Add a --insecure arg to ignore invalid SSL certs

Change-Id: I7350c2f9d8f857300784955b2b776f3f1dc69933
2013-09-18 12:55:40 +01:00 · 2013-09-18 12:55:40 +01:00 · 5fe58dac71
commit 5fe58dac71
parent b2e1033e9e
3 changed files with 13 additions and 2 deletions
--- a/designateclient/cli/base.py
+++ b/designateclient/cli/base.py
@ -36,7 +36,8 @@ class Command(CliffCommand):
            'token': self.app.options.os_token,
            'service_type': self.app.options.os_service_type,
            'region_name': self.app.options.os_region_name,
-            'sudo_tenant_id': self.app.options.sudo_tenant_id
+            'sudo_tenant_id': self.app.options.sudo_tenant_id,
+            'insecure': self.app.options.insecure
        }

        if client_args['endpoint'] is None and client_args['auth_url'] is None:
--- a/designateclient/shell.py
+++ b/designateclient/shell.py
@ -89,4 +89,7 @@ class DesignateShell(App):
                            default=os.environ.get('DESIGNATE_SUDO_TENANT_ID'),
                            help="Defaults to env[DESIGNATE_SUDO_TENANT_ID]")

+        parser.add_argument('--insecure', action='store_true',
+                            help="Explicitly allow 'insecure' SSL requests")
+
        return parser
--- a/designateclient/v1/init.py
+++ b/designateclient/v1/init.py
@ -25,7 +25,8 @@ class Client(object):
    def __init__(self, endpoint=None, auth_url=None, username=None,
                 password=None, tenant_id=None, tenant_name=None, token=None,
                 region_name=None, service_type='dns',
-                 endpoint_type='publicURL', sudo_tenant_id=None):
+                 endpoint_type='publicURL', sudo_tenant_id=None,
+                 insecure=False):
        """
        :param endpoint: Endpoint URL
        :param auth_url: Keystone auth_url
@ -36,6 +37,7 @@ class Client(object):
        :param token: A token instead of username / password
        :param region_name: The region name
        :param endpoint_type: The endpoint type (publicURL for example)
+        :param insecure: Allow "insecure" HTTPS requests
        """
        if auth_url:
            auth = KeystoneAuth(auth_url, username, password, tenant_id,
@ -51,6 +53,8 @@ class Client(object):
        else:
            raise ValueError('Either an endpoint or auth_url must be supplied')

+        self.insecure = insecure
+
        headers = {'Content-Type': 'application/json'}

        if token is not None:
@ -78,6 +82,9 @@ class Client(object):
        args = list(args)
        args[0] = '%s/%s' % (self.endpoint, args[0])

+        if self.insecure is True:
+            kw['verify'] = False
+
        # Trigger the request
        response = func(*args, **kw)