Browse Source

LBaaS dashboard resepects OPENSTACK_SSL settings

Currently when creating a session, the LBaaS dashboard API doesn't respect
OPENSTACK_SSL_NO_VERIFY and OPENSTACK_SSL_CACERT.  This patch directly
addresses that by checking those values, then applying the appropriate logic
for passing into the 'verify' parameter when creating a Session.

Change-Id: Ie452b32353e1430127994644725723ec917602d0
Closes-Bug: 1609843
changes/78/446178/1
Matt Borland 5 years ago
parent
commit
aba14a4ccd
  1. 8
      neutron_lbaas_dashboard/api/rest/barbican.py

8
neutron_lbaas_dashboard/api/rest/barbican.py

@ -44,7 +44,13 @@ def barbicanclient(request):
request.user.token.id,
project_id=project_id,
project_domain_id=domain_id)
return barbican_client.Client(session=session.Session(auth=auth),
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
# If 'insecure' is True, 'verify' is False in all cases; otherwise
# pass the cacert path if it is present, or True if no cacert.
verify = not insecure and (cacert or True)
return barbican_client.Client(session=session.Session(auth=auth,
verify=verify),
endpoint=endpoint,
region_name=region)

Loading…
Cancel
Save