From e3a130a7eb6e56a150c1902641efa5a7e0f62ad4 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 4 Sep 2012 12:32:38 -0400
Subject: Don't log about Libevent/OpenSSL initialization when all's well

OTOH, log the Libevent and OpenSSL versions on the first line when
we're starting Tor.
---
 src/common/aes.c             |  8 ++++----
 src/common/compat_libevent.c |  2 +-
 src/common/crypto.c          | 25 +++++++++++++++++++++++++
 src/common/crypto.h          |  1 +
 src/common/tortls.c          |  6 +++---
 5 files changed, 34 insertions(+), 8 deletions(-)

(limited to 'src/common')

diff --git a/src/common/aes.c b/src/common/aes.c
index 59d864a3d..dd89d5d1e 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -212,11 +212,11 @@ evaluate_evp_for_aes(int force_val)
   e = ENGINE_get_cipher_engine(NID_aes_128_ecb);
 
   if (e) {
-    log_notice(LD_CRYPTO, "AES engine \"%s\" found; using EVP_* functions.",
+    log_info(LD_CRYPTO, "AES engine \"%s\" found; using EVP_* functions.",
                ENGINE_get_name(e));
     should_use_EVP = 1;
   } else {
-    log_notice(LD_CRYPTO, "No AES engine found; using AES_* functions.");
+    log_info(LD_CRYPTO, "No AES engine found; using AES_* functions.");
     should_use_EVP = 0;
   }
 #endif
@@ -263,12 +263,12 @@ evaluate_ctr_for_aes(void)
                "not using it.");
   } else {
     /* Counter mode is okay */
-    log_notice(LD_CRYPTO, "This OpenSSL has a good implementation of counter "
+    log_info(LD_CRYPTO, "This OpenSSL has a good implementation of counter "
                "mode; using it.");
     should_use_openssl_CTR = 1;
   }
 #else
-  log_notice(LD_CRYPTO, "This version of OpenSSL has a slow implementation of "
+  log_info(LD_CRYPTO, "This version of OpenSSL has a slow implementation of "
              "counter mode; not using it.");
 #endif
   return 0;
diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c
index 6655ca87d..0d06c49c9 100644
--- a/src/common/compat_libevent.c
+++ b/src/common/compat_libevent.c
@@ -266,7 +266,7 @@ tor_libevent_initialize(tor_libevent_cfg *torcfg)
 #if defined(HAVE_EVENT_GET_VERSION) && defined(HAVE_EVENT_GET_METHOD)
   /* Making this a NOTICE for now so we can link bugs to a libevent versions
    * or methods better. */
-  log(LOG_NOTICE, LD_GENERAL,
+  log(LOG_INFO, LD_GENERAL,
       "Initialized libevent version %s using method %s. Good.",
       event_get_version(), tor_libevent_get_method());
 #else
diff --git a/src/common/crypto.c b/src/common/crypto.c
index a69e6c5cb..77f94ba80 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -221,6 +221,30 @@ try_load_engine(const char *path, const char *engine)
 }
 #endif
 
+static char *crypto_openssl_version_str = NULL;
+/* Return a human-readable version of the run-time openssl version number. */
+const char *
+crypto_openssl_get_version_str(void)
+{
+  if (crypto_openssl_version_str == NULL) {
+    const char *raw_version = SSLeay_version(SSLEAY_VERSION);
+    const char *end_of_version = NULL;
+    /* The output should be something like "OpenSSL 1.0.0b 10 May 2012. Let's
+       trim that down. */
+    if (!strcmpstart(raw_version, "OpenSSL ")) {
+      raw_version += strlen("OpenSSL ");
+      end_of_version = strchr(raw_version, ' ');
+    }
+
+    if (end_of_version)
+      crypto_openssl_version_str = tor_strndup(raw_version,
+                                               end_of_version-raw_version);
+    else
+      crypto_openssl_version_str = tor_strdup(raw_version);
+  }
+  return crypto_openssl_version_str;
+}
+
 /** Initialize the crypto library.  Return 0 on success, -1 on failure.
  */
 int
@@ -3018,6 +3042,7 @@ crypto_global_cleanup(void)
     tor_free(ms);
   }
 #endif
+  tor_free(crypto_openssl_version_str);
   return 0;
 }
 
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 76bcbf7d4..456a61173 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -111,6 +111,7 @@ typedef struct crypto_digest_t crypto_digest_t;
 typedef struct crypto_dh_t crypto_dh_t;
 
 /* global state */
+const char * crypto_openssl_get_version_str(void);
 int crypto_global_init(int hardwareAccel,
                        const char *accelName,
                        const char *accelPath);
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 53bcc9891..a3485c768 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -478,7 +478,7 @@ tor_tls_init(void)
      * a test of intelligence and determination.
      */
     if (version > OPENSSL_V(0,9,8,'k') && version <= OPENSSL_V(0,9,8,'l')) {
-      log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l, but "
+      log_info(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l, but "
                  "some vendors have backported renegotiation code from "
                  "0.9.8m without updating the version number. "
                  "I will try SSL3_FLAGS and SSL_OP to enable renegotation.",
@@ -486,12 +486,12 @@ tor_tls_init(void)
       use_unsafe_renegotiation_flag = 1;
       use_unsafe_renegotiation_op = 1;
     } else if (version > OPENSSL_V(0,9,8,'l')) {
-      log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8m or later; "
+      log_info(LD_GENERAL, "OpenSSL %s looks like version 0.9.8m or later; "
                  "I will try SSL_OP to enable renegotiation",
                  SSLeay_version(SSLEAY_VERSION));
       use_unsafe_renegotiation_op = 1;
     } else if (version <= OPENSSL_V(0,9,8,'k')) {
-      log_notice(LD_GENERAL, "OpenSSL %s [%lx] looks like it's older than "
+      log_info(LD_GENERAL, "OpenSSL %s [%lx] looks like it's older than "
                  "0.9.8l, but some vendors have backported 0.9.8l's "
                  "renegotiation code to earlier versions, and some have "
                  "backported the code from 0.9.8m or 0.9.8n.  I'll set both "
-- 
cgit v1.2.3