LBaaS dashboard resepects OPENSTACK_SSL settings

Currently when creating a session, the LBaaS dashboard API doesn't respect
OPENSTACK_SSL_NO_VERIFY and OPENSTACK_SSL_CACERT.  This patch directly
addresses that by checking those values, then applying the appropriate logic
for passing into the 'verify' parameter when creating a Session.

Change-Id: Ie452b32353e1430127994644725723ec917602d0
Closes-Bug: 1609843
This commit is contained in:
Matt Borland 2016-08-04 08:54:10 -06:00
parent 625f5c12ab
commit aba14a4ccd
1 changed files with 7 additions and 1 deletions

View File

@ -44,7 +44,13 @@ def barbicanclient(request):
request.user.token.id,
project_id=project_id,
project_domain_id=domain_id)
return barbican_client.Client(session=session.Session(auth=auth),
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
# If 'insecure' is True, 'verify' is False in all cases; otherwise
# pass the cacert path if it is present, or True if no cacert.
verify = not insecure and (cacert or True)
return barbican_client.Client(session=session.Session(auth=auth,
verify=verify),
endpoint=endpoint,
region_name=region)