X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fjournal-remote%2Fmicrohttpd-util.c;h=8a11fba04441953d7242c87e1e480920a295cf3e;hb=4d6a9d42289f0616c7e37a6d2d7e085d5c71870e;hp=55c45f46939ce3eaea739e76515b9737fe7f15e5;hpb=93c0969cf91c4e4973806181a6098b66a4e8e2f8;p=elogind.git

diff --git a/src/journal-remote/microhttpd-util.c b/src/journal-remote/microhttpd-util.c
index 55c45f469..8a11fba04 100644
--- a/src/journal-remote/microhttpd-util.c
+++ b/src/journal-remote/microhttpd-util.c
@@ -38,10 +38,10 @@
 void microhttpd_logger(void *arg, const char *fmt, va_list ap) {
         char *f;
 
-        f = strappenda("microhttpd: ", fmt);
+        f = strjoina("microhttpd: ", fmt);
 
         DISABLE_WARNING_FORMAT_NONLITERAL;
-        log_metav(LOG_INFO, NULL, 0, NULL, f, ap);
+        log_internalv(LOG_INFO, 0, NULL, 0, NULL, f, ap);
         REENABLE_WARNING;
 }
 
@@ -121,20 +121,30 @@ static struct {
         { {"9", "enc", "int"},    LOG_DEBUG },
 };
 
-void log_func_gnutls(int level, const char *message) {
+static void log_func_gnutls(int level, const char *message) {
         assert_se(message);
 
         if (0 <= level && level < (int) ELEMENTSOF(gnutls_log_map)) {
                 if (gnutls_log_map[level].enabled)
-                        log_meta(gnutls_log_map[level].level, NULL, 0, NULL,
-                                 "gnutls %d/%s: %s", level, gnutls_log_map[level].names[1], message);
+                        log_internal(gnutls_log_map[level].level, 0, NULL, 0, NULL, "gnutls %d/%s: %s", level, gnutls_log_map[level].names[1], message);
         } else {
                 log_debug("Received GNUTLS message with unknown level %d.", level);
-                log_meta(LOG_DEBUG, NULL, 0, NULL, "gnutls: %s", message);
+                log_internal(LOG_DEBUG, 0, NULL, 0, NULL, "gnutls: %s", message);
         }
 }
 
-int log_enable_gnutls_category(const char *cat) {
+static void log_reset_gnutls_level(void) {
+        int i;
+
+        for (i = ELEMENTSOF(gnutls_log_map) - 1; i >= 0; i--)
+                if (gnutls_log_map[i].enabled) {
+                        log_debug("Setting gnutls log level to %d", i);
+                        gnutls_global_set_log_level(i);
+                        break;
+                }
+}
+
+static int log_enable_gnutls_category(const char *cat) {
         unsigned i;
 
         if (streq(cat, "all")) {
@@ -153,15 +163,22 @@ int log_enable_gnutls_category(const char *cat) {
         return -EINVAL;
 }
 
-void log_reset_gnutls_level(void) {
-        int i;
+int setup_gnutls_logger(char **categories) {
+        char **cat;
+        int r;
 
-        for (i = ELEMENTSOF(gnutls_log_map) - 1; i >= 0; i--)
-                if (gnutls_log_map[i].enabled) {
-                        log_debug("Setting gnutls log level to %d", i);
-                        gnutls_global_set_log_level(i);
-                        break;
+        gnutls_global_set_log_function(log_func_gnutls);
+
+        if (categories) {
+                STRV_FOREACH(cat, categories) {
+                        r = log_enable_gnutls_category(*cat);
+                        if (r < 0)
+                                return r;
                 }
+        } else
+                log_reset_gnutls_level();
+
+        return 0;
 }
 
 static int verify_cert_authorized(gnutls_session_t session) {
@@ -171,19 +188,16 @@ static int verify_cert_authorized(gnutls_session_t session) {
         int r;
 
         r = gnutls_certificate_verify_peers2(session, &status);
-        if (r < 0) {
-                log_error("gnutls_certificate_verify_peers2 failed: %s", strerror(-r));
-                return r;
-        }
+        if (r < 0)
+                return log_error_errno(r, "gnutls_certificate_verify_peers2 failed: %m");
 
         type = gnutls_certificate_type_get(session);
         r = gnutls_certificate_verification_status_print(status, type, &out, 0);
-        if (r < 0) {
-                log_error("gnutls_certificate_verification_status_print failed: %s", strerror(-r));
-                return r;
-        }
+        if (r < 0)
+                return log_error_errno(r, "gnutls_certificate_verification_status_print failed: %m");
 
-        log_info("Certificate status: %s", out.data);
+        log_debug("Certificate status: %s", out.data);
+        gnutls_free(out.data);
 
         return status == 0 ? 0 : -EPERM;
 }
@@ -243,10 +257,14 @@ static int get_auth_dn(gnutls_x509_crt_t client_cert, char **buf) {
         return 0;
 }
 
+static inline void gnutls_x509_crt_deinitp(gnutls_x509_crt_t *p) {
+        gnutls_x509_crt_deinit(*p);
+}
+
 int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
         const union MHD_ConnectionInfo *ci;
         gnutls_session_t session;
-        gnutls_x509_crt_t client_cert;
+        _cleanup_(gnutls_x509_crt_deinitp) gnutls_x509_crt_t client_cert = NULL;
         _cleanup_free_ char *buf = NULL;
         int r;
 
@@ -280,7 +298,7 @@ int check_permissions(struct MHD_Connection *connection, int *code, char **hostn
                 return -EPERM;
         }
 
-        log_info("Connection from %s", buf);
+        log_debug("Connection from %s", buf);
 
         if (hostname) {
                 *hostname = buf;
@@ -300,4 +318,10 @@ int check_permissions(struct MHD_Connection *connection, int *code, char **hostn
 int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
         return -EPERM;
 }
+
+int setup_gnutls_logger(char **categories) {
+        if (categories)
+                log_notice("Ignoring specified gnutls logging categories — gnutls not available.");
+        return 0;
+}
 #endif