From 94dd55440c3c5fc47840d693a7f1936ceb2eecd4 Mon Sep 17 00:00:00 2001
From: Francis Moorehead <francis.moorehead@hp.com>
Date: Fri, 23 Jan 2015 13:13:38 +0000
Subject: [PATCH] Add CA cert option to backups swift driver

Add the option in volume backups swift driver
to specify a CA certificate file

DocImpact: Add the option in volume backups swift driver to
specify a CA certificate file

Closes-Bug: 1413945

Change-Id: Ibcfe220d35cbb5369679a1ff51fffd41f16c9909
---
 cinder/backup/drivers/swift.py | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/cinder/backup/drivers/swift.py b/cinder/backup/drivers/swift.py
index 7d0ba656c..70d3d263c 100644
--- a/cinder/backup/drivers/swift.py
+++ b/cinder/backup/drivers/swift.py
@@ -33,6 +33,8 @@
 :backup_compression_algorithm: Compression algorithm to use for volume
                                backups. Supported options are:
                                None (to disable), zlib and bz2 (default: zlib)
+:backup_swift_ca_cert_file: The location of the CA certificate file to use
+                            for swift client requests (default: None)
 """
 
 import hashlib
@@ -101,6 +103,10 @@ swiftbackup_service_opts = [
                      'progress notifications to Ceilometer when backing '
                      'up the volume to the Swift backend storage. The '
                      'default value is True to enable the timer.'),
+    cfg.StrOpt('backup_swift_ca_cert_file',
+               default=None,
+               help='Location of the CA certificate file to use for swift '
+                    'client requests.'),
 ]
 
 CONF = cfg.CONF
@@ -160,12 +166,14 @@ class SwiftBackupDriver(chunkeddriver.ChunkedBackupDriver):
                 user=CONF.backup_swift_user,
                 key=CONF.backup_swift_key,
                 retries=self.swift_attempts,
-                starting_backoff=self.swift_backoff)
+                starting_backoff=self.swift_backoff,
+                cacert=CONF.backup_swift_ca_cert_file)
         else:
             self.conn = swift.Connection(retries=self.swift_attempts,
                                          preauthurl=self.swift_url,
                                          preauthtoken=self.context.auth_token,
-                                         starting_backoff=self.swift_backoff)
+                                         starting_backoff=self.swift_backoff,
+                                         cacert=CONF.backup_swift_ca_cert_file)
 
     class SwiftObjectWriter(object):
         def __init__(self, container, object_name, conn):
-- 
2.45.2