httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s.@apache.org
Subject svn commit: r1026903 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_init.c ssl_engine_pphrase.c ssl_scache.c ssl_util.c ssl_util_stapling.c
Date Sun, 24 Oct 2010 21:57:08 GMT
Author: sf
Date: Sun Oct 24 21:57:08 2010
New Revision: 1026903

URL: http://svn.apache.org/viewvc?rev=1026903&view=rev
Log:
Consistently use loglevel emerg before ssl_die()

Modified:
    httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
    httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c
    httpd/httpd/trunk/modules/ssl/ssl_scache.c
    httpd/httpd/trunk/modules/ssl/ssl_util.c
    httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=1026903&r1=1026902&r2=1026903&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Sun Oct 24 21:57:08 2010
@@ -375,10 +375,10 @@ void ssl_init_Engine(server_rec *s, apr_
 
     if (mc->szCryptoDevice) {
         if (!(e = ENGINE_by_id(mc->szCryptoDevice))) {
-            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+            ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                          "Init: Failed to load Crypto Device API `%s'",
                          mc->szCryptoDevice);
-            ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+            ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
             ssl_die();
         }
 
@@ -387,10 +387,10 @@ void ssl_init_Engine(server_rec *s, apr_
         }
 
         if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
-            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+            ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                          "Init: Failed to enable Crypto Device API `%s'",
                          mc->szCryptoDevice);
-            ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+            ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
             ssl_die();
         }
         ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, 
@@ -412,7 +412,7 @@ static void ssl_init_server_check(server
      * possibility that the user forgot to set them.
      */
     if (!mctx->pks->cert_files[0] && !mctx->pkcs7) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "No SSL Certificate set [hint: SSLCertificateFile]");
         ssl_die();
     }
@@ -427,7 +427,7 @@ static void ssl_init_server_check(server
 #endif
         )
     {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "Illegal attempt to re-initialise SSL for server "
                 "(theoretically shouldn't happen!)");
         ssl_die();
@@ -452,10 +452,10 @@ static void ssl_init_ctx_tls_extensions(
     if (!SSL_CTX_set_tlsext_servername_callback(mctx->ssl_ctx,
                           ssl_callback_ServerNameIndication) ||
         !SSL_CTX_set_tlsext_servername_arg(mctx->ssl_ctx, mctx)) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                      "Unable to initialize TLS servername extension "
                      "callback (incompatible OpenSSL version?)");
-        ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+        ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
         ssl_die();
     }
 
@@ -485,7 +485,7 @@ static void ssl_init_ctx_protocol(server
      *  Create the new per-server SSL context
      */
     if (protocol == SSL_PROTOCOL_NONE) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "No SSL protocols available [hint: SSLProtocol]");
         ssl_die();
     }
@@ -643,10 +643,10 @@ static void ssl_init_ctx_verify(server_r
                          MODSSL_PCHAR_CAST mctx->auth.ca_cert_file,
                          MODSSL_PCHAR_CAST mctx->auth.ca_cert_path))
         {
-            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+            ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                     "Unable to configure verify locations "
                     "for client authentication");
-            ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+            ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
             ssl_die();
         }
 
@@ -659,7 +659,7 @@ static void ssl_init_ctx_verify(server_r
                                           mctx->auth.ca_cert_file,
                                           mctx->auth.ca_cert_path);
         if (!ca_list) {
-            ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+            ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                     "Unable to determine list of acceptable "
                     "CA certificates for client authentication");
             ssl_die();
@@ -704,9 +704,9 @@ static void ssl_init_ctx_cipher_suite(se
                  suite);
 
     if (!SSL_CTX_set_cipher_list(ctx, MODSSL_PCHAR_CAST suite)) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "Unable to configure permitted SSL ciphers");
-        ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+        ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
         ssl_die();
     }
 }
@@ -732,10 +732,10 @@ static void ssl_init_ctx_crl(server_rec 
                               (char *)mctx->crl_path);
 
     if (!mctx->crl) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "Unable to configure X.509 CRL storage "
                 "for certificate revocation");
-        ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+        ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
         ssl_die();
     }
 }
@@ -793,7 +793,7 @@ static void ssl_init_ctx_cert_chain(serv
                                       (char *)chain,
                                       skip_first, NULL);
     if (n < 0) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "Failed to configure CA certificate chain!");
         ssl_die();
     }
@@ -850,16 +850,16 @@ static int ssl_server_import_cert(server
 
     ptr = asn1->cpData;
     if (!(cert = d2i_X509(NULL, &ptr, asn1->nData))) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "Unable to import %s server certificate", type);
-        ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+        ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
         ssl_die();
     }
 
     if (SSL_CTX_use_certificate(mctx->ssl_ctx, cert) <= 0) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "Unable to configure %s server certificate", type);
-        ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+        ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
         ssl_die();
     }
   
@@ -906,16 +906,16 @@ static int ssl_server_import_key(server_
     ptr = asn1->cpData;
     if (!(pkey = d2i_PrivateKey(pkey_type, NULL, &ptr, asn1->nData)))
     {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "Unable to import %s server private key", type);
-        ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+        ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
         ssl_die();
     }
 
     if (SSL_CTX_use_PrivateKey(mctx->ssl_ctx, pkey) <= 0) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                 "Unable to configure %s server private key", type);
-        ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+        ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
         ssl_die();
     }
 
@@ -1033,7 +1033,7 @@ static void ssl_init_server_certs(server
         || have_ecc
 #endif
 )) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
 #ifndef OPENSSL_NO_EC
                 "Oops, no RSA, DSA or ECC server certificate found "
 #else
@@ -1058,7 +1058,7 @@ static void ssl_init_server_certs(server
         || have_ecc
 #endif
           )) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
 #ifndef OPENSSL_NO_EC
                 "Oops, no RSA, DSA or ECC server private key found?!");
 #else
@@ -1346,7 +1346,7 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList
         apr_status_t rv;
 
         if ((rv = apr_dir_open(&dir, ca_path, ptemp)) != APR_SUCCESS) {
-            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
+            ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
                     "Failed to open Certificate Path `%s'",
                     ca_path);
             ssl_die();

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c?rev=1026903&r1=1026902&r2=1026903&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_pphrase.c Sun Oct 24 21:57:08 2010
@@ -186,7 +186,7 @@ void ssl_pphrase_Handle(server_rec *s, a
          */
         if (sc->server->pks->cert_files[0] == NULL
             && sc->server->pkcs7 == NULL) {
-            ap_log_error(APLOG_MARK, APLOG_ERR, 0, pServ,
+            ap_log_error(APLOG_MARK, APLOG_EMERG, 0, pServ,
                          "Server should be SSL-aware but has no certificate "
                          "configured [Hint: SSLCertificateFile] (%s:%d)",
                          pServ->defn_name, pServ->defn_line_number);
@@ -208,16 +208,16 @@ void ssl_pphrase_Handle(server_rec *s, a
                             sizeof(szPath));
                 if ((rv = exists_and_readable(szPath, p, NULL))
                     != APR_SUCCESS) {
-                    ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
+                    ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
                                  "Init: Can't open server certificate file %s",
                                  szPath);
                     ssl_die();
                 }
                 if ((pX509Cert = SSL_read_X509(szPath, NULL, NULL)) == NULL) {
-                    ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+                    ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                                  "Init: Unable to read server certificate from"
                                  " file %s", szPath);
-                    ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+                    ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
                     ssl_die();
                 }
             }
@@ -228,10 +228,10 @@ void ssl_pphrase_Handle(server_rec *s, a
             at = ssl_util_algotypeof(pX509Cert, NULL);
             an = ssl_util_algotypestr(at);
             if (algoCert & at) {
-                ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+                ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                              "Init: Multiple %s server certificates not "
                              "allowed", an);
-                ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+                ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
                 ssl_die();
             }
             algoCert |= at;
@@ -304,7 +304,7 @@ void ssl_pphrase_Handle(server_rec *s, a
                  */
                 if ((rv = exists_and_readable(szPath, p,
                                               &pkey_mtime)) != APR_SUCCESS ) {
-                     ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
+                     ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
                                   "Init: Can't open server private key file "
                                   "%s",szPath);
                      ssl_die();
@@ -405,7 +405,7 @@ void ssl_pphrase_Handle(server_rec *s, a
                 }
 #ifdef WIN32
                 if (sc->server->pphrase_dialog_type == SSL_PPTYPE_BUILTIN) {
-                    ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+                    ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                                  "Init: SSLPassPhraseDialog builtin is not "
                                  "supported on Win32 (key file "
                                  "%s)", szPath);
@@ -438,9 +438,9 @@ void ssl_pphrase_Handle(server_rec *s, a
                     }
                 }
                 else {
-                    ap_log_error(APLOG_MARK, APLOG_ERR, 0,
+                    ap_log_error(APLOG_MARK, APLOG_EMERG, 0,
                                  pServ, "Init: Pass phrase incorrect");
-                    ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, pServ);
+                    ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, pServ);
 
                     if (writetty) {
                         apr_file_printf(writetty, "Apache:mod_ssl:Error: Pass phrase incorrect.\n");
@@ -451,11 +451,11 @@ void ssl_pphrase_Handle(server_rec *s, a
             }
 
             if (pPrivateKey == NULL) {
-                ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+                ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                             "Init: Unable to read server private key from "
                             "file %s [Hint: Perhaps it is in a separate file? "
                             "  See SSLCertificateKeyFile]", szPath);
-                ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+                ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
                 ssl_die();
             }
 
@@ -466,10 +466,10 @@ void ssl_pphrase_Handle(server_rec *s, a
             at = ssl_util_algotypeof(NULL, pPrivateKey);
             an = ssl_util_algotypestr(at);
             if (algoKey & at) {
-                ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+                ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                              "Init: Multiple %s server private keys not "
                              "allowed", an);
-                ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
+                ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
                 ssl_die();
             }
             algoKey |= at;

Modified: httpd/httpd/trunk/modules/ssl/ssl_scache.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_scache.c?rev=1026903&r1=1026902&r2=1026903&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_scache.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_scache.c Sun Oct 24 21:57:08 2010
@@ -67,7 +67,8 @@ void ssl_scache_init(server_rec *s, apr_
         rv = mc->stapling_cache->init(mc->stapling_cache_context,
                                      "mod_ssl-stapling", &hints, s, p);
         if (rv) {
-            /* ABORT ABORT etc. */
+            ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
+                         "Could not initialize stapling cache. Exiting.");
             ssl_die();
         }
     }
@@ -91,7 +92,8 @@ void ssl_scache_init(server_rec *s, apr_
     
     rv = mc->sesscache->init(mc->sesscache_context, "mod_ssl-session", &hints,
s, p);
     if (rv) {
-        /* ABORT ABORT etc. */
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
+                     "Could not initialize session cache. Exiting.");
         ssl_die();
     }
 }

Modified: httpd/httpd/trunk/modules/ssl/ssl_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util.c?rev=1026903&r1=1026902&r2=1026903&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_util.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_util.c Sun Oct 24 21:57:08 2010
@@ -287,7 +287,7 @@ STACK_OF(X509) *ssl_read_pkcs7(server_re
 
     f = fopen(pkcs7, "r");
     if (!f) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, "Can't open %s", pkcs7);
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, "Can't open %s", pkcs7);
         ssl_die();
     }
 
@@ -313,13 +313,13 @@ STACK_OF(X509) *ssl_read_pkcs7(server_re
         break;
 
     default:
-        ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_NOERRNO, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                      "Don't understand PKCS7 file %s", pkcs7);
         ssl_die();
     }
 
     if (!certs) {
-        ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_NOERRNO, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                      "No certificates in %s", pkcs7);
         ssl_die();
     }

Modified: httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c?rev=1026903&r1=1026902&r2=1026903&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c Sun Oct 24 21:57:08 2010
@@ -653,12 +653,12 @@ void modssl_init_stapling(server_rec *s,
     SSLModConfigRec *mc = myModConfig(s);
 
     if (mc->stapling_cache == NULL) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                      "SSLStapling: no stapling cache available");
         ssl_die();
     }
     if (ssl_stapling_mutex_init(s, ptemp) == FALSE) {
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+        ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
                      "SSLStapling: cannot initialise stapling mutex");
         ssl_die();
     }



Mime
View raw message