Michael Pasternak has uploaded a new change for review. Change subject: cli: add flag --dont-validate-cert-chain #915231 ......................................................................
cli: add flag --dont-validate-cert-chain #915231 https://bugzilla.redhat.com/show_bug.cgi?id=915231 Change-Id: Id4819ca2de9aa47c48031eb3d09016961f8880c3 Signed-off-by: Michael Pasternak <mpast...@redhat.com> --- M src/ovirtcli/command/connect.py M src/ovirtcli/options.py M src/ovirtcli/settings.py 3 files changed, 8 insertions(+), 2 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine-cli refs/changes/95/12495/1 diff --git a/src/ovirtcli/command/connect.py b/src/ovirtcli/command/connect.py index 820e484..7f1742a 100644 --- a/src/ovirtcli/command/connect.py +++ b/src/ovirtcli/command/connect.py @@ -71,6 +71,7 @@ timeout = settings.get('ovirt-shell:timeout') debug = settings.get('cli:debug') insecure = settings.get('ovirt-shell:insecure') + dont_validate_cert_chain = settings.get('ovirt-shell:dont_validate_cert_chain') filter_ = settings.get('ovirt-shell:filter') if self.context.connection is not None and \ @@ -99,6 +100,7 @@ cert_file=cert_file, ca_file=ca_file, insecure=insecure, + validate_cert_chain=not dont_validate_cert_chain, filter=filter_, port=port if port != -1 else None, timeout=timeout if timeout != -1 else None, diff --git a/src/ovirtcli/options.py b/src/ovirtcli/options.py index 93e1846..7be4047 100644 --- a/src/ovirtcli/options.py +++ b/src/ovirtcli/options.py @@ -40,7 +40,9 @@ self.add_option('-K', '--key-file', help='specify client PEM key-file') self.add_option('-C', '--cert-file', help='specify client PEM cert-file') self.add_option('-A', '--ca-file', help='specify server CA cert-file') - self.add_option('-I', '--insecure', help='allow connecting to SSL sites without certificates', + self.add_option('-I', '--insecure', help='allow connecting to SSL sites without CA certificate', + action='store_true') + self.add_option('-D', '--dont-validate-cert-chain', help='do not validate server CA certificate', action='store_true') self.add_option('-F', '--filter', help='enables user permission based filtering', action='store_true') diff --git a/src/ovirtcli/settings.py b/src/ovirtcli/settings.py index c225a9b..dcd66f7 100644 --- a/src/ovirtcli/settings.py +++ b/src/ovirtcli/settings.py @@ -54,6 +54,7 @@ ('ovirt-shell:cert_file', str, None), ('ovirt-shell:ca_file', str, None), ('ovirt-shell:insecure', boolean, False), + ('ovirt-shell:dont_validate_cert_chain', boolean, False), ('ovirt-shell:filter', boolean, False), ('ovirt-shell:port', int, -1), ('ovirt-shell:timeout', int, -1), @@ -73,7 +74,7 @@ ('ovirt-shell:no_paging', boolean, False), ] - #config file white list + # config file white list config_items = [ 'ovirt-shell:url', 'ovirt-shell:username', @@ -82,6 +83,7 @@ 'ovirt-shell:cert_file', 'ovirt-shell:ca_file', 'ovirt-shell:insecure', + 'ovirt-shell:dont_validate_cert_chain', 'ovirt-shell:filter', 'ovirt-shell:timeout', 'ovirt-shell:no_paging' -- To view, visit http://gerrit.ovirt.org/12495 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Id4819ca2de9aa47c48031eb3d09016961f8880c3 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine-cli Gerrit-Branch: master Gerrit-Owner: Michael Pasternak <mpast...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
