@@ -43,15 +43,15 @@ int ssl_verify_certificate_validity(int s, X509_STORE_CTX *store) {
4343 if (r < 0 )
4444 return r ;
4545
46- log_debug ("Verifying SSL ceritificates of server: %s" , pretty );
46+ log_debug ("TLS: Verifying SSL ceritificates of server: %s" , pretty );
4747
4848 if (cert ) {
4949 subject = X509_NAME_oneline (X509_get_subject_name (cert ), 0 , 0 );
5050 issuer = X509_NAME_oneline (X509_get_issuer_name (cert ), 0 , 0 );
5151 }
5252
5353 if (verify_mode == SSL_VERIFY_NONE ) {
54- log_debug ("SSL Certificate validation DISABLED but Error at depth: %d, issuer=%s, subject=%s: server=%s %s" ,
54+ log_debug ("TLS: SSL Certificate validation DISABLED but Error at depth: %d, issuer=%s, subject=%s: server=%s %s" ,
5555 depth , (char * ) subject , (char * ) issuer , pretty , X509_verify_cert_error_string (error ));
5656
5757 return 1 ;
@@ -64,19 +64,19 @@ int ssl_verify_certificate_validity(int s, X509_STORE_CTX *store) {
6464 switch (m -> auth_mode ) {
6565 case OPEN_SSL_CERTIFICATE_AUTH_MODE_DENY : {
6666 log_error_errno (SYNTHETIC_ERRNO (EINVAL ),
67- "Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
67+ "TLS: Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
6868 return 0 ;
6969 }
7070 break ;
7171 case OPEN_SSL_CERTIFICATE_AUTH_MODE_WARN : {
7272 log_warning_errno (SYNTHETIC_ERRNO (EINVAL ),
73- "Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
73+ "TLS: Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
7474
7575 return 1 ;
7676 }
7777 break ;
7878 case OPEN_SSL_CERTIFICATE_AUTH_MODE_ALLOW : {
79- log_debug ("Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
79+ log_debug ("TLS: Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
8080 return 1 ;
8181 }
8282
@@ -89,20 +89,20 @@ int ssl_verify_certificate_validity(int s, X509_STORE_CTX *store) {
8989 switch (m -> auth_mode ) {
9090 case OPEN_SSL_CERTIFICATE_AUTH_MODE_DENY : {
9191 log_error_errno (SYNTHETIC_ERRNO (EINVAL ),
92- "Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
92+ "TLS: Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
9393 return 0 ;
9494 }
9595 break ;
9696 case OPEN_SSL_CERTIFICATE_AUTH_MODE_WARN : {
9797 log_warning_errno (SYNTHETIC_ERRNO (EINVAL ),
98- "Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
98+ "TLS: Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
9999
100100 return 1 ;
101101 }
102102 break ;
103103 case OPEN_SSL_CERTIFICATE_AUTH_MODE_ALLOW : {
104104 log_debug_errno (SYNTHETIC_ERRNO (EINVAL ),
105- "Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
105+ "TLS: Failed to verify certificate server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
106106 return 1 ;
107107 }
108108 break ;
@@ -111,12 +111,12 @@ int ssl_verify_certificate_validity(int s, X509_STORE_CTX *store) {
111111 }}
112112 break ;
113113 default :
114- log_error ("Failed to validate remote certificate server=%s: %s. Aborting connection ..." , pretty , X509_verify_cert_error_string (r ));
114+ log_error ("TLS: Failed to validate remote certificate server=%s: %s. Aborting connection ..." , pretty , X509_verify_cert_error_string (r ));
115115 return 0 ;
116116 }
117117 }
118118
119- log_debug ("SSL ceritificates verified server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
119+ log_debug ("TLS: SSL ceritificates verified server=%s: %s" , pretty , X509_verify_cert_error_string (r ));
120120
121121 return 1 ;
122122}
@@ -133,9 +133,9 @@ static int tls_write(TLSManager *m, const char *buf, size_t count) {
133133 ERR_clear_error ();
134134 r = SSL_write (m -> ssl , buf , count );
135135 if (r <= 0 )
136- return log_error_errno (r , "Failed to invoke SSL_write: %s" , TLS_ERROR_STRING (SSL_get_error (m -> ssl , r )));
136+ return log_error_errno (r , "TLS: Failed to invoke SSL_write: %s" , TLS_ERROR_STRING (SSL_get_error (m -> ssl , r )));
137137
138- return log_debug ("Successful TLS SSL_write: %d bytes" , r );
138+ return log_debug ("TLS: Successful TLS SSL_write: %d bytes" , r );
139139}
140140
141141int tls_stream_writev (TLSManager * m , const struct iovec * iov , size_t iovcnt ) {
@@ -194,32 +194,32 @@ int tls_connect(TLSManager *m, SocketAddress *address) {
194194
195195 fd = socket (AF_INET , SOCK_STREAM , IPPROTO_TCP );
196196 if (fd < 0 )
197- return log_error_errno (errno , "Failed to allocate socket: %m" );;
197+ return log_error_errno (errno , "TLS: Failed to allocate socket: %m" );;
198198
199199 r = sockaddr_pretty (& address -> sockaddr .sa , salen , true, true, & pretty );
200200 if (r < 0 )
201201 return r ;
202202
203203 r = connect (fd , & address -> sockaddr .sa , salen );
204204 if (r < 0 && errno != EINPROGRESS )
205- return log_error_errno (errno , "Failed to connect to remote server='%s': %m" , pretty );;
205+ return log_error_errno (errno , "TLS: Failed to connect to remote server='%s': %m" , pretty );;
206206
207- log_debug ("Connected to remote server: '%s'" , pretty );
207+ log_debug ("TLS: Connected to remote server: '%s'" , pretty );
208208
209209 ctx = SSL_CTX_new (SSLv23_client_method ());
210210 if (!ctx )
211211 return log_error_errno (SYNTHETIC_ERRNO (ENOMEM ),
212- "Failed to allocate memory for SSL CTX: %m" );
212+ "TLS: Failed to allocate memory for SSL CTX: %m" );
213213
214214 ssl = SSL_new (ctx );
215215 if (!ssl )
216216 return log_error_errno (SYNTHETIC_ERRNO (ENOMEM ),
217- "Failed to allocate memory for ssl: %s" ,
217+ "TLS: Failed to allocate memory for ssl: %s" ,
218218 ERR_error_string (ERR_get_error (), NULL ));
219219 r = SSL_set_fd (ssl , fd );
220220 if (r <= 0 )
221221 return log_error_errno (SYNTHETIC_ERRNO (EIO ),
222- "Failed to SSL_set_fd: %s" ,
222+ "TLS: Failed to SSL_set_fd: %s" ,
223223 ERR_error_string (ERR_get_error (), NULL ));
224224 /* Cerification verification */
225225 if (m -> auth_mode != OPEN_SSL_CERTIFICATE_AUTH_MODE_NONE && m -> auth_mode != OPEN_SSL_CERTIFICATE_AUTH_MODE_INVALID ) {
@@ -240,12 +240,12 @@ int tls_connect(TLSManager *m, SocketAddress *address) {
240240 r = SSL_connect (ssl );
241241 if (r <= 0 )
242242 return log_error_errno (SYNTHETIC_ERRNO (ENOMEM ),
243- "Failed to SSL_connect: %s" ,
243+ "TLS: Failed to SSL_connect: %s" ,
244244 ERR_error_string (ERR_get_error (), NULL ));
245245
246246 cipher = SSL_get_current_cipher (ssl );
247247
248- log_debug ("SSL: Cipher Version: %s Name: %s" , SSL_CIPHER_get_version (cipher ), SSL_CIPHER_get_name (cipher ));
248+ log_debug ("TLS: SSL Cipher Version: %s Name: %s" , SSL_CIPHER_get_version (cipher ), SSL_CIPHER_get_name (cipher ));
249249 if (DEBUG_LOGGING ) {
250250 _cleanup_ (X509_freep ) X509 * cert = NULL ;
251251
@@ -254,12 +254,12 @@ int tls_connect(TLSManager *m, SocketAddress *address) {
254254 _cleanup_ (OPENSSL_freep ) void * subject = NULL , * issuer = NULL ;
255255
256256 subject = X509_NAME_oneline (X509_get_subject_name (cert ), 0 , 0 );
257- log_debug ("SSL: Subject: %s" , (char * ) subject );
257+ log_debug ("TLS: SSL Subject: %s" , (char * ) subject );
258258
259259 issuer = X509_NAME_oneline (X509_get_issuer_name (cert ), 0 , 0 );
260- log_debug ("SSL: Issuer: %s" , (char * ) issuer );
260+ log_debug ("TLS: SSL Issuer: %s" , (char * ) issuer );
261261 } else
262- log_debug ("SSL: No certificates." );
262+ log_debug ("TLS: SSL No certificates." );
263263
264264 }
265265
0 commit comments