From 27d8545cfd38d89429a8b03980efb311cfeb4bba Mon Sep 17 00:00:00 2001 From: hno <> Date: Sun, 21 Jul 2002 05:23:17 +0000 Subject: [PATCH] Resolved debug section conflict between SSL and the cache store (both were using section 81) --- src/client_side.cc | 14 ++++++------- src/ssl_support.cc | 50 +++++++++++++++++++++++----------------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/src/client_side.cc b/src/client_side.cc index 39e0f30b56..90681db703 100644 --- a/src/client_side.cc +++ b/src/client_side.cc @@ -1,6 +1,6 @@ /* - * $Id: client_side.cc,v 1.582 2002/07/20 12:30:04 hno Exp $ + * $Id: client_side.cc,v 1.583 2002/07/20 23:23:17 hno Exp $ * * DEBUG: section 33 Client-side Routines * AUTHOR: Duane Wessels @@ -2910,26 +2910,26 @@ clientNegotiateSSL(int fd, void *data) } ret = ERR_get_error(); if (ret) { - debug(81, 1) ("clientNegotiateSSL: Error negotiating SSL connection on FD %d: %s\n", + debug(83, 1) ("clientNegotiateSSL: Error negotiating SSL connection on FD %d: %s\n", fd, ERR_error_string(ret, NULL)); } comm_close(fd); return; } - debug(81, 5) ("clientNegotiateSSL: FD %d negotiated cipher %s\n", fd, + debug(83, 5) ("clientNegotiateSSL: FD %d negotiated cipher %s\n", fd, SSL_get_cipher(fd_table[fd].ssl)); client_cert = SSL_get_peer_certificate(fd_table[fd].ssl); if (client_cert != NULL) { - debug(81, 5) ("clientNegotiateSSL: FD %d client certificate: subject: %s\n", fd, + debug(83, 5) ("clientNegotiateSSL: FD %d client certificate: subject: %s\n", fd, X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0)); - debug(81, 5) ("clientNegotiateSSL: FD %d client certificate: issuer: %s\n", fd, + debug(83, 5) ("clientNegotiateSSL: FD %d client certificate: issuer: %s\n", fd, X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0)); X509_free(client_cert); } else { - debug(81, 5) ("clientNegotiateSSL: FD %d has no certificate.\n", fd); + debug(83, 5) ("clientNegotiateSSL: FD %d has no certificate.\n", fd); } commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0); @@ -2970,7 +2970,7 @@ httpsAccept(int sock, void *data) } if ((ssl = SSL_new(sslContext)) == NULL) { ssl_error = ERR_get_error(); - debug(81, 1) ("httpsAccept: Error allocating handle: %s\n", + debug(83, 1) ("httpsAccept: Error allocating handle: %s\n", ERR_error_string(ssl_error, NULL)); break; } diff --git a/src/ssl_support.cc b/src/ssl_support.cc index 2304f4086c..ea9cf3d01a 100644 --- a/src/ssl_support.cc +++ b/src/ssl_support.cc @@ -1,9 +1,9 @@ /* - * $Id: ssl_support.cc,v 1.5 2001/10/24 06:55:44 hno Exp $ + * $Id: ssl_support.cc,v 1.6 2002/07/20 23:23:17 hno Exp $ * * AUTHOR: Benno Rice - * DEBUG: section 81 SSL accelerator support + * DEBUG: section 83 SSL accelerator support * * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ * ---------------------------------------------------------- @@ -59,26 +59,26 @@ ssl_verify_cb(int ok, X509_STORE_CTX * ctx) X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buffer, sizeof(buffer)); if (ok) - debug(81, 5) ("SSL Certificate OK: %s\n", buffer); + debug(83, 5) ("SSL Certificate OK: %s\n", buffer); else { switch (ctx->error) { case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - debug(81, 5) ("SSL Certficate error: CA not known: %s\n", buffer); + debug(83, 5) ("SSL Certficate error: CA not known: %s\n", buffer); break; case X509_V_ERR_CERT_NOT_YET_VALID: - debug(81, 5) ("SSL Certficate not yet valid: %s\n", buffer); + debug(83, 5) ("SSL Certficate not yet valid: %s\n", buffer); break; case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - debug(81, 5) ("SSL Certificate has illegal \'not before\' field: %s\n", buffer); + debug(83, 5) ("SSL Certificate has illegal \'not before\' field: %s\n", buffer); break; case X509_V_ERR_CERT_HAS_EXPIRED: - debug(81, 5) ("SSL Certificate expired: %s\n", buffer); + debug(83, 5) ("SSL Certificate expired: %s\n", buffer); break; case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - debug(81, 5) ("SSL Certificate has invalid \'not after\' field: %s\n", buffer); + debug(83, 5) ("SSL Certificate has invalid \'not after\' field: %s\n", buffer); break; default: - debug(81, 5) ("SSL unknown certificate error %d in %s\n", + debug(83, 5) ("SSL unknown certificate error %d in %s\n", ctx->error, buffer); break; } @@ -242,23 +242,23 @@ sslCreateContext(const char *certfile, const char *keyfile, int version, const c if (!certfile) certfile = keyfile; - debug(81, 1) ("Initialising SSL.\n"); + debug(83, 1) ("Initialising SSL.\n"); switch (version) { case 2: - debug(81, 5) ("Using SSLv2.\n"); + debug(83, 5) ("Using SSLv2.\n"); method = SSLv2_server_method(); break; case 3: - debug(81, 5) ("Using SSLv3.\n"); + debug(83, 5) ("Using SSLv3.\n"); method = SSLv3_server_method(); break; case 4: - debug(81, 5) ("Using TLSv1.\n"); + debug(83, 5) ("Using TLSv1.\n"); method = TLSv1_server_method(); break; case 1: default: - debug(81, 5) ("Using SSLv2/SSLv3.\n"); + debug(83, 5) ("Using SSLv2/SSLv3.\n"); method = SSLv23_server_method(); break; } @@ -272,43 +272,43 @@ sslCreateContext(const char *certfile, const char *keyfile, int version, const c SSL_CTX_set_options(sslContext, ssl_parse_options(options)); if (cipher) { - debug(81, 5) ("Using chiper suite %s.\n", cipher); + debug(83, 5) ("Using chiper suite %s.\n", cipher); if (!SSL_CTX_set_cipher_list(sslContext, cipher)) { ssl_error = ERR_get_error(); fatalf("Failed to set SSL cipher suite: %s\n", ERR_error_string(ssl_error, NULL)); } } - debug(81, 1) ("Using certificate in %s\n", certfile); + debug(83, 1) ("Using certificate in %s\n", certfile); if (!SSL_CTX_use_certificate_file(sslContext, certfile, SSL_FILETYPE_PEM)) { ssl_error = ERR_get_error(); fatalf("Failed to acquire SSL certificate: %s\n", ERR_error_string(ssl_error, NULL)); } - debug(81, 1) ("Using private key in %s\n", keyfile); + debug(83, 1) ("Using private key in %s\n", keyfile); if (!SSL_CTX_use_PrivateKey_file(sslContext, keyfile, SSL_FILETYPE_PEM)) { ssl_error = ERR_get_error(); fatalf("Failed to acquire SSL private key: %s\n", ERR_error_string(ssl_error, NULL)); } - debug(81, 5) ("Comparing private and public SSL keys.\n"); + debug(83, 5) ("Comparing private and public SSL keys.\n"); if (!SSL_CTX_check_private_key(sslContext)) fatal("SSL private key does not match public key: %s\n"); - debug(81, 9) ("Setting RSA key generation callback.\n"); + debug(83, 9) ("Setting RSA key generation callback.\n"); SSL_CTX_set_tmp_rsa_callback(sslContext, ssl_temp_rsa_cb); - debug(81, 9) ("Setting certificate verification callback.\n"); + debug(83, 9) ("Setting certificate verification callback.\n"); SSL_CTX_set_verify(sslContext, SSL_VERIFY_NONE, ssl_verify_cb); - debug(81, 9) ("Setting default CA certificate location.\n"); + debug(83, 9) ("Setting default CA certificate location.\n"); if (!SSL_CTX_set_default_verify_paths(sslContext)) { ssl_error = ERR_get_error(); - debug(81, 1) ("Error error setting default CA certificate location: %s\n", + debug(83, 1) ("Error error setting default CA certificate location: %s\n", ERR_error_string(ssl_error, NULL)); - debug(81, 1) ("continuing anyway...\n"); + debug(83, 1) ("continuing anyway...\n"); } - debug(81, 9) ("Set client certifying authority list.\n"); + debug(83, 9) ("Set client certifying authority list.\n"); SSL_CTX_set_client_CA_list(sslContext, SSL_load_client_CA_file(certfile)); return sslContext; } @@ -324,7 +324,7 @@ ssl_read_method(fd, buf, len) i = SSL_read(fd_table[fd].ssl, buf, len); if (i > 0 && SSL_pending(fd_table[fd].ssl) > 0) { - debug(81, 2) ("SSL fd %d is pending\n", fd); + debug(83, 2) ("SSL fd %d is pending\n", fd); fd_table[fd].flags.read_pending = 1; } else fd_table[fd].flags.read_pending = 0; -- 2.47.3