[pve-devel] [PATCH] do not continue if manual fingerprint verification failed
Thomas Lamprecht
t.lamprecht at proxmox.com
Wed Dec 13 10:22:03 CET 2017
Else we still try to decode the response as JSON which then dies
unpleasantly.
Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
---
NOTES:
* Requires my not yet applied APIClient Exception series.
* observed when connecting from a rpcenv worker.
PVE/APIClient/LWP.pm | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/PVE/APIClient/LWP.pm b/PVE/APIClient/LWP.pm
index ac9e0c7..a83c66d 100755
--- a/PVE/APIClient/LWP.pm
+++ b/PVE/APIClient/LWP.pm
@@ -117,6 +117,8 @@ sub login {
if (my $fp = delete($self->{last_unknown_fingerprint})) {
if ($self->manual_verify_fingerprint($fp)) {
$response = $exec_login->(); # try again
+ } else {
+ raise("Fingerprint not verified, abort!\n")
}
}
} else {
@@ -219,6 +221,8 @@ sub call {
if (my $fp = delete($self->{last_unknown_fingerprint})) {
if ($self->manual_verify_fingerprint($fp)) {
$response = $exec_method->(); # try again
+ } else {
+ raise("Fingerprint not verified, abort!\n")
}
}
--
2.11.0
More information about the pve-devel
mailing list