Fixed issue with cacert parameter
We need to use parameter cacert instead of ca_file parameter
to work with CA certificates like python clients for other
OpenStack services.
Also fixed typo (after copy paste from Glance code).
(cherry picked from commit 1141dd59af
)
Change-Id: Ibe36390aab2f2edb0fe7670f76f61caeb350d34b
Closes-Bug: #1487099
This commit is contained in:
parent
eeb0e31726
commit
5670a3838d
|
@ -66,7 +66,7 @@ class HTTPClient(object):
|
|||
self.timeout = kwargs.get('timeout')
|
||||
|
||||
self.ssl_connection_params = {
|
||||
'ca_file': kwargs.get('ca_file'),
|
||||
'cacert': kwargs.get('cacert'),
|
||||
'cert_file': kwargs.get('cert_file'),
|
||||
'key_file': kwargs.get('key_file'),
|
||||
'insecure': kwargs.get('insecure'),
|
||||
|
@ -77,7 +77,7 @@ class HTTPClient(object):
|
|||
if kwargs.get('insecure'):
|
||||
self.verify_cert = False
|
||||
else:
|
||||
self.verify_cert = kwargs.get('ca_file', get_system_ca_file())
|
||||
self.verify_cert = kwargs.get('cacert', get_system_ca_file())
|
||||
|
||||
def log_curl_request(self, method, url, kwargs):
|
||||
curl = ['curl -i -X %s' % method]
|
||||
|
@ -90,7 +90,7 @@ class HTTPClient(object):
|
|||
conn_params_fmt = [
|
||||
('key_file', '--key %s'),
|
||||
('cert_file', '--cert %s'),
|
||||
('ca_file', '--cacert %s'),
|
||||
('cacert', '--cacert %s'),
|
||||
]
|
||||
for (key, fmt) in conn_params_fmt:
|
||||
value = self.ssl_connection_params.get(key)
|
||||
|
|
|
@ -30,6 +30,7 @@ import six
|
|||
from muranoclient import client as apiclient
|
||||
from muranoclient.common import utils
|
||||
from muranoclient.openstack.common.apiclient import exceptions as exc
|
||||
from muranoclient.openstack.common.gettextutils import _
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
@ -73,6 +74,7 @@ class MuranoShell(object):
|
|||
parser.add_argument('--os-cacert',
|
||||
metavar='<ca-certificate>',
|
||||
default=utils.env('OS_CACERT', default=None),
|
||||
dest='os_cacert',
|
||||
help='Specify a CA bundle file to use in '
|
||||
'verifying a TLS (https) server certificate. '
|
||||
'Defaults to env[OS_CACERT]')
|
||||
|
@ -88,10 +90,9 @@ class MuranoShell(object):
|
|||
'key is prepended to your cert file.')
|
||||
|
||||
parser.add_argument('--ca-file',
|
||||
help='Path of CA SSL certificate(s) used to verify'
|
||||
' the remote server certificate. Without '
|
||||
'this option glance looks for the default '
|
||||
'system CA certificates.')
|
||||
dest='os_cacert',
|
||||
help=_('DEPRECATED! Use %(arg)s.') %
|
||||
{'arg': '--os-cacert'})
|
||||
|
||||
parser.add_argument('--api-timeout',
|
||||
help='Number of seconds to wait for an '
|
||||
|
@ -338,7 +339,7 @@ class MuranoShell(object):
|
|||
kwargs = {
|
||||
'token': token,
|
||||
'insecure': args.insecure,
|
||||
'ca_file': args.ca_file,
|
||||
'cacert': args.os_cacert,
|
||||
'cert_file': args.cert_file,
|
||||
'key_file': args.key_file,
|
||||
'username': args.os_username,
|
||||
|
|
|
@ -442,7 +442,7 @@ class HttpClientTest(testtools.TestCase):
|
|||
self.assertFalse(client.verify_cert)
|
||||
|
||||
def test_passed_cert_to_verify_cert(self, mock_request):
|
||||
client = http.HTTPClient('https://foo', ca_file="NOWHERE")
|
||||
client = http.HTTPClient('https://foo', cacert="NOWHERE")
|
||||
self.assertEqual("NOWHERE", client.verify_cert)
|
||||
|
||||
with mock.patch('muranoclient.common.http.get_system_ca_file') as gsf:
|
||||
|
|
Loading…
Reference in New Issue