keystonemiddleware

  1. Bug #1411063
  2. Comment #0

Comment 0 for bug 1411063

Revision history for this message
Brant Knudson (blk-u) wrote : S3token incorrect condition expression for ssl_insecure

Remember bug 1353315? The auth_token middleware would set not verify the server cert when insecure=false in api-paste.ini because it passes the value as a string rather than a Boolean. Turns out he s3_token middleware has the same code.

http://git.openstack.org/cgit/openstack/keystonemiddleware/tree/keystonemiddleware/s3_token.py#n119

 insecure = conf.get('insecure', False)

 if insecure:
     self._verify = False

conf is a dict of strings, so if you set insecure=false, then insecure here gets set to "false", which evaluates to True since it's not a zero-length string.