Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 18127 invoked from network); 10 Nov 2004 13:35:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 10 Nov 2004 13:35:36 -0000 Received: (qmail 99607 invoked by uid 500); 10 Nov 2004 13:35:34 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 99520 invoked by uid 500); 10 Nov 2004 13:35:33 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 99494 invoked by uid 500); 10 Nov 2004 13:35:33 -0000 Delivered-To: apmail-httpd-2.0-cvs@apache.org Received: (qmail 99446 invoked by uid 99); 10 Nov 2004 13:35:32 -0000 X-ASF-Spam-Status: No, hits=-10.0 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [209.237.227.194] (HELO minotaur.apache.org) (209.237.227.194) by apache.org (qpsmtpd/0.28) with SMTP; Wed, 10 Nov 2004 05:35:31 -0800 Received: (qmail 17803 invoked by uid 1582); 10 Nov 2004 13:35:28 -0000 Date: 10 Nov 2004 13:35:28 -0000 Message-ID: <20041110133528.17802.qmail@minotaur.apache.org> From: jorton@apache.org To: httpd-2.0-cvs@apache.org Subject: cvs commit: httpd-2.0/modules/ssl mod_ssl.c ssl_engine_io.c ssl_engine_kernel.c X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N jorton 2004/11/10 05:35:28 Modified: modules/ssl mod_ssl.c ssl_engine_io.c ssl_engine_kernel.c Log: * modules/ssl/ssl_engine_io.c, modules/ssl/ssl_engine_kernel.c, modules/mod_ssl.c: Switch to using ap_log_cerror() in place of ap_log_error() everywhere that the conn_rec * is available. Revision Changes Path 1.101 +11 -12 httpd-2.0/modules/ssl/mod_ssl.c Index: mod_ssl.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/mod_ssl.c,v retrieving revision 1.100 retrieving revision 1.101 diff -d -w -u -r1.100 -r1.101 --- mod_ssl.c 13 Oct 2004 15:26:45 -0000 1.100 +++ mod_ssl.c 10 Nov 2004 13:35:28 -0000 1.101 @@ -298,7 +298,7 @@ SSLConnRec *sslconn = ssl_init_connection_ctx(c); if (!sc->proxy_enabled) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, "SSL Proxy requested for %s but not enabled " "[Hint: SSLProxyEngine]", sc->vhost_id); @@ -353,7 +353,7 @@ * so we can detach later. */ if (!(ssl = SSL_new(mctx->ssl_ctx))) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, "Unable to create a new SSL connection from the SSL " "context"); ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, c->base_server); @@ -369,7 +369,7 @@ if (!SSL_set_session_id_context(ssl, (unsigned char *)vhost_md5, APR_MD5_DIGESTSIZE*2)) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, "Unable to set session id context to `%s'", vhost_md5); ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, c->base_server); @@ -448,10 +448,9 @@ * later access inside callback functions */ - ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c, "Connection to child %ld established " - "(server %s, client %s)", c->id, sc->vhost_id, - c->remote_ip ? c->remote_ip : "unknown"); + "(server %s)", c->id, sc->vhost_id); return ssl_init_ssl_connection(c); } 1.128 +42 -50 httpd-2.0/modules/ssl/ssl_engine_io.c Index: ssl_engine_io.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_io.c,v retrieving revision 1.127 retrieving revision 1.128 diff -d -w -u -r1.127 -r1.128 --- ssl_engine_io.c 22 Sep 2004 16:34:20 -0000 1.127 +++ ssl_engine_io.c 10 Nov 2004 13:35:28 -0000 1.128 @@ -680,7 +680,7 @@ continue; /* Blocking and nothing yet? Try again. */ } else { - ap_log_error(APLOG_MARK, APLOG_INFO, inctx->rc, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, inctx->rc, c, "SSL input filter read failed."); } } @@ -688,7 +688,7 @@ /* * Log SSL errors and any unexpected conditions. */ - ap_log_error(APLOG_MARK, APLOG_INFO, inctx->rc, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, inctx->rc, c, "SSL library error %d reading data", ssl_err); ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server); @@ -785,14 +785,14 @@ outctx->rc = APR_EAGAIN; } else if (ssl_err == SSL_ERROR_SYSCALL) { - ap_log_error(APLOG_MARK, APLOG_INFO, outctx->rc, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, outctx->rc, c, "SSL output filter write failed."); } else /* if (ssl_err == SSL_ERROR_SSL) */ { /* * Log SSL errors */ - ap_log_error(APLOG_MARK, APLOG_INFO, outctx->rc, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, outctx->rc, c, "SSL library error %d writing data", ssl_err); ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server); } @@ -809,7 +809,7 @@ reason = "likely due to failed renegotiation"; } - ap_log_error(APLOG_MARK, APLOG_INFO, outctx->rc, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, outctx->rc, c, "failed to write %" APR_SSIZE_T_FMT " of %" APR_SIZE_T_FMT " bytes (%s)", len - (apr_size_t)res, len, reason); @@ -853,8 +853,7 @@ switch (status) { case HTTP_BAD_REQUEST: /* log the situation */ - ap_log_error(APLOG_MARK, APLOG_INFO, 0, - f->c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c, "SSL handshake failed: HTTP spoken on HTTPS port; " "trying to send HTML error page"); ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, f->c->base_server); @@ -967,12 +966,10 @@ /* and finally log the fact that we've closed the connection */ if (c->base_server->loglevel >= APLOG_INFO) { - ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server, - "Connection to child %ld closed with %s shutdown" - "(server %s, client %s)", - c->id, type, - ssl_util_vhostid(c->pool, c->base_server), - c->remote_ip ? c->remote_ip : "unknown"); + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c, + "Connection closed to child %ld with %s shutdown " + "(server %s)", + c->id, type, ssl_util_vhostid(c->pool, c->base_server)); } /* deallocate the SSL connection */ @@ -1000,7 +997,7 @@ conn_rec *c = (conn_rec *)SSL_get_app_data(filter_ctx->pssl); SSLConnRec *sslconn = myConnConfig(c); - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL, + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "SSL connection destroyed without being closed"); SSL_free(filter_ctx->pssl); @@ -1033,8 +1030,7 @@ if (sslconn->is_proxy) { if ((n = SSL_connect(filter_ctx->pssl)) <= 0) { - ap_log_error(APLOG_MARK, APLOG_INFO, 0, - c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c, "SSL Proxy connect failed"); ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server); /* ensure that the SSL structures etc are freed, etc: */ @@ -1059,8 +1055,7 @@ * was transferred. That's not a real error and can occur * sporadically with some clients. */ - ap_log_error(APLOG_MARK, APLOG_INFO, rc, - c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, rc, c, "SSL handshake stopped: connection was closed"); } else if (ssl_err == SSL_ERROR_WANT_READ) { @@ -1083,7 +1078,7 @@ return HTTP_BAD_REQUEST; } else if (ssl_err == SSL_ERROR_SYSCALL) { - ap_log_error(APLOG_MARK, APLOG_INFO, rc, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, rc, c, "SSL handshake interrupted by system " "[Hint: Stop button pressed in browser?!]"); } @@ -1091,11 +1086,10 @@ /* * Log SSL errors and any unexpected conditions. */ - ap_log_error(APLOG_MARK, APLOG_INFO, rc, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, rc, c, "SSL library error %d in handshake " - "(server %s, client %s)", ssl_err, - ssl_util_vhostid(c->pool, c->base_server), - c->remote_ip ? c->remote_ip : "unknown"); + "(server %s)", ssl_err, + ssl_util_vhostid(c->pool, c->base_server)); ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server); } @@ -1125,8 +1119,7 @@ * optional_no_ca doesn't appear to work as advertised * in 1.x */ - ap_log_error(APLOG_MARK, APLOG_INFO, 0, - c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c, "SSL client authentication failed, " "accepting certificate based on " "\"SSLVerifyClient optional_no_ca\" " @@ -1138,8 +1131,7 @@ sslconn->verify_error : X509_verify_cert_error_string(verify_result); - ap_log_error(APLOG_MARK, APLOG_INFO, 0, - c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c, "SSL client authentication failed: %s", error ? error : "unknown"); ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, c->base_server); @@ -1166,7 +1158,7 @@ if ((sc->server->auth.verify_mode == SSL_CVERIFY_REQUIRE) && !sslconn->client_cert) { - ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c, "No acceptable peer certificate available"); return ssl_filter_io_shutdown(filter_ctx, c, 1); @@ -1252,7 +1244,7 @@ ssl_init_ssl_connection(f->c); - ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server, + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, "Awaiting re-negotiation handshake"); sslconn = myConnConfig(f->c); @@ -1266,7 +1258,7 @@ SSL_do_handshake(ssl); if (SSL_get_state(ssl) != SSL_ST_OK) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "TLS Upgrade handshake failed: " "Not accepted by client!?"); @@ -1435,7 +1427,7 @@ filter_ctx->nobuffer = 1; status = ssl_filter_io_shutdown(filter_ctx, f->c, 0); if (status != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_INFO, status, NULL, + ap_log_cerror(APLOG_MARK, APLOG_INFO, status, f->c, "SSL filter error shutting down I/O"); } if ((status = ap_pass_brigade(f->next, bb)) != APR_SUCCESS) { 1.113 +4 -4 httpd-2.0/modules/ssl/ssl_engine_kernel.c Index: ssl_engine_kernel.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_kernel.c,v retrieving revision 1.112 retrieving revision 1.113 diff -d -w -u -r1.112 -r1.113 --- ssl_engine_kernel.c 1 Nov 2004 22:53:36 -0000 1.112 +++ ssl_engine_kernel.c 10 Nov 2004 13:35:28 -0000 1.113 @@ -1148,7 +1148,7 @@ SSLModConfigRec *mc = myModConfig(c->base_server); int idx; - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "handing out temporary %d bit RSA key", keylen); /* doesn't matter if export flag is on, @@ -1180,7 +1180,7 @@ SSLModConfigRec *mc = myModConfig(c->base_server); int idx; - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, c->base_server, + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "handing out temporary %d bit DH key", keylen); switch (keylen) {