From b96f6130265797489e684a4bc123a7a1f5118d2c Mon Sep 17 00:00:00 2001 From: James Page Date: Fri, 19 Dec 2014 12:49:17 +0000 Subject: [PATCH] Update HTTPS certificate handling for pep-0476 This pep (included in python 2.7.9) changes the behaviour of SSL certificate chain handling to be more py3 like. Include required new exception behaviour in the list of exceptions to translate under py2. https://github.com/python/peps/blob/master/pep-0476.txt Closes-Bug: 1404227 Change-Id: I7da1a13d1ec861a07fd96684d0431508a214a2c8 --- glanceclient/common/https.py | 6 +++++- tests/test_ssl.py | 2 ++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/glanceclient/common/https.py b/glanceclient/common/https.py index 6baa6afb..e29ea663 100644 --- a/glanceclient/common/https.py +++ b/glanceclient/common/https.py @@ -149,7 +149,11 @@ class VerifiedHTTPSConnection(HTTPSConnection): if six.PY3: excp_lst = (TypeError, FileNotFoundError, ssl.SSLError) else: - excp_lst = () + # NOTE(jamespage) + # Accomodate changes in behaviour for pep-0467, introduced + # in python 2.7.9. + # https://github.com/python/peps/blob/master/pep-0476.txt + excp_lst = (TypeError, IOError, ssl.SSLError) try: HTTPSConnection.__init__(self, host, port, key_file=key_file, diff --git a/tests/test_ssl.py b/tests/test_ssl.py index 013d18fb..23eee16e 100644 --- a/tests/test_ssl.py +++ b/tests/test_ssl.py @@ -109,8 +109,10 @@ class TestVerifiedHTTPSConnection(testtools.TestCase): """ cert_file = os.path.join(TEST_VAR_DIR, 'certificate.crt') cacert = os.path.join(TEST_VAR_DIR, 'ca.crt') + key_file = os.path.join(TEST_VAR_DIR, 'badkey.key') try: https.VerifiedHTTPSConnection('127.0.0.1', 0, + key_file=key_file, cert_file=cert_file, cacert=cacert) self.fail('Failed to raise assertion.')