[or-cvs] start the process of reducing clutter in server logs

Mon Oct 17 00:35:53 UTC 2005

Update of /home2/or/cvsroot/tor/src/common
In directory moria:/home/arma/work/onion/cvs/tor/src/common

Modified Files:
	tortls.c tortls.h 
Log Message:
start the process of reducing clutter in server logs


Index: tortls.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/common/tortls.c,v
retrieving revision 1.105
retrieving revision 1.106
diff -u -d -r1.105 -r1.106

--- tortls.c	6 Oct 2005 04:33:40 -0000	1.105
+++ tortls.c	17 Oct 2005 00:35:51 -0000	1.106
@@ -724,10 +724,10 @@
 /** If the provided tls connection is authenticated and has a
  * certificate that is currently valid and signed, then set
  * *<b>identity_key</b> to the identity certificate's key and return
- * 0.  Else, return -1.
+ * 0.  Else, return -1 and log complaints with log-level <b>severity</b>.
  */
 int
-tor_tls_verify(tor_tls_t *tls, crypto_pk_env_t **identity_key)
+tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity_key)
 {
   X509 *cert = NULL, *id_cert = NULL;
   STACK_OF(X509) *chain = NULL;
@@ -748,7 +748,7 @@
    * cert and the id_cert.
    */
   if (num_in_chain < 1) {
-    log_fn(LOG_WARN,"Unexpected number of certificates in chain (%d)",
+    log_fn(severity,"Unexpected number of certificates in chain (%d)",
            num_in_chain);
     goto done;
   }
@@ -758,14 +758,14 @@
       break;
   }
   if (!id_cert) {
-    log_fn(LOG_WARN,"No distinct identity certificate found");
+    log_fn(severity,"No distinct identity certificate found");
     goto done;
   }
 
   if (!(id_pkey = X509_get_pubkey(id_cert)) ||
       X509_verify(cert, id_pkey) <= 0) {
-    log_fn(LOG_WARN,"X509_verify on cert and pkey returned <= 0");
-    tls_log_errors(LOG_WARN,"verifying certificate");
+    log_fn(severity,"X509_verify on cert and pkey returned <= 0");
+    tls_log_errors(severity,"verifying certificate");
     goto done;
   }
 

Index: tortls.h
===================================================================
RCS file: /home2/or/cvsroot/tor/src/common/tortls.h,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -d -r1.30 -r1.31
--- tortls.h	6 Oct 2005 04:33:40 -0000	1.30
+++ tortls.h	17 Oct 2005 00:35:51 -0000	1.31
@@ -33,7 +33,7 @@
 void tor_tls_free(tor_tls_t *tls);
 int tor_tls_peer_has_cert(tor_tls_t *tls);
 int tor_tls_get_peer_cert_nickname(tor_tls_t *tls, char *buf, size_t buflen);
-int tor_tls_verify(tor_tls_t *tls, crypto_pk_env_t **identity);
+int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity);
 int tor_tls_check_lifetime(tor_tls_t *tls, int tolerance);
 int tor_tls_read(tor_tls_t *tls, char *cp, size_t len);
 int tor_tls_write(tor_tls_t *tls, char *cp, size_t n);

