- When an invalid value for 'taskd.trust' is noticed, the 'sync' command will
  error out, and the 'diag' command will refer the user to the man page.
  This is because the allowed values were 'yes'/'no', and now are
  'strict'/'ignore hostname'/'allow all'.
This commit is contained in:
Paul Beckingham 2014-09-28 17:39:45 -04:00
parent dcc5dbf16a
commit fe46dadeee
9 changed files with 22 additions and 7 deletions

View file

@ -272,12 +272,13 @@ int CmdDiagnostics::execute (std::string& output)
? " (readable)" : " (not readable)")
<< "\n";
if (context.config.get ("taskd.trust") == "allow all")
out << " Trust: allow all\n";
else if (context.config.get ("taskd.trust") == "ignore hostname")
out << " Trust: ignore hostanme\n";
std::string trust_value = context.config.get ("taskd.trust");
if (trust_value == "strict" ||
trust_value == "ignore hostname" ||
trust_value == "allow all")
out << " Trust: " << trust_value << "\n";
else
out << " Trust: strict\n";
out << " Trust: Bad value - see 'man taskrc'\n";
out << "Certificate: "
<< context.config.get ("taskd.certificate")

View file

@ -86,10 +86,17 @@ int CmdSync::execute (std::string& output)
if (credentials.size () != 3)
throw std::string (STRING_CMD_SYNC_BAD_CRED);
// This was a Boolean value in 2.3.0, and is a tri-state since 2.4.0.
std::string trust_value = context.config.get ("taskd.trust");
if (trust_value != "strict" &&
trust_value != "ignore hostname" &&
trust_value != "allow all")
throw std::string (STRING_CMD_SYNC_TRUST_OBS);
enum TLSClient::trust_level trust = TLSClient::strict;
if (context.config.get ("taskd.trust") == "allow all")
if (trust_value == "allow all")
trust = TLSClient::allow_all;
else if (context.config.get ("taskd.trust") == "ignore hostname")
else if (trust_value == "ignore hostname")
trust = TLSClient::ignore_hostname;
// CA must exist, if provided.