[Libguestfs] [PATCH v2 2/3] v2v: -o rhv-upload: Only set SSL context for https connections.

[Richard W.M. Jones]

For real imageio servers the destination will always be https.  This
change has no effect there.

However when testing we want to use an http server for simplicity.  As
there is no certificate or cafile in this case the call to create the
context will fail.

This also simplifies creation of the context object and recognizes the
"insecure" flag for connecting to imageio.

Thanks: Nir Soffer.
---
 v2v/rhv-upload-plugin.py | 27 +++++++++++++++++++--------
 1 file changed, 19 insertions(+), 8 deletions(-)

diff --git a/v2v/rhv-upload-plugin.py b/v2v/rhv-upload-plugin.py
index 5cd6d5cab..1a217b6dc 100644
--- a/v2v/rhv-upload-plugin.py
+++ b/v2v/rhv-upload-plugin.py
@@ -207,14 +207,25 @@ def open(readonly):
     else:
         destination_url = urlparse(transfer.proxy_url)
 
-    context = ssl.create_default_context()
-    context.load_verify_locations(cafile = params['rhv_cafile'])
-
-    http = HTTPSConnection(
-        destination_url.hostname,
-        destination_url.port,
-        context = context
-    )
+    if destination_url.scheme == "https":
+        context = \
+            ssl.create_default_context(purpose = ssl.Purpose.SERVER_AUTH,
+                                       cafile = cafile)
+        if params['insecure']:
+            context.check_hostname = False
+            context.verify_mode = ssl.CERT_NONE
+        http = HTTPSConnection(
+            destination_url.hostname,
+            destination_url.port,
+            context = context
+        )
+    elif destination_url.scheme == "http":
+        http = HTTPConnection(
+            destination_url.hostname,
+            destination_url.port,
+        )
+    else:
+        raise RuntimeError("unknown URL scheme (%s)" % destination_url.scheme)
 
     # The first request is to fetch the features of the server.
 
-- 
2.19.0.rc0