From 47b98aed7a2efbdb19d2a68b853b47b9360e395e Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Thu, 22 Aug 2024 18:18:52 +0200 Subject: [PATCH] Print CRL warning only once --- CHANGES | 3 +++ xio-openssl.c | 5 ++++- xio.h | 1 + xioinitialize.c | 10 +++++++--- xiosigchld.c | 2 +- 5 files changed, 16 insertions(+), 5 deletions(-) diff --git a/CHANGES b/CHANGES index 9c41d85..c4dd234 100644 --- a/CHANGES +++ b/CHANGES @@ -48,6 +48,9 @@ Corrections: Reworked domain name resolution, centralized IPv4/IPv6 sorting. + Print warning about not checking CRLs in OpenSSL only in the first + child process. + Features: Total inactivity timeout option -T 0 now means 0.0 seconds; up to version 1.8.0.0 it meant no total inactivity timeout. diff --git a/xio-openssl.c b/xio-openssl.c index dddbfe9..1278bf4 100644 --- a/xio-openssl.c +++ b/xio-openssl.c @@ -1456,7 +1456,10 @@ cont_out: sycSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER| SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); - Warn("OpenSSL: Warning: this implementation does not check CRLs"); + if (first_child) { + /* The first forked off process, print the warning only once */ + Warn("OpenSSL: Warning: this implementation does not check CRLs"); + } } else { sycSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, diff --git a/xio.h b/xio.h index 0724314..a276a56 100644 --- a/xio.h +++ b/xio.h @@ -471,6 +471,7 @@ extern const char *PIPESEP; extern xiofile_t *sock[XIO_MAXSOCK]; extern int num_child; +extern bool first_child; /* return values of xioopensingle */ #define STAT_OK 0 diff --git a/xioinitialize.c b/xioinitialize.c index c5f6abe..b06915e 100644 --- a/xioinitialize.c +++ b/xioinitialize.c @@ -15,7 +15,8 @@ static int xioinitialized; xiofile_t *sock[XIO_MAXSOCK]; int (*xiohook_newchild)(void); /* xio calls this function from a new child process */ -int num_child = 0; +int num_child = 0; /* actual number of "general" child processes */ +bool first_child = true; /* only first child shall print general warnings */ /* returns 0 on success or != if an error occurred */ int xioinitialize(void) { @@ -255,9 +256,12 @@ pid_t xio_fork(bool subchild, return 0; } - num_child++; - Info1("number of children increased to %d", num_child); /* parent process */ + if (!subchild) { + ++num_child; + first_child = false; + } + Info1("number of children increased to %d", num_child); Notice1("forked off child process "F_pid, pid); /* gdb recommends to have env controlled sleep after fork */ if (forkwaitstring = getenv("SOCAT_FORK_WAIT")) { diff --git a/xiosigchld.c b/xiosigchld.c index 10f7f49..4ffa125 100644 --- a/xiosigchld.c +++ b/xiosigchld.c @@ -113,7 +113,7 @@ void childdied(int signum) { } /*! indent */ if (num_child) { - num_child--; + --num_child; Info1("number of children decreased to %d", num_child); } /* check if it was a registered child process */