* [PATCH, applied] fedabipkgdiff: Don't choke Koji servers with self-signed SSL certs
@ 2023-07-06 11:23 Dodji Seketeli
2023-07-07 8:41 ` Dodji Seketeli
0 siblings, 1 reply; 2+ messages in thread
From: Dodji Seketeli @ 2023-07-06 11:23 UTC (permalink / raw)
To: libabigail
Hello,
When doing some tests on particular Koji instances, the
Brew::getPackage function was choking because its underlying http
client would could not verify the self-signed SSL certificate used by
the server.
This patch sets the default option of the client so that it avoids
verifying SSL certificates altogether.
* fedabipkgdiff (Brew::__init__): Se the "no_ssl_verify" option to
false by default.
Signed-off-by: Dodji Seketeli <dodji@redhat.com>
---
tools/fedabipkgdiff | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tools/fedabipkgdiff b/tools/fedabipkgdiff
index e9c211cf..d961c7dd 100755
--- a/tools/fedabipkgdiff
+++ b/tools/fedabipkgdiff
@@ -659,6 +659,10 @@ class Brew(object):
used to access koji XMLRPC APIs.
"""
self.session = koji.ClientSession(baseurl)
+ # I am instructing the http client to avoid verifying SSL
+ # certificates by default as some Koji server instance might
+ # use self-signed certficates that can't be easily verified.
+ self.session.opts.setdefault('no_ssl_verify', True)
@log_call
def listRPMs(self, buildID=None, arches=None, selector=None):
--
2.39.3
--
Dodji
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH, applied] fedabipkgdiff: Don't choke Koji servers with self-signed SSL certs
2023-07-06 11:23 [PATCH, applied] fedabipkgdiff: Don't choke Koji servers with self-signed SSL certs Dodji Seketeli
@ 2023-07-07 8:41 ` Dodji Seketeli
0 siblings, 0 replies; 2+ messages in thread
From: Dodji Seketeli @ 2023-07-07 8:41 UTC (permalink / raw)
To: Dodji Seketeli via Libabigail; +Cc: Dodji Seketeli
Dodji Seketeli via Libabigail <libabigail@sourceware.org> a écrit:
> Hello,
>
> When doing some tests on particular Koji instances, the
> Brew::getPackage function was choking because its underlying http
> client would could not verify the self-signed SSL certificate used by
> the server.
>
> This patch sets the default option of the client so that it avoids
> verifying SSL certificates altogether.
>
> * fedabipkgdiff (Brew::__init__): Se the "no_ssl_verify" option to
> false by default.
This patch triggered some errors, unfortunately.
So I've applied this one to fix those.
From 3c68b44ea459e63769f7b498d70472c74727260d Mon Sep 17 00:00:00 2001
From: Dodji Seketeli <dodji@redhat.com>
Date: Thu, 6 Jul 2023 16:03:22 +0200
Subject: [PATCH] fedabipkgdiff: Fix previous commit
In the previous commit, I wrongly assumed that all Brew koji session objects
have a an "opts" attribute. Fixed thus.
* tools/fedabipkgdiff (Brew::__init__): Do not try to access the
'opts' attribute on sessions that don't have any.
Signed-off-by: Dodji Seketeli <dodji@redhat.com>
---
tools/fedabipkgdiff | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tools/fedabipkgdiff b/tools/fedabipkgdiff
index d961c7dd..ca94a3f9 100755
--- a/tools/fedabipkgdiff
+++ b/tools/fedabipkgdiff
@@ -662,7 +662,8 @@ class Brew(object):
# I am instructing the http client to avoid verifying SSL
# certificates by default as some Koji server instance might
# use self-signed certficates that can't be easily verified.
- self.session.opts.setdefault('no_ssl_verify', True)
+ if (hasattr(self.session, 'opts')):
+ self.session.opts.setdefault('no_ssl_verify', True)
@log_call
def listRPMs(self, buildID=None, arches=None, selector=None):
--
2.39.3
--
Dodji
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-07-07 8:41 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-06 11:23 [PATCH, applied] fedabipkgdiff: Don't choke Koji servers with self-signed SSL certs Dodji Seketeli
2023-07-07 8:41 ` Dodji Seketeli
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).