lazr.restfulclient

SYSTEM_CA_CERTS is wrong Debian based OS

Bug #1094253 reported by Nicolas Bessi - Camptocamp
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lazr.restfulclient
Fix Released
Low
Marco Ceppi
lazr.restfulclient 0.13.3

Bug Description

Hello,

SYSTEM_CA_CERTS constant define in _browser.py is hardcoded and won't work with many OS.
It will raise following exception at SSL level.

  File "/opt/python_env/2.7/lib/python2.7/site-packages/lazr/restfulclient/_browser.py", line 423, in get_wadl_application
    response, content = self._request(url, media_type=wadl_type)
  File "/opt/python_env/2.7/lib/python2.7/site-packages/lazr/restfulclient/_browser.py", line 358, in _request
    str(url), method=method, body=data, headers=headers)
  File "/opt/python_env/2.7/lib/python2.7/site-packages/lazr/restfulclient/_browser.py", line 326, in _request_and_retry
    url, method=method, body=body, headers=headers)
  File "/opt/python_env/2.7/lib/python2.7/site-packages/httplib2/__init__.py", line 1598, in request
    (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
  File "/opt/python_env/2.7/lib/python2.7/site-packages/lazr/restfulclient/_browser.py", line 153, in _request
    redirections, cachekey)
  File "/opt/python_env/2.7/lib/python2.7/site-packages/httplib2/__init__.py", line 1346, in _request
    (response, content) = self._conn_request(conn, request_uri, method, body, headers)
  File "/opt/python_env/2.7/lib/python2.7/site-packages/httplib2/__init__.py", line 1282, in _conn_request
    conn.connect()
  File "/opt/python_env/2.7/lib/python2.7/site-packages/httplib2/__init__.py", line 1013, in connect
    self.disable_ssl_certificate_validation, self.ca_certs)
  File "/opt/python_env/2.7/lib/python2.7/site-packages/httplib2/__init__.py", line 80, in _ssl_wrap_socket
    cert_reqs=cert_reqs, ca_certs=ca_certs)
  File "/opt/homebrew/Cellar/python/2.7.1/lib/python2.7/ssl.py", line 346, in wrap_socket
    ciphers=ciphers)
  File "/opt/homebrew/Cellar/python/2.7.1/lib/python2.7/ssl.py", line 118, in __init__
    self._sslobj = _ssl.sslwrap(self._sock, server_side,
ssl.SSLError: [Errno 185090050] _ssl.c:336: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib

I do not know how to do get vert file in a cross platform way. My temporary fix is the following:

if os.path.exists('/etc/ssl/certs/ca-certificates.crt'):
    SYSTEM_CA_CERTS = '/etc/ssl/certs/ca-certificates.crt'
else:
    from httplib2 import CA_CERTS as default_certs
    SYSTEM_CA_CERTS = default_certs

Regards

Nicolas

Tags: trivial
Curtis Hovey (sinzui)
Changed in lazr.restfulclient:
status: New → Triaged
importance: Undecided → Low
tags: added: trivial
William Grant (wgrant)
Changed in lazr.restfulclient:
assignee: nobody → Marco Ceppi (marcoceppi)
status: Triaged → Fix Committed
milestone: none → 0.13.3
William Grant (wgrant)
Changed in lazr.restfulclient:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.