From 3b99e4275a787191623ea5d136e5a0b695e0e4ba Mon Sep 17 00:00:00 2001 From: Andrew Stucki Date: Wed, 7 Apr 2021 11:29:24 -0400 Subject: [PATCH] Only show deprecation warnings for CN-based verification once (#24948) --- libbeat/common/transport/tlscommon/config.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/libbeat/common/transport/tlscommon/config.go b/libbeat/common/transport/tlscommon/config.go index 30009c2b13b..cebc251fd49 100644 --- a/libbeat/common/transport/tlscommon/config.go +++ b/libbeat/common/transport/tlscommon/config.go @@ -19,12 +19,15 @@ package tlscommon import ( "crypto/tls" + "sync" "github.com/joeshaw/multierror" "github.com/elastic/beats/v7/libbeat/common/cfgwarn" ) +var warnOnce sync.Once + // Config defines the user configurable options in the yaml file. type Config struct { Enabled *bool `config:"enabled" yaml:"enabled,omitempty"` @@ -98,7 +101,9 @@ func LoadTLSConfig(config *Config) (*TLSConfig, error) { // Validate values the TLSConfig struct making sure certificate sure we have both a certificate and // a key. func (c *Config) Validate() error { - cfgwarn.Deprecate("8.0.0", "Treating the CommonName field on X.509 certificates as a host name when no Subject Alternative Names are present is going to be removed. Please update your certificates if needed.") + warnOnce.Do(func() { + cfgwarn.Deprecate("8.0.0", "Treating the CommonName field on X.509 certificates as a host name when no Subject Alternative Names are present is going to be removed. Please update your certificates if needed.") + }) return c.Certificate.Validate() }