]> granicus.if.org Git - apache/commitdiff
projects / apache / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a7a919a)
mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
authorWilliam A. Rowe Jr <wrowe@apache.org>
Wed, 20 Feb 2013 04:15:18 +0000 (04:15 +0000)
committerWilliam A. Rowe Jr <wrowe@apache.org>
Wed, 20 Feb 2013 04:15:18 +0000 (04:15 +0000)
    in the error log to debug level.  [William Rowe]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1447993 13f79535-47bb-0310-9956-ffa450edef68

CHANGES patch | blob | history
modules/ssl/ssl_engine_init.c patch | blob | history

diff --git a/CHANGES b/CHANGES
index 24c46bc37eea2ec9da59066b1de6632fa8b8b10d..5c7874a1e598d44a861f3b2366fee03ad884d1b0 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
+     in the error log to debug level.  [William Rowe]
+
   *) core: ap_rgetline_core now pulls from r->proto_input_filters.
 
   *) mod_proxy_html: process parsed comments immediately. 
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index be3212defaeb28d9927ef9ef60541cd3d9bc6520..1e851d737b849e13877426c80fe85c310511fa1c 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -91,7 +91,7 @@ static int ssl_tmp_key_init_rsa(server_rec *s,
 
     if (FIPS_mode() && bits < 1024) {
         mc->pTmpKeys[idx] = NULL;
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01877)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01877)
                      "Init: Skipping generating temporary "
                      "%d bit RSA private key in FIPS mode", bits);
         return OK;
@@ -140,7 +140,7 @@ static int ssl_tmp_key_init_dh(server_rec *s,
 
     if (FIPS_mode() && bits < 1024) {
         mc->pTmpKeys[idx] = NULL;
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01880)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01880)
                      "Init: Skipping generating temporary "
                      "%d bit DH parameters in FIPS mode", bits);
         return OK;
@@ -354,7 +354,7 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
         }
     }
     else {
-        ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(01886)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01886)
                      "SSL FIPS mode disabled");
     }
 #endif
Unnamed repository; edit this file 'description' to name the repository.