From 53a79c33f88cea83fb2a90408dd3f5e8dd48a2f5 Mon Sep 17 00:00:00 2001 From: Richard Theis Date: Thu, 7 Apr 2016 16:35:38 -0500 Subject: [PATCH] Fix SSL/TLS verification for network commands The network commands ignored the --insecure and --os-cacert options and OS_CACERT environment variable which prevented them from properly completing SSL/TLS verification. This resulted in the network commands failing with "An SSL error occurred." Change-Id: I15167631ef58335e1476c16b828b079e3b0f13c1 Closes-Bug: #1560157 (cherry picked from commit b5f10f43eb9fd1a046a3e80db09d8bc8c350c218) --- openstackclient/network/client.py | 3 ++- releasenotes/notes/bug-1560157-bce572f58b43efa1.yaml | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/bug-1560157-bce572f58b43efa1.yaml diff --git a/openstackclient/network/client.py b/openstackclient/network/client.py index 7714c5250..dca9efc48 100644 --- a/openstackclient/network/client.py +++ b/openstackclient/network/client.py @@ -31,7 +31,8 @@ API_VERSIONS = { def make_client(instance): """Returns a network proxy""" - conn = connection.Connection(authenticator=instance.session.auth) + conn = connection.Connection(authenticator=instance.session.auth, + verify=instance.session.verify) LOG.debug('Connection: %s', conn) LOG.debug('Network client initialized using OpenStack SDK: %s', conn.network) diff --git a/releasenotes/notes/bug-1560157-bce572f58b43efa1.yaml b/releasenotes/notes/bug-1560157-bce572f58b43efa1.yaml new file mode 100644 index 000000000..e5c394bc2 --- /dev/null +++ b/releasenotes/notes/bug-1560157-bce572f58b43efa1.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - Fixed SSL/TLS verification for Network v2 commands. The commands + were ignoring the ``--insecure`` and ``--os-cacert`` options and + the ``OS_CACERT`` environment variable which caused them to fail + with ``An SSL error occurred.`` when authenticating using SSL/TLS. + [Bug `1560157 `_]