sc->session_cache_timeout = UNSET;
sc->cipher_server_pref = UNSET;
sc->insecure_reneg = UNSET;
- sc->ssl_log_level = SSL_LOG_UNSET;
sc->proxy_ssl_check_peer_expire = SSL_ENABLED_UNSET;
sc->proxy_ssl_check_peer_cn = SSL_ENABLED_UNSET;
#ifndef OPENSSL_NO_TLSEXT
cfgMergeInt(session_cache_timeout);
cfgMergeBool(cipher_server_pref);
cfgMergeBool(insecure_reneg);
- cfgMerge(ssl_log_level, SSL_LOG_UNSET);
cfgMerge(proxy_ssl_check_peer_expire, SSL_ENABLED_UNSET);
cfgMerge(proxy_ssl_check_peer_cn, SSL_ENABLED_UNSET);
#ifndef OPENSSL_NO_TLSEXT
return NULL;
}
-const char *ssl_cmd_SSLLogLevelDebugDump(cmd_parms *cmd,
- void *dcfg,
- const char *arg)
-{
- SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
-
- if (strcEQ(arg, "none") || strcEQ(arg, "off")) {
- sc->ssl_log_level = SSL_LOG_NONE;
- }
- else if (strcEQ(arg, "io") || strcEQ(arg, "i/o")) {
- sc->ssl_log_level = SSL_LOG_IO;
- }
- else if (strcEQ(arg, "bytes") || strcEQ(arg, "on")) {
- sc->ssl_log_level = SSL_LOG_BYTES;
- }
- else {
- return apr_pstrcat(cmd->temp_pool, cmd->cmd->name,
- ": Invalid argument '", arg, "'",
- NULL);
- }
-
- return NULL;
-}
-
const char *ssl_cmd_SSLOptions(cmd_parms *cmd,
void *dcfg,
const char *arg)
void ssl_io_filter_init(conn_rec *c, request_rec *r, SSL *ssl)
{
ssl_filter_ctx_t *filter_ctx;
- server_rec *s = c->base_server;
- SSLSrvConfigRec *sc = mySrvConfig(s);
filter_ctx = apr_palloc(c->pool, sizeof(ssl_filter_ctx_t));
apr_pool_cleanup_register(c->pool, (void*)filter_ctx,
ssl_io_filter_cleanup, apr_pool_cleanup_null);
- if (APLOGcdebug(c) && (sc->ssl_log_level >= SSL_LOG_IO)) {
+ if (APLOGctrace4(c)) {
BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb);
BIO_set_callback_arg(SSL_get_rbio(ssl), (void *)ssl);
}
rows = (len / DUMP_WIDTH);
if ((rows * DUMP_WIDTH) < len)
rows++;
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+ ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
"+-------------------------------------------------------------------------+");
for(i = 0 ; i< rows; i++) {
#if APR_CHARSET_EBCDIC
}
}
apr_cpystrn(buf+strlen(buf), " |", sizeof(buf)-strlen(buf));
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+ ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
"%s", buf);
}
if (trunc > 0)
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+ ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
"| %04ld - <SPACES/NULS>", len + trunc);
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+ ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
"+-------------------------------------------------------------------------+");
return;
}
if ( cmd == (BIO_CB_WRITE|BIO_CB_RETURN)
|| cmd == (BIO_CB_READ |BIO_CB_RETURN) ) {
if (rc >= 0) {
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+ ap_log_error(APLOG_MARK, APLOG_TRACE4, 0, s,
"%s: %s %ld/%d bytes %s BIO#%pp [mem: %pp] %s",
SSL_LIBRARY_NAME,
(cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"),
rc, argi, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "to" : "from"),
bio, argp,
(argp != NULL ? "(BIO dump follows)" : "(Oops, no memory buffer?)"));
- if ((argp != NULL) && (sc->ssl_log_level >= SSL_LOG_BYTES))
+ if ((argp != NULL) && APLOGctrace7(c))
ssl_io_data_dump(s, argp, rc);
}
else {
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+ ap_log_error(APLOG_MARK, APLOG_TRACE4, 0, s,
"%s: I/O error, %d bytes expected to %s on BIO#%pp [mem: %pp]",
SSL_LIBRARY_NAME, argi,
(cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"),
#define DEFAULT_RENEG_BUFFER_SIZE (128 * 1024)
#endif
-/**
- * Define the per-server SSLLogLevel constants which provide
- * finer-than-debug resolution to decide if logs are to be
- * assulted with tens of thousands of characters per request.
- */
-typedef enum {
- SSL_LOG_UNSET = UNSET,
- SSL_LOG_NONE = 0,
- SSL_LOG_IO = 6,
- SSL_LOG_BYTES = 7
-} ssl_log_level_e;
-
/**
* Support for MM library
*/
BOOL insecure_reneg;
modssl_ctx_t *server;
modssl_ctx_t *proxy;
- ssl_log_level_e ssl_log_level;
ssl_enabled_t proxy_ssl_check_peer_expire;
ssl_enabled_t proxy_ssl_check_peer_cn;
#ifndef OPENSSL_NO_TLSEXT
const char *ssl_cmd_SSLRequireSSL(cmd_parms *, void *);
const char *ssl_cmd_SSLRequire(cmd_parms *, void *, const char *);
const char *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *);
-const char *ssl_cmd_SSLLogLevelDebugDump(cmd_parms *, void *, const char *);
const char *ssl_cmd_SSLRenegBufferSize(cmd_parms *cmd, void *dcfg, const char *arg);
const char *ssl_cmd_SSLStrictSNIVHostCheck(cmd_parms *cmd, void *dcfg, int flag);
const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag);
projects / apache / commitdiff