Browse Source

Fix client when using no ssl compression

Since the release of the 0.16.1 client, using the 'no ssl compression'
option, whether on the command line, or via the library -- Nova does this by
default -- a stack trace was generated.

Closes-bug: 1442664
Related-bug: 1357430

Change-Id: I2b8ddcb0a7ae3cfccdfc20d3ba476f3b4f4ec32d
(cherry picked from commit c698b4e3227b4767f042e435423fcc307d7f6d5c)
tags/0.17.1
Stuart McLaren 4 years ago
parent
commit
f9a2a12f17
2 changed files with 49 additions and 0 deletions
  1. +7
    -0
      glanceclient/common/https.py
  2. +42
    -0
      tests/test_ssl.py

+ 7
- 0
glanceclient/common/https.py View File

@@ -22,8 +22,11 @@ from requests import adapters
from requests import compat
try:
from requests.packages.urllib3 import connectionpool
from requests.packages.urllib3 import poolmanager
except ImportError:
from urllib3 import connectionpool
from urllib3 import poolmanager


from oslo_utils import encodeutils
import six
@@ -146,6 +149,10 @@ class HTTPSAdapter(adapters.HTTPAdapter):
https pool by setting glanceclient's
one.
"""
def __init__(self, *args, **kwargs):
classes_by_scheme = poolmanager.pool_classes_by_scheme
classes_by_scheme["glance+https"] = HTTPSConnectionPool
super(HTTPSAdapter, self).__init__(*args, **kwargs)

def request_url(self, request, proxies):
# NOTE(flaper87): Make sure the url is encoded, otherwise

+ 42
- 0
tests/test_ssl.py View File

@@ -16,6 +16,7 @@
import os

from OpenSSL import crypto
from OpenSSL import SSL
try:
from requests.packages.urllib3 import poolmanager
except ImportError:
@@ -83,6 +84,11 @@ class TestHTTPSVerifyCert(testtools.TestCase):
server_thread.daemon = True
server_thread.start()

def _skip_python3(self):
if six.PY3:
msg = ("Skipping: python3 for now. Requires bugfix.")
self.skipTest(msg)

def test_v1_requests_cert_verification(self):
"""v1 regression test for bug 115260."""
port = self.port
@@ -100,6 +106,24 @@ class TestHTTPSVerifyCert(testtools.TestCase):
except Exception as e:
self.fail('Unexpected exception raised')

def test_v1_requests_cert_verification_no_compression(self):
"""v1 regression test for bug 115260."""
self._skip_python3()
port = self.port
url = 'https://0.0.0.0:%d' % port

try:
client = Client('1', url,
insecure=False,
ssl_compression=False)
client.images.get('image123')
self.fail('No SSL exception raised')
except SSL.Error as e:
if 'certificate verify failed' not in str(e):
self.fail('No certificate failure message received')
except Exception as e:
self.fail('Unexpected exception raised')

def test_v2_requests_cert_verification(self):
"""v2 regression test for bug 115260."""
port = self.port
@@ -117,6 +141,24 @@ class TestHTTPSVerifyCert(testtools.TestCase):
except Exception as e:
self.fail('Unexpected exception raised')

def test_v2_requests_cert_verification_no_compression(self):
"""v2 regression test for bug 115260."""
self._skip_python3()
port = self.port
url = 'https://0.0.0.0:%d' % port

try:
gc = Client('2', url,
insecure=False,
ssl_compression=False)
gc.images.get('image123')
self.fail('No SSL exception raised')
except SSL.Error as e:
if 'certificate verify failed' not in str(e):
self.fail('No certificate failure message received')
except Exception as e:
self.fail('Unexpected exception raised')


class TestVerifiedHTTPSConnection(testtools.TestCase):
def test_ssl_init_ok(self):

Loading…
Cancel
Save