Comment 15 for bug 1411063
Revision history for this message
| Guang Yee (guang-yee) wrote Re: S3token incorrect condition expression for ssl_insecure | #15 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
+1 for both the patch and impact desc.
For the tests, 'someweirdvalue' is interpreted as False sound too lenient. I think we should tighten it up a bit in the future.
btw, I haven't came across a deployment where the insecure flag, if set, is meant to "enable" cert validation. Its always the other way around. If "insecure" is set, its most likely meant to turn off cert validate regardless of its value. So the impact may not as bad as we think.