For real imageio servers the destination will always be https. This
change has no effect there.
However when testing we want to use an http server for simplicity. As
there is no certificate or cafile in this case the call to create the
context will fail.
This also simplifies creation of the context object and recognizes the
"insecure" flag for connecting to imageio.
Thanks: Nir Soffer.
---
v2v/rhv-upload-plugin.py | 27 +++++++++++++++++++--------
1 file changed, 19 insertions(+), 8 deletions(-)
diff --git a/v2v/rhv-upload-plugin.py b/v2v/rhv-upload-plugin.py
index 5cd6d5cab..1a217b6dc 100644
--- a/v2v/rhv-upload-plugin.py
+++ b/v2v/rhv-upload-plugin.py
@@ -207,14 +207,25 @@ def open(readonly):
else:
destination_url = urlparse(transfer.proxy_url)
- context = ssl.create_default_context()
- context.load_verify_locations(cafile = params['rhv_cafile'])
-
- http = HTTPSConnection(
- destination_url.hostname,
- destination_url.port,
- context = context
- )
+ if destination_url.scheme == "https":
+ context = \
+ ssl.create_default_context(purpose = ssl.Purpose.SERVER_AUTH,
+ cafile = cafile)
+ if params['insecure']:
+ context.check_hostname = False
+ context.verify_mode = ssl.CERT_NONE
+ http = HTTPSConnection(
+ destination_url.hostname,
+ destination_url.port,
+ context = context
+ )
+ elif destination_url.scheme == "http":
+ http = HTTPConnection(
+ destination_url.hostname,
+ destination_url.port,
+ )
+ else:
+ raise RuntimeError("unknown URL scheme (%s)" % destination_url.scheme)
I would not change production code to support http. Instead the test server
should use HTTPS.
This way we may have working tests when the real code path fail during runtime.
Nir
# The first request is to fetch the features of the server.
--
2.19.0.rc0
_______________________________________________
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs