New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Creating a connection object derived from an AWSAuthConnection will ignore validate_certs=False on python2 >= 2.7.9 #3468
Comments
Possible (untested from my end) workaround is to pass in the |
Also seeing this behavior with Python 3.6.1. I expect it manifests in all Python3 >= 3.4.3, according to the similar note in the python3 docs about the use of |
Hi, It's very late but as @rwdalpe mentioned, it's possible to do a workaround with https_connection_factory. Here is a sample code : def create_factory(host):
return (
http_client.HTTPSConnection(
host = host,
port = 8000,
context = ssl._create_unverified_context()
)
)
factory = (create_factory, ())
conn = S3Connection(
"accessKey1",
"verySecretKey1",
host = "127.0.0.1",
port = 8000,
is_secure = True,
validate_certs = False,
calling_format = OrdinaryCallingFormat(),
https_connection_factory = factory
) |
|
Boto has the helpful
validate_certs
parameter that can be passed into connection objects that derive fromAWSAuthConnection
.However, in python2 >= 2.7.9 (not sure about python3), that parameter will have no effect. The issue stems from
https://github.com/boto/boto/blob/develop/boto/connection.py#L755
which is the branch that is executed if:
http_validate_certificates
is notTrue
, which will be the case ifvalidate_certs
is set toFalse
and no overriding options were set in the Boto config.However, that function has the following note
So, the default behavior changed from 2.7.8 to 2.7.9, which I believe breaks the expectations that Boto has.
The way we discovered/tested this was by trying to connect to kinesalite. I believe using any other non-validated ssl will trigger the same behavior.
Testing code is:
This same code will work on python 2.7.8 but fail on python 2.7.9.
Perhaps this is also related to issue #2901?
The text was updated successfully, but these errors were encountered: