mirror of
https://github.com/GothenburgBitFactory/taskwarrior.git
synced 2025-07-07 20:06:36 +02:00
TLS
- When an invalid value for 'taskd.trust' is noticed, the 'sync' command will error out, and the 'diag' command will refer the user to the man page. This is because the allowed values were 'yes'/'no', and now are 'strict'/'ignore hostname'/'allow all'.
This commit is contained in:
parent
dcc5dbf16a
commit
fe46dadeee
9 changed files with 22 additions and 7 deletions
|
@ -272,12 +272,13 @@ int CmdDiagnostics::execute (std::string& output)
|
|||
? " (readable)" : " (not readable)")
|
||||
<< "\n";
|
||||
|
||||
if (context.config.get ("taskd.trust") == "allow all")
|
||||
out << " Trust: allow all\n";
|
||||
else if (context.config.get ("taskd.trust") == "ignore hostname")
|
||||
out << " Trust: ignore hostanme\n";
|
||||
std::string trust_value = context.config.get ("taskd.trust");
|
||||
if (trust_value == "strict" ||
|
||||
trust_value == "ignore hostname" ||
|
||||
trust_value == "allow all")
|
||||
out << " Trust: " << trust_value << "\n";
|
||||
else
|
||||
out << " Trust: strict\n";
|
||||
out << " Trust: Bad value - see 'man taskrc'\n";
|
||||
|
||||
out << "Certificate: "
|
||||
<< context.config.get ("taskd.certificate")
|
||||
|
|
|
@ -86,10 +86,17 @@ int CmdSync::execute (std::string& output)
|
|||
if (credentials.size () != 3)
|
||||
throw std::string (STRING_CMD_SYNC_BAD_CRED);
|
||||
|
||||
// This was a Boolean value in 2.3.0, and is a tri-state since 2.4.0.
|
||||
std::string trust_value = context.config.get ("taskd.trust");
|
||||
if (trust_value != "strict" &&
|
||||
trust_value != "ignore hostname" &&
|
||||
trust_value != "allow all")
|
||||
throw std::string (STRING_CMD_SYNC_TRUST_OBS);
|
||||
|
||||
enum TLSClient::trust_level trust = TLSClient::strict;
|
||||
if (context.config.get ("taskd.trust") == "allow all")
|
||||
if (trust_value == "allow all")
|
||||
trust = TLSClient::allow_all;
|
||||
else if (context.config.get ("taskd.trust") == "ignore hostname")
|
||||
else if (trust_value == "ignore hostname")
|
||||
trust = TLSClient::ignore_hostname;
|
||||
|
||||
// CA must exist, if provided.
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue