Friday, November 20, 2009

» Patch for osc and self-signed certificates

If you are using your own Build Service instance as we do at Packman and if you are using a self-signed certificates for HTTPS, then this patch might come handy for you as well. Note that it disables the peer certificate validation in osc, so don't use that with Build Service instances you down trust, and only if you are willing to take the risk of not detecting man-in-the-middle attacks. In order to apply the patch, simply copy and paste the following block of shell code in a terminal where you are running as root:
cd $(dirname $(rpm -ql osc|grep /conf.py\$))
umask 0077
curl -s -o /tmp/o.patch \
http://linux01.gwdg.de/~pbleser/files/osc/\
osc-disable-peer-cert-check.diff
test $(sha1sum /tmp/o.patch | cut -f1 -d" ") = \
9812ef2a18c02799b9e33d1402509c3217c39194 \
&& patch -p1 -b -z.orig -i /tmp/o.patch
UPDATE: note that in my following blog-post I describe a secure option.

Labels: , ,

0 Comments:

Post a Comment

<< Home