client/rhel/rhn-client-tools/rhn-client-tools.spec | 5 ++ client/rhel/rhn-client-tools/src/up2date_client/rpcServer.py | 22 ++++++----- rel-eng/packages/rhn-client-tools | 2 - 3 files changed, 18 insertions(+), 11 deletions(-)
New commits: commit 33b67e5044a9e536f71835ac579d7f83208c4ee3 Author: Michael Mraka michael.mraka@redhat.com Date: Tue Oct 30 14:34:51 2012 +0100
Automatic commit of package [rhn-client-tools] release [1.8.26-1].
diff --git a/client/rhel/rhn-client-tools/rhn-client-tools.spec b/client/rhel/rhn-client-tools/rhn-client-tools.spec index ee1b546..086772c 100644 --- a/client/rhel/rhn-client-tools/rhn-client-tools.spec +++ b/client/rhel/rhn-client-tools/rhn-client-tools.spec @@ -4,7 +4,7 @@ Group: System Environment/Base Source0: https://fedorahosted.org/releases/s/p/spacewalk/%%7Bname%7D-%%7Bversion%7D.t... URL: https://fedorahosted.org/spacewalk Name: rhn-client-tools -Version: 1.8.25 +Version: 1.8.26 Release: 1%{?dist} BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch @@ -339,6 +339,9 @@ make -f Makefile.rhn-client-tools test %endif
%changelog +* Tue Oct 30 2012 Michael Mraka michael.mraka@redhat.com 1.8.26-1 +- check CA cert files only when needed + * Tue Oct 30 2012 Jan Pazdziora 1.8.25-1 - Update the copyright year. - Update .po and .pot files for rhn-client-tools. diff --git a/rel-eng/packages/rhn-client-tools b/rel-eng/packages/rhn-client-tools index 25fbe19..697d600 100644 --- a/rel-eng/packages/rhn-client-tools +++ b/rel-eng/packages/rhn-client-tools @@ -1 +1 @@ -1.8.25-1 client/rhel/rhn-client-tools/ +1.8.26-1 client/rhel/rhn-client-tools/
commit c4466aa3313a914f72a761c321e3b487e3bd5558 Author: Michael Mraka michael.mraka@redhat.com Date: Tue Oct 30 14:29:26 2012 +0100
check CA cert files only when needed
fixing ERROR: unhandled exception occurred: (ERROR: can not find RHNS CA file: /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT). when talking to http server
diff --git a/client/rhel/rhn-client-tools/src/up2date_client/rpcServer.py b/client/rhel/rhn-client-tools/src/up2date_client/rpcServer.py index 4d0b27f..cddb5a8 100644 --- a/client/rhel/rhn-client-tools/src/up2date_client/rpcServer.py +++ b/client/rhel/rhn-client-tools/src/up2date_client/rpcServer.py @@ -14,6 +14,7 @@ import up2dateLog import up2dateErrors import up2dateUtils import up2dateAuth +import urlparse
import xmlrpclib from rhn import rpclib @@ -159,15 +160,18 @@ def getServer(refreshCallback=None, serverOverride=None): s.setlang(lang)
# require RHNS-CA-CERT file to be able to authenticate the SSL connections - for rhns_ca_cert in rhns_ca_certs: - if not os.access(rhns_ca_cert, os.R_OK): - msg = "%s: %s" % (_("ERROR: can not find RHNS CA file"), - rhns_ca_cert) - log.log_me("%s" % msg) - raise up2dateErrors.SSLCertificateFileNotFound(msg) - - # force the validation of the SSL cert - s.add_trusted_cert(rhns_ca_cert) + need_ca = [ True for i in s.serverList.serverList + if urlparse.urlparse(i)[0] == 'https'] + if need_ca: + for rhns_ca_cert in rhns_ca_certs: + if not os.access(rhns_ca_cert, os.R_OK): + msg = "%s: %s" % (_("ERROR: can not find RHNS CA file"), + rhns_ca_cert) + log.log_me("%s" % msg) + raise up2dateErrors.SSLCertificateFileNotFound(msg) + + # force the validation of the SSL cert + s.add_trusted_cert(rhns_ca_cert)
clientCaps.loadLocalCaps()