Fix SSL DEBUG levels to match CVS elog flags.
This commit is contained in:
Bruce Momjian
parent
0bb61f4af8
commit
7005e4c076
|
|
@ -11,7 +11,7 @@
|
||||||
*
|
*
|
||||||
*
|
*
|
||||||
* IDENTIFICATION
|
* IDENTIFICATION
|
||||||
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.7 2002/06/17 07:33:25 momjian Exp $
|
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.8 2002/06/17 15:19:28 momjian Exp $
|
||||||
*
|
*
|
||||||
* Since the server static private key ($DataDir/server.key)
|
* Since the server static private key ($DataDir/server.key)
|
||||||
* will normally be stored unencrypted so that the database
|
* will normally be stored unencrypted so that the database
|
||||||
|
|
@ -396,7 +396,7 @@ load_dh_file (int keylength)
|
||||||
/* is the prime the correct size? */
|
/* is the prime the correct size? */
|
||||||
if (dh != NULL && 8*DH_size(dh) < keylength)
|
if (dh != NULL && 8*DH_size(dh) < keylength)
|
||||||
{
|
{
|
||||||
elog(DEBUG1, "DH errors (%s): %d bits expected, %d bits found",
|
elog(LOG, "DH errors (%s): %d bits expected, %d bits found",
|
||||||
fnbuf, keylength, 8*DH_size(dh));
|
fnbuf, keylength, 8*DH_size(dh));
|
||||||
dh = NULL;
|
dh = NULL;
|
||||||
}
|
}
|
||||||
|
|
@ -406,18 +406,18 @@ load_dh_file (int keylength)
|
||||||
{
|
{
|
||||||
if (DH_check(dh, &codes))
|
if (DH_check(dh, &codes))
|
||||||
{
|
{
|
||||||
elog(DEBUG1, "DH_check error (%s): %s", fnbuf, SSLerrmessage());
|
elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage());
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (codes & DH_CHECK_P_NOT_PRIME)
|
if (codes & DH_CHECK_P_NOT_PRIME)
|
||||||
{
|
{
|
||||||
elog(DEBUG1, "DH error (%s): p is not prime", fnbuf);
|
elog(LOG, "DH error (%s): p is not prime", fnbuf);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if ((codes & DH_NOT_SUITABLE_GENERATOR) &&
|
if ((codes & DH_NOT_SUITABLE_GENERATOR) &&
|
||||||
(codes & DH_CHECK_P_NOT_SAFE_PRIME))
|
(codes & DH_CHECK_P_NOT_SAFE_PRIME))
|
||||||
{
|
{
|
||||||
elog(DEBUG1,
|
elog(LOG,
|
||||||
"DH error (%s): neither suitable generator or safe prime",
|
"DH error (%s): neither suitable generator or safe prime",
|
||||||
fnbuf);
|
fnbuf);
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
@ -547,35 +547,31 @@ verify_cb (int ok, X509_STORE_CTX *ctx)
|
||||||
static void
|
static void
|
||||||
info_cb (SSL *ssl, int type, int args)
|
info_cb (SSL *ssl, int type, int args)
|
||||||
{
|
{
|
||||||
if (DebugLvl < 2)
|
|
||||||
return;
|
|
||||||
|
|
||||||
switch (type)
|
switch (type)
|
||||||
{
|
{
|
||||||
case SSL_CB_HANDSHAKE_START:
|
case SSL_CB_HANDSHAKE_START:
|
||||||
elog(DEBUG1, "SSL: handshake start");
|
elog(DEBUG3, "SSL: handshake start");
|
||||||
break;
|
break;
|
||||||
case SSL_CB_HANDSHAKE_DONE:
|
case SSL_CB_HANDSHAKE_DONE:
|
||||||
elog(DEBUG1, "SSL: handshake done");
|
elog(DEBUG3, "SSL: handshake done");
|
||||||
break;
|
break;
|
||||||
case SSL_CB_ACCEPT_LOOP:
|
case SSL_CB_ACCEPT_LOOP:
|
||||||
if (DebugLvl >= 3)
|
elog(DEBUG3, "SSL: accept loop");
|
||||||
elog(DEBUG1, "SSL: accept loop");
|
|
||||||
break;
|
break;
|
||||||
case SSL_CB_ACCEPT_EXIT:
|
case SSL_CB_ACCEPT_EXIT:
|
||||||
elog(DEBUG1, "SSL: accept exit (%d)", args);
|
elog(DEBUG3, "SSL: accept exit (%d)", args);
|
||||||
break;
|
break;
|
||||||
case SSL_CB_CONNECT_LOOP:
|
case SSL_CB_CONNECT_LOOP:
|
||||||
elog(DEBUG1, "SSL: connect loop");
|
elog(DEBUG3, "SSL: connect loop");
|
||||||
break;
|
break;
|
||||||
case SSL_CB_CONNECT_EXIT:
|
case SSL_CB_CONNECT_EXIT:
|
||||||
elog(DEBUG1, "SSL: connect exit (%d)", args);
|
elog(DEBUG3, "SSL: connect exit (%d)", args);
|
||||||
break;
|
break;
|
||||||
case SSL_CB_READ_ALERT:
|
case SSL_CB_READ_ALERT:
|
||||||
elog(DEBUG1, "SSL: read alert (0x%04x)", args);
|
elog(DEBUG3, "SSL: read alert (0x%04x)", args);
|
||||||
break;
|
break;
|
||||||
case SSL_CB_WRITE_ALERT:
|
case SSL_CB_WRITE_ALERT:
|
||||||
elog(DEBUG1, "SSL: write alert (0x%04x)", args);
|
elog(DEBUG3, "SSL: write alert (0x%04x)", args);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue