Add support for processing insecure
python-openstackclient uses this on the command line - and has to go through a bunch of shenanigans to get it processed correct. Just do it ourselves from the get-go so that we can just remove the stress from osc. Change-Id: I25ce459eb38ec246260e1792035f26d46729c920
This commit is contained in:
parent
66f3d14437
commit
cf47f3f7c0
|
@ -174,11 +174,16 @@ class CloudRegion(object):
|
|||
|
||||
def get_requests_verify_args(self):
|
||||
"""Return the verify and cert values for the requests library."""
|
||||
if self.config.get('verify') and self.config.get('cacert'):
|
||||
verify = self.config.get('cacert')
|
||||
insecure = self.config.get('insecure', False)
|
||||
verify = self.config.get('verify', True)
|
||||
cacert = self.config.get('cacert')
|
||||
# Insecure is the most aggressive setting, so it wins
|
||||
if insecure:
|
||||
verify = False
|
||||
if verify and cacert:
|
||||
verify = cacert
|
||||
else:
|
||||
verify = self.config.get('verify')
|
||||
if self.config.get('cacert'):
|
||||
if cacert:
|
||||
warnings.warn(
|
||||
"You are specifying a cacert for the cloud {full_name}"
|
||||
" but also to ignore the host verification. The host SSL"
|
||||
|
|
|
@ -99,6 +99,11 @@ class TestCloudRegion(base.TestCase):
|
|||
(verify, cert) = cc.get_requests_verify_args()
|
||||
self.assertTrue(verify)
|
||||
|
||||
config_dict['insecure'] = True
|
||||
cc = cloud_region.CloudRegion("test1", "region-xx", config_dict)
|
||||
(verify, cert) = cc.get_requests_verify_args()
|
||||
self.assertFalse(verify)
|
||||
|
||||
def test_verify_cacert(self):
|
||||
config_dict = copy.deepcopy(fake_config_dict)
|
||||
config_dict['cacert'] = "certfile"
|
||||
|
@ -113,6 +118,11 @@ class TestCloudRegion(base.TestCase):
|
|||
(verify, cert) = cc.get_requests_verify_args()
|
||||
self.assertEqual("certfile", verify)
|
||||
|
||||
config_dict['insecure'] = True
|
||||
cc = cloud_region.CloudRegion("test1", "region-xx", config_dict)
|
||||
(verify, cert) = cc.get_requests_verify_args()
|
||||
self.assertEqual(False, verify)
|
||||
|
||||
def test_cert_with_key(self):
|
||||
config_dict = copy.deepcopy(fake_config_dict)
|
||||
config_dict['cacert'] = None
|
||||
|
|
Loading…
Reference in New Issue