Ubuntu Software Center

Code review comment for lp:~gary-lasker/software-center/staging-certs-2-for-5.0

staging-certs-2-for-5.0
Merge into 5.0

Revision history for this message

Michael Vogt (mvo) wrote on 2012-01-19:

On Thu, Jan 19, 2012 at 01:07:29AM -0000, Gary Lasker wrote:
> Gary Lasker has proposed merging lp:~gary-lasker/software-center/staging-certs-2-for-5.0 into lp:software-center/5.0.
>
> Requested reviews:
> software-store-developers (software-store-developers)
>
> For more details, see:
> https://code.launchpad.net/~gary-lasker/software-center/staging-certs-2-for-5.0/+merge/89175
>
> This is a small branch that adds an environment variable, SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK, that disables certificates validation in webkit views (as used in the for-purchase views). This switch will allow testing against a server that does not have a valid certificate (e.g. the staging server currently).
>
> This is a 5.0 port of the corresponding branch in precise:
>
> lp:~gary-lasker/software-center/staging-certs-2

Thanks, looking good! For the 5.0 version we will need a SRU bugreport
though, it can be pretty trivial (like just ensuring that there are no
regressions).

Cheers,
Michael

> Thanks!
> --
> https://code.launchpad.net/~gary-lasker/software-center/staging-certs-2-for-5.0/+merge/89175
> Your team software-store-developers is requested to review the proposed merge of lp:~gary-lasker/software-center/staging-certs-2-for-5.0 into lp:software-center/5.0.

> === modified file 'run_local.sh'
> --- run_local.sh 2011-08-19 11:54:50 +0000
> +++ run_local.sh 2012-01-19 01:06:43 +0000
> @@ -2,6 +2,7 @@
>
> export SOFTWARE_CENTER_REVIEWS_HOST="http://127.0.0.1:8000/reviews/api/1.0"
> export SOFTWARE_CENTER_FORCE_NON_SSL=1
> +export SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK=1
>
> # sso
> export USSOC_SERVICE_URL="https://login.staging.ubuntu.com/api/1.0"
>
> === modified file 'softwarecenter/ui/gtk3/views/purchaseview.py'
> --- softwarecenter/ui/gtk3/views/purchaseview.py 2011-11-24 09:51:29 +0000
> +++ softwarecenter/ui/gtk3/views/purchaseview.py 2012-01-19 01:06:43 +0000
> @@ -20,14 +20,12 @@
> from gi.repository import GObject
> from gi.repository import Gtk
> from gi.repository import Gdk
> +from gi.repository import WebKit as webkit
> import logging
> import os
> import json
> import sys
> import urllib
> -from gi.repository import WebKit as webkit
> -session = webkit.get_default_session()
> -session.set_property("ssl-ca-file", "/etc/ssl/certs/ca-certificates.crt")
>
> from gettext import gettext as _
>
> @@ -36,6 +34,16 @@
>
> LOG = logging.getLogger(__name__)
>
> +# enable certificates validation in webkit views unless specified otherwise
> +if not "SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK" in os.environ:
> + session = webkit.get_default_session()
> + session.set_property("ssl-ca-file", "/etc/ssl/certs/ca-certificates.crt")
> +else:
> + # WARN the user!! Do not remove this
> + LOG.warning("SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK " +
> + "has been specified, all purchase transactions " +
> + "are now INSECURE and UNENCRYPTED!!")
> +
> class LocaleAwareWebView(webkit.WebView):
>
> def __init__(self):
>

On Thu, Jan 19, 2012 at 01:07:29AM -0000, Gary Lasker wrote:
> Gary Lasker has proposed merging lp:~gary-lasker/software-center/staging-certs-2-for-5.0 into lp:software-center/5.0.
> 
> Requested reviews:
>   software-store-developers (software-store-developers)
> 
> For more details, see:
> https://code.launchpad.net/~gary-lasker/software-center/staging-certs-2-for-5.0/+merge/89175
> 
> This is a small branch that adds an environment variable, SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK, that disables certificates validation in webkit views (as used in the for-purchase views). This switch will allow testing against a server that does not have a valid certificate (e.g. the staging server currently).
> 
> This is a 5.0 port of the corresponding branch in precise:
> 
>   lp:~gary-lasker/software-center/staging-certs-2

Thanks, looking good! For the 5.0 version we will need a SRU bugreport
though, it can be pretty trivial (like just ensuring that there are no
regressions).

Cheers,
 Michael
 
> Thanks!
> -- 
> https://code.launchpad.net/~gary-lasker/software-center/staging-certs-2-for-5.0/+merge/89175
> Your team software-store-developers is requested to review the proposed merge of lp:~gary-lasker/software-center/staging-certs-2-for-5.0 into lp:software-center/5.0.

> === modified file 'run_local.sh'
> --- run_local.sh	2011-08-19 11:54:50 +0000
> +++ run_local.sh	2012-01-19 01:06:43 +0000
> @@ -2,6 +2,7 @@
>  
>  export SOFTWARE_CENTER_REVIEWS_HOST="http://127.0.0.1:8000/reviews/api/1.0"
>  export SOFTWARE_CENTER_FORCE_NON_SSL=1
> +export SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK=1
>  
>  # sso
>  export USSOC_SERVICE_URL="https://login.staging.ubuntu.com/api/1.0"
> 
> === modified file 'softwarecenter/ui/gtk3/views/purchaseview.py'
> --- softwarecenter/ui/gtk3/views/purchaseview.py	2011-11-24 09:51:29 +0000
> +++ softwarecenter/ui/gtk3/views/purchaseview.py	2012-01-19 01:06:43 +0000
> @@ -20,14 +20,12 @@
>  from gi.repository import GObject
>  from gi.repository import Gtk
>  from gi.repository import Gdk
> +from gi.repository import WebKit as webkit
>  import logging
>  import os
>  import json
>  import sys
>  import urllib
> -from gi.repository import WebKit as webkit
> -session = webkit.get_default_session()
> -session.set_property("ssl-ca-file", "/etc/ssl/certs/ca-certificates.crt")
>  
>  from gettext import gettext as _
>  
> @@ -36,6 +34,16 @@
>  
>  LOG = logging.getLogger(__name__)
>  
> +# enable certificates validation in webkit views unless specified otherwise
> +if not "SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK" in os.environ:
> +    session = webkit.get_default_session()
> +    session.set_property("ssl-ca-file", "/etc/ssl/certs/ca-certificates.crt")
> +else:
> +    # WARN the user!! Do not remove this
> +    LOG.warning("SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK " +
> +                "has been specified, all purchase transactions " + 
> +                "are now INSECURE and UNENCRYPTED!!")
> +
>  class LocaleAwareWebView(webkit.WebView):
>      
>      def __init__(self):
>

« Back to merge proposal