From: Pat O'B. <obr...@gm...> - 2012-04-11 03:05:30
|
It's a pretty lazy fix for a warning that no one will really heed. I don't necessarily know if it's all that useful of a warning, since the client is generally run out of cron, which output will generally be piped to /dev/null, or if it's on the command line will most likely be ignored. I'll roll it back and just have our RPM patch it so we can ignore it locally rather than have it ignored for you. -pat On Tue, Apr 10, 2012 at 7:49 PM, Jason Heiss <jh...@ap...> wrote: > FWIW I don't particularly agree with this change. The warning is correct > and (IMHO) useful in that it's telling you that you didn't verify the > other side's identity, so you could be speaking to anyone. And there is a > correct and easy way to make the warning go away: configure the client > with the server's CA cert so that it can verify the server. > > Jason > > On Apr 10, 2012, at 10:38 PM, th...@us... wrote: > > > Revision: 337 > > http://nventory.svn.sourceforge.net/nventory/?rev=337&view=rev > > Author: thepob > > Date: 2012-04-11 02:38:51 +0000 (Wed, 11 Apr 2012) > > Log Message: > > ----------- > > getting rid of that annoying 'warning: peer certificate won't be > verified in this SSL session' warning that the ruby client throws > > > > Modified Paths: > > -------------- > > trunk/client/ruby/nventory.rb > > > > Modified: trunk/client/ruby/nventory.rb > > =================================================================== > > --- trunk/client/ruby/nventory.rb 2012-03-13 21:37:05 UTC (rev 336) > > +++ trunk/client/ruby/nventory.rb 2012-04-11 02:38:51 UTC (rev 337) > > @@ -1174,6 +1174,7 @@ > > http.tmp_dh_callback = proc { dh } > > end > > http.use_ssl = true > > + http.verify_mode = OpenSSL::SSL::VERIFY_NONE > > if @ca_file && File.exist?(@ca_file) > > http.ca_file = @ca_file > > http.verify_mode = OpenSSL::SSL::VERIFY_PEER > > > > This was sent by the SourceForge.net collaborative development platform, > the world's largest Open Source development site. > > > > > > > ------------------------------------------------------------------------------ > > Better than sec? Nothing is better than sec when it comes to > > monitoring Big Data applications. Try Boundary one-second > > resolution app monitoring today. Free. > > http://p.sf.net/sfu/Boundary-dev2dev > > _______________________________________________ > > nventory-devel mailing list > > nve...@li... > > https://lists.sourceforge.net/lists/listinfo/nventory-devel > > > > ------------------------------------------------------------------------------ > Better than sec? Nothing is better than sec when it comes to > monitoring Big Data applications. Try Boundary one-second > resolution app monitoring today. Free. > http://p.sf.net/sfu/Boundary-dev2dev > _______________________________________________ > nventory-devel mailing list > nve...@li... > https://lists.sourceforge.net/lists/listinfo/nventory-devel > > |