bool ret = true;
if (!Conf_SSLOptions.DHFile) {
- Log(LOG_NOTICE, "Configuration option \"SSLDHFile\" not set");
+ Log(LOG_NOTICE, "Configuration option \"SSLDHFile\" not set!");
return false;
}
fp = fopen(Conf_SSLOptions.DHFile, "r");
}
dh_params = PEM_read_DHparams(fp, NULL, NULL, NULL);
if (!dh_params) {
- Log(LOG_ERR, "%s: PEM_read_DHparams failed", Conf_SSLOptions.DHFile);
+ Log(LOG_ERR, "%s: PEM_read_DHparams failed!",
+ Conf_SSLOptions.DHFile);
ret = false;
}
fclose(fp);
}
}
if (need_dhgenerate) {
- Log(LOG_WARNING, "SSLDHFile not set, generating %u bit DH parameters. This may take a while...", DH_BITS);
+ Log(LOG_WARNING,
+ "SSLDHFile not set, generating %u bit DH parameters. This may take a while ...",
+ DH_BITS);
err = gnutls_dh_params_generate2(tmp_dh_params, DH_BITS);
if (err < 0) {
Log(LOG_ERR, "gnutls_dh_params_generate2: %s", gnutls_strerror(err));
SSL_CTX_set_mode(newctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_free(ssl_ctx);
ssl_ctx = newctx;
- Log(LOG_INFO, "%s initialized", SSLeay_version(SSLEAY_VERSION));
+ Log(LOG_INFO, "%s initialized.", SSLeay_version(SSLEAY_VERSION));
return true;
out:
SSL_CTX_free(newctx);
}
if (!ConnSSL_LoadServerKey_gnutls())
return false;
- Log(LOG_INFO, "gnutls %s initialized", gnutls_check_version(NULL));
+ Log(LOG_INFO, "gnutls %s initialized.", gnutls_check_version(NULL));
initialized = true;
return true;
#endif
cert_file = Conf_SSLOptions.CertFile ? Conf_SSLOptions.CertFile:Conf_SSLOptions.KeyFile;
if (!cert_file) {
- Log(LOG_ERR, "Neither Key nor certificate File set");
+ Log(LOG_NOTICE, "No SSL server key configured, SSL disabled.");
return false;
}
if (array_bytes(&Conf_SSLOptions.KeyFilePassword))
- Log(LOG_WARNING, "Ignoring KeyFilePassword: Not supported by GNUTLS");
+ Log(LOG_WARNING,
+ "Ignoring KeyFilePassword: Not supported by GNUTLS.");
if (!Load_DH_params())
return false;
assert(ctx);
if (!Conf_SSLOptions.KeyFile) {
- Log(LOG_NOTICE, "No SSL Server Key configured, ssl disabled");
+ Log(LOG_NOTICE, "No SSL server key configured, SSL disabled.");
return false;
}
assert( c );
assert( ssl );
- Log( LOG_INFO, "New %s connection using cipher %s on socket %d",
+ Log(LOG_INFO, "New %s connection using cipher %s on socket %d.",
SSL_get_version(ssl), SSL_get_cipher(ssl), c->sock);
#endif
#ifdef HAVE_LIBGNUTLS
gnutls_session_t sess = c->ssl_state.gnutls_session;
gnutls_cipher_algorithm_t cipher = gnutls_cipher_get(sess);
- Log( LOG_INFO, "New %s connection using cipher %s-%s on socket %d",
- gnutls_protocol_get_name(gnutls_protocol_get_version(sess)),
- gnutls_cipher_get_name(cipher), gnutls_mac_get_name(gnutls_mac_get(sess)), c->sock);
+ Log(LOG_INFO, "New %s connection using cipher %s-%s on socket %d.",
+ gnutls_protocol_get_name(gnutls_protocol_get_version(sess)),
+ gnutls_cipher_get_name(cipher),
+ gnutls_mac_get_name(gnutls_mac_get(sess)), c->sock);
#endif
}
case 0: LogDebug("ConnSSL_Connect: not ready");
return;
case -1:
- Log(LOG_INFO, "SSL connection on socket %d failed", sock);
+ Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
Conn_Close(idx, "Can't connect!", NULL, false);
return;
}
- Log( LOG_INFO, "SSL Connection %d with \"%s:%d\" established.", idx,
+ Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
server_login(idx);
CONN_ID idx;
- LogDebug("Shutting down all connections ..." );
-
Conn_ExitListeners();
- /* Sockets schliessen */
+ LogDebug("Shutting down all connections ..." );
for( idx = 0; idx < Pool_Size; idx++ ) {
if( My_Connections[idx].sock > NONE ) {
Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
#endif
arraylen = array_length(&My_Listeners, sizeof (int));
- Log( LOG_INFO, "Shutting down all listening sockets (%d total)...", arraylen );
+ Log(LOG_INFO,
+ "Shutting down all listening sockets (%d total) ...", arraylen);
fd = array_start(&My_Listeners);
while(arraylen--) {
assert(fd != NULL);
c = Conn_GetClient( Idx );
#ifdef SSL_SUPPORT
if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
- Log( LOG_INFO, "SSL Connection %d shutting down", Idx );
+ Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
ConnSSL_Free(&My_Connections[Idx]);
}
#endif
len -= sizeof(ng_ipaddr_t);
if (len > sizeof(&Conf_Server[i].dst_addr)) {
len = sizeof(&Conf_Server[i].dst_addr);
- Log(LOG_NOTICE, "Notice: Resolver returned more IP Addresses for host than we can handle,"
- " additional addresses dropped");
+ Log(LOG_NOTICE,
+ "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
}
memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
}
return true;
if (!ConnSSL_InitLibrary())
- Log(LOG_WARNING, "Warning: Error during SSL initialization, continuing");
+ Log(LOG_WARNING,
+ "Warning: Error during SSL initialization, continuing ...");
if( Conf_Chroot[0] ) {
if( chdir( Conf_Chroot ) != 0 ) {
pwd ? pwd->pw_name : "unknown", Conf_UID,
grp ? grp->gr_name : "unknown", Conf_GID, pid);
- if ( chrooted ) {
- Log( LOG_INFO, "Running chrooted, chrootdir \"%s\".", Conf_Chroot );
+ if (chrooted) {
+ Log(LOG_INFO, "Running with root directory \"%s\".",
+ Conf_Chroot );
return true;
- } else {
- Log( LOG_INFO, "Not running chrooted." );
- }
+ } else
+ Log(LOG_INFO, "Not running with changed root directory.");
/* Change working directory to home directory of the user
* we are running as (only when running in daemon mode and not in chroot) */