All Projects apt-panopticon  apt-panopticon_cgp boxes meta-impy  ImpyReleaseBuilder NPC-tool SledjHamr  IGnoble  NGIW  opensim-SC toyboxInstaller website - cgit website - CGraphz website - Mantis

View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000118apt-panopticonTODOpublic2019-09-10 05:332019-12-26 02:43
Reporteronefang Assigned Toonefang  
PrioritynormalSeverityfeatureReproducibilityN/A
Status resolvedResolutionreopened 
Target Version0.1Fixed in Version0.1 
Summary0000118: Make sure the mirrors HTTPS certificate are actually valid.
DescriptionI think LuaSEC is doing the correct thing now, but I should double check that.
TagsNo tags attached.

Activities

onefang

onefang

2019-11-12 15:39

administrator   ~0000229

I switched the checks to use command line curl, which includes an option to print "The result of the SSL peer certificate verification that was requested.", so I'm using that.
onefang

onefang

2019-11-23 13:02

administrator   ~0000231

Last edited: 2019-12-10 07:19

 beerbelott: https://ec.haxx.se/usingcurl-connections.html
beerbelott: It seems to explain the differences between --resolve & --connect-to
beerbelott: For our use-case they seem equivalent

Beerbelott spent some time trying to convince me to switch from --connect-to to --resolve, on the basis that it's less letters. I'm currently sticking with --connect-to as it's the only one documented to deal with SNI. And it seems to work.
onefang

onefang

2019-12-26 02:42

administrator   ~0000249

First of all https://ec.haxx.se/usingcurl-connections.html redirects to the top page of the entire book, which is split into "page per paragraph" nonsense, with no sign of a all on one page so you can search it, and even it's own links to other versions all redirect back to the top. So I had to download the source to search it.

In that book the use case for --connect-to is exactly our use case, probing specific hosts behind a common name / redirects.
onefang

onefang

2019-12-26 02:43

administrator   ~0000250

I'm fairly certain this is resolved.

Issue History

Date Modified Username Field Change
2019-09-10 05:33 onefang New Issue
2019-09-10 05:33 onefang Status new => assigned
2019-09-10 05:33 onefang Assigned To => onefang
2019-11-06 12:51 onefang Priority none => normal
2019-11-12 15:39 onefang Status assigned => resolved
2019-11-12 15:39 onefang Resolution open => fixed
2019-11-12 15:39 onefang Note Added: 0000229
2019-11-23 13:00 onefang Status resolved => feedback
2019-11-23 13:00 onefang Resolution fixed => reopened
2019-11-23 13:02 onefang Note Added: 0000231
2019-11-27 07:58 onefang Summary Make sure the mirrors HTTPS certificate as actually valid. => Make sure the mirrors HTTPS certificate are actually valid.
2019-12-10 07:19 onefang Note Edited: 0000231
2019-12-23 01:29 onefang Target Version => 0.1
2019-12-26 02:42 onefang Note Added: 0000249
2019-12-26 02:43 onefang Status feedback => resolved
2019-12-26 02:43 onefang Fixed in Version => 0.1
2019-12-26 02:43 onefang Note Added: 0000250