You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rj...@apache.org on 2013/02/15 16:42:12 UTC
svn commit: r1446637 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
modules/ssl/ssl_engine_kernel.c
Author: rjung
Date: Fri Feb 15 15:42:12 2013
New Revision: 1446637
URL: http://svn.apache.org/r1446637
Log:
mod_ssl: log revoked certificates at level INFO
instead of DEBUG.
PR 52162
Partial backport of r1165056 from trunk/2.4.x.
Submitted by: sf
Backported by: rjung
Reviewed by: wrowe, rpluem
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1446637&r1=1446636&r2=1446637&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Fri Feb 15 15:42:12 2013
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.2.24
+ *) mod_ssl: log revoked certificates at level INFO
+ instead of DEBUG. PR 52162. [Stefan Fritsch]
+
*) mod_proxy_ajp: Support unknown HTTP methods. PR 54416.
[Rainer Jung]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1446637&r1=1446636&r2=1446637&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Fri Feb 15 15:42:12 2013
@@ -94,11 +94,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_ssl: PR 52162: log revoked certificates at level INFO instead of DEBUG
- trunk/2.4.x: Changed as part of http://svn.apache.org/viewvc?rev=1165056&view=rev
- 2.2.x patch: https://issues.apache.org/bugzilla/attachment.cgi?id=27913
- +1: sf, wrowe, rpluem
-
* mod_ssl: When receiving http on https, send the error response with http 1.0
It is important that we send a proper error status, or search engines
may index the error message.
Modified: httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c?rev=1446637&r1=1446636&r2=1446637&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c Fri Feb 15 15:42:12 2013
@@ -1588,7 +1588,7 @@ int ssl_callback_SSLVerify_CRL(int ok, X
ASN1_INTEGER *sn = X509_REVOKED_get_serialNumber(revoked);
if (!ASN1_INTEGER_cmp(sn, X509_get_serialNumber(cert))) {
- if (s->loglevel >= APLOG_DEBUG) {
+ if (s->loglevel >= APLOG_INFO) {
char *cp = X509_NAME_oneline(issuer, NULL, 0);
long serial = ASN1_INTEGER_get(sn);