diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2010-04-29 23:35:45 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2010-04-29 23:35:45 +0200 |
| commit | 339f2a4d4b487afa53fa99d72c35b16f31e417d3 (patch) | |
| tree | f4a6440c1755d04935f8b0ed9c15e0a3e147d270 /ssl.h | |
| parent | Don't add compile time information if --enable-small is used (diff) | |
| download | openvpn-339f2a4d4b487afa53fa99d72c35b16f31e417d3.tar.xz | |
Revamped the script-security warning logging (version 2)
The main task of this patch is to avoid reporting the SCRIPT_SECURITY_WARNING
over and over again, in addition to not show this warning when it should not
be a problem. This general warning should now only appear once, and only when
--script-security is not set, 0 or 1. In all other cases this warning should
not appear.
In addition, this warning will come close to the script-hook which most probably
will fail. It will also give a little bit more concrete hint on which script-hook
which failed. If --script-security is 2 or 3, only the execve failure itself will
be shown. This message will on the other hand be shown repeatedly.
This is a new rewritten version which simplifies the implementaion of the new
openvpn_run_script() function. It was considered to remove it completely, but
due to code clearity and easy of use it was decided to make this function a static
inline function instead. Anyhow, this function will enforce openvpn_execve_check()
to be called with the S_SCRIPT flag.
Patch ACKed on the developers meeting 2009-04-29.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: James Yonan <james@openvpn.net>
Diffstat (limited to 'ssl.h')
0 files changed, 0 insertions, 0 deletions