diff options
| author | Fraser Tweedale <ftweedal@redhat.com> | 2015-11-20 15:39:00 +1100 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2015-11-23 11:05:49 +0100 |
| commit | 2be8d2d068557631813607d84bb03c91fbeaaf80 (patch) | |
| tree | 84dd82a3b8629ce2bf486de51b0316842e112e84 /ipapython | |
| parent | 72b03a5d7931635b8563e374f217fa48c729450b (diff) | |
| download | freeipa-2be8d2d068557631813607d84bb03c91fbeaaf80.tar.gz freeipa-2be8d2d068557631813607d84bb03c91fbeaaf80.tar.xz freeipa-2be8d2d068557631813607d84bb03c91fbeaaf80.zip | |
TLS and Dogtag HTTPS request logging improvements
Pretty printing the TLS peer certificate to logs on every request
introduces a lot of noise; do not log it (subject name, key usage
and validity are still logged).
Fix and tidy up some HTTP logging messages for Dogtag requests.
Part of: https://fedorahosted.org/freeipa/ticket/5269
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipapython')
| -rw-r--r-- | ipapython/dogtag.py | 9 | ||||
| -rw-r--r-- | ipapython/nsslib.py | 3 |
2 files changed, 4 insertions, 8 deletions
diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py index 51c2ec9b4..71de96dc6 100644 --- a/ipapython/dogtag.py +++ b/ipapython/dogtag.py @@ -324,7 +324,7 @@ def _httplib_request( if isinstance(host, unicode): host = host.encode('utf-8') uri = '%s://%s%s' % (protocol, ipautil.format_netloc(host, port), path) - root_logger.debug('request %r', uri) + root_logger.debug('request %s %s', method, uri) root_logger.debug('request body %r', request_body) headers = headers or {} @@ -347,9 +347,8 @@ def _httplib_request( except Exception as e: raise NetworkError(uri=uri, error=str(e)) - root_logger.debug('request status %d', http_status) - root_logger.debug('request reason_phrase %r', http_reason_phrase) - root_logger.debug('request headers %s', http_headers) - root_logger.debug('request body %r', http_body) + root_logger.debug('response status %d %s', http_status, http_reason_phrase) + root_logger.debug('response headers %s', http_headers) + root_logger.debug('response body %r', http_body) return http_status, http_reason_phrase, http_headers, http_body diff --git a/ipapython/nsslib.py b/ipapython/nsslib.py index 5ae79b65c..06e53294f 100644 --- a/ipapython/nsslib.py +++ b/ipapython/nsslib.py @@ -48,9 +48,6 @@ def auth_certificate_callback(sock, check_sig, is_server, certdb): cert = sock.get_peer_certificate() - root_logger.debug("auth_certificate_callback: check_sig=%s is_server=%s\n%s", - check_sig, is_server, str(cert)) - pin_args = sock.get_pkcs11_pin_arg() if pin_args is None: pin_args = () |