Re: Improved SSL Error Logging [RT #29932]

2012-12-06 Thread Shane Kerr
Noel, On Thursday, 2012-12-06 11:03:24 +1000, Noel Butler noel.but...@ausics.net wrote: Hi Shane, Mark, Evan On Tue, 2012-10-16 at 08:22 +0200, Shane Kerr wrote: These changes are in our review queue now, so will go in future releases. I guess this was not pushed in? After

Re: Improved SSL Error Logging [RT #29932]

2012-12-06 Thread Noel Butler
Thanks Shane, I have re-applied previous changes to source files and that has silenced them again in meantime. Cheers Noel On Thu, 2012-12-06 at 17:05 +0100, Shane Kerr wrote: Noel, On Thursday, 2012-12-06 11:03:24 +1000, Noel Butler noel.but...@ausics.net wrote: Hi Shane, Mark, Evan

Re: Improved SSL Error Logging [RT #29932]

2012-12-05 Thread Noel Butler
Hi Shane, Mark, Evan On Tue, 2012-10-16 at 08:22 +0200, Shane Kerr wrote: Noel, These changes are in our review queue now, so will go in future releases. Cheers, I guess this was not pushed in? After update to 9.9.2-p1 the old logging returned, eg: huge snip Dec 6 10:47:30 ns1

Re: Improved SSL Error Logging [RT #29932]

2012-10-16 Thread Shane Kerr
Noel, These changes are in our review queue now, so will go in future releases. Cheers, -- Shane Kerr ISC On Saturday, 2012-10-13 11:07:01 +1000, Noel Butler noel.but...@ausics.net wrote: Thanks Mark, These changes have been committed for future patch releases? Cheers On Fri,

Re: Improved SSL Error Logging [RT #29932]

2012-10-12 Thread Noel Butler
Thanks Mark, These changes have been committed for future patch releases? Cheers On Fri, 2012-10-12 at 12:16 +1100, Mark Andrews wrote: Just drop the log level to ISC_LOG_DEBUG(1) and recompile. Search for sucessfully validated after lower casing in lib/dns/dnssec.c

Re: Improved SSL Error Logging [RT #29932]

2012-10-11 Thread Noel Butler
On Wed, 2012-10-10 at 18:44 +, Evan Hunt wrote: BIND 9.7.7, 9.8.4 and 9.9.2 have improved OpenSSL error logging. Unfortunately, our logs are now filling up with RSA_verify failed messages. Yeah, oops, we made that one too noisy. You're not the first one who's noticed. :/ How

Re: Improved SSL Error Logging [RT #29932]

2012-10-11 Thread Mark Andrews
In message 135602.4741.10.camel@tardis, Noel Butler writes: On Wed, 2012-10-10 at 18:44 +, Evan Hunt wrote: BIND 9.7.7, 9.8.4 and 9.9.2 have improved OpenSSL error logging. Unfortunately, our logs are now filling up with RSA_verify failed messages. =20 Yeah, oops, we made

Re: Improved SSL Error Logging [RT #29932]

2012-10-10 Thread Evan Hunt
BIND 9.7.7, 9.8.4 and 9.9.2 have improved OpenSSL error logging. Unfortunately, our logs are now filling up with RSA_verify failed messages. Yeah, oops, we made that one too noisy. You're not the first one who's noticed. :/ How does one go about tracking down the source of these failures