percona/percona-toolkit
1
0
Fork 0
mirror of https://github.com/percona/percona-toolkit.git synced 2025-09-09 05:31:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

merged version-check-doesnt-verify-server-cert-1408375

Browse Source
This commit is contained in:
Frank Cizmich
2015-01-20 13:58:28 -02:00
parent 5237185732 c3462b6c68
commit 6d618a4912
20 changed files with 194 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
bin/pt-archiver
View File

@@ -4421,7 +4421,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -4943,11 +4944,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -5384,6 +5386,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-config-diff
View File

@@ -4193,7 +4193,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -4715,11 +4716,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -5156,6 +5158,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-deadlock-logger
View File

@@ -3258,7 +3258,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -3780,11 +3781,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -4221,6 +4223,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-diskstats
View File

@@ -3828,7 +3828,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -4350,11 +4351,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -4791,6 +4793,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-duplicate-key-checker
View File

@@ -3845,7 +3845,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -4367,11 +4368,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -4808,6 +4810,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-find
View File

@@ -2572,7 +2572,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -3094,11 +3095,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -3535,6 +3537,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-fk-error-logger
View File

@@ -2763,7 +2763,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -3285,11 +3286,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -3726,6 +3728,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-heartbeat
View File

@@ -3744,7 +3744,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -4266,11 +4267,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -4707,6 +4709,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-index-usage
View File

@@ -5249,7 +5249,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -5771,11 +5772,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -6212,6 +6214,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-kill
View File

@@ -5575,7 +5575,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -6097,11 +6098,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -6538,6 +6540,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-online-schema-change
View File

@@ -6577,7 +6577,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -7099,11 +7100,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -7540,6 +7542,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-query-digest
View File

@@ -11833,7 +11833,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -12355,11 +12356,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -12796,6 +12798,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-slave-delay
View File

@@ -3097,7 +3097,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -3619,11 +3620,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -4060,6 +4062,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-slave-restart
View File

@@ -3746,7 +3746,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -4268,11 +4269,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -4709,6 +4711,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-table-checksum
View File

@@ -332,7 +332,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -854,11 +855,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -1295,6 +1297,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-table-sync
View File

@@ -8605,7 +8605,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -9127,11 +9128,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -9568,6 +9570,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-upgrade
View File

@@ -3569,7 +3569,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -4091,11 +4092,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -4532,6 +4534,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

13
bin/pt-variable-advisor
View File

@@ -4004,7 +4004,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
my $fh = $self->{fh};
@@ -4526,11 +4527,12 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
my $protocol = 'https'; # optimistic, but...
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
@@ -4967,6 +4969,11 @@ sub get_from_mysql {
return;
}
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {

3
lib/HTTP/Micro.pm
View File

@@ -237,7 +237,8 @@ sub _split_url {
ref($self->{fh}) eq 'IO::Socket::SSL'
or die(qq/SSL connection failed for $host\n/);
if ( $self->{fh}->can("verify_hostname") ) {
$self->{fh}->verify_hostname( $host, $ssl_verify_args );
$self->{fh}->verify_hostname( $host, $ssl_verify_args )
or die(qq/SSL certificate not valid for $host\n/);
}
else {
# Can't use $self->{fh}->verify_hostname because the IO::Socket::SSL

17
lib/VersionCheck.pm
View File

@@ -138,17 +138,17 @@ sub version_check {
PTDEBUG && _d(scalar @$instances_to_check, 'instances to check');
return unless @$instances_to_check;
# Get the list of program to check from Percona. Try using
# https first; fallback to http if that fails (probably because
# IO::Socket::SSL isn't installed).
my $protocol = 'https'; # optimistic, but...
# Skip Version Check altogether if SSL not available
my $protocol = 'https';
eval { require IO::Socket::SSL; };
if ( $EVAL_ERROR ) {
PTDEBUG && _d($EVAL_ERROR);
$protocol = 'http';
PTDEBUG && _d("SSL not available, won't run version_check");
return;
}
PTDEBUG && _d('Using', $protocol);
# Get list of programs to check from Percona.
my $advice = pingback(
instances => $instances_to_check,
protocol => $protocol,
@@ -644,6 +644,13 @@ sub get_from_mysql {
return;
}
# hardcode the variables we report
# so in case of MITM attack, we don't report sensitive data
if ($item->{item} eq 'MySQL' && $item->{type} eq 'mysql_variable') {
$item->{vars} = ['version_comment', 'version'];
}
my @versions;
my %version_for;
foreach my $instance ( @$instances ) {