From 538db66194f396cf35f6c1113851fcbc321464d7 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Wed, 20 Sep 2023 03:46:43 +0000 Subject: Remove extra warning when s6-tcpserver-access has no ruleset Signed-off-by: Laurent Bercot --- doc/s6-tcpserver-access.html | 4 +--- doc/s6-tlsserver.html | 5 +---- src/conn-tools/s6-tcpserver-access.c | 1 - src/tls/s6-tlsserver.c | 2 +- 4 files changed, 3 insertions(+), 9 deletions(-) diff --git a/doc/s6-tcpserver-access.html b/doc/s6-tcpserver-access.html index 16b16f9..d5b3ece 100644 --- a/doc/s6-tcpserver-access.html +++ b/doc/s6-tcpserver-access.html @@ -138,9 +138,7 @@ against a filesystem-based database in the rulesdir directory.
  • -x rulesfile : check client credentials against a cdb database in the rulesfile file. -i and -x are -mutually exclusive. If none of those options is given, no credential checking will be -performed, and a warning will be emitted on every connection if -verbosity is 2 or more.
  • +mutually exclusive.

    Access rule checking

    diff --git a/doc/s6-tlsserver.html b/doc/s6-tlsserver.html index f1f4e91..e241ee3 100644 --- a/doc/s6-tlsserver.html +++ b/doc/s6-tlsserver.html @@ -156,10 +156,7 @@ certificates, you probably still want TCP access rules. s6-tcpserver-access should be invoked, even if no other option requires it, even in the absence of an access control ruleset. This ensures that prog... -will always have access to environment variables such as TCPLOCALPORT. -This option also ensures that the log does not get spammed with -spurious "no ruleset" warnings if the -v option has been -given but no -i or -x option. +will always have access to environment variables such as TCPLOCALPORT.

    Options passed as is to s6-tcpserver

    diff --git a/src/conn-tools/s6-tcpserver-access.c b/src/conn-tools/s6-tcpserver-access.c index 5491ea0..addf66b 100644 --- a/src/conn-tools/s6-tcpserver-access.c +++ b/src/conn-tools/s6-tcpserver-access.c @@ -150,7 +150,6 @@ int main (int argc, char const *const *argv) switch (rulestype) { case 0 : - if (verbosity >= 2) strerr_warnw1x("invoked without a ruleset!") ; accepted = S6_ACCESSRULES_ALLOW ; break ; case 1 : diff --git a/src/tls/s6-tlsserver.c b/src/tls/s6-tlsserver.c index 4c1a951..deffe0d 100644 --- a/src/tls/s6-tlsserver.c +++ b/src/tls/s6-tlsserver.c @@ -143,7 +143,7 @@ int main (int argc, char const *const *argv) if (argc < 3) dieusage() ; } - o.doaccess = o.forceaccess || (o.verbosity >= 2) || o.flagw || o.flagD || !o.flagH || o.flagr || o.flagp || o.localname || o.banner || o.timeout || o.rules ; + o.doaccess = o.forceaccess || o.flagw || o.flagD || !o.flagH || o.flagr || o.flagp || o.localname || o.banner || o.timeout || o.rules ; { size_t pos = 0 ; -- cgit v1.2.3