mirror of
https://github.com/apache/httpd.git
synced 2025-08-07 04:02:58 +03:00
Consistently use loglevel emerg before ssl_die()
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1026903 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Stefan Fritsch
@@ -375,10 +375,10 @@ void ssl_init_Engine(server_rec *s, apr_pool_t *p)
|
|||||||
|
|
||||||
if (mc->szCryptoDevice) {
|
if (mc->szCryptoDevice) {
|
||||||
if (!(e = ENGINE_by_id(mc->szCryptoDevice))) {
|
if (!(e = ENGINE_by_id(mc->szCryptoDevice))) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Init: Failed to load Crypto Device API `%s'",
|
"Init: Failed to load Crypto Device API `%s'",
|
||||||
mc->szCryptoDevice);
|
mc->szCryptoDevice);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -387,10 +387,10 @@ void ssl_init_Engine(server_rec *s, apr_pool_t *p)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
|
if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Init: Failed to enable Crypto Device API `%s'",
|
"Init: Failed to enable Crypto Device API `%s'",
|
||||||
mc->szCryptoDevice);
|
mc->szCryptoDevice);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
|
||||||
@@ -412,7 +412,7 @@ static void ssl_init_server_check(server_rec *s,
|
|||||||
* possibility that the user forgot to set them.
|
* possibility that the user forgot to set them.
|
||||||
*/
|
*/
|
||||||
if (!mctx->pks->cert_files[0] && !mctx->pkcs7) {
|
if (!mctx->pks->cert_files[0] && !mctx->pkcs7) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"No SSL Certificate set [hint: SSLCertificateFile]");
|
"No SSL Certificate set [hint: SSLCertificateFile]");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
@@ -427,7 +427,7 @@ static void ssl_init_server_check(server_rec *s,
|
|||||||
#endif
|
#endif
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Illegal attempt to re-initialise SSL for server "
|
"Illegal attempt to re-initialise SSL for server "
|
||||||
"(theoretically shouldn't happen!)");
|
"(theoretically shouldn't happen!)");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
@@ -452,10 +452,10 @@ static void ssl_init_ctx_tls_extensions(server_rec *s,
|
|||||||
if (!SSL_CTX_set_tlsext_servername_callback(mctx->ssl_ctx,
|
if (!SSL_CTX_set_tlsext_servername_callback(mctx->ssl_ctx,
|
||||||
ssl_callback_ServerNameIndication) ||
|
ssl_callback_ServerNameIndication) ||
|
||||||
!SSL_CTX_set_tlsext_servername_arg(mctx->ssl_ctx, mctx)) {
|
!SSL_CTX_set_tlsext_servername_arg(mctx->ssl_ctx, mctx)) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to initialize TLS servername extension "
|
"Unable to initialize TLS servername extension "
|
||||||
"callback (incompatible OpenSSL version?)");
|
"callback (incompatible OpenSSL version?)");
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -485,7 +485,7 @@ static void ssl_init_ctx_protocol(server_rec *s,
|
|||||||
* Create the new per-server SSL context
|
* Create the new per-server SSL context
|
||||||
*/
|
*/
|
||||||
if (protocol == SSL_PROTOCOL_NONE) {
|
if (protocol == SSL_PROTOCOL_NONE) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"No SSL protocols available [hint: SSLProtocol]");
|
"No SSL protocols available [hint: SSLProtocol]");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
@@ -643,10 +643,10 @@ static void ssl_init_ctx_verify(server_rec *s,
|
|||||||
MODSSL_PCHAR_CAST mctx->auth.ca_cert_file,
|
MODSSL_PCHAR_CAST mctx->auth.ca_cert_file,
|
||||||
MODSSL_PCHAR_CAST mctx->auth.ca_cert_path))
|
MODSSL_PCHAR_CAST mctx->auth.ca_cert_path))
|
||||||
{
|
{
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to configure verify locations "
|
"Unable to configure verify locations "
|
||||||
"for client authentication");
|
"for client authentication");
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -659,7 +659,7 @@ static void ssl_init_ctx_verify(server_rec *s,
|
|||||||
mctx->auth.ca_cert_file,
|
mctx->auth.ca_cert_file,
|
||||||
mctx->auth.ca_cert_path);
|
mctx->auth.ca_cert_path);
|
||||||
if (!ca_list) {
|
if (!ca_list) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to determine list of acceptable "
|
"Unable to determine list of acceptable "
|
||||||
"CA certificates for client authentication");
|
"CA certificates for client authentication");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
@@ -704,9 +704,9 @@ static void ssl_init_ctx_cipher_suite(server_rec *s,
|
|||||||
suite);
|
suite);
|
||||||
|
|
||||||
if (!SSL_CTX_set_cipher_list(ctx, MODSSL_PCHAR_CAST suite)) {
|
if (!SSL_CTX_set_cipher_list(ctx, MODSSL_PCHAR_CAST suite)) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to configure permitted SSL ciphers");
|
"Unable to configure permitted SSL ciphers");
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -732,10 +732,10 @@ static void ssl_init_ctx_crl(server_rec *s,
|
|||||||
(char *)mctx->crl_path);
|
(char *)mctx->crl_path);
|
||||||
|
|
||||||
if (!mctx->crl) {
|
if (!mctx->crl) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to configure X.509 CRL storage "
|
"Unable to configure X.509 CRL storage "
|
||||||
"for certificate revocation");
|
"for certificate revocation");
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -793,7 +793,7 @@ static void ssl_init_ctx_cert_chain(server_rec *s,
|
|||||||
(char *)chain,
|
(char *)chain,
|
||||||
skip_first, NULL);
|
skip_first, NULL);
|
||||||
if (n < 0) {
|
if (n < 0) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Failed to configure CA certificate chain!");
|
"Failed to configure CA certificate chain!");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
@@ -850,16 +850,16 @@ static int ssl_server_import_cert(server_rec *s,
|
|||||||
|
|
||||||
ptr = asn1->cpData;
|
ptr = asn1->cpData;
|
||||||
if (!(cert = d2i_X509(NULL, &ptr, asn1->nData))) {
|
if (!(cert = d2i_X509(NULL, &ptr, asn1->nData))) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to import %s server certificate", type);
|
"Unable to import %s server certificate", type);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (SSL_CTX_use_certificate(mctx->ssl_ctx, cert) <= 0) {
|
if (SSL_CTX_use_certificate(mctx->ssl_ctx, cert) <= 0) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to configure %s server certificate", type);
|
"Unable to configure %s server certificate", type);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -906,16 +906,16 @@ static int ssl_server_import_key(server_rec *s,
|
|||||||
ptr = asn1->cpData;
|
ptr = asn1->cpData;
|
||||||
if (!(pkey = d2i_PrivateKey(pkey_type, NULL, &ptr, asn1->nData)))
|
if (!(pkey = d2i_PrivateKey(pkey_type, NULL, &ptr, asn1->nData)))
|
||||||
{
|
{
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to import %s server private key", type);
|
"Unable to import %s server private key", type);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (SSL_CTX_use_PrivateKey(mctx->ssl_ctx, pkey) <= 0) {
|
if (SSL_CTX_use_PrivateKey(mctx->ssl_ctx, pkey) <= 0) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Unable to configure %s server private key", type);
|
"Unable to configure %s server private key", type);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1033,7 +1033,7 @@ static void ssl_init_server_certs(server_rec *s,
|
|||||||
|| have_ecc
|
|| have_ecc
|
||||||
#endif
|
#endif
|
||||||
)) {
|
)) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
"Oops, no RSA, DSA or ECC server certificate found "
|
"Oops, no RSA, DSA or ECC server certificate found "
|
||||||
#else
|
#else
|
||||||
@@ -1058,7 +1058,7 @@ static void ssl_init_server_certs(server_rec *s,
|
|||||||
|| have_ecc
|
|| have_ecc
|
||||||
#endif
|
#endif
|
||||||
)) {
|
)) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
"Oops, no RSA, DSA or ECC server private key found?!");
|
"Oops, no RSA, DSA or ECC server private key found?!");
|
||||||
#else
|
#else
|
||||||
@@ -1346,7 +1346,7 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList(server_rec *s,
|
|||||||
apr_status_t rv;
|
apr_status_t rv;
|
||||||
|
|
||||||
if ((rv = apr_dir_open(&dir, ca_path, ptemp)) != APR_SUCCESS) {
|
if ((rv = apr_dir_open(&dir, ca_path, ptemp)) != APR_SUCCESS) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
|
||||||
"Failed to open Certificate Path `%s'",
|
"Failed to open Certificate Path `%s'",
|
||||||
ca_path);
|
ca_path);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
|
|||||||
@@ -186,7 +186,7 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
|
|||||||
*/
|
*/
|
||||||
if (sc->server->pks->cert_files[0] == NULL
|
if (sc->server->pks->cert_files[0] == NULL
|
||||||
&& sc->server->pkcs7 == NULL) {
|
&& sc->server->pkcs7 == NULL) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, pServ,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, pServ,
|
||||||
"Server should be SSL-aware but has no certificate "
|
"Server should be SSL-aware but has no certificate "
|
||||||
"configured [Hint: SSLCertificateFile] (%s:%d)",
|
"configured [Hint: SSLCertificateFile] (%s:%d)",
|
||||||
pServ->defn_name, pServ->defn_line_number);
|
pServ->defn_name, pServ->defn_line_number);
|
||||||
@@ -208,16 +208,16 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
|
|||||||
sizeof(szPath));
|
sizeof(szPath));
|
||||||
if ((rv = exists_and_readable(szPath, p, NULL))
|
if ((rv = exists_and_readable(szPath, p, NULL))
|
||||||
!= APR_SUCCESS) {
|
!= APR_SUCCESS) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
|
||||||
"Init: Can't open server certificate file %s",
|
"Init: Can't open server certificate file %s",
|
||||||
szPath);
|
szPath);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
if ((pX509Cert = SSL_read_X509(szPath, NULL, NULL)) == NULL) {
|
if ((pX509Cert = SSL_read_X509(szPath, NULL, NULL)) == NULL) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Init: Unable to read server certificate from"
|
"Init: Unable to read server certificate from"
|
||||||
" file %s", szPath);
|
" file %s", szPath);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -228,10 +228,10 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
|
|||||||
at = ssl_util_algotypeof(pX509Cert, NULL);
|
at = ssl_util_algotypeof(pX509Cert, NULL);
|
||||||
an = ssl_util_algotypestr(at);
|
an = ssl_util_algotypestr(at);
|
||||||
if (algoCert & at) {
|
if (algoCert & at) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Init: Multiple %s server certificates not "
|
"Init: Multiple %s server certificates not "
|
||||||
"allowed", an);
|
"allowed", an);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
algoCert |= at;
|
algoCert |= at;
|
||||||
@@ -304,7 +304,7 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
|
|||||||
*/
|
*/
|
||||||
if ((rv = exists_and_readable(szPath, p,
|
if ((rv = exists_and_readable(szPath, p,
|
||||||
&pkey_mtime)) != APR_SUCCESS ) {
|
&pkey_mtime)) != APR_SUCCESS ) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
|
||||||
"Init: Can't open server private key file "
|
"Init: Can't open server private key file "
|
||||||
"%s",szPath);
|
"%s",szPath);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
@@ -405,7 +405,7 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
|
|||||||
}
|
}
|
||||||
#ifdef WIN32
|
#ifdef WIN32
|
||||||
if (sc->server->pphrase_dialog_type == SSL_PPTYPE_BUILTIN) {
|
if (sc->server->pphrase_dialog_type == SSL_PPTYPE_BUILTIN) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Init: SSLPassPhraseDialog builtin is not "
|
"Init: SSLPassPhraseDialog builtin is not "
|
||||||
"supported on Win32 (key file "
|
"supported on Win32 (key file "
|
||||||
"%s)", szPath);
|
"%s)", szPath);
|
||||||
@@ -438,9 +438,9 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0,
|
||||||
pServ, "Init: Pass phrase incorrect");
|
pServ, "Init: Pass phrase incorrect");
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, pServ);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, pServ);
|
||||||
|
|
||||||
if (writetty) {
|
if (writetty) {
|
||||||
apr_file_printf(writetty, "Apache:mod_ssl:Error: Pass phrase incorrect.\n");
|
apr_file_printf(writetty, "Apache:mod_ssl:Error: Pass phrase incorrect.\n");
|
||||||
@@ -451,11 +451,11 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (pPrivateKey == NULL) {
|
if (pPrivateKey == NULL) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Init: Unable to read server private key from "
|
"Init: Unable to read server private key from "
|
||||||
"file %s [Hint: Perhaps it is in a separate file? "
|
"file %s [Hint: Perhaps it is in a separate file? "
|
||||||
" See SSLCertificateKeyFile]", szPath);
|
" See SSLCertificateKeyFile]", szPath);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -466,10 +466,10 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
|
|||||||
at = ssl_util_algotypeof(NULL, pPrivateKey);
|
at = ssl_util_algotypeof(NULL, pPrivateKey);
|
||||||
an = ssl_util_algotypestr(at);
|
an = ssl_util_algotypestr(at);
|
||||||
if (algoKey & at) {
|
if (algoKey & at) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Init: Multiple %s server private keys not "
|
"Init: Multiple %s server private keys not "
|
||||||
"allowed", an);
|
"allowed", an);
|
||||||
ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);
|
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
algoKey |= at;
|
algoKey |= at;
|
||||||
|
|||||||
@@ -67,7 +67,8 @@ void ssl_scache_init(server_rec *s, apr_pool_t *p)
|
|||||||
rv = mc->stapling_cache->init(mc->stapling_cache_context,
|
rv = mc->stapling_cache->init(mc->stapling_cache_context,
|
||||||
"mod_ssl-stapling", &hints, s, p);
|
"mod_ssl-stapling", &hints, s, p);
|
||||||
if (rv) {
|
if (rv) {
|
||||||
/* ABORT ABORT etc. */
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
|
"Could not initialize stapling cache. Exiting.");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -91,7 +92,8 @@ void ssl_scache_init(server_rec *s, apr_pool_t *p)
|
|||||||
|
|
||||||
rv = mc->sesscache->init(mc->sesscache_context, "mod_ssl-session", &hints, s, p);
|
rv = mc->sesscache->init(mc->sesscache_context, "mod_ssl-session", &hints, s, p);
|
||||||
if (rv) {
|
if (rv) {
|
||||||
/* ABORT ABORT etc. */
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
|
"Could not initialize session cache. Exiting.");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -287,7 +287,7 @@ STACK_OF(X509) *ssl_read_pkcs7(server_rec *s, const char *pkcs7)
|
|||||||
|
|
||||||
f = fopen(pkcs7, "r");
|
f = fopen(pkcs7, "r");
|
||||||
if (!f) {
|
if (!f) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, "Can't open %s", pkcs7);
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, "Can't open %s", pkcs7);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -313,13 +313,13 @@ STACK_OF(X509) *ssl_read_pkcs7(server_rec *s, const char *pkcs7)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_NOERRNO, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"Don't understand PKCS7 file %s", pkcs7);
|
"Don't understand PKCS7 file %s", pkcs7);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!certs) {
|
if (!certs) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_NOERRNO, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"No certificates in %s", pkcs7);
|
"No certificates in %s", pkcs7);
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -653,12 +653,12 @@ void modssl_init_stapling(server_rec *s, apr_pool_t *p, apr_pool_t *ptemp,
|
|||||||
SSLModConfigRec *mc = myModConfig(s);
|
SSLModConfigRec *mc = myModConfig(s);
|
||||||
|
|
||||||
if (mc->stapling_cache == NULL) {
|
if (mc->stapling_cache == NULL) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"SSLStapling: no stapling cache available");
|
"SSLStapling: no stapling cache available");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
if (ssl_stapling_mutex_init(s, ptemp) == FALSE) {
|
if (ssl_stapling_mutex_init(s, ptemp) == FALSE) {
|
||||||
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
|
ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
|
||||||
"SSLStapling: cannot initialise stapling mutex");
|
"SSLStapling: cannot initialise stapling mutex");
|
||||||
ssl_die();
|
ssl_die();
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user