journal-remote: downgrade routine messages to debug

[elogind.git] / src / journal-remote / microhttpd-util.c

diff --git a/src/journal-remote/microhttpd-util.c b/src/journal-remote/microhttpd-util.c
index d0466867b7768377a6404bc7699071bf082a3c0f..b45c38d682833217065cc23c404b4a8e94de84eb 100644 (file)
--- a/src/journal-remote/microhttpd-util.c
+++ b/src/journal-remote/microhttpd-util.c
@@ -38,10 +38,10 @@
 void microhttpd_logger(void *arg, const char *fmt, va_list ap) {
         char *f;
 
-        f = strappenda("microhttpd: ", fmt);
+        f = strjoina("microhttpd: ", fmt);
 
         DISABLE_WARNING_FORMAT_NONLITERAL;
-        log_metav(LOG_INFO, NULL, 0, NULL, f, ap);
+        log_internalv(LOG_INFO, 0, NULL, 0, NULL, f, ap);
         REENABLE_WARNING;
 }
 
@@ -126,11 +126,10 @@ void log_func_gnutls(int level, const char *message) {
 
         if (0 <= level && level < (int) ELEMENTSOF(gnutls_log_map)) {
                 if (gnutls_log_map[level].enabled)
-                        log_meta(gnutls_log_map[level].level, NULL, 0, NULL,
-                                 "gnutls %d/%s: %s", level, gnutls_log_map[level].names[1], message);
+                        log_internal(gnutls_log_map[level].level, 0, NULL, 0, NULL, "gnutls %d/%s: %s", level, gnutls_log_map[level].names[1], message);
         } else {
                 log_debug("Received GNUTLS message with unknown level %d.", level);
-                log_meta(LOG_DEBUG, NULL, 0, NULL, "gnutls: %s", message);
+                log_internal(LOG_DEBUG, 0, NULL, 0, NULL, "gnutls: %s", message);
         }
 }
 
@@ -171,19 +170,16 @@ static int verify_cert_authorized(gnutls_session_t session) {
         int r;
 
         r = gnutls_certificate_verify_peers2(session, &status);
-        if (r < 0) {
-                log_error("gnutls_certificate_verify_peers2 failed: %s", strerror(-r));
-                return r;
-        }
+        if (r < 0)
+                return log_error_errno(r, "gnutls_certificate_verify_peers2 failed: %m");
 
         type = gnutls_certificate_type_get(session);
         r = gnutls_certificate_verification_status_print(status, type, &out, 0);
-        if (r < 0) {
-                log_error("gnutls_certificate_verification_status_print failed: %s", strerror(-r));
-                return r;
-        }
+        if (r < 0)
+                return log_error_errno(r, "gnutls_certificate_verification_status_print failed: %m");
 
-        log_info("Certificate status: %s", out.data);
+        log_debug("Certificate status: %s", out.data);
+        gnutls_free(out.data);
 
         return status == 0 ? 0 : -EPERM;
 }
@@ -243,10 +239,14 @@ static int get_auth_dn(gnutls_x509_crt_t client_cert, char **buf) {
         return 0;
 }
 
-int check_permissions(struct MHD_Connection *connection, int *code) {
+static inline void gnutls_x509_crt_deinitp(gnutls_x509_crt_t *p) {
+        gnutls_x509_crt_deinit(*p);
+}
+
+int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
         const union MHD_ConnectionInfo *ci;
         gnutls_session_t session;
-        gnutls_x509_crt_t client_cert;
+        _cleanup_(gnutls_x509_crt_deinitp) gnutls_x509_crt_t client_cert = NULL;
         _cleanup_free_ char *buf = NULL;
         int r;
 
@@ -280,7 +280,12 @@ int check_permissions(struct MHD_Connection *connection, int *code) {
                 return -EPERM;
         }
 
-        log_info("Connection from %s", buf);
+        log_debug("Connection from %s", buf);
+
+        if (hostname) {
+                *hostname = buf;
+                buf = NULL;
+        }
 
         r = verify_cert_authorized(session);
         if (r < 0) {
@@ -292,7 +297,7 @@ int check_permissions(struct MHD_Connection *connection, int *code) {
 }
 
 #else
-int check_permissions(struct MHD_Connection *connection, int *code) {
+int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
         return -EPERM;
 }
 #endif