cinder/patches/07-launchpad-1460156.patch

This patch is to work-around the fact that Python 2.7.9 and beyond have
implemented PEP 476 which enabled certificate verification by default
and ZFSSAs may not be deployed with a valid, CA-signed certificate.

commit 814cbb8a937e2a01f2c8814dd032c0f12baa6fd4
Author: Diem Tran <diem.tran@oracle.com>
Date:   Wed Jul 1 21:12:48 2015 +0000

    Fix PEP476 & format message of Oracle ZFSSA drivers

    * Handles the PEP 476 by opting out certificate verification.
    * Fix debug format messages in restclient.py

    Change-Id: Iaf9e546f0aed6b57fe9c2bf43aa2ce003a05ddf8
    Closes-Bug: #1460156

--- cinder-2015.1.2/cinder/volume/drivers/zfssa/restclient.py.~1~   2015-10-13 09:27:35.000000000 -0700
+++ cinder-2015.1.2/cinder/volume/drivers/zfssa/restclient.py   2016-01-31 00:56:12.410126083 -0800
@@ -1,4 +1,4 @@
-# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved.
 #
 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
 #    not use this file except in compliance with the License. You may obtain
@@ -17,6 +17,7 @@ ZFS Storage Appliance REST API Client Pr

 import httplib
 import json
+import ssl
 import StringIO
 import time
 import urllib2
@@ -268,14 +269,27 @@ class RestClientURL(object):
         retry = 0
         response = None

-        LOG.debug('Request: %s %s' % (request, zfssaurl))
+        LOG.debug('Request: %(request)s %(url)s',
+                  {'request': request, 'url': zfssaurl})
         LOG.debug('Out headers: %s' % out_hdrs)
         if body and body != '':
             LOG.debug('Body: %s' % body)

+        context = None
+        if hasattr(ssl, '_create_unverified_context'):
+            context = ssl._create_unverified_context()
+        else:
+            context = None
+
         while retry < maxreqretries:
             try:
-                response = urllib2.urlopen(req, timeout=self.timeout)
+                if context:
+                    response = urllib2.urlopen(req,
+                                               timeout=self.timeout,
+                                               context=context)
+                else:
+                    response = urllib2.urlopen(req,
+                                               timeout=self.timeout)
             except urllib2.HTTPError as err:
                 if err.code == httplib.NOT_FOUND:
                     LOG.debug('REST Not Found: %s' % err.code)
@@ -315,8 +329,9 @@ class RestClientURL(object):

             break

-        if response and response.getcode() == httplib.SERVICE_UNAVAILABLE and \
-           retry >= maxreqretries:
+        if (response and
+            (response.getcode() == httplib.SERVICE_UNAVAILABLE and
+                retry >= maxreqretries)):
             raise RestClientError(response.getcode(), name="ERR_HTTPError",
                                   message="REST Not Available: Disabled")