summaryrefslogtreecommitdiff
path: root/glanceclient/common/https.py
Commit message (Collapse)AuthorAgeFilesLines
* Removed the --no-ssl-compression parameter which is deprecatedPranaliD2017-07-251-86/+0
| | | | | | | | --no-ssl-compression is deprecated and no longer used. So, it is removed from the help message. Change-Id: I2b886671a568ed191ee380cf16335ccd9ae85062 Closes-Bug: #1583919
* Enable hacking checksTin Lam2016-04-181-9/+6
| | | | | | | | | | Enabled following hacking checks from tox.ini: - H233 Python 3.x incompatible use of print operator - H303 no wildcard import - H404 multi line docstring should start with a summary Change-Id: I2553bcd3e80c00acc08d135a1d2dadfb6cda49fe Partial-Bugs: #1475054
* Remove monkey-patching for getsockoptkairat_kushaev2016-01-151-5/+0
| | | | | | | | | Not getsocketopts is presented in GreenSocket for Linux. See the bug for the info. So we don't need to patch it anymore. Closes-Bug: #1348269 Change-Id: Ie2211238656eddfb0af5f3ef84ab638f6248a10a
* Fix Typos in commentsrahulram2015-08-261-1/+1
| | | | Change-Id: Ib66ec89f6e556093ab00d3f7fb8ad0f3d9912461
* Merge "Fix failure to create glance https connection pool"Jenkins2015-07-291-3/+4
|\
| * Fix failure to create glance https connection poolHaikel Guemar2015-07-281-3/+4
| | | | | | | | | | | | | | | | | | | | | | Due to a typo in an attribute named, an Attribute error is raised causing failure in connection to glance through HTTPS Urllib3 PoolManager class has a connection_pool_kw attribute but not connection_kw Closes-Bug: #1479020 Change-Id: Id4d6a5bdcf971d09e80043fd2ab399e208fd931c
* | Enable flake8 checksDarja Shakhray2015-07-211-16/+14
|/ | | | | | | | | | | | This commit enables new flake8 checks: * E265 block comment should start with '# ' * H405 multi line docstring summary not separated with an empty line * E123 closing bracket does not match indentation of opening bracket's line * H238 old style class declaration, use new style (inherit from `object`) * E128 continuation line under-indented for visual indent and makes related changes in the code. Change-Id: Ie993afc930f6b74d7a990bcaa9fc0e9f5ba1585c
* Import only modules and update tox.iniCindy Pallares2015-06-171-5/+4
| | | | | | | | | As stated in the OpenStack Hacking Guidelines, it is prefered that only modules should be imported. Also updated tox.ini to ignore opestack/common among others. Change-Id: I2f0a603c31052eadee581c11880c0ec6bd392829
* Fix https stack trace on python 3.4 clientStuart McLaren2015-04-111-1/+3
| | | | | | | | | | | When using the client with python 3.4 and no ssl compression the following stack trace ocurrs: TypeError: startswith first arg must be bytes or a tuple of bytes, not str Closes-bug: 1442883 Related-bug: 1357430 Change-Id: I8e28f0bb1f3e866f11851247ce31470ca8c2af4f
* Fix client when using no ssl compressionStuart McLaren2015-04-111-0/+7
| | | | | | | | | | | Since the release of the 0.16.1 client, using the 'no ssl compression' option, whether on the command line, or via the library -- Nova does this by default -- a stack trace was generated. Closes-bug: 1442664 Related-bug: 1357430 Change-Id: I2b8ddcb0a7ae3cfccdfc20d3ba476f3b4f4ec32d
* Merge "Unify using six.moves.range rename everywhere"Jenkins2015-03-041-0/+2
|\
| * Unify using six.moves.range rename everywhereErno Kuvaja2015-02-251-0/+2
| | | | | | | | | | | | | | | | | | Mainly to improve consistency, use range() from six.moves renames across glance. Behaves consistently like py2 xrange() and py3 range(). Change-Id: I7c573a3a9775f454b98d25f2a14f8e9f5f4ac432
* | Merge "https: Prevent leaking sockets for some operations"Jenkins2015-03-041-56/+77
|\ \
| * | https: Prevent leaking sockets for some operationsStuart McLaren2015-02-181-56/+77
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Other OpenStack services which instantiate a 'https' glanceclient using ssl_compression=False and insecure=False (eg Nova, Cinder) are leaking sockets due to glanceclient not closing the connection to the Glance server. This could happen for a sub-set of calls, eg 'show', 'delete', 'update'. netstat -nopd would show the sockets would hang around forever: ... 127.0.0.1:9292 ESTABLISHED 9552/python off (0.00/0/0) urllib's ConnectionPool relies on the garbage collector to tear down sockets which are no longer in use. The 'verify_callback' function used to validate SSL certs was holding a reference to the VerifiedHTTPSConnection instance which prevented the sockets being torn down. Change-Id: Idb3e68151c48ed623ab89d05d88ea48465429838 Closes-bug: 1423165
* | | Merge "Register our own ConnectionPool without globals"Jenkins2015-02-261-9/+26
|\ \ \ | |_|/ |/| |
| * | Register our own ConnectionPool without globalsIan Cordasco2015-02-061-10/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, on systems like Fedora and Debian, it is possible to import urllib3 as well as requests.packages.urllib3. They functionally point to the same code but sys.modules considers them to be separate items. When downstream packagers unvendor urllib3 from requests, they also change all the imports inside of the package. So if the code imports urllib3 from requests.packages.urllib3 and modifies globals in a submodule, that will not be visible to requests since it has been rewritten to use urllib3 (not requests.packages.urllib3). By handling this logic ourselves, we can issue a release until upstream packages and requests can fix this and cut a new release. Change-Id: Ic77ce8a06d9d148a899b4b8695990fca8fdaefc5 Closes-bug: 1396550
* | | Merge "Reduce the set of supported client SSL ciphers"Jenkins2015-02-231-0/+6
|\ \ \
| * | | Reduce the set of supported client SSL ciphersStuart McLaren2014-09-191-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | python-glanceclient (like, for example, curl) can advertise the default set of supported OpenSSL ciphers in its ClientHello packet. This patches reduces that to a stronger subset. Change-Id: I7c30465e79d8a32f43458cd6253a98fcf067dc38 Closes-bug: #1370283
* | | | Merge "Update HTTPS certificate handling for pep-0476"Jenkins2015-02-191-1/+5
|\ \ \ \ | |_|_|/ |/| | |
| * | | Update HTTPS certificate handling for pep-0476James Page2014-12-191-1/+5
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This pep (included in python 2.7.9) changes the behaviour of SSL certificate chain handling to be more py3 like. Include required new exception behaviour in the list of exceptions to translate under py2. https://github.com/python/peps/blob/master/pep-0476.txt Closes-Bug: 1404227 Change-Id: I7da1a13d1ec861a07fd96684d0431508a214a2c8
* | | Change oslo.utils to oslo_utilsLouis Taylor2015-02-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The oslo.utils libraries are moving away from namespace packages. This requires oslo.utils>=1.2.0 bp drop-namespace-packages Change-Id: I803df61e91eabb96329d859aef6bea03530fb84f
* | | Remove openstack.common.strutilsLouis Taylor2015-01-271-3/+3
|/ / | | | | | | | | | | | | This module now lives in oslo.utils, so import it from there instead. Co-Authored-By: Ian Cordasco <ian.cordasco@rackspace.com> Change-Id: Ib35dc840992433542490670781badd9529ec8947
* | Don't replace the https handler in the poolmanagerFlavio Percoco2014-10-301-2/+14
|/ | | | | | | | | | | | | | | | | In order to keep the support for `--ssl-nocompression` it was decided to overwrite the https HTTPAdapter in `requests` poolmanager. Although this seemed to work correctly, it was causing some issues when using glanceclient from other services that rely on requests and that were also configured to use TLS. THis patch changes implements a different strategy by using `glance+https` as the scheme to use when `no-compression` is requested. Closes-bug: #1350251 Closes-bug: #1347150 Closes-bug: #1362766 Change-Id: Ib25237ba821ee20a561a163b79402d1375ebed0b
* Ensure server's SSL cert is validatedStuart McLaren2014-08-191-1/+2
| | | | | | | | | | | A bug was introduced which meant that the server SSL certificate was not being verified. Here we make sure that it is checked (unless the --insecure flag is used). Helps guard against man-in-the-middle attack. Change-Id: I08f30bf3906b6580c871729311343fa8eefda91b Closes-bug: #1357430
* Fix glance-client to work with IPv6 controllersSudipta Biswas2014-08-061-1/+12
| | | | | | | | | | | | | | | | | | | Currently the glance client can't operate on IPv6 address based openstack controller IPs. The reason for this is the absence of creation of a IPv6 socket in the glance client code (in https.py). The glance client is trying to create sockets from the AF_INET socket family but this will lead to errors when glance client makes a call on the IPv6 IP addresses. In order to fix this limitation, we ensure that if the hostname resolves to IPv6 or an explicit IPv6 address is used to configure the openstack controller - glance client shall be able to detect that and then create a AF_INET6 socket family. In all other cases a AF_INET socket is created. We default to IPv4 sockets in all other cases. Change-Id: I7d5a09675cd5dab2e39f0faeaa7c169291eedac6 Closes-bug: #1348030
* Replace old httpclient with requestsAmalaBasha2014-07-101-0/+274
This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
View Lorry Controller Status