Skip to content

Configuration related tweaks #129

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 6, 2024
Merged

Configuration related tweaks #129

merged 3 commits into from
Nov 6, 2024

Conversation

@cgzones
Copy link
Contributor

@cgzones cgzones commented Oct 30, 2024

No description provided.

@ssahani
Copy link
Collaborator

ssahani commented Nov 5, 2024

needs rebase .

ssahani
ssahani reviewed Nov 5, 2024
View reviewed changes
src/netlog/netlog-tls.h
OPEN_SSL_CERTIFICATE_AUTH_MODE_WARN = 1 << 3,
OPEN_SSL_CERTIFICATE_AUTH_MODE_MAX = 1 << 4,
OPEN_SSL_CERTIFICATE_AUTH_MODE_INVALID = -1,
} OpenSSLCertificateAuthMode;
Copy link
Collaborator

@ssahani ssahani Nov 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's used by the parser. If we give anything which is not expected parser will set it to invalid. Hence we require this in the enum.

Copy link
Contributor Author

@cgzones cgzones Nov 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my testing it doesn't:

The default value gets set via

systemd-netlogd/src/netlog/systemd-netlogd.c

Line 172 in 085384d

r = manager_new(arg_save_state, arg_cursor, &m);

at

systemd-netlogd/src/netlog/netlog-manager.c

Line 637 in 085384d

.auth_mode = OPEN_SSL_CERTIFICATE_AUTH_MODE_DENY,
.

And afterwards the configuration file is parsed at

systemd-netlogd/src/netlog/systemd-netlogd.c

Line 178 in 085384d

r = manager_parse_config_file(m);

and if TLSCertificateAuthMode= is not specified the value does not change and on an invalid setting, e.g. the empty TLSCertificateAuthMode=, the parser will issue [/etc/systemd/netlogd.conf:4] Failed to parse 'TLSCertificateAuthMode=', ignoring..

@cgzones
Do not override StructuredData=
191ad7e 
In case StructuredData= is set, actually use it and do not override it
with the SYSLOG_STRUCTURED_DATA= parsed data.

Fixes: 205dbe6 ("Actually respect UseSysLogStructuredData= and UseSysLogMsgId= settings")
@cgzones
Small formatting changes to ReadMe
453ce7a
@ssahani ssahani merged commit 4561586 into systemd:main Nov 6, 2024
1 check passed
@cgzones cgzones deleted the config branch November 6, 2024 13:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ssahani ssahani ssahani left review comments

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cgzones @ssahani