subject:"svn commit\: r951896 \- in \/httpd\/httpd\/trunk\/modules\/ssl\: ssl_engine_io.c ssl_engine

Re: svn commit: r951896 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_io.c ssl_engine_kernel.c

2010-06-14 Thread Stefan Fritsch

On Wednesday 09 June 2010, Ruediger Pluem wrote:
> On 06/09/2010 09:55 PM, Stefan Fritsch wrote:
> > On Wed, 9 Jun 2010, Ruediger Pluem wrote:
> >> On 06/06/2010 07:01 PM, s...@apache.org wrote:
> >>> Author: sf
> >>> Date: Sun Jun  6 17:01:29 2010
> >>> New Revision: 951896
> >>> 
> >>> URL: http://svn.apache.org/viewvc?rev=951896&view=rev
> >>> Log:
> >>> Use new loglevel accessor macros to simplify code
> >>> 
> >>> Modified:
> >>> httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
> >>> httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
> >>> 
> >>> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
> >>> URL:
> >>> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_
> >>> engine_io.c?rev=951896&r1=951895&r2=951896&view=diff
> >>> 
> >>> ===
> >>> ===
> >>> 
> >>> --- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c (original)
> >>> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c Sun Jun  6
> >>> 17:01:29 2010
> >>> @@ -1015,7 +1015,7 @@ static void ssl_filter_io_shutdown(ssl_f
> >>> 
> >>>  SSL_smart_shutdown(ssl);
> >>>  
> >>>  /* and finally log the fact that we've closed the
> >>>  connection */
> >>> 
> >>> -if (mySrvFromConn(c)->loglevel >= APLOG_INFO) {
> >>> +if (APLOGcinfo(c)) {
> >> 
> >> IMHO you need to use APLOGinfo(mySrvFromConn(c)) as otherwise
> >> you might choose the base_server
> >> which might not be what mySrvFromConn(c) returns.
> > 
> > I think it is even more complicated than that and it affects many
> > places in mod_ssl. If c has a loglevel configuration, we should
> > probably use that. If not, we should use mySrvFromConn(c). But
> > in both cases, the log message should be tied to the connection,
> > to ensure that things like the client IP are logged. Maybe we
> > need a ap_log_scerror that accepts both a server_rec and
> > conn_rec.
> 
> Makes sense.

Done in r954611.

> 
> > AIUI, c->base_server is the default virtual host for the relevant
> > IP/port. Without SNI, mySrvFromConn(c) is the same but with SNI,
> > mySrvFromConn(c) may be a different name-based virtual host with
> > the same IP/port. So, mySrvFromConn(c) is basically r->server?
> > Is that correct?
> 
> Yes, but a this point of time we may not have a request (yet), so
> mySrvFromConn(c) is the same as what r->server will be later
> during request processing.
> 
> Regards
> 
> Rüdiger

Re: svn commit: r951896 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_io.c ssl_engine_kernel.c

2010-06-09 Thread Ruediger Pluem



On 06/09/2010 09:55 PM, Stefan Fritsch wrote:
> On Wed, 9 Jun 2010, Ruediger Pluem wrote:
>> On 06/06/2010 07:01 PM, s...@apache.org wrote:
>>> Author: sf
>>> Date: Sun Jun  6 17:01:29 2010
>>> New Revision: 951896
>>>
>>> URL: http://svn.apache.org/viewvc?rev=951896&view=rev
>>> Log:
>>> Use new loglevel accessor macros to simplify code
>>>
>>> Modified:
>>> httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
>>> httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
>>>
>>> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
>>> URL:
>>> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_io.c?rev=951896&r1=951895&r2=951896&view=diff
>>>
>>> ==
>>>
>>> --- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c (original)
>>> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c Sun Jun  6 17:01:29
>>> 2010
>>> @@ -1015,7 +1015,7 @@ static void ssl_filter_io_shutdown(ssl_f
>>>  SSL_smart_shutdown(ssl);
>>>
>>>  /* and finally log the fact that we've closed the connection */
>>> -if (mySrvFromConn(c)->loglevel >= APLOG_INFO) {
>>> +if (APLOGcinfo(c)) {
>>
>> IMHO you need to use APLOGinfo(mySrvFromConn(c)) as otherwise you
>> might choose the base_server
>> which might not be what mySrvFromConn(c) returns.
> 
> I think it is even more complicated than that and it affects many places
> in mod_ssl. If c has a loglevel configuration, we should probably use
> that. If not, we should use mySrvFromConn(c). But in both cases, the log
> message should be tied to the connection, to ensure that things like the
> client IP are logged. Maybe we need a ap_log_scerror that accepts both a
> server_rec and conn_rec.

Makes sense.

> 
> AIUI, c->base_server is the default virtual host for the relevant
> IP/port. Without SNI, mySrvFromConn(c) is the same but with SNI,
> mySrvFromConn(c) may be a different name-based virtual host with the
> same IP/port. So, mySrvFromConn(c) is basically r->server? Is that correct?

Yes, but a this point of time we may not have a request (yet), so 
mySrvFromConn(c)
is the same as what r->server will be later during request processing.

Regards

Rüdiger

Re: svn commit: r951896 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_io.c ssl_engine_kernel.c

2010-06-09 Thread Stefan Fritsch


On Wed, 9 Jun 2010, Ruediger Pluem wrote:

On 06/06/2010 07:01 PM, s...@apache.org wrote:

Author: sf
Date: Sun Jun  6 17:01:29 2010
New Revision: 951896

URL: http://svn.apache.org/viewvc?rev=951896&view=rev
Log:
Use new loglevel accessor macros to simplify code

Modified:
httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
URL: 
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_io.c?rev=951896&r1=951895&r2=951896&view=diff
==
--- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c Sun Jun  6 17:01:29 2010
@@ -1015,7 +1015,7 @@ static void ssl_filter_io_shutdown(ssl_f
 SSL_smart_shutdown(ssl);

 /* and finally log the fact that we've closed the connection */
-if (mySrvFromConn(c)->loglevel >= APLOG_INFO) {
+if (APLOGcinfo(c)) {


IMHO you need to use APLOGinfo(mySrvFromConn(c)) as otherwise you might choose 
the base_server
which might not be what mySrvFromConn(c) returns.


I think it is even more complicated than that and it affects many places 
in mod_ssl. If c has a loglevel configuration, we should probably use 
that. If not, we should use mySrvFromConn(c). But in both cases, the log 
message should be tied to the connection, to ensure that things like the 
client IP are logged. Maybe we need a ap_log_scerror that accepts both a 
server_rec and conn_rec.


AIUI, c->base_server is the default virtual host for the relevant IP/port. 
Without SNI, mySrvFromConn(c) is the same but with SNI, mySrvFromConn(c) 
may be a different name-based virtual host with the same IP/port. So, 
mySrvFromConn(c) is basically r->server? Is that correct?






 ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c,
   "Connection closed to child %ld with %s shutdown "
   "(server %s)",
@@ -1740,8 +1740,7 @@ void ssl_io_filter_init(conn_rec *c, req
 apr_pool_cleanup_register(c->pool, (void*)filter_ctx,
   ssl_io_filter_cleanup, apr_pool_cleanup_null);

-if ((s->loglevel >= APLOG_DEBUG)
- && (sc->ssl_log_level >= SSL_LOG_IO)) {
+if (APLOGcdebug(c) && (sc->ssl_log_level >= SSL_LOG_IO)) {


Same as above.


 BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb);
 BIO_set_callback_arg(SSL_get_rbio(ssl), (void *)ssl);
 }



Regards

Rüdiger

Re: svn commit: r951896 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_io.c ssl_engine_kernel.c

2010-06-09 Thread Ruediger Pluem



On 06/06/2010 07:01 PM, s...@apache.org wrote:
> Author: sf
> Date: Sun Jun  6 17:01:29 2010
> New Revision: 951896
> 
> URL: http://svn.apache.org/viewvc?rev=951896&view=rev
> Log:
> Use new loglevel accessor macros to simplify code
> 
> Modified:
> httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
> httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
> 
> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
> URL: 
> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_io.c?rev=951896&r1=951895&r2=951896&view=diff
> ==
> --- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c (original)
> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c Sun Jun  6 17:01:29 2010
> @@ -1015,7 +1015,7 @@ static void ssl_filter_io_shutdown(ssl_f
>  SSL_smart_shutdown(ssl);
>  
>  /* and finally log the fact that we've closed the connection */
> -if (mySrvFromConn(c)->loglevel >= APLOG_INFO) {
> +if (APLOGcinfo(c)) {

IMHO you need to use APLOGinfo(mySrvFromConn(c)) as otherwise you might choose 
the base_server
which might not be what mySrvFromConn(c) returns.

>  ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c,
>"Connection closed to child %ld with %s shutdown "
>"(server %s)",
> @@ -1740,8 +1740,7 @@ void ssl_io_filter_init(conn_rec *c, req
>  apr_pool_cleanup_register(c->pool, (void*)filter_ctx,
>ssl_io_filter_cleanup, apr_pool_cleanup_null);
>  
> -if ((s->loglevel >= APLOG_DEBUG)
> - && (sc->ssl_log_level >= SSL_LOG_IO)) {
> +if (APLOGcdebug(c) && (sc->ssl_log_level >= SSL_LOG_IO)) {

Same as above.

>  BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb);
>  BIO_set_callback_arg(SSL_get_rbio(ssl), (void *)ssl);
>  }
> 

Regards

Rüdiger

Re: svn commit: r951896 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_io.c ssl_engine_kernel.c

Re: svn commit: r951896 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_io.c ssl_engine_kernel.c

Re: svn commit: r951896 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_io.c ssl_engine_kernel.c

Re: svn commit: r951896 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_io.c ssl_engine_kernel.c

4 matches

Site Navigation

Mail list logo

Footer information