/*
* Prints the SSL library error information.
*/
void ssl_log_ssl_error(const char *file, int line, int level, server_rec *s)
{
unsigned long e;
const char *data;
int flags;
while ((e = ERR_peek_error_line_data(NULL, NULL, &data, &flags))) {
const char *annotation;
char err[256];
if (!(flags & ERR_TXT_STRING)) {
data = NULL;
}
ERR_error_string_n(e, err, sizeof err);
annotation = ssl_log_annotation(err);
ap_log_error(file, line, APLOG_MODULE_INDEX, level, 0, s,
"SSL Library Error: %s%s%s%s%s%s",
/* %s */
err,
/* %s%s%s */
data ? " (" : "", data ? data : "", data ? ")" : "",
/* %s%s */
annotation ? " -- " : "",
annotation ? annotation : "");
/* Pop the error off the stack: */
ERR_get_error();
}
}
void ssl_log(server_rec *s, int level, const char *msg, ...)
{
char tstr[80];
char lstr[20];
char vstr[1024];
char str[1024];
char nstr[2];
int timz;
struct tm *t;
va_list ap;
int add;
int i;
char *astr;
int safe_errno;
unsigned long e;
SSLSrvConfigRec *sc;
char *cpE;
char *cpA;
/* initialization */
va_start(ap, msg);
safe_errno = errno;
sc = mySrvConfig(s);
/* strip out additional flags */
add = (level & ~SSL_LOG_MASK);
level = (level & SSL_LOG_MASK);
/* reduce flags when not reasonable in context */
if (add & SSL_ADD_ERRNO && errno == 0)
add &= ~SSL_ADD_ERRNO;
if (add & SSL_ADD_SSLERR && ERR_peek_error() == 0)
add &= ~SSL_ADD_SSLERR;
/* we log only levels below, except for errors */
if ( sc->fileLogFile == NULL
&& !(level & SSL_LOG_ERROR))
return;
if ( level > sc->nLogLevel
&& !(level & SSL_LOG_ERROR))
return;
/* determine the time entry string */
if (add & SSL_NO_TIMESTAMP)
tstr[0] = NUL;
else {
t = ap_get_gmtoff(&timz);
strftime(tstr, 80, "[%d/%b/%Y %H:%M:%S", t);
i = strlen(tstr);
ap_snprintf(tstr+i, 80-i, " %05d] ", (unsigned int)getpid());
}
/* determine whether newline should be written */
if (add & SSL_NO_NEWLINE)
nstr[0] = NUL;
else {
nstr[0] = '\n';
nstr[1] = NUL;
}
/* determine level name */
lstr[0] = NUL;
if (!(add & SSL_NO_LEVELID)) {
for (i = 0; ssl_log_level2string[i].nLevel != 0; i++) {
if (ssl_log_level2string[i].nLevel == level) {
ap_snprintf(lstr, sizeof(lstr), "[%s]", ssl_log_level2string[i].szLevel);
break;
}
}
for (i = strlen(lstr); i <= 7; i++)
lstr[i] = ' ';
lstr[i] = NUL;
}
/* create custom message */
ap_vsnprintf(vstr, sizeof(vstr), msg, ap);
/* write out SSLog message */
if ((add & SSL_ADD_ERRNO) && (add & SSL_ADD_SSLERR))
astr = " (System and " SSL_LIBRARY_NAME " library errors follow)";
else if (add & SSL_ADD_ERRNO)
astr = " (System error follows)";
else if (add & SSL_ADD_SSLERR)
astr = " (" SSL_LIBRARY_NAME " library error follows)";
else
astr = "";
if (level <= sc->nLogLevel && sc->fileLogFile != NULL) {
ap_snprintf(str, sizeof(str), "%s%s%s%s%s", tstr, lstr, vstr, astr, nstr);
fprintf(sc->fileLogFile, "%s", str);
}
if (level & SSL_LOG_ERROR)
ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, s,
"mod_ssl: %s%s", vstr, astr);
/* write out additional attachment messages */
if (add & SSL_ADD_ERRNO) {
if (level <= sc->nLogLevel && sc->fileLogFile != NULL) {
ap_snprintf(str, sizeof(str), "%s%sSystem: %s (errno: %d)%s",
tstr, lstr, strerror(safe_errno), safe_errno, nstr);
fprintf(sc->fileLogFile, "%s", str);
}
if (level & SSL_LOG_ERROR)
ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, s,
"System: %s (errno: %d)",
strerror(safe_errno), safe_errno);
}
if (add & SSL_ADD_SSLERR) {
while ((e = ERR_get_error())) {
cpE = ERR_error_string(e, NULL);
cpA = ssl_log_annotation(cpE);
if (level <= sc->nLogLevel && sc->fileLogFile != NULL) {
ap_snprintf(str, sizeof(str), "%s%s%s: %s%s%s%s%s",
tstr, lstr, SSL_LIBRARY_NAME, cpE,
cpA != NULL ? " [Hint: " : "",
cpA != NULL ? cpA : "", cpA != NULL ? "]" : "",
nstr);
fprintf(sc->fileLogFile, "%s", str);
}
if (level & SSL_LOG_ERROR)
ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, s,
"%s: %s%s%s%s", SSL_LIBRARY_NAME, cpE,
cpA != NULL ? " [Hint: " : "",
cpA != NULL ? cpA : "", cpA != NULL ? "]" : "");
}
}
/* make sure the next log starts from a clean base */
/* ERR_clear_error(); */
/* cleanup and return */
if (sc->fileLogFile != NULL)
fflush(sc->fileLogFile);
errno = safe_errno;
va_end(ap);
return;
}
