Optional cap on TLS log message severity level

Are you tired of getting TLS-related error log messages that you can't do anything about? e.g. web 0139 TLS ERROR 'Received TLS alert message: Unexpected message' (-15) setting session active The new sbbs.ini [web] TLSErrorLevel option (defaults to 0 / "Emergency") allows the sysop to set a cap (maximum severity) on TLS-related log messages in the web server (e.g. TLSErrorLevel=Warning).

Optional cap on TLS log message severity level
113a9a56 · Rob Swindell · 0b7f0034 · 113a9a56 · 113a9a56 · 113a9a56
Commit 113a9a56 authored 4 years ago by Rob Swindell
--- a/src/sbbs3/sbbs_ini.c
+++ b/src/sbbs3/sbbs_ini.c
@@ -678,6 +678,8 @@ void sbbs_read_ini(
 		web->log_level
 			=iniGetLogLevel(list,section,strLogLevel,global->log_level);
+		web->tls_error_level
+			=iniGetLogLevel(list,section, "TLSErrorLevel", web->tls_error_level);
 		web->options
 			=iniGetBitField(list,section,strOptions,web_options
 				,BBS_OPT_NO_HOST_LOOKUP | WEB_OPT_HTTP_LOGGING);

--- a/src/sbbs3/websrvr.c
+++ b/src/sbbs3/websrvr.c
@@ -406,6 +406,8 @@ enum  {
 	int GCES_level;                                                                 \
 	get_crypt_error_string(status, sess->tls_sess, &GCES_estr, action, &GCES_level);\
 	if (GCES_estr) {                                                                \
+		if(GCES_level < startup->tls_error_level)                                   \
+			GCES_level = startup->tls_error_level;                                  \
 		lprintf(GCES_level, "%04d TLS %s", sess->socket, GCES_estr);                \
 		free_crypt_attrstr(GCES_estr);                                              \
 	}                                                                               \

--- a/src/sbbs3/websrvr.h
+++ b/src/sbbs3/websrvr.h
 /* Synchronet Web Server */
-/* $Id: websrvr.h,v 1.57 2020/03/07 00:18:50 deuce Exp $ */
 /****************************************************************************
 * @format.tab-size 4		(Plain Text/Source Code File Header)			*
 * @format.use-tabs true	(see http://www.synchro.net/ptsc_hdr.html)		*
@@ -15,21 +13,9 @@
 * See the GNU General Public License for more details: gpl.txt or			*
 * http://www.fsf.org/copyleft/gpl.html										*
 *																			*
- * Anonymous FTP access to the most recent released source is available at	*
- * ftp://vert.synchro.net, ftp://cvs.synchro.net and ftp://ftp.synchro.net	*
- *																			*
- * Anonymous CVS access to the development source and modification history	*
- * is available at cvs.synchro.net:/cvsroot/sbbs, example:					*
- * cvs -d :pserver:anonymous@cvs.synchro.net:/cvsroot/sbbs login			*
- *     (just hit return, no password is necessary)							*
- * cvs -d :pserver:anonymous@cvs.synchro.net:/cvsroot/sbbs checkout src		*
- *																			*
 * For Synchronet coding style and modification guidelines, see				*
 * http://www.synchro.net/source.html										*
 *																			*
- * You are encouraged to submit any modifications (preferably in Unix diff	*
- * format) via e-mail to mods@synchro.net									*
- *																			*
 * Note: If this box doesn't appear square, then you need to fix your tabs.	*
 ****************************************************************************/
@@ -91,6 +77,7 @@ typedef struct {
 	BOOL	recycle_now;
 	BOOL	shutdown_now;
 	int		log_level;
+	int		tls_error_level;		/* Cap the severity of TLS error log messages */
 	uint	bind_retry_count;		/* Number of times to retry bind() calls */
 	uint	bind_retry_delay;		/* Time to wait between each bind() retry */
 	char	default_cgi_content[128];