Fix CA certificate handling
If --os-cacert was passed to the cli the following error was triggered: "cafile must be None or a byte string". This is because 'load_verify_locations' requires a byte string to be passed in. We fix this by explicitly converting the argument to a byte string. We do this in 'VerifiedHTTPSConnection' rather than sooner, eg during arg handling, as it will no longer be required should we move to a different http library (eg requests). Fixes bug 1301849. Change-Id: I9014f5d040cae9f0b6f03d8f13de8419597560cb
This commit is contained in:
parent
dbefc1a3b1
commit
6626f38cda
|
@ -378,7 +378,7 @@ class VerifiedHTTPSConnection(HTTPSConnection):
|
|||
self.timeout = timeout
|
||||
self.insecure = insecure
|
||||
self.ssl_compression = ssl_compression
|
||||
self.cacert = cacert
|
||||
self.cacert = None if cacert is None else str(cacert)
|
||||
self.setcontext()
|
||||
# ssl exceptions are reported in various form in Python 3
|
||||
# so to be compatible, we report the same kind as under
|
||||
|
|
|
@ -274,3 +274,24 @@ class TestVerifiedHTTPSConnection(testtools.TestCase):
|
|||
cacert=cacert, ssl_compression=False)
|
||||
except exc.SSLConfigurationError:
|
||||
self.fail('Failed to init VerifiedHTTPSConnection.')
|
||||
|
||||
def test_ssl_init_non_byte_string(self):
|
||||
"""
|
||||
Test VerifiedHTTPSConnection class non byte string
|
||||
|
||||
Reproduces bug #1301849
|
||||
"""
|
||||
key_file = os.path.join(TEST_VAR_DIR, 'privatekey.key')
|
||||
cert_file = os.path.join(TEST_VAR_DIR, 'certificate.crt')
|
||||
cacert = os.path.join(TEST_VAR_DIR, 'ca.crt')
|
||||
# Note: we reproduce on python 2.6/2.7, on 3.3 the bug doesn't occur.
|
||||
key_file = key_file.encode('ascii', 'strict').decode('utf-8')
|
||||
cert_file = cert_file.encode('ascii', 'strict').decode('utf-8')
|
||||
cacert = cacert.encode('ascii', 'strict').decode('utf-8')
|
||||
try:
|
||||
conn = http.VerifiedHTTPSConnection('127.0.0.1', 0,
|
||||
key_file=key_file,
|
||||
cert_file=cert_file,
|
||||
cacert=cacert)
|
||||
except exc.SSLConfigurationError:
|
||||
self.fail('Failed to init VerifiedHTTPSConnection.')
|
||||
|
|
Loading…
Reference in New Issue