1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
Description: Fix s3_token middleware parsing insecure option
The "insecure" option was being treated as a bool when it was actually
provided as a string. The fix is to parse the string to a bool.
Author: Brant Knudson <bknudson@us.ibm.com>
Date: Mon, 23 Mar 2015 18:19:18 -0500
Bug-Ubuntu: 1411063
Change-Id: I508dae8d7bedfc903e476cdefac43d05cbd7fbe1
--- python-keystonemiddleware-1.0.0.orig/keystonemiddleware/s3_token.py
+++ python-keystonemiddleware-1.0.0/keystonemiddleware/s3_token.py
@@ -34,6 +34,7 @@ This WSGI component:
import logging
import webob
+from oslo.utils import strutils
import requests
import six
from six.moves import urllib
@@ -114,7 +115,7 @@ class S3Token(object):
auth_port)
# SSL
- insecure = conf.get('insecure', False)
+ insecure = strutils.bool_from_string(conf.get('insecure', False))
cert_file = conf.get('certfile')
key_file = conf.get('keyfile')
--- python-keystonemiddleware-1.0.0.orig/keystonemiddleware/tests/test_s3_token_middleware.py
+++ python-keystonemiddleware-1.0.0/keystonemiddleware/tests/test_s3_token_middleware.py
@@ -123,7 +123,7 @@ class S3TokenMiddlewareTestGood(S3TokenM
@mock.patch.object(requests, 'post')
def test_insecure(self, MOCK_REQUEST):
self.middleware = (
- s3_token.filter_factory({'insecure': True})(FakeApp()))
+ s3_token.filter_factory({'insecure': 'True'})(FakeApp()))
text_return_value = jsonutils.dumps(GOOD_RESPONSE)
if six.PY3:
@@ -141,6 +141,28 @@ class S3TokenMiddlewareTestGood(S3TokenM
mock_args, mock_kwargs = MOCK_REQUEST.call_args
self.assertIs(mock_kwargs['verify'], False)
+ def test_insecure_option(self):
+ # insecure is passed as a string.
+
+ # Some non-secure values.
+ true_values = ['true', 'True', '1', 'yes']
+ for val in true_values:
+ config = {'insecure': val, 'certfile': 'false_ind'}
+ middleware = s3_token.filter_factory(config)(FakeApp())
+ self.assertIs(False, middleware._verify)
+
+ # Some "secure" values, including unexpected value.
+ false_values = ['false', 'False', '0', 'no', 'someweirdvalue']
+ for val in false_values:
+ config = {'insecure': val, 'certfile': 'false_ind'}
+ middleware = s3_token.filter_factory(config)(FakeApp())
+ self.assertEqual('false_ind', middleware._verify)
+
+ # Default is secure.
+ config = {'certfile': 'false_ind'}
+ middleware = s3_token.filter_factory(config)(FakeApp())
+ self.assertIs('false_ind', middleware._verify)
+
class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase):
def setUp(self):
|
