| Message ID | 87wmzd1dxp.fsf@redhat.com |
|---|---|
| State | New |
| Headers |
Return-Path: <libabigail-bounces+patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 88CBC3858D37 for <patchwork@sourceware.org>; Thu, 6 Jul 2023 11:23:42 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 88CBC3858D37 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1688642622; bh=IQUaMjHLXuxvyNLw/SPTERH2lYFfShCidWcQ4jAVGD4=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Help: List-Subscribe:From:Reply-To:From; b=s3Vo7ytGYIqT8bPvtNTrauCVnB3EHLND1MDpIQvxOc763wvD0+EtGpWPpVuD1lWWJ X0iJ9Hb/3eFox0pEXJDHPKRRcXklChYK5ZSEjOYJU4i7gllzymHOTL7INbM8ExLpvl WTyywayybVQtHbPVigsJGEHgltIso9QI/lyWp1po= X-Original-To: libabigail@sourceware.org Delivered-To: libabigail@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 3CEE83858D33 for <libabigail@sourceware.org>; Thu, 6 Jul 2023 11:23:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 3CEE83858D33 Received: from mail-lf1-f72.google.com (mail-lf1-f72.google.com [209.85.167.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-324-dz61kaWqPyGWeQuiFTVGGg-1; Thu, 06 Jul 2023 07:23:34 -0400 X-MC-Unique: dz61kaWqPyGWeQuiFTVGGg-1 Received: by mail-lf1-f72.google.com with SMTP id 2adb3069b0e04-4edc7406cb5so601942e87.3 for <libabigail@sourceware.org>; Thu, 06 Jul 2023 04:23:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688642613; x=1691234613; h=mime-version:user-agent:message-id:date:organization:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=IQUaMjHLXuxvyNLw/SPTERH2lYFfShCidWcQ4jAVGD4=; b=OURDBxSSipg5aVVuLhpHJKGa4OogPUPRCSFkZnadU52z6L7YQ6EKQmD0XjJVZ709Qg lWqoW5PepXOn++YPNyarFAvczTlJt1YBMf8PJxF2XYxkKOE7Vy5Ud8mSsgRp1QpzRg5B yY2aLyhTLnDli1bBlcXTmNfHQmNDqJZGeDI1QXgwu607iy82aVV2eFjrofWEtmZDsCeJ OPzCbpmxvapdi6JCl2ZbFzOUzQMoHXyv5UR202ihOC+Yh2amzrQybrt4Z8wLMZBfUhyT bOLwxb248HL+oPCNFnFQ/ZJmCViHQqSCumcTdxSLxqYs/oZRz4hGUwOGuUGPvQSGgkj0 kc+g== X-Gm-Message-State: ABy/qLbJGnJvK8AVylCoB9CufgoMsrfeEQ4YwVRl4pd4L9LGNyfUY8ml 3KX+6Od3Y0GSFg/FuDXa+BUp7EmrQfApyZuG69GL8BJXqrVUQRBe2ttns4YDJRWLM4M+Fx5HLQs u11J+1F4MbJ8QUu+aYF21Nn6NawSTk2RdvPCxfM1XbLikT2T8HyN6JZ6x4qkNblbWrqetVG6+ot 4l X-Received: by 2002:a05:6512:1146:b0:4fb:7a4e:b573 with SMTP id m6-20020a056512114600b004fb7a4eb573mr1586289lfg.5.1688642612933; Thu, 06 Jul 2023 04:23:32 -0700 (PDT) X-Google-Smtp-Source: APBJJlE8ch5WdZwAKLD3P/TFxv7sWiA8nUog6TsKSOHQTN7gk7VtofjcGIeeaCuwqmhIyVuvxcC7Iw== X-Received: by 2002:a05:6512:1146:b0:4fb:7a4e:b573 with SMTP id m6-20020a056512114600b004fb7a4eb573mr1586271lfg.5.1688642612468; Thu, 06 Jul 2023 04:23:32 -0700 (PDT) Received: from localhost ([37.166.143.63]) by smtp.gmail.com with ESMTPSA id p3-20020a1c7403000000b003fbb1bf7e0fsm1810178wmc.35.2023.07.06.04.23.31 for <libabigail@sourceware.org> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Jul 2023 04:23:31 -0700 (PDT) Received: by localhost (Postfix, from userid 1000) id EDE44B4FFD; Thu, 6 Jul 2023 13:23:30 +0200 (CEST) To: libabigail@sourceware.org Subject: [PATCH, applied] fedabipkgdiff: Don't choke Koji servers with self-signed SSL certs Organization: Red Hat / France X-Operating-System: CentOS Stream release 9 X-URL: http://www.redhat.com Date: Thu, 06 Jul 2023 13:23:30 +0200 Message-ID: <87wmzd1dxp.fsf@redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-12.2 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libabigail@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list of the Libabigail project <libabigail.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/libabigail>, <mailto:libabigail-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/libabigail/> List-Help: <mailto:libabigail-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/libabigail>, <mailto:libabigail-request@sourceware.org?subject=subscribe> From: Dodji Seketeli via Libabigail <libabigail@sourceware.org> Reply-To: Dodji Seketeli <dodji@redhat.com> Errors-To: libabigail-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libabigail" <libabigail-bounces+patchwork=sourceware.org@sourceware.org> |
| Series |
[applied] fedabipkgdiff: Don't choke Koji servers with self-signed SSL certs
|
|
Commit Message
Dodji Seketeli
July 6, 2023, 11:23 a.m. UTC
Hello,
When doing some tests on particular Koji instances, the
Brew::getPackage function was choking because its underlying http
client would could not verify the self-signed SSL certificate used by
the server.
This patch sets the default option of the client so that it avoids
verifying SSL certificates altogether.
* fedabipkgdiff (Brew::__init__): Se the "no_ssl_verify" option to
false by default.
Signed-off-by: Dodji Seketeli <dodji@redhat.com>
---
tools/fedabipkgdiff | 4 ++++
1 file changed, 4 insertions(+)
Comments
Dodji Seketeli via Libabigail <libabigail@sourceware.org> a écrit: > Hello, > > When doing some tests on particular Koji instances, the > Brew::getPackage function was choking because its underlying http > client would could not verify the self-signed SSL certificate used by > the server. > > This patch sets the default option of the client so that it avoids > verifying SSL certificates altogether. > > * fedabipkgdiff (Brew::__init__): Se the "no_ssl_verify" option to > false by default. This patch triggered some errors, unfortunately. So I've applied this one to fix those. From 3c68b44ea459e63769f7b498d70472c74727260d Mon Sep 17 00:00:00 2001 From: Dodji Seketeli <dodji@redhat.com> Date: Thu, 6 Jul 2023 16:03:22 +0200 Subject: [PATCH] fedabipkgdiff: Fix previous commit In the previous commit, I wrongly assumed that all Brew koji session objects have a an "opts" attribute. Fixed thus. * tools/fedabipkgdiff (Brew::__init__): Do not try to access the 'opts' attribute on sessions that don't have any. Signed-off-by: Dodji Seketeli <dodji@redhat.com> --- tools/fedabipkgdiff | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/fedabipkgdiff b/tools/fedabipkgdiff index d961c7dd..ca94a3f9 100755 --- a/tools/fedabipkgdiff +++ b/tools/fedabipkgdiff @@ -662,7 +662,8 @@ class Brew(object): # I am instructing the http client to avoid verifying SSL # certificates by default as some Koji server instance might # use self-signed certficates that can't be easily verified. - self.session.opts.setdefault('no_ssl_verify', True) + if (hasattr(self.session, 'opts')): + self.session.opts.setdefault('no_ssl_verify', True) @log_call def listRPMs(self, buildID=None, arches=None, selector=None):
diff --git a/tools/fedabipkgdiff b/tools/fedabipkgdiff index e9c211cf..d961c7dd 100755 --- a/tools/fedabipkgdiff +++ b/tools/fedabipkgdiff @@ -659,6 +659,10 @@ class Brew(object): used to access koji XMLRPC APIs. """ self.session = koji.ClientSession(baseurl) + # I am instructing the http client to avoid verifying SSL + # certificates by default as some Koji server instance might + # use self-signed certficates that can't be easily verified. + self.session.opts.setdefault('no_ssl_verify', True) @log_call def listRPMs(self, buildID=None, arches=None, selector=None):