diff options
| author | Michael Vogt <mvo@ubuntu.com> | 2023-02-23 18:01:14 +0100 |
|---|---|---|
| committer | Michael Vogt <mvo@ubuntu.com> | 2023-02-28 08:49:17 +0100 |
| commit | 81df128e58d273bae4b13b7c005373df7b3e90f6 (patch) | |
| tree | 274060a0e077032dabe603f2412f30d4ad4fb1bf | |
| parent | 67a49d46c2df657b3eaf497b7e4bd6049901a344 (diff) | |
devicestate: fix missing ExtraSSLCerts support when getting serialswendover
This commit fixes the issue that getting the serial fails in confusing ways when a custom SSL certificate is needed to connect to get the serial. The error message in this case is: ``` handlers_serial.go:659: Proxy store does not support custom serial vault; ignoring the proxy ``` which is not at all true. The root cause for the bug is that the used http client does set `ExtraSSLCerts`. However there are more issues with the code, e.g. that `newEnoughProxy` does not return an error but instead just debug lots it and does nothing less. This commit is the minimal fix.
| -rw-r--r-- | overlord/devicestate/handlers_serial.go | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/overlord/devicestate/handlers_serial.go b/overlord/devicestate/handlers_serial.go index 3c51439d75..31ce7e0069 100644 --- a/overlord/devicestate/handlers_serial.go +++ b/overlord/devicestate/handlers_serial.go @@ -34,6 +34,7 @@ import ( "gopkg.in/tomb.v2" "github.com/snapcore/snapd/asserts" + "github.com/snapcore/snapd/dirs" "github.com/snapcore/snapd/httputil" "github.com/snapcore/snapd/logger" "github.com/snapcore/snapd/overlord/assertstate" @@ -504,6 +505,9 @@ func getSerial(t *state.Task, regCtx registrationContext, privKey asserts.Privat MayLogBody: true, Proxy: proxyConf.Conf, ProxyConnectHeader: http.Header{"User-Agent": []string{snapdenv.UserAgent()}}, + ExtraSSLCerts: &httputil.ExtraSSLCertsFromDir{ + Dir: dirs.SnapdStoreSSLCertsDir, + }, }) cfg, err := getSerialRequestConfig(t, regCtx, client) |