You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rj...@apache.org on 2013/02/15 16:42:12 UTC

svn commit: r1446637 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS modules/ssl/ssl_engine_kernel.c

Author: rjung
Date: Fri Feb 15 15:42:12 2013
New Revision: 1446637

URL: http://svn.apache.org/r1446637
Log:
mod_ssl: log revoked certificates at level INFO
instead of DEBUG.

PR 52162

Partial backport of r1165056 from trunk/2.4.x.

Submitted by: sf
Backported by: rjung
Reviewed by: wrowe, rpluem

Modified:
    httpd/httpd/branches/2.2.x/CHANGES
    httpd/httpd/branches/2.2.x/STATUS
    httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1446637&r1=1446636&r2=1446637&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Fri Feb 15 15:42:12 2013
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.24
 
+  *) mod_ssl: log revoked certificates at level INFO
+     instead of DEBUG. PR 52162. [Stefan Fritsch]
+
   *) mod_proxy_ajp: Support unknown HTTP methods. PR 54416.
      [Rainer Jung]
 

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1446637&r1=1446636&r2=1446637&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Fri Feb 15 15:42:12 2013
@@ -94,11 +94,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * mod_ssl: PR 52162: log revoked certificates at level INFO instead of DEBUG
-     trunk/2.4.x: Changed as part of http://svn.apache.org/viewvc?rev=1165056&view=rev
-     2.2.x patch: https://issues.apache.org/bugzilla/attachment.cgi?id=27913
-     +1: sf, wrowe, rpluem
-
    * mod_ssl: When receiving http on https, send the error response with http 1.0
      It is important that we send a proper error status, or search engines
      may index the error message.

Modified: httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c?rev=1446637&r1=1446636&r2=1446637&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/branches/2.2.x/modules/ssl/ssl_engine_kernel.c Fri Feb 15 15:42:12 2013
@@ -1588,7 +1588,7 @@ int ssl_callback_SSLVerify_CRL(int ok, X
             ASN1_INTEGER *sn = X509_REVOKED_get_serialNumber(revoked);
 
             if (!ASN1_INTEGER_cmp(sn, X509_get_serialNumber(cert))) {
-                if (s->loglevel >= APLOG_DEBUG) {
+                if (s->loglevel >= APLOG_INFO) {
                     char *cp = X509_NAME_oneline(issuer, NULL, 0);
                     long serial = ASN1_INTEGER_get(sn);