Introduce NUT "authconf" file support [#3329]#3435
Conversation
jimklimov
added
enhancement
SSL/NSS
|
A ZIP file with standard source tarball and another tarball with pre-built docs for commit 42dbf8d is temporarily available: NUT-tarballs-PR-3435.zip. |
|
✅ Build nut 2.8.5.4693-master completed (commit 049a4d4c36 by @jimklimov)
|
|
✅ Build nut 2.8.5.4693-master completed (commit 049a4d4c36 by @jimklimov) |
|
✅ Build nut 2.8.5.4694-master completed (commit c8f40b4384 by @jimklimov)
|
|
✅ Build nut 2.8.5.4696-master completed (commit 25660e3752 by @jimklimov)
|
|
✅ Build nut 2.8.5.4696-master completed (commit 25660e3752 by @jimklimov) |
|
✅ Build nut 2.8.5.4697-master completed (commit 9be8443368 by @jimklimov)
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
❌ Build nut 2.8.5.4698-master failed (commit be4347c9c5 by @jimklimov) |
jimklimov
force-pushed
the
issue-3329
branch
2 times, most recently
from
73a7249 to
ed6f549
Compare
|
✅ Build nut 2.8.5.4700-master completed (commit 8a8a16fc63 by @jimklimov)
|
|
✅ Build nut 2.8.5.4700-master completed (commit 8a8a16fc63 by @jimklimov) |
|
✅ Build nut 2.8.5.4701-master completed (commit 40e1ff94b4 by @jimklimov)
|
|
❌ Build nut 2.8.5.4702-master failed (commit 34ad7de24e by @jimklimov) |
…tools#3329] Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
…tools#3329] Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
…S server certname validation [networkupstools#3331] It is NOT about just host name (URL) matching per our spec. Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
…ration attempts [networkupstools#1711] Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
…upstools#3329, networkupstools#1711] Depending on context, whether "none" or a real path may be useful or toxic to custom developer test works. Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
|
❌ Build nut 2.8.5.4744-master failed (commit 7bcc1d4c81 by @jimklimov) |
…authconf_val(): support USERNAME as alias of USER [networkupstools#3329] Follow the NUT Networked Protocol keywords a bit more closely. Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
… avoid "s_host" varname which confuses WIN32, illumos and other builds [networkupstools#3329] Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
…rom drivers/libusb0.c to be a bit more shared [networkupstools#3329] Follows up from commits b91e34e and f951dce Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
…li_find_host_port_cert() with a "verbose" option, and extend upscli_add_host_port_cert() with check for existing entries [networkupstools#3329] Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
…() [networkupstools#3329] Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
|
✅ Build nut 2.8.5.4749-master completed (commit ffbf626064 by @jimklimov)
|
|
✅ Build nut 2.8.5.4749-master completed (commit ffbf626064 by @jimklimov) |
|
✅ Build nut 2.8.5.4750-master completed (commit 59a24d5766 by @jimklimov)
|
…txt: add support for nutauth.conf [networkupstools#3329] Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
…n debug/failure printouts Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
|
✅ Build nut 2.8.5.4751-master completed (commit cbae147ae0 by @jimklimov)
|
3 participants
Starting with a PoC from AI, slightly modified (20%?) in review, following the spec requested in the GitHub issue #3329, as a stepping stone for further work.
Let CI loose on this iteration that passes locally...
TODO:
upscli_authconf_t=> added CERTHOST to the originally posted mixupscli_initvariant?) to useupscli_authconf_tstruct instances directly. Refactor older methods as wrappers to this one?upscli_get_authconf_list()toupscli_add_host_cert()and set up the one most applicable set of client identity data for that[user@host:port]combo.upsd.usersetc.)conf/...sample anddocs/man/...page fornutauth.confconceptUPDATE: During work on this, it was found that NSS
CERTHOSTsupport was actually broken, and only worked for certificates whose nicknames matched the host name, not the "My nut server" nickname as the example claimed for years. Fixed now.