Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-4445

authnz_ldap module verifyServerCert parameter ignores non true value

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: apache
    • Labels:
      None
    • Template:
      MODULES Bug Template
    • Epic Link:
    • Team:
      Modules
    • QA Risk Assessment:
      Needs Assessment

      Description

      In the apache::mod::authnz_ldap class, the parameter $verifyServerCert accepts a boolean value, but it actually ignores a false value. On line 13, it tests if $verifyServerCert, and if true, it issues a deprecation warning and continues to set the value of the private variable. However, because it only tests truthiness and not the actual values true or false, no deprecation warning is issued if the $verifyServerCert variable is false; the default value $verify_server_cert is used instead.

      The work around for me here is to stop using the deprecated parameter, but because of the bug, I did not see any deprecated warnings, and only found out that it was deprecated because the value I originally set, false, changed the output.

        Attachments

          Activity

            People

            Assignee:
            eric.putnam Eric Putnam
            Reporter:
            dbeckham Daniel Beckham
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Zendesk Support