diff options
author | Jenkins <jenkins@review.openstack.org> | 2014-11-05 20:50:27 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2014-11-05 20:50:27 +0000 |
commit | 79353666b967c46722d75316fcc71bda5e567d32 (patch) | |
tree | 9c4d4be661d3d7393bea0279aefce1739eeeb370 | |
parent | 1bc5d405bdfc3e493c2040b33941cf9a8bb2461f (diff) | |
parent | 0be0dabf0e221b142e675348a294af89575ce6d0 (diff) | |
download | neutron-79353666b967c46722d75316fcc71bda5e567d32.tar.gz |
Merge "Big Switch: Fix SSL version on get_server_cert" into stable/juno
-rw-r--r-- | neutron/plugins/bigswitch/servermanager.py | 3 | ||||
-rw-r--r-- | neutron/tests/unit/bigswitch/test_servermanager.py | 3 | ||||
-rw-r--r-- | neutron/tests/unit/bigswitch/test_ssl.py | 4 |
3 files changed, 7 insertions, 3 deletions
diff --git a/neutron/plugins/bigswitch/servermanager.py b/neutron/plugins/bigswitch/servermanager.py index 5adb02d5a6..c10ce72bb5 100644 --- a/neutron/plugins/bigswitch/servermanager.py +++ b/neutron/plugins/bigswitch/servermanager.py @@ -383,7 +383,8 @@ class ServerPool(object): a given path. ''' try: - cert = ssl.get_server_certificate((server, port)) + cert = ssl.get_server_certificate((server, port), + ssl_version=ssl.PROTOCOL_TLSv1) except Exception as e: raise cfg.Error(_('Could not retrieve initial ' 'certificate from controller %(server)s. ' diff --git a/neutron/tests/unit/bigswitch/test_servermanager.py b/neutron/tests/unit/bigswitch/test_servermanager.py index efab0c41ed..e8d15efa3b 100644 --- a/neutron/tests/unit/bigswitch/test_servermanager.py +++ b/neutron/tests/unit/bigswitch/test_servermanager.py @@ -71,7 +71,8 @@ class ServerManagerTests(test_rp.BigSwitchProxyPluginV2TestCase): pl.servers._get_combined_cert_for_server, *('example.org', 443) ) - sslgetmock.assert_has_calls([mock.call(('example.org', 443))]) + sslgetmock.assert_has_calls([mock.call( + ('example.org', 443), ssl_version=ssl.PROTOCOL_TLSv1)]) def test_consistency_watchdog_stops_with_0_polling_interval(self): pl = manager.NeutronManager.get_plugin() diff --git a/neutron/tests/unit/bigswitch/test_ssl.py b/neutron/tests/unit/bigswitch/test_ssl.py index 6a30744236..f921a4165e 100644 --- a/neutron/tests/unit/bigswitch/test_ssl.py +++ b/neutron/tests/unit/bigswitch/test_ssl.py @@ -13,6 +13,7 @@ # under the License. import contextlib import os +import ssl import mock from oslo.config import cfg @@ -106,7 +107,8 @@ class TestSslSticky(test_ssl_certificate_base): self.getcacerts_m.assert_has_calls([mock.call(self.ca_certs_path)]) # cert should have been fetched via SSL lib self.sslgetcert_m.assert_has_calls( - [mock.call((self.servername, 443))] + [mock.call((self.servername, 443), + ssl_version=ssl.PROTOCOL_TLSv1)] ) # cert should have been recorded |