* modules/ssl/ssl_engine_log.c (ssl_log_cxerror): New function,

factored out from ssl_callback_SSLVerify. * modules/ssl/ssl_private: Add prototype. * modules/ssl/ssl_engine_kernel.c (ssl_callback_SSLVerify): Use it. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@597651 13f79535-47bb-0310-9956-ffa450edef68
2025-08-08 15:02:10 +03:00 · 2007-11-23 12:13:59 +00:00
parent d041412170
commit 62059cf7c6
3 changed files with 49 additions and 20 deletions
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -1256,26 +1256,10 @@ int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx)
    /*
     * Log verification information
     */
-    if (s->loglevel >= APLOG_DEBUG) {
-        X509 *cert  = X509_STORE_CTX_get_current_cert(ctx);
-        char *sname = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
-        char *iname = X509_NAME_oneline(X509_get_issuer_name(cert),  NULL, 0);
-
-        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, conn,
-                      "Certificate Verification: "
-                      "depth: %d, subject: %s, issuer: %s",
-                      errdepth,
-                      sname ? sname : "-unknown-",
-                      iname ? iname : "-unknown-");
-
-        if (sname) {
-            modssl_free(sname);
-        }
-
-        if (iname) {
-            modssl_free(iname);
-        }
-    }
+    ssl_log_cxerror(APLOG_MARK, APLOG_DEBUG, 0, conn,
+                    X509_STORE_CTX_get_current_cert(ctx),
+                    "Certificate Verification, depth %d",
+                    errdepth);

    /*
     * Check for optionally acceptable non-verifiable issuer situation