[JIRA] (JENKINS-62033) Swarm client -disableSslVerification option does not disable SSL hostname verification

[me@basilcrow.com (JIRA)]

Basil Crow updated an issue

Jenkins / JENKINS-62033 Swarm client -disableSslVerification option does not disable SSL hostname verification Change By: Basil Crow Summary: Swarm client -disableSslVerification option does not disable SSL host hostname verification Add Comment

This message was sent by Atlassian Jira (v7.13.12#713012-sha1:6e07c38)

[me@basilcrow.com (JIRA)]

Basil Crow assigned an issue to Basil Crow

Jenkins / JENKINS-62033 Swarm client -disableSslVerification option does not disable SSL hostname verification

Change By: Basil Crow Assignee: Basil Crow

Add Comment

[me@basilcrow.com (JIRA)]

Basil Crow updated JENKINS-62033

Jenkins / JENKINS-62033 Swarm client -disableSslVerification option does not disable SSL hostname verification

Change By: Basil Crow Status: In Progress Review

Add Comment

[me@basilcrow.com (JIRA)]

Basil Crow started work on JENKINS-62033

Change By: Basil Crow Status: Open In Progress

Add Comment

[me@basilcrow.com (JIRA)]

Basil Crow commented on JENKINS-62033

Re: Swarm client -disableSslVerification option does not disable SSL hostname verification Thanks for reporting this, Brian Farrell. I've opened jenkinsci/swarm-plugin#200 with a fix. Can you please try this snapshot build and confirm that the issue is resolved?

Add Comment

[brianrobotics@gmail.com (JIRA)]

Brian Farrell commented on JENKINS-62033

Re: Swarm client -disableSslVerification option does not disable SSL hostname verification

Basil,   Thanks, that worked great.  Here is the output:   /usr/bin/java -jar /tmp/swarm-3.20-snapshot.jar \   -disableSslVerification -deleteExistingClients \   -disableClientsUniqueId -showHostName \   -noRetryAfterConnected \    -executors=7 \   -labels 'blftest' \   -master https://myjenkins.example.com \   -username jenkins -passwordEnvVariable ADMIN_PSW Apr 27, 2020 2:43:17 PM hudson.plugins.swarm.Client logArguments INFO: Client invoked with: -deleteExistingClients true -disableClientsUniqueId true -disableSslVerification true -executors 7 -labels [blftest] -master https://myjenkins.example.com -noRetryAfterConnected true -passwordEnvVariable ADMIN_PSW -showHostName true -username ***** Apr 27, 2020 2:43:17 PM hudson.plugins.swarm.Client run INFO: Discovering Jenkins master Apr 27, 2020 2:43:19 PM hudson.plugins.swarm.Client run INFO: Attempting to connect to https://myjenkins.example.com/ 3e83541e-5408-43be-b31e-ee29d6ecfc0d with ID Apr 27, 2020 2:43:19 PM hudson.plugins.swarm.SwarmClient getCsrfCrumb SEVERE: Could not obtain CSRF crumb. Response code: 404 Skipping HTTPS certificate checks altogether. Note that this is not secure at all. Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main createEngine INFO: Setting up agent: blflinux0.mydomain Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main$CuiListener <init> INFO: Jenkins agent is running in headless mode. Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main createEngine WARNING: Certificate validation for HTTPs endpoints is disabled Apr 27, 2020 2:43:19 PM hudson.remoting.Engine startEngine INFO: Using Remoting version: 4.3 Apr 27, 2020 2:43:19 PM org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDir INFO: Using ./remoting as a remoting work directory Apr 27, 2020 2:43:19 PM org.jenkinsci.remoting.engine.WorkDirManager setupLogging INFO: Both error and output logs will be printed to ./remoting Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main$CuiListener status INFO: Locating server among https://myjenkins.example.com/ Apr 27, 2020 2:43:19 PM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver openURLConnection WARNING: HTTPs certificate check is disabled for the endpoint. Apr 27, 2020 2:43:19 PM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver resolve INFO: Remoting server accepts the following protocols: [JNLP4-connect, Ping] Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main$CuiListener status INFO: Agent discovery successful Agent address: myjenkins.example.com Agent port: 32300 Identity: d2:b4:83:36:94:c2:e5:f9:5e:8c:fa:2b:1e:4f:0f:c8 Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main$CuiListener status INFO: Handshaking Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main$CuiListener status INFO: Connecting to myjenkins.example.com:32300 Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main$CuiListener status INFO: Trying protocol: JNLP4-connect Apr 27, 2020 2:43:19 PM hudson.remoting.jnlp.Main$CuiListener status INFO: Remote identity confirmed: d2:b4:83:36:94:c2:e5:f9:5e:8c:fa:2b:1e:4f:0f:c8 Apr 27, 2020 2:43:20 PM hudson.remoting.jnlp.Main$CuiListener status INFO: Connected

Add Comment

[me@basilcrow.com (JIRA)]

Basil Crow updated JENKINS-62033

Fixed in jenkinsci/swarm-plugin#200.

Jenkins / JENKINS-62033

Swarm client -disableSslVerification option does not disable SSL hostname verification

Change By: Basil Crow Status: In Review Fixed but Unreleased Resolution: Fixed

Add Comment