Log the CA cert with the debug statement

If you are using a custom CA bundle rather than the default OS one then we should log that as part of the curl statement to make debugging easier. Change-Id: I1a6ded02b75a3bc9b1ca880db8a9b9b460d36774
2014-10-24 13:27:53 +02:00
parent 6d85d182a2
commit 89d9411afd
2 changed files with 12 additions and 0 deletions
--- a/keystoneclient/session.py
+++ b/keystoneclient/session.py
@@ -144,6 +144,8 @@ class Session(object):
        # so we need to actually check that this is False.
        if self.verify is False:
            string_parts.append('--insecure')
+        elif isinstance(self.verify, six.string_types):
+            string_parts.append('--cacert "%s"' % self.verify)

        if method:
            string_parts.extend(['-X', method])
--- a/keystoneclient/tests/test_session.py
+++ b/keystoneclient/tests/test_session.py
@@ -172,6 +172,16 @@ class SessionTests(utils.TestCase):
            self.assertEqual(v, resp.headers[k])
            self.assertNotIn(v, self.logger.output)

+    def test_logging_cacerts(self):
+        path_to_certs = '/path/to/certs'
+        session = client_session.Session(verify=path_to_certs)
+
+        self.stub_url('GET', text='text')
+        session.get(self.TEST_URL)
+
+        self.assertIn('--cacert', self.logger.output)
+        self.assertIn(path_to_certs, self.logger.output)
+
    def test_connect_retries(self):

        def _timeout_error(request, context):