Replace httplib.HTTPSConnection in unittests

SSL Verification is from now on enabled by default for the
TestOpenStackClient. So far no unittests was making actively use of
httplib.HTTPSConnection.

Intention is to reduce noise of audits/scanners which look for Python 2.x
httplib.HTTPSConnection missing SSL verification. By completely abandoning the use
of httplib.HTTPSConnection.

Change-Id: Ic0352cf453d5c41f09084a6d68b3393b8ddda84a
Partial-Bug: 1188189

diff --git a/cinder/tests/integrated/api/client.py b/cinder/tests/integrated/api/client.py
index c06827cc1f93964fcfc91b0147c8fd2a1dcd0d12..84e878e4964d4b17e3cc461c39c8a2e4bdca714b 100644 (file)
--- a/cinder/tests/integrated/api/client.py
+++ b/cinder/tests/integrated/api/client.py
@@ -12,7 +12,8 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
-import httplib
+import netaddr
+import requests
 import urlparse
 
 from cinder.openstack.common import jsonutils
@@ -30,8 +31,8 @@ class OpenStackApiException(Exception):
 
         if response:
             message = _('%(message)s\nStatus Code: %(_status)s\n'
-                        'Body: %(_body)s') % {'_status': response.status,
-                                              '_body': response.read()}
+                        'Body: %(_body)s') % {'_status': response.status_code,
+                                              '_body': response.text}
 
         super(OpenStackApiException, self).__init__(message)
 
@@ -76,7 +77,8 @@ class TestOpenStackClient(object):
         # default project_id
         self.project_id = 'openstack'
 
-    def request(self, url, method='GET', body=None, headers=None):
+    def request(self, url, method='GET', body=None, headers=None,
+                ssl_verify=True, stream=False):
         _headers = {'Content-Type': 'application/json'}
         _headers.update(headers or {})
 
@@ -85,14 +87,8 @@ class TestOpenStackClient(object):
         hostname = parsed_url.hostname
         scheme = parsed_url.scheme
 
-        if scheme == 'http':
-            conn = httplib.HTTPConnection(hostname,
-                                          port=port)
-        elif scheme == 'https':
-            conn = httplib.HTTPSConnection(hostname,
-                                           port=port)
-        else:
-            raise OpenStackApiException("Unknown scheme: %s" % url)
+        if netaddr.valid_ipv6(hostname):
+            hostname = "[%s]" % hostname
 
         relative_url = parsed_url.path
         if parsed_url.query:
@@ -102,8 +98,14 @@ class TestOpenStackClient(object):
         if body:
             LOG.info(_("Body: %s") % body)
 
-        conn.request(method, relative_url, body, _headers)
-        response = conn.getresponse()
+        if port:
+            _url = "%s://%s:%d%s" % (scheme, hostname, int(port), relative_url)
+        else:
+            _url = "%s://%s%s" % (scheme, hostname, relative_url)
+
+        response = requests.request(method, _url, data=body, headers=_headers,
+                                    verify=ssl_verify, stream=stream)
+
         return response
 
     def _authenticate(self):
@@ -117,18 +119,14 @@ class TestOpenStackClient(object):
         response = self.request(auth_uri,
                                 headers=headers)
 
-        http_status = response.status
+        http_status = response.status_code
         LOG.debug(_("%(auth_uri)s => code %(http_status)s"),
                   {'auth_uri': auth_uri, 'http_status': http_status})
 
         if http_status == 401:
             raise OpenStackApiAuthenticationException(response=response)
 
-        auth_headers = {}
-        for k, v in response.getheaders():
-            auth_headers[k] = v
-
-        self.auth_result = auth_headers
+        self.auth_result = response.headers
         return self.auth_result
 
     def api_request(self, relative_uri, check_response_status=None, **kwargs):
@@ -144,7 +142,7 @@ class TestOpenStackClient(object):
 
         response = self.request(full_uri, **kwargs)
 
-        http_status = response.status
+        http_status = response.status_code
         LOG.debug(_("%(relative_uri)s => code %(http_status)s"),
                   {'relative_uri': relative_uri, 'http_status': http_status})
 
@@ -162,7 +160,7 @@ class TestOpenStackClient(object):
         return response
 
     def _decode_json(self, response):
-        body = response.read()
+        body = response.text
         LOG.debug(_("Decoding JSON: %s") % (body))
         if body:
             return jsonutils.loads(body)

diff --git a/cinder/tests/integrated/test_extensions.py b/cinder/tests/integrated/test_extensions.py
index de4cdcb3013190f2cb6a41a71da473fb297261b5..da965d39815f7c6689f5a1b8c2556572c25c7538 100644 (file)
--- a/cinder/tests/integrated/test_extensions.py
+++ b/cinder/tests/integrated/test_extensions.py
@@ -36,6 +36,6 @@ class ExtensionsTest(integrated_helpers._IntegratedTestBase):
     def test_get_foxnsocks(self):
         """Simple check that fox-n-socks works."""
         response = self.api.api_request('/foxnsocks')
-        foxnsocks = response.read()
+        foxnsocks = response.text
         LOG.debug("foxnsocks: %s" % foxnsocks)
         self.assertEqual('Try to say this Mr. Knox, sir...', foxnsocks)

diff --git a/cinder/tests/integrated/test_xml.py b/cinder/tests/integrated/test_xml.py
index 68c89dbc26c8cac7cd945a5b5db51b8f6eb13598..ca149b003798a005c4dec62418faa17a16a0e083 100644 (file)
--- a/cinder/tests/integrated/test_xml.py
+++ b/cinder/tests/integrated/test_xml.py
@@ -42,8 +42,9 @@ class XmlTests(integrated_helpers._IntegratedTestBase):
         headers = {}
         headers['Accept'] = 'application/xml'
 
-        response = self.api.api_request('/volumes', headers=headers)
-        data = response.read()
+        response = self.api.api_request('/volumes', headers=headers,
+                                        stream=True)
+        data = response.raw
         LOG.warn("data: %s" % data)
-        root = etree.XML(data)
+        root = etree.parse(data).getroot()
         self.assertEqual(root.nsmap.get(None), common.XML_NS_V1)