Re: Improved SSL Error Logging [RT #29932]

2012-12-06 Thread Noel Butler
Thanks Shane, I have re-applied previous changes to source files and that has silenced them again in meantime. Cheers Noel On Thu, 2012-12-06 at 17:05 +0100, Shane Kerr wrote: > Noel, > > On Thursday, 2012-12-06 11:03:24 +1000, > Noel Butler wrote: > > Hi Shane, Mark, Evan > > > > On Tue, 2

Re: Improved SSL Error Logging [RT #29932]

2012-12-06 Thread Shane Kerr
Noel, On Thursday, 2012-12-06 11:03:24 +1000, Noel Butler wrote: > Hi Shane, Mark, Evan > > On Tue, 2012-10-16 at 08:22 +0200, Shane Kerr wrote: > > > > These changes are in our review queue now, so will go in future > > releases. > > > I guess this was not pushed in? After update to 9.9.2-

Re: Improved SSL Error Logging [RT #29932]

2012-12-05 Thread Noel Butler
Hi Shane, Mark, Evan On Tue, 2012-10-16 at 08:22 +0200, Shane Kerr wrote: > Noel, > > These changes are in our review queue now, so will go in future > releases. > > Cheers, > I guess this was not pushed in? After update to 9.9.2-p1 the old logging returned, eg: Dec 6 10:47:30 ns1 named

Re: Improved SSL Error Logging [RT #29932]

2012-10-15 Thread Shane Kerr
Noel, These changes are in our review queue now, so will go in future releases. Cheers, -- Shane Kerr ISC On Saturday, 2012-10-13 11:07:01 +1000, Noel Butler wrote: > Thanks Mark, > > These changes have been committed for future patch releases? > > > Cheers > > On Fri, 2012-10-12 at 12:16

Re: Improved SSL Error Logging [RT #29932]

2012-10-12 Thread Noel Butler
Thanks Mark, These changes have been committed for future patch releases? Cheers On Fri, 2012-10-12 at 12:16 +1100, Mark Andrews wrote: > > Just drop the log level to ISC_LOG_DEBUG(1) and recompile. > > Search for "sucessfully validated after lower casing" in lib/dns/dnssec.c > signat

Re: Improved SSL Error Logging [RT #29932]

2012-10-11 Thread Mark Andrews
In message <135602.4741.10.camel@tardis>, Noel Butler writes: > On Wed, 2012-10-10 at 18:44 +, Evan Hunt wrote: > > > > BIND 9.7.7, 9.8.4 and 9.9.2 have "improved" OpenSSL error logging. > > > Unfortunately, our logs are now filling up with "RSA_verify failed" > > > messages. > >=20 > > Y

Re: Improved SSL Error Logging [RT #29932]

2012-10-11 Thread Noel Butler
On Wed, 2012-10-10 at 18:44 +, Evan Hunt wrote: > > BIND 9.7.7, 9.8.4 and 9.9.2 have "improved" OpenSSL error logging. > > Unfortunately, our logs are now filling up with "RSA_verify failed" > > messages. > > Yeah, oops, we made that one too noisy. You're not the first one > who's noticed. :

Re: Improved SSL Error Logging [RT #29932]

2012-10-10 Thread Chris Thompson
On Oct 10 2012, Evan Hunt wrote: BIND 9.7.7, 9.8.4 and 9.9.2 have "improved" OpenSSL error logging. Unfortunately, our logs are now filling up with "RSA_verify failed" messages. Yeah, oops, we made that one too noisy. You're not the first one who's noticed. :/ Also, without any indication o

Re: Improved SSL Error Logging [RT #29932]

2012-10-10 Thread Evan Hunt
> BIND 9.7.7, 9.8.4 and 9.9.2 have "improved" OpenSSL error logging. > Unfortunately, our logs are now filling up with "RSA_verify failed" > messages. Yeah, oops, we made that one too noisy. You're not the first one who's noticed. :/ > How does one go about tracking down the source of these fai

Improved SSL Error Logging [RT #29932]

2012-10-10 Thread David Kreindler
BIND 9.7.7, 9.8.4 and 9.9.2 have "improved" OpenSSL error logging. Unfortunately, our logs are now filling up with "RSA_verify failed" messages. How does one go about tracking down the source of these failures and correcting them? (We are running OpenSSL 1.0.1c.) __