; proxy = http://proxy.yourcompany.com:8080/
; no_proxy = localhost,127.0.0.0/8,.yourcompany.com
-
+ ; ssl_verify = no
+
[convert]
; settings for convert subcommand
; proxy = http://proxy.yourcompany.com:8080/
; no_proxy = localhost,127.0.0.0/8,.yourcompany.com
+; ssl_verify = no
[convert]
; settings for convert subcommand
pkg_manager.setup(yum_conf, self._instroot)
for repo in kickstart.get_repos(self.ks, repo_urls):
- (name, baseurl, mirrorlist, inc, exc, proxy, proxy_username, proxy_password, debuginfo, source, gpgkey, disable) = repo
+ (name, baseurl, mirrorlist, inc, exc,
+ proxy, proxy_username, proxy_password, debuginfo,
+ source, gpgkey, disable, ssl_verify) = repo
- yr = pkg_manager.addRepository(name, baseurl, mirrorlist, proxy, proxy_username, proxy_password, inc, exc)
+ yr = pkg_manager.addRepository(name, baseurl, mirrorlist, proxy,
+ proxy_username, proxy_password, inc, exc, ssl_verify)
if kickstart.exclude_docs(self.ks):
rpm.addMacro("_excludedocs", "1")
gpgkey = repo.gpgkey
if hasattr(repo, "disable"):
disable = repo.disable
+ ssl_verify = True
+ if hasattr(repo, "ssl_verify"):
+ ssl_verify = repo.ssl_verify == "yes"
- repos[repo.name] = (repo.name, baseurl, mirrorlist, inc, exc, proxy, proxy_username, proxy_password, debuginfo, source, gpgkey, disable)
+ repos[repo.name] = (repo.name, baseurl, mirrorlist, inc, exc,
+ proxy, proxy_username, proxy_password, debuginfo,
+ source, gpgkey, disable, ssl_verify)
return repos.values()
class Moblin_RepoData(F8_RepoData):
def __init__(self, baseurl="", mirrorlist="", name="", priority=None,
includepkgs=[], excludepkgs=[], save=False, proxy=None,
- proxy_username=None, proxy_password=None, debuginfo=False, source=False, gpgkey=None, disable=False):
+ proxy_username=None, proxy_password=None, debuginfo=False,
+ source=False, gpgkey=None, disable=False, ssl_verify="yes"):
F8_RepoData.__init__(self, baseurl=baseurl, mirrorlist=mirrorlist,
name=name, includepkgs=includepkgs,
excludepkgs=excludepkgs)
self.disable = disable
self.source = source
self.gpgkey = gpgkey
+ self.ssl_verify = ssl_verify.lower()
def _getArgsAsStr(self):
retval = F8_RepoData._getArgsAsStr(self)
retval += " --gpgkey=%s" % self.gpgkey
if self.disable:
retval += " --disable"
+ if self.ssl_verify:
+ retval += " --ssl_verify=%s" % self.ssl_verify
return retval
default=False)
op.add_option("--gpgkey", type="string", action="store", dest="gpgkey",
default=None, nargs=1)
+ op.add_option("--ssl_verify", type="string", action="store", dest="ssl_verify",
+ default="yes")
return op
repostr += ",source:"
if hasattr(repodata, "gpgkey") and repodata.gpgkey:
repostr += ",gpgkey:" + repodata.gpgkey
+ if hasattr(repodata, "ssl_verify") and repodata.ssl_verify:
+ repostr += ",ssl_verify:" + repodata.ssl_verify
kickstart_repos.append(repostr[1:])
return kickstart_repos
from mic.imager.baseimager import BaseImageCreator
class MyYumRepository(yum.yumRepo.YumRepository):
- def __init__(self, repoid):
- yum.yumRepo.YumRepository.__init__(self, repoid)
- self.sslverify = False
-
- def _setupGrab(self):
- self.sslverify = False
- yum.yumRepo.YumRepository._setupGrab(self)
def __del__(self):
pass
+ def _getFile(self, url=None, relative=None, local=None, start=None, end=None,
+ copy_local=None, checkfunc=None, text=None, reget='simple',
+ cache=True, size=None):
+
+ m2c_connection = None
+ if not self.sslverify:
+ import M2Crypto
+ m2c_connection = M2Crypto.SSL.Connection.clientPostConnectionCheck
+ M2Crypto.SSL.Connection.clientPostConnectionCheck = None
+
+ rvalue = super(MyYumRepository, self)._getFile(url, relative, local,
+ start, end, copy_local, checkfunc, text, reget, cache, size)
+
+ if m2c_connection and not M2Crypto.SSL.Connection.clientPostConnectionCheck:
+ M2Crypto.SSL.Connection.clientPostConnectionCheck = m2c_connection
+
+ return rvalue
+
from mic.pluginbase import BackendPlugin
class Yum(BackendPlugin, yum.YumBase):
name = 'yum'
conf += "reposdir=\n"
conf += "failovermethod=priority\n"
conf += "http_caching=packages\n"
- conf += "sslverify=0\n"
+ conf += "sslverify=1\n"
f = file(confpath, "w+")
f.write(conf)
except yum.Errors.YumBaseError, e:
raise CreatorError("Unable to install: %s" % (e,))
- def addRepository(self, name, url = None, mirrorlist = None, proxy = None, proxy_username = None, proxy_password = None, inc = None, exc = None):
+ def addRepository(self, name, url = None, mirrorlist = None, proxy = None,
+ proxy_username = None, proxy_password = None,
+ inc = None, exc = None, ssl_verify=True):
def _varSubstitute(option):
# takes a variable and substitutes like yum configs do
option = option.replace("$basearch", rpmUtils.arch.getBaseArch())
return option
repo = MyYumRepository(name)
- repo.sslverify = False
"""Set proxy"""
repo.proxy = proxy
if v or not hasattr(repo, k):
repo.setAttribute(k, v)
+ repo.sslverify = ssl_verify
+
repo.basecachedir = self.conf.cachedir
repo.base_persistdir = self.conf.persistdir
repo.failovermethod = "priority"
else:
raise CreatorError("Unable to find pattern: %s" % (grp,))
- def addRepository(self, name, url = None, mirrorlist = None, proxy = None, proxy_username = None, proxy_password = None, inc = None, exc = None):
+ def addRepository(self, name, url = None, mirrorlist = None, proxy = None,
+ proxy_username = None, proxy_password = None,
+ inc = None, exc = None, ssl_verify = True):
if not self.repo_manager:
self.__initialize_repo_manager()
repo.proxy = proxy
repo.proxy_username = proxy_username
repo.proxy_password = proxy_password
+ repo.ssl_verify = ssl_verify
repo.baseurl.append(url)
if inc:
for pkg in inc:
repo_info.setAutorefresh(repo.autorefresh)
repo_info.setKeepPackages(repo.keeppackages)
baseurl = zypp.Url(repo.baseurl[0])
+ if not ssl_verify:
+ baseurl.setQueryParam("ssl_verify", "no")
if proxy:
(scheme, host, path, parm, query, frag) = urlparse.urlparse(proxy)
proxyinfo = host.split(":")
; proxy = http://proxy.yourcompany.com:8080/
; no_proxy = localhost,127.0.0.0/8,.yourcompany.com
+; ssl_verify = no
[convert]
; settings for convert subcommand