aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMartin Willi <martin@revosec.ch>2011-01-27 09:14:53 +0100
committerMartin Willi <martin@revosec.ch>2011-01-28 08:29:23 +0100
commit5c89a00f05d7417deb09a9693e24687b77c7a2ce (patch)
treedcbdf750986be69a83db1df41cba6b31f5359c6b /src
parent60b71def1ac83ca36946a2d4273d7bdbe4e56d74 (diff)
downloadstrongswan-5c89a00f05d7417deb09a9693e24687b77c7a2ce.tar.bz2
strongswan-5c89a00f05d7417deb09a9693e24687b77c7a2ce.tar.xz
Do not log potentially hundreds of cert requests for unknown CAs at level 1
Diffstat (limited to 'src')
-rw-r--r--src/libcharon/sa/tasks/ike_cert_pre.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/libcharon/sa/tasks/ike_cert_pre.c b/src/libcharon/sa/tasks/ike_cert_pre.c
index 944637c11..a59b8dcce 100644
--- a/src/libcharon/sa/tasks/ike_cert_pre.c
+++ b/src/libcharon/sa/tasks/ike_cert_pre.c
@@ -76,6 +76,7 @@ static void process_certreqs(private_ike_cert_pre_t *this, message_t *message)
{
certreq_payload_t *certreq = (certreq_payload_t*)payload;
enumerator_t *enumerator;
+ u_int unknown = 0;
chunk_t keyid;
this->ike_sa->set_condition(this->ike_sa, COND_CERTREQ_SEEN, TRUE);
@@ -103,12 +104,18 @@ static void process_certreqs(private_ike_cert_pre_t *this, message_t *message)
}
else
{
- DBG1(DBG_IKE, "received cert request for unknown ca "
+ DBG2(DBG_IKE, "received cert request for unknown ca "
"with keyid %Y", id);
+ unknown++;
}
id->destroy(id);
}
enumerator->destroy(enumerator);
+ if (unknown)
+ {
+ DBG1(DBG_IKE, "received %u cert requests for an unknown ca",
+ unknown);
+ }
break;
}
case NOTIFY: