From: Fabian Keil <fk@fabiankeil.de>
Date: Wed, 26 Aug 2020 19:31:05 +0000 (+0200)
Subject: ssl_send_certificate_error(): Emit CLF and CRUNCH messages
X-Git-Tag: v_3_0_29~183
X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=commitdiff_plain;h=d9280438a5d9aa1e56592b30ffd80bc0b5831469

ssl_send_certificate_error(): Emit CLF and CRUNCH messages

Sponsored by: Robert Klemme
---

diff --git a/ssl_common.c b/ssl_common.c
index b81ead63..ea16bece 100644
--- a/ssl_common.c
+++ b/ssl_common.c
@@ -323,6 +323,7 @@ extern void ssl_send_certificate_error(struct client_state *csp)
    size_t message_len = 0;
    int ret = 0;
    struct certs_chain *cert = NULL;
+   const size_t head_length = 63;
 
    /* Header of message with certificate information */
    const char message_begin[] =
@@ -409,6 +410,12 @@ extern void ssl_send_certificate_error(struct client_state *csp)
    ssl_send_data(ssl_attr, (const unsigned char *)message, strlen(message));
 
    free_certificate_chain(csp);
+
+   log_error(LOG_LEVEL_CRUNCH, "Certificate error: %s: https://%s%s",
+      reason, csp->http->hostport, csp->http->path);
+   log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s https://%s%s %s\" 200 %u",
+      csp->ip_addr_str, csp->http->gpc, csp->http->hostport, csp->http->path,
+      csp->http->version, message_len-head_length);
 }