From: Roger Dingledine <arma@torproject.org>
Date: Mon, 9 Jun 2025 01:50:36 +0000 (-0400)
Subject: log "list of supported TLS groups" only once
X-Git-Tag: tor-0.4.8.17~6^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3871742ed13cd4bfe7708ce644597edad6603fce;p=thirdparty%2Ftor.git

log "list of supported TLS groups" only once

We had been logging it every two hours forever, even though it's based
on the version of OpenSSL we're using it so it will never change.

Fixes bug #41093.

The fix is an improvement on commit ba88ad6b which addressed #41058.

Not adding a changes file since those commits haven't gone out in a
release yet either.
---

diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
index 8cc8f1f33f..a1f24c6761 100644
--- a/src/lib/tls/tortls_openssl.c
+++ b/src/lib/tls/tortls_openssl.c
@@ -713,7 +713,12 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
       }
       int r = (int) SSL_CTX_set1_groups_list(result->ctx, list);
       if (r == 1) {
-        log_notice(LD_NET, "Set list of supported TLS groups to: %s", list);
+        static bool have_logged_already = false;
+        if (!have_logged_already) {
+          /* say it only once at startup, since the answer won't change */
+          log_notice(LD_NET, "Set list of supported TLS groups to: %s", list);
+          have_logged_already = true;
+        }
         success = true;
         break;
       }