From 03dcef4c78b029f7345c69f7f5d59338198bf2e5 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Mon, 17 Oct 2005 00:35:53 +0000 Subject: start the process of reducing clutter in server logs svn:r5253 --- src/common/tortls.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'src/common/tortls.c') diff --git a/src/common/tortls.c b/src/common/tortls.c index f647053eec..522deb09e0 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -724,10 +724,10 @@ log_cert_lifetime(X509 *cert, const char *problem) /** If the provided tls connection is authenticated and has a * certificate that is currently valid and signed, then set * *identity_key to the identity certificate's key and return - * 0. Else, return -1. + * 0. Else, return -1 and log complaints with log-level severity. */ int -tor_tls_verify(tor_tls_t *tls, crypto_pk_env_t **identity_key) +tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity_key) { X509 *cert = NULL, *id_cert = NULL; STACK_OF(X509) *chain = NULL; @@ -748,7 +748,7 @@ tor_tls_verify(tor_tls_t *tls, crypto_pk_env_t **identity_key) * cert and the id_cert. */ if (num_in_chain < 1) { - log_fn(LOG_WARN,"Unexpected number of certificates in chain (%d)", + log_fn(severity,"Unexpected number of certificates in chain (%d)", num_in_chain); goto done; } @@ -758,14 +758,14 @@ tor_tls_verify(tor_tls_t *tls, crypto_pk_env_t **identity_key) break; } if (!id_cert) { - log_fn(LOG_WARN,"No distinct identity certificate found"); + log_fn(severity,"No distinct identity certificate found"); goto done; } if (!(id_pkey = X509_get_pubkey(id_cert)) || X509_verify(cert, id_pkey) <= 0) { - log_fn(LOG_WARN,"X509_verify on cert and pkey returned <= 0"); - tls_log_errors(LOG_WARN,"verifying certificate"); + log_fn(severity,"X509_verify on cert and pkey returned <= 0"); + tls_log_errors(severity,"verifying certificate"); goto done; } -- cgit v1.2.3-54-g00ecf