[Debian-ha-maintainers] Bug#770349: ldirectord: SSL hostname check failure
Salvatore Bonaccorso
carnil at debian.org
Thu Nov 20 20:59:42 UTC 2014
Hi,
On Thu, Nov 20, 2014 at 09:43:02AM -0700, Shawn Heisey wrote:
> Package: ldirectord
> Version: 1.0.3-4
>
> When ldirectord does https health checks, they fail because newer LWP
> versions validate the hostname used against the hostname in the
> certificate, and ldirectord is almost always configured with IP addresses.
>
> The simple fix for this is here:
>
> https://github.com/mcnewton/resource-agents/commit/68fad38326b7c04efd6434e736e32fe395eafe02
>
> I originally came across this problem on Ubuntu 14.04, but the
> ldirectord version found in sid still creates the LWP object with
> verify_hostname set, so I'm filing the bug here.
>
> If you simply update to the newest upstream release, you'll have the
> fix, but I want to discuss another idea.
Note that this is #739608, and already fixed both in wheezy and
jessie.
Regards,
Salvatore
p.s.: src:cluster-agents was superseeded by src:resource-agents but the
corresponding source package apparently never removed from
unstable? (will fill a bug about that).
More information about the Debian-ha-maintainers
mailing list