You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Greg Stein <gs...@lyra.org> on 2002/05/16 11:17:16 UTC

Re: cvs commit: httpd-2.0/modules/ssl mod_ssl.c ssl_engine_init.c ssl_engine_io.c ssl_engine_kernel.c ssl_engine_mutex.c ssl_engine_pphrase.c ssl_engine_rand.c ssl_scache.c ssl_scache_dbm.c ssl_scache_shmcb.c ssl_scache_shmht.c

On Thu, May 16, 2002 at 05:17:11AM -0000, jerenkrantz@apache.org wrote:
>...
>   SSL_LOG_TRACE and SSL_LOG_DEBUG were mapped to the APLOG_DEBUG values.
>   mod_ssl prints out a LOT of debugging information, so mod_ssl with LogLevel
>   Debug may not be a good idea - perhaps mod_ssl should be less chatty.

If you're trying to debug the thing, then you really *do* want it to be
chatty. Most users won't be bothered by that because they don't run in debug
mode.

-0 on any reduction in debug chattiness.

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/

Re: cvs commit: httpd-2.0/modules/ssl mod_ssl.c ssl_engine_init.c ssl_engine_io.c ssl_engine_kernel.c ssl_engine_mutex.c ssl_engine_pphrase.c ssl_engine_rand.c ssl_scache.c ssl_scache_dbm.c ssl_scache_shmcb.c ssl_scache_shmht.c

Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.

At 04:17 AM 5/16/2002, Greg Stein wrote:
>On Thu, May 16, 2002 at 05:17:11AM -0000, jerenkrantz@apache.org wrote:
> >...
> >   SSL_LOG_TRACE and SSL_LOG_DEBUG were mapped to the APLOG_DEBUG values.
> >   mod_ssl prints out a LOT of debugging information, so mod_ssl with 
> LogLevel
> >   Debug may not be a good idea - perhaps mod_ssl should be less chatty.
>
>If you're trying to debug the thing, then you really *do* want it to be
>chatty. Most users won't be bothered by that because they don't run in debug
>mode.

Well debug is debug, end of story... there is terrific info at the ssl 
debug level, and if
they ask for debug info, they should get any and all of it.

HOWEVER, trace output is absolutely not debug level info.  I have two 
suggestions,
but one of the two is really required...

Add an DEBUG_SSL_TRACE flag [default undefined] that would log TRACE info at
loglevel debug.

Add a global directive SSLTrace [on|off] (default of off) to do the same, 
log debug info
at the trace level.

Tracing detail is FAR to detailed and wordy to ever include at this resolution.

BTW - if you hadn't noticed from stressing your patch; there was a reason 
for ssl_log.
Notice now that your log will output

[child 1] Something bad happened, ssl error follows;
[child 2] Something bad happened, ssl error follows;
[child 3] Something totally irrelevant happened.
[child 2] Another cryptic SSL error;
[child 1] Some cryptic SSL error;

This is not a good thing, as [child #] isn't in the error log stream.