From: Remi Tricot-Le Breton Date: Wed, 20 Mar 2024 13:13:37 +0000 (+0100) Subject: MINOR: ssl: Change level of ocsp-update logs X-Git-Tag: v3.0-dev6~73 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=328a8937133a8075901a90cfb34387d18deefa73;p=thirdparty%2Fhaproxy.git MINOR: ssl: Change level of ocsp-update logs The pure ocsp-update log used to be in log level "info" and it would be mixed with actual traffic logs. This patch changes it to level "notice". --- diff --git a/doc/configuration.txt b/doc/configuration.txt index 08782370e3..980de0b92f 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -16095,12 +16095,12 @@ ocsp-update [ off | on ] (crt-list only) Here are two examples of such log lines, with a successful OCSP update log line first and then an example of an HTTP error with the two different lines (lines were spit and the URL was shortened for readability): - <134>Mar 6 11:16:53 haproxy[14872]: /path_to_cert/foo.pem 1 \ + <133>Mar 6 11:16:53 haproxy[14872]: /path_to_cert/foo.pem 1 \ "Update successful" 0 1 - <134>Mar 6 11:18:55 haproxy[14872]: /path_to_cert/bar.pem 2 \ + <133>Mar 6 11:18:55 haproxy[14872]: /path_to_cert/bar.pem 2 \ "HTTP error" 1 0 - <134>Mar 6 11:18:55 haproxy[14872]: -:- [06/Mar/2023:11:18:52.200] \ + <133>Mar 6 11:18:55 haproxy[14872]: -:- [06/Mar/2023:11:18:52.200] \ -/- 2/0/-1/-1/3009 503 217 - - SC-- 0/0/0/0/3 0/0 {} \ "GET http://127.0.0.1:12345/MEMwQT HTTP/1.1" diff --git a/src/ssl_ocsp.c b/src/ssl_ocsp.c index 6d68aa3d43..e2e1143470 100644 --- a/src/ssl_ocsp.c +++ b/src/ssl_ocsp.c @@ -1130,7 +1130,7 @@ static void ssl_ocsp_send_log() status_str = istptr(ocsp_update_errors[ssl_ocsp_task_ctx.update_status]); } - send_log(httpclient_ocsp_update_px, LOG_INFO, "%s %s %u \"%.*s\" %u %u", + send_log(httpclient_ocsp_update_px, LOG_NOTICE, "%s %s %u \"%.*s\" %u %u", httpclient_ocsp_update_px->id, ocsp->path, ssl_ocsp_task_ctx.update_status,