[bts-link] 01/01: Create and SSL context and use it when calling urllib.urlopen()
Sandro Tosi
morph at moszumanska.debian.org
Sun Jan 24 21:02:42 UTC 2016
This is an automated email from the git hooks/post-receive script.
morph pushed a commit to branch master
in repository bts-link.
commit 271f4a2ab4bb3aec54a146e880d4cab6945c54c5
Author: Sandro Tosi <morph at debian.org>
Date: Sun Jan 24 21:00:45 2016 +0000
Create and SSL context and use it when calling urllib.urlopen()
On DSA-managed machines, the CA certificates location is different than on
default Debian, so we need to pass it explicitly to the function accessing
resources on HTTPS; this is needed because on Jessie python, the SSL
certificates are verified by default, so without this the URL access would fail
due to the unverifiable certificates.
---
btslink.yaml | 2 ++
remote/__init__.py | 8 ++++++++
remote/allura.py | 7 ++++---
remote/bitbucket.py | 5 +++--
remote/bugzilla.py | 5 +++--
remote/flyspray.py | 5 +++--
remote/github.py | 6 ++++--
remote/googlecode.py | 5 +++--
remote/launchpad.py | 5 +++--
remote/redmine.py | 5 +++--
remote/roundup.py | 12 +++++++-----
remote/rt.py | 5 +++--
remote/savane.py | 5 +++--
13 files changed, 49 insertions(+), 26 deletions(-)
diff --git a/btslink.yaml b/btslink.yaml
index f22434f..8391061 100644
--- a/btslink.yaml
+++ b/btslink.yaml
@@ -8,8 +8,10 @@ general:
local:
logdir: /home/morph/bts-link/log
+ capath: /etc/ssl/certs
btsnode:
logdir: /home/btslink/bts-link/log
+ capath: /etc/ssl/ca-global
remotes:
allura:
diff --git a/remote/__init__.py b/remote/__init__.py
index d46f230..9374f9d 100644
--- a/remote/__init__.py
+++ b/remote/__init__.py
@@ -33,6 +33,14 @@ import commands
from base import RemoteBts, ParseExn, DupeExn, NoStatusExn, ConnectionFailedExn
+from utils import BTSLConfig as Cnf
+import platform
+
+if platform.node() == 'sonntag':
+ CAPATH = Cnf.get('btsnode', 'capath')
+else:
+ CAPATH = Cnf.get('local', 'capath')
+
def wget(uri, cookies=None):
opts = []
opts.append("--user-agent='btslink <bts-link-devel at lists.alioth.debian.org>'")
diff --git a/remote/allura.py b/remote/allura.py
index 64345a5..bf4ca12 100644
--- a/remote/allura.py
+++ b/remote/allura.py
@@ -31,7 +31,7 @@
# Allura trackers support (Apache Allura : https://allura.apache.org/)
from __init__ import *
-import re, urllib2, json, string
+import re, urllib2, json, string, ssl
class AlluraTrackerData:
def __init__(self, uri, urlcomponents):
@@ -42,9 +42,10 @@ class AlluraTrackerData:
# We access the REST API to fetch JSON description of the bug
apiurl = "%(uri)s/rest/p/%(project)s/%(type)s/%(id)s/" % urlcomponents
-
+
+ context = ssl.create_default_context(capath=CAPATH)
req = urllib2.Request(apiurl)
- data = json.load(urllib2.urlopen(req))
+ data = json.load(urllib2.urlopen(req, context=context))
ticketdata = data.get('ticket')
if data:
diff --git a/remote/bitbucket.py b/remote/bitbucket.py
index 6608d42..d199412 100644
--- a/remote/bitbucket.py
+++ b/remote/bitbucket.py
@@ -29,7 +29,7 @@
# @see http://confluence.atlassian.com/display/BITBUCKET/Issues
-import urllib, urlparse, cgi, re, json
+import urllib, urlparse, cgi, re, json, ssl
from BeautifulSoup import BeautifulSoup
from __init__ import *
@@ -40,7 +40,8 @@ class BitbucketData:
# from the "visual" URL get the api URL
uri = "https://api.bitbucket.org/1.0/repositories/%(user)s/%(project)s/issues/%(id)s" % id
- data = json.load(urllib.urlopen(uri))
+ context = ssl.create_default_context(capath=CAPATH)
+ data = json.load(urllib.urlopen(uri, context=context))
self.status = data['status'] or failwith(uri, "Bitbucket", exn=NoStatusExn)
self.resolution = None
diff --git a/remote/bugzilla.py b/remote/bugzilla.py
index d96e41a..3919132 100644
--- a/remote/bugzilla.py
+++ b/remote/bugzilla.py
@@ -29,7 +29,7 @@
""" Interface to remote bugzillas """
-import re, sys, urllib, time, traceback, os
+import re, sys, urllib, time, traceback, os, ssl
from __init__ import *
from base import RemoteReport, getActions, warn, die
@@ -106,7 +106,8 @@ class OldRemoteBugzilla(RemoteBts):
if 'closing' in self._cnf:
return self._cnf['closing']
- config = urllib.urlopen(self._cnf['uri'] + '/config.cgi')
+ context = ssl.create_default_context(capath=CAPATH)
+ config = urllib.urlopen(self._cnf['uri'] + '/config.cgi', context=context)
for l in config.readlines():
if l.startswith('var status_closed'):
s = l[l.find('['):].strip('[] ,;\r\t\n')
diff --git a/remote/flyspray.py b/remote/flyspray.py
index 167d05c..8cb1d1c 100644
--- a/remote/flyspray.py
+++ b/remote/flyspray.py
@@ -27,7 +27,7 @@
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
###############################################################################
-import urllib, urlparse, cgi
+import urllib, urlparse, cgi, ssl
from BeautifulSoup import BeautifulSoup
from __init__ import *
@@ -39,7 +39,8 @@ class FlySprayData:
def __init__(self, uri, id):
self.id = id or failwith(uri, "FlySpray: no id")
- soup = BeautifulSoup(urllib.urlopen(uri))
+ context = ssl.create_default_context(capath=CAPATH)
+ soup = BeautifulSoup(urllib.urlopen(uri, context=context))
self.status = parse_table(soup) or failwith(uri, "FlySpray", exn=NoStatusExn)
closeddiv = soup.first('div', attrs={'id' : 'taskclosed'})
diff --git a/remote/github.py b/remote/github.py
index ca13d56..9934e00 100644
--- a/remote/github.py
+++ b/remote/github.py
@@ -29,7 +29,7 @@
# @see http://developer.github.com/v3/issues/
-import urllib2, urlparse, cgi, re, json
+import urllib2, urlparse, cgi, re, json, ssl
from BeautifulSoup import BeautifulSoup
from __init__ import *
@@ -41,12 +41,14 @@ class GithubData:
def __init__(self, uri, id):
self.id = id or failwith(uri, "Github: no id")
+ context = ssl.create_default_context(capath=CAPATH)
+
# from the "visual" URL get the api URL
uri = uri.replace('https://github.com', 'https://api.github.com/repos')
# needed to support querying pull requests too
uri = uri.replace('/pull/', '/pulls/')
req = urllib2.Request(uri, headers = { 'Authorization': 'token %s' % TOKEN })
- data = json.load(urllib2.urlopen(req))
+ data = json.load(urllib2.urlopen(req, context=context))
self.status = data['state'] or failwith(uri, "Github", exn=NoStatusExn)
self.resolution = None
diff --git a/remote/googlecode.py b/remote/googlecode.py
index c88357b..d7f5fb5 100644
--- a/remote/googlecode.py
+++ b/remote/googlecode.py
@@ -29,7 +29,7 @@
# @see http://code.google.com/p/support/wiki/IssueTracker
-import urllib, urlparse, cgi, re
+import urllib, urlparse, cgi, re, ssl
from BeautifulSoup import BeautifulSoup
from __init__ import *
@@ -46,7 +46,8 @@ class GoogleCodeData:
def __init__(self, uri, id):
self.id = id or failwith(uri, "GoogleCode: no id")
- soup = BeautifulSoup(urllib.urlopen(uri))
+ context = ssl.create_default_context(capath=CAPATH)
+ soup = BeautifulSoup(urllib.urlopen(uri, context=context))
self.status = parse_table(soup) or failwith(uri, "GoogleCode", exn=NoStatusExn)
self.resolution = None
diff --git a/remote/launchpad.py b/remote/launchpad.py
index 593fa55..68eb59c 100644
--- a/remote/launchpad.py
+++ b/remote/launchpad.py
@@ -27,7 +27,7 @@
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
###############################################################################
-import urllib, urlparse, re
+import urllib, urlparse, re, ssl
from __init__ import *
import rfc822
@@ -78,7 +78,8 @@ class LaunchpadBug:
class RemoteLaunchpadData:
def __init__(self, uri, id=None):
- text = urllib.urlopen(urlparse.urljoin(uri+"/", "+text"))
+ context = ssl.create_default_context(capath=CAPATH)
+ text = urllib.urlopen(urlparse.urljoin(uri+"/", "+text"), context=context)
# Two forms of URLs supported:
if uri.split("/")[-2] == "+bug":
# https://bugs.launchpad.net/bzr/+bug/XXXXXX
diff --git a/remote/redmine.py b/remote/redmine.py
index 5006d62..0e28583 100644
--- a/remote/redmine.py
+++ b/remote/redmine.py
@@ -27,7 +27,7 @@
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
###############################################################################
-import urllib, urlparse, cgi
+import urllib, urlparse, cgi, ssl
from BeautifulSoup import BeautifulSoup
from __init__ import *
@@ -38,7 +38,8 @@ def parse_table(soup, key):
class RedmineData:
def __init__(self, uri, id):
- soup = BeautifulSoup(urllib.urlopen(uri))
+ context = ssl.create_default_context(capath=CAPATH)
+ soup = BeautifulSoup(urllib.urlopen(uri, context=context))
self.id = id or failwith(uri, "Redmine: no id")
self.status = parse_table(soup, 'status') or failwith(uri, "Redmine", exn=NoStatusExn)
diff --git a/remote/roundup.py b/remote/roundup.py
index 307e8aa..bb059aa 100644
--- a/remote/roundup.py
+++ b/remote/roundup.py
@@ -46,7 +46,7 @@
# * write the 'closing' and 'wontfix' item following the above
# suggestions
-import urllib, urlparse, cgi, re
+import urllib, urlparse, cgi, re, ssl
from __init__ import *
class RoundupData:
@@ -69,11 +69,12 @@ class RoundupData:
# we now obtain the issue status, as a numerical value
status_tpl = [('@action', 'export_csv'), ('@filter', 'id'), ('id', id), ('@columns', 'status')]
status_url = '/%s?%s' % ('issue', urllib.urlencode(status_tpl))
- status_content = urllib.urlopen(uri + status_url).read().split('\r\n')
+ context = ssl.create_default_context(capath=CAPATH)
+ status_content = urllib.urlopen(uri + status_url, context=context).read().split('\r\n')
# then retrive <id, status name> list from $uri/status
statuslist_tpl = [('@action', 'export_csv'), ('@columns', 'id,name')]
statuslist_url = '/%s?%s' % ('status', urllib.urlencode(statuslist_tpl))
- statuslist_map = urllib.urlopen(uri + statuslist_url).read().split('\r\n')
+ statuslist_map = urllib.urlopen(uri + statuslist_url, context=context).read().split('\r\n')
statuslist_dict = {}
# let's make a dict out of this list: keys are numerical id, values are status names
# we strip first ('id,name') and last ('\n') values from the map
@@ -92,11 +93,12 @@ class RoundupData:
# we now obtain the issue resolution, as a numerical value
resolv_tpl = [('@action', 'export_csv'), ('@filter', 'id'), ('id', id), ('@columns', 'resolution')]
resolv_url = '/%s?%s' % ('issue', urllib.urlencode(resolv_tpl))
- resolv_content = urllib.urlopen(uri + resolv_url).read().split('\r\n')
+ context = ssl.create_default_context(capath=CAPATH)
+ resolv_content = urllib.urlopen(uri + resolv_url, context=context).read().split('\r\n')
# then retrive <id, status name> list from $uri/resolution - IF IT EXISTS!!
resolvlist_tpl = [('@action', 'export_csv'), ('@columns', 'id,name')]
resolvlist_url = '/%s?%s' % ('resolution', urllib.urlencode(resolvlist_tpl))
- resolvlist_map = urllib.urlopen(uri + resolvlist_url).read().split('\r\n')
+ resolvlist_map = urllib.urlopen(uri + resolvlist_url, context=context).read().split('\r\n')
resolvlist_dict = {}
# let's make a dict out of this list: keys are numerical id, values are resolution names
# we strip first ('id,name') and last ('\n') values from the map
diff --git a/remote/rt.py b/remote/rt.py
index 3fdf690..4b9c8bc 100644
--- a/remote/rt.py
+++ b/remote/rt.py
@@ -29,7 +29,7 @@
# @see http://wiki.bestpractical.com/index.cgi?ManualIntroduction
-import urllib, urlparse, cgi
+import urllib, urlparse, cgi, ssl
from BeautifulSoup import BeautifulSoup
from __init__ import *
@@ -40,7 +40,8 @@ def parse_table(soup, key):
class RTData:
def __init__(self, uri, id):
- soup = BeautifulSoup(urllib.urlopen(uri))
+ context = ssl.create_default_context(capath=CAPATH)
+ soup = BeautifulSoup(urllib.urlopen(uri, context=context))
self.id = id or failwith(uri, "RT: no id")
self.status = parse_table(soup, 'Status:') or failwith(uri, "RT", exn=NoStatusExn)
diff --git a/remote/savane.py b/remote/savane.py
index f5fef16..7c6608a 100644
--- a/remote/savane.py
+++ b/remote/savane.py
@@ -28,7 +28,7 @@
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
###############################################################################
-import urllib, urlparse, cgi
+import urllib, urlparse, cgi, ssl
from BeautifulSoup import BeautifulSoup
from __init__ import *
@@ -42,7 +42,8 @@ class SavaneData:
def __init__(self, uri, id):
self.id = id or failwith(uri, "Savane: no id")
- soup = BeautifulSoup(urllib.urlopen(uri))
+ context = ssl.create_default_context(capath=CAPATH)
+ soup = BeautifulSoup(urllib.urlopen(uri, context=context))
self.status = parse_table(soup, 'Open/Closed:') or failwith(uri, "Savane", exn=NoStatusExn)
self.resolution = parse_table(soup, 'Status:')
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/bts-link/bts-link.git
More information about the bts-link-commits
mailing list