Within the environment, add a new directory value which points to the
directory containing the valid insecure private keys. A new default
private key paths value contains an array of all the insecure private
keys which are available for initial authentication.
When performing a request via curl on Windows using schannel, ssl
certificate revocation checks does not handle verification failures
gracefully when an error is encountered that is unrelated to the actual
revocation of a certificate.
A new option is available to perform best effort revocation checks on
curl, so this is enabled by default on the Windows platform. A new
config option (`box_download_disable_ssl_revoke_best_effort`) has also
been added which can be optionally enabled to restore previous behavior
which results in a hard error if any error is encountered.
On OpenSSL 3, engines have been deprecated being replaced by providers.
The Ruby openssl library supported loading specific engines, but there
is no replacement currently using providers. The winrm communicator
specifically relies on a MD4 which OpenSSL has marked as legacy and no
longer loads by default.
The extension included loads the legacy provider as well as the default
provider. The legacy provider includes MD4, thus allowing winrm to
function again.
Recent versions of OpenSSH remove support of ssh-rsa key types and host
key algorithms from the default conection configuration. Set options to
enable them and provide a configuration option which can disable them if
required.
Box's are global to Vagrant. Multiple Vagrant process can all
access the box directory for both downloading and extracting boxes.
A file mutex will ensure that mulitple Vagrant process will not
trample eachother if they are trying to download the same box.
Only load the dependencies needed for the serve command if the serve
command is being run. This allows Vagrant to properly load on platforms
where some of the dependency libraries may not be available due to
incompatibilities or being EOL.
If the value of the machine folder can not be found in the
system properties, report a user friendly error message and
include relevant information in the logs for debugging.
When a box version (or constraint) is provided with an invalid
format, rescue the error and return a customized error with
information for the user explaining the problem.
If a provider is unusable then Usable() will throw an error. When
checking for a default provider, Vagrant should not raise an error
if there is an issue with executing Usable().
The fake_ftp patches should only be applied when running tests. Since
the library is a development dependency only, it will not be available
for loading from a release.
