Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 22595 invoked from network); 6 Jun 2010 17:10:45 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 6 Jun 2010 17:10:45 -0000 Received: (qmail 66780 invoked by uid 500); 6 Jun 2010 17:10:45 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 66716 invoked by uid 500); 6 Jun 2010 17:10:45 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 66709 invoked by uid 99); 6 Jun 2010 17:10:45 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 06 Jun 2010 17:10:45 +0000 X-ASF-Spam-Status: No, hits=-1448.1 required=10.0 tests=ALL_TRUSTED,AWL X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 06 Jun 2010 17:10:44 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 3F49B23888D1; Sun, 6 Jun 2010 17:10:24 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r951904 - in /httpd/httpd/trunk: docs/manual/ssl/ssl_howto.xml modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_io.c modules/ssl/ssl_private.h Date: Sun, 06 Jun 2010 17:10:24 -0000 To: cvs@httpd.apache.org From: sf@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20100606171024.3F49B23888D1@eris.apache.org> Author: sf Date: Sun Jun 6 17:10:23 2010 New Revision: 951904 URL: http://svn.apache.org/viewvc?rev=951904&view=rev Log: Replace LogLevelDebugDump with TRACE log levels Modified: httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml httpd/httpd/trunk/modules/ssl/mod_ssl.c httpd/httpd/trunk/modules/ssl/ssl_engine_config.c httpd/httpd/trunk/modules/ssl/ssl_engine_io.c httpd/httpd/trunk/modules/ssl/ssl_private.h Modified: httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml?rev=951904&r1=951903&r2=951904&view=diff ============================================================================== --- httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml (original) +++ httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml Sun Jun 6 17:10:23 2010 @@ -301,5 +301,16 @@ Require valid-user +
+ Logging + +

mod_ssl can log extremely verbose debugging information + to the error log, when its LogLevel is + set to the higher trace levels. On the other hand, on a very busy server, + level info may already be too much. Remember that you can + configure the LogLevel per module to + suite your needs.

+
+ Modified: httpd/httpd/trunk/modules/ssl/mod_ssl.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/mod_ssl.c?rev=951904&r1=951903&r2=951904&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/mod_ssl.c (original) +++ httpd/httpd/trunk/modules/ssl/mod_ssl.c Sun Jun 6 17:10:23 2010 @@ -130,9 +130,6 @@ static const command_rec ssl_config_cmds "Enable support for insecure renegotiation") SSL_CMD_ALL(UserName, TAKE1, "Set user name to SSL variable value") - SSL_CMD_SRV(LogLevelDebugDump, TAKE1, - "Include I/O Dump when LogLevel is set to Debug " - "([ None (default) | IO (not bytes) | Bytes ])") SSL_CMD_SRV(StrictSNIVHostCheck, FLAG, "Strict SNI virtual host checking") Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_config.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_config.c?rev=951904&r1=951903&r2=951904&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/ssl_engine_config.c (original) +++ httpd/httpd/trunk/modules/ssl/ssl_engine_config.c Sun Jun 6 17:10:23 2010 @@ -186,7 +186,6 @@ static SSLSrvConfigRec *ssl_config_serve sc->session_cache_timeout = UNSET; sc->cipher_server_pref = UNSET; sc->insecure_reneg = UNSET; - sc->ssl_log_level = SSL_LOG_UNSET; sc->proxy_ssl_check_peer_expire = SSL_ENABLED_UNSET; sc->proxy_ssl_check_peer_cn = SSL_ENABLED_UNSET; #ifndef OPENSSL_NO_TLSEXT @@ -299,7 +298,6 @@ void *ssl_config_server_merge(apr_pool_t cfgMergeInt(session_cache_timeout); cfgMergeBool(cipher_server_pref); cfgMergeBool(insecure_reneg); - cfgMerge(ssl_log_level, SSL_LOG_UNSET); cfgMerge(proxy_ssl_check_peer_expire, SSL_ENABLED_UNSET); cfgMerge(proxy_ssl_check_peer_cn, SSL_ENABLED_UNSET); #ifndef OPENSSL_NO_TLSEXT @@ -1073,30 +1071,6 @@ const char *ssl_cmd_SSLSessionCacheTimeo return NULL; } -const char *ssl_cmd_SSLLogLevelDebugDump(cmd_parms *cmd, - void *dcfg, - const char *arg) -{ - SSLSrvConfigRec *sc = mySrvConfig(cmd->server); - - if (strcEQ(arg, "none") || strcEQ(arg, "off")) { - sc->ssl_log_level = SSL_LOG_NONE; - } - else if (strcEQ(arg, "io") || strcEQ(arg, "i/o")) { - sc->ssl_log_level = SSL_LOG_IO; - } - else if (strcEQ(arg, "bytes") || strcEQ(arg, "on")) { - sc->ssl_log_level = SSL_LOG_BYTES; - } - else { - return apr_pstrcat(cmd->temp_pool, cmd->cmd->name, - ": Invalid argument '", arg, "'", - NULL); - } - - return NULL; -} - const char *ssl_cmd_SSLOptions(cmd_parms *cmd, void *dcfg, const char *arg) Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_io.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_io.c?rev=951904&r1=951903&r2=951904&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c (original) +++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c Sun Jun 6 17:10:23 2010 @@ -1717,8 +1717,6 @@ static void ssl_io_input_add_filter(ssl_ void ssl_io_filter_init(conn_rec *c, request_rec *r, SSL *ssl) { ssl_filter_ctx_t *filter_ctx; - server_rec *s = c->base_server; - SSLSrvConfigRec *sc = mySrvConfig(s); filter_ctx = apr_palloc(c->pool, sizeof(ssl_filter_ctx_t)); @@ -1742,7 +1740,7 @@ void ssl_io_filter_init(conn_rec *c, req apr_pool_cleanup_register(c->pool, (void*)filter_ctx, ssl_io_filter_cleanup, apr_pool_cleanup_null); - if (APLOGcdebug(c) && (sc->ssl_log_level >= SSL_LOG_IO)) { + if (APLOGctrace4(c)) { BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb); BIO_set_callback_arg(SSL_get_rbio(ssl), (void *)ssl); } @@ -1783,7 +1781,7 @@ static void ssl_io_data_dump(server_rec rows = (len / DUMP_WIDTH); if ((rows * DUMP_WIDTH) < len) rows++; - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr, + ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr, "+-------------------------------------------------------------------------+"); for(i = 0 ; i< rows; i++) { #if APR_CHARSET_EBCDIC @@ -1822,13 +1820,13 @@ static void ssl_io_data_dump(server_rec } } apr_cpystrn(buf+strlen(buf), " |", sizeof(buf)-strlen(buf)); - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr, + ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr, "%s", buf); } if (trunc > 0) - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr, + ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr, "| %04ld - ", len + trunc); - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr, + ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr, "+-------------------------------------------------------------------------+"); return; } @@ -1852,18 +1850,18 @@ long ssl_io_data_cb(BIO *bio, int cmd, if ( cmd == (BIO_CB_WRITE|BIO_CB_RETURN) || cmd == (BIO_CB_READ |BIO_CB_RETURN) ) { if (rc >= 0) { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, + ap_log_error(APLOG_MARK, APLOG_TRACE4, 0, s, "%s: %s %ld/%d bytes %s BIO#%pp [mem: %pp] %s", SSL_LIBRARY_NAME, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"), rc, argi, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "to" : "from"), bio, argp, (argp != NULL ? "(BIO dump follows)" : "(Oops, no memory buffer?)")); - if ((argp != NULL) && (sc->ssl_log_level >= SSL_LOG_BYTES)) + if ((argp != NULL) && APLOGctrace7(c)) ssl_io_data_dump(s, argp, rc); } else { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, + ap_log_error(APLOG_MARK, APLOG_TRACE4, 0, s, "%s: I/O error, %d bytes expected to %s on BIO#%pp [mem: %pp]", SSL_LIBRARY_NAME, argi, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"), Modified: httpd/httpd/trunk/modules/ssl/ssl_private.h URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_private.h?rev=951904&r1=951903&r2=951904&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/ssl_private.h (original) +++ httpd/httpd/trunk/modules/ssl/ssl_private.h Sun Jun 6 17:10:23 2010 @@ -150,18 +150,6 @@ ap_set_module_config(c->conn_config, &ss #endif /** - * Define the per-server SSLLogLevel constants which provide - * finer-than-debug resolution to decide if logs are to be - * assulted with tens of thousands of characters per request. - */ -typedef enum { - SSL_LOG_UNSET = UNSET, - SSL_LOG_NONE = 0, - SSL_LOG_IO = 6, - SSL_LOG_BYTES = 7 -} ssl_log_level_e; - -/** * Support for MM library */ #define SSL_MM_FILE_MODE ( APR_UREAD | APR_UWRITE | APR_GREAD | APR_WREAD ) @@ -512,7 +500,6 @@ struct SSLSrvConfigRec { BOOL insecure_reneg; modssl_ctx_t *server; modssl_ctx_t *proxy; - ssl_log_level_e ssl_log_level; ssl_enabled_t proxy_ssl_check_peer_expire; ssl_enabled_t proxy_ssl_check_peer_cn; #ifndef OPENSSL_NO_TLSEXT @@ -583,7 +570,6 @@ const char *ssl_cmd_SSLOptions(cmd_parm const char *ssl_cmd_SSLRequireSSL(cmd_parms *, void *); const char *ssl_cmd_SSLRequire(cmd_parms *, void *, const char *); const char *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *); -const char *ssl_cmd_SSLLogLevelDebugDump(cmd_parms *, void *, const char *); const char *ssl_cmd_SSLRenegBufferSize(cmd_parms *cmd, void *dcfg, const char *arg); const char *ssl_cmd_SSLStrictSNIVHostCheck(cmd_parms *cmd, void *dcfg, int flag); const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag);