httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jerenkra...@apache.org
Subject cvs commit: httpd-2.0/modules/ssl mod_ssl.c mod_ssl.h ssl_engine_config.c ssl_engine_init.c ssl_engine_io.c ssl_engine_kernel.c ssl_engine_log.c
Date Thu, 16 May 2002 06:09:14 GMT
jerenkrantz    02/05/15 23:09:14

  Modified:    .        CHANGES
               docs/conf ssl-std.conf
               docs/manual/mod mod_ssl.xml
               modules/ssl mod_ssl.c mod_ssl.h ssl_engine_config.c
                        ssl_engine_init.c ssl_engine_io.c
                        ssl_engine_kernel.c ssl_engine_log.c
  Log:
  Remove SSLLog and SSLLogLevel directives in favor of having mod_ssl use the
  standard ErrorLog directives.
  
  Revision  Changes    Path
  1.774     +3 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.773
  retrieving revision 1.774
  diff -u -r1.773 -r1.774
  --- CHANGES	15 May 2002 17:47:39 -0000	1.773
  +++ CHANGES	16 May 2002 06:09:12 -0000	1.774
  @@ -1,5 +1,8 @@
   Changes with Apache 2.0.37
   
  +  *) Remove SSLLog and SSLLogLevel directives in favor of having
  +     mod_ssl use the standard ErrorLog directives.  [Justin Erenkrantz]
  +
     *) OS/390: LIBPATH no longer has to be manually uncommented in
        envvars to get apachectl to set up httpd properly.  [Jeff Trawick]
   
  
  
  
  1.8       +0 -10     httpd-2.0/docs/conf/ssl-std.conf
  
  Index: ssl-std.conf
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/conf/ssl-std.conf,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- ssl-std.conf	7 Nov 2001 22:16:09 -0000	1.7
  +++ ssl-std.conf	16 May 2002 06:09:13 -0000	1.8
  @@ -82,16 +82,6 @@
   #SSLRandomSeed connect file:/dev/random  512
   #SSLRandomSeed connect file:/dev/urandom 512
   
  -#   Logging:
  -#   The home of the dedicated SSL protocol logfile. Errors are
  -#   additionally duplicated in the general error log file.  Put
  -#   this somewhere where it cannot be used for symlink attacks on
  -#   a real server (i.e. somewhere where only root can write).
  -#   Log levels are (ascending order: higher ones include lower ones):
  -#   none, error, warn, info, trace, debug.
  -SSLLog      logs/ssl_engine_log
  -SSLLogLevel info
  -
   ##
   ## SSL Virtual Host Context
   ##
  
  
  
  1.3       +0 -72     httpd-2.0/docs/manual/mod/mod_ssl.xml
  
  Index: mod_ssl.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_ssl.xml,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- mod_ssl.xml	6 May 2002 11:56:42 -0000	1.2
  +++ mod_ssl.xml	16 May 2002 06:09:13 -0000	1.3
  @@ -902,78 +902,6 @@
   </directivesynopsis>
   
   <directivesynopsis>
  -<name>SSLLog</name>
  -<description>Where to write the dedicated SSL engine logfile</description>
  -<syntax>SSLLog <em>file-path</em></syntax>
  -<contextlist><context>server config</context>
  -<context>virtual host</context></contextlist>
  -
  -<usage>
  -<p>
  -This directive sets the name of the dedicated SSL protocol engine logfile.
  -Error type messages are additionally duplicated to the general Apache error
  -log file (directive <code>ErrorLog</code>). Put this somewhere where it cannot
  -be used for symlink attacks on a real server (i.e. somewhere where only root
  -can write). If the <em>file-path</em> does not begin with a slash
  -('<code>/</code>') then it is assumed to be relative to the <em>Server
  -Root</em>. If <em>file-path</em> begins with a bar ('<code>|</code>')
then the
  -following string is assumed to be a path to an executable program to which a
  -reliable pipe can be established. The directive should occur only once per
  -virtual server config.</p>
  -<example><title>Example</title>
  -SSLLog /usr/local/apache/logs/ssl_engine_log
  -</example>
  -</usage>
  -</directivesynopsis>
  -
  -<directivesynopsis>
  -<name>SSLLogLevel</name>
  -<description>Logging level for the dedicated SSL engine 
  -logfile</description>
  -<syntax>SSLLogLevel <em>level</em></syntax>
  -<default>SSLLogLevel none</default>
  -<contextlist><context>server config</context>
  -<context>virtual host</context></contextlist>
  -
  -<usage>
  -<p>
  -This directive sets the verbosity degree of the dedicated SSL protocol engine
  -logfile. The <em>level</em> is one of the following (in ascending order where
  -higher levels include lower levels):</p>
  -<ul>
  -<li><code>none</code><br />
  -    no dedicated SSL logging is done, but messages of level
  -    ``<code>error</code>'' are still written to the general Apache error
  -    logfile.
  -</li>
  -<li><code>error</code><br />
  -    log messages of error type only, i.e. messages which show fatal situations
  -    (processing is stopped). Those messages are also duplicated to the
  -    general Apache error logfile.
  -</li>
  -<li><code>warn</code><br />
  -    log also warning messages, i.e. messages which show non-fatal problems
  -    (processing is continued).
  -</li>
  -<li><code>info</code><br />
  -    log also informational messages, i.e. messages which show major
  -    processing steps.
  -</li>
  -<li><code>trace</code><br />
  -    log also trace messages, i.e. messages which show minor processing steps.
  -</li>
  -<li><code>debug</code><br />
  -    log also debugging messages, i.e. messages which show development and
  -    low-level I/O information.
  -</li>
  -</ul>
  -<example><title>Example</title>
  -SSLLogLevel warn
  -</example>
  -</usage>
  -</directivesynopsis>
  -
  -<directivesynopsis>
   <name>SSLOptions</name>
   <description>Configure various SSL engine run-time options</description>
   <syntax>SSLOptions [+|-]<em>option</em> ...</syntax>
  
  
  
  1.67      +6 -8      httpd-2.0/modules/ssl/mod_ssl.c
  
  Index: mod_ssl.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.c,v
  retrieving revision 1.66
  retrieving revision 1.67
  diff -u -r1.66 -r1.67
  --- mod_ssl.c	16 May 2002 05:17:10 -0000	1.66
  +++ mod_ssl.c	16 May 2002 06:09:13 -0000	1.67
  @@ -141,12 +141,6 @@
       SSL_CMD_SRV(SessionCacheTimeout, TAKE1,
                   "SSL Session Cache object lifetime "
                   "(`N' - number of seconds)")
  -    SSL_CMD_SRV(Log, TAKE1,
  -                "SSL logfile for SSL-related messages "
  -                "(`/path/to/file', `|/path/to/program')")
  -    SSL_CMD_SRV(LogLevel, TAKE1,
  -                "SSL logfile verbosity level "
  -                "(`none', `error', `warn', `info', `debug')")
       SSL_CMD_SRV(Protocol, RAW_ARGS,
                   "Enable or disable various SSL protocols"
                   "(`[+-][SSLv2|SSLv3|TLSv1] ...' - see manual)")
  @@ -201,6 +195,12 @@
                  "Require a boolean expression to evaluate to true for granting access"
                  "(arbitrary complex boolean expression - see manual)")
   
  +    /* Deprecated directives. */
  +    AP_INIT_RAW_ARGS("SSLLog", ap_set_deprecated, NULL, OR_ALL, 
  +      "SSLLog directive is no longer supported - use ErrorLog."),
  +    AP_INIT_RAW_ARGS("SSLLogLevel", ap_set_deprecated, NULL, OR_ALL, 
  +      "SSLLogLevel directive is no longer supported - use LogLevel."),
  +    
       AP_END_CMD
   };
   
  @@ -301,8 +301,6 @@
       if (sslconn->disabled) {
           return DECLINED;
       }
  -
  -    sslconn->log_level = sc->log_level;
   
       /*
        * Remember the connection information for
  
  
  
  1.117     +0 -29     httpd-2.0/modules/ssl/mod_ssl.h
  
  Index: mod_ssl.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.h,v
  retrieving revision 1.116
  retrieving revision 1.117
  diff -u -r1.116 -r1.117
  --- mod_ssl.h	15 May 2002 23:10:33 -0000	1.116
  +++ mod_ssl.h	16 May 2002 06:09:13 -0000	1.117
  @@ -204,25 +204,6 @@
   #define myCtxVarGet(mc,num,type) (type)(mc->rCtx.pV##num)
   
   /*
  - * SSL Logging
  - */
  -#define SSL_LOG_NONE    (1<<0)
  -#define SSL_LOG_ERROR   (1<<1)
  -#define SSL_LOG_WARN    (1<<2)
  -#define SSL_LOG_INFO    (1<<3)
  -#define SSL_LOG_TRACE   (1<<4)
  -#define SSL_LOG_DEBUG   (1<<5)
  -#define SSL_LOG_MASK    (SSL_LOG_ERROR|SSL_LOG_WARN|SSL_LOG_INFO|SSL_LOG_TRACE|SSL_LOG_DEBUG)
  -
  -#define SSL_ADD_NONE     (1<<8)
  -#define SSL_ADD_ERRNO    (1<<9)
  -#define SSL_ADD_SSLERR   (1<<10)
  -#define SSL_NO_TIMESTAMP (1<<11)
  -#define SSL_NO_LEVELID   (1<<12)
  -#define SSL_NO_NEWLINE   (1<<13)
  -#define SSL_INIT         (1<<14)
  -
  -/*
    * Defaults for the configuration
    */
   #ifndef SSL_SESSION_CACHE_TIMEOUT
  @@ -431,13 +412,10 @@
       const char *verify_info;
       const char *verify_error;
       int verify_depth;
  -    int log_level; /* for avoiding expensive logging */
       int is_proxy;
       int disabled;
   } SSLConnRec;
   
  -#define SSLConnLogApplies(sslconn, level) (sslconn->log_level >= level)
  -
   typedef struct {
       pid_t           pid;
       apr_pool_t     *pPool;
  @@ -528,9 +506,6 @@
       BOOL             proxy_enabled;
       const char      *vhost_id;
       int              vhost_id_len;
  -    const char      *log_file_name;
  -    apr_file_t      *log_file;
  -    int              log_level;
       int              session_cache_timeout;
       modssl_ctx_t    *server;
       modssl_ctx_t    *proxy;
  @@ -586,8 +561,6 @@
   const char  *ssl_cmd_SSLVerifyDepth(cmd_parms *, void *, const char *);
   const char  *ssl_cmd_SSLSessionCache(cmd_parms *, void *, const char *);
   const char  *ssl_cmd_SSLSessionCacheTimeout(cmd_parms *, void *, const char *);
  -const char  *ssl_cmd_SSLLog(cmd_parms *, void *, const char *);
  -const char  *ssl_cmd_SSLLogLevel(cmd_parms *, void *, const char *);
   const char  *ssl_cmd_SSLProtocol(cmd_parms *, void *, const char *);
   const char  *ssl_cmd_SSLOptions(cmd_parms *, void *, const char *);
   const char  *ssl_cmd_SSLRequireSSL(cmd_parms *, void *);
  @@ -704,8 +677,6 @@
   int          ssl_mutex_off(server_rec *);
   
   /*  Logfile Support  */
  -void         ssl_log_open(server_rec *, server_rec *, apr_pool_t *);
  -void         ssl_log(server_rec *, int, const char *, ...);
   void         ssl_die(void);
   void         ssl_log_ssl_error(const char *, int, int, server_rec *);
   
  
  
  
  1.67      +0 -60     httpd-2.0/modules/ssl/ssl_engine_config.c
  
  Index: ssl_engine_config.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_config.c,v
  retrieving revision 1.66
  retrieving revision 1.67
  diff -u -r1.66 -r1.67
  --- ssl_engine_config.c	2 Apr 2002 21:56:12 -0000	1.66
  +++ ssl_engine_config.c	16 May 2002 06:09:13 -0000	1.67
  @@ -209,9 +209,6 @@
       sc->proxy_enabled          = UNSET;
       sc->vhost_id               = NULL;  /* set during module init */
       sc->vhost_id_len           = 0;     /* set during module init */
  -    sc->log_file_name          = NULL;
  -    sc->log_file               = NULL;  /* set during module init */
  -    sc->log_level              = SSL_LOG_NONE;
       sc->session_cache_timeout  = UNSET;
   
       modssl_ctx_init_proxy(sc, p);
  @@ -296,8 +293,6 @@
       cfgMerge(mc, NULL);
       cfgMergeBool(enabled);
       cfgMergeBool(proxy_enabled);
  -    cfgMergeString(log_file_name);
  -    cfgMerge(log_level, SSL_LOG_NONE);
       cfgMergeInt(session_cache_timeout);
   
       modssl_ctx_cfg_merge_proxy(base->proxy, add->proxy, mrg->proxy);
  @@ -1047,61 +1042,6 @@
   
       if (sc->session_cache_timeout < 0) {
           return "SSLSessionCacheTimeout: Invalid argument";
  -    }
  -
  -    return NULL;
  -}
  -
  -#define SSL_FLAGS_LOG_CONTEXT \
  -    (NOT_IN_LIMIT|NOT_IN_DIRECTORY|NOT_IN_LOCATION|NOT_IN_FILES)
  -
  -const char *ssl_cmd_SSLLog(cmd_parms *cmd,
  -                           void *dcfg,
  -                           const char *arg)
  -{
  -    SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
  -    const char *err;
  -
  -    if ((err = ap_check_cmd_context(cmd, SSL_FLAGS_LOG_CONTEXT))) {
  -        return err;
  -    }
  -
  -    sc->log_file_name = arg;
  -
  -    return NULL;
  -}
  -
  -const char *ssl_cmd_SSLLogLevel(cmd_parms *cmd,
  -                                void *dcfg,
  -                                const char *level)
  -{
  -    SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
  -    const char *err;
  -
  -    if ((err = ap_check_cmd_context(cmd, SSL_FLAGS_LOG_CONTEXT))) {
  -        return err;
  -    }
  -
  -    if (strcEQ(level, "none")) {
  -        sc->log_level = SSL_LOG_NONE;
  -    }
  -    else if (strcEQ(level, "error")) {
  -        sc->log_level = SSL_LOG_ERROR;
  -    }
  -    else if (strcEQ(level, "warn")) {
  -        sc->log_level = SSL_LOG_WARN;
  -    }
  -    else if (strcEQ(level, "info")) {
  -        sc->log_level = SSL_LOG_INFO;
  -    }
  -    else if (strcEQ(level, "trace")) {
  -        sc->log_level = SSL_LOG_TRACE;
  -    }
  -    else if (strcEQ(level, "debug")) {
  -        sc->log_level = SSL_LOG_DEBUG;
  -    }
  -    else {
  -        return "SSLLogLevel: Invalid argument";
       }
   
       return NULL;
  
  
  
  1.97      +2 -4      httpd-2.0/modules/ssl/ssl_engine_init.c
  
  Index: ssl_engine_init.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_init.c,v
  retrieving revision 1.96
  retrieving revision 1.97
  diff -u -r1.96 -r1.97
  --- ssl_engine_init.c	16 May 2002 05:17:10 -0000	1.96
  +++ ssl_engine_init.c	16 May 2002 06:09:13 -0000	1.97
  @@ -255,8 +255,6 @@
               sc->server->pphrase_dialog_type = SSL_PPTYPE_BUILTIN;
           }
   
  -        /* Open the dedicated SSL logfile */
  -        ssl_log_open(base_server, s, p);
       }
   
       ssl_init_SSLLibrary(base_server);
  @@ -499,8 +497,8 @@
       SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA);
       SSL_CTX_set_tmp_dh_callback(ctx,  ssl_callback_TmpDH);
   
  -    if (mctx->sc->log_level >= SSL_LOG_INFO) {
  -        /* this callback only logs if SSLLogLevel >= info */
  +    if (s->loglevel >= APLOG_DEBUG) {
  +        /* this callback only logs if LogLevel >= info */
           SSL_CTX_set_info_callback(ctx, ssl_callback_LogTracingState);
       }
   }
  
  
  
  1.76      +1 -2      httpd-2.0/modules/ssl/ssl_engine_io.c
  
  Index: ssl_engine_io.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_io.c,v
  retrieving revision 1.75
  retrieving revision 1.76
  diff -u -r1.75 -r1.76
  --- ssl_engine_io.c	16 May 2002 05:17:10 -0000	1.75
  +++ ssl_engine_io.c	16 May 2002 06:09:13 -0000	1.76
  @@ -903,7 +903,6 @@
   
   void ssl_io_filter_init(conn_rec *c, SSL *ssl)
   {
  -    SSLSrvConfigRec *sc = mySrvConfig(c->base_server);
       SSLFilterRec *filter;
   
       filter = apr_palloc(c->pool, sizeof(SSLFilterRec));
  @@ -922,7 +921,7 @@
       apr_pool_cleanup_register(c->pool, (void*)filter,
                                 ssl_io_filter_cleanup, apr_pool_cleanup_null);
   
  -    if (sc->log_level >= SSL_LOG_DEBUG) {
  +    if (c->base_server->loglevel >= APLOG_DEBUG) {
           BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb);
           BIO_set_callback_arg(SSL_get_rbio(ssl), (void *)ssl);
       }
  
  
  
  1.70      +8 -9      httpd-2.0/modules/ssl/ssl_engine_kernel.c
  
  Index: ssl_engine_kernel.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_kernel.c,v
  retrieving revision 1.69
  retrieving revision 1.70
  diff -u -r1.69 -r1.70
  --- ssl_engine_kernel.c	16 May 2002 05:17:10 -0000	1.69
  +++ ssl_engine_kernel.c	16 May 2002 06:09:13 -0000	1.70
  @@ -145,7 +145,7 @@
       SSL_smart_shutdown(ssl);
   
       /* and finally log the fact that we've closed the connection */
  -    if (SSLConnLogApplies(sslconn, SSL_LOG_INFO)) {
  +    if (conn->base_server->loglevel >= APLOG_INFO) {
           ap_log_error(APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, 0, conn->base_server,
                        "Connection to child %ld closed with %s shutdown"
                        "(server %s, client %s)",
  @@ -243,7 +243,7 @@
       /*
        * Log information about incoming HTTPS requests
        */
  -    if (SSLConnLogApplies(sslconn, SSL_LOG_INFO) && ap_is_initial_req(r)) {
  +    if (r->server->loglevel >= APLOG_INFO && ap_is_initial_req(r)) {
           ap_log_error(APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, 0, r->server,
                        "%s HTTPS request received for child %ld (server %s)",
                        (r->connection->keepalives <= 0 ?
  @@ -1280,7 +1280,7 @@
       /*
        * Log verification information
        */
  -    if (sc->log_level >= SSL_LOG_TRACE) {
  +    if (s->loglevel >= APLOG_DEBUG) {
           X509 *cert  = X509_STORE_CTX_get_current_cert(ctx);
           char *sname = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
           char *iname = X509_NAME_oneline(X509_get_issuer_name(cert),  NULL, 0);
  @@ -1455,7 +1455,7 @@
            * Log information about CRL
            * (A little bit complicated because of ASN.1 and BIOs...)
            */
  -        if (sc->log_level >= SSL_LOG_TRACE) {
  +        if (s->loglevel >= APLOG_DEBUG) {
               char buff[512]; /* should be plenty */
               BIO *bio = BIO_new(BIO_s_mem());
   
  @@ -1541,7 +1541,7 @@
               ASN1_INTEGER *sn = X509_REVOKED_get_serialNumber(revoked);
   
               if (!ASN1_INTEGER_cmp(sn, X509_get_serialNumber(cert))) {
  -                if (sc->log_level >= SSL_LOG_INFO) {
  +                if (s->loglevel >= APLOG_DEBUG) {
                       char *cp = X509_NAME_oneline(issuer, NULL, 0);
                       long serial = ASN1_INTEGER_get(sn);
   
  @@ -1577,7 +1577,7 @@
       X509_NAME *name;
       const char *dn;
   
  -    if (sc->log_level < SSL_LOG_TRACE) {
  +    if (s->loglevel < APLOG_DEBUG) {
           return;
       }
   
  @@ -1671,11 +1671,10 @@
                               const char *result,
                               long timeout)
   {
  -    SSLSrvConfigRec *sc = mySrvConfig(s);
       char buf[SSL_SESSION_ID_STRING_LEN];
       char timeout_str[56] = {'\0'};
   
  -    if (sc->log_level < SSL_LOG_TRACE) {
  +    if (s->loglevel < APLOG_DEBUG) {
           return;
       }
   
  @@ -1836,7 +1835,7 @@
       /*
        * create the various trace messages
        */
  -    if (sc->log_level >= SSL_LOG_TRACE) {
  +    if (s->loglevel >= APLOG_DEBUG) {
           if (where & SSL_CB_HANDSHAKE_START) {
               ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, s,
                            "%s: Handshake: start", SSL_LIBRARY_NAME);
  
  
  
  1.20      +0 -211    httpd-2.0/modules/ssl/ssl_engine_log.c
  
  Index: ssl_engine_log.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_log.c,v
  retrieving revision 1.19
  retrieving revision 1.20
  diff -u -r1.19 -r1.20
  --- ssl_engine_log.c	15 May 2002 23:10:33 -0000	1.19
  +++ ssl_engine_log.c	16 May 2002 06:09:13 -0000	1.20
  @@ -68,75 +68,6 @@
   **  _________________________________________________________________
   */
   
  -/*
  - * Open the SSL logfile
  - */
  -void ssl_log_open(server_rec *s_main, server_rec *s, apr_pool_t *p)
  -{
  -    const char *szLogFile;
  -    SSLSrvConfigRec *sc_main = mySrvConfig(s_main);
  -    SSLSrvConfigRec *sc = mySrvConfig(s);
  -    piped_log *pl;
  -
  -    /* 
  -     * Short-circuit for inherited logfiles in order to save
  -     * filedescriptors in mass-vhost situation. Be careful, this works
  -     * fine because the close happens implicitly by the pool facility.
  -     */
  -    if ((s != s_main) &&
  -        (sc_main->log_file != NULL) &&
  -        ((sc->log_file_name == NULL) ||
  -         ((sc->log_file_name != NULL) &&
  -          (sc_main->log_file_name != NULL) &&
  -          strEQ(sc->log_file_name, sc_main->log_file_name))))
  -    {
  -        sc->log_file = sc_main->log_file;
  -    }
  -    else if (sc->log_file_name != NULL) {
  -        if (strEQ(sc->log_file_name, "/dev/null"))
  -            return;
  -        else if (sc->log_file_name[0] == '|') {
  -            szLogFile = sc->log_file_name + 1;
  -            while (*szLogFile == ' ' || *szLogFile == '\t')
  -                szLogFile++;
  -            if ((pl = ap_open_piped_log(p, szLogFile)) == NULL) {
  -                ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                        "Cannot open reliable pipe to SSL logfile filter %s", szLogFile);
  -                ssl_die();
  -            }
  -            sc->log_file = ap_piped_log_write_fd(pl); 
  -        }
  -        else {
  -            szLogFile = ap_server_root_relative(p, sc->log_file_name);
  -            if (!szLogFile) {
  -                ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                        "Invalid SSL logfile path %s", sc->log_file_name);
  -                ssl_die();
  -            }
  -            if ((apr_file_open(&(sc->log_file), szLogFile, 
  -                               APR_WRITE|APR_APPEND|APR_CREATE, APR_OS_DEFAULT, p)) 
  -                               != APR_SUCCESS) {
  -                ssl_log(s, SSL_LOG_ERROR|SSL_ADD_ERRNO,
  -                        "Cannot open SSL logfile %s", szLogFile);
  -                ssl_die();
  -            }
  -        }
  -    }
  -    return;
  -}
  -
  -static struct {
  -    int   nLevel;
  -    char *szLevel;
  -} ssl_log_level2string[] = {
  -    { SSL_LOG_ERROR, "error" },
  -    { SSL_LOG_WARN,  "warn"  },
  -    { SSL_LOG_INFO,  "info"  },
  -    { SSL_LOG_TRACE, "trace" },
  -    { SSL_LOG_DEBUG, "debug" },
  -    { 0, NULL }
  -};
  -
   static struct {
       char *cpPattern;
       char *cpAnnotation;
  @@ -167,148 +98,6 @@
           }
       }
       return errstr;
  -}
  -
  -void ssl_log(server_rec *s, int level, const char *msg, ...)
  -{
  -    char tstr[80];
  -    char lstr[256];
  -    char vstr[1024];
  -    char str[1024];
  -    char *nstr;
  -    apr_size_t len;
  -    apr_time_exp_t t;
  -    va_list ap;
  -    int add;
  -    int i;
  -    char *astr;
  -    int safe_errno;
  -    unsigned long e;
  -    SSLSrvConfigRec *sc;
  -    char *cpE;
  -    char *cpA;
  -
  -    /*  initialization  */
  -    safe_errno = errno;
  -    sc = mySrvConfig(s);
  -
  -    /*  strip out additional flags  */
  -    add   = (level & ~SSL_LOG_MASK);
  -    level = (level & SSL_LOG_MASK);
  -
  -    /*  reduce flags when not reasonable in context  */
  -    if (add & SSL_ADD_ERRNO && errno == 0)
  -        add &= ~SSL_ADD_ERRNO;
  -    if (add & SSL_ADD_SSLERR && ERR_peek_error() == 0)
  -        add &= ~SSL_ADD_SSLERR;
  -
  -    /*  we log only levels below, except for errors */
  -    if (   sc->log_file == NULL
  -        && !(level & SSL_LOG_ERROR))
  -        return;
  -    if (   level > sc->log_level
  -        && !(level & SSL_LOG_ERROR))
  -        return;
  -
  -    /*  determine the time entry string  */
  -    if (add & SSL_NO_TIMESTAMP)
  -        tstr[0] = NUL;
  -    else {
  -        apr_time_exp_lt(&t, apr_time_now());
  -        apr_strftime(tstr, &len, 80, "[%d/%b/%Y %H:%M:%S", &t);
  -        apr_snprintf(tstr + strlen(tstr), 80 - strlen(tstr), " %05d] ", 
  -                     (unsigned int)getpid());
  -    }
  -
  -    /*  determine whether newline should be written */
  -    if (add & SSL_NO_NEWLINE)
  -        nstr = "";
  -    else {
  -        nstr = APR_EOL_STR;
  -    }
  -
  -    /*  determine level name  */
  -    lstr[0] = NUL;
  -    if (!(add & SSL_NO_LEVELID)) {
  -        for (i = 0; ssl_log_level2string[i].nLevel != 0; i++) {
  -            if (ssl_log_level2string[i].nLevel == level) {
  -                apr_snprintf(lstr, sizeof(lstr), "[%s]", ssl_log_level2string[i].szLevel);
  -                break;
  -            }
  -        }
  -        for (i = strlen(lstr); i <= 7; i++)
  -            lstr[i] = ' ';
  -        lstr[i] = NUL;
  -    }
  -
  -    if (add & SSL_INIT) {
  -        len = strlen(lstr);
  -        apr_snprintf(&lstr[len], sizeof(lstr) - len,
  -                     "Init: (%s) ", sc->vhost_id);
  -    }
  -
  -    /*  create custom message  */
  -    va_start(ap, msg);
  -    apr_vsnprintf(vstr, sizeof(vstr), msg, ap);
  -    va_end(ap);
  -
  -    /*  write out SSLog message  */
  -    if ((add & SSL_ADD_ERRNO) && (add & SSL_ADD_SSLERR))
  -        astr = " (System and " SSL_LIBRARY_NAME " library errors follow)";
  -    else if (add & SSL_ADD_ERRNO)
  -        astr = " (System error follows)";
  -    else if (add & SSL_ADD_SSLERR)
  -        astr = " (" SSL_LIBRARY_NAME " library error follows)";
  -    else
  -        astr = "";
  -    if (level <= sc->log_level && sc->log_file != NULL) {
  -        apr_snprintf(str, sizeof(str), "%s%s%s%s%s", 
  -                     tstr, lstr, vstr, astr, nstr);
  -        apr_file_printf(sc->log_file, "%s", str);
  -    }
  -    if (level & SSL_LOG_ERROR)
  -        ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, s,
  -                     "mod_ssl: %s%s", vstr, astr);
  -
  -    /*  write out additional attachment messages  */
  -    if (add & SSL_ADD_ERRNO) {
  -        if (level <= sc->log_level && sc->log_file != NULL) {
  -            apr_snprintf(str, sizeof(str), "%s%sSystem: %s (errno: %d)%s",
  -                         tstr, lstr, strerror(safe_errno), safe_errno, nstr);
  -            apr_file_printf(sc->log_file, "%s", str);
  -        }
  -        if (level & SSL_LOG_ERROR)
  -            ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, s,
  -                         "System: %s (errno: %d)",
  -                         strerror(safe_errno), safe_errno);
  -    }
  -    if (add & SSL_ADD_SSLERR) {
  -        while ((e = ERR_get_error())) {
  -            cpE = ERR_error_string(e, NULL);
  -            cpA = ssl_log_annotation(cpE);
  -            if (level <= sc->log_level && sc->log_file != NULL) {
  -                apr_snprintf(str, sizeof(str), "%s%s%s: %s%s%s%s%s",
  -                             tstr, lstr, SSL_LIBRARY_NAME, cpE,
  -                             cpA != NULL ? " [Hint: " : "",
  -                             cpA != NULL ? cpA : "", cpA != NULL ? "]" : "",
  -                             nstr);
  -                apr_file_printf(sc->log_file, "%s", str);
  -            }
  -            if (level & SSL_LOG_ERROR)
  -                ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, s,
  -                             "%s: %s%s%s%s", SSL_LIBRARY_NAME, cpE,
  -                             cpA != NULL ? " [Hint: " : "",
  -                             cpA != NULL ? cpA : "", cpA != NULL ? "]" : "");
  -        }
  -    }
  -    /* make sure the next log starts from a clean base */
  -    /* ERR_clear_error(); */
  -
  -    /*  cleanup and return  */
  -    if (sc->log_file != NULL)
  -        apr_file_flush(sc->log_file);
  -    errno = safe_errno;
  -    return;
   }
   
   void ssl_die(void)
  
  
  

Mime
View raw message