[X2Go-Commits] [buildscripts] 01/03: bin/slave-start-prepare.sh: drop --insecure parameter to cURL.
git-admin at x2go.org
git-admin at x2go.org
Fri Sep 8 02:31:53 CEST 2017
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository buildscripts.
commit 72c1f2eeb893506f835a4750b20bde5f721b0e1e
Author: Mihai Moldovan <ionic at ionic.de>
Date: Fri Sep 8 02:29:03 2017 +0200
bin/slave-start-prepare.sh: drop --insecure parameter to cURL.
We're now using a certificate that is trusted by the system, so
connections should work without that parameter.
---
bin/slave-start-prepare.sh | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/bin/slave-start-prepare.sh b/bin/slave-start-prepare.sh
index 290b62c..ab16b57 100755
--- a/bin/slave-start-prepare.sh
+++ b/bin/slave-start-prepare.sh
@@ -31,12 +31,15 @@ fi
rm -f -- "slave.jar"
+# This comment is only for documentation - we're not using self-signed
+# certificates any longer and thus don't need the --insecure option.
+# Keeping the comment for documentation, though.
# Even though we pin the certificate's public key, the --insecure option
# is needed since our certificate (currently) is self-signed, which leads to
# curl rejecting the certificate.
# This is okay, since curl still checks for the pubkey hash and aborts the
# connection if the server's pubkey hash doesn't match the pinned one, even
# when calling it with the --insecure parameter.
-curl -R --pinnedpubkey "${ssl_hash}" --insecure "https://${host}/jnlpJars/slave.jar"
+curl -R --pinnedpubkey "${ssl_hash}" "https://${host}/jnlpJars/slave.jar"
java -jar "slave.jar"
--
Alioth's /srv/git/code.x2go.org/buildscripts.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/buildscripts.git
More information about the x2go-commits
mailing list