Print CRL warning only once

This commit is contained in:
Gerhard Rieger 2024-08-22 18:18:52 +02:00
parent c4f569e367
commit 47b98aed7a
5 changed files with 16 additions and 5 deletions

View file

@ -48,6 +48,9 @@ Corrections:
Reworked domain name resolution, centralized IPv4/IPv6 sorting. Reworked domain name resolution, centralized IPv4/IPv6 sorting.
Print warning about not checking CRLs in OpenSSL only in the first
child process.
Features: Features:
Total inactivity timeout option -T 0 now means 0.0 seconds; up to Total inactivity timeout option -T 0 now means 0.0 seconds; up to
version 1.8.0.0 it meant no total inactivity timeout. version 1.8.0.0 it meant no total inactivity timeout.

View file

@ -1456,7 +1456,10 @@ cont_out:
sycSSL_CTX_set_verify(ctx, sycSSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER| SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_PEER| SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
NULL); NULL);
if (first_child) {
/* The first forked off process, print the warning only once */
Warn("OpenSSL: Warning: this implementation does not check CRLs"); Warn("OpenSSL: Warning: this implementation does not check CRLs");
}
} else { } else {
sycSSL_CTX_set_verify(ctx, sycSSL_CTX_set_verify(ctx,
SSL_VERIFY_NONE, SSL_VERIFY_NONE,

1
xio.h
View file

@ -471,6 +471,7 @@ extern const char *PIPESEP;
extern xiofile_t *sock[XIO_MAXSOCK]; extern xiofile_t *sock[XIO_MAXSOCK];
extern int num_child; extern int num_child;
extern bool first_child;
/* return values of xioopensingle */ /* return values of xioopensingle */
#define STAT_OK 0 #define STAT_OK 0

View file

@ -15,7 +15,8 @@ static int xioinitialized;
xiofile_t *sock[XIO_MAXSOCK]; xiofile_t *sock[XIO_MAXSOCK];
int (*xiohook_newchild)(void); /* xio calls this function from a new child int (*xiohook_newchild)(void); /* xio calls this function from a new child
process */ process */
int num_child = 0; int num_child = 0; /* actual number of "general" child processes */
bool first_child = true; /* only first child shall print general warnings */
/* returns 0 on success or != if an error occurred */ /* returns 0 on success or != if an error occurred */
int xioinitialize(void) { int xioinitialize(void) {
@ -255,9 +256,12 @@ pid_t xio_fork(bool subchild,
return 0; return 0;
} }
num_child++;
Info1("number of children increased to %d", num_child);
/* parent process */ /* parent process */
if (!subchild) {
++num_child;
first_child = false;
}
Info1("number of children increased to %d", num_child);
Notice1("forked off child process "F_pid, pid); Notice1("forked off child process "F_pid, pid);
/* gdb recommends to have env controlled sleep after fork */ /* gdb recommends to have env controlled sleep after fork */
if (forkwaitstring = getenv("SOCAT_FORK_WAIT")) { if (forkwaitstring = getenv("SOCAT_FORK_WAIT")) {

View file

@ -113,7 +113,7 @@ void childdied(int signum) {
} }
/*! indent */ /*! indent */
if (num_child) { if (num_child) {
num_child--; --num_child;
Info1("number of children decreased to %d", num_child); Info1("number of children decreased to %d", num_child);
} }
/* check if it was a registered child process */ /* check if it was a registered child process */