Andreas Hasenack has proposed merging lp:~ahasenack/txaws/no-local-dir-for-ca-lookup into lp:txaws.
Requested reviews: txAWS Committers (txaws-dev) Related bugs: Bug #1072793 in txAWS: "get_ca_certs() includes current directory" https://bugs.launchpad.net/txaws/+bug/1072793 For more details, see: https://code.launchpad.net/~ahasenack/txaws/no-local-dir-for-ca-lookup/+merge/131949 This branch changes get_ca_certs() so that it does not accidentally include the current directory when looking for *.pem CA files to load. -- https://code.launchpad.net/~ahasenack/txaws/no-local-dir-for-ca-lookup/+merge/131949 Your team txAWS Committers is requested to review the proposed merge of lp:~ahasenack/txaws/no-local-dir-for-ca-lookup into lp:txaws.
=== modified file 'txaws/client/ssl.py' --- txaws/client/ssl.py 2012-01-26 23:05:01 +0000 +++ txaws/client/ssl.py 2012-10-29 16:22:23 +0000 @@ -16,11 +16,11 @@ # Multiple defaults are supported; just add more paths, separated by colons. if sys.platform == "darwin": - DEFAULT_CERTS_PATH = "/System/Library/OpenSSL/certs/:" + DEFAULT_CERTS_PATH = "/System/Library/OpenSSL/certs/" # XXX Windows users can file a bug to add theirs, since we don't know what # the right path is else: - DEFAULT_CERTS_PATH = "/etc/ssl/certs/:" + DEFAULT_CERTS_PATH = "/etc/ssl/certs/" class VerifyingContextFactory(CertificateOptions): @@ -99,6 +99,8 @@ cert_paths = os.getenv("TXAWS_CERTS_PATH", DEFAULT_CERTS_PATH).split(":") certificate_authority_map = {} for path in cert_paths: + if not path: + continue for cert_file_name in glob(os.path.join(path, "*.pem")): # There might be some dead symlinks in there, so let's make sure # it's real. === modified file 'txaws/client/tests/test_ssl.py' --- txaws/client/tests/test_ssl.py 2012-02-09 22:07:20 +0000 +++ txaws/client/tests/test_ssl.py 2012-10-29 16:22:23 +0000 @@ -169,6 +169,7 @@ self.two_certs_dir = tempfile.mkdtemp() self.cert2 = self._write_pem(cert2, self.two_certs_dir, "cert2.pem") self.cert3 = self._write_pem(cert3, self.two_certs_dir, "cert3.pem") + self.curdir = os.getcwd() def tearDown(self): super(CertsFilesTestCase, self).tearDown() @@ -178,6 +179,7 @@ os.removedirs(self.no_certs_dir) os.removedirs(self.one_cert_dir) os.removedirs(self.two_certs_dir) + os.chdir(self.curdir) def _write_pem(self, cert, dir, filename): data = dump_certificate(FILETYPE_PEM, cert[1]) @@ -213,3 +215,8 @@ self.no_certs_dir, self.one_cert_dir) certs = ssl.get_ca_certs() self.assertEqual(len(certs), 1) + + def test_get_ca_certs_no_current_dir(self): + os.environ["TXAWS_CERTS_PATH"] = "%s:" % self.no_certs_dir + os.chdir(self.one_cert_dir) + self.assertRaises(exception.CertsNotFoundError, ssl.get_ca_certs)
_______________________________________________ Mailing list: https://launchpad.net/~txaws-dev Post to : txaws-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~txaws-dev More help : https://help.launchpad.net/ListHelp