www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

Various fixes for log message tags:

Browse Source 
- Remove tags in ssl_log_ssl_error() and ssl_log_cert_error()
- Instead add tags to various ssl_log_xerror, ssl_log_cxerror
  calls (ssl_log_rxerror is unused).
- likewise for modssl_proxy_info_log()

- Fix spelling of APLOG_NOERRNO in coccinelle script
- add support for ssl_log_*error and ap_log_cserror

- add some more tags missing due to APLOG_NOERRNO spelling error

- Remove tags from example modules (we don't want people to blindly copy
  those)



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1211680 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Stefan Fritsch
2011-12-07 22:33:35 +00:00
parent 0ecd2fe5e5
commit 53164d250f
11 changed files with 92 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
docs/log-message-tags/find-messages.cocci
View File

@@ -1,4 +1,4 @@
@r@ @r1@
expression rv, s; expression rv, s;
constant char [] format; constant char [] format;
identifier level =~ "^APLOG_(EMERG|ALERT|CRIT|ERR|WARNING|NOTICE|INFO|STARTUP|DEBUG)$"; identifier level =~ "^APLOG_(EMERG|ALERT|CRIT|ERR|WARNING|NOTICE|INFO|STARTUP|DEBUG)$";
@@ -9,10 +9,67 @@ identifier fn =~ "^ap_log_(|r|c|p)error$";
( (
level level
| |
level|APLOG_NOERROR level|APLOG_NOERRNO
| |
level|APLOG_STARTUP level|APLOG_STARTUP
) )
,rv, s ,rv, s
+ , APLOGNO() + , APLOGNO()
,format, ...) ,format, ...)
@r2@
expression rv, s, c;
constant char [] format;
identifier level =~ "^APLOG_(EMERG|ALERT|CRIT|ERR|WARNING|NOTICE|INFO|STARTUP|DEBUG)$";
@@
ap_log_cserror( APLOG_MARK ,
(
level
|
level|APLOG_NOERRNO
|
level|APLOG_STARTUP
)
,rv, s, c
+ , APLOGNO()
,format, ...)
@r3@
expression rv, p, s, cert;
constant char [] format;
identifier level =~ "^APLOG_(EMERG|ALERT|CRIT|ERR|WARNING|NOTICE|INFO|STARTUP|DEBUG)$";
@@
ssl_log_xerror( SSLLOG_MARK ,
(
level
|
level|APLOG_NOERRNO
|
level|APLOG_STARTUP
)
,rv, p, s , cert
+ , APLOGNO()
,format, ...)
@r4@
expression rv, rc, cert;
constant char [] format;
identifier level =~ "^APLOG_(EMERG|ALERT|CRIT|ERR|WARNING|NOTICE|INFO|STARTUP|DEBUG)$";
identifier fn =~ "^ssl_log_(r|c)xerror$";
@@
fn( SSLLOG_MARK ,
(
level
|
level|APLOG_NOERRNO
|
level|APLOG_STARTUP
)
,rv, rc , cert
+ , APLOGNO()
,format, ...)

2
docs/log-message-tags/next-number
View File

@@ -1 +1 @@
2270 2286

5
modules/cluster/mod_heartmonitor.c
View File

@@ -684,7 +684,7 @@ static int hm_post_config(apr_pool_t *p, apr_pool_t *plog,
storage = ap_lookup_provider(AP_SLOTMEM_PROVIDER_GROUP, "shm", storage = ap_lookup_provider(AP_SLOTMEM_PROVIDER_GROUP, "shm",
AP_SLOTMEM_PROVIDER_VERSION); AP_SLOTMEM_PROVIDER_VERSION);
if (!storage) { if (!storage) {
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(02284)
"failed to lookup provider 'shm' for '%s', " "failed to lookup provider 'shm' for '%s', "
"maybe you need to load mod_slotmem_shm?", "maybe you need to load mod_slotmem_shm?",
AP_SLOTMEM_PROVIDER_GROUP); AP_SLOTMEM_PROVIDER_GROUP);
@@ -692,7 +692,8 @@ static int hm_post_config(apr_pool_t *p, apr_pool_t *plog,
} }
storage->create(&slotmem, "mod_heartmonitor", sizeof(hm_slot_server_t), maxworkers, AP_SLOTMEM_TYPE_PREGRAB, p); storage->create(&slotmem, "mod_heartmonitor", sizeof(hm_slot_server_t), maxworkers, AP_SLOTMEM_TYPE_PREGRAB, p);
if (!slotmem) { if (!slotmem) {
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, "slotmem_create for status failed"); ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(02285)
"slotmem_create for status failed");
return !OK; return !OK;
} }
} }

3
modules/examples/mod_example_hooks.c
View File

@@ -328,8 +328,7 @@ static x_cfg *our_cconfig(const conn_rec *c)
static void example_log_each(apr_pool_t *p, server_rec *s, const char *note) static void example_log_each(apr_pool_t *p, server_rec *s, const char *note)
{ {
if (s != NULL) { if (s != NULL) {
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02062) "mod_example: %s", ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "mod_example: %s", note);
note);
} else { } else {
apr_file_t *out = NULL; apr_file_t *out = NULL;
apr_file_open_stderr(&out, p); apr_file_open_stderr(&out, p);

10
modules/examples/mod_example_ipc.c
View File

@@ -141,7 +141,7 @@ static int exipc_post_config(apr_pool_t *pconf, apr_pool_t *plog,
*/ */
rs = apr_temp_dir_get(&tempdir, pconf); rs = apr_temp_dir_get(&tempdir, pconf);
if (APR_SUCCESS != rs) { if (APR_SUCCESS != rs) {
ap_log_error(APLOG_MARK, APLOG_ERR, rs, s, APLOGNO(02063) ap_log_error(APLOG_MARK, APLOG_ERR, rs, s,
"Failed to find temporary directory"); "Failed to find temporary directory");
return HTTP_INTERNAL_SERVER_ERROR; return HTTP_INTERNAL_SERVER_ERROR;
} }
@@ -159,7 +159,7 @@ static int exipc_post_config(apr_pool_t *pconf, apr_pool_t *plog,
rs = apr_shm_create(&exipc_shm, sizeof(exipc_data), rs = apr_shm_create(&exipc_shm, sizeof(exipc_data),
(const char *) shmfilename, pconf); (const char *) shmfilename, pconf);
if (APR_SUCCESS != rs) { if (APR_SUCCESS != rs) {
ap_log_error(APLOG_MARK, APLOG_ERR, rs, s, APLOGNO(02064) ap_log_error(APLOG_MARK, APLOG_ERR, rs, s,
"Failed to create shared memory segment on file %s", "Failed to create shared memory segment on file %s",
shmfilename); shmfilename);
return HTTP_INTERNAL_SERVER_ERROR; return HTTP_INTERNAL_SERVER_ERROR;
@@ -204,7 +204,7 @@ static void exipc_child_init(apr_pool_t *p, server_rec *s)
apr_global_mutex_lockfile(exipc_mutex), apr_global_mutex_lockfile(exipc_mutex),
p); p);
if (APR_SUCCESS != rs) { if (APR_SUCCESS != rs) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rs, s, APLOGNO(02065) ap_log_error(APLOG_MARK, APLOG_CRIT, rs, s,
"Failed to reopen mutex %s in child", "Failed to reopen mutex %s in child",
exipc_mutex_type); exipc_mutex_type);
/* There's really nothing else we can do here, since This /* There's really nothing else we can do here, since This
@@ -261,14 +261,14 @@ static int exipc_handler(request_rec *r)
break; /* Out of the loop */ break; /* Out of the loop */
} else { } else {
/* Some error, log and bail */ /* Some error, log and bail */
ap_log_error(APLOG_MARK, APLOG_ERR, rs, r->server, APLOGNO(02066) ap_log_error(APLOG_MARK, APLOG_ERR, rs, r->server,
"Child %ld failed to acquire lock", "Child %ld failed to acquire lock",
(long int)getpid()); (long int)getpid());
break; /* Out of the loop without having the lock */ break; /* Out of the loop without having the lock */
} }
} else { } else {
/* Some other error, log and bail */ /* Some other error, log and bail */
ap_log_error(APLOG_MARK, APLOG_ERR, rs, r->server, APLOGNO(02067) ap_log_error(APLOG_MARK, APLOG_ERR, rs, r->server,
"Child %ld failed to try and acquire lock", "Child %ld failed to try and acquire lock",
(long int)getpid()); (long int)getpid());
break; /* Out of the loop without having the lock */ break; /* Out of the loop without having the lock */

6
modules/proxy/balancers/mod_lbmethod_heartbeat.c
View File

@@ -374,7 +374,7 @@ static int lb_hb_init(apr_pool_t *p, apr_pool_t *plog,
storage = ap_lookup_provider(AP_SLOTMEM_PROVIDER_GROUP, "shm", storage = ap_lookup_provider(AP_SLOTMEM_PROVIDER_GROUP, "shm",
AP_SLOTMEM_PROVIDER_VERSION); AP_SLOTMEM_PROVIDER_VERSION);
if (!storage) { if (!storage) {
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(02281)
"Failed to lookup provider 'shm' for '%s'. Maybe you " "Failed to lookup provider 'shm' for '%s'. Maybe you "
"need to load mod_slotmem_shm?", "need to load mod_slotmem_shm?",
AP_SLOTMEM_PROVIDER_GROUP); AP_SLOTMEM_PROVIDER_GROUP);
@@ -384,10 +384,10 @@ static int lb_hb_init(apr_pool_t *p, apr_pool_t *plog,
/* Try to use a slotmem created by mod_heartmonitor */ /* Try to use a slotmem created by mod_heartmonitor */
storage->attach(&hm_serversmem, "mod_heartmonitor", &size, &num, p); storage->attach(&hm_serversmem, "mod_heartmonitor", &size, &num, p);
if (!hm_serversmem) if (!hm_serversmem)
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(02282)
"No slotmem from mod_heartmonitor"); "No slotmem from mod_heartmonitor");
else else
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(02283)
"Using slotmem from mod_heartmonitor"); "Using slotmem from mod_heartmonitor");
if (hm_serversmem) if (hm_serversmem)

10
modules/ssl/ssl_engine_init.c
View File

@@ -1257,8 +1257,9 @@ static void ssl_init_proxy_certs(server_rec *s,
if (X509_verify_cert(sctx) != 1) { if (X509_verify_cert(sctx) != 1) {
int err = X509_STORE_CTX_get_error(sctx); int err = X509_STORE_CTX_get_error(sctx);
ssl_log_xerror(SSLLOG_MARK, APLOG_WARNING, 0, ptemp, s, inf->x509, ssl_log_xerror(SSLLOG_MARK, APLOG_WARNING, 0, ptemp, s, inf->x509,
"SSL proxy client cert chain verification failed: %s :", APLOGNO(02270) "SSL proxy client cert chain "
X509_verify_cert_error_string(err)); "verification failed: %s :",
X509_verify_cert_error_string(err));
} }
/* Clear X509_verify_cert errors */ /* Clear X509_verify_cert errors */
@@ -1282,8 +1283,9 @@ static void ssl_init_proxy_certs(server_rec *s,
} }
ssl_log_xerror(SSLLOG_MARK, APLOG_DEBUG, 0, ptemp, s, inf->x509, ssl_log_xerror(SSLLOG_MARK, APLOG_DEBUG, 0, ptemp, s, inf->x509,
"loaded %i intermediate CA%s for cert %i: ", APLOGNO(02271)
i, i == 1 ? "" : "s", n); "loaded %i intermediate CA%s for cert %i: ",
i, i == 1 ? "" : "s", n);
if (i > 0) { if (i > 0) {
int j; int j;
for (j = 0; j < i; j++) { for (j = 0; j < i; j++) {

14
modules/ssl/ssl_engine_kernel.c
View File

@@ -1429,7 +1429,7 @@ int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx)
* Log verification information * Log verification information
*/ */
ssl_log_cxerror(SSLLOG_MARK, APLOG_DEBUG, 0, conn, ssl_log_cxerror(SSLLOG_MARK, APLOG_DEBUG, 0, conn,
X509_STORE_CTX_get_current_cert(ctx), X509_STORE_CTX_get_current_cert(ctx), APLOGNO(02275)
"Certificate Verification, depth %d, " "Certificate Verification, depth %d, "
"CRL checking mode: %s", errdepth, "CRL checking mode: %s", errdepth,
mctx->crl_check_mode == SSL_CRLCHECK_CHAIN ? mctx->crl_check_mode == SSL_CRLCHECK_CHAIN ?
@@ -1514,7 +1514,7 @@ int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx)
if (!ok) { if (!ok) {
if (APLOGcinfo(conn)) { if (APLOGcinfo(conn)) {
ssl_log_cxerror(SSLLOG_MARK, APLOG_INFO, 0, conn, ssl_log_cxerror(SSLLOG_MARK, APLOG_INFO, 0, conn,
X509_STORE_CTX_get_current_cert(ctx), X509_STORE_CTX_get_current_cert(ctx), APLOGNO(02276)
"Certificate Verification: Error (%d): %s", "Certificate Verification: Error (%d): %s",
errnum, X509_verify_cert_error_string(errnum)); errnum, X509_verify_cert_error_string(errnum));
} else { } else {
@@ -1567,7 +1567,7 @@ static void modssl_proxy_info_log(conn_rec *c,
X509_INFO *info, X509_INFO *info,
const char *msg) const char *msg)
{ {
ssl_log_cxerror(SSLLOG_MARK, APLOG_DEBUG, 0, c, info->x509, ssl_log_cxerror(SSLLOG_MARK, APLOG_DEBUG, 0, c, info->x509, APLOGNO(02277)
SSLPROXY_CERT_CB_LOG_FMT "%s, sending", SSLPROXY_CERT_CB_LOG_FMT "%s, sending",
(mySrvConfigFromConn(c))->vhost_id, msg); (mySrvConfigFromConn(c))->vhost_id, msg);
} }
@@ -1618,7 +1618,7 @@ int ssl_callback_proxy_cert(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
*/ */
info = sk_X509_INFO_value(certs, 0); info = sk_X509_INFO_value(certs, 0);
modssl_proxy_info_log(c, info, "no acceptable CA list"); modssl_proxy_info_log(c, info, APLOGNO(02278) "no acceptable CA list");
modssl_set_cert_info(info, x509, pkey); modssl_set_cert_info(info, x509, pkey);
@@ -1635,7 +1635,8 @@ int ssl_callback_proxy_cert(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
/* Search certs (by issuer name) one by one*/ /* Search certs (by issuer name) one by one*/
if (X509_NAME_cmp(issuer, ca_name) == 0) { if (X509_NAME_cmp(issuer, ca_name) == 0) {
modssl_proxy_info_log(c, info, "found acceptable cert"); modssl_proxy_info_log(c, info, APLOGNO(02279)
"found acceptable cert");
modssl_set_cert_info(info, x509, pkey); modssl_set_cert_info(info, x509, pkey);
@@ -1653,7 +1654,8 @@ int ssl_callback_proxy_cert(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
ca_issuer = X509_get_issuer_name(ca_cert); ca_issuer = X509_get_issuer_name(ca_cert);
if(X509_NAME_cmp(ca_issuer, ca_name) == 0 ) { if(X509_NAME_cmp(ca_issuer, ca_name) == 0 ) {
modssl_proxy_info_log(c, info, "found acceptable cert by intermediate CA"); modssl_proxy_info_log(c, info, APLOGNO(02280)
"found acceptable cert by intermediate CA");
modssl_set_cert_info(info, x509, pkey); modssl_set_cert_info(info, x509, pkey);

6
modules/ssl/ssl_engine_log.c
View File

@@ -94,7 +94,7 @@ void ssl_log_ssl_error(const char *file, int line, int level, server_rec *s)
annotation = ssl_log_annotation(err); annotation = ssl_log_annotation(err);
ap_log_error(file, line, APLOG_MODULE_INDEX, level, 0, s, ap_log_error(file, line, APLOG_MODULE_INDEX, level, 0, s,
APLOGNO(02021) "SSL Library Error: %s%s%s%s%s%s", "SSL Library Error: %s%s%s%s%s%s",
/* %s */ /* %s */
err, err,
/* %s%s%s */ /* %s%s%s */
@@ -135,7 +135,7 @@ static void ssl_log_cert_error(const char *file, int line, int level,
*/ */
int maxdnlen = (HUGE_STRING_LEN - msglen - 300) / 2; int maxdnlen = (HUGE_STRING_LEN - msglen - 300) / 2;
BIO_puts(bio, APLOGNO(02022) " [subject: "); BIO_puts(bio, " [subject: ");
name = SSL_X509_NAME_to_string(p, X509_get_subject_name(cert), name = SSL_X509_NAME_to_string(p, X509_get_subject_name(cert),
maxdnlen); maxdnlen);
if (!strIsEmpty(name)) { if (!strIsEmpty(name)) {
@@ -174,7 +174,7 @@ static void ssl_log_cert_error(const char *file, int line, int level,
} }
else { else {
apr_snprintf(buf + msglen, sizeof buf - msglen, apr_snprintf(buf + msglen, sizeof buf - msglen,
APLOGNO(02023) " [certificate: -not available-]"); " [certificate: -not available-]");
} }
if (r) { if (r) {

4
modules/ssl/ssl_engine_ocsp.c
View File

@@ -197,7 +197,7 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c,
&reason, NULL, &thisup, &nextup); &reason, NULL, &thisup, &nextup);
if (rc != 1) { if (rc != 1) {
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s); ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
ssl_log_cxerror(SSLLOG_MARK, APLOG_ERR, 0, c, cert, ssl_log_cxerror(SSLLOG_MARK, APLOG_ERR, 0, c, cert, APLOGNO(02272)
"failed to retrieve OCSP response status"); "failed to retrieve OCSP response status");
rc = V_OCSP_CERTSTATUS_UNKNOWN; rc = V_OCSP_CERTSTATUS_UNKNOWN;
} }
@@ -217,7 +217,7 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c,
sc->server->ocsp_resp_maxage); sc->server->ocsp_resp_maxage);
if (vrc != 1) { if (vrc != 1) {
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s); ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
ssl_log_cxerror(SSLLOG_MARK, APLOG_ERR, 0, c, cert, ssl_log_cxerror(SSLLOG_MARK, APLOG_ERR, 0, c, cert, APLOGNO(02273)
"OCSP response outside validity period"); "OCSP response outside validity period");
rc = V_OCSP_CERTSTATUS_UNKNOWN; rc = V_OCSP_CERTSTATUS_UNKNOWN;
} }

2
modules/ssl/ssl_util.c
View File

@@ -292,7 +292,7 @@ STACK_OF(X509) *ssl_read_pkcs7(server_rec *s, const char *pkcs7)
p7 = PEM_read_PKCS7(f, NULL, NULL, NULL); p7 = PEM_read_PKCS7(f, NULL, NULL, NULL);
if (!p7) { if (!p7) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02274)
"Can't read PKCS7 object %s", pkcs7); "Can't read PKCS7 object %s", pkcs7);
ssl_log_ssl_error(SSLLOG_MARK, APLOG_CRIT, s); ssl_log_ssl_error(SSLLOG_MARK, APLOG_CRIT, s);
exit(1); exit(1);