diff options
| author | Sol Jerome <sol.jerome@gmail.com> | 2014-10-15 14:25:40 -0500 |
|---|---|---|
| committer | Sol Jerome <sol.jerome@gmail.com> | 2014-10-15 14:25:40 -0500 |
| commit | a2b8b3282bc07e1db362d2edd51d2bee3e425d57 (patch) | |
| tree | c9c32418ed34890b8624afdeed5a56675ec0eecf /src/lib/Bcfg2/Client/Client.py | |
| parent | 5c68f95a382fdcd17fb5016a98b7eb7af4e057a6 (diff) | |
| download | bcfg2-a2b8b3282bc07e1db362d2edd51d2bee3e425d57.tar.gz bcfg2-a2b8b3282bc07e1db362d2edd51d2bee3e425d57.tar.bz2 bcfg2-a2b8b3282bc07e1db362d2edd51d2bee3e425d57.zip | |
Proxy.py: Pass through SSL protocol option
Previously we were not passing through the SSL protocol specified in the
client's bcfg2.conf which caused it to unconditionally be set to
xmlrpc/ssl. While this appears to automagically work with newer versions
of openssl, the version in e.g. centos5 will fail if the server is set
to use TLSv1.
This commit passes through the setting from the client's bcfg2.conf so
that older clients can talk to servers which are set to TLSv1 (in order
to mitigate the effects of POODLE).
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
Diffstat (limited to 'src/lib/Bcfg2/Client/Client.py')
| -rw-r--r-- | src/lib/Bcfg2/Client/Client.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/Bcfg2/Client/Client.py b/src/lib/Bcfg2/Client/Client.py index 14fe6768a..090921ab2 100644 --- a/src/lib/Bcfg2/Client/Client.py +++ b/src/lib/Bcfg2/Client/Client.py @@ -139,7 +139,8 @@ class Client(object): allowedServerCNs=self.setup['serverCN'], timeout=self.setup['timeout'], retries=int(self.setup['retries']), - delay=int(self.setup['retry_delay'])) + delay=int(self.setup['retry_delay']), + protocol=self.setup['protocol']) return self._proxy def run_probes(self, times=None): |