[openstack-dev] Please do *NOT* use "vendorized" versions of anything (here: glanceclient using requests.packages.urllib3)

Chmouel Boudjnah chmouel at enovance.com
Thu Sep 18 07:27:45 UTC 2014


Ian Cordasco <ian.cordasco at RACKSPACE.COM> writes:

> urllib3 do that automatically. I haven’t started to investigate exactly
> why they do this. Likewise, glance client has custom certificate
> verification in glanceclient.common.https. Why? I’m not exactly certain

this probably come from pre-requests port uses when it was using httplib
which didn't have SSL verification. There is a old wiki page about it
here https://wiki.openstack.org/wiki/SecureClientConnections

Slightly off-topic, speaking about requests and OpenStack client, it
would be nice to have Expect/100-Continue feature tackled for
glanceclient and swiftclient :

https://github.com/kennethreitz/requests/issues/713

Chmouel



More information about the OpenStack-dev mailing list