Use CONF.identity.disable_ssl_certificate_validation in object_client
create_object_continue interface in object_client doesn't use CONF.identity.disable_ssl_certificate_validation, so even if we set disable_ssl_certificate_validation=true in tempest.conf, sometimes we will still get "ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108)" So create_object_continue should judge whether to check ssl certification according to CONF.identity.disable_ssl_certificate_validation. Change-Id: I38f4416641e396caf88d16e3b418f0fc7577179d Closes-Bug: #1907554
This commit is contained in:
parent
2262cced38
commit
8464cefbf1
|
@ -104,16 +104,18 @@ class RestClient(object):
|
|||
'location', 'proxy-authenticate',
|
||||
'retry-after', 'server',
|
||||
'vary', 'www-authenticate'))
|
||||
dscv = disable_ssl_certificate_validation
|
||||
self.dscv = disable_ssl_certificate_validation
|
||||
|
||||
if proxy_url:
|
||||
self.http_obj = http.ClosingProxyHttp(
|
||||
proxy_url,
|
||||
disable_ssl_certificate_validation=dscv, ca_certs=ca_certs,
|
||||
disable_ssl_certificate_validation=self.dscv,
|
||||
ca_certs=ca_certs,
|
||||
timeout=http_timeout, follow_redirects=follow_redirects)
|
||||
else:
|
||||
self.http_obj = http.ClosingHttp(
|
||||
disable_ssl_certificate_validation=dscv, ca_certs=ca_certs,
|
||||
disable_ssl_certificate_validation=self.dscv,
|
||||
ca_certs=ca_certs,
|
||||
timeout=http_timeout, follow_redirects=follow_redirects)
|
||||
|
||||
def get_headers(self, accept_type=None, send_type=None):
|
||||
|
|
|
@ -12,6 +12,7 @@
|
|||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
import ssl
|
||||
|
||||
from six.moves import http_client as httplib
|
||||
from six.moves.urllib import parse as urlparse
|
||||
|
@ -118,7 +119,7 @@ class ObjectClient(rest_client.RestClient):
|
|||
path = str(parsed.path) + "/"
|
||||
path += "%s/%s" % (str(container), str(object_name))
|
||||
|
||||
conn = _create_connection(parsed)
|
||||
conn = self._create_connection(parsed)
|
||||
# Send the PUT request and the headers including the "Expect" header
|
||||
conn.putrequest('PUT', path)
|
||||
|
||||
|
@ -151,15 +152,21 @@ class ObjectClient(rest_client.RestClient):
|
|||
|
||||
return resp.status, resp.reason
|
||||
|
||||
def _create_connection(self, parsed_url):
|
||||
"""Helper function to create connection with httplib
|
||||
|
||||
def _create_connection(parsed_url):
|
||||
"""Helper function to create connection with httplib
|
||||
:param parsed_url: parsed url of the remote location
|
||||
"""
|
||||
context = None
|
||||
# If CONF.identity.disable_ssl_certificate_validation is true,
|
||||
# do not check ssl certification.
|
||||
if self.dscv:
|
||||
context = ssl._create_unverified_context()
|
||||
if parsed_url.scheme == 'https':
|
||||
conn = httplib.HTTPSConnection(parsed_url.netloc,
|
||||
context=context)
|
||||
else:
|
||||
conn = httplib.HTTPConnection(parsed_url.netloc,
|
||||
context=context)
|
||||
|
||||
:param parsed_url: parsed url of the remote location
|
||||
"""
|
||||
if parsed_url.scheme == 'https':
|
||||
conn = httplib.HTTPSConnection(parsed_url.netloc)
|
||||
else:
|
||||
conn = httplib.HTTPConnection(parsed_url.netloc)
|
||||
|
||||
return conn
|
||||
return conn
|
||||
|
|
|
@ -31,15 +31,18 @@ class TestObjectClient(base.TestCase):
|
|||
self.object_client = object_client.ObjectClient(self.fake_auth,
|
||||
'swift', 'region1')
|
||||
|
||||
@mock.patch.object(object_client, '_create_connection')
|
||||
@mock.patch('tempest.lib.services.object_storage.object_client.'
|
||||
'ObjectClient._create_connection')
|
||||
def test_create_object_continue_no_data(self, mock_poc):
|
||||
self._validate_create_object_continue(None, mock_poc)
|
||||
|
||||
@mock.patch.object(object_client, '_create_connection')
|
||||
@mock.patch('tempest.lib.services.object_storage.object_client.'
|
||||
'ObjectClient._create_connection')
|
||||
def test_create_object_continue_with_data(self, mock_poc):
|
||||
self._validate_create_object_continue('hello', mock_poc)
|
||||
|
||||
@mock.patch.object(object_client, '_create_connection')
|
||||
@mock.patch('tempest.lib.services.object_storage.object_client.'
|
||||
'ObjectClient._create_connection')
|
||||
def test_create_continue_with_no_continue_received(self, mock_poc):
|
||||
self._validate_create_object_continue('hello', mock_poc,
|
||||
initial_status=201)
|
||||
|
|
Loading…
Reference in New Issue