[Pki-devel] [PATCH 0044 Don't use settings like HTTP proxy from env vars
Christian Heimes
cheimes at redhat.com
Wed Jan 20 11:04:46 UTC 2016
On 2016-01-20 02:56, Fraser Tweedale wrote:
> On Tue, Jan 19, 2016 at 11:26:12AM +0100, Christian Heimes wrote:
>> On 2016-01-14 13:34, Christian Heimes wrote:
>>> The PKIConnection class uses python-requests for HTTPS. The library
>>> picks up several settings from environment variables, e.g. HTTP proxy
>>> server, certificate bundle with trust anchors and authentication. A
>>> proxy can interfere with the Dogtag installer and cause some operations
>>> to fail.
>>>
>>> With session.trust_env = False python-requests no longer inspects the
>>> environment and Dogtag has full controll over its connection settings.
>>>
>>> https://requests.readthedocs.org/en/latest/api/?highlight=trust_env#requests.Session.trust_env
>>>
>>> https://fedorahosted.org/pki/ticket/1733
>>> https://fedorahosted.org/freeipa/ticket/5555
>>
>> Endi suggested to keep the default and only disable trust_env in the
>> installer. Here is an updated patch.
>>
>> Christian
>
> ACK on updated patch
>
Thanks for the reviews!
Pushed to master in 387d09045fb37b71bc0f1980f16ca70bc071996c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20160120/25870d4c/attachment.sig>
More information about the Pki-devel
mailing list