Use TLS for json_rpc when configured

The configuration for json_rpc contains the option use_ssl but its value
was not respected by the json_rpc client. Therefore the client tried to
connect to HTTPS endpoints using HTTP.

Change-Id: I4336d71f57bcfbde90fa7b62a5435a7f9d0a73d3
This commit is contained in:
Felix Maurer 2020-07-29 18:48:21 +03:00
parent ebae6a40f1
commit feae197c5a
3 changed files with 27 additions and 1 deletions

View File

@ -167,7 +167,10 @@ class _CallContext(object):
body['id'] = context.request_id or uuidutils.generate_uuid() body['id'] = context.request_id or uuidutils.generate_uuid()
LOG.debug("RPC %s with %s", method, strutils.mask_dict_password(body)) LOG.debug("RPC %s with %s", method, strutils.mask_dict_password(body))
url = 'http://%s:%d' % (self.host, CONF.json_rpc.port) scheme = 'http'
if CONF.json_rpc.use_ssl:
scheme = 'https'
url = '%s://%s:%d' % (scheme, self.host, CONF.json_rpc.port)
result = _get_session().post(url, json=body) result = _get_session().post(url, json=body)
LOG.debug('RPC %s returned %s', method, LOG.debug('RPC %s returned %s', method,
strutils.mask_password(result.text or '<None>')) strutils.mask_password(result.text or '<None>'))

View File

@ -385,6 +385,24 @@ class TestClient(test_base.TestCase):
'rpc.version': '1.42'}, 'rpc.version': '1.42'},
'id': self.context.request_id}) 'id': self.context.request_id})
def test_call_with_ssl(self, mock_session):
self.config(use_ssl=True, group='json_rpc')
response = mock_session.return_value.post.return_value
response.json.return_value = {
'jsonrpc': '2.0',
'result': 42
}
cctx = self.client.prepare('foo.example.com')
self.assertEqual('example.com', cctx.host)
result = cctx.call(self.context, 'do_something', answer=42)
self.assertEqual(42, result)
mock_session.return_value.post.assert_called_once_with(
'https://example.com:8089',
json={'jsonrpc': '2.0',
'method': 'do_something',
'params': {'answer': 42, 'context': self.ctx_json},
'id': self.context.request_id})
def test_cast_success(self, mock_session): def test_cast_success(self, mock_session):
cctx = self.client.prepare('foo.example.com') cctx = self.client.prepare('foo.example.com')
self.assertEqual('example.com', cctx.host) self.assertEqual('example.com', cctx.host)

View File

@ -0,0 +1,5 @@
---
fixes:
- |
Fixes json_rpc client connections always using HTTP even if `use_ssl` was
set to True.