Skip to content

Commit

Permalink
PKIConnection: Allow to customize verify option
Browse files Browse the repository at this point in the history 
Don't hard-code verify=False in get() and post(). This allows consumers
to customize the session object and cert validation.

Signed-off-by: Christian Heimes <[email protected]>
  • Loading branch information
@tiran @edewata
tiran authored and edewata committed Aug 8, 2019
1 parent 8204011 commit 2db7a19
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions base/common/python/pki/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ class PKIConnection:

def __init__(self, protocol='http', hostname='localhost', port='8080',
subsystem='ca', accept='application/json',
trust_env=None):
trust_env=None, verify=False):
"""
Set the parameters for a python-requests based connection to a
Dogtag subsystem.
Expand All @@ -73,6 +73,9 @@ def __init__(self, protocol='http', hostname='localhost', port='8080',
:param trust_env: use environment variables for http proxy and other
requests settings (default: yes)
:type trust_env: bool, None
:param verify: verify TLS/SSL connections and configure CA certs
(default: no)
:type verify: None, bool, str
:return: PKIConnection object.
"""

Expand All @@ -86,6 +89,7 @@ def __init__(self, protocol='http', hostname='localhost', port='8080',

self.session = requests.Session()
self.session.trust_env = trust_env
self.session.verify = verify
if accept:
self.session.headers.update({'Accept': accept})

Expand Down Expand Up @@ -153,7 +157,6 @@ def get(self, path, headers=None, params=None, payload=None,

r = self.session.get(
target_path,
verify=False,
headers=headers,
params=params,
data=payload,
Expand Down Expand Up @@ -189,7 +192,6 @@ def post(self, path, payload, headers=None, params=None,

r = self.session.post(
target_path,
verify=False,
data=payload,
headers=headers,
params=params)
Expand Down

0 comments on commit 2db7a19

Please sign in to comment.