Merge r1447993 from trunk:

author Jim Jagielski <jim@apache.org>

Tue, 9 Apr 2013 12:17:04 +0000 (12:17 +0000)

committer Jim Jagielski <jim@apache.org>

Tue, 9 Apr 2013 12:17:04 +0000 (12:17 +0000)
author Jim Jagielski <jim@apache.org>
Tue, 9 Apr 2013 12:17:04 +0000 (12:17 +0000)
committer Jim Jagielski <jim@apache.org>
Tue, 9 Apr 2013 12:17:04 +0000 (12:17 +0000)
diff --git a/CHANGES b/CHANGES

index b5e9ba321b1e7de709134d6c7dd952d54fee4c28..72088b375247a14924321e2af062c80e03866269 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@
   
  Changes with Apache 2.4.5
  
+  *) mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
+     in the error log to debug level.  [William Rowe]
+
    *) mod_cache_disk: CacheMinFileSize and CacheMaxFileSize were always
       using compiled in defaults of 1000000/1 respectively. [Eric Covener]
  
diff --git a/STATUS b/STATUS

index c3af2c48d7a61f5a6b17623f87bd37f344069816..f58fdf1f061d7aeedec2cc60e9ae2cdba39b3121 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -90,11 +90,6 @@ RELEASE SHOWSTOPPERS:
  PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
    [ start all new proposals below, under PATCHES PROPOSED. ]
  
-  * mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
-    in the error log to debug level.  [William Rowe]
-    trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1447993
-    2.4.x patch: trunk patch applies.
-    +1: wrowe, covener, minfrin
      
  PATCHES PROPOSED TO BACKPORT FROM TRUNK:
    [ New proposals should be added at the end of the list ]
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c

index be891d627727bc9467197a1360c38a4bb1c39067..80d74946b9808652e42a43bc9d3d112f76a8eaf3 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -91,7 +91,7 @@ static int ssl_tmp_key_init_rsa(server_rec *s,
  
      if (FIPS_mode() && bits < 1024) {
          mc->pTmpKeys[idx] = NULL;
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01877)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01877)
                       "Init: Skipping generating temporary "
                       "%d bit RSA private key in FIPS mode", bits);
          return OK;
@@ -140,7 +140,7 @@ static int ssl_tmp_key_init_dh(server_rec *s,
  
      if (FIPS_mode() && bits < 1024) {
          mc->pTmpKeys[idx] = NULL;
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01880)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01880)
                       "Init: Skipping generating temporary "
                       "%d bit DH parameters in FIPS mode", bits);
          return OK;
@@ -354,7 +354,7 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
          }
      }
      else {
-        ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(01886)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01886)
                       "SSL FIPS mode disabled");
      }
  #endif
author	Jim Jagielski <jim@apache.org>
	Tue, 9 Apr 2013 12:17:04 +0000 (12:17 +0000)
committer	Jim Jagielski <jim@apache.org>
	Tue, 9 Apr 2013 12:17:04 +0000 (12:17 +0000)
CHANGES		patch \| blob \| history
STATUS		patch \| blob \| history
modules/ssl/ssl_engine_init.c		patch \| blob \| history