Retry SSL checks on negotiation failure.release-0.29

This prevents an endless loop.
author: Steve Kemp <steve@steve.org.uk> 2016-07-13 12:46:20 +0300
committer: Steve Kemp <steve@steve.org.uk> 2016-07-13 12:46:20 +0300
commit: f04e2b87aeb6f166283fd1d26b2d6cfcc4b40906 (patch)
tree: 00e5b5acebace64323b9c361e85a51db39cfdd09
parent: 9366c1eda2967d6931efd6e73134dc79fb8a5cd2 (diff)
2 files changed, 8 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 3d4c843..4ea9fbc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+custodian (0.29) stable; urgency=low
+
+  * Correctly handle retries on SSL negotiation failures.
+
+ -- Steve Kemp <steve@bytemark.co.uk>  Wed, 13 Jul 2016 12:44:21 +0100
+
 custodian (0.28) stable; urgency=low
 
   * Added TFTP protocol tester.
diff --git a/lib/custodian/protocoltest/ssl.rb b/lib/custodian/protocoltest/ssl.rb
index 170a6f0..536879e 100644
--- a/lib/custodian/protocoltest/ssl.rb
+++ b/lib/custodian/protocoltest/ssl.rb
@@ -173,8 +173,10 @@ class SSLCheck
       end
     rescue OpenSSL::SSL::SSLError => err
       unless retried
+        #
         # retry with a different context
         #
+        retried = true
         ctx = OpenSSL::SSL::SSLContext.new(:SSLv3_client)
         retry
       end
author	Steve Kemp <steve@steve.org.uk>	2016-07-13 12:46:20 +0300
committer	Steve Kemp <steve@steve.org.uk>	2016-07-13 12:46:20 +0300
commit	f04e2b87aeb6f166283fd1d26b2d6cfcc4b40906 (patch)
tree	00e5b5acebace64323b9c361e85a51db39cfdd09
parent	9366c1eda2967d6931efd6e73134dc79fb8a5cd2 (diff)