httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From do...@apache.org
Subject cvs commit: httpd-2.0/modules/ssl mod_ssl.h ssl_engine_init.c ssl_engine_log.c ssl_engine_pphrase.c
Date Thu, 28 Mar 2002 00:34:13 GMT
dougm       02/03/27 16:34:13

  Modified:    modules/ssl mod_ssl.h ssl_engine_init.c ssl_engine_log.c
                        ssl_engine_pphrase.c
  Log:
  there is a heaping pile of:
   ssl_log(s, flags, "Init: (%s) ...", sc->szVHostID)
  add SSL_INIT flag to cut down some noise and end up with:
   ssl_log(s, flags, "...")
  
  Revision  Changes    Path
  1.94      +1 -0      httpd-2.0/modules/ssl/mod_ssl.h
  
  Index: mod_ssl.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.h,v
  retrieving revision 1.93
  retrieving revision 1.94
  diff -u -r1.93 -r1.94
  --- mod_ssl.h	27 Mar 2002 23:35:31 -0000	1.93
  +++ mod_ssl.h	28 Mar 2002 00:34:13 -0000	1.94
  @@ -234,6 +234,7 @@
   #define SSL_NO_TIMESTAMP (1<<11)
   #define SSL_NO_LEVELID   (1<<12)
   #define SSL_NO_NEWLINE   (1<<13)
  +#define SSL_INIT         (1<<14)
   
   /*
    * Defaults for the configuration
  
  
  
  1.69      +90 -118   httpd-2.0/modules/ssl/ssl_engine_init.c
  
  Index: ssl_engine_init.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_init.c,v
  retrieving revision 1.68
  retrieving revision 1.69
  diff -u -r1.68 -r1.69
  --- ssl_engine_init.c	27 Mar 2002 23:53:27 -0000	1.68
  +++ ssl_engine_init.c	28 Mar 2002 00:34:13 -0000	1.69
  @@ -224,6 +224,12 @@
       for (s = base_server; s; s = s->next) {
           sc = mySrvConfig(s);
   
  +        /*
  +         * Create the server host:port string because we need it a lot
  +         */
  +        sc->szVHostID = ssl_util_vhostid(p, s);
  +        sc->nVHostID_length = strlen(sc->szVHostID);
  +
           /* Fix up stuff that may not have been set */
           if (sc->bEnabled == UNSET) {
               sc->bEnabled = FALSE;
  @@ -300,9 +306,8 @@
               continue;
           }
   
  -        ssl_log(s, SSL_LOG_INFO,
  -                "Init: Configuring server %s for SSL protocol",
  -                ssl_util_vhostid(p, s));
  +        ssl_log(s, SSL_LOG_INFO|SSL_INIT,
  +                "Configuring server for SSL protocol");
   
           /*
            * Read the server certificate and key
  @@ -366,7 +371,6 @@
                                SSLSrvConfigRec *sc)
   {
       SSL_CTX *ctx = NULL;
  -    const char *vhost_id = sc->szVHostID;
       char *cp;
       int protocol = sc->nProtocol;
   
  @@ -374,9 +378,8 @@
        *  Create the new per-server SSL context
        */
       if (protocol == SSL_PROTOCOL_NONE) {
  -        ssl_log(s, SSL_LOG_ERROR,
  -                "Init: (%s) No SSL protocols available [hint: SSLProtocol]",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
  +                "No SSL protocols available [hint: SSLProtocol]");
           ssl_die();
       }
   
  @@ -387,9 +390,8 @@
                        NULL);
       cp[strlen(cp)-2] = NUL;
   
  -    ssl_log(s, SSL_LOG_TRACE,
  -            "Init: (%s) Creating new SSL context (protocols: %s)",
  -            vhost_id, cp);
  +    ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +            "Creating new SSL context (protocols: %s)", cp);
   
       if (protocol == SSL_PROTOCOL_SSLV2) {
           ctx = SSL_CTX_new(SSLv2_server_method());  /* only SSLv2 is left */
  @@ -454,7 +456,6 @@
                               SSLSrvConfigRec *sc)
   {
       SSL_CTX *ctx = sc->pSSLCtx;
  -    const char *vhost_id = sc->szVHostID;
   
       int verify = SSL_VERIFY_NONE;
       STACK_OF(X509_NAME) *ca_list;
  @@ -486,16 +487,16 @@
        * Configure Client Authentication details
        */
       if (sc->szCACertificateFile || sc->szCACertificatePath) {
  -        ssl_log(s, SSL_LOG_TRACE,
  -                "Init: (%s) Configuring client authentication", vhost_id);
  +        ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +                "Configuring client authentication");
   
           if (!SSL_CTX_load_verify_locations(ctx,
                                              sc->szCACertificateFile,
                                              sc->szCACertificatePath))
           {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to configure verify locations "
  -                    "for client authentication", vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to configure verify locations "
  +                    "for client authentication");
               ssl_die();
           }
   
  @@ -503,10 +504,9 @@
                                         sc->szCACertificateFile,
                                         sc->szCACertificatePath);
           if (!ca_list) {
  -            ssl_log(s, SSL_LOG_ERROR,
  -                    "Init: (%s) Unable to determine list of available "
  -                    "CA certificates for client authentication",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
  +                    "Unable to determine list of available "
  +                    "CA certificates for client authentication");
               ssl_die();
           }
   
  @@ -535,7 +535,6 @@
                                     SSLSrvConfigRec *sc)
   {
       SSL_CTX *ctx = sc->pSSLCtx;
  -    const char *vhost_id = sc->szVHostID;
       const char *suite = sc->szCipherSuite;
   
       /*
  @@ -545,14 +544,13 @@
           return;
       }
   
  -    ssl_log(s, SSL_LOG_TRACE,
  -            "Init: (%s) Configuring permitted SSL ciphers [%s]", 
  -            vhost_id, suite);
  +    ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +            "Configuring permitted SSL ciphers [%s]", 
  +            suite);
   
       if (!SSL_CTX_set_cipher_list(ctx, suite)) {
  -        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                "Init: (%s) Unable to configure permitted SSL ciphers",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                "Unable to configure permitted SSL ciphers");
           ssl_die();
       }
   }
  @@ -562,8 +560,6 @@
                            apr_pool_t *ptemp,
                            SSLSrvConfigRec *sc)
   {
  -    const char *vhost_id = sc->szVHostID;
  -
       /*
        * Configure Certificate Revocation List (CRL) Details
        */
  @@ -572,19 +568,17 @@
           return;
       }
   
  -    ssl_log(s, SSL_LOG_TRACE,
  -            "Init: (%s) Configuring certificate revocation facility",
  -            vhost_id);
  +    ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +            "Configuring certificate revocation facility");
   
       sc->pRevocationStore =
           SSL_X509_STORE_create((char *)sc->szCARevocationFile,
                                 (char *)sc->szCARevocationPath);
   
       if (!sc->pRevocationStore) {
  -        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                "Init: (%s) Unable to configure X.509 CRL storage "
  -                "for certificate revocation",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                "Unable to configure X.509 CRL storage "
  +                "for certificate revocation");
           ssl_die();
       }
   }
  @@ -599,7 +593,8 @@
   {
       SSLModConfigRec *mc = myModConfig(s);
       char *cp;
  -    const char *vhost_id, *rsa_id, *dsa_id;
  +    const char *rsa_id, *dsa_id;
  +    const char *vhost_id = sc->szVHostID;
       EVP_PKEY *pkey;
       SSL_CTX *ctx;
       ssl_asn1_t *asn1;
  @@ -609,19 +604,12 @@
       int i, n;
   
       /*
  -     * Create the server host:port string because we need it a lot
  -     */
  -    sc->szVHostID = vhost_id = ssl_util_vhostid(p, s);
  -    sc->nVHostID_length = strlen(sc->szVHostID);
  -
  -    /*
        * Now check for important parameters and the
        * possibility that the user forgot to set them.
        */
       if (!sc->szPublicCertFiles[0]) {
  -        ssl_log(s, SSL_LOG_ERROR,
  -                "Init: (%s) No SSL Certificate set [hint: SSLCertificateFile]",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
  +                "No SSL Certificate set [hint: SSLCertificateFile]");
           ssl_die();
       }
   
  @@ -631,9 +619,9 @@
       if (sc->pPublicCert[SSL_AIDX_RSA] ||
           sc->pPublicCert[SSL_AIDX_DSA])
       {
  -        ssl_log(s, SSL_LOG_ERROR,
  -                "Init: (%s) Illegal attempt to re-initialise SSL for server "
  -                "(theoretically shouldn't happen!)", vhost_id);
  +        ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
  +                "Illegal attempt to re-initialise SSL for server "
  +                "(theoretically shouldn't happen!)");
           ssl_die();
       }
   
  @@ -662,24 +650,21 @@
       dsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_DSA);
   
       if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, rsa_id))) {
  -        ssl_log(s, SSL_LOG_TRACE,
  -                "Init: (%s) Configuring RSA server certificate",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +                "Configuring RSA server certificate");
   
           ptr = asn1->cpData;
           if (!(sc->pPublicCert[SSL_AIDX_RSA] =
                 d2i_X509(NULL, &ptr, asn1->nData)))
           {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to import RSA server certificate",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to import RSA server certificate");
               ssl_die();
           }
   
           if (SSL_CTX_use_certificate(ctx, sc->pPublicCert[SSL_AIDX_RSA]) <= 0) {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to configure RSA server certificate",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to configure RSA server certificate");
               ssl_die();
           }
   
  @@ -687,24 +672,21 @@
       }
   
       if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, dsa_id))) {
  -        ssl_log(s, SSL_LOG_TRACE,
  -                "Init: (%s) Configuring DSA server certificate",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +                "Configuring DSA server certificate");
   
           ptr = asn1->cpData;
           if (!(sc->pPublicCert[SSL_AIDX_DSA] =
                 d2i_X509(NULL, &ptr, asn1->nData)))
           {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to import DSA server certificate",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to import DSA server certificate");
               ssl_die();
           }
   
           if (SSL_CTX_use_certificate(ctx, sc->pPublicCert[SSL_AIDX_DSA]) <= 0) {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to configure DSA server certificate",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to configure DSA server certificate");
               ssl_die();
           }
   
  @@ -712,13 +694,11 @@
       }
   
       if (!ok) {
  -        ssl_log(s, SSL_LOG_ERROR,
  -                "Init: (%s) Oops, no RSA or DSA server certificate found?!",
  -                vhost_id);
  -        ssl_log(s, SSL_LOG_ERROR,
  -                "Init: (%s) You have to perform a *full* server restart "
  -                "when you added or removed a certificate and/or key file",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
  +                "Oops, no RSA or DSA server certificate found?!");
  +        ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
  +                "You have to perform a *full* server restart "
  +                "when you added or removed a certificate and/or key file");
           ssl_die();
       }
   
  @@ -728,27 +708,27 @@
       for (i = 0; i < SSL_AIDX_MAX; i++) {
           if (sc->pPublicCert[i]) {
               if (SSL_X509_isSGC(sc->pPublicCert[i])) {
  -                ssl_log(s, SSL_LOG_INFO,
  -                        "Init: (%s) %s server certificate enables "
  +                ssl_log(s, SSL_LOG_INFO|SSL_INIT,
  +                        "%s server certificate enables "
                           "Server Gated Cryptography (SGC)", 
  -                        vhost_id, ssl_asn1_keystr(i));
  +                        ssl_asn1_keystr(i));
               }
   
               if (SSL_X509_getBC(sc->pPublicCert[i], &is_ca, &pathlen)) {
                   if (is_ca) {
  -                    ssl_log(s, SSL_LOG_WARN,
  -                            "Init: (%s) %s server certificate "
  +                    ssl_log(s, SSL_LOG_WARN|SSL_INIT,
  +                            "%s server certificate "
                               "is a CA certificate "
                               "(BasicConstraints: CA == TRUE !?)",
  -                            vhost_id, ssl_asn1_keystr(i));
  +                            ssl_asn1_keystr(i));
                   }
   
                   if (pathlen > 0) {
  -                    ssl_log(s, SSL_LOG_WARN,
  -                            "Init: (%s) %s server certificate "
  +                    ssl_log(s, SSL_LOG_WARN|SSL_INIT,
  +                            "%s server certificate "
                               "is not a leaf certificate "
                               "(BasicConstraints: pathlen == %d > 0 !?)",
  -                            vhost_id, ssl_asn1_keystr(i), pathlen);
  +                            ssl_asn1_keystr(i), pathlen);
                   }
               }
   
  @@ -759,18 +739,18 @@
                       (apr_fnmatch(cp, s->server_hostname,
                                    fnm_flags) == FNM_NOMATCH))
                   {
  -                    ssl_log(s, SSL_LOG_WARN,
  -                            "Init: (%s) %s server certificate "
  +                    ssl_log(s, SSL_LOG_WARN|SSL_INIT,
  +                            "%s server certificate "
                               "wildcard CommonName (CN) `%s' "
                               "does NOT match server name!?",
  -                            vhost_id, ssl_asn1_keystr(i), cp);
  +                            ssl_asn1_keystr(i), cp);
                   }
                   else if (strNE(s->server_hostname, cp)) {
  -                    ssl_log(s, SSL_LOG_WARN,
  -                            "Init: (%s) %s server certificate "
  +                    ssl_log(s, SSL_LOG_WARN|SSL_INIT,
  +                            "%s server certificate "
                               "CommonName (CN) `%s' "
                               "does NOT match server name!?",
  -                            vhost_id, ssl_asn1_keystr(i), cp);
  +                            ssl_asn1_keystr(i), cp);
                   }
               }
           }
  @@ -782,24 +762,21 @@
       ok = FALSE;
   
       if ((asn1 = ssl_asn1_table_get(mc->tPrivateKey, rsa_id))) {
  -        ssl_log(s, SSL_LOG_TRACE,
  -                "Init: (%s) Configuring RSA server private key",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +                "Configuring RSA server private key");
   
           ptr = asn1->cpData;
           if (!(sc->pPrivateKey[SSL_AIDX_RSA] = 
                 d2i_PrivateKey(EVP_PKEY_RSA, NULL, &ptr, asn1->nData)))
           {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to import RSA server private key",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to import RSA server private key");
               ssl_die();
           }
   
           if (SSL_CTX_use_PrivateKey(ctx, sc->pPrivateKey[SSL_AIDX_RSA]) <= 0) {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to configure RSA server private key",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to configure RSA server private key");
               ssl_die();
           }
   
  @@ -807,24 +784,21 @@
       }
   
       if ((asn1 = ssl_asn1_table_get(mc->tPrivateKey, dsa_id))) {
  -        ssl_log(s, SSL_LOG_TRACE,
  -                "Init: (%s) Configuring DSA server private key",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +                "Configuring DSA server private key");
   
           ptr = asn1->cpData;
           if (!(sc->pPrivateKey[SSL_AIDX_DSA] = 
                 d2i_PrivateKey(EVP_PKEY_DSA, NULL, &ptr, asn1->nData)))
           {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to import DSA server private key",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to import DSA server private key");
               ssl_die();
           }
   
           if (SSL_CTX_use_PrivateKey(ctx, sc->pPrivateKey[SSL_AIDX_DSA]) <= 0) {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
  -                    "Init: (%s) Unable to configure DSA server private key",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT,
  +                    "Unable to configure DSA server private key");
               ssl_die();
           }
   
  @@ -832,9 +806,8 @@
       }
   
       if (!ok) {
  -        ssl_log(s, SSL_LOG_ERROR,
  -                "Init: (%s) Oops, no RSA or DSA server private key found?!",
  -                vhost_id);
  +        ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
  +                "Oops, no RSA or DSA server private key found?!");
           ssl_die();
       }
   
  @@ -883,16 +856,15 @@
                                             (char *)sc->szCertificateChain, 
                                             skip_first, NULL);
           if (n < 0) {
  -            ssl_log(s, SSL_LOG_ERROR,
  -                    "Init: (%s) Failed to configure CA certificate chain!",
  -                    vhost_id);
  +            ssl_log(s, SSL_LOG_ERROR|SSL_INIT,
  +                    "Failed to configure CA certificate chain!");
               ssl_die();
           }
   
  -        ssl_log(s, SSL_LOG_TRACE,
  -                "Init: (%s) Configuring server certificate chain "
  +        ssl_log(s, SSL_LOG_TRACE|SSL_INIT,
  +                "Configuring server certificate chain "
                   "(%d CA certificate%s)",
  -                vhost_id, n, n == 1 ? "" : "s");
  +                n, n == 1 ? "" : "s");
       }
   }
   
  @@ -1046,8 +1018,8 @@
           apr_int32_t finfo_flags = APR_FINFO_MIN|APR_FINFO_NAME;
   
           if (apr_dir_open(&dir, ca_path, ptemp) != APR_SUCCESS) {
  -            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                    "Init: Failed to open SSLCACertificatePath `%s'",
  +            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO|SSL_INIT,
  +                    "Failed to open SSLCACertificatePath `%s'",
                       ca_path);
               ssl_die();
           }
  
  
  
  1.15      +7 -1      httpd-2.0/modules/ssl/ssl_engine_log.c
  
  Index: ssl_engine_log.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_log.c,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- ssl_engine_log.c	16 Mar 2002 19:45:45 -0000	1.14
  +++ ssl_engine_log.c	28 Mar 2002 00:34:13 -0000	1.15
  @@ -169,7 +169,7 @@
   void ssl_log(server_rec *s, int level, const char *msg, ...)
   {
       char tstr[80];
  -    char lstr[20];
  +    char lstr[256];
       char vstr[1024];
       char str[1024];
       char *nstr;
  @@ -236,6 +236,12 @@
           for (i = strlen(lstr); i <= 7; i++)
               lstr[i] = ' ';
           lstr[i] = NUL;
  +    }
  +
  +    if (add & SSL_INIT) {
  +        len = strlen(lstr);
  +        apr_snprintf(&lstr[len], sizeof(lstr) - len,
  +                     "Init: (%s) ", sc->szVHostID);
       }
   
       /*  create custom message  */
  
  
  
  1.33      +14 -15    httpd-2.0/modules/ssl/ssl_engine_pphrase.c
  
  Index: ssl_engine_pphrase.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_pphrase.c,v
  retrieving revision 1.32
  retrieving revision 1.33
  diff -u -r1.32 -r1.33
  --- ssl_engine_pphrase.c	27 Mar 2002 19:38:05 -0000	1.32
  +++ ssl_engine_pphrase.c	28 Mar 2002 00:34:13 -0000	1.33
  @@ -206,18 +206,17 @@
               continue;
   
           cpVHostID = ssl_util_vhostid(p, pServ);
  -        ssl_log(pServ, SSL_LOG_INFO,
  -                "Init: Loading certificate & private key of SSL-aware server %s",
  -                cpVHostID);
  +        ssl_log(pServ, SSL_LOG_INFO|SSL_INIT,
  +                "Loading certificate & private key of SSL-aware server");
   
           /*
            * Read in server certificate(s): This is the easy part
            * because this file isn't encrypted in any way.
            */
           if (sc->szPublicCertFiles[0] == NULL) {
  -            ssl_log(pServ, SSL_LOG_ERROR,
  -                    "Init: Server %s should be SSL-aware but has no certificate configured
"
  -                    "[Hint: SSLCertificateFile]", cpVHostID);
  +            ssl_log(pServ, SSL_LOG_ERROR|SSL_INIT,
  +                    "Server should be SSL-aware but has no certificate configured "
  +                    "[Hint: SSLCertificateFile]");
               ssl_die();
           }
           algoCert = SSL_ALGO_UNKNOWN;
  @@ -470,20 +469,20 @@
                * Log the type of reading
                */
               if (nPassPhraseDialogCur == 0) {
  -                ssl_log(pServ, SSL_LOG_TRACE, 
  -                        "Init: (%s) unencrypted %s private key - pass phrase not required",

  -                        cpVHostID, an);
  +                ssl_log(pServ, SSL_LOG_TRACE|SSL_INIT, 
  +                        "unencrypted %s private key - pass phrase not required", 
  +                        an);
               }
               else {
                   if (cpPassPhraseCur != NULL) {
  -                    ssl_log(pServ, SSL_LOG_TRACE, 
  -                            "Init: (%s) encrypted %s private key - pass phrase requested",

  -                            cpVHostID, an);
  +                    ssl_log(pServ, SSL_LOG_TRACE|SSL_INIT, 
  +                            "encrypted %s private key - pass phrase requested", 
  +                            an);
                   }
                   else {
  -                    ssl_log(pServ, SSL_LOG_TRACE, 
  -                            "Init: (%s) encrypted %s private key - pass phrase reused",

  -                            cpVHostID, an);
  +                    ssl_log(pServ, SSL_LOG_TRACE|SSL_INIT, 
  +                            "encrypted %s private key - pass phrase reused", 
  +                            an);
                   }
               }
   
  
  
  

Mime
View raw message