1192517 – Swift.py does not respect the OPENSTACK_SSL_NO_VERIFY setting for use with self signed certs

Bug 1192517 - Swift.py does not respect the OPENSTACK_SSL_NO_VERIFY setting for use with self signed certs

Summary: Swift.py does not respect the OPENSTACK_SSL_NO_VERIFY setting for use with se...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	python-django-horizon
Sub Component:
Version:	5.0 (RHEL 6)
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	z4
Target Release:	5.0 (RHEL 7)
Assignee:	Matthias Runge
QA Contact:	Ido Ovadia
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-02-13 15:36 UTC by Lee Yarwood
Modified:	2023-02-22 23:02 UTC (History)
CC List:	7 users (show)
Fixed In Version:	python-django-horizon-2014.1.3-5.el7ost, python-django-horizon-2014.1.3-5.el6ost
Doc Type:	Bug Fix
Doc Text:	The option 'OPENSTACK_SSL_NO_VERIFY' is used to enable or disable checks for SSL certificate validity. Swift client ignored this check. As a result, you could not use Horizon with swift and swift was accessed by a self signed certificate. With this update, the option is now handled properly and Horizon is able to use this endpoint while the 'OPENSTACK_SSL_NO_VERIFY' option is enabled.
Clone Of:
Environment:
Last Closed:	2015-04-16 15:10:13 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Launchpad	1311357	None	None	None	Never
OpenStack gerrit	89975	None	MERGED	swift: Respect the OPENSTACK_SSL_NO_VERIFY setting	2020-03-18 15:11:31 UTC
Red Hat Product Errata	RHSA-2015:0839	normal	SHIPPED_LIVE	Moderate: python-django-horizon and python-django-openstack-auth update	2015-04-16 19:08:45 UTC

Description Lee Yarwood 2015-02-13 15:36:20 UTC

Description of problem:
Swift.py does not respect the OPENSTACK_SSL_NO_VERIFY setting for use with self signed certs. This issue has been resolved upstream [1] for the Juno release [2].  This isn't viable for a stable/Icehouse backport but IMHO is for a RHEL OSP 5.0.z backport.

[1] https://bugs.launchpad.net/horizon/+bug/1311357
[2] https://review.openstack.org/#/c/89975/

Version-Release number of selected component (if applicable):
python-django-horizon-2014.1.3-3.el7ost.src.rpm

How reproducible:
Always.

Steps to Reproduce:
1. Configure a swift endpoint using self signed SSL certificates and attempt to use this from Horizon.

Actual results:
Horizon is unable to use this endpoint as it's own Swift client ignores the OPENSTACK_SSL_NO_VERIFY option.

Expected results:
Horizon is able to use this endpoint while the OPENSTACK_SSL_NO_VERIFY option is enabled.

Additional info:

Comment 7 Ido Ovadia 2015-04-01 15:42:27 UTC

Verified
========
python-django-horizon-2014.1.4-1.el7ost.noarch

Comment 9 errata-xmlrpc 2015-04-16 15:10:13 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0839.html

Note You need to log in before you can comment on or make changes to this bug.