Skip to content

Commit

Permalink
hotfix: GLPI Agent 1.6.1 release
Browse files Browse the repository at this point in the history
fix: Fix SSL connection regression introduced in GLPI Agent 1.6
Closes #530
  • Loading branch information
g-bougard committed Nov 17, 2023
1 parent 266009a commit 232f269
Show file tree
Hide file tree
Showing 7 changed files with 36 additions and 4 deletions.
1 change: 1 addition & 0 deletions .github/ISSUE_TEMPLATE/bug_report.yml
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ body:
label: GLPI Agent version
description: What GLPI agent version is triggering this issue ?
options:
- 1.6.1
- 1.6
- 1.5
- 1.4
Expand Down
8 changes: 8 additions & 0 deletions Changes
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@ Revision history for GLPI agent

1.7 not yet released

1.6.1 Fri, 17 Nov 2023

core:
* fix #530: Also include Mozilla::CA default store when including windows keystore
or macosx keychains certificates as IO::Socket::SSL can't no more use them since
LWP::Protocol::https update.
This fixes SSL connection issues appeared with 1.6 release.

1.6 Wed, 15 Nov 2023

core:
Expand Down
2 changes: 1 addition & 1 deletion Makefile.PL
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ include 'Module::AutoInstall';
abstract 'GLPI unified Agent for UNIX, Linux, Windows and MacOSX';
license 'gpl';
repository 'https://github.com/glpi-project/glpi-agent';
version '1.7-dev';
version '1.6.1';
perl_version '5.008';
authors 'Teclib Editions';

Expand Down
2 changes: 1 addition & 1 deletion contrib/windows/glpi-agent-deployment.vbs
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ Dim Setup, SetupArchitecture, SetupLocation, SetupNightlyLocation, SetupOptions,
' SetupVersion
' Setup version with the pattern <major>.<minor>.<release>[-<package>]
'
SetupVersion = "1.6"
SetupVersion = "1.6.1"

' When using a nightly built version, uncomment the following SetupVersion definition line
' replacing gitABCDEFGH with the most recent git revision found on the nightly builds site
Expand Down
6 changes: 6 additions & 0 deletions debian/changelog
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
glpi-agent (1:1.6.1-1) unstable; urgency=medium

* New upstream release 1.6.1

-- Guillaume Bougard <gbougard@teclib.com> Fri, 17 Nov 2023 16:14:00 +0100

glpi-agent (1:1.6-1) unstable; urgency=medium

* New upstream release 1.6
Expand Down
17 changes: 17 additions & 0 deletions lib/GLPI/Agent/HTTP/Client.pm
Original file line number Diff line number Diff line change
Expand Up @@ -377,6 +377,10 @@ sub _KeyChain_or_KeyStore_Export {
return $_SSL_ca->{_certs}
if $_SSL_ca->{_expiration} && time < $_SSL_ca->{_expiration};

# Free stored certificates
IO::Socket::SSL::Utils::CERT_free(@{$_SSL_ca->{_certs}})
if ref($_SSL_ca->{_certs}) eq 'ARRAY';

$logger->debug(
_log_prefix .
($_SSL_ca ? "Updating" : "Reading") . " $basename known certificates"
Expand Down Expand Up @@ -476,6 +480,13 @@ sub _KeyChain_or_KeyStore_Export {
}
}

# Always include default CA file from Mozilla::CA
if (Mozilla::CA->require()) {
my $cacert = Mozilla::CA::SSL_ca_file();
push @certs, IO::Socket::SSL::Utils::PEM_file2certs($cacert)
if -e $cacert;
}

# Update class level datas
$_SSL_ca->{_expiration} = time + 3600;
return $_SSL_ca->{_certs} = \@certs;
Expand Down Expand Up @@ -557,6 +568,12 @@ sub _uncompressGzip {
return $result;
}

sub END {
# Free eventually stored certificates
IO::Socket::SSL::Utils::CERT_free(@{$_SSL_ca->{_certs}})
if ref($_SSL_ca->{_certs}) eq 'ARRAY';
}

1;
__END__
Expand Down
4 changes: 2 additions & 2 deletions lib/GLPI/Agent/Version.pm
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ package GLPI::Agent::Version;
use strict;
use warnings;

our $VERSION = "1.7-dev";
our $VERSION = "1.6.1";
our $PROVIDER = "GLPI";
our $COMMENTS = [];

Expand Down Expand Up @@ -31,5 +31,5 @@ agent issue is reported.
One very useful information should be first defined like in that example:
our $COMMENTS = [
"Based on GLPI Agent 1.7-dev"
"Based on GLPI Agent 1.6.1"
];

0 comments on commit 232f269

Please sign in to comment.