From aa4b90d250c5e814372751007c2f8cb2e9bae629 Mon Sep 17 00:00:00 2001 From: Koichiro IWAO Date: Wed, 5 Jul 2017 13:39:27 +0900 Subject: [PATCH] Change log level DEBUG -> WARNING since unavailability of ssl protocols defined in config file may weaken security and it is important for users. --- common/ssl_calls.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/common/ssl_calls.c b/common/ssl_calls.c index fcd18f86..0e12e960 100644 --- a/common/ssl_calls.c +++ b/common/ssl_calls.c @@ -877,7 +877,7 @@ ssl_get_protocols_from_string(const char *str, long *ssl_protocols) log_message(LOG_LEVEL_DEBUG, "TLSv1.2 enabled"); protocols &= ~SSL_OP_NO_TLSv1_2; #else - log_message(LOG_LEVEL_DEBUG, + log_message(LOG_LEVEL_WARNING, "TLSv1.2 enabled by config, " "but not supported by system OpenSSL"); rv |= (1 << 1); @@ -889,7 +889,7 @@ ssl_get_protocols_from_string(const char *str, long *ssl_protocols) log_message(LOG_LEVEL_DEBUG, "TLSv1.1 enabled"); protocols &= ~SSL_OP_NO_TLSv1_1; #else - log_message(LOG_LEVEL_DEBUG, + log_message(LOG_LEVEL_WARNING, "TLSv1.1 enabled by config, " "but not supported by system OpenSSL"); rv |= (1 << 2); @@ -901,7 +901,7 @@ ssl_get_protocols_from_string(const char *str, long *ssl_protocols) log_message(LOG_LEVEL_DEBUG, "TLSv1 enabled"); protocols &= ~SSL_OP_NO_TLSv1; #else - log_message(LOG_LEVEL_DEBUG, + log_message(LOG_LEVEL_WARNING, "TLSv1 enabled by config, " "but not supported by system OpenSSL"); rv |= (1 << 3); @@ -913,7 +913,7 @@ ssl_get_protocols_from_string(const char *str, long *ssl_protocols) log_message(LOG_LEVEL_DEBUG, "SSLv3 enabled"); protocols &= ~SSL_OP_NO_SSLv3; #else - log_message(LOG_LEVEL_DEBUG, + log_message(LOG_LEVEL_WARNING, "SSLv3 enabled by config, " "but not supported by system OpenSSL"); rv |= (1 << 4);