--- loncom/lonssl.pm	2004/06/17 09:27:38	1.8
+++ loncom/lonssl.pm	2004/06/17 10:15:46	1.9
@@ -1,5 +1,5 @@
 #
-# $Id: lonssl.pm,v 1.8 2004/06/17 09:27:38 foxr Exp $
+# $Id: lonssl.pm,v 1.9 2004/06/17 10:15:46 foxr Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -52,6 +52,8 @@ my $perlvar;			#  this refers to the apa
 
 my $pathsep = "/";		# We're on unix after all.
 
+my $DEBUG = 0;			# Set to non zero to enable debug output.
+
 
 # Initialization code:
 
@@ -61,10 +63,18 @@ $perlvar = LONCAPA::Configuration::read_
 my $lasterror="";
 
 
+
 sub LastError {
     return $lasterror;
 }
 
+sub Debug {
+    my $msg  = shift;
+    if ($DEBUG) {
+	print STDERR $msg;
+    }
+}
+
 #-------------------------------------------------------------------------
 # Name SetFdBlocking - 
 #      Turn blocking mode on on the file handle.  This is required for
@@ -76,18 +86,18 @@ sub LastError {
 #      prior flag settings.
 #
 sub SetFdBlocking {
-    print STDERR "SetFdBlocking called \n";
+    Debug("SetFdBlocking called \n");
     my $Handle = shift;
 
 
 
     my $flags  = fcntl($Handle, F_GETFL, 0);
     if(!$flags) {
-	print STDERR "SetBLocking fcntl get faild $!\n";
+	Debug("SetBLocking fcntl get faild $!\n");
     }
     my $newflags  = $flags & (~ O_NONBLOCK); # Turn off O_NONBLOCK...
     if(!fcntl($Handle, F_SETFL, $newflags)) {
-	print STDERR "Can't set non block mode  $!\n";
+	Debug("Can't set non block mode  $!\n");
     }
     return $flags;
 }
@@ -119,7 +129,7 @@ sub PromoteClientSocket {
 	$KeyFile)          = @_;
     
     
-    print STDERR "Client promotion using key: $KeyFile, Cert: $MyCert, CA: $CACert\n";
+    Debug("Client promotion using key: $KeyFile, Cert: $MyCert, CA: $CACert\n");
 
     # To create the ssl socket we need to duplicate the existing
     # socket.  Otherwise closing the ssl socket will close the plaintext socket
@@ -129,7 +139,7 @@ sub PromoteClientSocket {
 
     my $oldflags = SetFdBlocking($PlaintextSocket);
     my $dupfno   = fcntl($PlaintextSocket, F_DUPFD, 0);
-    print STDERR "Client promotion got dup = $dupfno\n";
+    Debug("Client promotion got dup = $dupfno\n");
 
     
     my $client = IO::Socket::SSL->new_from_fd($dupfno,
@@ -176,14 +186,14 @@ sub PromoteServerSocket {
     # socket.  Otherwise closing the ssl socket will close the plaintext socket
     # too:
 
-    print STDERR "Server promotion: Key = $KeyFile, Cert $MyCert CA $CACert\n";
+    Debug("Server promotion: Key = $KeyFile, Cert $MyCert CA $CACert\n");
  
     my $oldflags = SetFdBlocking($PlaintextSocket);
     my $dupfno   = fcntl($PlaintextSocket, F_DUPFD, 0);
     if (!$dupfno) {
-	print STDERR "dup failed: $!\n";
+	Debug("dup failed: $!\n");
     }
-    print STDERR " Fileno = $dupfno\n";
+    Debug(" Fileno = $dupfno\n");
     my $client = IO::Socket::SSL->new_from_fd($dupfno,
 					      SSL_server    => 1, # Server role.
 					      SSL_user_cert => 1,