Bazaar

pycurl https backend doesn't support ssl.cert_reqs setting

Bug #516222 reported by Aaron Bentley on 2010-02-02

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Bazaar	Confirmed	Wishlist	Unassigned
	Breezy	Fix Released	Low	Jelmer Vernooij	Breezy 3.0.0 "Pelican"

Bug Description

Launchpad wants to be able to import any branch that a user provides, no matter how weird their SSL certificate may be. That means we want to ignore invalid SSL certificates. Currently, we can get that as a side effect, by using urllib instead of pycurl. When certificate verification is eventually added to our urllib transport, that option will no longer work.

One way to do this would be to provide a "noverify" decorator that could be applied to SSL-based transports, such as "noverify+https://..."

Tags:

Related branches

lp:~jelmer/brz/kill-pycurl

Merged into lp:brz

Martin Packman: Approve on 2017-06-08

John A Meinel (jameinel) on 2010-02-02

Changed in bzr:
importance:	Undecided → Wishlist
status:	New → Confirmed

Revision history for this message

Jelmer Vernooij (jelmer) wrote on 2012-01-04:

In bzr.dev, you can now do this with -Ossl.cert_reqs=none, if you're using the urllib https backend.

summary:	- Bazaar should provide an explicit way to disable certificate - verification + pycurl backend doesn't support ssl.cert_reqs setting
summary:	- pycurl backend doesn't support ssl.cert_reqs setting + pycurl https backend doesn't support ssl.cert_reqs setting
tags:	added: pycurl
tags:	added: https ssl

Jelmer Vernooij (jelmer) on 2017-06-07

Changed in brz:
status:	New → Triaged
importance:	Undecided → Low
milestone:	none → 3.0.0

Jelmer Vernooij (jelmer) on 2017-06-08

Changed in brz:
status:	Triaged → Fix Released
assignee:	nobody → Jelmer Vernooij (jelmer)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.