Replace httplib.HTTPSConnection in unittests

SSL Verification is from now on enabled by default for the TestOpenStackClient. So far no unittests was making actively use of httplib.HTTPSConnection. Intention is to reduce noise of audits/scanners which look for Python 2.x httplib.HTTPSConnection missing SSL verification. By completely abandoning the use of httplib.HTTPSConnection. Change-Id: Ic0352cf453d5c41f09084a6d68b3393b8ddda84a Partial-Bug: 1188189
2014-02-23 09:30:00 +01:00 · 2014-02-23 09:30:00 +01:00 · 0f9652d92e
parent c2807f0ed4
commit 0f9652d92e
3 changed files with 25 additions and 26 deletions
--- a/cinder/tests/integrated/api/client.py
+++ b/cinder/tests/integrated/api/client.py
@ -12,7 +12,8 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-import httplib
+import netaddr
+import requests
 import urlparse

 from cinder.openstack.common import jsonutils
@ -30,8 +31,8 @@ class OpenStackApiException(Exception):

        if response:
            message = _('%(message)s\nStatus Code: %(_status)s\n'
-                        'Body: %(_body)s') % {'_status': response.status,
-                                              '_body': response.read()}
+                        'Body: %(_body)s') % {'_status': response.status_code,
+                                              '_body': response.text}

        super(OpenStackApiException, self).__init__(message)

@ -76,7 +77,8 @@ class TestOpenStackClient(object):
        # default project_id
        self.project_id = 'openstack'

-    def request(self, url, method='GET', body=None, headers=None):
+    def request(self, url, method='GET', body=None, headers=None,
+                ssl_verify=True, stream=False):
        _headers = {'Content-Type': 'application/json'}
        _headers.update(headers or {})

@ -85,14 +87,8 @@ class TestOpenStackClient(object):
        hostname = parsed_url.hostname
        scheme = parsed_url.scheme

-        if scheme == 'http':
-            conn = httplib.HTTPConnection(hostname,
-                                          port=port)
-        elif scheme == 'https':
-            conn = httplib.HTTPSConnection(hostname,
-                                           port=port)
-        else:
-            raise OpenStackApiException("Unknown scheme: %s" % url)
+        if netaddr.valid_ipv6(hostname):
+            hostname = "[%s]" % hostname

        relative_url = parsed_url.path
        if parsed_url.query:
@ -102,8 +98,14 @@ class TestOpenStackClient(object):
        if body:
            LOG.info(_("Body: %s") % body)

-        conn.request(method, relative_url, body, _headers)
-        response = conn.getresponse()
+        if port:
+            _url = "%s://%s:%d%s" % (scheme, hostname, int(port), relative_url)
+        else:
+            _url = "%s://%s%s" % (scheme, hostname, relative_url)
+
+        response = requests.request(method, _url, data=body, headers=_headers,
+                                    verify=ssl_verify, stream=stream)
+
        return response

    def _authenticate(self):
@ -117,18 +119,14 @@ class TestOpenStackClient(object):
        response = self.request(auth_uri,
                                headers=headers)

-        http_status = response.status
+        http_status = response.status_code
        LOG.debug(_("%(auth_uri)s => code %(http_status)s"),
                  {'auth_uri': auth_uri, 'http_status': http_status})

        if http_status == 401:
            raise OpenStackApiAuthenticationException(response=response)

-        auth_headers = {}
-        for k, v in response.getheaders():
-            auth_headers[k] = v
-
-        self.auth_result = auth_headers
+        self.auth_result = response.headers
        return self.auth_result

    def api_request(self, relative_uri, check_response_status=None, **kwargs):
@ -144,7 +142,7 @@ class TestOpenStackClient(object):

        response = self.request(full_uri, **kwargs)

-        http_status = response.status
+        http_status = response.status_code
        LOG.debug(_("%(relative_uri)s => code %(http_status)s"),
                  {'relative_uri': relative_uri, 'http_status': http_status})

@ -162,7 +160,7 @@ class TestOpenStackClient(object):
        return response

    def _decode_json(self, response):
-        body = response.read()
+        body = response.text
        LOG.debug(_("Decoding JSON: %s") % (body))
        if body:
            return jsonutils.loads(body)
--- a/cinder/tests/integrated/test_extensions.py
+++ b/cinder/tests/integrated/test_extensions.py
@ -36,6 +36,6 @@ class ExtensionsTest(integrated_helpers._IntegratedTestBase):
    def test_get_foxnsocks(self):
        """Simple check that fox-n-socks works."""
        response = self.api.api_request('/foxnsocks')
-        foxnsocks = response.read()
+        foxnsocks = response.text
        LOG.debug("foxnsocks: %s" % foxnsocks)
        self.assertEqual('Try to say this Mr. Knox, sir...', foxnsocks)
--- a/cinder/tests/integrated/test_xml.py
+++ b/cinder/tests/integrated/test_xml.py
@ -42,8 +42,9 @@ class XmlTests(integrated_helpers._IntegratedTestBase):
        headers = {}
        headers['Accept'] = 'application/xml'

-        response = self.api.api_request('/volumes', headers=headers)
-        data = response.read()
+        response = self.api.api_request('/volumes', headers=headers,
+                                        stream=True)
+        data = response.raw
        LOG.warn("data: %s" % data)
-        root = etree.XML(data)
+        root = etree.parse(data).getroot()
        self.assertEqual(root.nsmap.get(None), common.XML_NS_V1)