Changes with Apache 2.4.5
+ *) mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
+ in the error log to debug level. [William Rowe]
+
*) mod_cache_disk: CacheMinFileSize and CacheMaxFileSize were always
using compiled in defaults of 1000000/1 respectively. [Eric Covener]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
- in the error log to debug level. [William Rowe]
- trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1447993
- 2.4.x patch: trunk patch applies.
- +1: wrowe, covener, minfrin
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
if (FIPS_mode() && bits < 1024) {
mc->pTmpKeys[idx] = NULL;
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01877)
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01877)
"Init: Skipping generating temporary "
"%d bit RSA private key in FIPS mode", bits);
return OK;
if (FIPS_mode() && bits < 1024) {
mc->pTmpKeys[idx] = NULL;
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01880)
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01880)
"Init: Skipping generating temporary "
"%d bit DH parameters in FIPS mode", bits);
return OK;
}
}
else {
- ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(01886)
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01886)
"SSL FIPS mode disabled");
}
#endif