File horizon-ssl.patch of Package openstack-dashboard
Index: horizon-2012.1+git.1344931337.691dd22/horizon/api/keystone.py
===================================================================
--- horizon-2012.1+git.1344931337.691dd22.orig/horizon/api/keystone.py
+++ horizon-2012.1+git.1344931337.691dd22/horizon/api/keystone.py
@@ -113,13 +113,15 @@ def keystoneclient(request, username=Non
else:
endpoint_lookup = _get_endpoint_url(request, endpoint_type)
auth_url = endpoint or endpoint_lookup
+ insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
LOG.debug("Creating a new keystoneclient connection to %s." % auth_url)
conn = keystone_client.Client(username=username or user.username,
password=password,
tenant_id=tenant_id or user.tenant_id,
token=token_id or user.token,
auth_url=auth_url,
- endpoint=endpoint)
+ endpoint=endpoint,
+ insecure=insecure)
setattr(request, cache_attr, conn)
# Fetch the correct endpoint if we've re-scoped the token.
Index: horizon-2012.1+git.1344931337.691dd22/openstack_dashboard/local/local_settings.py.example
===================================================================
--- horizon-2012.1+git.1344931337.691dd22.orig/openstack_dashboard/local/local_settings.py.example
+++ horizon-2012.1+git.1344931337.691dd22/openstack_dashboard/local/local_settings.py.example
@@ -54,6 +54,8 @@ EMAIL_BACKEND = 'django.core.mail.backen
OPENSTACK_HOST = "127.0.0.1"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"
+# Disable SSL certificate checks (useful for self-signed certificates):
+# OPENSTACK_SSL_NO_VERIFY = True
# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the
# capabilities of the auth backend for Keystone.
Index: horizon-2012.1+git.1344931337.691dd22/horizon/tests/api_tests/keystone_tests.py
===================================================================
--- horizon-2012.1+git.1344931337.691dd22.orig/horizon/tests/api_tests/keystone_tests.py
+++ horizon-2012.1+git.1344931337.691dd22/horizon/tests/api_tests/keystone_tests.py
@@ -50,6 +50,7 @@ class ClientConnectionTests(test.TestCas
def test_connect(self):
keystone_client.Client(auth_url=self.internal_url,
endpoint=None,
+ insecure=False,
password=self.user.password,
tenant_id=None,
token=None,
@@ -64,6 +65,7 @@ class ClientConnectionTests(test.TestCas
self.test_user.roles = [{'name': 'admin'}]
keystone_client.Client(auth_url=self.admin_url,
endpoint=None,
+ insecure=False,
password=self.user.password,
tenant_id=None,
token=None,
Index: horizon-2012.1+git.1344931337.691dd22/horizon/api/nova.py
===================================================================
--- horizon-2012.1+git.1344931337.691dd22.orig/horizon/api/nova.py
+++ horizon-2012.1+git.1344931337.691dd22/horizon/api/nova.py
@@ -24,6 +24,9 @@ from __future__ import absolute_import
import logging
+from django.conf import settings
+from django.utils.translation import ugettext as _
+
from novaclient.v1_1 import client as nova_client
from novaclient.v1_1 import security_group_rules as nova_rules
from novaclient.v1_1.security_groups import SecurityGroup as NovaSecurityGroup
@@ -31,8 +34,6 @@ from novaclient.v1_1.servers import REBO
from horizon.api.base import APIResourceWrapper, APIDictWrapper, url_for
-from django.utils.translation import ugettext as _
-
LOG = logging.getLogger(__name__)
@@ -191,10 +192,12 @@ class SecurityGroupRule(APIResourceWrapp
def novaclient(request):
LOG.debug('novaclient connection created using token "%s" and url "%s"' %
(request.user.token, url_for(request, 'compute')))
+ insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
c = nova_client.Client(request.user.username,
request.user.token,
project_id=request.user.tenant_id,
- auth_url=url_for(request, 'compute'))
+ auth_url=url_for(request, 'compute'),
+ insecure=insecure)
c.client.auth_token = request.user.token
c.client.management_url = url_for(request, 'compute')
return c
@@ -203,10 +206,12 @@ def novaclient(request):
def cinderclient(request):
LOG.debug('cinderclient connection created using token "%s" and url "%s"' %
(request.user.token, url_for(request, 'volume')))
+ insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
c = nova_client.Client(request.user.username,
request.user.token,
project_id=request.user.tenant_id,
- auth_url=url_for(request, 'volume'))
+ auth_url=url_for(request, 'volume'),
+ insecure=insecure)
c.client.auth_token = request.user.token
c.client.management_url = url_for(request, 'volume')
return c
Index: horizon-2012.1+git.1344931337.691dd22/horizon/api/glance.py
===================================================================
--- horizon-2012.1+git.1344931337.691dd22.orig/horizon/api/glance.py
+++ horizon-2012.1+git.1344931337.691dd22/horizon/api/glance.py
@@ -89,8 +89,11 @@ def glanceclient(request):
o = urlparse.urlparse(url_for(request, 'image'))
LOG.debug('glanceclient connection created for host "%s:%d"' %
(o.hostname, o.port))
+ insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
return glance_client.Client(o.hostname,
o.port,
+ insecure=insecure,
+ use_ssl=(o.scheme == 'https'),
auth_tok=request.user.token)
