rpms / fusioninventory-agent

Clone
Source Code
GIT

Files

el6 epel7 epel8 epel8-playground f14 f15 f16 f17 f18 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main rawhide
  1.   f15
  2.   fusioninventory-agent-git.patch
Blob Blame History Raw 
commit a291e4d5d73c13fc8076211b004e7349cd4bbf7d
Author: Gonéri Le Bouder <goneri@rulezlan.org>
Date:   Mon Nov 28 21:37:48 2011 +0100

    try to use ssl_opts on LWP<6 too
    
    previously this block was only for LWP6. For some modern
    LWP5/Crypt::SSLeay also need it, I use an eval here to avoid
    failure on ancient LWP::UserAgent with no ssl_opts()
    
    closes: #1161
    
    Reported-by: Remi Collet <fedora@famillecollet.com>

diff --git a/lib/FusionInventory/Agent/Network.pm b/lib/FusionInventory/Agent/Network.pm
index b349de5..6bc6fbf 100644
--- a/lib/FusionInventory/Agent/Network.pm
+++ b/lib/FusionInventory/Agent/Network.pm
@@ -107,8 +107,11 @@ sub createUA {
 
     my $ua = LWP::UserAgent->new(keep_alive => 1, requests_redirectable => ['POST', 'GET', 'HEAD']);
 
-
-    if ($LWP::VERSION >= 6) {
+    # previously this block was only for LWP6.
+    # For some modern LWP5/Crypt::SSLeay also need it, I use
+    # an eval here to avoid failure on ancient LWP::UserAgent with
+    # no ssl_opts()
+    eval {
         # LWP6 default behavior is to check the SSL hostname
         if ($config->{'no-ssl-check'}) {
             $ua->ssl_opts(verify_hostname => 0);
@@ -119,7 +122,7 @@ sub createUA {
         if ($config->{'ca-cert-dir'}) {
             $ua->ssl_opts(SSL_ca_path => $config->{'ca-cert-dir'});
         }
-    }
+    };
 
     if ($noProxy) {
 
commit 5001036e8eabac54a5058306c44793df325109a2
Author: Gonéri Le Bouder <goneri@rulezlan.org>
Date:   Mon Nov 28 21:39:21 2011 +0100

    improve the regex used to parse the SSL-Cert
    
     - Drop the port from the hostname
     - Use a wildcare only if there is a domain

diff --git a/lib/FusionInventory/Agent/Network.pm b/lib/FusionInventory/Agent/Network.pm
index 6bc6fbf..96d7513 100644
--- a/lib/FusionInventory/Agent/Network.pm
+++ b/lib/FusionInventory/Agent/Network.pm
@@ -362,9 +362,10 @@ sub setSslRemoteHost {
     # Check server name against provided SSL certificate
         if ( $self->{URI} =~ /^https:\/\/([^\/]+).*$/i ) {
             my $re = $1;
+            $re =~ s/:\d+//;
 # Accept SSL cert will hostname with wild-card
 # http://forge.fusioninventory.org/issues/542
-            $re =~ s/^([^\.]+)/($1|\\*)/;
+            $re =~ s/^([^\.]+)\.(.+)/($1|\\*)/;
 # protect some characters, $re will be evaluated as a regex
             $re =~ s/([\-\.])/\\$1/g;
             $ua->default_header('If-SSL-Cert-Subject' => '/CN='.$re.'($|\/)');
commit 8035bde109d9684dac5fd9369ce6a7a641c54f99
Author: Gonéri Le Bouder <goneri@rulezlan.org>
Date:   Mon Nov 28 21:48:52 2011 +0100

    SSL: skip some test on LWP<6
    
    Those cases are just unsupported.
    
    closes: #1161
    
    Reported-by: Remi Collet <fedora@famillecollet.com>

diff --git a/t/ssl.t b/t/ssl.t
index ff8c25e..d8b384f 100644
--- a/t/ssl.t
+++ b/t/ssl.t
@@ -107,10 +107,14 @@ $server->set_dispatch({
 });
 $server->background();
 
+
+SKIP: {
+skip "Too all LWP for alternate hostname", 1 unless $LWP::VERSION >= 6;
 ok(
     $secure_client->send({message => $message}),
     'trusted certificate, alternate hostname: connection success'
 );
+}
 
 $server->stop();
 
@@ -161,10 +165,14 @@ ok(
     'untrusted certificate, correct hostname: connection failure'
 );
 
+SKIP: {
+skip "Check disabled on LWP<6", 1 unless $LWP::VERSION >= 6;
+# Unless you wan to fix this
 ok(
     $unsafe_client->send({message => $message}),
     'untrusted certificate, correct hostname, no check: connection success'
 );
+}
 
 $server->stop();
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.