From ab1bb5b7f1c3c3a7b240ab7fc8661459ecd7decb Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Thu, 20 Jul 2023 06:49:55 +0200
Subject: Adding upstream version 1.41.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 libnetdata/socket/security.c | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

(limited to 'libnetdata/socket/security.c')

diff --git a/libnetdata/socket/security.c b/libnetdata/socket/security.c
index abae71c66..c1bb76345 100644
--- a/libnetdata/socket/security.c
+++ b/libnetdata/socket/security.c
@@ -406,7 +406,7 @@ bool netdata_ssl_accept(NETDATA_SSL *ssl) {
 static void netdata_ssl_info_callback(const SSL *ssl, int where, int ret __maybe_unused) {
     (void)ssl;
     if (where & SSL_CB_ALERT) {
-        debug(D_WEB_CLIENT,"SSL INFO CALLBACK %s %s", SSL_alert_type_string(ret), SSL_alert_desc_string_long(ret));
+        netdata_log_debug(D_WEB_CLIENT,"SSL INFO CALLBACK %s %s", SSL_alert_type_string(ret), SSL_alert_desc_string_long(ret));
     }
 }
 
@@ -429,7 +429,7 @@ void netdata_ssl_initialize_openssl() {
 #else
 
     if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL) != 1) {
-        error("SSL library cannot be initialized.");
+        netdata_log_error("SSL library cannot be initialized.");
     }
 
 #endif
@@ -516,7 +516,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) {
 #if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_110
 	ctx = SSL_CTX_new(SSLv23_server_method());
     if (!ctx) {
-		error("Cannot create a new SSL context, netdata won't encrypt communication");
+		netdata_log_error("Cannot create a new SSL context, netdata won't encrypt communication");
         return NULL;
     }
 
@@ -524,7 +524,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) {
 #else
     ctx = SSL_CTX_new(TLS_server_method());
     if (!ctx) {
-		error("Cannot create a new SSL context, netdata won't encrypt communication");
+        netdata_log_error("Cannot create a new SSL context, netdata won't encrypt communication");
         return NULL;
     }
 
@@ -539,7 +539,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) {
 
     if(tls_ciphers  && strcmp(tls_ciphers, "none") != 0) {
         if (!SSL_CTX_set_cipher_list(ctx, tls_ciphers)) {
-            error("SSL error. cannot set the cipher list");
+            netdata_log_error("SSL error. cannot set the cipher list");
         }
     }
 #endif
@@ -548,7 +548,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) {
 
     if (!SSL_CTX_check_private_key(ctx)) {
         ERR_error_string_n(ERR_get_error(),lerror,sizeof(lerror));
-		error("SSL cannot check the private key: %s",lerror);
+        netdata_log_error("SSL cannot check the private key: %s",lerror);
         SSL_CTX_free(ctx);
         return NULL;
     }
@@ -559,7 +559,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) {
 #if (OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_095)
 	SSL_CTX_set_verify_depth(ctx,1);
 #endif
-    debug(D_WEB_CLIENT,"SSL GLOBAL CONTEXT STARTED\n");
+    netdata_log_debug(D_WEB_CLIENT,"SSL GLOBAL CONTEXT STARTED\n");
 
     SSL_CTX_set_mode(ctx, mode);
 
@@ -578,14 +578,14 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) {
  */
 void netdata_ssl_initialize_ctx(int selector) {
     static SPINLOCK sp = NETDATA_SPINLOCK_INITIALIZER;
-    netdata_spinlock_lock(&sp);
+    spinlock_lock(&sp);
 
     switch (selector) {
         case NETDATA_SSL_WEB_SERVER_CTX: {
             if(!netdata_ssl_web_server_ctx) {
                 struct stat statbuf;
                 if (stat(netdata_ssl_security_key, &statbuf) || stat(netdata_ssl_security_cert, &statbuf))
-                    info("To use encryption it is necessary to set \"ssl certificate\" and \"ssl key\" in [web] !\n");
+                    netdata_log_info("To use encryption it is necessary to set \"ssl certificate\" and \"ssl key\" in [web] !\n");
                 else {
                     netdata_ssl_web_server_ctx = netdata_ssl_create_server_ctx(
                             SSL_MODE_ENABLE_PARTIAL_WRITE |
@@ -628,7 +628,7 @@ void netdata_ssl_initialize_ctx(int selector) {
         }
     }
 
-    netdata_spinlock_unlock(&sp);
+    spinlock_unlock(&sp);
 }
 
 /**
@@ -680,7 +680,7 @@ int security_test_certificate(SSL *ssl) {
     {
         char error[512];
         ERR_error_string_n(ERR_get_error(), error, sizeof(error));
-        error("SSL RFC4158 check:  We have a invalid certificate, the tests result with %ld and message %s", status, error);
+        netdata_log_error("SSL RFC4158 check:  We have a invalid certificate, the tests result with %ld and message %s", status, error);
         ret = -1;
     } else {
         ret = 0;
@@ -705,13 +705,13 @@ int ssl_security_location_for_context(SSL_CTX *ctx, char *file, char *path) {
     int load_custom = 1, load_default = 1;
     if (file || path) {
         if(!SSL_CTX_load_verify_locations(ctx, file, path)) {
-            info("Netdata can not verify custom CAfile or CApath for parent's SSL certificate, so it will use the default OpenSSL configuration to validate certificates!");
+            netdata_log_info("Netdata can not verify custom CAfile or CApath for parent's SSL certificate, so it will use the default OpenSSL configuration to validate certificates!");
             load_custom = 0;
         }
     }
 
     if(!SSL_CTX_set_default_verify_paths(ctx)) {
-        info("Can not verify default OpenSSL configuration to validate certificates!");
+        netdata_log_info("Can not verify default OpenSSL configuration to validate certificates!");
         load_default = 0;
     }
 
-- 
cgit v1.2.3