Re: svn commit: r1209766 [9/12] - in /httpd/httpd/trunk: docs/log-message-tags/ modules/aaa/ modules/apreq/ modules/arch/netware/ modules/arch/unix/ modules/arch/win32/ modules/cache/ modules/cluster/ modules/core/ modules/database/ modules/dav/fs/ modules...

Wed, 07 Dec 2011 07:11:46 -0800 

On 03.12.2011 00:02, [email protected] wrote:
> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_log.c
> URL: 
> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_log.c?rev=1209766&r1=1209765&r2=1209766&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/ssl/ssl_engine_log.c (original)
> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_log.c Fri Dec  2 23:02:04 2011
> @@ -94,7 +94,7 @@ void ssl_log_ssl_error(const char *file,
>          annotation = ssl_log_annotation(err);
>  
>          ap_log_error(file, line, APLOG_MODULE_INDEX, level, 0, s,
> -                     "SSL Library Error: %s%s%s%s%s%s",
> +                     APLOGNO(02021) "SSL Library Error: %s%s%s%s%s%s",
>                       /* %s */
>                       err,
>                       /* %s%s%s */
> @@ -135,7 +135,7 @@ static void ssl_log_cert_error(const cha
>               */
>              int maxdnlen = (HUGE_STRING_LEN - msglen - 300) / 2;
>  
> -            BIO_puts(bio, " [subject: ");
> +            BIO_puts(bio, APLOGNO(02022) " [subject: ");
>              name = SSL_X509_NAME_to_string(p, X509_get_subject_name(cert),
>                                             maxdnlen);
>              if (!strIsEmpty(name)) {
> @@ -174,7 +174,7 @@ static void ssl_log_cert_error(const cha
>      }
>      else {
>          apr_snprintf(buf + msglen, sizeof buf - msglen,
> -                     " [certificate: -not available-]");
> +                     APLOGNO(02023) " [certificate: -not available-]");
>      }
>  
>      if (r) {
> 

These changes aren't doing the right thing, I think... both
ssl_log_ssl_error() and ssl_log_cert_error() are basically wrappers for
ap_log_*(), and are therefore called from various places in mod_ssl -
i.e. the messages triggering them should get different tags. (Also, in
the case of ssl_log_cert_error, the error tag is currently inserted
somewhere in the middle of the message, because ssl_log_cert_error
appends to a message already stored in buf.)

ssl_log_ssl_error is (virtually?) always called in combination with
ap_log_*, so we might do without a tag for these messages - or
otherwise, modify ssl_log_ssl_error to allow a tag to be passed in, and
then use the same tag in both log calls (?). Finally, as far as
ssl_log_xerror/ssl_log_cxerror/ssl_log_rxerror are concerned, would it
be possible to extend the Coccinelle patch file so that these are also
recognized?

Kaspar

Reply via email to