dovecot-2.2: ssl: Log SSL "close notify" alerts as debug message...
dovecot at dovecot.org
dovecot at dovecot.org
Thu Aug 1 15:35:40 EEST 2013
details: http://hg.dovecot.org/dovecot-2.2/rev/2714f51e2355
changeset: 16633:2714f51e2355
user: Timo Sirainen <tss at iki.fi>
date: Thu Aug 01 15:35:35 2013 +0300
description:
ssl: Log SSL "close notify" alerts as debug messages, not warnings.
They are clean shutdown messages after all.
diffstat:
src/lib-ssl-iostream/iostream-openssl.c | 17 +++++++++++++----
src/login-common/ssl-proxy-openssl.c | 17 +++++++++++++----
2 files changed, 26 insertions(+), 8 deletions(-)
diffs (54 lines):
diff -r 1705bf7bf484 -r 2714f51e2355 src/lib-ssl-iostream/iostream-openssl.c
--- a/src/lib-ssl-iostream/iostream-openssl.c Thu Aug 01 15:00:59 2013 +0300
+++ b/src/lib-ssl-iostream/iostream-openssl.c Thu Aug 01 15:35:35 2013 +0300
@@ -22,10 +22,19 @@
ssl_io = SSL_get_ex_data(ssl, dovecot_ssl_extdata_index);
if ((where & SSL_CB_ALERT) != 0) {
- i_warning("%sSSL alert: where=0x%x, ret=%d: %s %s",
- ssl_io->log_prefix, where, ret,
- SSL_alert_type_string_long(ret),
- SSL_alert_desc_string_long(ret));
+ switch (ret & 0xff) {
+ case SSL_AD_CLOSE_NOTIFY:
+ i_debug("%sSSL alert: %s",
+ ssl_io->log_prefix,
+ SSL_alert_desc_string_long(ret));
+ break;
+ default:
+ i_warning("%sSSL alert: where=0x%x, ret=%d: %s %s",
+ ssl_io->log_prefix, where, ret,
+ SSL_alert_type_string_long(ret),
+ SSL_alert_desc_string_long(ret));
+ break;
+ }
} else if (ret == 0) {
i_warning("%sSSL failed: where=0x%x: %s",
ssl_io->log_prefix, where, SSL_state_string_long(ssl));
diff -r 1705bf7bf484 -r 2714f51e2355 src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Thu Aug 01 15:00:59 2013 +0300
+++ b/src/login-common/ssl-proxy-openssl.c Thu Aug 01 15:35:35 2013 +0300
@@ -850,10 +850,19 @@
return;
if ((where & SSL_CB_ALERT) != 0) {
- i_warning("SSL alert: where=0x%x, ret=%d: %s %s [%s]",
- where, ret, SSL_alert_type_string_long(ret),
- SSL_alert_desc_string_long(ret),
- net_ip2addr(&proxy->ip));
+ switch (ret & 0xff) {
+ case SSL_AD_CLOSE_NOTIFY:
+ i_debug("SSL alert: %s [%s]",
+ SSL_alert_desc_string_long(ret),
+ net_ip2addr(&proxy->ip));
+ break;
+ default:
+ i_warning("SSL alert: where=0x%x, ret=%d: %s %s [%s]",
+ where, ret, SSL_alert_type_string_long(ret),
+ SSL_alert_desc_string_long(ret),
+ net_ip2addr(&proxy->ip));
+ break;
+ }
} else if (ret == 0) {
i_warning("SSL failed: where=0x%x: %s [%s]",
where, SSL_state_string_long(ssl),
More information about the dovecot-cvs
mailing list