Merge lp:~gary-lasker/software-center/staging-certs-2 into lp:software-center

Proposed by Gary Lasker on 2012-01-18
Status: Merged
Merged at revision: 2680
Proposed branch: lp:~gary-lasker/software-center/staging-certs-2
Merge into: lp:software-center
Diff against target: 77 lines (+12/-27)
4 files modified
run_fake_gtk3.sh (+0/-7)
run_local.sh (+1/-0)
run_local_gtk3.sh (+0/-18)
software-center (+11/-2)
To merge this branch: bzr merge lp:~gary-lasker/software-center/staging-certs-2
Reviewer Review Type Date Requested Status
software-store-developers 2012-01-18 Pending
Review via email: mp+89161@code.launchpad.net

Description of the change

This is a small branch that adds an environment variable, SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK, that disables certificates validation in webkit views (as used in the for-purchase views). This switch will allow testing against a server that does not have a valid certificate (e.g. the staging server currently).

When this environment variable is set, a somewhat alarming warning is displayed to the user in the log.

This branch also removes the two scripts run_fake_gtk3.sh and run_local.sh, as these are not used anymore.

Thanks!

To post a comment you must log in.
2682. By Gary Lasker on 2012-01-19

d'oh, remove this leftover

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== removed file 'run_fake_gtk3.sh'
2--- run_fake_gtk3.sh 2011-08-15 11:55:13 +0000
3+++ run_fake_gtk3.sh 1970-01-01 00:00:00 +0000
4@@ -1,7 +0,0 @@
5-#!/bin/sh
6-
7-export SOFTWARE_CENTER_FAKE_REVIEW_API="1"
8-
9-# s-c
10-export PYTHONPATH=$(pwd)
11-./software-center-gtk3 $@
12
13=== modified file 'run_local.sh'
14--- run_local.sh 2011-08-19 11:54:50 +0000
15+++ run_local.sh 2012-01-19 00:47:24 +0000
16@@ -2,6 +2,7 @@
17
18 export SOFTWARE_CENTER_REVIEWS_HOST="http://127.0.0.1:8000/reviews/api/1.0"
19 export SOFTWARE_CENTER_FORCE_NON_SSL=1
20+export SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK=1
21
22 # sso
23 export USSOC_SERVICE_URL="https://login.staging.ubuntu.com/api/1.0"
24
25=== removed file 'run_local_gtk3.sh'
26--- run_local_gtk3.sh 2011-08-15 11:55:13 +0000
27+++ run_local_gtk3.sh 1970-01-01 00:00:00 +0000
28@@ -1,18 +0,0 @@
29-#!/bin/sh
30-
31-export SOFTWARE_CENTER_REVIEWS_HOST="http://127.0.0.1:8000/reviews/api/1.0"
32-export SOFTWARE_CENTER_FORCE_NON_SSL=1
33-
34-# sso
35-export USSOC_SERVICE_URL="https://login.staging.ubuntu.com/api/1.0"
36-pkill -f ubuntu-sso-login
37-python /usr/lib/ubuntu-sso-client/ubuntu-sso-login &
38-
39-# s-c
40-export PYTHONPATH=$(pwd)
41-
42-if [ ! -d "./build" ]; then
43- echo "Please run: 'python setup.py build' before $0"
44-fi
45-
46-./software-center-gtk3 $@
47
48=== modified file 'software-center'
49--- software-center 2012-01-06 16:59:29 +0000
50+++ software-center 2012-01-19 00:47:24 +0000
51@@ -45,6 +45,8 @@
52 # Enable Xapian's CJK tokenizer (see LP: #745243)
53 os.environ['XAPIAN_CJK_NGRAM'] = '1'
54
55+LOG = logging.getLogger("softwarecenter")
56+
57 if __name__ == "__main__":
58
59 parser = OptionParser("usage: %prog [options] [package-name | apturl | deb-file]",
60@@ -124,8 +126,15 @@
61 # on exit. However its IMPORTANT to set it as libsoup is *not* secure
62 # by default (see bugzilla #666280 and #666276)
63 from gi.repository import WebKit as webkit
64- session = webkit.get_default_session()
65- session.set_property("ssl-ca-file", "/etc/ssl/certs/ca-certificates.crt")
66+ # enable certificates validation in webkit views unless specified otherwise
67+ if not "SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK" in os.environ:
68+ session = webkit.get_default_session()
69+ session.set_property("ssl-ca-file", "/etc/ssl/certs/ca-certificates.crt")
70+ else:
71+ # WARN the user!! Do not remove this
72+ LOG.warning("SOFTWARE_CENTER_FORCE_DISABLE_CERTS_CHECK " +
73+ "has been specified, all purchase transactions " +
74+ "are now INSECURE and UNENCRYPTED!!")
75
76 # create the app
77 from softwarecenter.ui.gtk3.app import SoftwareCenterAppGtk3

Subscribers

People subscribed via source and target branches