diff --git a/CHANGES/653.bugfix b/CHANGES/653.bugfix new file mode 100644 index 00000000..6040d64f --- /dev/null +++ b/CHANGES/653.bugfix @@ -0,0 +1 @@ +Fixed tls_validation not being disabled when set to false on the remote. diff --git a/pulp_python/app/tasks/sync.py b/pulp_python/app/tasks/sync.py index 5238c69e..3af26a59 100644 --- a/pulp_python/app/tasks/sync.py +++ b/pulp_python/app/tasks/sync.py @@ -1,6 +1,8 @@ import logging import tempfile +from typing import Optional, Any, AsyncGenerator +import aiohttp from aiohttp import ClientResponseError, ClientError from lxml.etree import LxmlError from gettext import gettext as _ @@ -128,7 +130,7 @@ async def run(self): # Bandersnatch includes leading slash when forming API urls url = self.remote.url.rstrip("/") # local & global timeouts defaults to 10secs and 5 hours - async with Master(url) as master: + async with PulpMaster(url, tls=self.remote.tls_validation) as master: deferred_download = self.remote.policy != Remote.IMMEDIATE workers = self.remote.download_concurrency or self.remote.DEFAULT_DOWNLOAD_CONCURRENCY async with ProgressReport( @@ -150,6 +152,25 @@ async def run(self): await pmirror.synchronize(packages_to_sync) +class PulpMaster(Master): + """ + Pulp Master Class for Pulp specific overrides + """ + + def __init__(self, *args, tls=True, **kwargs): + self.tls = tls + super().__init__(*args, **kwargs) + + async def get( + self, path: str, required_serial: Optional[int], **kw: Any + ) -> AsyncGenerator[aiohttp.ClientResponse, None]: + """Support tls=false""" + if not self.tls: + kw["ssl"] = False + async for r in super().get(path, required_serial, **kw): + yield r + + class PulpMirror(Mirror): """ Pulp Mirror Class to perform syncing using Bandersnatch @@ -259,4 +280,4 @@ def on_error(self, exception, **kwargs): TODO This should have some error checking """ - pass + logger.error("Sync encountered an error: ", exc_info=exception)