(#21869) Fix recursion in cert expiration check#2090
Merged
Iristyle merged 1 commit intopuppetlabs:masterfrom Dec 6, 2013
Merged
(#21869) Fix recursion in cert expiration check#2090Iristyle merged 1 commit intopuppetlabs:masterfrom
Iristyle merged 1 commit intopuppetlabs:masterfrom
Conversation
During every authenticated request, the expiration date of the involved certificates is checked. However, if the localhost cert is loaded when the CA cert is not present an authenticated request will be initiated to download the CA cert. This triggers another expiration check for authenticated requests, which loads the localhost cert, which initiates another authenticated request to download the CA cert... and so on until stack space is exhausted. This patch skips the expiration check for the localhost cert if the CA cert is missing.
|
CLA signed by all contributors. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
During every authenticated request, the expiration date of the involved
certificates is checked. However, if the localhost cert is loaded when the CA
cert is not present an authenticated request will be initiated to download the
CA cert. This triggers another expiration check for authenticated requests,
which loads the localhost cert, which initiates another authenticated request
to download the CA cert... and so on until stack space is exhausted.
This patch skips the expiration check for the localhost cert if the CA cert is
missing.
Redmine issue #21869