Place more msgs under cache_log_message control, downgrade some (#1273)

Also support cache_log_message-controlled messages in ::Config-unaware
libraries (e.g., libip) used by tools (e.g., cachemgr.cgi).

Restricting the very first (i.e. "depth 0") "Processing Configuration
File" message does not work during startup (before that file is parsed),
and does not work during reconfiguration (because the old configuration
is reset shortly before logging that line). Future reconfiguration
support improvements may fix the reset problem. Restrictions do work as
expected for included files (i.e. positive "depth" levels).

Restricting "BCP 177 violation" WARNINGs does not work because the
warnings are printed _before_ Squid configuration is parsed. Future
initialization improvements may fix this.

Also downgraded the importance of a few (re)configuration
progress-reporting messages from level 1 to level 2.

diff --git a/doc/debug-messages.dox b/doc/debug-messages.dox
index 0b11301995c0b92340925ff0796a77905e83d9b8..c5db63c9f7a5cde0222e93e95bafe557016b2e11 100644 (file)
--- a/doc/debug-messages.dox
+++ b/doc/debug-messages.dox
@@ -63,5 +63,8 @@ ID Message gist
 63 Resuming indexing cache_dir # ... from ...
 64 DNS IPv4 socket created at ..., FD ...
 65 WARNING: Indexer ignores a cache_dir entry: ...
+66 WARNING: BCP 177 violation. Detected non-functional IPv6 loopback.
+67 WARNING: BCP 177 violation. IPv6 transport forced OFF by build parameters.
+68 Processing Configuration File: ... (depth ...)
 \endverbatim
 */

diff --git a/src/AuthReg.cc b/src/AuthReg.cc
index b4698d8bbaf92d5df989ab822f3ec0b672b6ca18..32adbf8aabeb26cf44bad99e6decfbaa426be7df 100644 (file)
--- a/src/AuthReg.cc
+++ b/src/AuthReg.cc
@@ -30,18 +30,18 @@
 void
 Auth::Init()
 {
-    debugs(29,DBG_IMPORTANT,"Startup: Initializing Authentication Schemes ...");
+    debugs(29, 2, "Initializing Authentication Schemes ...");
 #if HAVE_AUTH_MODULE_BASIC
     static const char *basic_type = Auth::Basic::Scheme::GetInstance()->type();
-    debugs(29,DBG_IMPORTANT,"Startup: Initialized Authentication Scheme '" << basic_type << "'");
+    debugs(29, 2, "Initialized Authentication Scheme '" << basic_type << "'");
 #endif
 #if HAVE_AUTH_MODULE_DIGEST
     static const char *digest_type = Auth::Digest::Scheme::GetInstance()->type();
-    debugs(29,DBG_IMPORTANT,"Startup: Initialized Authentication Scheme '" << digest_type << "'");
+    debugs(29, 2, "Initialized Authentication Scheme '" << digest_type << "'");
 #endif
 #if HAVE_AUTH_MODULE_NEGOTIATE
     static const char *negotiate_type = Auth::Negotiate::Scheme::GetInstance()->type();
-    debugs(29,DBG_IMPORTANT,"Startup: Initialized Authentication Scheme '" << negotiate_type << "'");
+    debugs(29, 2, "Initialized Authentication Scheme '" << negotiate_type << "'");
 #endif
 }
 

diff --git a/src/SquidConfig.h b/src/SquidConfig.h
index 9258dd0deebe37d1bef5de6512a02f13b9d51ccc..76f22d1ad6280606db3e1ac40bd808ece0153366 100644 (file)
--- a/src/SquidConfig.h
+++ b/src/SquidConfig.h
@@ -552,8 +552,6 @@ public:
         int connect_gap;
         int connect_timeout;
     } happyEyeballs;
-
-    DebugMessages *debugMessages; ///< cache_log_message
 };
 
 extern SquidConfig Config;

diff --git a/src/adaptation/icap/ServiceRep.cc b/src/adaptation/icap/ServiceRep.cc
index 85d3886af2485804c8b5c544a22430a94fb732db..ddefdfefaafeab94964c502fe6a38aa489c30c8c 100644 (file)
--- a/src/adaptation/icap/ServiceRep.cc
+++ b/src/adaptation/icap/ServiceRep.cc
@@ -80,7 +80,7 @@ Adaptation::Icap::ServiceRep::finalize()
         writeableCfg().secure.encryptTransport = true;
 
     if (cfg().secure.encryptTransport) {
-        debugs(3, DBG_IMPORTANT, "Initializing service " << cfg().resource << " SSL context");
+        debugs(3, 2, "initializing service " << cfg().resource << " SSL context");
         sslContext = writeableCfg().secure.createClientContext(true);
     }
 

diff --git a/src/cache_cf.cc b/src/cache_cf.cc
index 4deb38c09545dbf7899915ca2167d01d7833e269..aa12ba54f006d2c0f7bc349bc7263c7c38d48170 100644 (file)
--- a/src/cache_cf.cc
+++ b/src/cache_cf.cc
@@ -443,7 +443,7 @@ parseOneConfigFile(const char *file_name, unsigned int depth)
     int err_count = 0;
     int is_pipe = 0;
 
-    debugs(3, DBG_IMPORTANT, "Processing Configuration File: " << file_name << " (depth " << depth << ")");
+    debugs(3, Important(68), "Processing Configuration File: " << file_name << " (depth " << depth << ")");
     if (depth > 16) {
         fatalf("WARNING: can't include %s: includes are nested too deeply (>16)!\n", file_name);
         return 1;
@@ -961,7 +961,7 @@ configDoConfigure(void)
 #endif
 
     if (Security::ProxyOutgoingConfig.encryptTransport) {
-        debugs(3, DBG_IMPORTANT, "Initializing https:// proxy context");
+        debugs(3, 2, "initializing https:// proxy context");
         Config.ssl_client.sslContext = Security::ProxyOutgoingConfig.createClientContext(false);
         if (!Config.ssl_client.sslContext) {
 #if USE_OPENSSL
@@ -982,7 +982,7 @@ configDoConfigure(void)
             p->secure.sslDomain = p->host;
 
         if (p->secure.encryptTransport) {
-            debugs(3, DBG_IMPORTANT, "Initializing TLS context for cache_peer " << *p);
+            debugs(3, 2, "initializing TLS context for cache_peer " << *p);
             p->sslContext = p->secure.createClientContext(true);
             if (!p->sslContext) {
                 debugs(3, DBG_CRITICAL, "ERROR: Could not initialize TLS context for cache_peer " << *p);
@@ -995,7 +995,7 @@ configDoConfigure(void)
     for (AnyP::PortCfgPointer s = HttpPortList; s != nullptr; s = s->next) {
         if (!s->secure.encryptTransport)
             continue;
-        debugs(3, DBG_IMPORTANT, "Initializing " << AnyP::UriScheme(s->transport.protocol) << "_port " << s->s << " TLS contexts");
+        debugs(3, 2, "initializing " << AnyP::UriScheme(s->transport.protocol) << "_port " << s->s << " TLS contexts");
         s->secure.initServerContexts(*s);
     }
 

diff --git a/src/cf.data.pre b/src/cf.data.pre
index c65fe664c997ab9abdc17afdc786c89cb1deeb54..33087f70ff6fa749e52b329f0e907575e8bb1291 100644 (file)
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -5644,7 +5644,7 @@ NAME: cache_log_message
 TYPE: cache_log_message
 DEFAULT: none
 DEFAULT_DOC: Use debug_options.
-LOC: Config.debugMessages
+LOC: DebugMessagesConfig
 DOC_START
        Configures logging of individual cache.log messages.
 

diff --git a/src/debug/Messages.h b/src/debug/Messages.h
index 6c0f1dc4c5a3313bdd360fcfa382b4f135ff466a..c7b0c06e5d2f6c98a3d3d0d6ac39f6707fb88fba 100644 (file)
--- a/src/debug/Messages.h
+++ b/src/debug/Messages.h
@@ -12,7 +12,6 @@
 #define SQUID_DEBUG_MESSAGES_H
 
 #include "debug/Stream.h"
-#include "SquidConfig.h"
 
 #include <array>
 #include <limits>
@@ -62,7 +61,7 @@ private:
 };
 
 /// The maximum used DebugMessage::id plus 1. Increase as you add new IDs.
-constexpr DebugMessageId DebugMessageIdUpperBound = 66;
+constexpr DebugMessageId DebugMessageIdUpperBound = 69;
 
 /// a collection of DebugMessage objects (with fast access by message IDs)
 class DebugMessages
@@ -73,6 +72,9 @@ public:
     Storage messages;
 };
 
+/// Global configuration for DebugMessageLevel() (where/when supported).
+inline DebugMessages *DebugMessagesConfig = nullptr;
+
 // Using a template allows us to check message ID range at compile time.
 /// \returns configured debugging level for the given message or defaultLevel
 template <DebugMessageId id>
@@ -81,7 +83,7 @@ DebugMessageLevel(const int defaultLevel)
 {
     static_assert(id > 0, "debugs() message ID must be positive");
     static_assert(id < DebugMessageIdUpperBound, "debugs() message ID must be smaller than DebugMessageIdUpperBound");
-    if (const auto configured = Config.debugMessages)
+    if (const auto configured = DebugMessagesConfig)
         return (configured->messages)[id].currentLevel(defaultLevel);
     return defaultLevel;
 }

diff --git a/src/ip/tools.cc b/src/ip/tools.cc
index 96a5c5bde7dcb5a36dd55bc9c05b87ddad689a3d..0697221b5e091b1fd69e534bd823c1c0ecc38eb3 100644 (file)
--- a/src/ip/tools.cc
+++ b/src/ip/tools.cc
@@ -9,7 +9,7 @@
 /* DEBUG: section 21    Misc Functions */
 
 #include "squid.h"
-#include "debug/Stream.h"
+#include "debug/Messages.h"
 #include "ip/Address.h"
 #include "ip/tools.h"
 
@@ -64,7 +64,7 @@ Ip::ProbeTransport()
         struct sockaddr_in6 sin;
         ip.getSockAddr(sin);
         if (bind(s, reinterpret_cast<struct sockaddr *>(&sin), sizeof(sin)) != 0) {
-            debugs(3, DBG_CRITICAL, "WARNING: BCP 177 violation. Detected non-functional IPv6 loopback.");
+            debugs(3, Critical(66), "WARNING: BCP 177 violation. Detected non-functional IPv6 loopback.");
             EnableIpv6 = IPV6_OFF;
         } else {
             debugs(3, 2, "Detected functional IPv6 loopback ...");
@@ -78,7 +78,7 @@ Ip::ProbeTransport()
 #else
     debugs(3, 2, "IPv6 transport " << (EnableIpv6?"Available":"Disabled"));
     if (EnableIpv6 != IPV6_OFF) {
-        debugs(3, DBG_CRITICAL, "WARNING: BCP 177 violation. IPv6 transport forced OFF by build parameters.");
+        debugs(3, Critical(67), "WARNING: BCP 177 violation. IPv6 transport forced OFF by build parameters.");
         EnableIpv6 = IPV6_OFF;
     }
 #endif

diff --git a/src/security/KeyData.cc b/src/security/KeyData.cc
index c7e1fb8b0ddd72328b68b2b755b8d2be335cc28c..f32b9bd3ab3031c847664a69932f2e7847946eb3 100644 (file)
--- a/src/security/KeyData.cc
+++ b/src/security/KeyData.cc
@@ -20,7 +20,7 @@
 bool
 Security::KeyData::loadCertificates()
 {
-    debugs(83, DBG_IMPORTANT, "Using certificate in " << certFile);
+    debugs(83, 2, "from " << certFile);
     cert.reset(); // paranoid: ensure cert is unset
 
 #if USE_OPENSSL
@@ -136,7 +136,7 @@ Security::KeyData::loadCertificates()
 bool
 Security::KeyData::loadX509PrivateKeyFromFile()
 {
-    debugs(83, DBG_IMPORTANT, "Using key in " << privateKeyFile);
+    debugs(83, 2, "from " << privateKeyFile);
 
 #if USE_OPENSSL
     const char *keyFilename = privateKeyFile.c_str();

diff --git a/src/ssl/support.cc b/src/ssl/support.cc
index eec2f3f77340d371781016d161c9211949f66709..ce7896ead6ec52edf0f07aae9377e805ba93264c 100644 (file)
--- a/src/ssl/support.cc
+++ b/src/ssl/support.cc
@@ -727,7 +727,7 @@ Ssl::InitClientContext(Security::ContextPointer &ctx, Security::PeerOptions &pee
         // TODO: support loading multiple cert/key pairs
         auto &keys = peer.certs.front();
         if (!keys.certFile.isEmpty()) {
-            debugs(83, DBG_IMPORTANT, "Using certificate in " << keys.certFile);
+            debugs(83, 2, "loading client certificate from " << keys.certFile);
 
             const char *certfile = keys.certFile.c_str();
             if (!SSL_CTX_use_certificate_chain_file(ctx.get(), certfile)) {
@@ -736,7 +736,7 @@ Ssl::InitClientContext(Security::ContextPointer &ctx, Security::PeerOptions &pee
                        certfile, Security::ErrorString(ssl_error));
             }
 
-            debugs(83, DBG_IMPORTANT, "Using private key in " << keys.privateKeyFile);
+            debugs(83, 2, "loading private key from " << keys.privateKeyFile);
             const char *keyfile = keys.privateKeyFile.c_str();
             ssl_ask_password(ctx.get(), keyfile);