pycurl https backend doesn't support ssl.cert_reqs setting
Bug #516222 reported by
Aaron Bentley
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Bazaar |
Confirmed
|
Wishlist
|
Unassigned | ||
Breezy |
Fix Released
|
Low
|
Jelmer Vernooij |
Bug Description
Launchpad wants to be able to import any branch that a user provides, no matter how weird their SSL certificate may be. That means we want to ignore invalid SSL certificates. Currently, we can get that as a side effect, by using urllib instead of pycurl. When certificate verification is eventually added to our urllib transport, that option will no longer work.
One way to do this would be to provide a "noverify" decorator that could be applied to SSL-based transports, such as "noverify+https://..."
Related branches
lp://staging/~jelmer/brz/kill-pycurl
Merged
into
lp://staging/brz
- Martin Packman: Approve
-
Diff: 991 lines (+20/-691)9 files modifiedbreezy/tests/features.py (+0/-1)
breezy/tests/http_server.py (+0/-22)
breezy/tests/https_server.py (+0/-14)
breezy/tests/test_bzrdir.py (+0/-12)
breezy/tests/test_http.py (+11/-169)
breezy/transport/__init__.py (+4/-18)
breezy/transport/http/__init__.py (+1/-1)
breezy/transport/http/_pycurl.py (+0/-454)
doc/en/release-notes/brz-3.0.txt (+4/-0)
Changed in bzr: | |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in brz: | |
status: | New → Triaged |
importance: | Undecided → Low |
milestone: | none → 3.0.0 |
Changed in brz: | |
status: | Triaged → Fix Released |
assignee: | nobody → Jelmer Vernooij (jelmer) |
To post a comment you must log in.
In bzr.dev, you can now do this with -Ossl.cert_ reqs=none, if you're using the urllib https backend.