Deal with PEP-0476 certificate chaining checking
PEP-0476 introduced more thorough certificate chain verfication
for HTTPS connectivity; this was introduced in Python 2.7.9, and
breaks a number of unit tests in the neutron codebase.
Disable certificate chain verification for keystone SSL tests
using the backwards compatible SSLContext provided for this
purpose.
Closes-Bug: #1403068
(cherry picked from commit 1d75a6fd3b
)
Change-Id: I25859d8981a022b4f625ce57ecd28da3820a7b17
This commit is contained in:
parent
877df583da
commit
91cc867eb6
|
@ -17,6 +17,7 @@
|
|||
|
||||
import os
|
||||
import socket
|
||||
import ssl
|
||||
import urllib2
|
||||
|
||||
import mock
|
||||
|
@ -38,7 +39,17 @@ TEST_VAR_DIR = os.path.abspath(os.path.join(os.path.dirname(__file__),
|
|||
|
||||
|
||||
def open_no_proxy(*args, **kwargs):
|
||||
opener = urllib2.build_opener(urllib2.ProxyHandler({}))
|
||||
# NOTE(jamespage):
|
||||
# Deal with more secure certification chain verficiation
|
||||
# introduced in python 2.7.9 under PEP-0476
|
||||
# https://github.com/python/peps/blob/master/pep-0476.txt
|
||||
if hasattr(ssl, "_create_unverified_context"):
|
||||
opener = urllib2.build_opener(
|
||||
urllib2.ProxyHandler({}),
|
||||
urllib2.HTTPSHandler(context=ssl._create_unverified_context())
|
||||
)
|
||||
else:
|
||||
opener = urllib2.build_opener(urllib2.ProxyHandler({}))
|
||||
return opener.open(*args, **kwargs)
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue