[Debian-ha-maintainers] Bug#739608: ldirectord: fails to test HTTPS real servers

[Salvatore Bonaccorso]

Package: ldirectord
Version: 1:3.9.2-5+deb7u1
Severity: important
Tags: upstream patch fixed-upstream
Control: found -1 1:3.9.3+git20121009-3

Hi,

In Wheezy hostname verification is enabled by default in
LWP::UserAgent, and so under Wheezy ldirectord fails to test HTTPS
real servers. The fixing commit disables the check again so that
service checking by IP only will still succeed.

           "verify_hostname" => $bool
               When TRUE LWP will for secure protocol schemes ensure it
               connects to servers that have a valid certificate
               matching the expected hostname. If FALSE no checks are
               made and you can't be sure that you communicate with the
               expected peer. The no checks behaviour was the default
               for libwww-perl-5.837 and earlier releases.

               This option is initialized from the
               PERL_LWP_SSL_VERIFY_HOSTNAME environment variable. If
               this environment variable isn't set; then
               "verify_hostname" defaults to 1.

This is reported both [1,2] with fixing commit is at [3]. I'm not sure
if this should be also RC, as this is a regression in ldirectord's
functionality when migrating from Squeeze to Wheezy.

 [1] https://github.com/ClusterLabs/resource-agents/pull/333
 [2] https://github.com/ClusterLabs/resource-agents/issues/361
 [3] https://github.com/mcnewton/resource-agents/commit/68fad38326b7c04efd6434e736e32fe395eafe02

In any case I could prepare both packages targetting unstable and
wheezy as we need ldirectord.

Regards,
Salvatore