[bitbake-devel] [PATCHv4 7/7] fetch2/wget.py: checkstatus disable SSL cert validation.
Aníbal Limón
anibal.limon at linux.intel.com
Wed Jul 8 23:34:21 UTC 2015
Since Python 2.7.9 ssl cert validation is enabled by default
see PEP-0476, this causes verification errors on some https
servers so disable by default.
Signed-off-by: Aníbal Limón <anibal.limon at linux.intel.com>
---
lib/bb/fetch2/wget.py | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/lib/bb/fetch2/wget.py b/lib/bb/fetch2/wget.py
index 7e90efb..545f02d 100644
--- a/lib/bb/fetch2/wget.py
+++ b/lib/bb/fetch2/wget.py
@@ -238,7 +238,22 @@ class Wget(FetchMethod):
return "HEAD"
exported_proxies = export_proxies(d)
- if exported_proxies == True:
+
+ # XXX: Since Python 2.7.9 ssl cert validation is enabled by default
+ # see PEP-0476, this causes verification errors on some https servers
+ # so disable by default.
+ import ssl
+ ssl_context = None
+ if hasattr(ssl, '_create_unverified_context'):
+ ssl_context = ssl._create_unverified_context()
+
+ if exported_proxies == True and ssl_context is not None:
+ opener = urllib2.build_opener(urllib2.ProxyHandler, CacheHTTPHandler,
+ urllib2.HTTPSHandler(context=ssl_context))
+ elif exported_proxies == False and ssl_context is not None:
+ opener = urllib2.build_opener(CacheHTTPHandler,
+ urllib2.HTTPSHandler(context=ssl_context))
+ elif exported_proxies == True and ssl_context is None:
opener = urllib2.build_opener(urllib2.ProxyHandler, CacheHTTPHandler)
else:
opener = urllib2.build_opener(CacheHTTPHandler)
@@ -247,8 +262,9 @@ class Wget(FetchMethod):
urllib2.install_opener(opener)
uri = ud.url.split(";")[0]
+
try:
- f = urllib2.urlopen(uri)
+ urllib2.urlopen(uri)
except:
return False
return True
--
1.9.1
More information about the bitbake-devel
mailing list