On Fri, Dec 7, 2018, 10:34 Richard W.M. Jones <rjones@redhat.com wrote:
On Fri, Dec 07, 2018 at 02:44:21AM +0200, Nir Soffer wrote:
> Fix rhv-cafile option access, broken by commit 6694028f9827 (v2v: -o
> rhv-upload: Only set SSL context for https connections).

Ugh yes indeed.  Strong typing FTW _again_

"pylint -E" may detect such issues.

...

Will apply shortly, thanks.

Rich.

>  .gnulib                  | 2 +-
>  v2v/rhv-upload-plugin.py | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/.gnulib b/.gnulib
> index 6ccfbb4ce..646a44e1b 160000
> --- a/.gnulib
> +++ b/.gnulib
> @@ -1 +1 @@
> -Subproject commit 6ccfbb4ce5d4fa79f7afb48f3648f2e0401523c3
> +Subproject commit 646a44e1b190c4a7f6a9f32c63230c619e38d251
> diff --git a/v2v/rhv-upload-plugin.py b/v2v/rhv-upload-plugin.py
> index 1a217b6dc..3272c3ce3 100644
> --- a/v2v/rhv-upload-plugin.py
> +++ b/v2v/rhv-upload-plugin.py
> @@ -193,41 +193,41 @@ def open(readonly):
>          if transfer.phase != types.ImageTransferPhase.INITIALIZING:
>              break
>          if time.time() > endt:
>              raise RuntimeError("timed out waiting for transfer status "
>                                 "!= INITIALIZING")

>      # Now we have permission to start the transfer.
>      if params['rhv_direct']:
>          if transfer.transfer_url is None:
>              raise RuntimeError("direct upload to host not supported, "
>                                 "requires ovirt-engine >= 4.2 and only works "
>                                 "when virt-v2v is run within the oVirt/RHV "
>                                 "environment, eg. on an oVirt node.")
>          destination_url = urlparse(transfer.transfer_url)
>      else:
>          destination_url = urlparse(transfer.proxy_url)

>      if destination_url.scheme == "https":
>          context = \
>              ssl.create_default_context(purpose = ssl.Purpose.SERVER_AUTH,
> -                                       cafile = cafile)
> +                                       cafile = params['rhv_cafile'])
>          if params['insecure']:
>              context.check_hostname = False
>              context.verify_mode = ssl.CERT_NONE
>          http = HTTPSConnection(
>              destination_url.hostname,
>              destination_url.port,
>              context = context
>          )
>      elif destination_url.scheme == "http":
>          http = HTTPConnection(
>              destination_url.hostname,
>              destination_url.port,
>          )
>      else:
>          raise RuntimeError("unknown URL scheme (%s)" % destination_url.scheme)

>      # The first request is to fetch the features of the server.

>      # Authentication was needed only for GET and PUT requests when
>      # communicating with old imageio-proxy.
> --
> 2.17.2

--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top