Skip to content

P
Postgres FD Implementation
Commit 7005e4c0 authored by Bruce Momjian's avatar Bruce Momjian
Browse files
Options

Fix SSL DEBUG levels to match CVS elog flags.

parent 0bb61f4a
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 33 deletions
src/backend/libpq/be-secure.c
View file @ 7005e4c0
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.7 2002/06/17 07:33:25 momjian Exp $ * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.8 2002/06/17 15:19:28 momjian Exp $
* *
* Since the server static private key ($DataDir/server.key) * Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database * will normally be stored unencrypted so that the database
...@@ -396,7 +396,7 @@ load_dh_file (int keylength) ...@@ -396,7 +396,7 @@ load_dh_file (int keylength)
/* is the prime the correct size? */ /* is the prime the correct size? */
if (dh != NULL && 8*DH_size(dh) < keylength) if (dh != NULL && 8*DH_size(dh) < keylength)
{ {
elog(DEBUG1, "DH errors (%s): %d bits expected, %d bits found", elog(LOG, "DH errors (%s): %d bits expected, %d bits found",
fnbuf, keylength, 8*DH_size(dh)); fnbuf, keylength, 8*DH_size(dh));
dh = NULL; dh = NULL;
} }
...@@ -406,18 +406,18 @@ load_dh_file (int keylength) ...@@ -406,18 +406,18 @@ load_dh_file (int keylength)
{ {
if (DH_check(dh, &codes)) if (DH_check(dh, &codes))
{ {
elog(DEBUG1, "DH_check error (%s): %s", fnbuf, SSLerrmessage()); elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage());
return NULL; return NULL;
} }
if (codes & DH_CHECK_P_NOT_PRIME) if (codes & DH_CHECK_P_NOT_PRIME)
{ {
elog(DEBUG1, "DH error (%s): p is not prime", fnbuf); elog(LOG, "DH error (%s): p is not prime", fnbuf);
return NULL; return NULL;
} }
if ((codes & DH_NOT_SUITABLE_GENERATOR) && if ((codes & DH_NOT_SUITABLE_GENERATOR) &&
(codes & DH_CHECK_P_NOT_SAFE_PRIME)) (codes & DH_CHECK_P_NOT_SAFE_PRIME))
{ {
elog(DEBUG1, elog(LOG,
"DH error (%s): neither suitable generator or safe prime", "DH error (%s): neither suitable generator or safe prime",
fnbuf); fnbuf);
return NULL; return NULL;
...@@ -547,36 +547,32 @@ verify_cb (int ok, X509_STORE_CTX *ctx) ...@@ -547,36 +547,32 @@ verify_cb (int ok, X509_STORE_CTX *ctx)
static void static void
info_cb (SSL *ssl, int type, int args) info_cb (SSL *ssl, int type, int args)
{ {
if (DebugLvl < 2)
return;
switch (type) switch (type)
{ {
case SSL_CB_HANDSHAKE_START: case SSL_CB_HANDSHAKE_START:
elog(DEBUG1, "SSL: handshake start"); elog(DEBUG3, "SSL: handshake start");
break; break;
case SSL_CB_HANDSHAKE_DONE: case SSL_CB_HANDSHAKE_DONE:
elog(DEBUG1, "SSL: handshake done"); elog(DEBUG3, "SSL: handshake done");
break; break;
case SSL_CB_ACCEPT_LOOP: case SSL_CB_ACCEPT_LOOP:
if (DebugLvl >= 3) elog(DEBUG3, "SSL: accept loop");
elog(DEBUG1, "SSL: accept loop"); break;
break; case SSL_CB_ACCEPT_EXIT:
case SSL_CB_ACCEPT_EXIT: elog(DEBUG3, "SSL: accept exit (%d)", args);
elog(DEBUG1, "SSL: accept exit (%d)", args); break;
break; case SSL_CB_CONNECT_LOOP:
case SSL_CB_CONNECT_LOOP: elog(DEBUG3, "SSL: connect loop");
elog(DEBUG1, "SSL: connect loop"); break;
break; case SSL_CB_CONNECT_EXIT:
case SSL_CB_CONNECT_EXIT: elog(DEBUG3, "SSL: connect exit (%d)", args);
elog(DEBUG1, "SSL: connect exit (%d)", args); break;
break; case SSL_CB_READ_ALERT:
case SSL_CB_READ_ALERT: elog(DEBUG3, "SSL: read alert (0x%04x)", args);
elog(DEBUG1, "SSL: read alert (0x%04x)", args); break;
break; case SSL_CB_WRITE_ALERT:
case SSL_CB_WRITE_ALERT: elog(DEBUG3, "SSL: write alert (0x%04x)", args);
elog(DEBUG1, "SSL: write alert (0x%04x)", args); break;
break;
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment