DEBUG_THRESHOLD CONFIG_NET_DEBUG_APP_TLS_LEVEL
-#else
-#define DEBUG_THRESHOLD 0
-#endif /* CONFIG_NET_DEBUG_APP_TLS_LEVEL */
-#endif
-
 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
 #include <mbedtls/memory_buffer_alloc.h>
 #endif