From f9a2a12f178504b7ca6b31a3e1784dd5877ee018 Mon Sep 17 00:00:00 2001 From: Stuart McLaren Date: Fri, 10 Apr 2015 14:25:28 +0000 Subject: [PATCH] Fix client when using no ssl compression Since the release of the 0.16.1 client, using the 'no ssl compression' option, whether on the command line, or via the library -- Nova does this by default -- a stack trace was generated. Closes-bug: 1442664 Related-bug: 1357430 Change-Id: I2b8ddcb0a7ae3cfccdfc20d3ba476f3b4f4ec32d (cherry picked from commit c698b4e3227b4767f042e435423fcc307d7f6d5c) --- glanceclient/common/https.py | 7 ++++++ tests/test_ssl.py | 42 ++++++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+) diff --git a/glanceclient/common/https.py b/glanceclient/common/https.py index e3a47804..51f8f6d8 100644 --- a/glanceclient/common/https.py +++ b/glanceclient/common/https.py @@ -22,8 +22,11 @@ from requests import adapters from requests import compat try: from requests.packages.urllib3 import connectionpool + from requests.packages.urllib3 import poolmanager except ImportError: from urllib3 import connectionpool + from urllib3 import poolmanager + from oslo_utils import encodeutils import six @@ -146,6 +149,10 @@ class HTTPSAdapter(adapters.HTTPAdapter): https pool by setting glanceclient's one. """ + def __init__(self, *args, **kwargs): + classes_by_scheme = poolmanager.pool_classes_by_scheme + classes_by_scheme["glance+https"] = HTTPSConnectionPool + super(HTTPSAdapter, self).__init__(*args, **kwargs) def request_url(self, request, proxies): # NOTE(flaper87): Make sure the url is encoded, otherwise diff --git a/tests/test_ssl.py b/tests/test_ssl.py index e7e70c45..cdfff5e1 100644 --- a/tests/test_ssl.py +++ b/tests/test_ssl.py @@ -16,6 +16,7 @@ import os from OpenSSL import crypto +from OpenSSL import SSL try: from requests.packages.urllib3 import poolmanager except ImportError: @@ -83,6 +84,11 @@ class TestHTTPSVerifyCert(testtools.TestCase): server_thread.daemon = True server_thread.start() + def _skip_python3(self): + if six.PY3: + msg = ("Skipping: python3 for now. Requires bugfix.") + self.skipTest(msg) + def test_v1_requests_cert_verification(self): """v1 regression test for bug 115260.""" port = self.port @@ -100,6 +106,24 @@ class TestHTTPSVerifyCert(testtools.TestCase): except Exception as e: self.fail('Unexpected exception raised') + def test_v1_requests_cert_verification_no_compression(self): + """v1 regression test for bug 115260.""" + self._skip_python3() + port = self.port + url = 'https://0.0.0.0:%d' % port + + try: + client = Client('1', url, + insecure=False, + ssl_compression=False) + client.images.get('image123') + self.fail('No SSL exception raised') + except SSL.Error as e: + if 'certificate verify failed' not in str(e): + self.fail('No certificate failure message received') + except Exception as e: + self.fail('Unexpected exception raised') + def test_v2_requests_cert_verification(self): """v2 regression test for bug 115260.""" port = self.port @@ -117,6 +141,24 @@ class TestHTTPSVerifyCert(testtools.TestCase): except Exception as e: self.fail('Unexpected exception raised') + def test_v2_requests_cert_verification_no_compression(self): + """v2 regression test for bug 115260.""" + self._skip_python3() + port = self.port + url = 'https://0.0.0.0:%d' % port + + try: + gc = Client('2', url, + insecure=False, + ssl_compression=False) + gc.images.get('image123') + self.fail('No SSL exception raised') + except SSL.Error as e: + if 'certificate verify failed' not in str(e): + self.fail('No certificate failure message received') + except Exception as e: + self.fail('Unexpected exception raised') + class TestVerifiedHTTPSConnection(testtools.TestCase): def test_ssl_init_ok(self):