www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

Stop using SSL_ADD_SSLERR option in ssl_log() and replace with new

Browse Source 
ssl_log_ssl_error() function that wraps ap_log_error instead.

This begins the migration from ssl_log() -> ap_log_error().  Divorcing
ourselves from the SSL_ADD_SSLERR option is required to make the next
pass easier.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95122 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Justin Erenkrantz
2002-05-15 23:10:33 +00:00
parent b9ecba8a50
commit d28c4dae36
7 changed files with 86 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
modules/ssl/ssl_engine_kernel.c
View File

@@ -411,9 +411,10 @@ int ssl_hook_Access(request_rec *r)
/* configure new state */
if (!modssl_set_cipher_list(ssl, dc->szCipherSuite)) {
ssl_log(r->server, SSL_LOG_WARN|SSL_ADD_SSLERR,
ssl_log(r->server, SSL_LOG_WARN,
"Unable to reconfigure (per-directory) "
"permitted SSL ciphers");
ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, r->server);
if (cipher_list_old) {
sk_SSL_CIPHER_free(cipher_list_old);
@@ -600,9 +601,10 @@ int ssl_hook_Access(request_rec *r)
cert_store = X509_STORE_new();
if (!X509_STORE_load_locations(cert_store, ca_file, ca_path)) {
ssl_log(r->server, SSL_LOG_ERROR|SSL_ADD_SSLERR,
ssl_log(r->server, SSL_LOG_ERROR,
"Unable to reconfigure verify locations "
"for client authentication");
ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, r->server);
X509_STORE_free(cert_store);
@@ -756,8 +758,9 @@ int ssl_hook_Access(request_rec *r)
(char *)ssl);
if (!modssl_X509_verify_cert(&cert_store_ctx)) {
ssl_log(r->server, SSL_LOG_ERROR|SSL_ADD_SSLERR,
ssl_log(r->server, SSL_LOG_ERROR,
"Re-negotiation verification step failed");
ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, r->server);
}
SSL_set_verify_result(ssl, cert_store_ctx.error);