thr3ads.net - Libguestfs - [Libguestfs] [PATCH] ESX: Enable verification of SSL certificates [Mar 2010]

If this information is useful, please help other people find it:
Share via:

Matthew Booth

2010-Mar-22 17:06 UTC

[Libguestfs] [PATCH] ESX: Enable verification of SSL certificates

Fix a bug which would have prevented an SSL certification from ever being
verified.
---
 lib/Sys/VirtV2V/Transfer/ESX.pm |   15 ++++++++-------
 1 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/lib/Sys/VirtV2V/Transfer/ESX.pm b/lib/Sys/VirtV2V/Transfer/ESX.pm
index 1da382a..66ba515 100644
--- a/lib/Sys/VirtV2V/Transfer/ESX.pm
+++ b/lib/Sys/VirtV2V/Transfer/ESX.pm
@@ -53,7 +53,7 @@ our %handles;
 sub new {
     my $class = shift;
 
-    my ($server, $username, $password, $pool, $verify) = @_;
+    my ($server, $username, $password, $target, $noverify) = @_;
 
     my $self = $class->SUPER::new(
         agent => 'virt-v2v/'.$Sys::VirtV2V::VERSION,
@@ -65,7 +65,7 @@ sub new {
         my ($response, $self, $h) = @_;
 
         if ($response->is_success) {
-            $self->verify_certificate($response) if ($verify);
+            $self->verify_certificate($response) unless ($noverify);
             $self->create_volume($response);
         }
     });
@@ -75,14 +75,14 @@ sub new {
     $self->{_v2v_username} = $username;
     $self->{_v2v_password} = $password;
 
-    if ($verify) {
+    if ($noverify) {
+        # Unset HTTPS_CA_DIR if it is already set
+        delete($ENV{HTTPS_CA_DIR});
+    } else {
         # Leave HTTPS_CA_DIR alone if it is already set
         # Setting HTTPS_CA_DIR to the empty string results in it using the
         # compiled-in default paths
         $ENV{HTTPS_CA_DIR} = "" unless (exists($ENV{HTTPS_CA_DIR}));
-    } else {
-        # Unset HTTPS_CA_DIR if it is already set
-        delete($ENV{HTTPS_CA_DIR});
     }
 
     die("Invalid configuration of Net::HTTPS")
@@ -330,7 +330,8 @@ sub transfer
     my $ua = Sys::VirtV2V::Transfer::ESX::UA->new($conn->{hostname},
                                                   $username,
                                                   $password,
-                                                  $pool);
+                                                  $pool,
+                                                  $noverify);
 
     return $ua->get_volume($path);
 }
-- 
1.6.6.1

Richard W.M. Jones

2010-Mar-22 18:43 UTC

head link

[Libguestfs] [PATCH] ESX: Enable verification of SSL certificates

On Mon, Mar 22, 2010 at 05:06:30PM +0000, Matthew Booth
wrote:> Fix a bug which would have prevented an SSL certification from ever being
> verified.
> @@ -330,7 +330,8 @@ sub transfer
>      my $ua = Sys::VirtV2V::Transfer::ESX::UA->new($conn->{hostname},
>                                                    $username,
>                                                    $password,
> -                                                  $pool);
> +                                                  $pool,
> +                                                  $noverify);
So the important bit seems to be this last hunk.  ACK.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
New in Fedora 11: Fedora Windows cross-compiler. Compile Windows
programs, test, and build Windows installers. Over 70 libraries supprt'd
http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw

Reasonably Related Threads

Search for more reasonably related threads

Libguestfs - Mar 2010 - [PATCH] ESX: Enable verification of SSL certificates

[Libguestfs] [PATCH] ESX: Enable verification of SSL certificates

[Libguestfs] [PATCH] ESX: Enable verification of SSL certificates

Reasonably Related Threads