Add new option cacerts. #52
Conversation
tools/fast_puller_.py
Outdated
| @@ -55,6 +64,11 @@ def main(): | |||
| if not args.name or not args.directory: | |||
| raise Exception('--name and --directory are required arguments.') | |||
|
|
|||
| if args.cacerts: | |||
| logging.info('Adding CA certificates of %s', args.cacerts) | |||
| retry_transport.DEFAULT_SOURCE_TRANSPORT_CALLABLE = _apply_ca_certs( | |||
There was a problem hiding this comment.
This hack shouldn't be necessary. More commentary in #51
There was a problem hiding this comment.
Ok, just ping me when you rewrote the retry and I'll change this PR.
There was a problem hiding this comment.
@abergmeier I just upstreamed the internal change. If you rebase, you can supply the RetryTransport factory with your own source transport callable (i.e. a lambda that instantiates a httplib2.Http with the desired certs)
|
Rebased. |
tools/fast_puller_.py
Outdated
| def _apply_ca_certs(callable, ca_certs): | ||
| """Apply ca_certs attribute to default transport""" | ||
| def _call_with_a_certs(*args, **kwargs): | ||
| return callable(*args, ca_certs = ca_certs, **kwargs) |
There was a problem hiding this comment.
kwargs['ca_certs'] = ca_certs
tools/fast_puller_.py
Outdated
| @@ -49,6 +51,13 @@ | |||
| _THREADS = 8 | |||
|
|
|||
|
|
|||
| def _apply_ca_certs(callable, ca_certs): | |||
| """Apply ca_certs attribute to default transport""" | |||
| def _call_with_a_certs(*args, **kwargs): | |||
There was a problem hiding this comment.
nit: a_certs -> ca_certs
tools/fast_puller_.py
Outdated
| """Apply ca_certs attribute to default transport""" | ||
| def _call_with_a_certs(*args, **kwargs): | ||
| return callable(*args, ca_certs = ca_certs, **kwargs) | ||
| return _call_with_a_certs |
tools/fast_puller_.py
Outdated
| if args.cacerts: | ||
| logging.info('Adding CA certificates of %s', args.cacerts) | ||
| transport_callable = _apply_ca_certs( | ||
| transport_callable, args.cacerts) |
There was a problem hiding this comment.
I'd make this explicitly httplib2.Http, since none of our custom transports take that arg
This way you can override the CAs, that are used for http communication.
|
Trying to add tests... |
| retry_factory = retry.Factory() | ||
| retry_factory = retry_factory.WithSourceTransportCallable(httplib2.Http) | ||
| retry_factory = retry_factory.WithSourceTransportCallable(transport_callable) |
There was a problem hiding this comment.
I think there should be an if clause?
otherwise transport_callable does not exist
if args.cacerts:
retry_factory = retry_factory.WithSourceTransportCallable(transport_callable)
else:
retry_factory = retry_factory.WithSourceTransportCallable(httplib2.Http)
This way you can override the CAs, that are used for http communication.