From 328a8937133a8075901a90cfb34387d18deefa73 Mon Sep 17 00:00:00 2001 From: Remi Tricot-Le Breton Date: Wed, 20 Mar 2024 14:13:37 +0100 Subject: [PATCH] MINOR: ssl: Change level of ocsp-update logs The pure ocsp-update log used to be in log level "info" and it would be mixed with actual traffic logs. This patch changes it to level "notice". --- doc/configuration.txt | 6 +++--- src/ssl_ocsp.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index 08782370e..980de0b92 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -16095,12 +16095,12 @@ ocsp-update [ off | on ] (crt-list only) Here are two examples of such log lines, with a successful OCSP update log line first and then an example of an HTTP error with the two different lines (lines were spit and the URL was shortened for readability): - <134>Mar 6 11:16:53 haproxy[14872]: /path_to_cert/foo.pem 1 \ + <133>Mar 6 11:16:53 haproxy[14872]: /path_to_cert/foo.pem 1 \ "Update successful" 0 1 - <134>Mar 6 11:18:55 haproxy[14872]: /path_to_cert/bar.pem 2 \ + <133>Mar 6 11:18:55 haproxy[14872]: /path_to_cert/bar.pem 2 \ "HTTP error" 1 0 - <134>Mar 6 11:18:55 haproxy[14872]: -:- [06/Mar/2023:11:18:52.200] \ + <133>Mar 6 11:18:55 haproxy[14872]: -:- [06/Mar/2023:11:18:52.200] \ -/- 2/0/-1/-1/3009 503 217 - - SC-- 0/0/0/0/3 0/0 {} \ "GET http://127.0.0.1:12345/MEMwQT HTTP/1.1" diff --git a/src/ssl_ocsp.c b/src/ssl_ocsp.c index 6d68aa3d4..e2e114347 100644 --- a/src/ssl_ocsp.c +++ b/src/ssl_ocsp.c @@ -1130,7 +1130,7 @@ static void ssl_ocsp_send_log() status_str = istptr(ocsp_update_errors[ssl_ocsp_task_ctx.update_status]); } - send_log(httpclient_ocsp_update_px, LOG_INFO, "%s %s %u \"%.*s\" %u %u", + send_log(httpclient_ocsp_update_px, LOG_NOTICE, "%s %s %u \"%.*s\" %u %u", httpclient_ocsp_update_px->id, ocsp->path, ssl_ocsp_task_ctx.update_status,