summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2023-09-20 03:46:43 +0000
committerLaurent Bercot <ska@appnovation.com>2023-09-20 03:46:43 +0000
commit538db66194f396cf35f6c1113851fcbc321464d7 (patch)
tree93261399c9b816ac3100aaa35be0b15bf7ea7d9a
parent105748f3911d0b3c413d6edf36d78cfa450a0d80 (diff)
downloads6-networking-538db66194f396cf35f6c1113851fcbc321464d7.tar.xz
Remove extra warning when s6-tcpserver-access has no ruleset
Signed-off-by: Laurent Bercot <ska@appnovation.com>
-rw-r--r--doc/s6-tcpserver-access.html4
-rw-r--r--doc/s6-tlsserver.html5
-rw-r--r--src/conn-tools/s6-tcpserver-access.c1
-rw-r--r--src/tls/s6-tlsserver.c2
4 files changed, 3 insertions, 9 deletions
diff --git a/doc/s6-tcpserver-access.html b/doc/s6-tcpserver-access.html
index 16b16f9..d5b3ece 100644
--- a/doc/s6-tcpserver-access.html
+++ b/doc/s6-tcpserver-access.html
@@ -138,9 +138,7 @@ against a filesystem-based database in the <em>rulesdir</em> directory. </li>
<li> <tt>-x&nbsp;<em>rulesfile</em></tt>&nbsp;: check client credentials
against a <a href="https://en.wikipedia.org/wiki/Cdb_(software)">cdb</a>
database in the <em>rulesfile</em> file. <tt>-i</tt> and <tt>-x</tt> are
-mutually exclusive. If none of those options is given, no credential checking will be
-performed, and a warning will be emitted on every connection if
-<em>verbosity</em> is 2 or more. </li>
+mutually exclusive. </li>
</ul>
<h2> Access rule checking </h2>
diff --git a/doc/s6-tlsserver.html b/doc/s6-tlsserver.html
index f1f4e91..e241ee3 100644
--- a/doc/s6-tlsserver.html
+++ b/doc/s6-tlsserver.html
@@ -156,10 +156,7 @@ certificates, you probably still want TCP access rules.
<a href="s6-tcpserver-access.html">s6-tcpserver-access</a> should
be invoked, even if no other option requires it, even in the absence
of an access control ruleset. This ensures that <em>prog...</em>
-will always have access to environment variables such as TCPLOCALPORT.
-This option also ensures that the log does not get spammed with
-spurious "no ruleset" warnings if the <tt>-v</tt> option has been
-given but no <tt>-i</tt> or <tt>-x</tt> option. </li>
+will always have access to environment variables such as TCPLOCALPORT. </li>
</ul>
<h3> Options passed as is to s6-tcpserver </h3>
diff --git a/src/conn-tools/s6-tcpserver-access.c b/src/conn-tools/s6-tcpserver-access.c
index 5491ea0..addf66b 100644
--- a/src/conn-tools/s6-tcpserver-access.c
+++ b/src/conn-tools/s6-tcpserver-access.c
@@ -150,7 +150,6 @@ int main (int argc, char const *const *argv)
switch (rulestype)
{
case 0 :
- if (verbosity >= 2) strerr_warnw1x("invoked without a ruleset!") ;
accepted = S6_ACCESSRULES_ALLOW ;
break ;
case 1 :
diff --git a/src/tls/s6-tlsserver.c b/src/tls/s6-tlsserver.c
index 4c1a951..deffe0d 100644
--- a/src/tls/s6-tlsserver.c
+++ b/src/tls/s6-tlsserver.c
@@ -143,7 +143,7 @@ int main (int argc, char const *const *argv)
if (argc < 3) dieusage() ;
}
- o.doaccess = o.forceaccess || (o.verbosity >= 2) || o.flagw || o.flagD || !o.flagH || o.flagr || o.flagp || o.localname || o.banner || o.timeout || o.rules ;
+ o.doaccess = o.forceaccess || o.flagw || o.flagD || !o.flagH || o.flagr || o.flagp || o.localname || o.banner || o.timeout || o.rules ;
{
size_t pos = 0 ;