The curl option -k was used in order to download a source file using the pkgdmg package provider. Now it validates certs first and if this fails it fallbacks to the old style after logging a warn message.
Signed-off-by: Sandor Szuecs <[email protected]> --- lib/puppet/provider/package/pkgdmg.rb | 10 ++++++++-- 1 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/puppet/provider/package/pkgdmg.rb b/lib/puppet/provider/package/pkgdmg.rb index ed3bd03..42c5f52 100644 --- a/lib/puppet/provider/package/pkgdmg.rb +++ b/lib/puppet/provider/package/pkgdmg.rb @@ -100,8 +100,14 @@ Puppet::Type.type(:package).provide :pkgdmg, :parent => Puppet::Provider::Packag end def try_curl(cached_source, source, name) - curl "-o", cached_source, "-C", "-", "-k", "-s", "--url", source - Puppet.debug "Success: curl transfered [#{name}]" + begin + curl "-o", cached_source, "-C", "-", "--capath", Puppet[:certdir], "--cacert", Puppet[:localcacert], "-s", "-S", "--url", source + Puppet.debug "Success: curl cert validated transfer [#{name}]" + rescue Puppet::ExecutionFailure + Puppet.warning "Transfer with curl will not being validated [#{name}]" + curl "-o", cached_source, "-C", "-", "-k", "-s", "--url", source + Puppet.debug "Success: curl insecure transfer [#{name}]" + end end def install_dmg(cached_source, source, name) -- 1.7.3.2 -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
