X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=ssl_common.c;h=add68a2861d4509778ad72fe4bec42455df5f567;hp=7a62d413ce3d5fa00d1b9677771c67bc875f3c86;hb=6235cc02e3f789fd39b1d72fadeb776ec3920572;hpb=0cbd0e80bb1b4a44a11995ba3a5fd0e4757c1694
diff --git a/ssl_common.c b/ssl_common.c
index 7a62d413..add68a28 100644
--- a/ssl_common.c
+++ b/ssl_common.c
@@ -1,6 +1,6 @@
/*********************************************************************
*
- * File : $Source: /cvsroot/ijbswa/current/ssl.c,v $
+ * File : $Source: /cvsroot/ijbswa/current/ssl_common.c,v $
*
* Purpose : File with TLS/SSL extension. Contains methods for
* creating, using and closing TLS/SSL connections that do
@@ -323,6 +323,7 @@ extern void ssl_send_certificate_error(struct client_state *csp)
size_t message_len = 0;
int ret = 0;
struct certs_chain *cert = NULL;
+ const size_t head_length = 63;
/* Header of message with certificate information */
const char message_begin[] =
@@ -333,7 +334,7 @@ extern void ssl_send_certificate_error(struct client_state *csp)
"Server certificate verification failed\n"
"Server certificate verification failed
\n"
"Privoxy was unable "
- "to securely connnect to the destination server.
"
+ "to securely connect to the destination server."
"Reason: ";
const char message_end[] = "\r\n\r\n";
char reason[INVALID_CERT_INFO_BUF_SIZE];
@@ -409,6 +410,17 @@ extern void ssl_send_certificate_error(struct client_state *csp)
ssl_send_data(ssl_attr, (const unsigned char *)message, strlen(message));
free_certificate_chain(csp);
+
+ log_error(LOG_LEVEL_CRUNCH, "Certificate error: %s: https://%s%s",
+ reason, csp->http->hostport, csp->http->path);
+ log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s https://%s%s %s\" 200 %u",
+ csp->ip_addr_str, csp->http->gpc, csp->http->hostport, csp->http->path,
+ csp->http->version, message_len-head_length);
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+ csp->flags &= ~CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE;
+ csp->flags |= CSP_FLAG_SERVER_SOCKET_TAINTED;
+#endif
}