From 2e5db5af44084d2adfc190ec6b928b16ac55c354 Mon Sep 17 00:00:00 2001 From: Richard Hansen Date: Mon, 6 Jul 2020 17:14:08 -0400 Subject: [PATCH 1/3] Fix detection of `get_ip` caller This was broken in f6f920eb3971a0d239b564fb53d7176e97ece9be. --- ddclient.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ddclient.in b/ddclient.in index 41bac06..76170fe 100755 --- a/ddclient.in +++ b/ddclient.in @@ -1987,7 +1987,7 @@ sub geturl { opt('fw') && debug("opt(fw = %s)", opt('fw')); $globals{'fw'} && debug("glo fw = %s", $globals{'fw'}); ## always omit SSL for connections to local router - if ($force_ssl || ($globals{'ssl'} && ((caller(1))[3] // '') ne 'main::get_ip')) { + if ($force_ssl || ($globals{'ssl'} && ((caller(1))[3] // '') ne 'ddclient::get_ip')) { $use_ssl = 1; $default_port = '443'; } else { From 7921c5360516b3f90fd3b4949b32dd7124e29c0e Mon Sep 17 00:00:00 2001 From: Richard Hansen Date: Mon, 6 Jul 2020 20:14:16 -0400 Subject: [PATCH 2/3] Explicitly tell `geturl` to ignore the global `ssl` option Changing behavior based on the identity of the caller is fragile and makes the code difficult to understand. --- ddclient.in | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/ddclient.in b/ddclient.in index 76170fe..2d753e1 100755 --- a/ddclient.in +++ b/ddclient.in @@ -1986,8 +1986,7 @@ sub geturl { opt('fw') && debug("opt(fw = %s)", opt('fw')); $globals{'fw'} && debug("glo fw = %s", $globals{'fw'}); - ## always omit SSL for connections to local router - if ($force_ssl || ($globals{'ssl'} && ((caller(1))[3] // '') ne 'ddclient::get_ip')) { + if ($force_ssl || ($globals{'ssl'} && !($params->{ignore_ssl_option} // 0))) { $use_ssl = 1; $default_port = '443'; } else { @@ -2167,7 +2166,11 @@ sub get_ip { $arg = $url; if ($url) { - $reply = geturl({ proxy => opt('proxy', $h), url => $url }) || ''; + $reply = geturl({ + proxy => opt('proxy', $h), + url => $url, + ignore_ssl_option => 1, + }) || ''; } } elsif (($use eq 'cisco')) { @@ -2188,6 +2191,7 @@ sub get_ip { url => $url, login => opt('fw-login', $h), password => opt('fw-password', $h), + ignore_ssl_option => 1, }) || ''; $arg = $url; @@ -2209,6 +2213,7 @@ sub get_ip { url => $url, login => opt('fw-login', $h), password => opt('fw-password', $h), + ignore_ssl_option => 1, }) || ''; $arg = $url; @@ -2227,6 +2232,7 @@ sub get_ip { url => $url, login => opt('fw-login', $h), password => opt('fw-password', $h), + ignore_ssl_option => 1, }) || ''; } } From 03dffae74e839f5c9065dac553ddf04ddcd85944 Mon Sep 17 00:00:00 2001 From: Richard Hansen Date: Mon, 6 Jul 2020 20:20:01 -0400 Subject: [PATCH 3/3] Honor the `ssl` option for the `web` URL --- ChangeLog.md | 1 + ddclient.in | 6 +----- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/ChangeLog.md b/ChangeLog.md index 142cf2c..5a5ad5f 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -28,6 +28,7 @@ repository history](https://github.com/ddclient/ddclient/commits/master). * Fixed a regression introduced in v3.9.0 that caused `use=ip,ip=` to fail. * "true" is now accepted as a boolean value. + * The `ssl` option now applies to the `web` URL. ### Compatibility and dependency changes diff --git a/ddclient.in b/ddclient.in index 2d753e1..c2a25da 100755 --- a/ddclient.in +++ b/ddclient.in @@ -2166,11 +2166,7 @@ sub get_ip { $arg = $url; if ($url) { - $reply = geturl({ - proxy => opt('proxy', $h), - url => $url, - ignore_ssl_option => 1, - }) || ''; + $reply = geturl({ proxy => opt('proxy', $h), url => $url }) || ''; } } elsif (($use eq 'cisco')) {