From cdfc7a9aa14286d848f05fad6ecd98f727bc580a Mon Sep 17 00:00:00 2001 From: Timothe Litt Date: Mon, 25 Mar 2024 14:21:20 -0400 Subject: [PATCH] Fix test failures from curl warnings that --ftp-ssl is insecure Replaced with --ssl-reqd. Note that --ftp-ssl-reqd is an old alias for --ssl-reqd. --ftp-ssl-reqd is equivalent, but could eventually go away. -ssl-reqd has been supported since curl version 7.20.0 - in 2010 (though a related CVE was fixed in 7.79.0 in 2021...) So this change shouldn't inconvenience any getssl users. --- getssl | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/getssl b/getssl index 7829b566..2f8b968c 100755 --- a/getssl +++ b/getssl @@ -1115,14 +1115,14 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required. SFTP_PORT=":990" fi # shellcheck disable=SC2086 - debug curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftps://${ftphost}${SFTP_PORT}/${ftpdirn}/" + debug curl ${_NOMETER} $FTPS_OPTIONS --ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftps://${ftphost}${SFTP_PORT}/${ftpdirn}/" # shellcheck disable=SC2086 - curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftps://${ftphost}${SFTP_PORT}/${ftpdirn}/" + curl ${_NOMETER} $FTPS_OPTIONS --ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftps://${ftphost}${SFTP_PORT}/${ftpdirn}/" else # shellcheck disable=SC2086 - debug curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftp://${ftphost}${SFTP_PORT}/${ftpdirn}/" + debug curl ${_NOMETER} $FTPS_OPTIONS --ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftp://${ftphost}${SFTP_PORT}/${ftpdirn}/" # shellcheck disable=SC2086 - curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftp://${ftphost}${SFTP_PORT}/${ftpdirn}/" + curl ${_NOMETER} $FTPS_OPTIONS --ssl-reqd -u "${ftpuser}:${ftppass}" -T "${fromdir}/${fromfile}" "ftp://${ftphost}${SFTP_PORT}/${ftpdirn}/" fi else if ! mkdir -p "$(dirname "$to")" ; then @@ -1620,10 +1620,10 @@ for d in "${alldomains[@]}"; do if [[ "${to:0:5}" == "ftps:" ]] ; then [ -z "$FTP_PORT" ] && SFTP_PORT=":990" # shellcheck disable=SC2086 - curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" --silent -Q "DELE /${ftplocn}/${token:?}}" "ftp://${ftphost}${SFTP_PORT}/${ftplocn}/" + curl ${_NOMETER} $FTPS_OPTIONS --ssl-reqd -u "${ftpuser}:${ftppass}" --silent -Q "DELE /${ftplocn}/${token:?}}" "ftp://${ftphost}${SFTP_PORT}/${ftplocn}/" else # shellcheck disable=SC2086 - curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" --silent -Q "DELE /${ftplocn}/${token:?}" "ftp://${ftphost}${SFTP_PORT}/${ftplocn}/" + curl ${_NOMETER} $FTPS_OPTIONS --ssl-reqd -u "${ftpuser}:${ftppass}" --silent -Q "DELE /${ftplocn}/${token:?}" "ftp://${ftphost}${SFTP_PORT}/${ftplocn}/" fi else rm -f "${t_loc:?}/${token:?}"