Unverified Commit 44ed49c7 authored by IKEDA Soji's avatar IKEDA Soji Committed by GitHub
Browse files

Merge pull request #897 from ikedas/log_ssl_cert_info by ikedas

Data sources: remote file/remote list: Log description of certificate of the peer
parents 47a5a183 943e7b53
......@@ -52,7 +52,6 @@ sub _open {
}
my $fh = $self->SUPER::_open(use_cert => 1);
#FIXME: Log subject, issuer and cipher of peer.
return $fh;
}
......
......@@ -97,12 +97,27 @@ sub _open {
$Conf::Conf{'tmpdir'},
$list->get_id, $PID, (int rand 9999);
my $res = $ua->request($req, $self->{_tmpfile});
$log->syslog('debug', 'REQUEST: %s', $req->as_string);
$log->syslog('debug', 'RESPONSE:%s', $res->as_string);
unless ($res->is_success) {
$log->syslog('err', 'Unable to fetch data source %s: %s',
$self, $res->message);
return undef;
}
if ($self->{url} =~ /\Ahttps:/i and $options{use_cert}) {
# Log subject, issuer and cipher of peer.
$log->syslog(
'info',
'%s: Peer %s. Certificate subject "%s" issuer "%s". Cipher used "%s"',
$self,
$res->header('Client-Peer'),
$res->header('Client-SSL-Cert-Subject'),
$res->header('Client-SSL-Cert-Issuer'),
$res->header('Client-SSL-Cipher')
);
}
my $fh;
unless (open $fh, '<', $self->{_tmpfile}) {
$log->syslog('err', 'Cannot open file %s: %m', $self->{_tmpfile});
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment