Added SSL related fields to access.log#122
Added SSL related fields to access.log#122acaciocenteno wants to merge 1 commit intoapache:5.1.xfrom aziontech:access_log_ssl_protocol_fields
Conversation
|
How will SPDY-enabled connections be logged? |
|
Did a test using spdycat and ATS did no log the SSL infos. Will dig into the code tomorrow to learn why. |
There was a problem hiding this comment.
This would return cipher's version like TLSv1/SSLv3 or SSLv2. For SSL protocol version , I think it would be better to use SSL_get_version.
There was a problem hiding this comment.
Agreed, SSL_get_version is probably what you want here.
|
We should probably track this as a jira item... |
|
I don't like that this adds extra fields to HttpSM, can we avoid that by accessing the netvc? or is it too late by the time we want to log? |
|
While I agree with James' distaste, it will be rare for the NetVC to be around to provide this information. My recommendation at this point is to set up a sub struct for the HttpSM to hold data that is purely for logging, so at least it doesn't clutter the HttpSM directly. This is a problem that is going to come up again, where we want to log data that is not extant at the point the transaction is logged. |
|
FWIW for this specific case, you can use the |
|
There is a related Jira for this: |
|
@fpesce got the ssl_session_reuse in TS-3683 (cqssl rather than cssr for the log field). It also includes session reuse via tickets. Being able to record the the selected cipher and negotiated protocol would still be valuable. I see that @ericcarlschwartz is working on the related bug TS-3648. Hopefully he can pull these changes in via that issue. |
…cache_basics Add some translations to cache basics
7 participants
Added three fields to access log: